Mageia is a GNU/Linux distribution that is a community project begin life as Mandrake, which then became Mandriva, which then became Mageia. This is a rpm-based distro that uses a static release model and is known for stability.
OpenShot is one of those video editors that everyone tries at least once, and I feel like it should stay at only once. While it's not unusable you could get some work done with it, it has some serious limitations as a video editor that take all the fun out of making videos.
Hey peeps - some of you may have already noticed that in my public git tree, the "v5.12-rc1" tag has magically been renamed to "v5.12-rc1-dontuse". It's still the same object, it still says "v5.12-rc1" internally, and it is still is signed by me, but the user-visible name of the tag has changed.
The reason is fairly straightforward: this merge window, we had a very innocuous code cleanup and simplification that raised no red flags at all, but had a subtle and very nasty bug in it: swap files stopped working right. And they stopped working in a particularly bad way: the offset of the start of the swap file was lost.
Swapping still happened, but it happened to the wrong part of the filesystem, with the obvious catastrophic end results.
Now, the good news is even if you do use swap (and hey, that's nowhere near as common as it used to be), most people don't use a swap *file*, but a separate swap *partition*. And the bug in question really only happens for when you have a regular filesystem, and put a file on it as a swap.
And, as far as I know, all the normal distributions set things up with swap partitions, not files, because honestly, swapfiles tend to be slower and have various other complexity issues.
The bad news is that the reason we support swapfiles in the first place is that they do end up having some flexibility advantages, and so some people do use them for that reason. If so, do not use rc1. Thus the renaming of the tag.
Yes, this is very unfortunate, but it really wasn't a very obvious bug, and it didn't even show up in normal testing, exactly because swapfiles just aren't normal. So I'm not blaming the developers in question, and it also wasn't due to the odd timing of the merge window, it was just simply an unusually nasty bug that did get caught and is fixed in the current tree.
But I want everybody to be aware of because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call "double ungood".
Now, there's a couple of additional reasons for me writing this note other than just "don't run 5.12-rc1 if you use a swapfile". Because it's more than just "ok, we all know the merge window is when all the new scary code gets merged, and rc1 can be a bit scary and not work for everybody". Yes, rc1 tends to be buggier than later rc's, we are all used to that, but honestly, most of the time the bugs are much smaller annoyances than this time.
And in fact, most of our rc1 releases have been so solid over the years that people may have forgotten that "yeah, this is all the new code that can have nasty bugs in it".
One additional reason for this note is that I want to not just warn people to not run this if you have a swapfile - even if you are personally not impacted (like I am, and probably most people are - swap partitions all around) - I want to make sure that nobody starts new topic branches using that 5.12-rc1 tag. I know a few developers tend to go "Ok, rc1 is out, I got all my development work into this merge window, I will now fast-forward to rc1 and use that as a base for the next release". Don't do it this time. It may work perfectly well for you because you have the common partition setup, but it can end up being a horrible base for anybody else that might end up bisecting into that area.
And the *final* reason I want to just note this is a purely git process one: if you already pulled my git tree, you will have that "v5.12-rc1" tag, and the fact that it no longer exists in my public tree under that name changes nothing at all for you. Git is distributed, and me removing that tag and replacing it with another name doesn't magically remove it from other copies unless you have special mirroring code.
So if you have a kernel git tree (and I'm here assuming "origin" points to my trees), and you do
git fetch --tags origin
you _will_ now see the new "v5.12-rc1-dontuse" tag. But git won't remove the old v5.12-rc1 tag, because while git will see that it is not upstream, git will just assume that that simply means that it's your own local tag. Tags, unlike branch names, are a global namespace in git.
So you should additionally do a "git tag -d v5.12-rc1" to actually get rid of the original tag name.
Of course, having the old tag doesn't really do anything bad, so this git process thing is entirely up to you. As long as you don't _use_ v5.12-rc1 for anything, having the tag around won't really matter, and having both 'v5.12-rc1' _and_ 'v5.12-rc1-dontuse' doesn't hurt anything either, and seeing both is hopefully already sufficient warning of "let's not use that then".
Sorry for this mess, Linus
Linus Torvalds has sent out a note telling people not to install the recent 5.12-rc1 development kernel; this is especially true for anybody running with swap files. "But I want everybody to be aware of because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call 'double ungood'." Additionally, he is asking maintainers to not start branches from 5.12-rc1 to avoid future situations where people land in the buggy code while bisecting problems.
Linus Torvalds has now warned developers over using Linux 5.12-rc1 as a basis for their future branches and is looking to release 5.12-rc2 ahead of schedule as a result of that problematic file-system corruption bug stemming from a swap file bug.
KernelCI has been driving continuous integration for the Linux kernel with hundreds of commits every day since its creation in 2012 and as a Linux Foundation project since 2019. The platform has the ability to help you attempt to find and fix several problems, including regressions, build failures and merge conflicts from your patches with others.
Today, KernelCI is the most complete automated testing and continuous integration tool for the Linux kernel. It can test your code on many platforms performing automatic builds in kernel trees. Builds, tests information and more can be found on the KernelCI dashboard, that is, the main web interface used by the project.
Hector Martin, who has been working on the crowd-funded effort to bring Linux up on the Apple M1 SoC and the modern Apple devices using that in-house silicon, has sent out the third iteration of his kernel patches.
With the "v3" patches sent out today the focus remains on getting the Apple M1 SoC brought up under the Linux kernel with interrupt handling, SMP support, UART, a SimpleFB-based frame-buffer, and the DeviceTree needed for the Mac Mini and other new Macs using the M1 chip. There still is much work ahead to make the Apple M1 and the modern Macs usable on a day-to-day basis, especially if wanting accelerated graphics and making use of other capabilities of this complex ARM-based chip.
While it's 2021 and many modern Linux gaming and other workloads are focusing on the Vulkan API, Intel isn't letting up in their aggressive optimizations to their open-source "Iris" OpenGL Gallium3D driver for Linux systems. With the latest Mesa 21.1 code today there is a set of patches providing up to 17% better performance in some games while other OpenGL software is generally a few percent faster at least. In some micro-benchmarks it can be more than 50% faster.
Longtime Intel open-source Linux graphics driver developer Kenneth Graunke - who has also been the lead Iris Gallium3D developer over the past three years - merged his work on threaded context support.
While struggling with Pfizer second dose side effects yesterday, with little ability to do anything serious – so surreal to have a fever yet also certainty you’re not actually ill[1] – I thought I’d try building the branch of Emacs with native Wayland support, and try starting up Sway instead of i3. I recently upgraded my laptop to Debian bullseye, as I usually do at this stage of our pre-release freeze, and was wondering whether bullseye would be the release which would enable me to switch to Wayland.
Why might I want to do this? I don’t care about screen tearing and don’t have any fancy monitors with absurd numbers of pixels. Previously, I had been hoping to cling on to my X11 setup for as long as possible, and switch to Wayland only once things I want to use started working worse on X11, because all the developers of those things have stopped using X11. But then after upgrading to bullseye, I found I had to forward-port an old patch to xfce4-session to prevent it from resetting SSH_AUTH_SOCK to the wrong value, and I thought to myself, maybe I could cut out some of the layers here, and maybe it’ll be a bit less annoying. I have a pile of little scripts trying to glue together xfce4 and i3 to get all the functionality I need, but since there have been people who use their computers for similar purposes to me trying to make Sway useful for quite some time now, maybe there are more integrated solutions available.
I have also been getting tired of things which have only ever half-worked under X, like toggling autolock off when there isn’t fullscreen video playing (when I’m video conferencing on another device, I often want to prevent my laptop’s screen from locking, and it works most of the time, but sometimes still locks, sigh). I have a “normalise desktop” keybinding which tries to fix recurrent issues by doing things like restarting ibus, and it would be nice to drop something so hackish.
Filesystem/Volume encryption has become paramount to the masses in the IT industry due to the varying advantages it presents including protection of sensitive data, military-grade encryption standards, password keys to prevent unwanted access, and an encrypted file/drive only the encryption software can access among others.
Veracrypt is a cross-platform and open-sources on-the-fly encryption tool that was originally based on Truecrypt’s 7.1a codebase back in June 2013 but has since then matured greatly to become a singular encryption solution that is now dissimilar and incompatible with volumes encrypted with Truecrypt.
Veracrypt is essentially your go-to option for an encryption tool if you’re looking to replace Truecrypt.
VNC (Virtual Network Computing) allowed to remotely control desktop systems. We can say VNC is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB). There are multiple software services provides VNC service to access Linux based desktop remotely including, TigerVNC, TightVNC, Vino, vnc4server and more.
