Coming with the Linux 5.16 kernel cycle will be support for RISC-V virtualization with the Kernel-based Virtual Machine (KVM).
The RISC-V ISA recently settled on its hypervisor extension and its spec is now considered frozen. The hypervisor extension to the RISC-V instruction set is outlined here. Given that it's taken a while to freeze, there isn't yet any performant RISC-V processors out there actually implementing the complete extension and so for now and during development it's been a function of running it on simulators.
Some of the previous posts in this series have been said to be quite difficult, so I figured I owed you all an easy one. And the zombie-pointer problem really does have a trivial solution, at least in the context of the Linux kernel. In other environments, all bets are off.
Rust concurrency makes heavy use of ownership and borrowing. The purpose of this post is not to give an exposition of Rust's capabilities and limitations in this area, but rather to give a series of examples of ownership in the Linux kernel.
The first example involves Linux-kernel per-CPU variables. In some cases, such variables are protected by per-CPU locks, for example, a number of fields in the per-CPU rcu_data structure are used by the kernel threads that manage grace periods for offloaded callbacks, and these fields are protected by the ->nocb_gp_lock field in the same instance of that same structure. In other cases, access to a given per-CPU variable is permitted only by the corresponding CPU, and even then only if that CPU has disabled preemption. For example, the per-CPU rcu_data structure's ->ticks_this_gp field may be updated only from the corresponding CPU, and only when preemption is disabled. In the particular case, preemption is disabled as a side-effect of having disabled interrupts.
The second example builds on the first. In kernels built with CONFIG_RCU_NOCB_CPU=n, the per-CPU rcu_data structure's ->cblist field may be updated from the corresponding CPU, and only when preemption is disabled. However, it is also allowed from some other CPU when the corresponding CPU has been taken offline, but only from within that other CPU that is orchestrating the offlining of the corresponding CPU.
(What about kernels built with CONFIG_RCU_NOCB_CPU=y? They must also acquire a ->nocb_lock that is also contained within the per-CPU rcu_data structure.)
As reported on last week, an updated Zstd implementation for the Linux kernel is being re-attempted by Zstd developer Nick Terrell at Facebook. Today he sent out the latest Zstd kernel patches to provide a much newer version of the code compared to what is currently mainlined and will provide much better performance and numerous fixes.
The Zstd code currently within the Linux kernel is out-of-date and it's taken an unfortunate amount of time to get it updated. Fortunately, the new code is introducing a new kernels-style wrapper API around Zstd that should allow for these code updates to be performed smoother and more easily moving forward. In fact, the Zstd kernel code is working towards being automatically generated/derived from the upstream Zstd sources.
Merged to Mesa 21.3-devel this weekend was a rework to the display list interface for the Gallium3D code and Mesa state tracker and wired up for the RadeonSI Gallium3D driver. This latest driver overhead reduction is another sizable win for AMD's open-source OpenGL driver on Linux.
While these days most Linux games exclusively target the Vulkan API and efforts around Valve's Steam Play are focused on mapping Direct3D to Vulkan, OpenGL still has a large presence particularly for workstation software. Over the past year we've seen AMD's driver engineers continue to focus on many RadeonSI optimizations to benefit workstation workloads, in particular using SPECViewPerf as the baseline and often focusing on Siemens NX (Snx).
Vulkan 1.2.195 is out today as the latest weekly update to this high performance, industry standard API for graphics and compute.
With Vulkan 1.2.195 there is the usual assortment of documentation clarifications/corrections plus this time around are three new extensions. The new extensions in Vulkan 1.2.195 include:
anastasis-0.1.0 bison-3.8.2 Coreutils-9.0 gama-2.15 gdb-11.1 gdbm-1.21 gnun-1.1 gzip-1.11 inetutils-2.2 mediagoblin-0.12.0 parallel-20210922 taler-exchange-0.8.5 unifont-14.0.01 wget-1.21.2 wget2-2.0.0
Yesterday there was a big Facebook outage caused by BGP. I’ve been vaguely interested in learning more about BGP for a long time, so I was reading a couple of articles.
I got frustrated because none of the articles showed me how I could actually look up information related to BGP on my computer, so I wrote a tweet asking for tools.
I got a bunch of useful replies as always, so this blog post shows some tools you can use to look up BGP information. There might be an above average number of things wrong in this post because I don’t understand BGP that well.
The graphical auto shutdown app KShutdown released version 5.90 with feature to reboot from Linux into another OS automatically.
KShutdown is a free open-source app that provides a simple Qt based user interface. It allows users to automatically shutdown, restart, hibernate, sleep, log-out, or run a command on certain time, after a period of time, on user inactivity or other event.
