Bonum Certa Men Certa

Links 1/6/2021: Linux Mint 20.2 Named ‘Uma’ and Updates for JingOS



  • GNU/Linux

    • Macs & MacOS: Greener Grass?

      Linux and Windows can be installed interchangeably on PCs, leading consumers to find what works best for them. The constant unknown about MacOS brings a certain appeal to it - like standing outside an exclusive club, wondering what’s inside.

      [...]

      By using a Mac, your efficiency is capped by your wallet and what Apple allows. If you like forced microbreaks and workflow (or audio) stutters, MacOS just might be for you.

    • Audiocasts/Shows

      • Linux Action News 191

        Our reaction to the new Freenode developments, and Audacity's latest shock to the community.

        Plus Pwned Passwords goes open source, the public release of Fuchsia, and Valve's rumored Linux handheld.

      • Late Night Linux – Episode 127

        A quick look at a powerful distro that deserves a lot more time, your feedback, and Graham finally tries out a Pinephone.

      • Using Htop To Monitor Your System

        Htop is an interactive system-monitor process-viewer and process-manager. It is designed as an alternative to the Unix program "top". Even though Htop is a very popular program, many users are unaware of the customization options available for it.

      • Destination Linux 228: Bo’s Hack Snack, Inkscape 1.1, Valve’s Handheld Steam Gaming & More

        This week’s episode of Destination Linux, we have everyones favorite hacker Bo on for his hack shack snack segment. Then we take a look at the recent updates with Inkscape and some rumors coming from Valve. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

      • Matrix Spaces Beta: The Discord Killer Feature

        Matrix has had it's communities feature for quite a while but since the beginning spaces were going to replace them and that day has finally come, they're still missing some of the features they need but they're already better then existing communities

    • Kernel Space

      • Graphics Stack

        • Experimental RADV Code Allows Vulkan Ray-Tracing On Older AMD GPUs - Phoronix

          AMD currently just supports Vulkan ray-tracing with their Radeon RX 6000 series graphics cards while now there is independent work being done on Mesa's unofficial Radeon Vulkan driver (RADV) to allow ray-tracing to work with older generations of GPUs like Vega and Polaris.

          Joshua Ashton who is known for his work on VKD3D-Proton, DXVK/D9VK, and related projects while working under contract for Valve has been experimenting with bringing RADV Vulkan ray-tracing to pre-RDNA2 GPUs.

          While RDNA2 GPUs offer hardware acceleration around BVH ray intersection tests, there isn't much more that is actually new silicon for ray-tracing with these latest consumer GPUs. But the ray intersection tests can also be handled as a SPIR-V shader for any GPU as well, so that is what Ashton has been experimenting with.

        • AMD Announces New Zen 3 Desktop APUs, FidelityFX Super Resolution + More - Phoronix

          Overall, a rather promising keynote for the virtual Computex Taipei event... Now to get our hands on the new hardware for delivering Linux benchmarks of these new wares.

    • Applications

      • Best Free and Open Source Software – April and May 2021 Updates

        For our entire collection, check out the categories below. This is the largest compilation of recommended software. The collection includes hundreds of articles, with comprehensive sections on internet, graphics, games, programming, science, office, utilities, and more. Almost all of the software is free and open source.

    • Instructionals/Technical

      • I've come to like date-based names for log rotation

        One of the divides in Linux distributions is how they set up logrotate, especially including how they have logrotate name the 'rotated' copies of logs. Ubuntu (and I assume Debian) use the traditional approach of numbered old log files, where the most recently rotated log file has a .0 suffix, the next most recent has a .1 suffix, and so on back to however many versions you want to keep. A while back, Red Hat Enterprise and thus Fedora switched to date-based naming, where the suffix is based on the day that the log was rolled and you get names like 'cron-20210530'.

      • Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments

        I don’t know what I did wrong, but I did manage to fix them up afterwards. I suspect that I still had zroot/usr mounted and did not notice.

      • LFCA: Learn the Basic Concepts of DevOps – Part 21

        DevOps has been a trending topic for quite a while now and has managed to draw the attention of technology professionals and enterprises alike. As a beginner, it can be challenging wrapping your head around the concept of DevOps, and in this topic, we will flesh out the basic concepts of this internet buzzword.

        To start off, DevOps is a portmanteau of two words: Development and Operations. It is a set of practices and tools that promote collaboration between development teams (Devs) and operations (Ops). The goal of DevOps is to streamline the software development lifecycle, minimize failure rates, scale up the frequency of deployments, and achieve high-quality software.

      • Pi IoT In C Using Linux Drivers - The SPI Driver
      • TSDgeos' blog: How i ended up fixing a "not a bug" in Qt Quick that made apostrophes not being rendered while reviewing an Okular patch

        But in Okular we don't use Qt Quick you'll say!

        Well, we actually use Qt Quick in the mobile interface of Okular, but you're right, this was not a patch for the mobile version, so "But in Okular we don't use Qt Quick!"

      • Puma graceful restarts

        How to configure Puma 5 application server for graceful restarts, and what is the difference between regular, hot, and phased restarts?

        Application restarts are necessary when things go wrong or whenever we need to push a new application version. But a regular restart isn’t usually anything more than stopping and starting the server again. To keep clients connected or even keep serving requests, we need a better strategy.

