Bonum Certa Men Certa

Links 21/10/2021: PostgreSQL JDBC 42.3.0 and Maui Report



  • GNU/Linux

    • Desktop/Laptop

      • Best Linux laptop for 2021: Which one should you buy?

        I remember, back in my early days of Linux, finding a laptop that could run the open-source operating system was tricky business. You might get a distribution to work with the video chipset. You might even find one that interacts with your soundcard. If you could manage to get wireless working, you were something special.

        That was then, and this is a very different time. Now, you can find Linux pre-installed laptops all over the place. Companies like System76, Tuxedo Computers, Juno Computers, Dell, Lenovo and HP are all producing laptops that support or are even fully certified to run Linux.

    • Audiocasts/Shows

      • Ten more videos from the LibreOffice Conference 2021 - The Document Foundation Blog

        Here are some more videos from the LibreOffice Conference 2021! Check out the playlist, using the button in the top-right – or scroll down for links to individual videos:

      • Pi for the People | LINUX Unplugged 428

        We try out POP!_OS on the Raspberry Pi 4, and chat with its creator Jeremy Soller from System76.

        Plus our thoughts on the perfect Linux laptop right now, and the clever initiative Valve just launched for the Deck.

        Special Guests: Jack Aboutboul, Jeremy Soller, and Neal Gompa.

      • 20 Things You MUST DO After Installing Zorin OS 16 (Right Now!) - Invidious

        In this video, I’ll be taking you through 20 things that’ll make your computer Perform Better (Preload), your Internet Speed Faster (custom DNS) and so many more improvements.

      • CentOS 8 End of Life - Are you Ready? My thoughts & Suggestions - Invidious

        CentOS 8 will reach its end of life very soon - after December 31st, there will be no more updates for the popular distribution. If you're using CentOS 8 in your data center, it's time to make a decision. In this video, I'll go over my thoughts about the subject, as well as some possible options for how to proceed.

      • mintCast 372 – Ryzen Sun

        1:44 The News 18:21 Security Update 21:43 Bi-Weekly Wanderings 56:20 Announcements & Outro

        First up in the news Pinephone Pro, KDE’s 5.23 on their 25th, Ubuntu Frame, Windows 11 Ryzen slowdowns, and Nvidia updates

        In security Retpolines patches for performance and Azure Linux boot failures

        Then in our Wandering, Joe has some Pi, Norbert edits video, Tony Updates a BIOS, and Nishant upgrades Fedora

      • The Diablo is in the Details | Coder Radio 436

        Why mastering your development environment can be a tricky feat, and a server outage brought to you by the late 1990s.

    • Kernel Space

      • Linux 5.14.14
        I'm announcing the release of the 5.14.14 kernel.
        
        

        All users of the 5.14 kernel series must upgrade.

        The updated 5.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.14.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • Linux 5.10.75
      • Linux 5.4.155
      • Linux 4.19.213
      • Linux 4.14.252
      • Nintendo Wii U Gamepad Linux Driver Support Still Pursuing Mainline - Phoronix

        It's been a half-year since talking about the Wii U gamepad driver that's been in development with mainline ambitions for supporting this wireless gamepad in conjunction with the Nintendo Wii U console. The driver has just been revised to address earlier code review comments, again renewing interest in the effort and possible mainlining in a future kernel version.

        The Wii U game console is nearly one decade old for this IBM PowerPC powered device but still is active with some hobbyists for running Linux on the device and other retro gaming purposes. This gamepad Linux driver effort continues to be for those wanting to load Linux on the console and depends upon the wireless gamepad being connected to the console via the DRH internal chip to the Wii U that in turn exposes it as a USB device. There has though been some work towards potentially allowing it to work in the absence of the console.

      • Linux 5.16 To Support The 2021 Apple Magic Keyboard - Phoronix

        Separate from all the ongoing Apple Silicon/M1 bring-up work for the Linux kernel, the Linux 5.16 cycle is set to support this year's Apple Magic Keyboard.

        Via the Apple-HID driver there has been Linux kernel support for earlier versions of the Magic Keyboard to deal with device quirks and differences around this keyboard that need to be specially handled by the software for making full use of the keyboard, such as for the function (Fn) keys.

