Bonum Certa Men Certa

Links 5/3/2021: Linux 5.12-rc2 Imminent, Linux Lite 5.4 RC1 in Review



  • GNU/Linux

    • Audiocasts/Shows

      • Installation And First Look At Mageia 8

        Mageia is a GNU/Linux distribution that is a community project begin life as Mandrake, which then became Mandriva, which then became Mageia. This is a rpm-based distro that uses a static release model and is known for stability.

      • OpenShot: Windows Movie Maker Of Linux - YouTube

        OpenShot is one of those video editors that everyone tries at least once, and I feel like it should stay at only once. While it's not unusable you could get some work done with it, it has some serious limitations as a video editor that take all the fun out of making videos.

    • Kernel Space

      • A warning about 5.12-rc1
        Hey peeps - some of you may have already noticed that in my public git
        tree, the "v5.12-rc1" tag has magically been renamed to
        "v5.12-rc1-dontuse". It's still the same object, it still says
        "v5.12-rc1" internally, and it is still is signed by me, but the
        user-visible name of the tag has changed.
        
        

        The reason is fairly straightforward: this merge window, we had a very innocuous code cleanup and simplification that raised no red flags at all, but had a subtle and very nasty bug in it: swap files stopped working right. And they stopped working in a particularly bad way: the offset of the start of the swap file was lost.

        Swapping still happened, but it happened to the wrong part of the filesystem, with the obvious catastrophic end results.

        Now, the good news is even if you do use swap (and hey, that's nowhere near as common as it used to be), most people don't use a swap *file*, but a separate swap *partition*. And the bug in question really only happens for when you have a regular filesystem, and put a file on it as a swap.

        And, as far as I know, all the normal distributions set things up with swap partitions, not files, because honestly, swapfiles tend to be slower and have various other complexity issues.

        The bad news is that the reason we support swapfiles in the first place is that they do end up having some flexibility advantages, and so some people do use them for that reason. If so, do not use rc1. Thus the renaming of the tag.

        Yes, this is very unfortunate, but it really wasn't a very obvious bug, and it didn't even show up in normal testing, exactly because swapfiles just aren't normal. So I'm not blaming the developers in question, and it also wasn't due to the odd timing of the merge window, it was just simply an unusually nasty bug that did get caught and is fixed in the current tree.

        But I want everybody to be aware of because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call "double ungood".

        Now, there's a couple of additional reasons for me writing this note other than just "don't run 5.12-rc1 if you use a swapfile". Because it's more than just "ok, we all know the merge window is when all the new scary code gets merged, and rc1 can be a bit scary and not work for everybody". Yes, rc1 tends to be buggier than later rc's, we are all used to that, but honestly, most of the time the bugs are much smaller annoyances than this time.

        And in fact, most of our rc1 releases have been so solid over the years that people may have forgotten that "yeah, this is all the new code that can have nasty bugs in it".

        One additional reason for this note is that I want to not just warn people to not run this if you have a swapfile - even if you are personally not impacted (like I am, and probably most people are - swap partitions all around) - I want to make sure that nobody starts new topic branches using that 5.12-rc1 tag. I know a few developers tend to go "Ok, rc1 is out, I got all my development work into this merge window, I will now fast-forward to rc1 and use that as a base for the next release". Don't do it this time. It may work perfectly well for you because you have the common partition setup, but it can end up being a horrible base for anybody else that might end up bisecting into that area.

        And the *final* reason I want to just note this is a purely git process one: if you already pulled my git tree, you will have that "v5.12-rc1" tag, and the fact that it no longer exists in my public tree under that name changes nothing at all for you. Git is distributed, and me removing that tag and replacing it with another name doesn't magically remove it from other copies unless you have special mirroring code.

        So if you have a kernel git tree (and I'm here assuming "origin" points to my trees), and you do

        git fetch --tags origin

        you _will_ now see the new "v5.12-rc1-dontuse" tag. But git won't remove the old v5.12-rc1 tag, because while git will see that it is not upstream, git will just assume that that simply means that it's your own local tag. Tags, unlike branch names, are a global namespace in git.

        So you should additionally do a "git tag -d v5.12-rc1" to actually get rid of the original tag name.

        Of course, having the old tag doesn't really do anything bad, so this git process thing is entirely up to you. As long as you don't _use_ v5.12-rc1 for anything, having the tag around won't really matter, and having both 'v5.12-rc1' _and_ 'v5.12-rc1-dontuse' doesn't hurt anything either, and seeing both is hopefully already sufficient warning of "let's not use that then".

        Sorry for this mess, Linus

      • A warning about 5.12-rc1

        Linus Torvalds has sent out a note telling people not to install the recent 5.12-rc1 development kernel; this is especially true for anybody running with swap files. "But I want everybody to be aware of because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call 'double ungood'." Additionally, he is asking maintainers to not start branches from 5.12-rc1 to avoid future situations where people land in the buggy code while bisecting problems.

      • Linux 5.12-rc2 Likely Coming Early Due To That Nasty File-System Corruption Bug

        Linus Torvalds has now warned developers over using Linux 5.12-rc1 as a basis for their future branches and is looking to release 5.12-rc2 ahead of schedule as a result of that problematic file-system corruption bug stemming from a swap file bug.

      • New features, changes & improvements to KernelCI's UI

        KernelCI has been driving continuous integration for the Linux kernel with hundreds of commits every day since its creation in 2012 and as a Linux Foundation project since 2019. The platform has the ability to help you attempt to find and fix several problems, including regressions, build failures and merge conflicts from your patches with others.

        Today, KernelCI is the most complete automated testing and continuous integration tool for the Linux kernel. It can test your code on many platforms performing automatic builds in kernel trees. Builds, tests information and more can be found on the KernelCI dashboard, that is, the main web interface used by the project.

      • Apple M1 Patches For The Linux Kernel Sent Out A Third Time

        Hector Martin, who has been working on the crowd-funded effort to bring Linux up on the Apple M1 SoC and the modern Apple devices using that in-house silicon, has sent out the third iteration of his kernel patches.

        With the "v3" patches sent out today the focus remains on getting the Apple M1 SoC brought up under the Linux kernel with interrupt handling, SMP support, UART, a SimpleFB-based frame-buffer, and the DeviceTree needed for the Mac Mini and other new Macs using the M1 chip. There still is much work ahead to make the Apple M1 and the modern Macs usable on a day-to-day basis, especially if wanting accelerated graphics and making use of other capabilities of this complex ARM-based chip.

      • Graphics Stack

        • Even In 2021, Intel Squeezes Some Very Nice Performance Gains Out Of Their OpenGL Driver - Phoronix

          While it's 2021 and many modern Linux gaming and other workloads are focusing on the Vulkan API, Intel isn't letting up in their aggressive optimizations to their open-source "Iris" OpenGL Gallium3D driver for Linux systems. With the latest Mesa 21.1 code today there is a set of patches providing up to 17% better performance in some games while other OpenGL software is generally a few percent faster at least. In some micro-benchmarks it can be more than 50% faster.

          Longtime Intel open-source Linux graphics driver developer Kenneth Graunke - who has also been the lead Iris Gallium3D developer over the past three years - merged his work on threaded context support.

        • waylandmar21

          While struggling with Pfizer second dose side effects yesterday, with little ability to do anything serious – so surreal to have a fever yet also certainty you’re not actually ill[1] – I thought I’d try building the branch of Emacs with native Wayland support, and try starting up Sway instead of i3. I recently upgraded my laptop to Debian bullseye, as I usually do at this stage of our pre-release freeze, and was wondering whether bullseye would be the release which would enable me to switch to Wayland.

          Why might I want to do this? I don’t care about screen tearing and don’t have any fancy monitors with absurd numbers of pixels. Previously, I had been hoping to cling on to my X11 setup for as long as possible, and switch to Wayland only once things I want to use started working worse on X11, because all the developers of those things have stopped using X11. But then after upgrading to bullseye, I found I had to forward-port an old patch to xfce4-session to prevent it from resetting SSH_AUTH_SOCK to the wrong value, and I thought to myself, maybe I could cut out some of the layers here, and maybe it’ll be a bit less annoying. I have a pile of little scripts trying to glue together xfce4 and i3 to get all the functionality I need, but since there have been people who use their computers for similar purposes to me trying to make Sway useful for quite some time now, maybe there are more integrated solutions available.

          I have also been getting tired of things which have only ever half-worked under X, like toggling autolock off when there isn’t fullscreen video playing (when I’m video conferencing on another device, I often want to prevent my laptop’s screen from locking, and it works most of the time, but sometimes still locks, sigh). I have a “normalise desktop” keybinding which tries to fix recurrent issues by doing things like restarting ibus, and it would be nice to drop something so hackish.

    • Applications

      • Veracrypt – An Open Source Cross-Platform Disk Encryption Tool

        Filesystem/Volume encryption has become paramount to the masses in the IT industry due to the varying advantages it presents including protection of sensitive data, military-grade encryption standards, password keys to prevent unwanted access, and an encrypted file/drive only the encryption software can access among others.

        Veracrypt is a cross-platform and open-sources on-the-fly encryption tool that was originally based on Truecrypt’s 7.1a codebase back in June 2013 but has since then matured greatly to become a singular encryption solution that is now dissimilar and incompatible with volumes encrypted with Truecrypt.

        Veracrypt is essentially your go-to option for an encryption tool if you’re looking to replace Truecrypt.

    • Instructionals/Technical

      • How To Install VNC Server on Debian 10 – TecAdmin

        VNC (Virtual Network Computing) allowed to remotely control desktop systems. We can say VNC is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB). There are multiple software services provides VNC service to access Linux based desktop remotely including, TigerVNC, TightVNC, Vino, vnc4server and more.