The TigerVNC is a free, open-source and high-performance VNC server used to control or access Linux based desktop remotely. It is a client/server application that allows you to interact with graphical applications on remote machines.
This tutorial help you to how to install and configure VNC server on Debian 10 Buster Linux system using the TigerVNC server.
In this quick guide, you will see, how to enable the 2-Factor authentication on Ubuntu. This guide can also be used on its derivatives.
Before going straight, let’s see what is 2-Factor authentication?
Simply put, it’s an extra layer of protection that you can be put on things that have passwords so that you are required to provide a time-based token for authentication addition to the password.
Now, let’s set it up on Ubuntu.
Linux Mint is a fantastic Ubuntu-based Linux distribution that aims to make it easy for newbies to experience Linux by minimizing the learning curve.
Not just limited to being one of the best beginner-friendly Linux distros, it also does a few things better than Ubuntu. Of course, if you’re using Linux Mint like I do, you’re probably already aware of it.
We have many beginner-focused Mint tutorials on It’s FOSS. Recently some readers requested help with Nvidia drivers with Linux Mint and hence I came up with this article.
I have tried to mention different methods with a bit of explaining what’s going on and what you are doing in these steps.
The most widely used Linux distributions, for example, Debian, Ubuntu, RedHat, Fedora, and many more, have a packaging system for distribution software. Binaries and configuration files of software are bundled in a package, which is nothing but an archive file, from which the package managers install the software.
However, advanced Linux users, developers, and those who are more on the geeky side of things often install software directly from the source code; i.e., manual compilation and installation.
As almost all software in GNU/Linux systems is free and open-source software, the source code is publicly available, usually in a version control system repository or even in the standard repositories in some distributions.
To prevent confusion and ambiguity, this document repeatedly and redundantly describes each element as being either on the host or the VM guest. The host is the physical computer (metal computer) on which the VM guest is run. The VM guest is a Virtual Machine running on the host. The downfall of most online Qemu documentation is they rarely make this distinction, which can confuse the daylights out of someone not already knowing Virtual Machine technology extremely well.
The examples in this document use a physical host that is running Void Linux. The VM guest runs Devuan Linux. This document's examples all use a LAN using the 192.168.0.0/24 network (subnet, actually), with a physical cable modem connection to the Internet at 192.168.0.1, the host at 192.168.0.2, a printer with HTML interface at 192.168.0.13, and a different Linux computer at 192.168.0.97. These four machines are all physical. On the LAN, the default route is the cable modem at 192.168.0.1, which also serves as a DHCP server, firewall, and router.
A LAN-peer is a VM guest that can interact with all the computers and devices on the host's LAN. Also, all the computers and devices on that LAN can interact with the VM guest. A LAN-peer VM guest is, from a networking standpoint, exactly like a physical computer on the LAN.
If parts of this document seem redundant and excessive, I've done this so that there's absolutely no confusion for anybody, regardless of their Virtual Machine or Qemu knowledge.
My current two laptops running Gentoo Linux (both with OpenRC, elogind, eudev and wpa_supplicant) use NetworkManager rather than Netifrc. (Actually, my desktop machines also use NetworkManager even though they are always connected to the same network.) NetworkManager has worked with wired and wireless networking on these laptops without any issues for over five years now. This post summarises how it is installed and configured.
When you run Debian 10, the IPv6 network connections are enabled by default. But, in most situations, you need to disable the default setting of IPV6. However, we will give you a complete demo on how to disable the IPV6 interface on Debian 10 system.
To execute all commands, you must have the privileges to run the system administrative commands.
As developers, we are no strangers to managing and saving various copies of code before joining it to the main code.
Let’s discuss a better and efficient way to manage various code versions and merge them with the main code after testing.
Developed by Sun Microsystems in 1984, NFS or Network File Shares is a file system protocol used for accessing files over a network similar to a local storage device.
NFS Shares are powerful and popular as they allow users to share files and directories over a local network and the internet. However, it is better to limit NFS shares to local and trusted networks as files don’t get encrypted on the machines. However, the problem was addressed and fixed on a recent version of the NFS protocol. You may need to set up complex authentication methods such as Kerberos.
OpenVPN is a free and open-source VPN application that allows you to encrypt and send your network data via secure tunnels from one device to another not located on the same network. OpenVPN uses OpenSSL to encrypt network traffic to and from your devices.
Once connected to an OpenVPN server, your network traffic gets routed through the server, keeping your data secure. In turn, this helps protect you from network attacks, especially when connected to public networks.
Penetration testers and Black Hat hackers value discretion and anonymity above all else. A distribution such as Kali Linux, a tool preferred by is Security Researchers and Penetration testers, may not provide these all the time, especially in public locations where running code and having multiple terminals open can easily call unnecessary attention to yourself.
Offensive Security took note of this and included a mode known called undercover mode in Kali Linux 2019.4.
Welcome to this concise article discussing how to install Linux headers on Kali Linux.
Linux header files are used in interface definition between various components of the kernel. They are also used to define interfaces between the kernel and userspace. A typical case where Linux headers are required is running a Hypervisor because the tools require modules that interact with the kernel.
By default, Kali Linux does not ship with Linux headers installed; you will have to do it manually.
OpenVAS or Open Vulnerability Assessment System is a Pen-testing framework whose collection of tools allow you to scan and test systems for known vulnerabilities. OpenVAS uses a database containing a collection of known exploits and vulnerabilities.
WireGuard is a simple and fast open-source VPN tunneling service built with high-end cryptographic technologies. It is very easy to set up and use, and many consider it better than OpenVPN or IPSec. WireGuard is also cross-platform and supports embedded devices.
WireGuard works by setting up virtual network interfaces such as wlan0 or eth0 that can be managed and controlled like normal network interfaces, helping configure and manage the WireGuard easily using net-tools and other network managing tools.
This guide will show you how to set up a WireGuard client and server on a Kali Linux system.
Let us start by installing WireGuard on the system.
PartedMagic is a Linux distribution used for partitioning, data recovery, and other data-related forensics operations. It mainly comes packaged as an ISO tool you can burn to a CD/DVD or USB flash drive and booted live without installing it. Its primary use is on GNU Gparted and PartitionMagic packages, although PartedMagic is a commercial Software. It’s essential for data.
This tutorial will walk you through PartedMagic operations like creating bootable media, booting up, partitioning, data recovery, etc.
Synology has official support for virtualization on its NAS products. You can create and run Windows or Linux virtual machines on your Synology NAS really well and turn your Synology NAS into a software development environment. To run virtual machines on your Synology NAS, you need to have at least 8 GB or 16 GB (or more) memory installed, depending on your requirements. Then, you can install and use the official Virtual Machine Manager app to create and manage your virtual machines from the Synology Web GUI.
In this article, I will show you how to set up virtualization on your Synology NAS and create a Windows 10 and an Ubuntu 20.04 LTS virtual machine on your Synology NAS. I will be using the Synology NAS model DS1821+ for the demonstrations. So, let’s get started!
PCloud is a cloud service offering 10BG free storage space for saving personal files on a secure cloud. It is available for Linux and other operating systems. pCloud also puts privacy first using its advanced encryption technology. Further, the pCloud storage drive is accessible via a desktop client in Linux or via your web browser.
This guide will go through installing pCloud, opening your pCloud Drive, and adding pCloud Drive to startup on your Linux Manjaro distribution.
Apache Solr [1] is a search engine framework written in Java and based on the Lucene search library [6]. In the previous article, we set up Apache Solr on the soon-to-be-released Debian GNU/Linux 11, initiated a single data core, uploaded example data, and demonstrated how to do a basic search within the data set using a simple query. This is a follow-up article to the previous one. We will cover how to refine the query, formulate more complex search criteria with different parameters, and understand the Apache Solr query page’s different web forms. Also, we will discuss how to post-process the search result using different output formats such as XML, CSV, and JSON.
Enlightenment is a desktop environment like GNOME, KDE, MATE, Cinnamon, and others. The first release appeared in early 1997. It is a graphical desktop environment maintained by the Enlightenment project. It has a typical UNIX/X11-based desktop style. It has a rather elegant desktop interface and a different central philosophy of design.
Enlightenment desktop can manage windows and files. It can do compositing. It can also start applications as well as handle UI and manipulate system settings. In fact, Enlightenment was the first Window Manager to bring themes into the X11 window system.
Enlightenment is in existence before GNOME and is hardly younger than KDE. Its first release was version 0.1 in the first part of 1997. Initially, it was launched as a simple window manager. Despite the limited capability of computers to handle a user interface’s complex functionality, it proved to be very flexible in terms of behavior and visuals features.
Enlightenment has too many features along with too much flexibility. One can configure it to be a simple GUI desktop or make it more dazzling with various activity options.