      • Apple Silicon PCIe Driver Queued For Linux 5.16 - Phoronix

        Queued this week into the Linux PCI subsystem's "next" branch is the Apple PCIe driver needed to enable PCI Express support for Apple SoCs such as the M1.

        The "pcie-apple" driver is written by reverse-engineering expert Alyssa Rosenzweig and Marc Zyngier while also based on discoveries by Corellium and OpenBSD developers. At this stage the Apple PCIe controller driver is less than one thousand lines of new code for bringing up the PCI Express bus with Apple SoCs. The focus has been on the Apple M1 with last year's Apple devices.

    • Instructionals/Technical

      • How to play Nintendo DS games on Linux with MelonDS

        The Nintendo DS was one of Nintendo’s most successful handheld gaming consoles of all time. Sadly, in 2021 it is discontinued. So if you wish to enjoy your favorite Nintendo DS games, you’ll have to emulate them.

        If you’re a Linux user, the best way to emulate a Nintendo DS on Linux is with the MelonDS application. Here’s how to get it to work.

        Notice: AddictiveTips in no way endorses downloading Nintendo DS game ROMS online. If you wish to emulate your favorite games, please use your legal games.

      • How to play Trine 2 on Linux

        Trine 2 is the sequel to Trine, a puzzle-platforming action-adventure side-scroller game. It was developed by Frozenbyte and released in December 2011 for Windows, PS3, and Xbox 360. Later in 2012, it made its way to Linux. Here’s how to play it on your Linux system.

      • How to set up Webmin on Ubuntu Server

        Ubuntu Server is an excellent Linux server operating system. It comes with Snaps, which makes setting up apps easier. In addition, it has live patching, so you never miss a security update and many more excellent features.

        Still, for as great as Ubuntu Server is, setting up certain things can be a pain. If you’d like to avoid the annoyances of Ubuntu Server, check out Webmin. It’s a management tool for UNIX-like operating systems. With it, users can manage their Linux systems with an elegant web UI rather than the terminal. Here’s how to set it up.

      • How to install OpenBSD 7.0 - Unixcop

        When I’ve started my migration from privative OS to Linux, after a couple of weeks my first reaction was something like: €¡let’s try them all! I mean, all the linux distributions. Spoiler alert: I couldn’t, there are too many distributions. Even in 1999 there where too many.

        After a couple of months of trying different linux flavors I’ve got a new reaction: €¡let’s try all the others OSes!. And this is why I’m showing how to install OpenBSD.

        From the OpenBSD website: €«The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography. As an example of the effect OpenBSD has, the popular OpenSSH software comes from OpenBSD.€»

      • How to Create an SSH Honeypot to Catch Hackers in Your Linux Server - Make Tech Easier

        If you’ve ever looked at the authentication logs for your server, then you know that any server connected to the Internet is under a constant barrage of login attempts from hackers.

        Even if your server is a completely unknown hobby server, automated scripts will find it and continually try to brute force their way in using SSH. Although they’re not likely to get in as long as you’re using complex passwords or other security measures, there’s still always the chance that they could succeed.

        Luckily, there’s a useful and fun way to trap these hackers in your server and keep them too distracted to cause any trouble.

      • How To Install GoAccess on AlmaLinux 8 - idroot

        In this tutorial, we will show you how to install GoAccess on AlmaLinux 8. For those of you who didn’t know, GoAccess is an interactive and real-time web server log analyzer program that quickly analyzes and views web server logs. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. It parses the specified web log file and outputs the data to the terminal.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the GoAccess real-time web server log analyzer and interactive viewer on AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

      • How To Install Drupal on Debian 11 - idroot

        In this tutorial, we will show you how to install Drupal on Debian 11. For those of you who didn’t know, Drupal is a free and open-source content management system based on the LAMP stack. It has great standard features, like easy content authoring, reliable performance, and excellent security. Flexibility and modularity are some of the core principles that set it apart from the rest.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Drupal CMS on a Debian 11 (Bullseye).

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Maui Report 16

          Today, we bring you a new report on the Maui Project’s progress.

          Maui 2.0 was released almost four months ago, and since then new features, bug fixes, and improvements have been made to the Maui set of apps and frameworks; the following blog post will cover some of the changes and highlights from the last month of development.