        The TigerVNC is a free, open-source and high-performance VNC server used to control or access Linux based desktop remotely. It is a client/server application that allows you to interact with graphical applications on remote machines.

        This tutorial help you to how to install and configure VNC server on Debian 10 Buster Linux system using the TigerVNC server.

      • How to Enable 2-Factor Authentication on Ubuntu - LinuxH2O

        In this quick guide, you will see, how to enable the 2-Factor authentication on Ubuntu. This guide can also be used on its derivatives.

        Before going straight, let’s see what is 2-Factor authentication?

        Simply put, it’s an extra layer of protection that you can be put on things that have passwords so that you are required to provide a time-based token for authentication addition to the password.

        Now, let’s set it up on Ubuntu.

      • How to Install Nvidia Drivers on Linux Mint [Beginner's Guide] - It's FOSS

        Linux Mint is a fantastic Ubuntu-based Linux distribution that aims to make it easy for newbies to experience Linux by minimizing the learning curve.

        Not just limited to being one of the best beginner-friendly Linux distros, it also does a few things better than Ubuntu. Of course, if you’re using Linux Mint like I do, you’re probably already aware of it.

        We have many beginner-focused Mint tutorials on It’s FOSS. Recently some readers requested help with Nvidia drivers with Linux Mint and hence I came up with this article.

        I have tried to mention different methods with a bit of explaining what’s going on and what you are doing in these steps.

      • How to Install Software from Source in Linux

        The most widely used Linux distributions, for example, Debian, Ubuntu, RedHat, Fedora, and many more, have a packaging system for distribution software. Binaries and configuration files of software are bundled in a package, which is nothing but an archive file, from which the package managers install the software.

        However, advanced Linux users, developers, and those who are more on the geeky side of things often install software directly from the source code; i.e., manual compilation and installation.

        As almost all software in GNU/Linux systems is free and open-source software, the source code is publicly available, usually in a version control system repository or even in the standard repositories in some distributions.

      • Steve Litt's No Bullshit Guide to LAN-Peer Qemu VMs

        To prevent confusion and ambiguity, this document repeatedly and redundantly describes each element as being either on the host or the VM guest. The host is the physical computer (metal computer) on which the VM guest is run. The VM guest is a Virtual Machine running on the host. The downfall of most online Qemu documentation is they rarely make this distinction, which can confuse the daylights out of someone not already knowing Virtual Machine technology extremely well.

        The examples in this document use a physical host that is running Void Linux. The VM guest runs Devuan Linux. This document's examples all use a LAN using the 192.168.0.0/24 network (subnet, actually), with a physical cable modem connection to the Internet at 192.168.0.1, the host at 192.168.0.2, a printer with HTML interface at 192.168.0.13, and a different Linux computer at 192.168.0.97. These four machines are all physical. On the LAN, the default route is the cable modem at 192.168.0.1, which also serves as a DHCP server, firewall, and router.

        A LAN-peer is a VM guest that can interact with all the computers and devices on the host's LAN. Also, all the computers and devices on that LAN can interact with the VM guest. A LAN-peer VM guest is, from a networking standpoint, exactly like a physical computer on the LAN.

        If parts of this document seem redundant and excessive, I've done this so that there's absolutely no confusion for anybody, regardless of their Virtual Machine or Qemu knowledge.

      • Using NetworkManager in Gentoo Linux | Fitzcarraldo's Blog

        My current two laptops running Gentoo Linux (both with OpenRC, elogind, eudev and wpa_supplicant) use NetworkManager rather than Netifrc. (Actually, my desktop machines also use NetworkManager even though they are always connected to the same network.) NetworkManager has worked with wired and wireless networking on these laptops without any issues for over five years now. This post summarises how it is installed and configured.

      • Debian Disable ipv6 on Interface – Linux Hint

        When you run Debian 10, the IPv6 network connections are enabled by default. But, in most situations, you need to disable the default setting of IPV6. However, we will give you a complete demo on how to disable the IPV6 interface on Debian 10 system.

        To execute all commands, you must have the privileges to run the system administrative commands.

      • How To Install and Use Git On Linux for Beginners – Linux Hint

        As developers, we are no strangers to managing and saving various copies of code before joining it to the main code.

        Let’s discuss a better and efficient way to manage various code versions and merge them with the main code after testing.

      • How To Mount And Use NFS Shares On Linux Sharing Files Easily Using NSF – Linux Hint

        Developed by Sun Microsystems in 1984, NFS or Network File Shares is a file system protocol used for accessing files over a network similar to a local storage device.

        NFS Shares are powerful and popular as they allow users to share files and directories over a local network and the internet. However, it is better to limit NFS shares to local and trusted networks as files don’t get encrypted on the machines. However, the problem was addressed and fixed on a recent version of the NFS protocol. You may need to set up complex authentication methods such as Kerberos.

      • How to Configure OpenVPN in Kali Linux – Linux Hint

        OpenVPN is a free and open-source VPN application that allows you to encrypt and send your network data via secure tunnels from one device to another not located on the same network. OpenVPN uses OpenSSL to encrypt network traffic to and from your devices.

        Once connected to an OpenVPN server, your network traffic gets routed through the server, keeping your data secure. In turn, this helps protect you from network attacks, especially when connected to public networks.

      • How to Enable Kali Linux Undercover Mode – Linux Hint

        Penetration testers and Black Hat hackers value discretion and anonymity above all else. A distribution such as Kali Linux, a tool preferred by is Security Researchers and Penetration testers, may not provide these all the time, especially in public locations where running code and having multiple terminals open can easily call unnecessary attention to yourself.

        Offensive Security took note of this and included a mode known called undercover mode in Kali Linux 2019.4.

      • How to Install Linux Headers on Kali Linux – Linux Hint

        Welcome to this concise article discussing how to install Linux headers on Kali Linux.

        Linux header files are used in interface definition between various components of the kernel. They are also used to define interfaces between the kernel and userspace. A typical case where Linux headers are required is running a Hypervisor because the tools require modules that interact with the kernel.

        By default, Kali Linux does not ship with Linux headers installed; you will have to do it manually.

      • How to Install and Configure OpenVAS on Kali Linux – Linux Hint

        OpenVAS or Open Vulnerability Assessment System is a Pen-testing framework whose collection of tools allow you to scan and test systems for known vulnerabilities. OpenVAS uses a database containing a collection of known exploits and vulnerabilities.

      • How to Install and Configure WireGuard on Kali Linux – Linux Hint

        WireGuard is a simple and fast open-source VPN tunneling service built with high-end cryptographic technologies. It is very easy to set up and use, and many consider it better than OpenVPN or IPSec. WireGuard is also cross-platform and supports embedded devices.

        WireGuard works by setting up virtual network interfaces such as wlan0 or eth0 that can be managed and controlled like normal network interfaces, helping configure and manage the WireGuard easily using net-tools and other network managing tools.

        This guide will show you how to set up a WireGuard client and server on a Kali Linux system.

        Let us start by installing WireGuard on the system.

      • How to Resize and Format Disk with PartedMagic – Linux Hint

        PartedMagic is a Linux distribution used for partitioning, data recovery, and other data-related forensics operations. It mainly comes packaged as an ISO tool you can burn to a CD/DVD or USB flash drive and booted live without installing it. Its primary use is on GNU Gparted and PartitionMagic packages, although PartedMagic is a commercial Software. It’s essential for data.

        This tutorial will walk you through PartedMagic operations like creating bootable media, booting up, partitioning, data recovery, etc.

      • How to Setup Virtualization on Synology NAS? – Linux Hint

        Synology has official support for virtualization on its NAS products. You can create and run Windows or Linux virtual machines on your Synology NAS really well and turn your Synology NAS into a software development environment. To run virtual machines on your Synology NAS, you need to have at least 8 GB or 16 GB (or more) memory installed, depending on your requirements. Then, you can install and use the official Virtual Machine Manager app to create and manage your virtual machines from the Synology Web GUI.

        In this article, I will show you how to set up virtualization on your Synology NAS and create a Windows 10 and an Ubuntu 20.04 LTS virtual machine on your Synology NAS. I will be using the Synology NAS model DS1821+ for the demonstrations. So, let’s get started!

      • How to install and add pCloud drive to startup on Manjaro | FOSS Linux

        PCloud is a cloud service offering 10BG free storage space for saving personal files on a secure cloud. It is available for Linux and other operating systems. pCloud also puts privacy first using its advanced encryption technology. Further, the pCloud storage drive is accessible via a desktop client in Linux or via your web browser.

        This guide will go through installing pCloud, opening your pCloud Drive, and adding pCloud Drive to startup on your Linux Manjaro distribution.

      • Introduction to Apache Solr. Part 2: Querying Solr – Linux Hint

        Apache Solr [1] is a search engine framework written in Java and based on the Lucene search library [6]. In the previous article, we set up Apache Solr on the soon-to-be-released Debian GNU/Linux 11, initiated a single data core, uploaded example data, and demonstrated how to do a basic search within the data set using a simple query. This is a follow-up article to the previous one. We will cover how to refine the query, formulate more complex search criteria with different parameters, and understand the Apache Solr query page’s different web forms. Also, we will discuss how to post-process the search result using different output formats such as XML, CSV, and JSON.

      • How to install Enlightenment Desktop in Fedora 30 Workstation – Linux Hint

        Enlightenment is a desktop environment like GNOME, KDE, MATE, Cinnamon, and others. The first release appeared in early 1997. It is a graphical desktop environment maintained by the Enlightenment project. It has a typical UNIX/X11-based desktop style. It has a rather elegant desktop interface and a different central philosophy of design.

