Last year we announced that Dockershim is being deprecated: Dockershim Deprecation FAQ. Our current plan is to remove dockershim from the Kubernetes codebase soon. We are looking for feedback from you whether you are ready for dockershim removal and to ensure that you are ready when the time comes. Please fill out this survey: https://forms.gle/svCJmhvTv78jGdSx8.
The dockershim component that enables Docker as a Kubernetes container runtime is being deprecated in favor of runtimes that directly use the Container Runtime Interface created for Kubernetes. Many Kubernetes users have migrated to other container runtimes without problems. However we see that dockershim is still very popular. You may see some public numbers in recent Container Report from DataDog. Some Kubernetes hosting vendors just recently enabled other runtimes support (especially for Windows nodes). And we know that many third party tools vendors are still not ready: migrating telemetry and security agents.
Have you ever wondered why it takes so long to pull a container image from a container registry with a container tool like Podman?
Server and application logging is an important facility for developers, operators, and security teams to understand an application's state running in their production environment.
Logging allows operators to determine if the applications and the required components are running smoothly and detect if something unusual is happening so they can react to the situation.
For developers, logging gives visibility to troubleshoot the code during and after development. In a production setting, the developer usually relies on a logging facility without debugging tools. Coupled with logging from the systems, developers can work hand in hand with operators to effectively troubleshoot issues.
The most important beneficiary of logging facilities is the security team, especially in a cloud-native environment. Having the ability to collect information from applications and system logs enables the security team to analyze the data from authentication, application access to malware activities where they can respond to them if needed.
Kubernetes is the leading container platform where more and more applications get deployed in production. I believe that understanding the logging architecture of Kubernetes is a very important endeavor that every Dev, Ops, and Security team needs to take seriously.
Hackaday editors Elliot Williams and Mike Szczys get caught up on the week that was. Two builds are turning some heads this week; one uses 60 Nixie tube bar graphs to make a clock that looks like the sun’s rays, the other is a 4096 RGB LED Cube (that’s 12,288 total diodes for those counting at home) that leverages a ton of engineering to achieve perfection. Speaking of perfection, there’s a high-end microphone built on a budget but you’d never know from the look and the performance — no wonder the world is now sold out of the microphone elements used in the design. After perusing a CNC build, printer filament dryer, and cardboard pulp molds, we wrap the episode talking about electronic miniaturization, radionic analyzers, and Weird Al’s computer.
In this video, I will show you how to downgrade packages in Debian-based and Arch-based Linux distributions. I will be using Ubuntu and Manjaro as examples. Downgrading a package is not something that you will need to do very often (hopefully never), but if the need arises, here's how to do it.
We're in the middle of chapter 8 right now so that means all we're doing to do is compiling compiling and more compiling.
Following today's inaugural patch, over the coming weeks we are expected to see Intel Raptor Lake patches beginning to make it out onto the public kernel mailing list for review.
Raptor Lake is anticipated to be the 13th Gen Core processors and successor to the recently launched Alder Lake processors. Previous leaks around Raptor Lake have pointed to the new "Raptor Cove" performance core and an improved Gracemont power efficiency core. Leaks have also suggested Raptor Lake S could top out at a 24 core / 32 thread design. The launch of Raptor Lake is expected in 2022.
The Ceph open-source distributed storage system can now enjoy better performance out-of-the-box with Linux 5.16.
Last year with Linux 5.7 the Ceph file-system driver added the feature of async directory operations "dirops" and now finally with Linux 5.16 that is being enabled by default. After lots of testing this summer on Ceph's async dirops code, the developers are comfortable enabling it by default rather than requiring the "nowsync" mount option.
Zink can now run all display platform flavors of Weston (and possibly other compositors?). Expect it in zink-wip later today once it passes another round of my local CI.
Following Mesa's Zink OpenGL-on-Vulkan translation driver finally running "glxgears" in a correct and performant manner, the newest milestone acheived by lead Zink developer Mike Blumenkrantz is managing to run Wayland's Weston compositor.
With experimental, yet-to-be-merged or even MR'ed code for Zink, Blumenkrantz can now get the Wayland reference compositor running on Zink which in turn is then running off the native Vulkan driver.
When writing this morning about intel "Raptor Lake" Linux enablement to begin, I didn't expect that to bear fruit so quickly in just a matter of hours... As predicted, that Linux bring-up for the Alder Lake successor is beginning now -- and doing so at full-speed with the initial Raptor Lake S (RPL-S) graphics support being posted.
Following that early indicator today of the Raptor Lake model ID being posted, Intel's graphics driver team has posted their initial patches bringing up Raptor Lake S graphics for their "i915" kernel graphics driver. As of writing, the Mesa Vulkan/OpenGL driver user-space patches haven't been posted but are likely coming out soon.