          Among many bug fixes that will be listed below for each individual app, some of the highlights include faster startup times, around 5X faster on the PinePhone and other ARM-based devices, which means that Maui Apps now start under 5 seconds or less in low-end devices with slow speed I/O reads.

    • Distributions

      • New Releases

        • Redcore Linux is a Gentoo-based Distro for Human Beings

          Today we’ll take a look at Redcore Linux 2102 codenamed “Polaris”. Redcore Linux is a Gentoo-based live-installable distribution that aims to bring Gentoo’s power to home users. Like Gentoo it is a rolling release, but unlike Gentoo, Redcore Linux provides more current software than Gentoo itself by using the Gentoo testing repositories as its package base.

          Redcore Linux is not a very popular Linux distro, with small development team behind it. Probably not too many people have heard of it. It’s been around for a little bit – in November, Redcore Linux will be 5 years old.

          The Redcore Linux devs team is strongly focused on few goals. They are not trying to be all things to all people like so many other Linux distributions are trying to be. All they are traying to do is make a easy to install Gentoo-based Linux distribution that ships by default with the KDE Plasma desktop. Redcore Linux targets casual desktop users and, to some extent, even power users.

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • KDE Plasma Update

          KDE Plasma pkgs were updated to 5.23.1 today. This is a bug fix release update to KDE Plasma 5.

      • IBM/Red Hat/Fedora

        • IBM Unveils ‘Open Source Cloud Guide’ at All Things Open

          One of the announcements made at this year’s All Things Open conference in Raleigh came on Monday when IBM unveiled an Open Source Cloud Guide, which offers a vendor and cloud agnostic view of open source developer tools.

          Unlike past ATOs, this year’s conference was a “hybrid” event, featuring in-person presentations before live audiences, as well as recorded presentations that were available only to online viewers. IBM’s announcement was made in one of the latter prerecorded presentations, called “The Growing Research that Open Source Owns the Future in Cloud,” with the announcement coming from Chris Ferris, IBM’s CTO of open technology.

          “The Open Source Cloud Guide, which highlights various use cases that are important in hybrid cloud environments, features the important open source projects in those areas and discusses how various clouds are using open source in their offerings,” Ferris and Todd Moore, IBM’s VP of open tech, wrote in a blog that was released on the same day. “By open sourcing the guide, developers are able to both use and contribute to the learnings and use cases.”

        • Automating host configuration with Red Hat Satellite and RHEL System Roles

          RHEL System Roles are a collection of Ansible roles and modules that provide a stable and consistent configuration interface to automate and manage multiple releases of Red Hat Enterprise Linux. Our wide variety of System Roles can automate many aspects of RHEL, saving you time and helping to configure your RHEL systems consistently.

          In this post, we’ll walk through how to combine Satellite and RHEL System Roles to provide an effective method of automating the management of RHEL systems.

        • Monitoring eBPF-based metrics

          If you're a Site Reliability Engineer, or do similar work, you've probably heard about eBPF. You might also have tried out a few bcc or bpftrace tools. Have you wondered how you can run these tools 24/7, log historical data and set alerts based on the measured metric values? This post will guide you through setting up Performance Co-Pilot, our monitoring solution for RHEL, and enabling eBPF sourced metrics on RHEL 8.

        • Developer workflows using the VS Code for Java extension 1.0 [Ed: IBM/Red Hat helping Microsoft instead of seeking to replace Microsoft's proprietary software that spies on users and encourages GPL violations]

          The 1.0 release of Language Support for Java by Red Hat on Visual Studio Code is now available on VS Code Marketplace. We'd like to take the opportunity to showcase a few workflows that really make it enjoyable to develop Java applications in Visual Studio Code (VS Code).

        • Announcing Language Support for Java by Red Hat 1.0 for Visual Studio Code [Ed: IBM/Red Hat propping up Microsoft's proprietary software that spies on users and encourages GPL violations]
        • Digital transformation: 3 goals CIOs should prioritize

          CIOs are at the forefront of digital transformation, a position that’s not likely to change. Transformations are never static, although I admit that the word makes it sound otherwise. If your goal is to reach some new fixed state that will carry you over for many years to come, you’ve lost the battle. Ultimately, digital transformation should lead to a state that enables continual change and improvement.