      • How to Check TLS/SSL Expiration Date Using OpenSSL

        TLS/SSL certificates are used for encrypting websites or web applications. They provide much-needed privacy and confidentiality to users who are interacting with the webserver via a browser or on command-line. Different SSL certificates have different validity periods with the maximum being 397 days ( 1 year, 1 month, and 2 days) from 1, September 2020. Let's Encrypt provides validity of up to 90 days.

      • How To Install OwnCloud on AlmaLinux 8

        In this tutorial, we will show you how to install OwnCloud on AlmaLinux 8. For those of you who didn’t know, ownCloud is an open-source, self-hosted file sync and shares app platform similar to Dropbox. It allows Access & syncing files, contacts, calendars & bookmarks across devices. You can access it via the good-looking and easy-to-use web interface or install the OwnCloud client on your Desktop or Laptop machine (supports Linux, Windows, and macOS).

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of OwnCloud on an AlmaLinux 8. You can follow the same instructions for Rocky Linux.

      • How to manage AWS IAM using aws-cli

        Managing IAM Users, Groups, and Roles from your terminal is easy and interesting, you just need to execute the commands to achieve the task. In this article, we will see the commands to create Users, Groups, and Roles. We will also see commands to attach and detach policies to the IAM user, group, and role we create. This guide will help you get started with managing IAM resources from the terminal.

        Before we proceed, it is assumed that you are familiar with IAM Users, Groups, Roles, Policies.

      • Introducing gpg-tui, a Terminal User Interface for GnuPG – orhun's blog – Some place on the internet.

        GnuPG is a well-known implementation of the OpenPGP standard which is been used for years in various communities and projects. It’s also known as “GPG”, which is the name of the command line tool that makes it easier to integrate with other applications. It is battle-tested over the years and has a wealth of frontend applications and libraries.

        My past with GnuPG is roughly the same with an ordinary developer who is into programming, open source, and related concepts. So I cannot say that I was using it for more than encryption/decryption/verification of files/emails and different types of authentication. It is a tool basically for securing the communication for me.

      • How to install Dijeweled Remastered on a Chromebook

        Today we are looking at how to install Dijeweled Remastered on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • How to setup PasswordLess SSH in Linux? (with Video tutorial) - LinuxTechLab

        This tutorial answers your question i.e. how to set up Passwordless SSH? SSH is a protocol to communicate a server with the client in an encrypted manner.

        It has replaced telnet protocol, which was not at all secure at all. Almost all the Linux system admins know about it because they use it to connect to Linux servers as the physical access to the server is very limited.

      • Setting up PyQT5 && Mariadb CRUD Application on Fedora Server 34
      • How to Make Gimp Look Like Photoshop

        You’d be surprised to discover what you can do with GIMP, the free photo editing program. This downloadable software can help you create spectacular photos by allowing you to edit tiny details, correct color, or simply change your picture’s background.

      • Using a declare command for arithmetic - Linux Concept

        Whenever we declare any variable, by default, this variable stores the string type of data. We cannot do arithmetic operations on them. We can declare a variable as an integer by using the declare command. Such variables are declared as integers; if we try to assign a string to them, then bash assigns 0 to these variables.

        Bash will report an error if we try to assign fractional values (floating points) to integer variables.

      • Using the let command for arithmetic
      • Understanding on <<;< operator in Linux shell
      • File handling in Linux - Linux Concept

        The exec command is very interesting. Whenever we run any command in a shell, a new subshell or process gets created, and the command runs in this newly created process. When we run any command as an argument to the exec command, exec will replace the current shell with the command to be executed. It does not create or spawn a new process to run the command.

      • Debugging Linux Shell Script - Linux Concept

        In the very old days of computer technology, the initial problems with computers were due to real insects. Due to this, fault finding was later called finding the bug. Therefore, the process of finding and fixing the problems in computers was called debugging.

      • Understanding on << operator in Linux shell
    • Games

      • Free and open source RTS 0 A.D. Alpha 25 to release in June with feature-freeze imminent

        Wildfire Games have given an update on the status of 0 A.D. Alpha 25, which they've now confirmed the Feature Freeze will begin on June 6 to focus on getting it release ready.

        We now know that on June 6 it will enter a Feature Freeze, meaning no more features will be pulled into the code and instead they will switch to bug fixing and optimization. Then on June 13 a "Commit and String Freeze" will happen, as they focus on getting out Release Candidate builds to move onto 0 A.D. Alpha 25 releasing at the earliest June 20, but it can be pushed to June 30 depending on bugs found during the RC phase.

      • Play OpenTTD with HD graphics

        It's been a few years since I wrote about OpenTTD in any great detail. But something magical happened a few weeks back. OpenTTD is now available through Steam, which makes it accessible to a huge number of gamers who might not necessarily discover it otherwise. But then, if you're a hardcore tycoonist, and at least 9,000 years old, then Transport Tycoon Deluxe is an inseparable part of your life and soul.

        The Steam announcement dropped me into my train-building mood, and I started playing it again. But standard OpenTTD doesn't look amazing on 2K and 4K monitors. So I went back to yet another something I've written about many years ago - 32bit high-def graphics for this lovely game. And I decided to revisit the topic, and see if I can get OpenTTD to look great in 2021. Hence, this article.