The app is getting more and more powerful. The latest 5.90, beta for next 6.0 release, introduced experimental multi-booting support. User can now automatically reboot from Linux into another OS, such as Windows, from Grub menu entries.
Elgg is an award-winning open source social networking engine that provides a robust framework on which to build all kinds of social environments, from a campus wide social network for your university, school or college or an internal collaborative platform for your organization through to a brand-building communications tool for your company and its clients.
So, a few days ago, I wrote that I was perplexed to find Apt screaming that I must have a web browser installed (even if it’s not the one I want), and today I think I figured out why.
It turns out that Debian installs all the things when it comes to internationalization, non-English spell checking, non-English Firefox internationalization DEB packages, and LibreOffice help packs, and then you end up in dependency hell due to that sometimes.
The top command in Linux gives useful statistics about system resources. We can use it to view CPU and memory usage alongside process information of running services. You can also find zombie processes using top. So, mastering the top command is a must for Linux admins.
The following section provides a simple overview of the top command and shows how to use top in real-world scenarios.
In this tutorial, we will show you how to install Discord on Debian 11. For those of you who didn’t know, Discord is the easiest way to talk over voice, video, and text. It was originally intended for gamers but these days, it is considered a Slack alternative even for team and community communication. Discord runs natively on all major operating systems, including Windows, macOS, and Linux.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Discord on a Debian 11 (Bullseye).
In a previous BASHing data post I explained how to normalise entries in a field based on the entry in another field. The same command-line method can be used to repair entries based on entries in several other fields in the same record. An example will make it a lot easier to see what this is all about and why this method is so useful.
In a Linux operating system environment, a process is defined as a program in execution or one that is already running. A program only becomes a process when it starts running/executing. This program execution trail that translates to a process is associated with inputs and outputs.
Available system resources/services are often utilized by the processes as mandatory inputs to achieve a targeted system objective (output). A PID or Process ID uniquely identifies each process on your operating system.
This tutorial will be helpful for beginners to download and install Firefox browser 93 in Ubuntu 20.04, Ubuntu 18.04, Linux Mint 20.1, and RockyLinux.
Mozilla Firefox is a free and open-source web browser developed by the Mozilla foundation and generally utilized by thousands and thousands of individuals in their daily actions.
Arrays are a type of data structure that is used to store values of a certain type. You can also think array as a variable but a variable can only store one value where an array can store multiple values within it. The concept of the array is not only bound to bash. Any programming language you work with will have arrays in it but with implementation differences.
This morning I was deploying one of the site on our network to Netlify using the usual command:
netlify deploy --prod But after the CDN diffing files I got the following error message
RangeError: Maximum call stack size exceeded
This simple tutorial explains how to search files and folders on Ubuntu. This uses Files, the default file manager on Ubuntu also known as Nautilus.
Another fresh month has landed with a cool breeze and Humble Bundle have their next set of curated games available in their Humble Choice subscription.
Across various previous articles we've looked at how many games are supported on Linux and how many Windows games work with Steam Play Proton, so let's take a look at the current top 100.
Linus and Luke from Linus Tech Tips announcend they were going to be doing a Linux gaming challenge and I for one think this is a really big chance to show off what gaming on linux is actually like to millions of people who have no idea.
As the days passes and the team and contributors work hard to deliver Godot 4.x and Godot 3.4, we want to shine a light on the amazing projects that are made using Godot.
Our project manager Rémi already collected all of them in a Twitter thread. The list of games is reproduced below.
There’s still time for GNOME 42, but it looks like it will implement a system-wide dark mode preference similar to elementary OS 6.
If you have been reading our coverages, you must have noticed mentioning it as one of the best elementary OS 6 features.
And for all the right reasons. Unlike a GTK theme change, elementary OS 6 approached the dark style preference as an opt-in preference that application developers can detect and choose to respect.
In this article, we’ll look at four Linux distros that help to keep you anonymous on the Web. The Linux operating system offers a lot of privacy options, and it’s arguably the best OS to use if online security and privacy is important to you.
We’re back with your monthly report on updates to elementary OS 6! It was another incredibly eventful month as we continued fixing reported issues and focused in especially on improvements to AppCenter and Online Accounts apps like Mail. But before we get to all the goodies, we’re proud to report that OS 6 has been downloaded from our website over 137,000 times—and as always, that’s not including downloads from third parties or direct downloads via torrent that bypass our download page.
With Qubes OS now fully supported on the Librem 14 and Librem Mini, we thought it was time for a rundown of how containerization in Qubes OS makes it perhaps the most secure software design to date. Your data can be kept safe and locked away from most dangers by being in a separate VM. This video will show you how Qubes OS can bring extra security to your Librem 14 or Mini.