          Today’s CIO is now more involved in the marketing functions than in the past, and for good reason. Where once the CMO may have outsourced to an agency, the CIO is now more central to external customer experiences, in large part because digital technology is creating connections between external and internal users. And unlike with past internal efforts, the CIO needs to worry about the technology used by people over whom they have no control: end customers.

          CIOs also need to figure out the newly emerging internal marketing needs. They’re often brought in to tackle specific tasks but are quickly called upon to solve a host of other challenges within their organizations.

      • Debian Family

        • OpenEmbedded Dunfell complete recompile

          But then I wondered if there might be any repercussions with other packages. Not sure, but decided to do a complete recompile in OpenEmbedded, the Dunfell release with my 'meta-quirky' layer.

          Very interesting how long it took this time. Started at 9.30am yesterday, and it finished about 2.00am this morning, that is circa 16 hours. This is on my Lenovo with i3 CPU, 32GB RAM and swap partition on an internal SSD. The build has taken place on an external usb3 SSD, which would probably be the main bottleneck.

          The external SSD is 1TB, and the build has consumed almost 280GB. That is just for the x86_64 build. I also have the aarch64 build on the SSD, which has consumed almost as much. That is why I need a 1TB drive!

          The build has taken longer due to more packages compiled. I have posted about the gradual addition of more packages, and this latest build is 839 packages. That is original packages, not split up into several smaller packages like Debian does.

        • A look at old desktop themes

          I am planning a new theme for EasyOS 3.1. The theme in 3.0 and earlier has been in use for a long time, really do need a change.

      • Canonical/Ubuntu Family

        • Fintech Open Source and Cybersecurity

          The fintech ecosystem is flourishing and exciting things are happening these days at the intersection of digital technology and financial services – thanks in part to an infusion of global fintech investment that reached US$98 billion across 2,456 deals in H1’21. This far outpaces last year’s annual total of $121.5 billion across 3,520 deals.

          Fintech companies are creating and rolling out a wide range of solutions that are impacting nearly everyone, dramatically broadening the reach, flexibility, and level of innovation in financial services. In addition, technology is helping enable enormous progress in bringing financial services to the many people who have previously been excluded from the formal financial system.

        • Help Us Chart the Ubuntu Community Roadmap

          It hasn’t even been a week since the release of Impish Indri, and we already are gearing up for the journey to Jammy Jellyfish. If releases were a roadtrip, this is when we pull over, have some snacks, and find the best way to get to our next destination. The Desktop and Community Team want to know what your priorities are to be better advocates for the community and to make a better Ubuntu community roadmap, together!

        • Snapcraft experimental login – new, secure Web-based authentication method

          Some Snapcraft operations mandate that users identify themselves. For example, if you want to push your snap to the Snap Store, you need to login on the command line. The process relies on the internal login mechanism built into Snapcraft.

          A preview functionality for a new Web-based authentication flow is available as an experimental feature in Snapcraft since release 4.6. This allows you to complete the login process in a simple, secure manner using the browser, and extends the macaroon-based authentication currently in use.

        • Canonical at Cloud Expo Europe Madrid 2021

          The leading fair in London, Paris, Frankfurt and Singapore will open the doors of its first edition to C-level experts and executives in Madrid. Canonical will be attending as a Silver level Sponsor, presenting strategies and trends for industry leading companies, as part of the DevOps stream.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open-Source Collaboration Platform ‘Twake’ is Out of the Beta Phase With New Feature Additions

        Twake is a modern Nextcloud alternative that is relatively new to the scene. You can use it for free or opt for paid options to unlock more features. If needed, you can also host it yourself.

        It depends on your requirements to use it as a replacement to a Nextcloud instance. However, if you are looking for an open-source solution to replace Slack, Google Drive, Trello, and Teams, Twake app should be an exciting choice.

        Even in the beta phase, I gave it a try and was pretty happy with it. Now that it is out of the beta phase, Twake 2.0 is the full release updated with new features and improvements.

        [...]

        Twake 2.0 is a promising Nextcloud alternative along with the potential to replace other collaboration tools like Slack.

      • OK Lenovo, we need to talk!