      • Valve is reportedly working on Linux-based handheld gaming PC [Ed: Seems like Microsoft propaganda sites panic a bit because Valve/Steam move towards "Linux as its base operating system"

        Beyond the aforementioned quote, the remaining details of "SteamPal" are a bit more nebulous at this point with mentions of a dockable position for the device via a USB Type-C port, Linux as its base operating system, multiple SKUs incorporating Intel and/or AMD chips as well a potential Switch-like MSRP of $299.

    • Desktop Environments/WMs

      • Xfce’s Apps Update for May 2021 Brings Improvements to Thunar, Mousepad, and More

        May has been a great month for Xfce, which is still one of the lightest, customizable, and modern desktop environments for Linux-based operating systems. The star of this month is the famous Thunar file manager, which received no less than three stable and two development releases.

        The stable releases bump the version number to 4.16.8 for the Xfce 4.16 series, bringing various bug fixes for crashes, regressions, or security issues, in an attempt to make Thunar more stable, secure and reliable. On the other hand, the two development releases introduced numerous new features and improvements that you’ll be enjoying as part of the upcoming Xfce 4.18 release.

    • Distributions

      • Screenshots/Screencasts

        • Makulu Linux Core 2021

          Today we are looking at Makulu Linux Core 2021. It uses Linux Kernel 5.8, based on Ubuntu 20.04 LTS, Gnome 3.36, and uses about 1.5GB of ram when idling. I am truly impressed!

        • Makulu Linux Core 2021 Run Through

          In this video, we look at Makulu Linux Core 2021.

      • IBM/Red Hat/Fedora

        • Virtuozzo Launches A Mature Linux Distribution VzLinux For The Public

          VzLinux Enterprise Distribution has been used as a basic operating system for Virtuozzo’s OpenVZ virtualization solutions and other commercial products for more than 20 years, and has been used as a guest operating system.

          The Linux distribution is maintained by the open source community, and network hosting service providers and other end customers who deploy the technology can directly enjoy a stable and long-term support system.

      • Debian Family

      • Canonical/Ubuntu Family

        • Ubuntu-based Linux Mint 20.2 named 'Uma'
          There are so many great Linux-based desktop operating systems nowadays. Actually, there are arguably too many Linux distros, but I digress. For instance, if you are an experienced Linux user, you can opt for something like Debian or Fedora, while novices are probably better served by Ubuntu or Linux Lite.

          One of the best operating systems for beginners and Windows-switchers, however, is Linux Mint. This is a no-nonsense Ubuntu-based Linux distro that looks good, is very stable, and ultimately "just works" for many users. All versions of the operating system are named after women, and today, we learn what the upcoming Linux Mint 20.2 will be called.

        • Monthly News – May 2021

          Before we start covering the news I’d like to thank our sponsors, partners and donors. Many thanks for your contributions and for your support. Many thanks also to all the people who help us in other ways with their ideas, their support and to all those who help our community with side projects or by spending time to help other users.

          [...]

          The upcoming version of Warpinator will feature the ability to select which network interface you want to use. If you are connected to multiple interfaces (Wireless + ethernet for instance) this allows you to select which network you want to share files on.

          A new optional compression setting will also be available. Once enabled on both machines, compression can make transfers up to 3 times faster.

        • Ubuntu Weekly Newsletter Issue 685

          Welcome to the Ubuntu Weekly Newsletter, Issue 685 for the week of May 23 – 29, 2021. The full version of this issue is available here.

    • Devices/Embedded

      • Updates for JingOS and Phosh, notes on PinePhone keyboard hacking

        Developers at Purism have released a new version of the Phosh user interface for Linux phones, bringing bug fixes, usability improvements, and several other changes to this phone shell used by multiple smartphone Linux distributions including some versions of postmarketOS (which recently celebrated its fourth birthday, by the way).

        Meanwhile, the folks at Jingling have released a new build of JingOS, their Linux distribution for tablets (and eventually smartphones). The developer of the most promising Linux kernel patches for the PinePhone has begun digging into the schematics and software for the upcoming PinePhone keyboard, and it looks like it’ll be a pretty hackable device.

        Here’s a roundup of recent mobile Linux news.

      • Linux iPad Clone JingOS Releases New Dev Snapshot

        A new development release of JingOS, the Linux-based tablet distro inspired by iPadOS, is available for testing.

        If you took the JingOS 0.8 release for a spin in April and you came away feeling like there was still a tonne of work to be done, you’ll be pleased to hear that, in this update, some of it has!

        But don’t get too excited.

      • Open Hardware/Modding

        • Arduino Web Editor: Using Arduino IDE Online

          In this tutorial, we will discuss the various steps of accessing Arduino IDE online using the Arduino Web Editor. It is a more advanced version of the desktop-based Arduino IDE. We will learn to transfer key programming activities to the cloud-based web editor. Additionally, we’ll expand these methods to connect our devices to the IoT cloud, and create dashboards for sharing.

        • A remote-controlled Arduino Nerf tank | Arduino Blog

          Makers love Nerf guns, but Nathan Li takes foam-based home security to a new level with his mini Nerf tank. Naturally there’s an Arduino Uno in there, powering the mobile dart launcher.

          [...]

          Li takes his tank through a series of batteries, all of which show impressive results. Accuracy is spot on, which isn’t easy with notoriously unreliable Nerf darts. A five-foot muzzle velocity test achieves a whopping 35MPH dart speed. The distance test sends foam projectiles an impressive 44 feet.