[...]
Want to learn more? Check out what Kyle Rankin has to say on the subject or dig into the docs. Want Qubes OS? Select it at checkout when you buy a Librem 14, Mini or download the Librem 14 OEM installer here.
Coming exactly one month after the second beta release, MX Linux 21 Release Candidate is here with some small changes, numerous bug fixes and updated translations, as well as updated components and latest security patches from the Debian GNU/Linux 11 “Bullseye” software repositories.
MX Linux 21 Release Candidate adds “thick” variants of the xfwm4 mx-comfort themes in the Xfce flagship edition, and adds new mx-comfort color schemes as part of the MX global themes to the KDE Plasma edition, which also received various improvements to the default settings.
Significant structural changes, hence the version bump. Don't want this to be announced on Distrowatch, as there could be issues. Hope to fix them, if any, for version 3.1. Also want to do a new desktop theme for 3.1.
EasyOS was created in 2017, derived from Quirky Linux, which in turn was derived from Puppy Linux in 2013. Easy is built in woofQ, which takes as input binary packages from any distribution, and uses them on top of the unique EasyOS infrastructure. Throughout 2020, the official release for x86_64 PCs was the Buster-series, built with Debian 10.x Buster DEBs. EasyOS has also been built with packages compiled from source, using a fork of OpenEmbedded (OE). Currently, the Dunfell release of OE has been used, to compile two sets of binary packages, for x86_64 and aarch64. The latter have been used to build EasyOS for the Raspberry Pi4, and first official release, 2.6.1, was in January 2021. The page that you are reading now has the release notes for EasyOS Dunfell-series on x86_64 PCs, also debuting in 2021. To try and keep things simple, all three, the Dunfell-series on Pi4 and the Dunfell-series and Buster-series on the PC, all are (approximately) sync'ed at the same version number. However, there are differences in the maturity of each. In the case of the Pi4, the hardware still has some issues. For Dunfell-series on the PC, as the packages are all compiled from source, they are not as tested as those in the Buster-series. The version number is for EasyOS itself, the infrastructure, support-glue, system scripts and system management and configuration applications. The latest version is becoming mature, though is an experimental distribution and some parts are under development and are still considered as beta-quality. However, you will find this distro to be a very pleasant surprise, or so we hope.
Version 13.0.0 of the LLVM compiler suite is out. There is a long list of changes, as always; see the numerous sets of release notes below for details.
LLVM 13.0.0 is now available! Download it now, or read the release notes:
https://releases.llvm.org/13.0.0/docs/ReleaseNotes.html https://releases.llvm.org/13.0.0/tools/clang/docs/Release... https://releases.llvm.org/13.0.0/tools/clang/tools/extra/... https://releases.llvm.org/13.0.0/tools/flang/docs/Release... https://releases.llvm.org/13.0.0/tools/lld/docs/ReleaseNo... https://releases.llvm.org/13.0.0/tools/polly/docs/Release... https://releases.llvm.org/13.0.0/projects/libcxx/docs/Rel...
Binaries and sources for 13.0.0 can be found on GitHub: https://github.com/llvm/llvm-project/releases/tag/llvmorg...
LLVM 13.0.0 would not be possible without the help of our volunteer release team! Thanks to all the release testers:
Michaà â Górny, Bernhard Rosenkraenzer, Hans Wennborg, Albion Fung, Brian Cain, Dimitry Andric, Tobias Hieta, Diana Picus, Sylvestre Ledru
Also, a big thanks to everyone else who helped identify critical bugs, track down bug-fixes, and resolve merge conflicts.
If you have questions or comments about this release, please contact the LLVMdev mailing list!
-Tom
The following kernels are available for PCLinuxOS. Kernel 5.4.150. Kernel 5.10.70 and Kernel 5.14.9.
The Chromium Browser has been updated to version 94.0.4606.71 and shipped to the software repository.
The Firefox browser has been updated to 93.0 and shipped to the software repository for PCLinuxOS.
Brave Browser has been updated to 1.30.87 and shipped to the software repository.
Perhaps your organization is already experimenting with DevOps tools or considering how to move towards DevOps. Maybe you're still relying on ad hoc processes. Then suddenly your C-suite or auditors raise the need to standardize on a secure and agile development process. Enter DevSecOps.
To mitigate the challenges that come with DevSecOps adoption, you'll need to make it a team effort. Here's what you need to do.
Last month, Open Organization community members took to the airwaves (or maybe the fiber optics?) to discuss some of the ways open principles are changing how we work, manage, and lead. Here's what we shared on OpenOrgTV.