        Enlightenment desktop can manage windows and files. It can do compositing. It can also start applications as well as handle UI and manipulate system settings. In fact, Enlightenment was the first Window Manager to bring themes into the X11 window system.

        Enlightenment is in existence before GNOME and is hardly younger than KDE. Its first release was version 0.1 in the first part of 1997. Initially, it was launched as a simple window manager. Despite the limited capability of computers to handle a user interface’s complex functionality, it proved to be very flexible in terms of behavior and visuals features.

        Enlightenment has too many features along with too much flexibility. One can configure it to be a simple GUI desktop or make it more dazzling with various activity options.

      • How to enable Blue Light Filter on Linux Mint? – Linux Hint

        The human eyes can filter the ultraviolet and many other harmful radiations of the sun. However, the eyes cannot filter the blue light. The excessiveness of blue light puts the strain on the eyes. Moreover, blue light passes the signal to the mind that it is daytime even if you are using blue light in the nighttime. Overall, blue light is harmful to humans because it interrupts the regular sleep-wake system, which ultimately damages our immune system.

        Filtering the blue light is a very important activity to perform on your system. Redshift is free and open-source software that automatically adjusts the color of the screen based on temperature, your current location, and daytime.

        In this article, we will learn to install Redshift on Linux Mint for enabling the blue light filter.

        We are using Linux Mint 20 for executing the commands and preparing this guide. Redshift can be installed on Linux Mint from the Software Manager and Linux Mint 20 standard repositories.

      • How to Setup a Kali Linux Mirror – Linux Hint

        Using the easy-to-follow steps provided in this guide, you can set up a Kali Linux mirror that can host Kali’s main repositories and images. A Kali Linux mirror is handy. Let us get started.

      • How to Build A Simple Blog With Hexo Static Site Generator – Linux Hint

        In the modern age, websites are the building blocks of information. From enterprise, eCommerce, social websites to simple blogs, websites allow people to share ideas and thoughts. This tutorial will show you how you can set up a simple blog using a static site generator that is very fast and easy to use.

      • How To Rebuild a Source Package In Kali Linux – Linux Hint

        Even though it’s customized explicitly for penetration testing, Kali Linux is a flexible and highly customizable Linux distro. It allows you to customize things like the Desktop environment, packages, and even the kernel as long as you know what you are doing,

        Let’s discuss how we can modify installed packages and rebuild them from the source.

      • How to find duplicate files in Linux? Help is here with the fdupes command! - Webleit.info

        Fdupes is a command line tool that allows you to find all duplicate files through the console. The advantage over using graphical tools like fslint is of course the speed. At the end of the day, there is nothing faster and more convenient than the Linux console.

        Why should we look for duplicate files in Linux?

        No matter what operating system you use sooner or later, your computer will contain many files of different sizes, and if you’re not careful enough, repeating them can cost you disk space that you need. For example, you inadvertently downloaded the same ultra HD movie with 40 giga bytes twice.

      • How to Install Moodle with Nginx and Let's Encrypt SSL on Ubuntu 20.04

        Moodle is a free and open-source Learning Management System written in PHP. It provides a way for tutors and instructors to create courses for their students or learners. Moodle provides a robust and secure integrated system and comes with a custom dashboard that helps users to access current, past or future courses, as well as review pending work. It is used by many schools, universities, and organizations across the globe and provides a better learning experience. It provides a rich set of features including, wiki, grading, assignment submission, online quizzes, discussion boards, and more.

        In this tutorial, we will show you how to install Moodle with Nginx web server and Let's Encrypt SSL on Ubuntu 20.04.

      • Install WordPress Automatically on Ubuntu 20.04 using WordOps

        WordOps is a simple tool that provides the ability to deploy WordPress sites from the command line using an optimized LEMP stack.

        The LEMP software stack consists of a group of software that describes a Linux Operating System, an Nginx web server (pronounced engine-x), a MySQL database with the dynamic processing being handled by PHP. LEMP is an acronym for Linux, Engine-x (Nginx), MySQL and PHP.

        WordOps simplifies so much of the process of installing and configuring all the packages from the LEMP stack needed to deploy a site while taking care of creating virtual hosts in Nginx, installing WordPress, and even gets you a SSL certificate.

        It also installs some components that allow you to see statistics about the server’s workload.

        In this tutorial we’ll use WordOps to quickly and easily install WordPress on an Ubuntu 20.04 machine, and we’ll check out and explain some of the extra features that WordOps offers.

      • How to Find Out When a Webpage Was Published - Make Tech Easier

        When you’re doing research on a topic, it’s vital to ensure your sources are up to date. If you’re writing an academic paper, dates of publication are often required in the citations.

        The majority of the time, getting the date is easy: simply look on the site and find the published date to find how recent it was. Things get a little more complicated when there is no date listed on the webpage. When this happens, how do you know when a webpage was published?

      • How to install Wireshark 3.4.3 on a Chromebook

        Today we are looking at how to install Wireshark 3.4.3 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • Another Piece For The Home Network Puzzle – A Return To Cisco IOS! – Jon's FOSS Blog

        I’ve missed the good old days of configuring and setting up good quality switching hardware (like the big, huge Cisco switches and routers I used to experiment on with their IOS command line interface). I recently ordered this newer, smaller Cisco switch which can also provide power to a new “prosumer” WiFi AP (no power cables needed).

      • Making environment variables accessible in front-end containers - Red Hat Developer

        When building a container for a single-page application using any modern JavaScript framework (such as Angular, React, or Vue.js), you might find that the configuration settings are different depending on where the container will run. A typical case would be the base URL for your API, which will differ depending on whether you are testing the application or deploying it into production. Developers usually solve this problem using environment variables.

        Environment variables typically work on the backend because that is where code runs. But what if your application lives in the user’s browser? There are many ways around this limitation. In some cases, you might build a server whose endpoint holds the necessary parameters. Another workaround is to use PHP to inject the environment variables as globals in the JavaScript code. Both of these options work, but it would be ideal to inject the environment variables as part of the container build process. That way, you don’t have to change the codebase, and you can still deliver the application content using a static web server like NGINX.

        This article shows you how to inject environment variables directly into your codebase as you build your container.

      • The Strange Case of How We Escaped the Docker Default Container

        TL;DR During an internal container-based Red Team engagement, the Docker default container spontaneously and silently changed cgroups overnight, which allowed us to escalate privileges and gain...

      • How to copy and paste between host and VM
    • Games

      • Godot Showcase - Primal Light developer interview

        Welcome to the fourth developer interview following the introduction of the Godot Showcase page! This week, we are interviewing the studio Fat Gem about their first game Primal Light.

      • Valve gives up on Artifact setting it free with Artifact Classic and Artifact Foundry | GamingOnLinux

        Valve's Dota themed card game Artifact has now well and truly failed, as they've now stopped the 2.0 redevelopment which is now named Artifact Foundry with the original as Artifact Classic and both now free to play.

        In a post titled "The Future of Artifact", Valve mentioned how the player count fell off dramatically and it was pretty much dead shortly after being released. Even though the big 2.0 revamp was far along in development, they've now formally and totally shelved it as they "haven't managed to get the active player numbers to a level that justifies further development at this time".

      • Loop Hero is out now and I'm going to need help to tear myself away from it | GamingOnLinux

        Loop Hero, probably the only titles I've pre-ordered in the last few years is officially out now and I really will need some help to pull myself away from running just one more loop.

        It's such a strange and beautifully intoxicating mix of genres. For each loop through you're placed into a world full of nothing but a path and it's up to you to build up the world each time. You do this through your deck of cards, while the hero automatically loops around the path and fights enemies along the way without your input. Even though you don't have direct control, there's quite a lot of strategy involved in it.

      • Dark low-fantasy tactical survival RPG 'Urtuk: The Desolation' is out now | GamingOnLinux

        Urtuk: The Desolation from David Kaleta presents you with a dark world in a low-fantasy settings where you guide a team of survivors through a ruined world. Note: key provided by the developer.

        Hitting nearly one thousand user reviews and a Very Positive rating on Steam overall, Urtuk: The Desolation seems to have managed to hit a sweet spot. Giving you tough turn-based combat, with a character progression system that sees you extracting skills and traits from fallen enemies. It's a bit of a gross world and the main character, Urtuk, is an escaped subject of experimentation with a severe mutation and worsening health. The idea is to eventually find a cure but getting there will be tough.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

    • Distributions

      • Top 10 Most Secure Linux Distros for Personal Use

        It is no secret that everyone looks for a secure operating system that offers top-notch privacy. If you are using a system that is not secure enough, anyone can access your system and exploit your data, such as photos, videos, files, and sensitive financial information. Linux systems offer fantastic privacy and security as compared to other OS, like Windows or Mac. So, it is best to go for a Linux system for better security. But, there is an extensive list of secure Linux distros, and it can be difficult to choose one.

      • Debian Server vs. Ubuntu Server Comparison

        When setting up a new server, a major concern that users may have is which OS to use. Many choices come into mind when it comes to the operating system to use, so selecting just one OS can be a tough choice. It is necessary for a user to compare different server types to select one that fits his or her requirements. In this article, we will compare and contrast Debian and Ubuntu servers.

        Debian and Ubuntu servers are considered quite similar in many respects. Let us dig deep into a comparison of the two servers...

      • Top 9 Best Ubuntu-Based Linux Distros

        In recent years, Ubuntu has become the default operating system of personal and professional users alike. Due to the popularity of the Ubuntu distribution, many Ubuntu-based Linux distros are now available on the Internet, each developed to fulfill special needs. In fact, there are so many unique Ubuntu distributions that it is impossible to count an exact number.