        • TapLock uses tinyML on Arduino to protect your bike from thieves | Arduino Blog

          Bike locks have not changed that much in the last few decades, even though our devices have gotten far smarter, so they seem in need of an update. Designed with this in mind, the TapLock is able to intelligently lock and unlock from either Bluetooth or taps on the enclosure. It uses a Nano 33 BLE Sense to detect tap patterns via an onboard accelerometer as well as BLE capabilities to communicate with the owner’s phone.

          Because taps are not necessarily directional, the TapLock’s creators took an average of each accelerometer axis and charted the time between the peaks. After collecting a large sample of data, they used Edge Impulse to process the data and then train a model with an accuracy of 96.4%. This allows the owner to have some wiggle room when trying to lock or unlock the bike.

        • How to Use Ultrasonic Sensor with Arduino Uno for LED Pattern - IoT Tech Trends

          The project includes the use of an Ultrasonic Sensor to control LED glow patterns using Arduino UNO R3. This is a single sensor-based application to demonstrate the processing and control power of Arduino. It also highlights the input-output (I/O) mechanism and its communication with the ATmega328P microcontroller.

      • Mobile Systems/Mobile Applications

    • Free, Libre, and Open Source Software

      • Here's how you can get all your day-to-day computing done with free software — GNU MediaGoblin
      • The business benefits of using an open-source cloud - TechCentral
      • Facebook Compression Algorithm Zstandard 1.5 Improves Performance [Ed: Facebook uses it to lower the cost of stealing, storing and selling your personal data. Then it's openwashing the whole lot, with help from LF.]

        Facebook open sourced Zstandard almost six years ago with the aim of outperforming Zlib in both speed and efficiency. Zstandard 1.5 improves compression speed at intermediate compression levels, compression ratio at higher levels, and brings faster decompression speed.

        Zstandard supports compression levels up to 22. Thanks to a new default match finder, Zstardard 1.5 reaches higher compression speed for levels between 5 and 12 and inputs larger than 256K. According to Facebook benchmarks, improvements range from +25% to +140% without significant loss in terms of compression ratio. Facebook claims even better results on heavily loaded machines under significant cache contention.

      • Web Browsers

        • Mozilla

          • Enable Fission tt(c) on more platforms

            Last week my coworker Andrew Halberstadt talked me through the process of configuring Firefox CI to run a given test suite with Fission enabled on additional platforms.

            I am working on a patch to do this for our telemetry integration tests which are set up with mozharness and use treeherder symbol tt(c). Since the process should be close to identical for similar test suites, I decided to summarize what I’ve learned in this post, so next time someone on my team wants to do this, we don’t need to bug Andrew again.

      • SaaS/Back End/Databases

        • WAL-G 1.0 released

          This time we decided to bump the number to 1.0 to switch to a common versioning pattern. WAL-G 1.0 is compatible with its versions v0.2.0+. Also, WAL-G 1.0 can restore WAL-E backups and WALs. Good news for non-PostgreSQL databases: WAL-G is now production-ready for MS SQL, MySQL databases, meanwhile the API can be changed in future releases. MongoDB and Redis support is in the beta stage.

        • PL/R 8.4.2 released

          The PL/R team is excited to announce the release of version 8.4.2

      • FSFE

      • Programming/Development

        • Perl/Raku

          • Perl / Unix One-liner Cage Match, Part 2

            In Part 1, I compared Perl’s regexp features with sed and Awk. In this concluding part, I’ll cover examples that make use of Perl’s extensive built-in features and third-party modules.

          • Rakudo Weekly News: 2021.22 Under The Bus

            So you’re a frequent visitor of this popular bar. Then one day, the management of the bar changes and most of the personnel decides to start working for another bar. Management of the bar then shuts out any remaining guests because the remaining guests where just talking about the new bar. Followed by the new management changing the locks on the doors so nobody can get in anymore.

            This in short is what happened in the Freenode to Libera.chat saga (/r/rakulang, SlashDot comments, TheRegister article). Since most of the move was already done before the new management of Freenode decided to make themselves impossible, this did not affect the Raku community much. But, as Patrick Spek writes on the mailing list, there are still a lot of references to Freenode in ecosystem module documentation, that would need to be updated. Please help module authors by providing a Pull Request for such an update, when you find such a reference!

  • Leftovers

    • Pouring half your coffee down the kitchen sink would still be cheaper than buying Keurig K-Cups. Would you like a felony with your coffee?

      About half the people I know have a Keurig in their house, even though these things are a disaster for the environment due to little plastic pods with aluminum lids, and coffee that isn’t even good (like Maxwell House) ends up costing over $40 per pound, even as you can buy it in two pound cans for less than $7.

      Some people say “I’m the only one in the house who drinks coffee and I don’t like the waste.”, but that doesn’t hold up financially or environmentally.

      Comparing Great Value Donut Shop in a can to the K-Cups, the result is you’re wasting $100 per person in your house per year that drinks coffee if you use K-Cups, assuming you just start your morning with it.

      [...]

      Some people figured out how to jury rig a bypass, which might be a felony under the DMCA, but that seems a bit extreme (and inconvenient, regardless).

      Boycott Keurig.

      Still other people, confronted with the ridiculousness of the Keurig system, go further, to compare it with buying coffee at Starbucks. Which is even dumber and more pointless.

    • Funniest thing I’ve seen all day. YourMechanic wants $127.64 to replace an engine air filter on a Chevy Impala.