Accessing and operating on data is one of the most time-consuming aspects of computing. Developers can improve efficiency by looking for ways to avoid the overhead required by standard file operations. To illustrate the possibilities, I will report on a couple of interesting cases where I designed cloud-scale services that dynamically construct files for users to consume.
The first application was an incremental backup and restore application, and the second was part of a new OpenShift installation service that creates personalized ISO files of Red Hat Enterprise Linux CoreOS (RHEL CoreOS). Both applications went through similar iterations, starting with a naive implementation and gradually improving its efficiency. I will focus on the ISO design first and briefly discuss the backup and restore application at the end.
Programmers often debug software by adding print statements to source code. Knowing that a certain point in the program has been reached can be immensely helpful. It's also useful to print values of variables at various points during program execution. An obvious drawback of this technique is the need to change source code, both to add the print statements and later to remove or disable them after the bug has been fixed. Adding new code can potentially introduce new bugs, and if you've added many print statements, you might forget to remove some of them when cleaning up after debugging.
You can use the popular GNU Project Debugger (GDB) to perform the same style of debugging for various programming languages, especially C and C++, without changing source files. This article is the first of a series describing how to use GDB to add print statements to your C and C++ code. We'll start with some basics and move through more advanced ways to call program-defined functions that display data.
The climate crisis has become one of the most pressing issues of our time, so critical the United Nations’ Secretary-General labeled it as “code red for humanity” in response to a recent report by the Intergovernmental Panel on Climate Change. With the report predicting dramatically rising temperatures and sea levels, and more frequent drought and fire weather over the next 20 years, change and collaboration are needed to make both an immediate and lasting difference.
Because of this urgency and consistent with IBM’s long commitment to environmental leadership, this year’s Call for Code Global Challenge invited the world’s software developers and innovators to come together to combat climate change with open source-powered technology. In particular, participants were asked to address the UN Sustainable Development Goals 2 (Zero Hunger), 6 (Clean Water and Sanitation), and 12 (Responsible Consumption and Production), and through them help to halt and reverse the impact of climate change.
After months of work by teams around the world and much deliberation by our distinguished judges, we’re excited to announce the regional finalists for the global competition. Our judges have identified the top solutions from Asia Pacific; Europe; Greater China; India; Latin America; the Middle East and Africa; and, North America. Congratulations to these teams, and thank you all for your time, dedication, and ingenuity!
That’s as true in working situations as it is in our personal lives. When you’re talking about relationships within a hybrid work team, with some employees working remotely and others in the office, maintaining good relations can be even trickier.
“When everyone isn’t in the same room, or office for that matter, it can be easier for communication to break down,” says Dr. Sunni Lampasso, executive coach and founder of Shaping Success. “Hence, having a mixture of in-office and remote workers can create increased miscommunication and conflict avoidance opportunities.”
Each month, through our partnership with Harvard Business Review, we refresh our resource library with five new HBR articles we believe CIOs and IT leaders will value highly. Check out the curated pieces below, available to readers through the end of the month.
It can be a challenging and time-consuming process to determine the root cause of a security incident. Because of this, Red Hat introduced the ability to record terminal sessions in Red Hat Enterprise Linux (RHEL) 8.
This functionality, called session recordings, allows you to audit what users have done from the terminal. Recordings can be easily viewed from the command line or from the web console, and not only can you increase their playback speed, but also search for keywords and jump easily to relevant portions of the recording.
The session recording functionality is provided by the tlog package.
If you would like to implement session recording across your environment, you can either implement it manually or use the tlog RHEL System Role to automate its installation and configuration across your RHEL environment.
In the United States and around the globe, businesses and organizations have experienced a number of high-profile and costly security attacks over the past few years. And the sobering truth is, the attacks are not going to stop.
According to Forrester’s report--"The State of Application Security 2021"--30% of external breaches were caused by software vulnerabilities. But as SolarWinds showed, not only are your internal operations disrupted by a breach, but your customers’ lives can be severely disrupted as a result. Even entire supply chains.
Which is why our collective work on security is so important right now.
We are pleased to announce that Red Hat's head of Application Services engineering, Mark Little, Ph.D., has been named a Fellow of the Royal Academy of Engineering, the U.K.’s national academy of engineering.
Fellowship with the Academy is an honor given to individuals in the U.K. whose work has helped to advance and enrich the field of engineering through research, policy formation, education and entrepreneurship. According to the Academy, these individuals serve as innovation leaders and inspiring role models with remarkable achievements in business or academia.