        One major reason behind the popularity of Ubuntu-based distros is that these distributions are easy to work with even for novice users. Ubuntu is also backed by a large community of open-source developers who actively work to keep Ubuntu up-to-date and bug-free.

      • BSD

        • OpenBSD/loongson on the Lemote Fuloong

          This machine uses the same CPU than the Yeeloong, a Loongson 2F which is a single-core MIPS-III 64-bit processor running at 800/900 MHz.

          As hinted in my previous article, contrarily to the Yeeloong, the Fuloong is less strict with the type of RAM it accepts, and my device is happily running with a Kingston 2GB DDR2 SO-DIMM module (ASU256X64D2S800C6), replacing the original 512MB module.

      • Screenshots/Screencasts

        • Linux Lite 5.4 RC1

          Today we are looking at Linux Lite 5.4 RC1. It comes with Linux Kernel 5.4, XFCE 4.14, based on Ubuntu 20.04, and uses about 400MB of ram when idling. Enjoy!

        • Linux Lite 5.4 RC1 Run Through

          In this video, we are looking at Linux Lite 5.4 RC1.

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • A Week with Mageia 8: Two Success Stories

          Mageia 8 was released not long ago and I installed it as soon as it was out. However, I took a week to work with it and see how it plays with the other distros in my laptop.

          I have a multi-boot system in which I always keep 4+ distros. Before this new install, I had PCLinuxOS, OpenMandriva Lx 4.2 (my latest install), Elive 3, MX Linux (Patio Feo), and Mageia 7. I logically wanted to upgrade Mageia 7 to 8.

          Historically, this set up has meant several grub 2- related headaches: if I installed OpenMandriva after Mageia, Mageia would boot very slowly. If, on the other hand, Mageia controlled the grub post installation, OpenMandriva would get a kernel panic. As I lack technical knowledge, I could never fix those problems myself.

          This time, I passed on the live version and decided to install the complete release, which I nostalgically call the PowerPack. If I recall correctly, one cannot upgrade from a live version, so I chose "install" instead of "upgrade," which wipes out the root partition. Still, I kept /home intact. With this distro image, the install takes more time, but it was not bad. A plus is that the process has remained pretty much consistent all these years and this makes the installation a familiar path.

          When everything was done, I rebooted and Mageia 8 took over grub control. I booted this new release and all was working great: internet connection, desktop effects, sound, and screen edges. My personal settings were preserved, so I installed my preferred programs and the system was ready. Even Steam games were kept and working.

        • OpenMandriva build infrastructure switches to ARM servers

          As you may have noticed, the ABF build system has moved to a new server and is now fully operational.

          What you probably have not noticed is that it is now running on an ARM (aarch64) server.

          When looking for a new host, we decided to go with the aarch64 option - aarch64 support in OpenMandriva 4.2 is stable, the workloads on abf are perfect for a heavily multithreaded system, and reducing power consumption definitely can't hurt.

      • IBM/Red Hat/Fedora

        • Is your Cloud infrastructure securely configured?

          The trend toward deploying security as part of the DevOps process has been shifting left the security and compliance processes. The DevSecOps practices have introduced processes to inspect application-code, Docker, and Kubernetes. These practices have allowed teams to detect and fix security issues faster and provide high-quality and compliant code.

          Still, many admins of Cloud accounts are securing account configuration by configuring an account via a UI, running a configuration assessment scan, and then fixing any issues found. While this might lead eventually to a securely configured account, they are essentially experimenting with an account until it becomes secure.

        • Delivering more flexible and tailored cloud-native management with the latest version of Red Hat Advanced Cluster Management for Kubernetes

          Today, we’re pleased to announce the general availability of Red Hat Advanced Cluster Management for Kubernetes 2.2, which delivers even greater integration and customization to how enterprises manage cloud-native workloads and environments. This latest release simplifies and streamlines operations and captures additional performance metrics to ensure optimization of Red Hat OpenShift clusters.

          Introduced in the summer of 2020, Advanced Cluster Management for Kubernetes enables organizations to manage multiple Kubernetes clusters and automate multi-cluster application deployments across the hybrid cloud. As the industry’s leading enterprise Kubernetes platform, Red Hat OpenShift is a crucial component in how organizations build a more agile hybrid cloud, and Advanced Cluster Management for Kubernetes helps these enterprises get the most out of these deployments by extending and scaling Red Hat OpenShift clusters.

      • Debian Family

        • Google works with a Debian developer to make COVID-19 research easier on Linux

          Medical research surrounding COVID-19 isn't over though, as scientists still have plenty of work to do. Olek Wojnar, a developer of the Linux-based Debian operating system, has been working to help these scientists by packaging some software for easy installation on Linux. One of those packages was Google's build software Bazel. Upon finding out about Wojnar's efforts, Google offered to help with the process.

          "The Bazel team jumped in to help Olek and the COVID-19 research community. Yun Peng, Software Engineer at Google with Olek Wojnar led the team of Bazel and Debian volunteers to move the project forward. The joint effort between Debian and Google has produced some great results, including packaging the Bazel bootstrap variant in 6 months time (Debian 11 -- released in Late 2021; Ubuntu 21.04 -- 22 April 2021)," explains Google.

          The search giant further says, "Bazel is now available as an easy to install package distributed on Debian and Ubuntu. The extended Google team continues to work with Debian towards the next step of packaging and distributing Tensorflow on Debian and other Linux distributions."

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • hipSYCL Sees Work-In-Progress Support For Intel oneAPI Level Zero Backend

        hipSYCL, the innovative implementation of Khronos' SYCL for targeting CPUs and GPUs by integrating with existing toolchains, is seeing work on supporting Intel oneAPI Level Zero for running directly off Intel graphics hardware.

        The open-source hipSYCL project already supports SYCL CPU-based execution via OpenMP, targeting NVIDIA GPUs using CUDA, and targeting AMD Radeon graphics using HIP/ROCm. Now with a new work-in-progress back-end is support for Intel graphics using Level Zero. The hipSYCL project is one of several SYCL implementations aiming to support various CPUs and GPUs/accelerators while so far it's been one of the most diverse. The hipSYCL project supports most of SYCL 2020 at present.

      • The Apache News Round-up: week ending 5 March 2021 : The Apache Software Foundation Blog

        Welcome, March! We've had a great week within the Apache community.

      • Web Browsers

        • Chromium

          • How to ‘un-google’ your Chromium browser experience

            On March 15th 2021, Google is going to block non-Google chromium-based browsers from accessing certain “private Google Chrome web services” by unilaterally revoking agreements made with 3rd parties in the past. Meaning, every Chromium based product not officially distributed by Google will be limited to the use of only a few public Google Chrome web services. The most important service that remains open is “safe browsing”. The safe browsing feature identifies unsafe websites across the Internet and notifies browser users about the potential harm such websites can cause.

            The most prominent feature which will be blocked after March 15th is the “Chrome Sync”. This Chrome Sync capability in Chromium based browsers allows you to login to Google’s Sync cloud servers and save your passwords, browsing history and bookmarks/favorites to your personal encrypted cloud vault inside Google’s infrastructure. Extremely convenient for people who access the Internet using multiple devices (like me: Chrome on a few Windows desktops, Chromium on several Slackware desktops and laptop and Chrome Mobile on my Android smartphone) and who want a unified user experience in Chrome/chromium across all these platforms.

          • Speeding up Chrome's release cycle

            For more than a decade, Chrome has shipped a new milestone every 6 weeks, delivering security, stability, speed and simplicity to our users and the web. As we have improved our testing and release processes for Chrome, and deployed bi-weekly security updates to improve our patch gap, it became clear that we could shorten our release cycle and deliver new features more quickly. Because of this, we are excited to announce that Chrome is planning to move to releasing a new milestone every 4 weeks, starting with Chrome 94 in Q3 of 2021. Additionally, we will add a new Extended Stable option, with milestone updates every 8 weeks. Extended Stable will be available to enterprise administrators and Chromium embedders who need additional time to manage updates. Security updates on Extended Stable will be released every two weeks to fix important issues, but those updates won’t contain new features or all security fixes that the 4 week option will receive.

          • Chrome Moving To A 4-Week Release Cycle

            Google has been delivering new Chrome milestone releases on a six week cycle for more than one decade while moving ahead they are shifting to a four-week cycle.

            It was at the end of 2019 that Mozilla began shifting Firefox to a 4-week cycle and starting later this year Chrome will be doing the same.

          • Google Patches Actively-Exploited Flaw in Chrome Browser

            A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.

            Google has fixed a high-severity vulnerability in its Chrome browser and is warning Chrome users that an exploit exists in the wild for the flaw.

            The vulnerability is one of 47 security fixes that the tech giant rolled out on Tuesday in Chrome 89.0.4389.72, including patches for eight high-severity flaws.

          • GOGGLES: Democracy dies in darkness, and so does the Web

            This paper proposes an open and collaborative system by which a community, or a single user, can create sets of rules and filters,called Goggles, to define the space which a search engine can pull results from. Instead of a single ranking algorithm, we could have as many as needed, overcoming the biases that a single actor (the search engine) embeds into the results. Transparency and openness, all desirable qualities, will become accessible through the deep re-ranking capabilities Goggles would enable. Such system would be made possible by the availability of a host search engine, providing the index and infrastructure, which are unlikely to be replicated without major development and infrastructure costs. Besides the system proposal and the definition of the Goggle language, we also provide an extensive evaluation of the performance to demonstrate the feasibility of the approach. Last but not the least, we commit the upcoming Brave search engine to this effort and encourage other xsearch engine providers to join the proposal.