      Out of all car repair and maintenance procedures, replacing an air filter is one of the easiest, if not the easiest, things to do.

      YourMechanic quoted me at $127.64 on a 2003 Chevy Impala. That’s $105.99 for labor and $19.95 for parts.

    • Hardware

      • Russell Coker: Some Ideas About Storage Reliability

        When people ask for advice about what storage to use they often get answers like “use brand X, it works well for me and brand Y had a heap of returns a few years ago”. I’m not convinced there is any difference between the small number of manufacturers that are still in business.

        One problem we face with reliability of computer systems is that the rate of change is significant, so every year there will be new technological developments to improve things and every company will take advantage of them. Storage devices are unique among computer parts for their requirement for long-term reliability. For most other parts in a computer system a fault that involves total failure is usually easy to fix and even a fault that causes unreliable operation usually won’t spread it’s damage too far before being noticed (except in corner cases like RAM corruption causing corrupted data on disk).

        Every year each manufacturer will bring out newer disks that are bigger, cheaper, faster, or all three. Those disks will be expected to remain in service for 3 years in most cases, and for consumer disks often 5 years or more. The manufacturers can’t test the new storage technology for even 3 years before releasing it so their ability to prove the reliability is limited. Maybe you could buy some 8TB disks now that were manufactured to the same design as used 3 years ago, but if you buy 12TB consumer grade disks, the 20TB+ data center disks, or any other device that is pushing the limits of new technology then you know that the manufacturer never tested it running for as long as you plan to run it. Generally the engineering is done well and they don’t have many problems in the field. Sometimes a new range of disks has a significant number of defects, but that doesn’t mean the next series of disks from the same manufacturer will have problems.

        The issues with SSDs are similar to the issues with hard drives but a little different. I’m not sure how much of the improvements in SSDs recently have been due to new technology and how much is due to new manufacturing processes. I had a bad experience with a nameless brand SSD a couple of years ago and now stick to the better known brands. So for SSDs I don’t expect a great quality difference between devices that have the names of major computer companies on them, but stuff that comes from China with the name of the discount web store stamped on it is always a risk.

        [...]

        I think that NVMe isn’t very different from other SSDs in terms of the actual storage. But the different interface gives some interesting possibilities for data loss. OS, filesystem, and motherboard bugs are all potential causes of data loss when using a newer technology.

        [...]

        Filesystems like BTRFS and ZFS are needed to cope with storage devices returning bad data and claiming it to be good, this is a very common failure mode.

    • Integrity/Availability

      • Proprietary

        • AWS Free Tier, where's your spending limit? 'I thought I deleted everything but I have been charged $200'

          Amazon Web Services has come under fire for lack of hard spending limits on accounts, after some users reported unexpected bills from what they thought were tutorial accounts.

          AWS does not have a freemium business model (unlike, say, GitHub or Dropbox), but it does have "free tier" services that cost nothing to use, within their constraints (which may be severe).

          The company provides these not out of generosity but to enable experimentation, presumably in the hope that this leads in due course to paying customers. There can be bill shocks though, as the company provides no built-in feature that caps spending to zero or even to a specified amount.

          The issue came up earlier this month when cloud architect Forrest Brazeal reported on Twitter about a student who attended a Sagemaker (the AWS machine learning toolkit) tutorial and was sent a $200 bill, saying "I thought I deleted everything but I have been charged $200."

        • Security

          • What Is AES Encryption, Examples of How the Advanced Encryption Standard Works

            If you’ve ever wondered about how things are kept secure on the Internet, especially considering that there are several malevolent agents that constantly attempt to break in data vaults, cryptography is one of the answers that best fits the question.

            As you may know, cryptography is merely one of the methods used to protect information and communications, but that doesn’t mean it’s simple by any means. In fact, it’s a technology that undergoes constant development to ensure that the standards it relies on are always top of the line.

            An example of such a standard is AES, an acronym that you probably encountered before, especially if you constantly use communications apps such as WhatsApp, Signal, or Telegram, or VPN software. In this article, we’re going to focus on AES and help you understand it better.

          • Security updates for Monday

            Security updates have been issued by Debian (hyperkitty, libxml2, nginx, openjdk-11-jre-dcevm, rxvt-unicode, samba, and webkit2gtk), Fedora (exiv2, java-1.8.0-openjdk-aarch32, mingw-python-pillow, opendmarc, php-symfony3, php-symfony4, python-pillow, runc, rust-cranelift-codegen-shared, rust-cranelift-entity, and rxvt-unicode), openSUSE (curl, hivex, libu2f-host, libX11, libxls, singularity, and upx), Oracle (dotnet3.1 and dotnet5.0), Red Hat (docker, glib2, and runc), and Ubuntu (lz4).

          • Chris Lamb: Free software activities in May 2021

            The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

          • What is a supply chain attack?

            CYBERSECURITY TRUISMS HAVE long been described in simple terms of trust: Beware email attachments from unfamiliar sources, and don't hand over credentials to a fraudulent website. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: What if the legitimate hardware and software that makes up your network has been compromised at the source?

          • Top 10 Cybersecurity Tools to Watch Out for in 2021

            Kali Linux is known as the most common and reputed cybersecurity tool. It is basically an operating system that contains at least 300 different tools for security auditing. The tool facilitates the organizations to scan their networks to detect all the vulnerabilities in the system. The primary benefit that Kali Linux provides is the various levels of cybersecurity knowledge. The tool is readily available for use.