Mark has earned the respect of colleagues throughout the technology industry, not only as a brilliant technologist, but also as a visionary leader. Over the course of his career, he has received 100 patents, published 60 papers, and co-authored four books. As vice president of Engineering at Red Hat, he has been involved in numerous initiatives, driving the technology strategy for a broad portfolio of software tools used by enterprise organizations to create, integrate and automate critical business applications.
Welcome to the Ubuntu Weekly Newsletter, Issue 703 for the week of September 26 – October 2, 2021.
Canonical continues advancing their Wayland-based Mir stack for embedded and IoT use-cases. Out today is Mir 2.5 with the latest features as they work to provide better support for on-screen keyboards.
Mir 2.5 adds support for the zwp_virtual_keyboard_v1 to allow more Wayland on-screen keyboards to work with Mir. The Squeekboard keyboard is also benefiting from this release with zwp_text_input_v3 and zwp_input_method_v2 also now supported. With these additions more on-screen keyboards should work with Mir.
The Raspberry Pi 400 is a keyboard PC with most of the features of Raspberry Pi 4 SBC, with one of the exceptions being the lack of AV port. But you can now add a 3.5mm audio jack to the Raspberry Pi 400 through the DACBerry 400 S expansion board that connects to the 40-pin GPIO header.
It’s a neater way than using a cheap USB audio dongle with microphone and headphone jacks, as it takes less space, and does not occupy any of the USB ports from the Raspberry Pi 400, and it does not prevent you from using the GPIO header. It’s also better suited for headphones with both microphone input and analog stereo audio output into a single jack, and probably comes with better audio quality than the low-cost USB dongles.
On Kickstarter: Globalscale’s $159 “Mochabin” SBC runs Linux on a quad -A72 Marvell 7040 with up to 8GB DDR4, 10GbE and 1GbE SFP, 4x GbE, WAN/PoE, 2x M.2, and an enclosure. A $199 model adds WiFi 6.
Globalscale Technologies has announced a more powerful follow-on to its EspressoBin networking board. The Mochabin advances to a 1.4GHz, quad-core, Cortex-A72 Marvell Armada 7040, compared to the earlier quad -A53 Armada 3720, and offers more Ethernet ports including a 10GbE port. The Ubuntu or OpenWrt driven board is supported by the same EspressoBin.net community, and supports a variety of firewall, networking, SDWAN, and NAS applications.
MangDang’s open source, $279-and-up “Mini Pupper” quadruped robot dog kit for the Raspberry Pi 4 has 12-DOF agility and an Ubuntu/ROS stack for SLAM, obstacle avoidance, and self navigation.
A Hong Kong based startup called MangDang Technology has made a big splash on Kickstarter with a quadruped robotic dog kit for the Raspberry Pi that has earned $285K with 23 days to go. Designed primarily for robotics education and inspired by the Stanford Pupper project, the Mini Pupper leverages Ubuntu and ROS to offer SLAM (Simultaneous Localization and Mapping), obstacle avoidance, self-navigation, camera detection, and object tracking.
We launched the powerful Portenta H7 last year. The more targeted Portenta H7 Lite just a few weeks ago. And we’re back (already!), with another new product that fills the gap between the previous two versions.
It’s known as Portenta H7 Lite Connected, but we like to call it “the best of both worlds.”
The Portenta H7 Lite Connected is powerful, with integrated wireless connectivity, yet remains cost-optimized. You could think of it as the H7 with only one secure element and no high-resolution video interface. Or if you prefer, the H7 Lite with the ability to connect.
The Flipper Zero hacker tool is a multipurpose hacker tool that aims to make the world of hardware hacking more accessible with a slick design, wide array of capabilities, and a fantastic looking UI. They are struggling with manufacturing delays like everyone else right now, but there’s a silver lining: the team’s updates are genuinely informative and in-depth. The latest update is all about RFID and NFC, and how the Flipper Zero can interact with a variety of contactless protocols.
When they first came to market, many detractors thought that smart watches would be a flop or that there wouldn’t be much use for them. Over the past few years, though, their sales continue to increase as people find more and more niche uses for them that weren’t previously considered. The one downside to most of these watches is unsurprisingly their lack of openness and hackability, but with some willpower and small circuit components there are a few options available for those of us who like to truly own our technology.
As part of our continuing work to ensure that Firefox provides secure and private network connections, it periodically becomes necessary to disable configurations or even entire protocols that were once thought to be secure, but no longer provide adequate protection. For example, last year, early versions of the Transport Layer Security (TLS) protocol were disabled by default.
One of the options that goes into configuring TLS is the choice of which encryption algorithms to enable. That is, which methods are available to use to encrypt and decrypt data when communicating with a web server?