The human eyes can filter the ultraviolet and many other harmful radiations of the sun. However, the eyes cannot filter the blue light. The excessiveness of blue light puts the strain on the eyes. Moreover, blue light passes the signal to the mind that it is daytime even if you are using blue light in the nighttime. Overall, blue light is harmful to humans because it interrupts the regular sleep-wake system, which ultimately damages our immune system.
Filtering the blue light is a very important activity to perform on your system. Redshift is free and open-source software that automatically adjusts the color of the screen based on temperature, your current location, and daytime.
In this article, we will learn to install Redshift on Linux Mint for enabling the blue light filter.
We are using Linux Mint 20 for executing the commands and preparing this guide. Redshift can be installed on Linux Mint from the Software Manager and Linux Mint 20 standard repositories.
Using the easy-to-follow steps provided in this guide, you can set up a Kali Linux mirror that can host Kali’s main repositories and images. A Kali Linux mirror is handy. Let us get started.
In the modern age, websites are the building blocks of information. From enterprise, eCommerce, social websites to simple blogs, websites allow people to share ideas and thoughts. This tutorial will show you how you can set up a simple blog using a static site generator that is very fast and easy to use.
Even though it’s customized explicitly for penetration testing, Kali Linux is a flexible and highly customizable Linux distro. It allows you to customize things like the Desktop environment, packages, and even the kernel as long as you know what you are doing,
Let’s discuss how we can modify installed packages and rebuild them from the source.
Fdupes is a command line tool that allows you to find all duplicate files through the console. The advantage over using graphical tools like fslint is of course the speed. At the end of the day, there is nothing faster and more convenient than the Linux console.
Why should we look for duplicate files in Linux?
No matter what operating system you use sooner or later, your computer will contain many files of different sizes, and if you’re not careful enough, repeating them can cost you disk space that you need. For example, you inadvertently downloaded the same ultra HD movie with 40 giga bytes twice.
Moodle is a free and open-source Learning Management System written in PHP. It provides a way for tutors and instructors to create courses for their students or learners. Moodle provides a robust and secure integrated system and comes with a custom dashboard that helps users to access current, past or future courses, as well as review pending work. It is used by many schools, universities, and organizations across the globe and provides a better learning experience. It provides a rich set of features including, wiki, grading, assignment submission, online quizzes, discussion boards, and more.
In this tutorial, we will show you how to install Moodle with Nginx web server and Let's Encrypt SSL on Ubuntu 20.04.
WordOps is a simple tool that provides the ability to deploy WordPress sites from the command line using an optimized LEMP stack.
The LEMP software stack consists of a group of software that describes a Linux Operating System, an Nginx web server (pronounced engine-x), a MySQL database with the dynamic processing being handled by PHP. LEMP is an acronym for Linux, Engine-x (Nginx), MySQL and PHP.
WordOps simplifies so much of the process of installing and configuring all the packages from the LEMP stack needed to deploy a site while taking care of creating virtual hosts in Nginx, installing WordPress, and even gets you a SSL certificate.
It also installs some components that allow you to see statistics about the server’s workload.
In this tutorial we’ll use WordOps to quickly and easily install WordPress on an Ubuntu 20.04 machine, and we’ll check out and explain some of the extra features that WordOps offers.
When you’re doing research on a topic, it’s vital to ensure your sources are up to date. If you’re writing an academic paper, dates of publication are often required in the citations.
The majority of the time, getting the date is easy: simply look on the site and find the published date to find how recent it was. Things get a little more complicated when there is no date listed on the webpage. When this happens, how do you know when a webpage was published?
Today we are looking at how to install Wireshark 3.4.3 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
I’ve missed the good old days of configuring and setting up good quality switching hardware (like the big, huge Cisco switches and routers I used to experiment on with their IOS command line interface). I recently ordered this newer, smaller Cisco switch which can also provide power to a new “prosumer” WiFi AP (no power cables needed).
When building a container for a single-page application using any modern JavaScript framework (such as Angular, React, or Vue.js), you might find that the configuration settings are different depending on where the container will run. A typical case would be the base URL for your API, which will differ depending on whether you are testing the application or deploying it into production. Developers usually solve this problem using environment variables.
Environment variables typically work on the backend because that is where code runs. But what if your application lives in the user’s browser? There are many ways around this limitation. In some cases, you might build a server whose endpoint holds the necessary parameters. Another workaround is to use PHP to inject the environment variables as globals in the JavaScript code. Both of these options work, but it would be ideal to inject the environment variables as part of the container build process. That way, you don’t have to change the codebase, and you can still deliver the application content using a static web server like NGINX.
This article shows you how to inject environment variables directly into your codebase as you build your container.
TL;DR During an internal container-based Red Team engagement, the Docker default container spontaneously and silently changed cgroups overnight, which allowed us to escalate privileges and gain...
Welcome to the fourth developer interview following the introduction of the Godot Showcase page! This week, we are interviewing the studio Fat Gem about their first game Primal Light.
Valve's Dota themed card game Artifact has now well and truly failed, as they've now stopped the 2.0 redevelopment which is now named Artifact Foundry with the original as Artifact Classic and both now free to play.
In a post titled "The Future of Artifact", Valve mentioned how the player count fell off dramatically and it was pretty much dead shortly after being released. Even though the big 2.0 revamp was far along in development, they've now formally and totally shelved it as they "haven't managed to get the active player numbers to a level that justifies further development at this time".
Loop Hero, probably the only titles I've pre-ordered in the last few years is officially out now and I really will need some help to pull myself away from running just one more loop.
It's such a strange and beautifully intoxicating mix of genres. For each loop through you're placed into a world full of nothing but a path and it's up to you to build up the world each time. You do this through your deck of cards, while the hero automatically loops around the path and fights enemies along the way without your input. Even though you don't have direct control, there's quite a lot of strategy involved in it.
Urtuk: The Desolation from David Kaleta presents you with a dark world in a low-fantasy settings where you guide a team of survivors through a ruined world. Note: key provided by the developer.
Hitting nearly one thousand user reviews and a Very Positive rating on Steam overall, Urtuk: The Desolation seems to have managed to hit a sweet spot. Giving you tough turn-based combat, with a character progression system that sees you extracting skills and traits from fallen enemies. It's a bit of a gross world and the main character, Urtuk, is an escaped subject of experimentation with a severe mutation and worsening health. The idea is to eventually find a cure but getting there will be tough.
KDE Plasma Applications have been updated to 20.12.3. This is a minor bug fix update from the KDE developers. These packages will appear as an update in your Synaptic Package Manager if you are using the KDE Plasma Desktop.
This release includes three new modules,
- krecorder - qmlkonsole - kirigami-addons
kirigami-addons is released as a unstable module and does not provide any API or ABI gurantees in this release...
It is no secret that everyone looks for a secure operating system that offers top-notch privacy. If you are using a system that is not secure enough, anyone can access your system and exploit your data, such as photos, videos, files, and sensitive financial information. Linux systems offer fantastic privacy and security as compared to other OS, like Windows or Mac. So, it is best to go for a Linux system for better security. But, there is an extensive list of secure Linux distros, and it can be difficult to choose one.
When setting up a new server, a major concern that users may have is which OS to use. Many choices come into mind when it comes to the operating system to use, so selecting just one OS can be a tough choice. It is necessary for a user to compare different server types to select one that fits his or her requirements. In this article, we will compare and contrast Debian and Ubuntu servers.
Debian and Ubuntu servers are considered quite similar in many respects. Let us dig deep into a comparison of the two servers...
In recent years, Ubuntu has become the default operating system of personal and professional users alike. Due to the popularity of the Ubuntu distribution, many Ubuntu-based Linux distros are now available on the Internet, each developed to fulfill special needs. In fact, there are so many unique Ubuntu distributions that it is impossible to count an exact number.
One major reason behind the popularity of Ubuntu-based distros is that these distributions are easy to work with even for novice users. Ubuntu is also backed by a large community of open-source developers who actively work to keep Ubuntu up-to-date and bug-free.
This machine uses the same CPU than the Yeeloong, a Loongson 2F which is a single-core MIPS-III 64-bit processor running at 800/900 MHz.
As hinted in my previous article, contrarily to the Yeeloong, the Fuloong is less strict with the type of RAM it accepts, and my device is happily running with a Kingston 2GB DDR2 SO-DIMM module (ASU256X64D2S800C6), replacing the original 512MB module.
Today we are looking at Linux Lite 5.4 RC1. It comes with Linux Kernel 5.4, XFCE 4.14, based on Ubuntu 20.04, and uses about 400MB of ram when idling. Enjoy!