          • Privacy/Surveillance

            • noyb aims to end “cookie banner terror” and issues more than 500 GDPR complaints

              By law, users must be given a clear yes/no option. As most banners do not comply with the requirements of the GDPR, noyb developed a software that recognizes various types of unlawful cookie banners and automatically generates complaints. Nevertheless, noyb will give companies a one-month grace period to comply with EU laws before filing the formal complaint. Over the course of a year, noyb will use this system to ensure compliance of up to 10,000 of the most visited websites in Europe. If successful, users should see simple and clear “yes or no” options on more and more websites in the upcoming months.

            • Instagram has reportedly shifted its algorithm to favor news content after complaints from staff about Palestinian censorship

              Instagram has reportedly made adjustments to its algorithm in favor of news and viral content after internal and external concerns that users were not able to see pro-Palestinian content that was being shared on the app.

              Two people with knowledge of the change told the Financial Times that Instagram has changed the way it prioritizes which Instagram Stories are shown first in users' feeds. Previously, the company prioritized original content in stories over stories that featured content that was shared or reposted from other users.

              The app will now rank both original and shared stories equally, sources told the Financial Times.

            • NSA spying row: Denmark helped US gather data on European officials, says report

              The Defence Intelligence Service (FE) collaborated with the US National Security Agency (NSA) to gather information, according to a report by Danish broadcaster Danmarks Radio.

              Intelligence was collected on other officials from Germany, France, Sweden and Norway, according to the report.

              Similar allegations emerged in 2013.

            • TechCabal Daily – Siri, can you hear me? [Ed: As if all that Africa needs is a bunch of Pentagon-connected listening devices (Apple is in NSA PRISM and maybe worse programs that haven't been leaked yet)]

              Africa is home to over 1000 languages.

              With a lot of technology being built to be accessible via vocal commands, African languages, accents, and speech patterns aren't exactly catered to by the current big-three voice assistants - Alexa, Siri, and Google Assistant.

              Well that sucks. Yes it does. But Common Voice could be a solution to this.

              What's Common Voice? It's a crowdsourcing project started by the Mozilla Foundation in 2017. The project invites Africans to donate their voices to a free and publicly available dataset that can be used to train voice-enabled software.

            • GDPR - 3 years later

              Three years passed from the moment the GDPR become binding law in the European Union. On the one hand, I’m happy that it has already been three years, but on the other hand, I’m impatient to see GDPR fully applied.

              Cookies

              Cookies are always a hot theme when we talk about GDPR. I still see websites handing out cookies (first and third parties ones) without a cookie banner or to users who have not pressed the “accept” button on the cookie banner. Also, speaking about cookie banners, the majority are not compliant since they often make it hard to refuse cookies or pre-select cookie acceptance. This situation is unfortunate, but we see some movement on this (like the noyb initiative). If those initiatives continue, as I hope, next year, the cookie situation will be much better!

              [...]

              Last year I predicted that both the number of fines and the average fine would have increased. Assuming the data from the GDPR Enforcement Tracker are correct, last year (01/06/2019-31/05/2020), we have seen 206 fines with an average fine of 275k€. This year (01/06/2020-31/05/2021), we see a total of 394 fines with an average fine of 444k€. This growth is very positive, even though the trend is not as positive. In fact, the year before (01/06/2018-31/05/2019), there were 48 fines with an average fine of 1m€. Comparing the data to the previous year, we can notice that in 2020 the number of fines more than quadrupled, while this year did not even double. Overall, I think those trends are reasonably good; even though more time passes, less acceptable becomes for companies not to comply with the GDPR.

    • Defence/Aggression

    • Environment

      • Overpopulation

        • China to allow couples to have up to three children to cope with aging society

          The news follows census data that showed China's working-age population shrank over the past decade while the number of people older than 65 rose, adding to strain on the economy and society. The growth is its slowest in decades, and could pose a major threat to China’s ambitious economic goals, experts have warned.

        • China allows couples to have three children: state media

          Despite government efforts to encourage childbirths, China's annual births have continued to plummet to a record low of 12 million in 2020, the National Bureau of Statistics said last month.

          China's fertility rate stands at 1.3 -- below the level needed to maintain a stable population, the bureau revealed.

    • Finance

    • Censorship/Free Speech

      • Facebook, Instagram and WhatsApp face Middle East Crisis

        Facebook, Instagram and WhatsApp are facing a reputational crisis after losing a battle against the Israeli government and their own moderation software.

        Western social media is seeing plummeting approval rates and advertising sales in Arab countries, according to leaked documents obtained by NBC News because its complaints system is being used by the Israelis to silence Palestinian voices.

        The social media company regularly polls users of Facebook and Instagram about how much they believe the company cares about them. Facebook converts the results into a 'Cares About Users' metric which acts as a bellwether for the apps' popularity. Since the start of the latest Israel-Hamas conflict, the metric among Instagram users in Facebook's Middle East and North Africa region is at its lowest in history, and fell almost five percentage points in a week, according to the research. Instagram's score measuring whether users think the app is good for the world, referred to as 'Good For World,' has also dropped in the region to its lowest level after losing more than five percentage points in a week.

      • Facebook’s AI treats Palestinian activists like it treats American Black activists. It blocks them.
    • Freedom of Information/Freedom of the Press

      • Sanoma asks EU to limit Yle Areena content

        Finland's largest commercial media company Sanoma has asked the EU's competition authorities to clarify Yle's right to publish content on the Yle Areena streaming platform, as well as the company's ability to publish educational content.