Downloading files on your device still exposes a major security risk and can ultimately lead to an entire system compromise by an attacker. Especially because the security risks are not apparent. To better protect you from the dangers of insecure, or even undesired downloads, we integrated the following two security enhancements which will increase security when you download files on your computer.
One of our promises this year was to deliver ways that can help you navigate the web easily and get you quickly where you need to go. We took a giant step in that direction earlier this year when we shared a new Firefox experience. We were on a mission to save you time and streamline your everyday use of the browser. This month, we continue to deliver on that mission with new features in our Firefox on mobile products. For our Firefox Focus mobile users, we have a fresh redesign plus new features including shortcuts to get you faster to the things you want to get to. This Cybersecurity Awareness month, you can manage your passwords and take them wherever you go whenever you use your Firefox on Android mobile app.
Firefox 93.0 has been released. With this version Firefox supports the new AVIF image format, which is based on the modern and royalty free AV1 video codec. The PDF viewer supports filling more forms, such as XFA-based forms used by multiple governments and banks. Downloads that rely on insecure connections are blocked, protecting against potentially malicious or unsafe downloads. Details on these features and more can be found in the release notes.
We are happy to announce that the Firefox 93 release brings two exciting privacy improvements for users of Strict Tracking Protection and Private Browsing. With a more comprehensive SmartBlock 3.0, we combine a great browsing experience with strong tracker blocking. In addition, our new and enhanced referrer tracking protection prevents sites from colluding to share sensitive user data via HTTP referrers.
Starting with Firefox 93, Firefox will monitor available system memory and, should it ever become so critically low that a crash is imminent, Firefox will respond by unloading memory-heavy but not actively used tabs. This feature is currently enabled on Windows and will be deployed later for macOS and Linux as well. When a tab is unloaded, the tab remains in the tab bar and will be automatically reloaded when it is next selected. The tab’s scroll position and form data are restored just like when the browser is restarted with the restore previous windows browser option.
On Windows, out-of-memory (OOM) situations are responsible for a significant number of the browser and content process crashes reported by our users. Unloading tabs allows Firefox to save memory leading to fewer crashes and avoids the associated interruption in using the browser.
We believe this may especially benefit people who are doing heavy browsing work with many tabs on resource-constrained machines. Or perhaps those users simply trying to play a memory-intensive game or using a website that goes a little crazy. And of course, there are the tab hoarders, (no judgement here). Firefox is now better at surviving these situations.
We have experimented with tab unloading on Windows in the past, but a problem we could not get past was that finding a balance between decreasing the browser’s memory usage and annoying the user because there’s a slight delay as the tab gets reloaded, is a rather difficult exercise, and we never got satisfactory results.
Mozilla Firefox 93.0 was officially released today. The release features AVIF image support and further security improvements.
The AV1 image format (AVIF) is an image file format for storing images or image sequences compressed with AV1 in the HEIF file format. It offers significant file size reduction compare to JPEG, PNG and WebP. Google Chrome added it support since version 85. By releasing v93.0, Firefox now has AVIF image support.
Some PDF files have interactive fields to fill in data. Since Firefox 83, the built-in PDF viewer supports filling fields such as text, check boxes, and radio buttons. In the new release, it adds more forms (XFA-based forms, used by multiple governments and banks) support.
That was Josepha Haden on the “A Sneak Peek at WordPress 5.9” episode of the WP Briefing Podcast, talking about what goes into a WordPress release like version 5.9. Read on to find out more about updates on the latest release and the latest WordPress news from September 2021.
FSFE, one of Google's mouthpieces in the free software world, has announced a dubious competition called Youth Hacking 4 Freedom.
The target audience is between 14 and 18 years of age. Participants compete by working for free. There are numerous cases where people completed work for Google Summer of Code and they were not paid yet the rules for YH4F are even worse and the victims are younger. Google Code-In was a similar program targetting teenagers between 13 and 17 years. Google gave the child laborers t-shirts and certificates in lieu of payment. It looks like ethical concerns may have been a factor in Google's decision to mothball the Google Code-In last year. Yet a program that is even more demanding has appeared in a Google proxy organization, the FSFE.
A recent news story gives various examples of Google trying to obfuscate controversial employment practices. Child labor crosses a red line.
October 5 marks the official release of Windows 11, a new version of the operating system that doesn't do anything at all to counteract Windows' long history of depriving users of freedom and digital autonomy. While we might have been encouraged by Microsoft's vague, aspirational slogans about community and togetherness, Windows 11 takes important steps in the wrong direction when it comes to user freedom.
