Bonum Certa Men Certa

Links 31/3/2021: AlmaLinux 8.3 and SUSE Linux Enterprise Micro 5.0



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Intel IGC Network Driver Queues XDP Support For Linux 5.13

        The Intel IGC network driver (not to be confused with their other IGC, the Intel Graphics Compiler) that supports their Gigabit/2.5G Ethernet devices has support for the Express Data Path (XDP) with the upcoming Linux 5.13 cycle.

        Linux XDP "eXpress Data Path" allows for hooking in eBPF programs at a lower-level to the driver for packet processing and any editing of the packet data. While Intel's drivers for their enterprise network hardware has already supported XDP, the IGC driver has not supported XDP until now for this high performance data path. See this Red Hat blog post for more background details on XDP.

      • Intel's Bus Lock Detection Might Be Ready For The Mainline Linux Kernel - Phoronix

        For longer than the past year Intel engineers have been working on wiring up the Linux kernel support to handle split lock detection and bus lock detection. Back in Linux 5.7 the split lock detection landed for warning or even killing the offending software should a split lock occur due to the significant performance impact and possible denial of service. Now it's looking like the bus lock detection code could be ready for mainline.

        After the split lock detection code was merged, Intel engineers turned their focus to bus lock detection for Linux. Again, important due to the performance penalties and possible denial of service implications. Bus locks can disrupt the performance to other CPU cores and are much slower than an atomic operation happening within a cache line. Like the split lock detection, the bus lock detection relies upon the CPU being able to notify the kernel when a user instruction acquires a bus lock.

      • Linux 5.13 To Enable The Keyboard/Touchpad Of Newer Microsoft Surface Laptops

        The quest of improving the Microsoft Surface laptop support under Linux continues. With Linux 5.13 there is going to be not only the Surface DTX driver but another new Surface driver queued up is "surface-hid" that will allow supporting the keyboard and touchpad on newer Surface devices.

        Currently with newer Microsoft Surface devices like the Surface Laptop 3 and Surface Book 3 the keyboard and touchpad are not supported when running the mainline kernel... There have been out-of-tree patches / DKMS modules but finally with Linux 5.13 there should be the support with the mainline kernel now that the surface-hid driver has made it into HID's "-next" branch ahead of the Linux 5.13 merge window opening in April.

      • Graphics Stack

        • Tens of Nvidia Tegra devices now run mainline Linux thanks to the "grate" project

          Nvidia chips and the Linux community have not always been known for a friendly attitude between each other. In a famous talk by Linus Torvalds, which may appear slightly too offensive to be reported directly, the Linux creator defined it "the single worst company [they had] ever dealt with". While the situation has become increasingly better in the last years, so that (proprietary) drivers are shipped for most new Nvidia cards, the stigma of Nvidia as being an incompatible company with the open source philosophy still burdens the company.

          What concerns this post, however, is rather a coincidence than anything related to Nvidia supporting Linux or not. Before the age of Snapdragons, more or less between 2011 and 2013, Nvidia Tegra chips were the leading "high-end" series for phones and tablets, satisfying both mobile gamers and casual users. This brought to this class of relatively fast and efficient processors (usually grouped as Tegra 1, 2, 3 and 4) being adopted by many devices, especially Android tablets, including the famous ASUS "Transformer" series of laptop-aspiring, keyboard-equipped machines, as well as most Acer tablets and phones, higher-end Samsung tablets and many others. The big news is that support has finally landed, thanks to very hard work by the #tegra IRC members, with developers such as David "okias" Heidelberg, Dmitry "digetx" Osipenko and many others working regularly to port first the main Tegra SoCs to mainline Linux, then many of the internal peripheral or devices, up to a point of near-complete support.

        • Lilbits: Rocket Lake-S, Piunara Raspberry Pi CM4 carrier board, and Linux for old NVIDIA Tegra devices

          In other news, the Piunara carrier board for the Raspberry Pi 4 we told you about a few months ago is up for pre-order through a crowdfunding campaign and should ship in June, Google Maps is picking up new features this year, a bunch of old Android tablets with NVIDIA Tegra chips can now run mainline Linux (if you don’t need 3D graphics) and Verizon has confirmed that its 3G network has less than two years to live.

        • System76 Updates Pop OS With Full Support For Radeon RX 6000 Series

          More than 4 months ago, AMD’s Radeon RX 6800 series launched, and I wrote an enthusiastic Windows-based review here at Forbes. Team Red had finally, triumphantly entered the high-end GPU market and was competing head-to-head with Nvidia. The in-house reference designs were also beautifully built, so that didn’t hurt my recommendation.

    • Applications

      • Best email client for Linux 2021

        While web-based email has become the norm and can be accessed from any web browser, many users prefer a native email client. On Windows, you have applications like Microsoft Outlook and Thunderbird. On Android or iOS, there are clients like Nine and K-9 Mail. But what about Linux?

        Hundreds of native email clients for Linux have come and gone, and only a few offer comparable features to Windows native clients. But one of the great things about Linux is that most applications are available for free, forever, so you can try them all out to find the best email client for Linux for your needs.

        There is also a more diverse range of email clients for the Linux desktop than you’ll find on Windows. When developers don’t like something about a piece of software written on Linux, they often make their own version and release it free to the world. This has resulted in some unique email clients that you might find suit you better than the usual suspects, and which may yet rank among the best email providers.