        • Mozilla

          • Robert Kaiser: Mozilla History Talk @ FOSDEM

            The FOSDEM conference in Brussels has become a bit of a ritual for me. Ever since 2002, there has only been a single year of the conference that I missed, and any time I was there, I did take part in the Mozilla devroom - most years also with a talk, as you can see on my slides page.

            This year, things were a bit different as for obvious reasons the conference couldn't bring together thousands of developers in Brussels but almost a month ago, in its usual spot, the conference took place in a virtual setting instead. The team did an incredibly good job of hosting this huge conference in a setting completely run on Free and Open Source Software, backed by Matrix (as explained in a great talk by Matthew Hodgson) and Jitsi (see talk by Saúl Ibarra Corretgé).

          • An Introduction to WebAssembly

            WebAssembly, also called Wasm, is a Web-optimized code format and API (Application Programming Interface) that can greatly improve the performances and capabilities of websites. Version 1.0 of WebAssembly, was released in 2017, and became an official W3C standard in 2019.

            The standard is actively supported by all major browser suppliers, for obvious reasons: the official list of “inside the browser” use cases mentions, among other things, video editing, 3D games, virtual and augmented reality, p2p services, and scientific simulations. Besides making browsers much more powerful than JavaScript could, this standard may even extend the lifespan of websites: for example, it is WebAssembly that powers the continued support of Flash animations and games at the Internet Archive.

            WebAssembly isn’t just for browsers though; it is currently being used in mobile and edge based environments with such products as Cloudflare Workers.

            [...]

            There are more and more programming language communities that are supporting compiling to Wasm directly, we recommend looking at the introductory guides from webassembly.org as a starting point depending what language you work with. Note that not all programming languages have the same level of Wasm support, so your mileage may vary.

      • SaaS/Back End/Databases

        • MySQL Drop a Column From Existing Table – Linux Hint

          MySQL Database Infrastructure is indeed a completely managed database service to build cloud-native apps. There are different cases where we perform different queries or commands to alter the database. Depending on the case, the ALTER expression is often included for the ‘ADD’, ‘Delete/DROP’ and ‘MODIFY’ commands. This tutorial guide will learn precisely how to remove a column from an existing table utilizing the MySQL DROP COLUMN clause.

        • MySQL Find Duplicate Values in Table – Linux Hint

          Redundant data can be kept in the table by the database program, influencing the database’s output in MySQL. Data replication, though, happens for different purposes, and it is an important job to identify the duplicate values in the table when dealing with a MySQL database. Broadly speaking, it is smart to use clear restrictions on a table often to store information that prevents redundant rows. Sometimes, in a MySQL database, you might like to calculate the number of repeated values. We addressed this question in this topic, in which you will learn about how to locate duplicate values through different ways and how to count duplicate values.

          To get started, you must have MySQL installed on your system with its utilities: MySQL workbench and command-line client shell. After that, you should have some data or values in your database tables as duplicates. Let’s explore this with some examples. First of all, open your command-line client shell from your desktop taskbar and type your MySQL password upon asked.

        • Open-source relational database startup Yugabyte raises $48M

          Open-source relational database startup Yugabyte Inc. said today it has raised $48 million in new funding to accelerate the launch of its fully managed Yugabyte Cloud offering.

          The Series C round was led by Lightspeed Venture Partners and included Greenspring Associates, Dell Technologies Capital, Wipro Ventures and 8VC. Including the new funding, Yugabyte has raised $103 million to date.

      • Productivity Software/LibreOffice/Calligra

        • 5 surprising things you can do with LibreOffice from the command line

          LibreOffice has all the productivity features you'd want from an office software suite, making it a popular open source alternative to Microsoft Office or Google Suite. One of LibreOffice's powers is the ability to operate from the command line. For example, Seth Kenlon recently explained how he uses a global command-line option to convert multiple files from DOCX to EPUB with LibreOffice. His article inspired me to share some other LibreOffice command-line tips and tricks.

          Before we look at some hidden features of LibreOffice commands, you need to understand how to use options with applications. Not all applications accept options (aside from the basics like the --help option, which works in most Linux applications).

      • Programming/Development

        • PHP version 7.4.16 and 8.0.3 - Remi's RPM repository - Blog

          RPMs of PHP version 8.0.3 are available in remi-php80 repository for Fedora 31-33 and Enterprise Linux (RHEL, CentOS).

          RPMs of PHP version 7.4.16 are available in remi repository for Fedora 32-33 and remi-php74 repository for Fedora 31 and Enterprise Linux (RHEL, CentOS).

        • Deno 1.8: Node.js alternative gets 'out of the box GPU accelerated machine learning' [Ed: Microsoft Tim is now promoting Deno, as Deno supports Microsoft monopoly on many levels. The Register is not what it once was...]

          The Deno project has released version 1.8, including experimental support for the WebGPU API enabling "out-of-the-box GPU accelerated machine learning."

          [...]

          There is also a new language server, used to support smart features in code editors, that works with both Visual Studio Code and other editors. The TypeScript version in Deno 1.8 has been upgraded to the latest 4.2.

        • Perl/Raku

          • Monthly Report - February

            Apology for the delay in monthly report, usually I get it released on first day of the month.

            Last month was the shortest month of the year as you all know, so getting things done became relatively harder.

            What is in store this time?

            Well, there were two things that took away all the attentions.

        • Python

          • How to Use bulk_create() in Django? – Linux Hint

            Django framework can be used to create a web application with a database by writing script in models.py and views.py files of the Django app. The data can be inserted into the database tables by using Django Administration Dashboard or by writing a script in the views.py file. Django Administration Dashboard requires a login for an authenticated user to access the tables of the database. Single or multiple records can be inserted into the database tables by writing a script. bulk_create() method is one of the ways to insert multiple records in the database table. How the bulk_create() method is used to insert the multiple data in a Django database table will be shown in this tutorial.

          • How to Use Django Channel – Linux Hint

            Django is a popular Python framework used to develop web apps using the WGSI (Web Server Gateway Interface) and ASGI (Asynchronous Server Gateway Interface) server specifications. WGSI is used for developing synchronous Python apps, and AGSI is used for developing asynchronous and synchronous web apps. Channel is a useful feature of Django that is used to handle WebSocket, chat protocol, etc. alongside the HTTP protocol. Channel is built on the ASGI server specifications. A two-way interactive communication session between the user’s browser and the server can be opened using a WebSocket. The client initiates the WebSocket connection and the server responds with an accept or close message. The WebSocket messages are pushed into the channel using producers and sent to the consumers that are listening on the channel. This tutorial shows you how to use channels to handle WebSocket messages.

          • Python range() Explained: What It Is and How to Use It - Make Tech Easier

            One aspect of programming that many tutorials don’t tell you upfront is the amount of looping and counting you’ll have to do. As such, any programming language worth its salt will offer ways to enumerate numbers in a repeated way. The Python range sequence type is one of those methods.

        • Rust

          • Planning the Rust 2021 Edition

            The Rust 2021 Edition working group is happy to announce that the next edition of Rust, Rust 2021, is scheduled for release later this year. While the RFC formally introducing this edition is still open, we expect it to be merged soon. Planning and preparation have already begun, and we're on schedule!

            If you're curious what features Rust 2021 will introduce or what the timeline for getting the edition released on stable is, keep reading!

  • Leftovers

    • Kids, remember to talk to your parents about [Internet] safety!

      By now, a vast number of scientific studies confirm that this particular distraction can quickly evolve into something much more problematic, namely an addiction: “Internet addiction is described as an impulse control disorder and is very similar to pathological gambling” (Stefaniuk 65). Outside of the academic sphere, this striking comparison was recently also highlighted in the documentary The Social Dilemma, where the “Pull-to-refresh” smartphone feature is likened to the mechanism of a slot machine. A basic function that can trigger a seemingly endless chain of programmed volatility, every swipe being a new chance for reward, as long as the price keeps being paid. Which is? Undivided attention?

      A little further down in the above-mentioned study, not too far after the gambling simile, the following conclusion is drawn: “The problem of Internet addiction is especially hazardous when it comes to children and teenagers, for – due to their immaturity – they become addicted much faster than adults do” (66). While I certainly agree that children and young adults should be informed about the dangers of internet addiction, they are not the first age group that comes to my mind when I hear of gambling-like addictions.

    • Science

      • [Old] Disagreeing takes up a lot of brain real estate

        In discord, she said, two brains engage many emotional and cognitive resources "like a symphony orchestra playing different music." In agreement, there "is less cognitive engagement and more social interaction between brains of the talkers, similar to a musical duet."

        The lead investigator of the paper is Alex Salama-Manteau, a former graduate student of economics at Yale and now a data scientist at Airbnb. Mark Tiede, a research scientist at the Haskins Laboratory at Yale, is second author of the paper.

      • [Old] Interpersonal Agreement and Disagreement During Face-to-Face Dialogue: An fNIRS Investigation

        Verbal face-to-face communication is central to everyday transactions between humans throughout the entire lifespan. The foundational nature of live and interactive social functions is in contrast to the nascent development of neurocognitive theories to explain them which have been limited by lack of data from live and natural social interactions. Here we have addressed this knowledge gap by recording neural responses and speech concurrently during live face-to-face discussions of topics where the interlocutors were either in agreement or disagreement, a common feature characteristic of verbal exchanges between two individuals. The dialectical misattunement hypothesis (Bolis et al., 2017) proposes that disturbances in the reciprocal unfolding of an interaction result in a change of the dyadic state, thus predicting a behavioral and neural difference between the two conditions employed in this study. Findings in this investigation are consistent with this prediction. A theoretical neural framework for the effects observed in this investigation remain nascent but contribute to an emerging neuroscience of social interactions that may serve to coordinate activities of multiple component systems often investigated alone such as face processing, language production, and theory of mind. In so doing, this paradigm provides a template for developing methods and models to access neural processes that are responsive to spontaneous, rapid, and multimodal components of live interactions.