Microsoft claims that "life's better together" in their advertising for this latest Windows version, but when it comes to technology, there is no surer way of keeping users divided and powerless than nonfree software. Developing nonfree software is an inherently antisocial act, for it is intentionally choosing to create an unjust power structure, in which a developer knowingly keeps users powerless and dependent by withholding information. Increasingly, this involves not only withholding the source code itself, but even basic information on how the software works: what it's really doing, what it's collecting, and how often it's snitching on users. "Snitching" may sound dramatic, but Windows 11 will now require a Microsoft account to be connected to every user account, granting them the ability to correlate user behavior with one's personal identity. Even those who think they have nothing to hide should be wary of sharing potentially all of their computing activity with any company, much less one with a track record of abuse like Microsoft.
Most car manufacturers across the globe are suffering from the chipset shortage. Manufacturers in other industries are slowing down their production for the same reason. Except a few. How are they doing it? How can other companies do the same?
Some car manufacturers – or OEMs (Original Equipment Manufacturers) – have chosen to build their own chips. Some of them work with their governments to create a local chipset industry. But there is one strategy that could be the most effective: Flexible Chip Sourcing.
Created this year has been the CentOS Kmods special interest group for dealing with deprecated device support and out-of-tree modules. This Kmods SIG has begun crafting their initial set of extra kernel modules for use on CentOS.
The CentOS Kmods SIG published their quarterly report today about their activities maintaining and packaging extra kernel modules for CentOS Stream.
Hello Community. Today we announced that membership in the AlmaLinux Foundation is now open to everyone (It's 100% Free). First of all, many are probably asking what is this? Second, who cares? I wanted to take a few brief moments to share some insight, some feelings and hopefully explain why this is so important.
When CentOS was initially founded by Lance Davis in 2004 no one really knew how fundamentally important it would grow to become in the Linux ecosystem--as a concept, as a distribution and really as a lynchpin of the modern internet. The concept of a community-driven OS, which drew upon an enterprise grade base made freely and widely available was a real novelty. As far as the technical aspect, the "entOS" part of CentOS, it has been resoundingly successful.
However, the "C" part of CentOS, Community, got lost somewhere along the way. If the plan was to ensure that it would always be in the hands of the community, the contributors and the people, to own and to control, CentOS never really managed to fulfill that ultimate purpose of community ownership.
CentOS has never been an organization with its own standing, it was always a loose collective of people. Throughout its history (which is a topic for another time) it has been wheeled and dealed, held hostage, transferred, fought about, bought and sold from one party to the next, ultimately landing at Red Hat. They own the Intellectual Property behind CentOS and are free and able to take it in whatever direction they want, as we have seen.
The AlmaLinux Foundation has opened membership to everyone.
Today, the AlmaLinux Foundation announced a membership program as a step to assure that the Linux distribution will be a community owned and governed project that’s not subject to the whims of a single corporate sponsor.
This was a promise that Igor Seletskiy, CloudLinux’s founder and CEO, made when he announced that his company would spend up to $1 million yearly to start and fund a new Linux distribution to replace CentOS Linux, after Red Hat announced that it was in the process of removing support for CentOS as a freely available downstream replacement for it’s flagship product, Red Hat Enterprise Linux.
Google starts the Secure Open Source (SOS) Rewards pilot program run by the Linux Foundation with initial sponsorship of $1 million.
Google has announced that it’s sponsoring a new open source security program hosted by the Linux Foundation. The Secure Open Source (SOS) Rewards pilot program provides financial incentives for developers working on security around critical open source projects.
Google is making a $1 million investment in the Secure Open Source (SOS) Rewards pilot program, according to a recent announcement.
The SOS program “financially rewards developers for enhancing the security of critical open source projects that we all depend on” and is run by the Linux Foundation with sponsorship from the Google Open Source Security Team.
A new malware has been spotted attacking Linux systems and WordPress installations. The malware called Capoae is rapidly growing as a favorite tool among hackers and threat actors because of its cross-platform capabilities, easy installation and fast infection rate.
Open Robotics has registered a CVE that affects ROS Kinetic, Melodic and Noetic. CVE stands for Common Vulnerabilities and Exposures, and it’s an international system that provides a method for publicly sharing information on cybersecurity vulnerabilities and exposures. This specific CVE affects ROS users.
“An infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in ros_comm via a crafted XMLRPC call.”
Open Robotics has already built and tested the security patch and has made the fix available to the community (e.g. Melodic update). So if you haven’t upgraded your ROS stack, please do so.
USA's National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released, "Kubernetes Hardening Guidance" on August 3rd, 2021. The guidance details threats to Kubernetes environments and provides secure configuration guidance to minimize risk.
The following sections of this blog correlate to the sections in the NSA/CISA guidance. Any missing sections are skipped because of limited opportunities to add anything new to the existing content.