        This follows a previous complaint by Medialiitto, lobbyist for privately-owned media companies, that sought to limit Yle's right to publish written content online.

      • Journalists, rights bodies condemn move to take TV anchor Hamid Mir 'off air'

        Mir told BBC Urdu he had been informed by the Geo News management that he would "not go on air on Monday" to host his five-days-a-week show Capital Talk.

        Although there was no official comment from Geo News, sources from the channel's management confirmed to Dawn.com that Mir has been sent on forced leave for some time.

        The TV channel's administration had earlier confirmed the same to BBC Urdu, which quoted officials as saying that Mir would not host his talk show from Monday (today) and that "he has been sent on leave for some time".

    • Civil Rights/Policing

      • 'They were killing all the Black people': This 107-year-old still remembers Tulsa massacre

        Today marks 100 years since the massacre that upended the community in its original flourishing form. A month of events, including a reconciliation symposium and unveiling of the Greenwood Art Project, will culminate at 10:30 p.m. tonight with a candlelight vigil marking the moment the first gunshot rang out. President Joe Biden is expected to visit on June 1.

        By 1921, Greenwood was a cultural inspiration representing Black prosperity, economic achievement and progress.

      • “Exterminate All the Brutes”: Filmmaker Raoul Peck Explores Colonialism & Origins of White Supremacy

        A new four-part documentary series, “Exterminate All the Brutes,” delves deeply into the legacy of European colonialism from the Americas to Africa. It has been described as an unflinching narrative of genocide and exploitation, beginning with the colonizing of Indigenous land that is now called the United States. The documentary series seeks to counter “the type of lies, the type of propaganda, the type of abuse, that we have been subject to all of these years,” says director and Haitian-born filmmaker Raoul Peck. “We have the means to tell the real story, and that’s exactly what I decided to do,” Peck says. “Everything is on the table, has been on the table for a long time, except that it was in little bits everywhere. … We lost the wider perspective.”

      • Illinois passes bill to stop the police from lying, but only to minors.

        According to Fox32 Chicago, the police in Illinois will be banned from lying to anyone under 18.

        While this is a landmark bill, Illinois becoming the first state to ban the police from lying to anyone, they can still lie to adults, and they will.

        They might not even stop lying to minors, because the police aren’t very used to being punished even when they have clearly broken a law.

    • Monopolies

      • Patents

        • Covid-19 vaccines have spawned nine new billionaires: campaign group [Ed: COVID-19 patents as a mere mass passage of wealth, not a boon to life-saving at all]

          Profits from Covid-19 jabs have helped at least nine people become billionaires, a campaign group said Thursday, calling for an end to pharmaceutical corporations’ “monopoly control” on vaccine technology. “Between them, the nine new billionaires have a combined net wealth of $19.3 billion (15.8 billion euros), enough to fully vaccinate all people in low-income countries 1.3 times,” The People’s Vaccine Alliance said in a statement. The alliance, a network of organizations and activists campaigning for an end to property rights and patents for inoculations, said its figures were based on the Forbes Rich List data. “These billionaires are the human face of the huge profits many pharmaceutical corporations are making from the monopoly they hold on these vaccines,” said Anna Marriott from charity Oxfam, which is part of the alliance.

        • Migration and innovation [Ed: Conflating patents with innovation. Who wrote this? "His major research interests are patents, STEM skills and regional development." Also: "His major research interests are patents, disruptive technologies and migration."]

          The bad news for Germany’s sophisticated economy is innovation by indigenous Germans is declining. The good news is migrants are more than compensating.

        • Global Patent Officials Must Decide Whether AI Can Be An Inventor For Purposes Of Patent Protection [Ed: Can we please stop calling every computer program "HEY HI" and explain that computer-generated patents challenge the premise that patents are on human inventions rather than some monopoly justified post hoc?]

          Artificial intelligence is being used more and more to develop new inventions without human aid. But as AI capabilities increase at a rapid pace, patent offices around the world face a crucial question: can AI be an inventor for purposes of patent protection?

          The Artificial Inventor Project (AIP) – which describes itself as a group dedicated to "seeking intellectual property rights for the autonomous output of artificial intelligence" – recently put this question to the test in various patent offices, including the U.S. Patent and Trademark Office (USPTO), the European Patent Office (EPO) and the United Kingdom Intellectual Property Office (UKIPO).

          On July 29, 2019, the AIP filed patent applications naming the "Device for the Autonomous Bootstrapping of Unified Sentience" (DABUS) AI system as the sole inventor. Specifically, the DABUS application listed the inventor's given name as "[DABUS]" and the family name as "Invention generated by artificial intelligence." DABUS is a patented AI system created by Dr. Stephen Thaler. The DABUS application listed Dr. Thaler as the Applicant-Assignee. To meet the Oath/Declaration requirement of the USPTO, Dr. Thaler submitted a Substitute Statement in Lieu of an Oath or Declaration. Dr. Thaler also submitted a Statement under 37 CFR 3.73(c) identifying himself as the assignee of the entire right, title and interest in the application, and executed an assignment on behalf of both DABUS (as the assignor) and himself (as the assignee) to assign the entire right, title and interest in the invention to himself.