        I’ve been wanting to publicly comment on Lenovo’s statement on Linux support for a while, as there’s much to say about it, and my failing attempt at finding a suitable replacement for my venerable T510 gave me an excuse to document my love-hate relationship with Lenovo all at once.

        This is of course my own personal views and ideas, and does not reflect the Haiku project’s position on the topic, nor that of Haiku, Inc. But I feel they deserve to be brought here due to history and the direct and indirect effect it might have had on the project, including previous failed attempts at commercial applications using it.

        While Lenovo is still above many other manufacturers on some aspects, and on others domains, well, nobody does any better anyway, they purport to perpetuating the IBM legacy, so I think (sic) they should be held up to the standard they claim to follow. Yet the discussion about repair and documentation pertains to almost every vendor.

        Also, it’s a long read, an hour or so, so make yourself comfortable, get a coffee, or tea and biscuits.

        Skip to the middle for the more political views on Right to repair, schematics and specifications, but you’d really be missing some history and facts for the subsequent discussion, and rants about the T510 and nvidia. If you just want to see me complain about current hardware just go further down.

      • SaaS/Back End/Databases

        • PostgreSQL: PostgreSQL JDBC 42.3.0 released

          The PostgreSQL JDBC team is proud to announce version 42.3.0

          The major change here is that we have dropped support for JAVA 6 and JAVA 7

          This allows us to move forward with further changes

      • Programming/Development

        • Your "21st century banking" is sixty years old [Ed: At least COBOL, unlike "modern" and bloated frameworks, remains relevant and still works after all these years]

          There is one software language that controls all your money. A language that pretty much runs, all by itself, the cores of the worldwide financial systems. It cannot be replaced (not without great expense and risk, that is), and cannot be kept either, because the experts that really know it are dying out.

        • Qt Online Installer 4.2.0 beta released
        • Why Coda thinks documents are the internet's next big platform

          The way Shishir Mehrotra sees it, digital documents haven't really changed in 50 years. Since the days of WordStar, Harvard Graphics and VisiCalc, the basic idea of what makes up a document, presentation and spreadsheet haven't really changed.

          Now, thanks to companies like Coda — where Mehrotra is founder and CEO — along with Notion, Quip and others, that's starting to change. These companies are building tools that can do multiple things in a single space, that are designed both for creating and for sharing, and that turn documents from "a piece of paper on a screen" into something much more powerful. And to hear Mehrotra tell it, documents are headed toward a future that looks more like an operating system than a Word file.

          Mehrotra joined the Source Code podcast to talk about Coda's recent announcements, the two-year project to rebuild its core technology, Coda's future as a platform and why he thinks documents can be much more than just documents going forward.

        • Node.js 17 released, not intended for production use ● The Register [Ed: Microsoft Tim on how Microsoft is weaponising TypeScript and GitHub to take over Node.js; there's also an outpost in the Linux Foundation that's controlled by a Microsoft mole, "Open"JS]

          Node.js 17 is out, loaded with OpenSSL 3 and other new features, but it is not intended for use in production – and the promotion for Node.js 16 to an LTS release, expected soon, may be more important to most developers.

        • GammaRay 2.11.3 Released!

          GammaRay 2.11.3 has been released! GammaRay is KDAB’s software introspection tool for Qt applications. Leveraging the QObject introspection mechanism, it allows you to observe and manipulate your application at runtime. This works both locally on your workstation and remotely on an embedded target. Version 2.11.3 will be the last in the 2.11 series.

          After this release, we will turn our attention to GammaRay 3.0, with the primary focus of adding support for Qt 6.

        • Perl/Raku

  • Leftovers

    • Would I Lie to Monty Hall?

      The logic problem involving a game show host that drove people crazy in the early ’90s … and whether it applies to the panel shows of today.

    • COVID-19, a lost opportunity for italian administrations

      Nineteen months ago, when Italy went in lockdown, I wrote almost immediately that this, at least, could and should be an excellent occasion to throw away and redesign from scratch many services, if not the whole economy, in ways that finally make sense.

      Nineteen months ago, the forced, hurried adoption of all sorts of “remote working” seemed to offer, if not a perfect field trial towards that goal, at least a great list of things to avoid.