    • Hardware

      • NXP i.MX 9 processors to integrate Arm Ethos U-65 microNPU, EdgeLock secure enclave

        NXP i.MX 6 and i.MX 8 processors are widely used in industrial boards and systems-on-module, and the company has now teased a new family with i.MX 9 processors integrating Arm Ethos-U65 1 TOPS microNPU, as well as the company’s EdgeLock secure enclave for increased security.

        The company did not provide that many technical details, so we still don’t know which CPU cores, GPU, and exact peripherals will be found in the processor. But we do know the i.MX 9 processors will be manufactured with a 16/12nm FinFET class of process technology optimized for low power, and features the “Energy Flex” architecture that combines “heterogeneous domain processing (independent applications processor and real-time domains with a separate low-power multi-media domain), design techniques, and process technology to maximize performance efficiency”. That means most blocks of the processor can be turned off for low power audio or CAN networking use cases, and other industrial applications requiring fast boot, defined as sub-100 milliseconds boot time.

    • Health/Nutrition

      • EU starts review of Russia’s ‘Sputnik V’ coronavirus vaccine

        The European Medicines Agency (EMA) has started its review of the “Sputnik V” vaccine developed by Russia’s Gamaleya Research Institute. The vaccine will undergo a “rolling review” based on the results of laboratory and clinical studies in adults. This was announced in press releases from both the EMA and the Russian Direct Investment Fund (RDIF), which has overseen the drug’s development.

      • Are patents the cause of—or solution to—COVID-19 vaccine innovation problems? (No!)

        As we discussed in an earlier post, relative to the number of people needing (and wanting) to get vaccinated, there’s a vaccine shortage. The shortage has exacerbated structural inequalities: distribution of the existing vaccine supply has reflected stark racial disparities within the United States and even more pronounced global disparities. This shortage is not a surprise: it was clear from the earliest stages of COVID-19 vaccine development that short-term demand would far outstrip supply for any successful vaccine, which is why the federal government should have invested more—and earlier—in building at-risk manufacturing capacity for all the leading vaccine candidates. But now, the scale of the problem has become widely apparent. For some, weakening patent rights may look like a solution.

        Under the conventional account, the patent system reflects a fundamental tradeoff between innovation incentives and access: patents incentivize innovation by allowing patent owners to charge supra-competitive prices, and for a static demand curve, this means that fewer consumers will purchase the patented product. Thus, as Ken Shadlen explains, “[i]t’s become common wisdom in the ‘access to medicines’ community that the way to increase access to pharmaceutical products is to reduce the legal barriers to market entry that patents impose, thereby increasing competition among multiple suppliers.” This strategy was among the tools used to increase global access to HIV/AIDS treatments. But there are many ways to avoid the incentives/access tradeoff without eliminating patents, and removing patents doesn’t make sense as a near-term access strategy for COVID-19 vaccines. If all relevant vaccine patents were suddenly invalidated, it would not lead to more firms manufacturing these vaccines anytime soon, for at least five reasons.

    • Integrity/Availability

      • Proprietary

        • Wipro to acquire UK-based IT consultancy Capco for $1.45 billion

          The acquisition is subject to customary closing conditions and regulatory approvals and is expected to close in the quarter ending June 30, 2021.

        • Development on Windows is Painful

          Overall, I think I can at least tolerate this development experience. It's not really the most ideal setup, but it does work and I can get things done with it. It makes me miss NixOS though. NixOS really does ruin your expectations of what a desktop operating system should be. It leaves you with kind of impossible standards, and it can be a bit hard to unlearn them.

          A lot of the software I use is closed source proprietary software. I've tried to fight that battle before. I've given up. When it works, Linux on the desktop is a fantastic experience. Everything works together there. The system is a lot more cohesive compared to the "download random programs and hope for the best" strategy that you end up taking with Windows systems. It's hard to do the "download random programs and hope for the best" strategy with Linux on the desktop because there really isn't one Linux platform to target. There's 20 or something. This is an advantage sometimes, but is a huge pain other times.

          The conclusion here is that there is no conclusion.

        • Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

          Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository — all of which exfiltrate sensitive information.

          The packages weaponize a proof-of-concept (PoC) code dependency-confusion exploit that was recently devised by security researcher Alex Birsan to inject rogue code into developer projects.

          Internal developer projects typically use standard, trusted code dependencies that are housed in private repositories. Birsan decided to see what would happen if he created “copycat” packages to be housed instead in public repositories like npm, with the same names as the private legitimate code dependencies.

        • Ryuk ransomware develops worm-like capabilities, France warns

          A new sample of Ryuk ransomware appears to have worm-like capabilities, according to an analysis from the French National Agency for the Security of Information Systems (ANSSI), France’s national cybersecurity agency.

        • FireEye finds evidence Chinese [crackers] exploited Microsoft email app flaw since January [iophk: Windows TCO]

          Cybersecurity group FireEye on Thursday night announced it had found evidence that [crackers] had exploited a flaw in a popular Microsoft email application since as early as January to target groups across a variety of sectors.

          [...]

          Since then, FireEye found evidence that the hackers had gone after an array of victims, including “US-based retailers, local governments, a university, and an engineering firm,” along with a Southeast Asian government and a Central Asian telecom.

        • Security

    • Defence/Aggression

      • CPAC 2021: A school for indoctrinating and radicalizing right-wing extremists

        Today's Republican Party is now a de facto terrorist organization. Donald Trump, the twice-impeached president whom Senate Republicans twice acquitted for his crimes, is its leader.

        Trump, a president who attempted a coup against American democracy that included a lethal assault on the Capitol, has not been broken, and is not behaving as if he had been defeated. At CPAC, he spoke in his role as leader of a violent right-wing insurgency, one which law enforcement and counterterrorism experts warn is continuing to gain momentum.

        The danger from right-wing terrorists is now so great that the House of Representatives will not convene on Thursday this week because of credible reports that Trump supporters and QAnon cultists may be planning an attack.

      • Indian Official Claims Huge Blackout May Have Been [an attack]

        The October power outage left millions without electricity, brought public transit to a halt, and shut down communication networks for up to 12 hours in some parts of the city, according to Reuters.

        The day before Deshmukh’s announcement, The New York Times published a report suggesting that the cyberattack was a warning shot of sorts over ongoing conflicts between the two countries, though the Chinese Embassy dismissed it as speculation.

      • Facebook Shuts Down Account Of International Union Of Muslim Scholars (IUMS), Which Frequently Calls For Terror And Jihad

        On January 5, 2021, Facebook shut down the account of the International Union Of Muslim Scholars (IUMS), which is based in Doha and has been supported since its establishment by the Qatari and Turkish regimes.[1] The IUMS was founded in 2004 by Sheikh Yousuf Al-Qaradhawi, a major ideologue of the Muslim Brotherhood who lives in Qatar and has been sponsored by its regime for years. Al-Qaradhawi also headed the organization until 2018, when he was succeeded by Dr. Ahmad Al-Raissouni.

        Neither Facebook nor the IUMS reported the exact reason for the closure of the account, but Arab media that support the IUMS stated that the reason was a fatwa posted two days earlier, on January 3, signed by the organization's president Al-Raissouni and its secretary-general 'Ali Al-Qaradaghi. The fatwa called for an economic boycott of Israel in response to the normalization agreements recently signed with it by several Arab states.[2] However, the closure was likely prompted not by the fatwa's call to boycott Israel, but by its explicit call to wage jihad against it by any means. Similar materials supporting jihad and terrorism have been published by the IUMS for many years.

      • Médecins Sans Frontières worker killed in Syrian refugee camp

        It is home to more than 65,000 people, four fifths of them women and children but also some adult men. All were displaced by the final assault by US-backed forces who drove back Isis between 2014-2019, and they include many Isis wives and children.

      • Knife attack in Sweden leaves at least eight injured, three critically

        All eight victims were hospitalised and three had life-threatening injuries, the Jonkoping regional council said on its website.

        Police said the suspect attacked at least five different locations in Vetlanda.

      • Sweden: Police probe ax attack as possible 'terror crime'

        According to Swedish newspaper the Aftonblade, police spokesperson Angelica Israelsson Silfver said: ''Some are seriously injured and some are slightly injured, but no one is dead."

        Regional police chief Malena Grann confirmed at a news conference that a suspect had been arrested after ''police opened fire.''

      • UPDATE: Terror Attack in Sweden – Afghani Migrant Stabs Eight in Vetlanda (Video)

        Update: According to Swedish New Agency, Expressen the attacker is a 22-year-old Afghan citizen who has previously been convicted of drug offenses. The terrorist is said to have received regular visits from social services at home and has been suffering from “mental problems” for some time.

        In virtually every instance of jihad attacks in Sweden, politicians & media hide the identity of the attackers. In rare instances when the identity of an attacked is leaked, the suspect is presented as possibly suffering from mental health issues.

      • ISIS and Al-Qaeda’s Sub-Saharan Affiliates Are Poised for Growth in 2021

        Once considered a backwater for jihadists, sub-Saharan Africa is now at the forefront of the counterterrorism landscape. With core ISIS and al-Qaeda reeling from sustained Western counterterrorism campaigns, attention has shifted from former jihadist bases in the Middle East and south Asia, respectively, to the Sahel and Nigeria, the Horn of Africa, and, most recently, the continent’s southeastern Swahili coast. ISIS and al-Qaeda affiliates throughout sub-Saharan Africa are well-positioned to expand their influence, garner new recruits, spread propaganda, and in some cases, capture territory.