      • Ticker Is A Terminal Stock Watcher And Position Tracker (With Cryptocurrency Support)

        Ticker is a terminal stock ticker with live updates and position tracking, available for Linux, macOS and Microsoft Windows. Besides quotes, Ticker also supports any cryptocurrency that's available via Yahoo Finance / CoinMarketCap.

        The tool features live stock price quotes, and the ability to track the value of your stock positions with support for pre and post market price quotes, as well as multiple cost basis lots.

    • Instructionals/Technical

      • 7 Ways to Get Command Line Help on Linux

        Learning new things can be overwhelming and the Linux terminal is no exception. When it comes to mastering the command-line terminal, the key is to understand the underlying concepts rather than memorizing commands.

        Most commands in Linux are well documented and to really understand them well all you need is the command terminal itself.

        This guide takes a look at some of the most important Linux commands that will help you to get help on Linux Commands from the command-line and to enhance your learning on your way to mastering Linux commands.

      • DKF_DISABLE_DEPRECATED_BEFORE_AND_AT=0x054F00 ?
      • The Paddy's Day bug

        Last Sunday, I got a message from a coworker and a good friend, Dhaval, that his Fedora laptop was stuck during the boot process. His work laptop, also running Fedora, also failed to boot. I checked my work laptop and personal laptop, and both of them rebooted just fine, so we then started going through the normal troubleshooting process on his work laptop.

        [...]

        I decided to compare the startup systemd services in my laptop compared to his. After going through multiple services, I noticed that raid-check.timer was set to start on Dhaval’s laptop, but wasn’t setup on mine.

      • How to Install SpiderFoot Security Scanner on Ubuntu 20.04

        Spiderfoot is a free and open-source vulnerability testing tool that helps you to reduce attacks by hackers. It is used to analyze vulnerabilities and malicious functions on Linux servers. It is a cross-platform software tool that supports Linux and Windows machines and can be collaborated with GitHub. It is written in Python and uses SQLite as a database backend. It provides a web-based interface to perform penetration testing for more than one target simultaneously through a web browser.

        In this tutorial, we will show you how to install Spiderfoot on Ubuntu 20.04 server.

      • Easily Install Golang In Linux Using Update-golang Script

        Installing Go programming language in Linux is no big deal. It will only take a few minutes to install and configure Go language. Good thing is it is now even easier to install Golang in Linux using Update-golang script.

        Update-golang is a shell script to easily fetch and install latest Golang versions with minimum user interaction. Anyone can now easily install a stable Go release on their Linux machine with the help of this script. Everything is automated! Just run this script and sit back.

      • How to uninstall Linux apps from your Chromebook

        Linux on Chrome OS has come a long way since we first discovered the project that would bring containers to Chromebooks nearly four years ago. In that time, Google has brought a stable method to deliver a plethora of Linux applications to the Chrome operating system without the need for hacky workarounds that compromise the integrity and security of the platform. Crostini, a.k.a. Linux apps on Chrome OS, isn’t perfect and there are still some pieces missing to make the experience 100% viable but there’s no question that it has added to the overall value of the Chrome OS ecosystem. I personally believe that the Chrome OS team has stumbled upon what could be the future of computing that could leverage containers and Plugin VMs to give users access to any software they need all through the portal that is Chrome OS.

      • How To Install LibreOffice on Manjaro 20 - idroot

        In this tutorial, we will show you how to install LibreOffice on Manjaro 20. For those of you who didn’t know, LibreOffice is a powerful office suite including word processing and the creation of spreadsheets, slideshows, and databases. It is the open-sourced version of the earlier StarOffice. LibreOffice available in 115 languages and even used by millions of people all around the world. The latest LibreOffice 8 is available to download and mount on the Linux system.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the LibreOffice open-source and free office suite on a Manjaro 20 (Nibia).

      • Emmanuel Kasper: Manually install a single node Kubernetes cluster on Debian

        Debian has work-in-progress packages for Kubernetes, which work well enough enough for a testing and learning environement. Bootstraping a cluster with the kubeadm deployer with these packages is not that hard, and is similar to the upstream kubeadm documentation

      • Adam Young: Merging root and home filesystems

        Yocto takes up a lot of space when it builds. If the /home partition is 30 GB or smaller, I am going to fill it up. The systems I get provisioned from Beaker are routinely splitting their disks between / and /home. These are both logical volumes in the same volume group. This is easy to merge.

      • Easily Install Golang In Linux Using Update-golang Script

        Installing Go programming language in Linux is no big deal. It will only take a few minutes to install and configure Go language. Good thing is it is now even easier to install Golang in Linux using Update-golang script.

        Update-golang is a shell script to easily fetch and install latest Golang versions with minimum user interaction. Anyone can now easily install a stable Go release on their Linux machine with the help of this script. Everything is automated! Just run this script and sit back.

      • How to Fix the "No Space Left on Device" Error on Linux - Make Tech Easier

        Most of the time, Linux is pretty specific with its error messages. “This didn’t work – try installing this package.” However, there’s one in particular that really doesn’t help me very much: “No space left on device.” What causes that? I thought I had 2 TB of storage, how can it be full? Where do I start looking? Today, we’ll be walking you through all of that in our guide on how to fix the “No space left on device” error on Linux.

      • Running do_ scripts from yocto

        I wanted to see how my work had diverged from the standdrad Raspberry Pi build. Specifically, the image creation stage is failing in my work. I can run the script in the original (upstream) version by doing thing following.

      • Using KDC Proxy to authenticate users - Luc de Louw's Blog

        How to authenticate users with Kerberos when port 88 is not available in a DMZ? Use an HTTPS server as a proxy. IPA comes with an integrated KDC Proxy and it’s simple to make use of it.