AMD this week quietly released Radeon Software for Linux 21.40.1 as a fundamentally big update for this packaged driver stack targeting enterprise Linux distributions.
The Radeon Software for Linux 21.40.1 packaged driver release is their first that usess unified ROCm (Radeon Open eCosystem) and graphics drivers. This packaged driver has integrated/unified their compute stack with what is offered by ROCm compared to prior releases also having still shipped their legacy OpenCL/compute components. Moving forward it's all the ROCm-based approach for OpenCL/compute. However, machine learning users for now at least are encoutaged to use the upstream ROCm packages as the v21.40.1 point release hasn't been formally validated for that use-case yet.
While the Zink OpenGL-on-Vulkan code within Mesa is close to OpenGL 4.6 conformant and running many OpenGL games at good performance, it's taken until now to see good performance out of the glxgears benchmark.
It took a long time for glxgears to even render correctly on Zink even when it was on to running various demanding OpenGL Linux games... It was just earlier this year Zink correctly rendered glxgears but was doing so incredibly slow.
While the AMD Radeon "AMDGPU" Linux kernel graphics driver has supported VESA Display Stream Compression (DSC) over DisplayPort connections, until now it hasn't supported the power-savings feature for eDP panels.
Since Display Stream Compression 1.1 the specification has supported Embedded DisplayPort for reducing the amount of data transferred and in turn reducing system power consumption and helping battery life on laptops.
Finally the AMDGPU Linux kernel driver is preparing to enable Display Stream Compression for the eDP interface.
Terminal-based file managers may seem like relics of ancient times, but even in this age of touchscreens, nothing can handle hundreds of files more efficiently. Besides, a terminal may still be your only option to work on remote servers or recover your files after a system crash.
Two file managers for Linux that deserve more coverage are nnn and ranger. These file managers are made for terminals, but they're also usable with a mouse and available as binary packages for most Linux distributions.
TaskBoard is a free and open-source Kanban application used to keep track of things that need to get done. It is a PHP-based and self-hosted application that helps you to keep track of all tasks. It provides a simple and user-friendly web interface for managing all your tasks. It is used by teams or organizations to represent work and its path towards completion.
This tutorial explains step by step to upgrade an Ubuntu desktop from version 21.04 Hirsute Hippo to 21.10 Impish Indri with command lines. You will need to prepare a good internet access, enough disk space, and some patience to work with it. Good luck!
In this tutorial, we will show you how to install OpenNMS on Debian 11. For those of you who didn’t know, OpenNMS is an open-source and enterprise-grade network monitoring and management solution. It is a network monitoring application that gathers critical information from local and network hosts using the SNPM protocol. It can be installed on Linux and Windows operating systems and provides a web-based interface to monitor network traffics through a web browser.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the OpenNMS Network Monitoring Solution on a Debian 11 (Bullseye).
In this article, we will learn how too install freeipa client on Rocky Linux/Alma Linux/CentOS 8. This guide will also work on other RHEL 8 based systems.
This integrations allow a System Administrator to conveniently configure the server centrally, on the FreeIPA server. When a management command is executed on the Client machine, the FreeIPA client sends it to the server where it is executed.
FTP servers are commonly known to facilitate file transfers between clients and servers. Typically, ftp servers offer two types of access levels: Authenticated and Anonymous. The first method (Authenticated) requires a valid username and password in order to access the files and directories. The second method ( Anonymous) being anonymous, we can download files without restrictions. You can download files directly by using the default user "FTP" or "anonymous";
Linux has many FTP packages, but only a few have a good design and provide even the most basic level of security, and vsftpd is among the most secure. This guide will teach you how to configure the VSFTPD server to allow anonymous FTP downloads without any restrictions. As part of this exercise, we'll install an FTP server on Rocky Linux 8.4. However, these instructions can be adapted for RHEL, CentOS, Fedora, Ubuntu, and Debian with a few changes.
Erlang is a functional, general-purpose, concurrent programming language and garbage-collected runtime environment built for concurrency, fault tolerance, and distributed application architectures. It is supported and maintained by Ericsson OTP product unit.
In this guide, we will install Erlang/OTP in a Fedora 35 Server/Workstation.
In this guide we will explore how to install the latest release of RabbitMQ in Fedora 35 server or Workstation
RabbitMQ is an open source message broker software that implements the Advanced Message Queuing Protocol (AMQP). RabbitMQ works by receiving messages from publishers (applications that publish them) and routes them to consumers (applications that process them).
In this video, I am going to show how to install Xubuntu 21.10.
911 Operator puts the player in the role of a 911 dispatcher for emergency lines and services. It is a fun and challenging video game. It was developed by Jutsu Games and published by Games Operators. Here’s how you can play 911 Operator on Linux.