In this video, we are looking at Linux Lite 5.4 RC1.
Mageia 8 was released not long ago and I installed it as soon as it was out. However, I took a week to work with it and see how it plays with the other distros in my laptop.
I have a multi-boot system in which I always keep 4+ distros. Before this new install, I had PCLinuxOS, OpenMandriva Lx 4.2 (my latest install), Elive 3, MX Linux (Patio Feo), and Mageia 7. I logically wanted to upgrade Mageia 7 to 8.
Historically, this set up has meant several grub 2- related headaches: if I installed OpenMandriva after Mageia, Mageia would boot very slowly. If, on the other hand, Mageia controlled the grub post installation, OpenMandriva would get a kernel panic. As I lack technical knowledge, I could never fix those problems myself.
This time, I passed on the live version and decided to install the complete release, which I nostalgically call the PowerPack. If I recall correctly, one cannot upgrade from a live version, so I chose "install" instead of "upgrade," which wipes out the root partition. Still, I kept /home intact. With this distro image, the install takes more time, but it was not bad. A plus is that the process has remained pretty much consistent all these years and this makes the installation a familiar path.
When everything was done, I rebooted and Mageia 8 took over grub control. I booted this new release and all was working great: internet connection, desktop effects, sound, and screen edges. My personal settings were preserved, so I installed my preferred programs and the system was ready. Even Steam games were kept and working.
As you may have noticed, the ABF build system has moved to a new server and is now fully operational.
What you probably have not noticed is that it is now running on an ARM (aarch64) server.
When looking for a new host, we decided to go with the aarch64 option - aarch64 support in OpenMandriva 4.2 is stable, the workloads on abf are perfect for a heavily multithreaded system, and reducing power consumption definitely can't hurt.
The trend toward deploying security as part of the DevOps process has been shifting left the security and compliance processes. The DevSecOps practices have introduced processes to inspect application-code, Docker, and Kubernetes. These practices have allowed teams to detect and fix security issues faster and provide high-quality and compliant code.
Still, many admins of Cloud accounts are securing account configuration by configuring an account via a UI, running a configuration assessment scan, and then fixing any issues found. While this might lead eventually to a securely configured account, they are essentially experimenting with an account until it becomes secure.
Today, we’re pleased to announce the general availability of Red Hat Advanced Cluster Management for Kubernetes 2.2, which delivers even greater integration and customization to how enterprises manage cloud-native workloads and environments. This latest release simplifies and streamlines operations and captures additional performance metrics to ensure optimization of Red Hat OpenShift clusters.
Introduced in the summer of 2020, Advanced Cluster Management for Kubernetes enables organizations to manage multiple Kubernetes clusters and automate multi-cluster application deployments across the hybrid cloud. As the industry’s leading enterprise Kubernetes platform, Red Hat OpenShift is a crucial component in how organizations build a more agile hybrid cloud, and Advanced Cluster Management for Kubernetes helps these enterprises get the most out of these deployments by extending and scaling Red Hat OpenShift clusters.
Medical research surrounding COVID-19 isn't over though, as scientists still have plenty of work to do. Olek Wojnar, a developer of the Linux-based Debian operating system, has been working to help these scientists by packaging some software for easy installation on Linux. One of those packages was Google's build software Bazel. Upon finding out about Wojnar's efforts, Google offered to help with the process.
"The Bazel team jumped in to help Olek and the COVID-19 research community. Yun Peng, Software Engineer at Google with Olek Wojnar led the team of Bazel and Debian volunteers to move the project forward. The joint effort between Debian and Google has produced some great results, including packaging the Bazel bootstrap variant in 6 months time (Debian 11 -- released in Late 2021; Ubuntu 21.04 -- 22 April 2021)," explains Google.
The search giant further says, "Bazel is now available as an easy to install package distributed on Debian and Ubuntu. The extended Google team continues to work with Debian towards the next step of packaging and distributing Tensorflow on Debian and other Linux distributions."
When the PinePhone began shipping to early adopters, it had all the hardware you’d expect from a smartphone, but it lacked the software needed to make some of that hardware work. If you were one of the first people to get your hands on a PinePhone, you had a Linux-friendly phone with a camera that couldn’t be used to take pictures or record video.
But over time kernel and app developers got the phone’s front and rear cameras working, and now most Linux distributions for the PinePhone allow you to take pictures (of mediocre quality).
One thing you couldn’t do until recently though? Video calls. But now it looks like that’s possible too… soft of. The process looks rather painful at the moment, but it should get better over time.
Congatec announced a “Conga-SMX8-Plus” SMARC 2.1 module with dual GbE support that runs Linux on an i.MX8M Plus. The company also offered new details on a COM-HPC starter kit for its Tiger Lake based Conga-HPC/cTLU module.
Congatec unveiled a Conga-SMX8-Plus SMARC 2.1 module with an NPU-equipped NXP i.MX8M Plus. As part of its virtual Embedded World roll-out, the company also added some new details on a COM-HPC starter kit for its 11th Gen Conga-HPC/cTLU module that was previewed back in November (see farther below). Finally, Congatec re-announced a COM Express Type 6 Conga-TCV2 module featuring with AMD’s Ryzen Embedded V2000 that we covered in November.
[...]
The Conga-SMX8-Plus runs standard Linux, Yocto Project Linux, or Android with U-Boot on the quad-core Plus model with NPU.
The Librem 5 is designed for longevity with software updates for life, but part of longevity is also being able to repair a device outside of warranty. We plan to stock replacement parts in our shop in case you need to replace your modem, camera, or even the main PCB.
Disassembling your Librem 5 may risk damaging it. Any damage from disassembly is not covered in your warranty. If your Librem 5 is under warranty, please contact support first before you attempt this process.
I am quite happy with the Raspberry “tower” I bought for keeping my Raspberries organized. Clustering them? No, not by a long shot. I just want to quickly know where they all are, and at a glance, be able to know which one I will work with. Bottom drawer has a RPi1B, second one has a RPi2, next comes a 3B+, and the top two ones are RPi4 (4 and 8GB). That allows me for quick testing of stuff. Yes, I am tempted to get the top one out of the array and use it in “production”… but as it stands, that’s the layout.
[...]
…As a service to clumsy computer repairers such as myself, the standard specifies pin 20 is not to carry any signals, and the drive headers are to ship it cut (Key, pin missing), so that –together with the notch on the outer part of the bracket– inserting the cable upside down is physically impossible.
So no, I’m not able to finish the project with pieces at hand. I even went to two nearby electronic shops yesterday when I took my dog out for a walk, and could not find it there either… So I ended up buying what appears to be a sweet, cheap product covering my needs from our corporate capitalist overlords.
Regarding the software, the mini-computer comes with a preinstalled OS Lubuntu 18.04.5 LTS and ready-to-go Docker containers for EdgeAI devices and ROS nodes. For new users, the company has provided easy-to-use inference code examples.
Liquid distribution is calculated with the help of a Python script that takes a 24Ãâ16 pixel image as input and assigns each pixel an RGB value. The “printing” is handled by the common RepRap configuration of an Arduino Mega and a RAMPS 1.4 shield, plus a PCA9685 expander chip. The X, Y, and Z axes move via stepper motors and rails, while color mixing is accomplished using five servo-actuated valves. A stepper-driven peristaltic pump is employed for liquid placement, producing low-resolution yet no less beautiful art.
Raspberry Pi may have all the connectors you need to build a computer, but it’s still just a board. To complete your setup, you need all the other accessories like a keyboard, mouse, and monitor, which may already be lying around your home. Setting up your Raspberry Pi as a desktop is quite simple; after connecting all the accessories to your Raspberry Pi board and loading the operating system to the microSD card, you can start using your Raspberry Pi computer. But if you want to cut all the wires and build a portable laptop from the tiny Raspberry Pi board, it would require a totally different setup.
Laptops have great advantages when it comes to convenience and portability. That’s why hardcore and creative DIY enthusiasts took the challenge of turning the Raspberry Pi into a laptop. Computer manufacturers like Kano have already marketed laptops with a Raspberry Pi board at its core. Other laptops built from Raspberry Pi like CrowPi, Pi-top 3, and Lap-Pi are also on par with mainstream Chromeboxes and netbooks when it comes to performance and price.
[...]
Years ago, the Raspberry Pi Foundation impressed the computer industry when it released a computer board as small as a credit card. Yes, that small-sized board can hold all the basic components of a computer – CPU, GPU, RAM, USB ports, HDMI port, Ethernet port, and even a space for a 40-pin GPIO header. Not to mention that some models are also wireless capable. The wafer-thin microSD card you’re already familiar with withholds the operating system, normally Linux, and also serves as the hard drive. Many people are accustomed to Raspberry Pi as a desktop computer but do you know that you can turn it into a laptop too?