Note: This blog post is not a substitute for reading the guide. Reading the published guidance is recommended before proceeding as the following content is complementary.
CISA and the National Cybersecurity Alliance (NCSA) remind users to continue to “Do Your Part. #BeCyberSmart.” during October—2021’s Cybersecurity Awareness Month!
As we’ve seen before, shopping assistants usually aren’t a good choice of browser add-on if you value either your privacy or security. This impression is further reinforced by Keepa, the Amazon Price Tracker. The good news here: the scope of this extension is limited to Amazon properties. But that’s all the good news there are. I’ve already written about excessive data collection practices in this extension. I also reported two security vulnerabilities to the vendor.
Today we’ll look at a persistent Cross-Site Scripting (XSS) vulnerability in the Keepa Box. This one allowed any attackers to track you across Amazon web properties. The second vulnerability exposed Keepa’s scraping functionality to third parties and could result in data leaks.
Big ID programs — frequently involving biometric data collection — are being rolled out across the globe. Similar to Big Tech, Big ID refers to the market of actors selling and profiting from digital identification systems and infrastructure. They regularly aim to replace or complement government identification systems with digital ones, often endangering the human rights of those the people they’re supposed to benefit. Access Now’s new report, Busting the dangerous myths of Big ID programs: cautionary lessons from India, turns a human rights lens on these new systems, unpacking real-life case studies from India to distinguish fact from fiction. Read the full report, and the report snapshot.
“India’s Big ID program, Aadhaar, was a bad idea that had a disastrous impact on peoples’ human rights. We must not let this be replicated around the globe,” Ria Singh Sawhney, Asia Pacific Policy Fellow at Access Now. “If we don’t seriously reevaluate Big IDs, and debunk the myths used to sell them, we are entering a dystopian future where biometric surveillance is normalized, the indignity of arbitrary exclusions are justified, and peoples’ data is no longer considered their own.”
[...]
India’s experience with Aadhaar underlines the dangers of these programs, and neighboring Afghanistan is showcasing how truly perilous a centralized biometric database can be. Big ID myths must be debunked before these programs spread further.
Angela Merkel’s tenure will be remembered as Germany’s, and Europe’s, cruelest paradox. On the one hand, she dominated the continent’s politics like no other peacetime leader — and is leaving the German chancellery considerably more powerful than she had found it. But the way she built up this power condemned Germany to secular decline and the European Union to stagnation.
Social codes are changing, in many ways for the better. But for those whose behavior doesn’t adapt fast enough to the new norms, judgment can be swift—and merciless.
[...]
The interaction between the angry mob and the illiberal bureaucracy engenders a thirst for blood, for sacrifices to be offered to the pious and unforgiving gods of outrage.
As the America Invents Act (AIA) turns 10, patent students across the country may be asking: if the law is already a decade old, why am I spending so much time learning pre-AIA law? Though patents filed before the transition date will remain in force up through March 2033, a good 10+ years away, teachers may also be wondering which regime to emphasize and for how long the pre-AIA rules will still be considered fundamental rather than footnote material. We address these questions empirically by analyzing the effective dates of patents and patent applications currently being litigated or pursued. Our analysis resoundingly confirms that both regimes matter and that the pre-AIA prior art regime appears likely to continue to be relevant for much of the next decade. But how much it matters depends: as the graphs below show, patent lawsuits overwhelmingly continue to feature pre-AIA patents. We estimate that ~90% of patent litigations initiated in 2020 included a patent with an effective filing date before the AIA transition date of March 16, 2013. But the inverse is true of patents currently being prosecuted: ~94+ of applications currently pending before the USPTO, we estimate, are governed by the AIA. In the accompanying PatentlyO Bar Journal article, The AIA at Ten – How Much Does the Pre-AIA Prior Art Regime Still Matter?, 2021 Patently-O Patent Law Journal 35, we explain our methods, sources, and approach and how pre- and post-AIA law are likely to both remain important for some time but that the distinction doesn’t necessarily matter in the vast majority of cases.
The UK Court of Appeal has reviewed the law on insufficiency and its application to claims with both structural and functional limitations. In doing so the court has explained how the concepts of plausibility and undue burden should be applied when assessing the sufficiency of claims of this type, in particular to the requirement that it must be possible to perform the invention across the breadth of the claim.
When you visit the website france.com, you’ll be quickly redirected to the French government’s explore-France travel site: france.fr. But, the US-company France.com, Inc. believes that the country stole the .com site. The case is now pending before the Supreme Court on petition for writ of certiorari is France.com v. The French Republic, Docket No. 21-448 (Supreme Court 2021).