        As weak states give way to weak regions, overmatched security forces are being upstaged by well-armed jihadists capable of mounting complex and coordinated operations that increasingly resemble those of core ISIS and al-Qaeda themselves. These terrorists have taken advantage of porous borders throughout Africa and, in opportunistic fashion, have capitalized on fraught political transitions and lack of security sector accountability in countries like Mali and Mozambique, working to further destabilize already fragile states.

      • Muslims in Switzerland speak out against proposed 'burka ban'

        According to reports by Al Jazeera, the “burka ban”, as it has come to be known, was initiated by the Egerkinger Komitee, which is a group belonging to the right-wing Swiss People’s Party (SVP). The political grouping said it organises “resistance against the claims to power of political Islam in Switzerland”.

        The Swiss are expected to vote in a referendum about the “burka ban” on March 7.

    • Transparency/Investigative Reporting

      • Far-right misinformation on Facebook outranks real news

        Overall, misinformation authors on the far right received 65% more engagement per follower than other pages, according to the research.

        Real news was more popular than misinformation in every other partisan news category examined, according to the study — for the slightly right, center, slightly left and far left, real news outranked misinformation on Facebook. Misinformation outranked real news only on the far right, according to the research.

    • AstroTurf/Lobbying/Politics

      • YouTube CEO Says Trump Channel Will Stay Suspended Over Violence Risk

        The Google-owned platform will lift the suspension when it determines the risk of violence has decreased, but if the former U.S. president violates the rules, the channel will be removed again.

      • Amend H.R. 1 To Protect Voting Rights, Not Big Donors

        The “For the People Act” (H.R.1/S.1) is voting rights legislation now pending in Congress. Civil rights organizations are urgently supporting this bill in order to secure voting rights against over 250 voter suppression bills introduced by Republicans this year in 43 state legislatures.

        As a GOP lawyer bluntly told the U.S. Supreme Court on March 2 in an Arizona voting rights case when asked why the Republican Party opposed removing a voting restriction, “Because it puts us at a competitive disadvantage relative to Democrats.” The voting rights sections of H.R.1 are important federal measures to enact at a time when the Republican Party seeks to restrict voting rights at the state level.

        However, buried in the middle of H.R.1 is a campaign finance reform section that will only further entrench the domination of campaign financing by the super-rich and moneyed special interests. Among major problems with H.R. 1’s campaign finance provisions are that it effectively excludes third party candidates. The qualifying threshold to receive presidential primary matching funds is increased five times. This higher threshold puts public funding beyond the reach of third-party candidates.

        As a Green Party candidate for president, I was the only candidate in any party to apply for matching funds in 2020. The major party candidates eschewed the program because a condition of receiving matching funds is a cap on the amount of private spending, which was $51.8 million in 2020. That was too low for the major party candidates who could raise so much more from private sources. H.R. 1 eliminates the existing cap on private campaign spending by publicly funded presidential candidates. It simply adds public funding to unlimited private funding.

    • Censorship/Free Speech

    • Freedom of Information/Freedom of the Press

      • Why charge Saudi crown prince MBS in Germany?

        The brutal murder of the journalist Jamal Khashoggi at the Saudi consulate in Istanbul in 2018 is just one of the more extreme examples in a country where the persecution of journalists is reported to be systematic.

        RSF's complaint cites the arbitrary detention of 34 journalists, including the blogger Raif Badawi, who had criticized the role of religion in Saudi Arabia and ultimately received a sentence of 10 years in prison and 1,000 lashes. In 2015, DW awarded him its Freedom of Speech Award.

      • Myanmar: Reporter placed in chokehold as 6 journalists charged

        In the AP video, Thein Zaw appears to be photographing security forces running at protesters on Saturday in Myanmar's largest city Yangon.

        Thein Zaw tries to escape as seven people place him in a chokehold and handcuffs.

        A policeman then pulls him with the handcuffs.

    • Civil Rights/Policing

      • Hong Kong Court Orders 47 Pro-Democracy Activists Held

        After a four-day hearing, a Hong Kong court ruled Thursday that 47 pro-democracy advocates accused of subversion under a national security law must remain in custody.

        The West Kowloon Magistrates Court denied bail to 31 of the activists, while another identified as law professor Benny Tai withdrew his bail petition because he was being held in another case.

      • We Need to Talk About the Male Victims of ‘Honour-Based’ Violence

        More needs to be done to help the men who are victims of so-called honour-based violence (HBV) in the UK, researchers have told VICE World News.

        [...]

        2,024 cases of HBV were reported in England and Wales in 2019-2020, according to official Home Office statistics, but the true figure is likely to be much higher, due to a reluctance by victims to come forward. 80 percent of HBV victims are women, but a significant number of men are suffering in silence.

      • Where is a Black Lives Matter when it comes to enslaved African girls?

        They are kidnapped by gangs of criminals with ties to jihadist groups in the north-east of the country.

        Young women are often forced to marry the kidnappers when they fail to make money on ransom demands. They are often sold for 2,000 naire, the Nigerian currency (equivalent to 12 dollars). The NGO Free the Slaves estimates a profit of $ 1.6 billion (an amount greater than the GDP of eight African countries) from African slavery each year.

        According to the bishops, "Nigeria is on the verge of collapse" and is in danger of breaking apart.

        Unfortunately, the West feeds on Third Worldism and says "Black Lives Matter" but does not care about this slavery, on the contrary it often collaborates with it.

    • Monopolies

      • Patents

        • The EU SEPs Expert Group Report – Transparency Issues

          In an ideal world we would be able to rely on objective declarations of essentiality. However, the world we live in is far from ideal – there is a distinct lack of transparency in the context of the SEP licensing frameworks managed by Standard-Setting Organisations (SSOs). This lack of transparency has negative consequences. As noted in the European Commission’s Communication of 29 November 2017, several studies on important technologies demonstrate that, when strictly assessed, only between 10% and 50% of declared patents are really essential (see Régibeau et al., Transparency, Predictability, and Efficiency of SSO-based Standardization and SEP Licensing, A Report for the European Commission (2016), p. 62). Are there ways to improve access to reliable information on the scale of exposure to SEPs? Improved transparency would benefit the users of standards, especially small and medium-sized enterprises, that have little experience of licensing practices when they enter the relevant markets looking for connectivity.

          This concern over transparency is noted by the Expert Group in its report, which states that some SSOs’ declarations disclose little to no data in relation to specific SEPs. Other SSOs including the European Telecommunications Standards Institute (ETSI) are more demanding as they ask for detailed declarations – yet, such declarations are not updated regularly so as to show the public modifications within the SEP landscape. The life-cycle of patents and patent applications often sees changes to ownership (patentee) and property boundaries (scope). Applications may be refused; patent claims may be narrowed. Patents may be revoked for lack of novelty or inventive step, or simply expire. They could also be deprived of their essential nature if the relevant standards are amended or supplemented, potentially making existing declarations incorrect and unreliable. Moreover, generally this info, on ownership of patents and changes in scope, falls within the data managed not by SSOs but by the European Patent Office (EPO).

          [...]

          This proposal echoes a similar one recently put forward in the final report produced by a consortium including the Eindhoven University of Technology (TU/e) and the Technical University of Munich (TUM), and commissioned by the European Commission’s Joint Research Centre (JRC). That report, discussed in an earlier post, suggests to identify a supervisory body aimed at devising the assessment procedures and to bear responsibility for their quality and performance. More specifically, it recommends that assessment tasks be outsourced to already existing entities, particularly organisations and individuals who already perform analogous tasks, including patent offices and patent attorneys. An important role – that report reminded – should be played by the EPO and national patent offices in Europe, which are likely to be the most appropriate organisations to perform high quality essentiality checks, as they can rely on experts with enhanced skills and guarantee impartiality and objectivity.

          The Expert Group also suggests that costs for the essentiality checks are kept at a fair and equitable level. Likewise, procedures to appeal decisions on essentiality of approved SEPs should be fast and cheap. To adequately inform all stakeholders, some members of the Expert Group urge that approved SEPs, namely those SEPs which have been checked by independent assessors and confirmed as real SEPs, are included in SSOs’ databases. Also, incentives should be given to SEP owners to submit their declared SEPs for essentiality confirmation as rapidly as possible after the adoption of the standard.

        • Paper C 2021 blog will open after the end of the exam, 5 March 2021 16:15

          All candidates, as well as tutors who helped candidates prepare for EQE 2021, are invited to contribute to the discussions on our EQE blogs! You can post your comments in English, French or German. You are invited to post your comments under your real name, but it is also possible to use a nickname if you wish to hide your identify.

        • PTAB Sets Preliminary Motions in CVC v. ToolGen Interference

          On March 1st, the U.S. Patent and Trademark Office Patent Trial and Appeal Board (PTAB) issued its Order on the Preliminary Motions Lists submitted by Junior Party University of California/Berkeley, University of Vienna, and Emmanuelle Charpentier (collectively, "CVC") and Senior Party ToolGen Inc. in Interference No. 106,127. (Somewhat curiously, the Board did not issue an Order in Interference No. 106,126 between The Broad Institute, Harvard University, and the Massachusetts Institute of Technology (collectively, "Broad") and Senior Party Toolgen on similar interfering subject matter.)

          CVC had requested permission to file six proposed motions (one of which is Motion No. 6 under 37 C.F.R. ۤ 41.208(a)(4), which seeks judgment based on priority, which was routinely deferred to the Priority Phase of the interference).