CircuitPython, Adafruit’s enhanced fork of the MicroPython language, runs on nearly 200 different microcontroller boards, including the Raspberry Pi Pico, and it could soon become an operating system for regular (non-Pico) Raspberry Pis. While appearing as a guest on the Tom’s Hardware Pi Cast this week, CircuitPython Programming Lead Scott Shawcroft told us that he wants to create a version of the language that single-board computers like the Raspberry Pi Zero, Pi 4 and Pi 400 can boot straight into, without the overhead of a full operating system.
hipSYCL, the innovative implementation of Khronos' SYCL for targeting CPUs and GPUs by integrating with existing toolchains, is seeing work on supporting Intel oneAPI Level Zero for running directly off Intel graphics hardware.
The open-source hipSYCL project already supports SYCL CPU-based execution via OpenMP, targeting NVIDIA GPUs using CUDA, and targeting AMD Radeon graphics using HIP/ROCm. Now with a new work-in-progress back-end is support for Intel graphics using Level Zero. The hipSYCL project is one of several SYCL implementations aiming to support various CPUs and GPUs/accelerators while so far it's been one of the most diverse. The hipSYCL project supports most of SYCL 2020 at present.
Welcome, March! We've had a great week within the Apache community.
On March 15th 2021, Google is going to block non-Google chromium-based browsers from accessing certain “private Google Chrome web services” by unilaterally revoking agreements made with 3rd parties in the past. Meaning, every Chromium based product not officially distributed by Google will be limited to the use of only a few public Google Chrome web services. The most important service that remains open is “safe browsing”. The safe browsing feature identifies unsafe websites across the Internet and notifies browser users about the potential harm such websites can cause.
The most prominent feature which will be blocked after March 15th is the “Chrome Sync”. This Chrome Sync capability in Chromium based browsers allows you to login to Google’s Sync cloud servers and save your passwords, browsing history and bookmarks/favorites to your personal encrypted cloud vault inside Google’s infrastructure. Extremely convenient for people who access the Internet using multiple devices (like me: Chrome on a few Windows desktops, Chromium on several Slackware desktops and laptop and Chrome Mobile on my Android smartphone) and who want a unified user experience in Chrome/chromium across all these platforms.
For more than a decade, Chrome has shipped a new milestone every 6 weeks, delivering security, stability, speed and simplicity to our users and the web. As we have improved our testing and release processes for Chrome, and deployed bi-weekly security updates to improve our patch gap, it became clear that we could shorten our release cycle and deliver new features more quickly. Because of this, we are excited to announce that Chrome is planning to move to releasing a new milestone every 4 weeks, starting with Chrome 94 in Q3 of 2021. Additionally, we will add a new Extended Stable option, with milestone updates every 8 weeks. Extended Stable will be available to enterprise administrators and Chromium embedders who need additional time to manage updates. Security updates on Extended Stable will be released every two weeks to fix important issues, but those updates won’t contain new features or all security fixes that the 4 week option will receive.
Google has been delivering new Chrome milestone releases on a six week cycle for more than one decade while moving ahead they are shifting to a four-week cycle.
It was at the end of 2019 that Mozilla began shifting Firefox to a 4-week cycle and starting later this year Chrome will be doing the same.
A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.
Google has fixed a high-severity vulnerability in its Chrome browser and is warning Chrome users that an exploit exists in the wild for the flaw.
The vulnerability is one of 47 security fixes that the tech giant rolled out on Tuesday in Chrome 89.0.4389.72, including patches for eight high-severity flaws.
This paper proposes an open and collaborative system by which a community, or a single user, can create sets of rules and filters,called Goggles, to define the space which a search engine can pull results from. Instead of a single ranking algorithm, we could have as many as needed, overcoming the biases that a single actor (the search engine) embeds into the results. Transparency and openness, all desirable qualities, will become accessible through the deep re-ranking capabilities Goggles would enable. Such system would be made possible by the availability of a host search engine, providing the index and infrastructure, which are unlikely to be replicated without major development and infrastructure costs. Besides the system proposal and the definition of the Goggle language, we also provide an extensive evaluation of the performance to demonstrate the feasibility of the approach. Last but not the least, we commit the upcoming Brave search engine to this effort and encourage other xsearch engine providers to join the proposal.
The FOSDEM conference in Brussels has become a bit of a ritual for me. Ever since 2002, there has only been a single year of the conference that I missed, and any time I was there, I did take part in the Mozilla devroom - most years also with a talk, as you can see on my slides page.
This year, things were a bit different as for obvious reasons the conference couldn't bring together thousands of developers in Brussels but almost a month ago, in its usual spot, the conference took place in a virtual setting instead. The team did an incredibly good job of hosting this huge conference in a setting completely run on Free and Open Source Software, backed by Matrix (as explained in a great talk by Matthew Hodgson) and Jitsi (see talk by Saúl Ibarra Corretgé).
WebAssembly, also called Wasm, is a Web-optimized code format and API (Application Programming Interface) that can greatly improve the performances and capabilities of websites. Version 1.0 of WebAssembly, was released in 2017, and became an official W3C standard in 2019.
The standard is actively supported by all major browser suppliers, for obvious reasons: the official list of “inside the browser” use cases mentions, among other things, video editing, 3D games, virtual and augmented reality, p2p services, and scientific simulations. Besides making browsers much more powerful than JavaScript could, this standard may even extend the lifespan of websites: for example, it is WebAssembly that powers the continued support of Flash animations and games at the Internet Archive.
WebAssembly isn’t just for browsers though; it is currently being used in mobile and edge based environments with such products as Cloudflare Workers.
[...]
There are more and more programming language communities that are supporting compiling to Wasm directly, we recommend looking at the introductory guides from webassembly.org as a starting point depending what language you work with. Note that not all programming languages have the same level of Wasm support, so your mileage may vary.
MySQL Database Infrastructure is indeed a completely managed database service to build cloud-native apps. There are different cases where we perform different queries or commands to alter the database. Depending on the case, the ALTER expression is often included for the ‘ADD’, ‘Delete/DROP’ and ‘MODIFY’ commands. This tutorial guide will learn precisely how to remove a column from an existing table utilizing the MySQL DROP COLUMN clause.
Redundant data can be kept in the table by the database program, influencing the database’s output in MySQL. Data replication, though, happens for different purposes, and it is an important job to identify the duplicate values in the table when dealing with a MySQL database. Broadly speaking, it is smart to use clear restrictions on a table often to store information that prevents redundant rows. Sometimes, in a MySQL database, you might like to calculate the number of repeated values. We addressed this question in this topic, in which you will learn about how to locate duplicate values through different ways and how to count duplicate values.
To get started, you must have MySQL installed on your system with its utilities: MySQL workbench and command-line client shell. After that, you should have some data or values in your database tables as duplicates. Let’s explore this with some examples. First of all, open your command-line client shell from your desktop taskbar and type your MySQL password upon asked.
Open-source relational database startup Yugabyte Inc. said today it has raised $48 million in new funding to accelerate the launch of its fully managed Yugabyte Cloud offering.
The Series C round was led by Lightspeed Venture Partners and included Greenspring Associates, Dell Technologies Capital, Wipro Ventures and 8VC. Including the new funding, Yugabyte has raised $103 million to date.
LibreOffice has all the productivity features you'd want from an office software suite, making it a popular open source alternative to Microsoft Office or Google Suite. One of LibreOffice's powers is the ability to operate from the command line. For example, Seth Kenlon recently explained how he uses a global command-line option to convert multiple files from DOCX to EPUB with LibreOffice. His article inspired me to share some other LibreOffice command-line tips and tricks.
Before we look at some hidden features of LibreOffice commands, you need to understand how to use options with applications. Not all applications accept options (aside from the basics like the --help option, which works in most Linux applications).
RPMs of PHP version 8.0.3 are available in remi-php80 repository for Fedora 31-33 and Enterprise Linux (RHEL, CentOS).
RPMs of PHP version 7.4.16 are available in remi repository for Fedora 32-33 and remi-php74 repository for Fedora 31 and Enterprise Linux (RHEL, CentOS).
The Deno project has released version 1.8, including experimental support for the WebGPU API enabling "out-of-the-box GPU accelerated machine learning."
[...]
There is also a new language server, used to support smart features in code editors, that works with both Visual Studio Code and other editors. The TypeScript version in Deno 1.8 has been upgraded to the latest 4.2.
Apology for the delay in monthly report, usually I get it released on first day of the month.
Last month was the shortest month of the year as you all know, so getting things done became relatively harder.
What is in store this time?