First of all... "What!?! An article about Microsoft Windows on this Linux oriented website?!?!" Yes. Hey, I'm running Windows 11 as a KVM virtual machine on my Dell Latitude E6440 laptop that is 6+ years old... using Fedora 35 as my VM Host. I don't think Windows 11 would want to run on the physical hardware either... but the method I mention should make it work in many places that it would refuse to because of hardware requirements enforced by the installer.
Many may think that installing Arch Linux is difficult. In reality, the process is not much different from installing any Linux, except that the installation is done on the command line. Arch Linux own installation guide is excellent, but I’m trying here to explain in a little more detail how the whole process goes. This is my own command list for installing Arch Linux with GNOME Desktop.
Following this guide you can install Arch Linux with GNOME 41.1 desktop, networkmanager, systemd-boot, btrfs, man pages and basic devel packages. I assume that you are using Linux when you create your installation iso. If you use Windows, then use Windows tools to create bootable USB Media.
The shell commands have always been a crucial tool in Linux. So learning about them gives a user fine-grained control over the Linux machine. Such a command of Linux bash shell is echo command. However, the echo command seems to be a pretty straightforward and easy one. It has a unique job that cannot be done with other commands, especially while writing a bash script. The echo command in Linux is mainly used for printing text in the console. It can show messages for the user while a bash script is executing.
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. The Chromium codebase is widely used. Microsoft Edge, Opera, and many other browsers are based on the code.
In this tutorial guide we will learn how to install Openlitespeed server on Rocky Linux/Alma Linux
Openlitespeed is an easy to use open source web server. It offers unbeatable features and performance to your website along with top notch security. The server understands all the Apache rewrite rules and has intelligent cache acceleration features that let you implement the fastest caching on your server.
Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers.
Docker is a utility that lets you create a container for running applications. A Docker container is a fully-contained virtual machine.
This guide will show you three methods to SSH into a Docker container and run commands.
The directory content listing enabled by default when you install Apache web server, This may_be a desirable features in some scenarios, but it’s a potential security hole in others. It’s easy enough to turn this setting on or off for each website (virtual host) that you have set up.
In this guide, we’ll show you how to turn off directory browsing on Apache & Nginx web servers.
MariaDB is an open-source one of the most popular relational database management system (RDBMS) that is a highly compatible drop-in replacement of MySQL. It is built upon the values of performance, stability, and openness, and MariaDB Foundation ensures contributions will be accepted on technical merit.
MariaDB was developed as a software fork of MySQL in 2009 in response to Oracle’s acquisition of MySQL. MariaDB intends to remain free and open-source software under the GNU General Public License. It is part of most cloud offerings and the default in most Linux distributions.
In this guide we will learn how to install and configure MariaDB in Debian 11.
Fancy exploring a cute pixel-art land filled with wild bouncing jellies? Alchemic Cutie is a very sweet casual RPG and it's officially out now on Steam. Note: key provided by the developer.
Developed by Viridian Software / Vakio is another entry in the colourful and casual market, a very welcome addition too as it's properly wholesome. Wimba Island, the place you live, is a magical land filled with wild jellies. These strange creatures roam the lands and your family has made a living out of breeding them.
Looks like cross-platform game development with SDL is going to get easier, as Ryan Gordon (also known as Icculus) has confirmed an Epic MegaGrant and details what it will be used for.
What is SDL? Simple DirectMedia Layer (SDL) is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware. It is used by video playback software, emulators, popular games and some game engines.
Ryan Gordon is one of the people responsible for its development, and Gordon has also ported plenty of games to Linux, macOS and other platforms over many years. In a new post on Patreon, a fun announcement was detailed about an approved Epic MegaGrant and how it's going to be used to improve SDL.
Megaquarium: Architect's Collection is a new and exciting sounds expansion pack for the impressive aquarium building game that's now available.
Developed by solo-studio Twice Circled from Tim Wicksteed, released originally in 2018 Megaquarium is their second game following on from Big Pharma in 2015. You can pick from tons of different species to house in your exhibits, satisfy their needs and don’t let them die, all while you try to keep your guests happy and busy. This new expansion gives players new ways to build up your aquarium spaces with bridges, archways, tunnels and more along with new creatures.
Valve today hosted the much anticipated Steam Deck Development Livestream where they and their partners at AMD talked more about the forthcoming Steam Deck's hardware and software.
The recording from the livestream is embedded below for those interested, but some of the key takeaways from today's developer-focused Steam Deck event included...
Suppose you were looking for all the essential elements to make a great Halloween-themed shooting game. Zombies? Check. Giant “lasers”? Check. Crossbows shooting forks? We’ve got you covered. Check out “Fork The Zombies“, which was set up by [piles.of.spam] to entertain the neighborhood kids this Halloween.