        • Federal Circuit on TM Licensing: We’re going to Enforce the Terms

          Authentic makes branded apparel, and had a non-exclusive license from the US Army to make Army branded items. (Signed back in Aug 2010). One line of clothing was going to feature The Rock (Duane Johnson) with Army-Style clothing. (Seriously though, tie those shoes).

          The license included a requirement that any sale/distribution must first receive the Army’s “advance written approval” subject to the Army’s “sole and absolute discretion.”

          The Army refused an expansion of The Rock line of clothing; rejected other proposal; and also allegedly delayed in approving other initiatives. Eventually Authentic sued the Army for Breach in the Court of Federal Claims (CFC).

          [...]

          Who is the source of goods: One reason that the Army did not approve various advertisements was that the Army did not want to be recognized as the source of the licensed goods. Authentic argued that source identification is the key function of trademark law and is implicit in its license to use the Army mark “for trademark purposes.”

        • EPC changes regarding inventors [Ed: As if the EPC is still being followed; the EPO violates everything is importance in the EPC. Every day.]

          A minor change is being made to the EPC regarding inventors (Rule 19 EPC and 143 EPC); in particular, the changes concern the notifications of inventors relating to the provision and use of inventor addresses.

          The changes to Rule 19 EPC relate to paragraphs 3 and 4. From 01 April 2021, inventors will no longer be notified by the EPO that they have been designated as an inventor in a European patent application. In addition, since notifications will no longer be made, the requirement for inventor addresses to be provided is also being removed. Instead, a country and place of residence (for example, city and postal code if available) will be required.

        • EU Study Reveals Positive Links Between Intellectual Property Ownership and Economic Performance [Ed: More of that same old propaganda conflating the protectionism for the rich with the false correlation, alleging it's that protectionism that begets collective wealth (rather than concentration of capital)]

          “By effectively protecting their intellectual property, innovative companies can secure financing, grow, collaborate, and create value, but how does owning intellectual property rights impact a company’s performance?” That was the question guiding a recent study carried out by the European Union Intellectual Property Office (“EUIPO”) and the European Patent Office (“EPO”). In an effort to compare “the economic performance of firms that maintain intellectual property rights with those that do not,” the two IP bodies uncovered an interesting (although unsurprising) link between intellectual property rights and business performance.

        • Intellectual property rights – a key for stimulating economic growth [Ed: Repeating EPO lies. EPO, corrupted by litigation lobbies and run by crooks who rob the institution, wants us to think that because the rich guard their monopolies it's thus good for the economy]

          According to a recent study published by the European Intellectual Property Office (“EUIPO”), companies that own and protect their intellectual property rights (“IP”) generate 20% higher revenue per employee when compared to non-IP owning companies. The report further found that these firms (the ones with IP) pay on average 19% higher remuneration to their employees, and revenue per employee for IP owning companies average a staggering 55% higher.

        • Software Patents

          • KOL323 | World Crypto Network: Announcing the Open Crypto Alliance to Protect Bitcoin, Blockchain and Crypto

            Kinsella on Liberty Podcast, Episode 323. Jed Grant and I appeared on the World Crypto Network channel with host Thomas Hunt to discuss the looming patent threat to bitcoin.

          • Overview of the revised EPO Guidelines for Examination [Ed: Corrupt EPO make yet more illegal changes to open the gates to software patent in spite of the lack of legal approval (it's a rogue institution at this point)]

            There has been clarification concerning exclusions to user interfaces (G-II, 3.7.1): in particular, if technical considerations are involved to implement the linguistic model on a computer, such as those relating to the internal functioning of a computer, then a technical effect may arise.

            There has also been clarification concerning exclusions to data retrieval, forms and structures (G-II, 3.6.3): a data structure only contributes to technical character of the invention if it produces a technical effect and cognitive data does not contribute to producing a technical effect.

            There is a new section relating to database management systems and information retrieval (G-II, 3.6.4), which states that distinctions are made between executing structured queries by database management system, and information retrieval, and clarification regarding method steps defining additional devices (F-IV, 3.9.2). If not all features of the method claim are reflected in claims in other categories referring to said method, said claims in other categories have to be construed and examined separately, and if a step carried out by specific technical means cannot be carried out by generic data processing means an objection under Art. 84 EPC will normally be raised.

      • Trademarks

        • Twitter Opposes 'Tweet' Trademark Application For Bird Food Company

          Way back in the simpler time of 2010, Mike wrote up an interesting piece on Twitter's trademark enforcement policies and how it handles third parties that interact with Twitter using Twitter-related terms. In short, Twitter built a reputation for itself in freely licensing these terms for use by third parties, believing that tools that made Twitter more useful were good for the platform overall. It was a smart, productive way of looking at protecting trademarks so as not to lose them to genericide.

      • Copyrights

        • LiquidVPN Sued for Encouraging Piracy By Touting "Anonymous" Streaming

          Can a VPN provider be held liable when its users illegally stream films and TV series? What if that provider markets itself as a way to avoid "threats and jail time" for illegal viewing? Those are the issues posed to a Florida federal judge in a suit involving the piracy of films starring Amy Schumer, Gary Oldman and Woody Harrelson.

          Voltage Holdings, Millennium Funding and Hunter Killer productions on Thursday sued 1707 Management and its owner Charles Muszynski arguing they're liable for users' infringement of I Feel Pretty, Shock and Awe, Automata, Survivor, and Hunter Killer.

          The rights owners argue LiquidVPN, which they allege to be owned by Muszynski and 1707, is purposely friendly to copyright infringers — noting its practice of assigning anonymous IP addresses and marketing that touts how it makes piracy easier.

        • Yout v RIAA: Use of Technical Protection Measure Does Not Equal Abuse

          Last October the company behind YouTube-ripping platform 'Yout' sued the RIAA for sending "abusive" DMCA anti-circumvention notices to Google. The RIAA responded by insisting that YouTube's rolling cipher is indeed an "effective technological measure." Yout has now fired back, stating that mere 'use' of a protection measure cannot be extrapolated into a circumvention violation.

        • Movie Companies Sue VPN Provider for 'Encouraging' and 'Facilitating' Piracy (Updated)

          The makers of popular films including "Hunter Killer," "Automata," and “I Feel Pretty,” accuse LiquidVPN's former and current owner of promoting and facilitating piracy. In addition to damages, the companies want the defendants, who are linked to a hosting company, to close common BitTorrent ports, terminate repeat infringers, and block several pirate websites.



Recent Techrights' Posts

"Many Applications Labelled as "Cybersecurity" and Given a Veneer of Legitimacy Are Really "Weaponised" and Abusive Code"
New from Dr. Andy Farnell
Security Advisory: Debian falls for social engineering hacks
Reprinted with permission from Daniel Pocock
 
Plagiarism by Bots: Guardian Digital, Inc (linuxsecurity.com) Still Creates Fake Articles About "Linux"
100% fake
[Teaser] [Meme] New Ways to Impoverish Patent Examiners (Entrusted to Block Unjust Monopolies or Monopoly Applications)
Coming tomorrow!
Apple Tax funds: railways, defective concrete blocks in Ireland's North and West
Reprinted with permission from Daniel Pocock
Daniel Pocock, Nomination for Ireland, Dublin Bay South, General Election 2024
Reprinted with permission from Daniel Pocock
Links 08/11/2024: TikTok Bans and Clownflare Issues/Perils
Links for the day
Gemini Links 08/11/2024: RPS, O.D.I.N., and RSS in Yahoo News
Links for the day
Donald Trump as Censor in Chief Can Now Leverage Censorship Companies and Fake Protection Disguised as 'Security'
Centralised CAs were trouble all along
Technology: rights or responsibilities? - Part VI
By Dr. Andy Farnell
A Death of a News Industry
A theme we explored thrice today
Deciphering Centralised CAs and Why Their Demise Should be a Goal
Encryption in transmission is good; but who controls the key exchange and certification/authentication/validation?
Links 08/11/2024: Strikes, Recessions, and Slowdowns
Links for the day
[Teaster] [Meme] New Ways of Wrecking (NWoW)
The EPO
Gateway for News and Blogs
In the long run, this site and its sister site (less overlap between them now) should hopefully become a popular destination for people who look for information, not chaff
Going Even Faster
We hope the site will be faster soon
Psychopaths Who Reaffirm Our Work's Value
Psychopaths and sociopaths lack empathy, so they're willing to go very far and stoop as low as they deem necessary
[Meme] How Low Can You Go at the European Patent Office?
Not just in terms of patent quality
More Cuts/End to Benefits for EPO Workers (Europe's Working Conditions Incompatible With the European Patent Convention)
"The Office is now reviving it but plans to introduce new cuts on benefits"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 07, 2024
IRC logs for Thursday, November 07, 2024
Gemini Links 08/11/2024: US Election, RetroChallenge 2024, and More
Links for the day
[Meme] Questioning Proprietary Software? Not OK...
A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry
Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table
Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI
They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day
They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code
proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory
Time to get back to paper? Or read an old paper?
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More
Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding
Links for the day
[Meme] Election Day at the European Patent Office
Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today
In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out
many leaks received today
Today We Got an Early Birthday Gift
Exciting times
[Meme] Going Too Far to the Left Can Breed Militant Ideology
Some people can never be appeased because they prefer not to be appeased
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed
In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did)
Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
A President Trump is Excellent News to Microsoft
His racist policies gave lots of contracts to Microsoft
Who Next on the Linux Foundation's 'Kill List'?
Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
Links 07/11/2024: Facebook Scams, Journalists on Strike
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024
IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor"
"The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!
Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues
Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Would You Trust a Liar?
Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day