    • Pandemics, kicking cars out of the stone age

      By now, you probably know that production of cars has slowed down worldwide, due to a shortage of electronic components, or “chips” for the sake of simplicity. Initially, the carmakers thoughts, or said, that this would only affect production for a few months. but this is not happening. One reason is [relatively] well known, and is the general mess of worldwide supply chains. The other is less known, and more interesting too.

    • Hardware

      • Refining The Greatest Joystick Of The 1980s | Hackaday

        The Competition Pro joystick is often considered to be the pinnacle of input devices, at least as far as the 1980s gaming goes. But the design isn’t perfect, and time hasn’t been kind to certain aspects of its mechanism. For example, the large rubber disc used to keep the stick centered on early generations of the hardware will invariably be hardened up on any surviving specimens. Looking to return these classic controllers to their former glory, and then some, [mageb] has released a number of 3D printed modifications for the Competition Pro that should be of great interest to the vintage gamer.

      • Know Audio: It All Depends On The DAC | Hackaday

        All of these are essentially sigma-delta DACs, and they approach the problem of moving the out-of-band noise upwards by producing pulse chains at a high multiple of the sample clock where the number of pulses corresponds to the value of the sample being converted. By sampling with lower resolution, but much faster, the associated out of band noise is shifted much higher up the frequency range, which makes the job of separating it out from the signal much easier. It can be decoded into an analogue signal by means of a fairly straightforward low-pass filter. These are the “Bitstream” and “1-bit” DACs advertised on those 1990s CD players, and what was once the bleeding edge of audio technology is now commonplace.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The ELISA Project Continues to Grow its Global Ecosystem by Welcoming Red Hat as a Premier Member and Banma, Lotus Cars and SUSE - Linux Foundation

                Today, the ELISA (Enabling Linux in Safety Applications) Project, an open source initiative that aims to create a shared set of tools and processes to help companies build and certify Linux-based safety-critical applications and systems, announced that it Red Hat has upgraded its membership to premier member and welcomes Banma, Lotus Cars and SUSE as the newest members.

                Linux is used in all major industries because it can enable faster time to market for new features and take advantage of the quality of the code development processes. Launched in February 2019 by the Linux Foundation, ELISA works with Linux kernel and safety communities to agree on what should be considered when Linux is to be used in safety-critical systems.

                “Linux underpins many applications today that have safety-critical and cybersecurity implications,” said Kate Stewart, Vice President of Dependable Embedded Systems at The Linux Foundation. “By collaborating together, the ELISA members are defining the best practices for use of Linux in these systems. We look forward to continuing to build consensus and welcoming expertise and collaboration from these new members.”

              • The ELISA Project Continues to Grow its Global Ecosystem by Welcoming Red Hat as a Premier member and Banma, Lotus Cars and SUSE

                Today, the ELISA (Enabling Linux in Safety Applications) Project, an open source initiative that aims to create a shared set of tools and processes to help companies build and certify Linux-based safety-critical applications and systems, announced that Red Hat has upgraded its membership to premier member and welcomes Banma, Lotus Cars and SUSE as the newest members.

        • Security

          • Security updates for Wednesday

            Security updates have been issued by Debian (ffmpeg, smarty3, and strongswan), Fedora (udisks2), openSUSE (flatpak, strongswan, util-linux, and xstream), Oracle (redis:5), Red Hat (java-1.8.0-openjdk, java-11-openjdk, openvswitch2.11, redis:5, redis:6, and rh-redis5-redis), SUSE (flatpak, python-Pygments, python3, strongswan, util-linux, and xstream), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-raspi and strongswan).

          • JavaScript Packing Found in More Than 25% of Malicious Sites
          • Textbook Rental Scam - Schneier on Security

            Here’s a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned books. They also used various aliases and other tricks to bypass Amazon’s fifteen-book limit. In all, they stole 14,000 textbooks worth over $1.5 million.

          • Amazon textbook rental service scammed for $1.5m

            A 36-year-old man from Portage, Michigan, was arrested on Thursday for allegedly renting thousands of textbooks from Amazon and selling them rather than returning them.

            Andrew Birge, US Attorney for the Western District of Michigan, said Geoffrey Mark Hays Talsma has been indicted on charges of mail and wire fraud, transporting stolen property across state lines, aggravated identity theft, and lying to the FBI.