        • Race to the bottom continues in standard-essential patent enforcement: Dusseldorf court hits new low by holding refusal of pool license against implementer

          Access to injunctive relief is the primary reason for which 50% of the respondents to a survey published by IAM consider it the most attractive jurisdiction in the world to bring patent infringement complaints (I pointed to that story in my previous post, in which I also discussed the state of affairs in the German patent reform process, which may have hit an impasse shortly before the end of the legislative term).

          The three major German patent litigation venues--from north to south--are Dusseldorf, Mannheim, and Munich. The 4b Civil Chamber of the Dusseldorf Regional Court (Presiding Judge: Dr. Daniel Voss ("Voß" in German)) has now handed down its decisions in three parallel standard-essential patent (SEP) infringement cases. There's a lot in there that will likely appeal to SEP holders to a greater extent than anything else that has come out of that court in several years.

          The decision hasn't been published yet, but this summary by two Bardehle Pagenberg attorneys is highly informative. It explains how the Dusseldorf court's 4b Civil Chamber applies the guidance the Federal Court of Justice provided in its two Sisvel v. Haier rulings. The major German patent litigation venues used to interpret the ECJ's Huawei v. ZTE

        • BASF sues Carpmaels for damages over missed appeal deadline

          Multinational company BASF alleges that mixed UK patent firm Carpmaels & Ransford “committed professional malpractice when it failed to file on time an appeal of the EPO Opposition Division’s decision regarding BASF patent, EP 1 663 458.” The patent covers an emission treatment system and method using an SCR filter.

          According to BASF, the so-called SCR on Filter (SCRoF) technology controls nitrogen oxides and particulate matter or soot emissions from diesel engines in cars. The chemicals company claims that Carpmaels & Ransford’s negligence caused “substantial injury” to its business in relation to the SCRoF technology.

          High values are at stake. However, the claimant did not confirm media reports claiming that damages of more than one billion euros hang in the balance. Rukhsanah Singh, senior counsel litigation at BASF, told JUVE Patent, “The calculation of BASF’s damages is based on confidential and sensitive information that BASF cannot share at this time.”

          But diesel emission standards compliance technology is an industry with huge economic potential. Thus, the two parties are playing hardball at the High Court in London. In several oral hearings over three weeks, the court heard a total of 23 witnesses. This includes current and former BASF employees, technical experts and independent patent litigation specialists from the UK, Germany and France (case ID: BL-2018-001464).

          [...]

          While, even after the public trial, BASF remains tight lipped over financial details, a report by Managing IP cited claimed damages of around one billion dollars. However, defendants Carpmaels dismissed this amount as excessive. This is, says Carpmaels, because the patent was not based on the value of the individual EP 458, but rather on the entire industry value.

          Carpmaels’ closing submission states, “BASF were not in any event in a position to service the entire SCRoF market.”

          Furthermore, Carpmaels’ closing statement claims that “the claim by BASF that Carpmaels & Ransford owed duties to the entire BASF Group is unsustainable”. The firm gives the reason that, “BASF Group is a vast collection of different companies around the globe, many of which have nothing whatsoever to do with catalysts, let alone the prosecution of BASF Corps’ European patents.”

          According to Carpmaels, the witness’ evidence about pricing and the impact of licences was “pure speculation.”

        • Decommissioning of online filing (CMS) with effect from 1 January 2022 [Ed: "No, there is no fee reduction for filing DOCX documents. [unlike USPTO] The (further) reduction of the filing fee (and some other fees) for DOCX filing has been abolished. For more information about this, see the EPO Official Journal, e.g. OJ EPO 2019, A6. [...] The DOCX document will be converted by the EPO into a PDF and this is what the examiner will then see." More here.]

          The EPO's existing web-based online filing service (also known as CMS) will be decommissioned with effect from 1 January 2022. It will be replaced by the EPO's new web-based filing service Online Filing 2.0, which was launched on 1 April 2021. The eOLF and web-form filing services are not affected by this announcement.

          Online Filing 2.0 incorporates and improves the features of CMS, covers all procedures before the EPO, including procedures before the Boards of Appeal, and offers a more user-friendly interface.

          CMS will continue to run in parallel to Online Filing 2.0 during a transitional period expiring on 31 December 2021, after which CMS will cease to be available.

        • Software Patents

      • Copyrights

        • Watch Tower & BMG Quietly Settle Christmas Album Copyright Lawsuit

          Last December music publisher BMG found itself at the center of a major copyright dispute after offending the entire Jehovah's Witness religion. According to the lawsuit, BMG illegally used a song owned by the group in a for-profit Christmas album, featuring songs from other faiths, which were set to be sung in cathedrals. Five months later, the warring parties have agreed to stand down.

        • The Pirate Bay Remains Resilient, 15 Years After The Raid

          Fifteen years ago today The Pirate Bay was raided by dozens of Swedish police officers. The entertainment industries hoped that this would permanently shut down the site, but that was not the case. Instead, the police action inadvertently helped to create one of the most resilient and iconic websites on the Internet.

        • DMCA Notice Targets TorrentFreak, Netflix, and Reddit's Wikipedia Pages

          Adult entertainment company The Score Group has asked Google to remove dozens of Wikipedia entries from its search results. Some of these pages document the history of popular pirate sites. However, the DMCA notice also targets Wikipedia's own Wikipedia entry, as well as those of TorrentFreak, Netflix, Reddit, The Gutenberg Project, and many others.



Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024