Well, there were two things that took away all the attentions.
Django framework can be used to create a web application with a database by writing script in models.py and views.py files of the Django app. The data can be inserted into the database tables by using Django Administration Dashboard or by writing a script in the views.py file. Django Administration Dashboard requires a login for an authenticated user to access the tables of the database. Single or multiple records can be inserted into the database tables by writing a script. bulk_create() method is one of the ways to insert multiple records in the database table. How the bulk_create() method is used to insert the multiple data in a Django database table will be shown in this tutorial.
Django is a popular Python framework used to develop web apps using the WGSI (Web Server Gateway Interface) and ASGI (Asynchronous Server Gateway Interface) server specifications. WGSI is used for developing synchronous Python apps, and AGSI is used for developing asynchronous and synchronous web apps. Channel is a useful feature of Django that is used to handle WebSocket, chat protocol, etc. alongside the HTTP protocol. Channel is built on the ASGI server specifications. A two-way interactive communication session between the user’s browser and the server can be opened using a WebSocket. The client initiates the WebSocket connection and the server responds with an accept or close message. The WebSocket messages are pushed into the channel using producers and sent to the consumers that are listening on the channel. This tutorial shows you how to use channels to handle WebSocket messages.
One aspect of programming that many tutorials don’t tell you upfront is the amount of looping and counting you’ll have to do. As such, any programming language worth its salt will offer ways to enumerate numbers in a repeated way. The Python range sequence type is one of those methods.
The Rust 2021 Edition working group is happy to announce that the next edition of Rust, Rust 2021, is scheduled for release later this year. While the RFC formally introducing this edition is still open, we expect it to be merged soon. Planning and preparation have already begun, and we're on schedule!
If you're curious what features Rust 2021 will introduce or what the timeline for getting the edition released on stable is, keep reading!
By now, a vast number of scientific studies confirm that this particular distraction can quickly evolve into something much more problematic, namely an addiction: “Internet addiction is described as an impulse control disorder and is very similar to pathological gambling” (Stefaniuk 65). Outside of the academic sphere, this striking comparison was recently also highlighted in the documentary The Social Dilemma, where the “Pull-to-refresh” smartphone feature is likened to the mechanism of a slot machine. A basic function that can trigger a seemingly endless chain of programmed volatility, every swipe being a new chance for reward, as long as the price keeps being paid. Which is? Undivided attention?
A little further down in the above-mentioned study, not too far after the gambling simile, the following conclusion is drawn: “The problem of Internet addiction is especially hazardous when it comes to children and teenagers, for – due to their immaturity – they become addicted much faster than adults do” (66). While I certainly agree that children and young adults should be informed about the dangers of internet addiction, they are not the first age group that comes to my mind when I hear of gambling-like addictions.
In discord, she said, two brains engage many emotional and cognitive resources "like a symphony orchestra playing different music." In agreement, there "is less cognitive engagement and more social interaction between brains of the talkers, similar to a musical duet."
The lead investigator of the paper is Alex Salama-Manteau, a former graduate student of economics at Yale and now a data scientist at Airbnb. Mark Tiede, a research scientist at the Haskins Laboratory at Yale, is second author of the paper.
Verbal face-to-face communication is central to everyday transactions between humans throughout the entire lifespan. The foundational nature of live and interactive social functions is in contrast to the nascent development of neurocognitive theories to explain them which have been limited by lack of data from live and natural social interactions. Here we have addressed this knowledge gap by recording neural responses and speech concurrently during live face-to-face discussions of topics where the interlocutors were either in agreement or disagreement, a common feature characteristic of verbal exchanges between two individuals. The dialectical misattunement hypothesis (Bolis et al., 2017) proposes that disturbances in the reciprocal unfolding of an interaction result in a change of the dyadic state, thus predicting a behavioral and neural difference between the two conditions employed in this study. Findings in this investigation are consistent with this prediction. A theoretical neural framework for the effects observed in this investigation remain nascent but contribute to an emerging neuroscience of social interactions that may serve to coordinate activities of multiple component systems often investigated alone such as face processing, language production, and theory of mind. In so doing, this paradigm provides a template for developing methods and models to access neural processes that are responsive to spontaneous, rapid, and multimodal components of live interactions.
NXP i.MX 6 and i.MX 8 processors are widely used in industrial boards and systems-on-module, and the company has now teased a new family with i.MX 9 processors integrating Arm Ethos-U65 1 TOPS microNPU, as well as the company’s EdgeLock secure enclave for increased security.
The company did not provide that many technical details, so we still don’t know which CPU cores, GPU, and exact peripherals will be found in the processor. But we do know the i.MX 9 processors will be manufactured with a 16/12nm FinFET class of process technology optimized for low power, and features the “Energy Flex” architecture that combines “heterogeneous domain processing (independent applications processor and real-time domains with a separate low-power multi-media domain), design techniques, and process technology to maximize performance efficiency”. That means most blocks of the processor can be turned off for low power audio or CAN networking use cases, and other industrial applications requiring fast boot, defined as sub-100 milliseconds boot time.
The European Medicines Agency (EMA) has started its review of the “Sputnik V” vaccine developed by Russia’s Gamaleya Research Institute. The vaccine will undergo a “rolling review” based on the results of laboratory and clinical studies in adults. This was announced in press releases from both the EMA and the Russian Direct Investment Fund (RDIF), which has overseen the drug’s development.
As we discussed in an earlier post, relative to the number of people needing (and wanting) to get vaccinated, there’s a vaccine shortage. The shortage has exacerbated structural inequalities: distribution of the existing vaccine supply has reflected stark racial disparities within the United States and even more pronounced global disparities. This shortage is not a surprise: it was clear from the earliest stages of COVID-19 vaccine development that short-term demand would far outstrip supply for any successful vaccine, which is why the federal government should have invested more—and earlier—in building at-risk manufacturing capacity for all the leading vaccine candidates. But now, the scale of the problem has become widely apparent. For some, weakening patent rights may look like a solution.
Under the conventional account, the patent system reflects a fundamental tradeoff between innovation incentives and access: patents incentivize innovation by allowing patent owners to charge supra-competitive prices, and for a static demand curve, this means that fewer consumers will purchase the patented product. Thus, as Ken Shadlen explains, “[i]t’s become common wisdom in the ‘access to medicines’ community that the way to increase access to pharmaceutical products is to reduce the legal barriers to market entry that patents impose, thereby increasing competition among multiple suppliers.” This strategy was among the tools used to increase global access to HIV/AIDS treatments. But there are many ways to avoid the incentives/access tradeoff without eliminating patents, and removing patents doesn’t make sense as a near-term access strategy for COVID-19 vaccines. If all relevant vaccine patents were suddenly invalidated, it would not lead to more firms manufacturing these vaccines anytime soon, for at least five reasons.
The acquisition is subject to customary closing conditions and regulatory approvals and is expected to close in the quarter ending June 30, 2021.
Overall, I think I can at least tolerate this development experience. It's not really the most ideal setup, but it does work and I can get things done with it. It makes me miss NixOS though. NixOS really does ruin your expectations of what a desktop operating system should be. It leaves you with kind of impossible standards, and it can be a bit hard to unlearn them.
A lot of the software I use is closed source proprietary software. I've tried to fight that battle before. I've given up. When it works, Linux on the desktop is a fantastic experience. Everything works together there. The system is a lot more cohesive compared to the "download random programs and hope for the best" strategy that you end up taking with Windows systems. It's hard to do the "download random programs and hope for the best" strategy with Linux on the desktop because there really isn't one Linux platform to target. There's 20 or something. This is an advantage sometimes, but is a huge pain other times.
The conclusion here is that there is no conclusion.
Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository — all of which exfiltrate sensitive information.
The packages weaponize a proof-of-concept (PoC) code dependency-confusion exploit that was recently devised by security researcher Alex Birsan to inject rogue code into developer projects.
Internal developer projects typically use standard, trusted code dependencies that are housed in private repositories. Birsan decided to see what would happen if he created “copycat” packages to be housed instead in public repositories like npm, with the same names as the private legitimate code dependencies.
A new sample of Ryuk ransomware appears to have worm-like capabilities, according to an analysis from the French National Agency for the Security of Information Systems (ANSSI), France’s national cybersecurity agency.
Cybersecurity group FireEye on Thursday night announced it had found evidence that [crackers] had exploited a flaw in a popular Microsoft email application since as early as January to target groups across a variety of sectors.
[...]
Since then, FireEye found evidence that the hackers had gone after an array of victims, including “US-based retailers, local governments, a university, and an engineering firm,” along with a Southeast Asian government and a Central Asian telecom.