            Also indicted were three alleged co-conspirators: Gregory Mark Gleesing, 43, and Lovedeep Singh Dhanoa, 25, both from Portage, Michigan, and Paul Steven Larson, 32, from Kalamazoo, Michigan

            From January 2016 through March 2021, according to the indictment, Talsma rented textbooks from the Amazon Rental program in order to sell them for a profit. The indictment describes what occurred as "a sophisticated fraud scheme."

          • Google Releases Security Updates for Chrome

            Google has released Chrome version 95.0.4638.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

            CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

          • Privacy/Surveillance

            • Mark Zuckerberg will soon be named in a major a privacy lawsuit

              The attorney general of Washington DC told The New York Times Wednesday that he plans to name Mark Zuckerberg in a privacy lawsuit that stems from the Cambridge Analytica scandal. The suit, first filed in December 2018, charges Facebook with misleading DC residents about their privacy, because Cambridge Analytica was able to illicitly obtain data on tens of millions of users.

              Attorney general Karl Racine told the Times that new information had shed light on Zuckerberg's role in product changes that enabled third-party developers to collect data on their users' friends, a technique that allowed a Cambridge University researcher to collect reams of data and sell it to Cambridge Analytica. "Under these circumstances, adding Mr. Zuckerberg to our lawsuit is unquestionably warranted, and should send a message that corporate leaders, including the C.E.O., will be held accountable for their actions," Racine told the Times.

              Facebook spokesperson Andy Stone called the allegations "meritless" in a statement to the Times and said, "We will continue to defend ourselves vigorously and focus on the facts."

            • The difference between Instagram and TikTok, and why it matters

              TikTok upload length of 15 seconds is feasible even without broadband. This, together with lack of curation or standards for it, was a godsend for creators from rural, poorer or marginalized caste backgrounds, who were otherwise invisible on the Indian internet. It gave them concrete opportunities to make decent money, even with theoretically unpolished content like joyfully “singing indigenous rhymes as floodwaters clogged their mud house”, and gained TikTok 200 million users in India in 2020, mostly outside the middle classes.

    • Environment

      • Wildlife/Nature

        • Pork is already super expensive. This new animal-welfare law could push prices higher

          Pork, much like everything else these days, has gotten more expensive due in part to the supply chain issues and inflationary pressures spurred by the pandemic.

          And now comes another wildcard: The pork industry's ability — and desire — to adapt to a new animal welfare law in California, its largest US market. The voter-approved measure taking effect on January 1 requires pork products sold within the state to adhere to standards that mother pigs are given at least 24 square feet of space each and kept out of gestation crates — 7-by-2-foot stalls where their movements are severely restricted.

    • AstroTurf/Lobbying/Politics

      • Undercover political campaigners are arrived | Stop at Zona-M

        Voters engagement and voting advocacy are absolutely necessary to keep democracy alive. When they happen online, however, they can be controlled like any other political campaigning tool, but with much greater accuracy. Choosing the right messengers, in fact, allows to target specifical constituencies with great accuracy, each with a different message from the person that is more popular among them.

        This is true with all voters, of course. However, it is particularly relevant, at least now, among young voters, who as a group spend more time on social media but have less experience.

        [...]

        Regulated, yes. Undercover, “clandestine” political campaigning is not good. Problem is, how do you do it without even worst side effects?

    • Civil Rights/Policing

      • Will the Right to Protest survive its migration online? - Access Now

        The human right to protest is crucial because it is a gateway right — it onboards us to other rights. Even for those who have never participated in a protest, or ever plan to, many of the rights we enjoy today are the result of others in the past exercising their right to protest for those rights.

        For example, it’s in large part because of the suffragette movement that women can vote today, and it is largely thanks to the sacrifices of the labor movement that many enjoy a 40-week workweek as a norm today. Contemporary history is signposted with protests that have enabled us to live the lives we currently live.

        I recently gave a TEDx talk recalling some of these history-defining protests — an anti-nuclear war protest held in Sydney in the ‘80s, and the 2011 Arab Spring protests in Egypt. In it I explain why the right to peaceful protest matters, now more than ever. But also how it is at risk due to the advent of new technologies. I inquire whether the right to protest will survive its migration online.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024