        A typical use case is a cross-domain trust with AD, where the Linux clients are not allowed to directly talk to AD because of firewall and/or security policy restrictions. Another use-case is where clients in a DMZ are not allowed to directly communicate via Kerberos to an IPA or AD server.

      • CyberPanel makes one-click installing of web-hosted apps and services simple - TechRepublic

        If you're looking for a replacement for cPanel, CyberPanel might be exactly what you need. Jack Wallen shows you how easy this tool is to deploy.

    • Games

      • Release candidate: Godot 3.3 RC 7

        In case you missed the recent news, we decided to change our versioning for Godot 3.x and rename the upcoming version 3.2.4 to Godot 3.3, thereby starting a new stable branch. Check the dedicated blog post for details.

        This 7th Release Candidate fixes a number of regressions which had been introduced since 3.2.3. Nearly all critical regressions have now been fixed, so we should be able to release Godot 3.3 stable in the near future.

      • Amnesia: Rebirth gets an adventure mode for more thrill and less heart attacks

        Amnesia: Rebirth the latest entry in the Amnesia series from Frictional Games receives a mode that lets you experience the game with a little less threat. Much like they did with SOMA, this mode is for people who want to play through and focus more on the story and puzzles than needing spare pants handing for scary bits.

        "The game still has its very serious theme and sometimes unnerving ambiance, but the new mode feels a lot more like an Indiana Jones type of adventure in places where it would otherwise be more of a horror experience," explains Fredrik Olsson, Creative Lead on Amnesia: Rebirth.

      • How to install Toontown Rewritten on Ubuntu 20.04

        In this video, we are looking at how to install Toontown Rewritten on Ubuntu 20.04.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.18.7, Bugfix Release for March

          Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.18.7.

          Plasma 5.18 was released in February 2020 with many feature refinements and new modules to complete the desktop experience.

      • GNOME Desktop/GTK

        • GNOME Software Center Loads 50% Faster in GNOME 40

          GNOME 40 was an exciting release and many users still haven’t tried it out because you can only get it with Fedora 34 beta or by trying GNOME OS.

          Of course, you can experiment with it when it pops up in the default repositories, but I’ll recommend you to wait for distributions to test and push it with an update.

          Even though we discussed a lot of good things about GNOME 40 release, there are still a few things worth appreciating.

        • GTK 4.2 Released With NGL Renderer By Default

          GTK 4.2 is out today as the newest stable release of this open-source toolkit and incorporates bug fixes and other improvements as a result of feedback from developers working on transitioning from GTK3 to GTK4.

          Most exciting with GTK 4.2 is its new "NGL" OpenGL renderer being the default across Linux, macOS, and Windows platforms. The NGL renderer is the default across those major platforms while the old OpenGL renderer is still being maintained for the time being and can be enabled via an environment variable override (GSK_RENDERER=gl) for helping to weed out any remaining issues with NGL.

        • Felipe Borges: Student applications for Google Summer of Code 2021 are now open!

          It’s that time of the year when we see an influx of students interested in Google Summer of Code.

          Some students may need some pointers to where to get started. I would like to ask GNOME contributors to be patient with the student’s questions and help them find where to get started.

    • Distributions

      • Unix team created Plan 9

        Forward-thinking boffins at Bell Labs created another flavour of Unix which was designed to fit in a distributed world.

        Dubbed Plan 9 it was created in the 1980s by a group led by Rob Pike and Unix co-creators Ken Thompson and Dennis Ritchie

        According to Nokia Bell Labs, the cunning plan was to build an operating system that would fit an increasingly distributed world and cleanly and elegantly. The plan was not to build directly on the Unix foundation but to implement a new design from scratch.

      • New Releases

        • Proxmox Mail Gateway 6.4 released

          Enterprise software developer Proxmox Server Solutions GmbH ("Proxmox" or the "Company") has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using Linux kernel 5.4.106, which is under long term support (LTS) status. The anti-spam and anti-virus filtering solution from Proxmox functions as a full featured mail proxy, that is deployed between the firewall and the internal mail server. It protects organizations against threats, such as spam, viruses, Trojans, and phishing emails.

        • Proxmox Mail Gateway 6.4 Released With Important Improvements

          Enterprise software developer Proxmox Server Solutions has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. The release introduces GUI improvements as well as improved functionality.

          Proxmox Mail Gateway is the leading open-source email security solution. It helping you to protect your mail server against all email threats the moment they emerge. In short, it protects your mail server from spam, viruses, trojans, and phishing emails. In addition to, it makes email security and filtering simple to manage. The web-based management interface allows you to setup and maintain even a complex mail setup with ease.

          Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using LTS Linux kernel 5.4.

      • BSD

      • Screenshots/Screencasts

        • OpenMandriva Lx 4.2 overview Promo #Shorts

          A promo for the OpenMandriva Lx 4.2 Overview video For the full video https://youtu.be/Q9jkZoO8mvo The OpenMandriva distribution is a full-featured Linux desktop and server, sponsored by the OpenMandriva Association. It was based on ROSA, a Russian Linux distribution project which forked Mandriva Linux in 2012, incorporating many of Mandriva's original tools and utilities and adding in-house enhancements.

      • SUSE/OpenSUSE

      • IBM/Red Hat/Fedora

        • CloudLinux Launches AlmaLinux, CentOS Linux clone

          The first of the next generation of the Red Hat CentOS Linux clones, CloudLinux's AlmaLinux, is here.