Today's Republican Party is now a de facto terrorist organization. Donald Trump, the twice-impeached president whom Senate Republicans twice acquitted for his crimes, is its leader.
Trump, a president who attempted a coup against American democracy that included a lethal assault on the Capitol, has not been broken, and is not behaving as if he had been defeated. At CPAC, he spoke in his role as leader of a violent right-wing insurgency, one which law enforcement and counterterrorism experts warn is continuing to gain momentum.
The danger from right-wing terrorists is now so great that the House of Representatives will not convene on Thursday this week because of credible reports that Trump supporters and QAnon cultists may be planning an attack.
The October power outage left millions without electricity, brought public transit to a halt, and shut down communication networks for up to 12 hours in some parts of the city, according to Reuters.
The day before Deshmukh’s announcement, The New York Times published a report suggesting that the cyberattack was a warning shot of sorts over ongoing conflicts between the two countries, though the Chinese Embassy dismissed it as speculation.
On January 5, 2021, Facebook shut down the account of the International Union Of Muslim Scholars (IUMS), which is based in Doha and has been supported since its establishment by the Qatari and Turkish regimes.[1] The IUMS was founded in 2004 by Sheikh Yousuf Al-Qaradhawi, a major ideologue of the Muslim Brotherhood who lives in Qatar and has been sponsored by its regime for years. Al-Qaradhawi also headed the organization until 2018, when he was succeeded by Dr. Ahmad Al-Raissouni.
Neither Facebook nor the IUMS reported the exact reason for the closure of the account, but Arab media that support the IUMS stated that the reason was a fatwa posted two days earlier, on January 3, signed by the organization's president Al-Raissouni and its secretary-general 'Ali Al-Qaradaghi. The fatwa called for an economic boycott of Israel in response to the normalization agreements recently signed with it by several Arab states.[2] However, the closure was likely prompted not by the fatwa's call to boycott Israel, but by its explicit call to wage jihad against it by any means. Similar materials supporting jihad and terrorism have been published by the IUMS for many years.
It is home to more than 65,000 people, four fifths of them women and children but also some adult men. All were displaced by the final assault by US-backed forces who drove back Isis between 2014-2019, and they include many Isis wives and children.
All eight victims were hospitalised and three had life-threatening injuries, the Jonkoping regional council said on its website.
Police said the suspect attacked at least five different locations in Vetlanda.
According to Swedish newspaper the Aftonblade, police spokesperson Angelica Israelsson Silfver said: ''Some are seriously injured and some are slightly injured, but no one is dead."
Regional police chief Malena Grann confirmed at a news conference that a suspect had been arrested after ''police opened fire.''
Update: According to Swedish New Agency, Expressen the attacker is a 22-year-old Afghan citizen who has previously been convicted of drug offenses. The terrorist is said to have received regular visits from social services at home and has been suffering from “mental problems” for some time.
In virtually every instance of jihad attacks in Sweden, politicians & media hide the identity of the attackers. In rare instances when the identity of an attacked is leaked, the suspect is presented as possibly suffering from mental health issues.
Once considered a backwater for jihadists, sub-Saharan Africa is now at the forefront of the counterterrorism landscape. With core ISIS and al-Qaeda reeling from sustained Western counterterrorism campaigns, attention has shifted from former jihadist bases in the Middle East and south Asia, respectively, to the Sahel and Nigeria, the Horn of Africa, and, most recently, the continent’s southeastern Swahili coast. ISIS and al-Qaeda affiliates throughout sub-Saharan Africa are well-positioned to expand their influence, garner new recruits, spread propaganda, and in some cases, capture territory.
As weak states give way to weak regions, overmatched security forces are being upstaged by well-armed jihadists capable of mounting complex and coordinated operations that increasingly resemble those of core ISIS and al-Qaeda themselves. These terrorists have taken advantage of porous borders throughout Africa and, in opportunistic fashion, have capitalized on fraught political transitions and lack of security sector accountability in countries like Mali and Mozambique, working to further destabilize already fragile states.
According to reports by Al Jazeera, the “burka ban”, as it has come to be known, was initiated by the Egerkinger Komitee, which is a group belonging to the right-wing Swiss People’s Party (SVP). The political grouping said it organises “resistance against the claims to power of political Islam in Switzerland”.
The Swiss are expected to vote in a referendum about the “burka ban” on March 7.
Overall, misinformation authors on the far right received 65% more engagement per follower than other pages, according to the research.
Real news was more popular than misinformation in every other partisan news category examined, according to the study — for the slightly right, center, slightly left and far left, real news outranked misinformation on Facebook. Misinformation outranked real news only on the far right, according to the research.
The Google-owned platform will lift the suspension when it determines the risk of violence has decreased, but if the former U.S. president violates the rules, the channel will be removed again.
The “For the People Act” (H.R.1/S.1) is voting rights legislation now pending in Congress. Civil rights organizations are urgently supporting this bill in order to secure voting rights against over 250 voter suppression bills introduced by Republicans this year in 43 state legislatures.
As a GOP lawyer bluntly told the U.S. Supreme Court on March 2 in an Arizona voting rights case when asked why the Republican Party opposed removing a voting restriction, “Because it puts us at a competitive disadvantage relative to Democrats.” The voting rights sections of H.R.1 are important federal measures to enact at a time when the Republican Party seeks to restrict voting rights at the state level.
However, buried in the middle of H.R.1 is a campaign finance reform section that will only further entrench the domination of campaign financing by the super-rich and moneyed special interests. Among major problems with H.R. 1’s campaign finance provisions are that it effectively excludes third party candidates. The qualifying threshold to receive presidential primary matching funds is increased five times. This higher threshold puts public funding beyond the reach of third-party candidates.
As a Green Party candidate for president, I was the only candidate in any party to apply for matching funds in 2020. The major party candidates eschewed the program because a condition of receiving matching funds is a cap on the amount of private spending, which was $51.8 million in 2020. That was too low for the major party candidates who could raise so much more from private sources. H.R. 1 eliminates the existing cap on private campaign spending by publicly funded presidential candidates. It simply adds public funding to unlimited private funding.
In the post the other day about Utah trying to ignore Section 230 so it could regulate internet platforms, I explained why it was important that Section 230 pre-empted these sorts of state efforts:
The group, called White Rocky Mountain Club, quickly gained 240 followers, alarming Chinese authorities who fear loss of control over political and social commentary by Tibetans over social media platforms, Free Tibet said.
Nearly 70% of cases of [Internet] shutdowns globally happened in India in 2020, according to a new report by Access Now, a global non-profit that works on digital rights and online freedom. Out of the 155 instances of [Internet] disruptions, 109 were recorded in India, followed by Yemen with six instances.
The brutal murder of the journalist Jamal Khashoggi at the Saudi consulate in Istanbul in 2018 is just one of the more extreme examples in a country where the persecution of journalists is reported to be systematic.
RSF's complaint cites the arbitrary detention of 34 journalists, including the blogger Raif Badawi, who had criticized the role of religion in Saudi Arabia and ultimately received a sentence of 10 years in prison and 1,000 lashes. In 2015, DW awarded him its Freedom of Speech Award.
In the AP video, Thein Zaw appears to be photographing security forces running at protesters on Saturday in Myanmar's largest city Yangon.
Thein Zaw tries to escape as seven people place him in a chokehold and handcuffs.
A policeman then pulls him with the handcuffs.
After a four-day hearing, a Hong Kong court ruled Thursday that 47 pro-democracy advocates accused of subversion under a national security law must remain in custody.
The West Kowloon Magistrates Court denied bail to 31 of the activists, while another identified as law professor Benny Tai withdrew his bail petition because he was being held in another case.
More needs to be done to help the men who are victims of so-called honour-based violence (HBV) in the UK, researchers have told VICE World News.
[...]
2,024 cases of HBV were reported in England and Wales in 2019-2020, according to official Home Office statistics, but the true figure is likely to be much higher, due to a reluctance by victims to come forward. 80 percent of HBV victims are women, but a significant number of men are suffering in silence.
They are kidnapped by gangs of criminals with ties to jihadist groups in the north-east of the country.
Young women are often forced to marry the kidnappers when they fail to make money on ransom demands. They are often sold for 2,000 naire, the Nigerian currency (equivalent to 12 dollars). The NGO Free the Slaves estimates a profit of $ 1.6 billion (an amount greater than the GDP of eight African countries) from African slavery each year.
According to the bishops, "Nigeria is on the verge of collapse" and is in danger of breaking apart.
Unfortunately, the West feeds on Third Worldism and says "Black Lives Matter" but does not care about this slavery, on the contrary it often collaborates with it.