        • AlmaLinux 8.3, Forever Free CentOS Replacement Released

          AlmaLinux project issues first stable release of CentOS replacement. AlmaLinux is an open-source, community-driven project that intends to fill the gap left by the demise of the CentOS stable release.

          If you missed the news, AlmaLinux OS is a 1:1 binary compatible fork of RHEL 8. It is built by the creators of the established CloudLinux OS. CloudLinux has committed a $1 million dollars annual endowment to support the project.

          AlmaLinux announced the launch of the first stable release during a live stream earlier today.

          So, after about 4 months since the decision to steer CentOS in a different path, you now have a 1:1 binary compatible drop-in replacement, with a very long support timeframe. CloudLinux has committed to supporting AlmaLinux OS until 2029, including stable and thoroughly tested updates and security patches.

        • Systemd 248 Released With System Extension Images Feature, More TPM2/FIDO2 Integration

          After the release candidate phase kicked off last month, systemd 248 is now officially available as the newest feature release for this dominant Linux init system and service manager.

        • The NeuroFedora Blog: Next Open NeuroFedora meeting: 29 March 1400 UTC
        • Ben Cotton: Projects shouldn’t write their own tools [Ed: Fedora making excuses for outsourcing to Microsoft's proprietary software as if security incidents don't happen there! They do.]

          Over the weekend, the PHP project learned that its git server had been compromised. Attackers inserted malicious code into the repo. This is very bad. As a result, the project moved development to GitHub.

          It’s easy to say that open source projects should run their own infrastructure. It’s harder to do that successfully. The challenges compound when you add in writing the infrastructure applications.

          I understand the appeal. It’s zero-price (to write; you still need the hardware to run it). Bespoke software meets your needs exactly. And it can be a fun diversion from the main thing you’re working on: who doesn’t like going to chase a shiny for a little bit?

          Of course, there’s always the matter of “the thing you wanted didn’t exist when you started the project.” PHP’s first release predates the launch of GitHub by 13 years. It’s 10 years older than git, even.

          Of course, this means that at some point PHP moved from some other version control system to Git. That also means they could have moved from their homegrown platform to GitHub. I understand why they’d want to avoid the pain of making that switch, but sometimes it’s worthwhile.

          Writing secure and reliable infrastructure is hard. For most projects, the effort and risk of writing their own tooling isn’t worth the benefit. If the core mission of your project isn’t the production of infrastructure applications, don’t write it.

        • Security and management improvements in Red Hat JBoss Enterprise Application Platform 7.4 Beta

          The Beta release of Red Hat JBoss Enterprise Application Platform 7.4 is now available. This release has been made in preparation for the general availability (GA) release later in 2021, and contains a number of new features and enhancements. This article offers a summary of the most important improvements and illustrates an easy way to get started with JBoss EAP.

        • 6 actionable steps to becoming an open leader

          One of the most common challenges of open leadership is implementing its practices. If you speak to leaders about open behaviors, you will see their eyes glaze over. They know leaders should establish trust and be more transparent and collaborative with their teams. The question is not whether they should do these things, but how?

          Leaders want to know the actionable steps to becoming an open leader. Becoming an open leader is not an overnight process. To help you get started, here are six open practices that every leader can begin implementing right now.

        • rpminspect-1.4 released

          rpminspect 1.4 is now available. This is primarily a bug fix release since the 1.3.1 release earlier in the month. The objective for this release was imroved CI, test coverage, and stability.

      • Debian Family

        • No More Ubuntu! Nitrux Linux Ditches Ubuntu and Opts Debian as Base

          You probably know Nitrux Linux as an Ubuntu-based distro but with a different take.

          However, with the latest Nitrux Linux 1.3.9 release announcement, looks like it is now based on Debian and not Ubuntu anymore.

          Let’s take a look at the release highlights.

        • Challenging times for Freexian (1/4)

          Freexian’s success means that we have resources to invest into Debian projects. Plainly offering money has not worked so far, so I am looking to hire a “project manager” whose work would be to help spend that money in useful ways. At the same time, Freexian needs to adapt to cope with the growth: with new employees, with new infrastructure and a new offering. I want to give an idea of where we are headed, to try to inspire persons that share our values and our desire to improve Debian. Read on if you are interested.

          [...]

          When I created Freexian, it was out of a desire to be paid to work on Debian, and to be able to contribute during work time to the project that was so important to me. That goal has been met a long time ago.

          But ultimately what I strive to achieve for Debian is not entirely aligned with the work that Freexian’s customers are requesting. That’s why, in the “long term projects” of Freexian, I always kept “find a business model that can fund the Debian projects that I would like to do”, as well as “if that model works for me, build something so that other can benefit from it too”. The first occasion to experiment something appeared when Debian discussed Long Term Support and when I stepped up to setup a commercial offer to pay Debian contributors.

      • Canonical/Ubuntu Family

        • Ubuntu 21.04 (Hirsute Hippo) Testing Week Kicks Off on April 1st for All Flavors

          Since the Ubuntu devs decided to drop the alpha milestones from their development cycle a few years ago, they had to find a way for the community to test upcoming releases and report bugs, so they come up with the Ubuntu Testing Week initiative, which is optional for the Ubuntu flavors.

          During the six-month development cycle of a new Ubuntu release, there are two or three Ubuntu Testing Weeks taking place at monthly intervals. For the Ubuntu 21.04 (Hirsute Hippo) cycle, all flavors (official and unofficial) will be participating in the last Ubuntu Testing Week from April 1st to April 7th.

        • Emmanuel Kasper: Playing with cri-o, a container runtime built for Kubernetes



          Kubernetes is moving away from docker to alternative container engines presenting a smaller core having just the functionality needed.

        • Ubuntu Blog: Windows containers on Kubernetes with MicroK8s

          For the Linux-based part of a hybrid Kubernetes cluster, MicroK8s is a compelling choice. MicroK8s is a minimal implementation of Kubernetes which can run on the average laptop, yet has production grade features. It’s great for offline development, prototyping and testing, and if required you can also get professional support for it through Ubuntu Advantage.

        • Ubuntu in the wild – 30th of March 2021

          The Ubuntu in the wild blog post ropes in the latest highlights about Ubuntu and Canonical around the world on a bi-weekly basis. It is a summary of all the things that made us feel proud to be part of this journey. What do you think of it?

    • Devices/Embedded

      • Open Hardware/Modding

        • Tiny, dual-GbE Raspberry Pi CM4 carrier sells for $30

          DFRobot’s $30, 66 x 55mm “Compute Module 4 IoT Router Carrier Board Mini” extends the Raspberry Pi CM4 with 2x GbE, 2x Type-C, microSD, and 26-pin GPIO.

          Earlier this month, we saw the first dual-Ethernet carrier boards for the Raspberry Pi Compute Module 4 in Seeed’s Dual Gigabit Ethernet Carrier Board (2x GbE) and Mcuzone Raspberry Pi CM4-4G IO (GbE and 10/100). Now DFRobot has opened $30 pre-orders for a Raspberry Pi Compute Module 4 IoT Router Carrier Board Mini with dual GbE ports. At 66 x 55mm, the board is even smaller than the 75 x 64mm, $45 Seeed carrier.

        • Open-spec Piunora and MirkoPC carriers for RPi CM4 feature M.2 for NVMe

          Diodes Delight has launched a $39 “Piunora” carrier for the Raspberry Pi CM4 with Arduino, ADC, and Qwiic expansion, and Mirko Electronics is prepping a “MirkoPC” carrier with dual HDMI and a DAC.

          Lately, it seems, most of the interesting embedded Linux news has been about carrier boards for the Raspberry Pi Compute Module 4. This morning we covered DFRobot’s tiny, $30 Compute Module 4 IoT Router Carrier Board Mini with dual GbE ports. Here we look at the Arduino-like Piunora board, which just went live on Crowd Supply, plus an upcoming MirkoPC CM4 carrier board. Jeff Geerling recently dropped a YouTube video that used a Mirko Electronics MirkoPC prototype to demonstrate beta code released by the Raspberry Pi Foundation to enable booting from NVMe (see farther below).

        • WM1302 LoRaWAN gateway mini PCIe module works over SPI or USB
    • Free, Libre, and Open Source Software

      • [Older] Open Source Enshrines the Wrong Privilege

        The story of Free Software starts with an individual (later revealed as abusive), who was frustrated at not being able to access software on a printer so that he could alter it’s behaviour. This has been extended to the idea that Free Software “grants people control over their own lives and software”.

        This however, is not correct.

        What Free Software licenses protect is that individuals with time, resources, specialised technical knowledge and social standing have the possibility to alter that software’s behaviour.

        When we consider that the majority of the world are not developers or software engineers, what is it that our Free Software is doing to protect and support these individuals? Should we truly expect individuals who are linguists, authors, scientists, retail staff, or social workers to be able to “alter the software to fix their own problems”?

        Even as technical experts, we are frustrated when someone closes an issue with “PR’s welcome”. Imagine how these other people feel when they can’t even express or report the problem in the first place or get told they aren’t good enough, or that “they can fix it themselves if they want”.

        This attitude also discounts the subject matter knowledge required to alter or contribute to any piece of software however. I may be a Senior Software Engineer, but I lack the knowledge and time to contribute to Gnome for example. Even with these “freedoms” I lack the ability to “control” the software on my own system.

        [...]

        As individual communities we can advance the state of software and how we act socially so that future projects and users are in a better place. No software exists in a vacuum, all software exists to support people. We need to always keep in mind the effects our software has on others.

      • Web Browsers

        • Mozilla

          • Making your Data Work for you with Mozilla Rally

            Every week brings new reports of data leaks, privacy violations, rampant misinformation, or discriminatory AIs. It’s frustrating, because we have so little insight into how major technology companies shape our online experiences. We also don’t understand the extent of data that online companies collect from us. Without meaningful transparency, we will never address the roots of these problems.

          • The correct spelling is Tor

            The correct spelling is Tor, not TOR or any other variations. Please use the correct spelling of the project.

          • Introducing Daryl Alexsy

            Please join us to welcome Daryl Alexsy to he Customer Experience team! Daryl is a Senior User Experience Designer who will be helping SUMO as well as the MDN team. Please, say hi to Daryl!

      • CMS

        • WordPress So you want to make block patterns?

          If you’ve ever built something for the WordPress block editor — a theme or a plugin — you may have also heard about block patterns.

          Looking at the patterns that come bundled with WordPress, I thought it would be nice to dedicate to them a short post. They’re pretty nice, useful shortcuts when you know them, but there’s a good chance you may not know what they are or why you might want to use them.

      • FSFE

        • FSFE launches the Router Freedom Activity Package

          In the context of reform of telecommunication laws, EU member states are currently implementing legislation with direct impact on Router Freedom. The FSFE has launched an activity package for organisations and individuals to raise awareness and empower them to advocate for users' device sovereignty in their countries.