In an ideal world we would be able to rely on objective declarations of essentiality. However, the world we live in is far from ideal – there is a distinct lack of transparency in the context of the SEP licensing frameworks managed by Standard-Setting Organisations (SSOs). This lack of transparency has negative consequences. As noted in the European Commission’s Communication of 29 November 2017, several studies on important technologies demonstrate that, when strictly assessed, only between 10% and 50% of declared patents are really essential (see ReÃÂgibeau et al., Transparency, Predictability, and Efficiency of SSO-based Standardization and SEP Licensing, A Report for the European Commission (2016), p. 62). Are there ways to improve access to reliable information on the scale of exposure to SEPs? Improved transparency would benefit the users of standards, especially small and medium-sized enterprises, that have little experience of licensing practices when they enter the relevant markets looking for connectivity.
This concern over transparency is noted by the Expert Group in its report, which states that some SSOs’ declarations disclose little to no data in relation to specific SEPs. Other SSOs including the European Telecommunications Standards Institute (ETSI) are more demanding as they ask for detailed declarations – yet, such declarations are not updated regularly so as to show the public modifications within the SEP landscape. The life-cycle of patents and patent applications often sees changes to ownership (patentee) and property boundaries (scope). Applications may be refused; patent claims may be narrowed. Patents may be revoked for lack of novelty or inventive step, or simply expire. They could also be deprived of their essential nature if the relevant standards are amended or supplemented, potentially making existing declarations incorrect and unreliable. Moreover, generally this info, on ownership of patents and changes in scope, falls within the data managed not by SSOs but by the European Patent Office (EPO).
[...]
This proposal echoes a similar one recently put forward in the final report produced by a consortium including the Eindhoven University of Technology (TU/e) and the Technical University of Munich (TUM), and commissioned by the European Commission’s Joint Research Centre (JRC). That report, discussed in an earlier post, suggests to identify a supervisory body aimed at devising the assessment procedures and to bear responsibility for their quality and performance. More specifically, it recommends that assessment tasks be outsourced to already existing entities, particularly organisations and individuals who already perform analogous tasks, including patent offices and patent attorneys. An important role – that report reminded – should be played by the EPO and national patent offices in Europe, which are likely to be the most appropriate organisations to perform high quality essentiality checks, as they can rely on experts with enhanced skills and guarantee impartiality and objectivity.
The Expert Group also suggests that costs for the essentiality checks are kept at a fair and equitable level. Likewise, procedures to appeal decisions on essentiality of approved SEPs should be fast and cheap. To adequately inform all stakeholders, some members of the Expert Group urge that approved SEPs, namely those SEPs which have been checked by independent assessors and confirmed as real SEPs, are included in SSOs’ databases. Also, incentives should be given to SEP owners to submit their declared SEPs for essentiality confirmation as rapidly as possible after the adoption of the standard.
All candidates, as well as tutors who helped candidates prepare for EQE 2021, are invited to contribute to the discussions on our EQE blogs! You can post your comments in English, French or German. You are invited to post your comments under your real name, but it is also possible to use a nickname if you wish to hide your identify.
On March 1st, the U.S. Patent and Trademark Office Patent Trial and Appeal Board (PTAB) issued its Order on the Preliminary Motions Lists submitted by Junior Party University of California/Berkeley, University of Vienna, and Emmanuelle Charpentier (collectively, "CVC") and Senior Party ToolGen Inc. in Interference No. 106,127. (Somewhat curiously, the Board did not issue an Order in Interference No. 106,126 between The Broad Institute, Harvard University, and the Massachusetts Institute of Technology (collectively, "Broad") and Senior Party Toolgen on similar interfering subject matter.)
CVC had requested permission to file six proposed motions (one of which is Motion No. 6 under 37 C.F.R. ۤ 41.208(a)(4), which seeks judgment based on priority, which was routinely deferred to the Priority Phase of the interference).
Authentic makes branded apparel, and had a non-exclusive license from the US Army to make Army branded items. (Signed back in Aug 2010). One line of clothing was going to feature The Rock (Duane Johnson) with Army-Style clothing. (Seriously though, tie those shoes).
The license included a requirement that any sale/distribution must first receive the Army’s “advance written approval” subject to the Army’s “sole and absolute discretion.”
The Army refused an expansion of The Rock line of clothing; rejected other proposal; and also allegedly delayed in approving other initiatives. Eventually Authentic sued the Army for Breach in the Court of Federal Claims (CFC).
[...]
Who is the source of goods: One reason that the Army did not approve various advertisements was that the Army did not want to be recognized as the source of the licensed goods. Authentic argued that source identification is the key function of trademark law and is implicit in its license to use the Army mark “for trademark purposes.”
A minor change is being made to the EPC regarding inventors (Rule 19 EPC and 143 EPC); in particular, the changes concern the notifications of inventors relating to the provision and use of inventor addresses.
The changes to Rule 19 EPC relate to paragraphs 3 and 4. From 01 April 2021, inventors will no longer be notified by the EPO that they have been designated as an inventor in a European patent application. In addition, since notifications will no longer be made, the requirement for inventor addresses to be provided is also being removed. Instead, a country and place of residence (for example, city and postal code if available) will be required.
“By effectively protecting their intellectual property, innovative companies can secure financing, grow, collaborate, and create value, but how does owning intellectual property rights impact a company’s performance?” That was the question guiding a recent study carried out by the European Union Intellectual Property Office (“EUIPO”) and the European Patent Office (“EPO”). In an effort to compare “the economic performance of firms that maintain intellectual property rights with those that do not,” the two IP bodies uncovered an interesting (although unsurprising) link between intellectual property rights and business performance.
According to a recent study published by the European Intellectual Property Office (“EUIPO”), companies that own and protect their intellectual property rights (“IP”) generate 20% higher revenue per employee when compared to non-IP owning companies. The report further found that these firms (the ones with IP) pay on average 19% higher remuneration to their employees, and revenue per employee for IP owning companies average a staggering 55% higher.
Kinsella on Liberty Podcast, Episode 323. Jed Grant and I appeared on the World Crypto Network channel with host Thomas Hunt to discuss the looming patent threat to bitcoin.
There has been clarification concerning exclusions to user interfaces (G-II, 3.7.1): in particular, if technical considerations are involved to implement the linguistic model on a computer, such as those relating to the internal functioning of a computer, then a technical effect may arise.
There has also been clarification concerning exclusions to data retrieval, forms and structures (G-II, 3.6.3): a data structure only contributes to technical character of the invention if it produces a technical effect and cognitive data does not contribute to producing a technical effect.
There is a new section relating to database management systems and information retrieval (G-II, 3.6.4), which states that distinctions are made between executing structured queries by database management system, and information retrieval, and clarification regarding method steps defining additional devices (F-IV, 3.9.2). If not all features of the method claim are reflected in claims in other categories referring to said method, said claims in other categories have to be construed and examined separately, and if a step carried out by specific technical means cannot be carried out by generic data processing means an objection under Art. 84 EPC will normally be raised.
Way back in the simpler time of 2010, Mike wrote up an interesting piece on Twitter's trademark enforcement policies and how it handles third parties that interact with Twitter using Twitter-related terms. In short, Twitter built a reputation for itself in freely licensing these terms for use by third parties, believing that tools that made Twitter more useful were good for the platform overall. It was a smart, productive way of looking at protecting trademarks so as not to lose them to genericide.
Can a VPN provider be held liable when its users illegally stream films and TV series? What if that provider markets itself as a way to avoid "threats and jail time" for illegal viewing? Those are the issues posed to a Florida federal judge in a suit involving the piracy of films starring Amy Schumer, Gary Oldman and Woody Harrelson.
Voltage Holdings, Millennium Funding and Hunter Killer productions on Thursday sued 1707 Management and its owner Charles Muszynski arguing they're liable for users' infringement of I Feel Pretty, Shock and Awe, Automata, Survivor, and Hunter Killer.
The rights owners argue LiquidVPN, which they allege to be owned by Muszynski and 1707, is purposely friendly to copyright infringers — noting its practice of assigning anonymous IP addresses and marketing that touts how it makes piracy easier.
Last October the company behind YouTube-ripping platform 'Yout' sued the RIAA for sending "abusive" DMCA anti-circumvention notices to Google. The RIAA responded by insisting that YouTube's rolling cipher is indeed an "effective technological measure." Yout has now fired back, stating that mere 'use' of a protection measure cannot be extrapolated into a circumvention violation.
The makers of popular films including "Hunter Killer," "Automata," and “I Feel Pretty,” accuse LiquidVPN's former and current owner of promoting and facilitating piracy. In addition to damages, the companies want the defendants, who are linked to a hosting company, to close common BitTorrent ports, terminate repeat infringers, and block several pirate websites.