          Router Freedom is the right that consumers of any Internet Service Provider (ISP) have to choose and use a private modem and router instead of equipment that the ISP provides. Since 2013, the Free Software Foundation Europe has been successfully engaged with Router Freedom, promoting end-users' freedom to choose and use their own terminal equipment - first in Germany as a precedence, and now in many European countries.

          In the context of reform of telecommunications law, a new set of rules has been adopted by the European Union which will directly impact Router Freedom on the 27 EU member states. The FSFE has been following closely the developments and actively taken part on consultation initiatives on the European level and also in legislative processes countries which are ahead in adopting such rules, as Austria, Germany and Greece.

      • FSF

        • Statement from the FSF board of directors meeting on March 29, 2021

          Some of our colleagues in the FSF have decided to resign. We are grateful for the good work they have done for so long, and we will miss them. We regret losing them; we regret the situation that has motivated them to leave.

        • Management team members resigning

          As members of FSF management, we have decided to resign, with specific end dates to be determined. We believe in the importance of the FSF's mission and feel a new team will be better placed to implement recent changes in governance. Free software and copyleft are critical issues of our time, and the FSF is, and should continue to be, the organization leading this movement. FSF staff have our utmost respect, support, and appreciation, and it has been a privilege to work with you all. Our team's mutual goal is to ensure a smooth transition while supporting the necessary renovation of the foundation's governance.

        • Molly de Blanc, arrest and prosecution for cyberbullying

          Molly de Blanc has recently started a vile "petition" asking people to harass a volunteer, Richard Stallman.

          That is not a petition. As the vendetta is all about one person, it is cyberbullying. Vilification. Harassment. Violation of the law, state and federal. Github logs show Molly and her buddies spent all weekend on this. Can you think of any other industry where this behavior takes place? These logs suggest a sociopath is at work.

          Somerville police badge You can make a petition to arrest and prosecute Molly de Blanc using this web form provided by the Somerville police department. Post this link or your own text.

      • Programming/Development

        • Custom machine stand ‘lets you know’ if drill bits aren’t stored properly

          YouTuber Cranktown City recently acquired a new milling machine/drill press, and needed somewhere sturdy to place it. Rather than buying something, he went to work making a nice custom stand with a drawer on top and space for a toolbox below that.

          To help keep things organized, this top drawer features a 3D-printed drill index with an interesting trick. In addition to providing storage for the drill bits, it “encourages” you to put them back. Each drill cavity has a small switch, all of which are daisy-chained together. The switch signal is fed to an Arduino Nano, which reads high when all drills are present, and low if one or more is missing. If one is missing for too long, it triggers a sound module that insults him into proper organization, and lights up a strip of LEDs as an extra reminder.

        • Why I Chose Passion Over Money and Declined a Huge Job Offer

          I recently switched jobs. And during my long journey of finding a new one, I was offered way more money than I had anticipated for a role that I was not as passionate about.

          I wish I could say that it was an easy no for me. But it was not. I wanted to say no. But instead, I kept asking myself, “Am I really going to do this?”

          I even talked to quite a few close friends about my decision. And everybody, including my parents, told me that I was insane to decline that big offer. But I did it anyway. I ended up choosing passion over money.

        • GO Programming – DNS Server – Blocker/Forwarder



          I haven’t posted much GO related code on this blog before as I am more of a fan of C, Python, Java/JS, etc. I initially found its syntax to be a bit harder to read due to the variable typing being placed after the variable name. It can make it harder to track and understand if the variable you’re looking at is a: mutable or immutable, pointer or constant, array or singular, referenced or dereferenced, local or global, etc.

          It does combine a lot of power that you would typically find in a more structured language (like Java) along with being flexibile and relaxed (like Python).

        • Big O Notation Examples – Time Complexity and Algorithm Efficiency Explained

          Time complexity analysis helps us determine how much more time our algorithm needs to solve a bigger problem.

          In this article, I will explain what Big O notation means in time complexity analysis. We'll look at three different algorithms for checking if a number is prime, and we'll use Big O notation to analyze the time complexity of these algorithms.

        • Colin King: A C for-loop Gotcha

          The C infinite for-loop gotcha is one of the less frequent issues I find with static analysis, but I feel it is worth documenting because it is obscure but easy to do.

        • A DevOps guide to documentation | Opensource.com

          DevOps is challenging technical documentation norms like at no other time in IT history. From automation to increased delivery velocity to dismantling the waterfall software development lifecycle model, these all spell the need for making dramatic changes to business and the philosophy of technical documentation.

          Here are some ways DevOps is influencing technical documentation.

        • Tend your Git garden with Git Bonsai

          If you are like me, your git repository checkouts have a tendency to accumulate lots of branches over time.

          Git Bonsai is a command line tool to help you clean this bush.

        • Creating Advanced HMIs & User Experiences for NXP i.MX RT1170

          For some time now, the challenges of developing advanced human machine interfaces (HMIs) for embedded platforms has centered around translating the design vision to code, and then deploying that code to hardware platforms that meet the cost sensitivities of the market. The trend on user preferences around HMI, spanning across all industries, is tied to the benchmark most of us carry right in our pocket daily – the smartphone. When a user is met with a screen, it is an almost automatic expectation that the experience be the same as on their smartphone, regardless of what is under the hood. This can be an extreme challenge for cost sensitive markets where the budget for differentiation is low. Consumer markets are showing increased interest in advanced user interface technologies that can be effective at putting yourself ahead of the competition. Regardless of your market’s cost sensitivity, a premium user experience should not require a higher complexity and cost in your Bill of Materials (BOM). NXPâ„¢ Semiconductor’s recent release of the i.MX RT1170 crossover microcontroller (MCU) ushers in the era of GHz performance, and when paired with the complete software technology, enables an exceptional user experience at a cost suited to markets across many industries.

        • Qt Design Studio 2.1 Beta2 released

          Qt Design Studio is a UI design and development tool that enables designers and developers to rapidly prototype and create beautiful experiences. Both designers and developers use Qt Design Studio and this makes collaboration between the two a lot simpler and more streamlined.

          To get an overview, you should watch this video.

          Please have a look at the Beta blog post a for a summary of what is new and improved in Qt Design Studio 2.1. For detailed information about Qt Design Studio, visit the online documentation page.

        • Thomas Fitzsimmons: Quickly Start a Common Lisp Script

          So you want to write a utility script, and you want to write it in Common Lisp. I created a template Common Lisp script called start.lisp. It’s meant to be renamed and hacked up but it provides a starting point for a new Common Lisp script, with some utility libraries included.

        • Advanced Mach Try

          Following up last week’s post on some mach try fundamentals, I figured it would be worth posting some actual concrete tips and tricks. So without further ado, here are some things you can do with ./mach try you may not have known about in rapid fire format.

        • How to Model an Epidemic with R

          Epidemiology has never been more topical. It is the scientific study of how health and disease affects populations, including infectious diseases such as COVID-19.

          Key to understanding the spread of such diseases is the practice of epidemic modeling. This involves building quantitative models to describe and forecast the spread of disease.

          The classical approach to epidemic modeling is to use a type of mathematical model known as a "compartmental model".

        • Python

          • Python For Loop - For i in Range Example

            As discussed in Python's documentation, for loops work slightly differently than they do in languages such as JavaScript or C.

            A for loop sets the iterator variable to each value in a provided list, array, or string and repeats the code in the body of the for loop for each value of the iterator variable.

            In the example below, we use a for loop to print every number in our array.

          • Access Python package index JSON APIs with requests

            PyPI, the Python package index, provides a JSON API for information about its packages. This is essentially a machine-readable source of the same kind of data you can access while browsing the website. For example, as a human, I can head to the NumPy project page in my browser, click around, and see which versions there are, what files are available, and things like release dates and which Python versions are supported...

  • Leftovers

    • Hardware

      • Arm v9: First New Architecture in a Decade Doubles Down on AI and Security

        Arm has launched a major architecture revision, Arm v9, which provides additional features for security, confidential computing and AI as well as boosting overall performance. Arm said it expects v9 to deliver more than 30% performance uplift in the next two mobile and infrastructure generations. AI features, thus far most typically available with GPUs, will be available across the company’s GPUs, CPUs, and NPUs.

      • Arm’s v9 Architecture Explains Why Nvidia Needs To Buy It

        Many of us have been wracking our brains why Nvidia would spend a fortune – a whopping $40 billion – to acquire Arm Holdings, a chip architecture licensing company that generates on the order of $2 billion in sales – since the deal was rumored back in July 2020. As we sat and listened to the Arm Vision Day rollout of the Arm V9 architecture, which will define processors ranging from tiny embedded controllers in IoT device all the way up to massive CPUs in the datacenter, we may have figured it out.

      • Arm launches v9 architecture – Arm

        Today, Arm introduced the Arm€®v9 architecture in response to the global demand for ubiquitous specialized processing with increasingly capable security and artificial intelligence (AI). Armv9 is the first new Arm architecture in a decade, building on the success of Armv8 which today drives the best performance-per-watt everywhere computing happens.

      • Armv9: The Future of Specialized Compute

        One year ago, as Arm’s global workforce began adjusting to remote working, we knew that technology would be key to weathering the storm.

        Across the complex data-driven networks supporting all areas of the business world, we saw how technology enabled us to keep communicating and collaborating. The sudden switch to a digital-first life for Arm’s 7,000 people was almost seamless, and we were all able to keep pushing our design and engineering efforts without much interruption.

        Looking back, I’m hugely grateful for the resilience of our people, and our partners. Now, as we think about a return to working together face-to-face, we’re once again considering how technology can speed our path back to shared physical workspaces.

      • Arm Announces ARMv9 Architecture With SVE2

        ARMv9 is introducing the Arm Confidential Compute Architecture (CCA) for confidential computing with dynamically created "Realms", Scalable Vector Extensions 2 (SVE2) for greater machine learning performance and digital signal processing capabilities, and other improvements over ARMv8.

    • Health/Nutrition

      • Memorandum of Support for the New York Health Act (A6058/S5474) | Howie Hawkins for our Future

        The Green Party of Onondaga County supports the New York Health Act (A6058/S5474) because it will guarantee all medically necessary services to every resident, including vision, dental, hearing, reproductive health, drug treatment, mental health, and long-term care.

        The Green Party of Onondaga County currently has 1,045 enrolled members. Green candidates have received countywide votes of between about 5,000 and 10,000 in recent elections.

        Because the NY Health Act provides medical services through public provision and free to patients at the point of delivery, it removes the financial barriers to healthcare that make so many New Yorkers forgo health care in order to pay for rent, food, utilities, and other basic needs.

        The need for this kind of universal healthcare plan has been underscored over the last year by the covid pandemic, which has hit hardest among low-income people and low-wage workers in essential industries who are disproportionately Black, Latino, Indigenous, and Asian.

        The Green Party of Onondaga County urges the adoption of the NY Health Act as a public safety and public health measure as well as the most economically efficient way to deliver health care to all who need it.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

        • Security

          • Security updates for Tuesday

            Security updates have been issued by Debian (lxml), Fedora (openssl, pdfbox, rpm, and rubygem-kramdown), openSUSE (eclipse), Oracle (flatpak and openssl), Red Hat (curl, kernel, kpatch-patch, mariadb, nss-softokn, openssl, perl, and tomcat), and SUSE (firefox, ovmf, and tar).

          • Customers in the middle of security vs UX battle

            In 2019, the Internet Society found that two-thirds of people thought smart applications were “creepy” in the way they collect data, while a majority didn’t know how to make their devices more secure. There is a gap in people’s understanding around how security features within smart applications work and the extent of risk users may face. The importance of this has amplified with the shift to remote work and now, more than ever, it is vital that users feel comfortable with, and have knowledge of, the security features within the technology they are using.

            It is essential, therefore, that software providers offer secure platforms that can alleviate user concern. The challenge, however, is to ensure that this does not come at the expense of user experience (UX). We all understand how frustrating it can be entering multiple passwords and completing captcha questions, so while these features offer a more secure platform, multi-factor authentication security can compromise the experience of the end user. The challenge, therefore, is to find the happy compromise - where the operating system (OS) is both secure and easy to use.

          • Josh Bressers: It’s time to fix CVE

            The late, great, John Lewis is well known for a quote about getting into trouble.

            Never, ever be afraid to make some noise and get in good trouble, necessary trouble.

            It’s time to start some good trouble.

            Anyone who knows me, reads this blog, or follows me on Twitter, is well aware I have been a proponent of CVE Identifiers for a very long time. I once assigned CVE IDs to most open source security vulnerabilities. I’ve helped more than one company and project adopt CVE IDs for their advisories. I encourage anyone who will listen to adopt CVE IDs. I’ve even talked about it on the podcast many times.

            I also think it’s become clear that the generic term “CVE” and “Vulnerability” now have the same meaning. This is a convenient collision because the world needs a universal identifier for security issues. We don’t have to invent a new one. But it’s also important we don’t let our current universal identifier continue to fall behind.

            For the last few years I’ve been bothered by the CVE project as it stands under MITRE, but it took time figure out why. CVE IDs under MITRE have stalled out, in a time when we are seeing unprecedented growth in the cybersecurity space. If you aren’t growing but the world around you is, you are actually shrinking. The realty is CVE IDs should be more important than ever, but they’re just not. The number of CVE IDs isn’t growing, it’s been flat for the last few years. Security scanners and related vendors such as GitHub, Snyk, Whitesource, and Anchore are exploding in popularity and instead of being focused on CVE IDs, they’re all creating their own identifiers because getting CVE IDs often isn’t worth the trouble. As a consumer of this information, it’s unpleasant dealing with all these IDs. If nothing is done it’s likely CVE IDs won’t matter at all in a few years because they will be an inconsequential niche identifier. It’s again time for the Distributed Weakness Filing project to step in and help keep CVE IDs relevant.

          • What lies after LTS? Two years of Ubuntu 14.04 in ESM

            Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, from the standard, five years of an LTS release to a total of eight years, ending in April 2022. During the ESM phase we release security fixes for high and critical priority vulnerabilities for the most commonly used packages in the Ubuntu main and restricted archives. In this post, I would like to review and share our experience from the past two years of maintaining this release

            To date, in the lifecycle of Ubuntu 14.04 ESM we published 238 Ubuntu Security Notices (USN), covering 574 CVEs ranging from high-low in priority. The ensuing security updates, protected from vulnerabilities with impacts ranging from remote code execution and privilege escalation, to CPU hardware vulnerabilities. Our average time of resolving high-priority CVEs, was 14 days.

          • Six steps to managing SSH Key Sprawl in multi-cloud operations
    • Monopolies

      • Patents

        • Software Patents

          • Aprese patent challenged

            On March 26, 2021, Unified Patents filed an ex parte reexamination proceeding against U.S. Patent 9,207,924, owned by Aprese Systems Texas, LLC. The ‘924 patent relates generally to management of applications and/or services based on contextual information. It has been asserted against Toyota.

            View district court litigations by Aprese. Unified is represented by Cono Carrano and Ryan Stronczer of Akin Gump and by in-house counsel, Roshan Mansinghani and Michelle Aspen.



Recent Techrights' Posts

GNU/Linux Reaches All-Time High in Europe (at 6%)
many in Europe chose to explore something else, something freedom-respecting
Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
 
Technology: rights or responsibilities? - Part VIII
By Dr. Andy Farnell
Patents Against Energy Sources That Reduce Pollution
this EV space (not just charging) is a patent mine field and it has long been that way
DARPA’s Information Innovation Office, Howard Shrobe, Values Compartmentalisation But Loses the Opportunity to Promote GNU/Linux and BSDs
All in all, he misses an opportunity
Wayland is an Alternative to X
the alternative to X (as in Twitter) isn't social control media but something like IRC
BetaNews, Desperate for Clicks, is Pushing Donald Trump Spam Created by LLMs (Slop)
Big clap to Brian Fagioli for stuffing a "tech" site with Trump spam (not the first time he uses LLMs to do this)
[Meme] Social Control Media Bliss
"My tree is bigger than yours"
Links 24/11/2024: More IMF Bailouts and Net Client Freedom
Links for the day
Gemini Links 24/11/2024: Being a Student and Digital Downsizing
Links for the day
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024