The game is played on a big screen, which shows a horde of angry zombies marching toward the player, who has to shoot as many as possible before they reach the front of the screen. The weapon provided is a crossbow; when the trigger is pulled, a fork is launched and hopefully skewers one of the ghouls. The game was written using an open-source engine called Urho3D, which takes care of all the hard-core 3D and physics work, allowing the user to focus on designing the gameplay and visuals.
SteamOS was available to download for free, like many other GNU/Linux distributions out there, and you were able to install it on any machine if you wanted to turn it into a full gaming computer. I personally followed its development, and the latest version ever released was SteamOS 2.195, more than two years ago.
Apparently, during this time, Valve rebased their SteamOS distro on Arch Linux, a powerful and flexible rolling-release distribution, most probably to provide users with the latest security and software updates as soon as their are available upstream.
Forza Horizon 5 is one of the biggest games of the year and has seen unprecedented player numbers and rave reviews. The PC version it's fair to say has had some issues, but the fact it's available through Steam also opened up the possibility of playing on Linux, and therefore Steam Deck, thanks to Valve's Proton.
Initially, it was a bust, but these folks don't sit still for long and already there have been some positive developments. Improvements in the bleeding edge versions of Proton Experimental have enabled Forza Horizon 5 to be played on Linux with some positive reports.
So it wasn't enough that Age of Empires 4 from Xbox Game Studios was now playable on Linux, Proton Experimental has once again been upgraded to get Forza Horizon 5 off the starting line. That's right, you can now play the latest (and greatest?) from Playground Games and Xbox Game Studios on Linux.
That was the single change noted in the update notes from Valve for Proton Experimental for November 11. It should work across both AMD and NVIDIA GPUs now too, although it's all still experimental of course. Buy at your own peril for now but hey — a couple days from release is pretty damn good for the latest title to begin working. Have to hand it to the developers at Valve and CodeWeavers working on Proton, they certainly know their stuff.
Steam was released as a beta for Linux nine years ago. While Linux gaming was a niche within a niche before that time, in the years since, gaming on Linux has been only getting better and more convenient. Valve released their own console-like distro SteamOS in 2013, and while it was a mess, distros like ChimeraOS have drastically improved the quality-of-life experience of PC gaming in the living room.
Valve brought most of their game catalog to Linux, while many Linux gamers were begging developers to port their games over. Some did, most of whom were indie developers, and porting was made easier thanks to engines like Unity and Unreal offering one-click export options. Companies like Feral Interactive, Aspyr, and Virtual Programming did the AAA stuff, bringing titles like Borderlands 2, Bioshock Infinite, the Tomb Raider reboot series, the F1 series, and many more hits to our beloved platform. While some of the ports were hit or miss, it was awesome just seeing the splash screen for GRID Autosport back in 2015 as the game was booting up.
As it stands today, there are over 60k titles available on Steam. Just a little over 9k (15% of the entire catalog) are available natively for Linux. In late 2017, a few months prior to the announcement of Proton — a collection of tools combined to create the best Windows gaming experience on Linux — the number of Linux titles was at its peak. Slowly over time, however, the number of native titles dropped, as Proton was proving to not only play many titles out-of-the-box, but now game developers didn’t have to spend the time and extra resources to support a secondary platform when Proton took care of most things for them.
2D co-op submarine death simulator Barotrauma will be having a big sale and a Steam Free Weekend starting later today. Your chance to buddy up with some friends and watch the chaos unfold.
Barotrauma sends up to 16 players on an underwater journey in a sci-fi submarine in the oceanic depths of Jupiter's moon Europa. The crew discovers alien wonders and horrors, commands various submarine systems, and fights to survive dangers from both outside and within. The game is continuously being updated and improved.
For Ubuntu, Fedora, and other Linux with GNOME desktop, a modern GTK4 Telegram app “Telegrand” is under development.
Telegrand is the free open-source client written in Rust programming language. By using libadwaita library, it has an adaptive user interface to fit all screen sized.
Though Telegram has official app for Linux, this new app is worth expecting for GNOME users. As an in-development project, it isn’t considered stable software yet. So far, it supports log in via phone number or using QR code.
Many users may have a set of old computers laying around, which they have accumulated over the years. Instead of throwing them at the trash, you should know that you can revive these old computers with lightweight Linux distributions.
[...]
Now a lot of other people and websites may recommend a totally different set of lightweight distributions for you, but in our selection, we didn’t just care for resources usage and the distribution’s ability to work on old hardware.
Instead, we also cared for the ease of use and your ability as a user to deal with the distribution on daily basis to do your tasks. At the end, the goal is not simply to get an old computer to just work – the goal is to get an old computer to work and do things that you need as someone living in 2021.
Remember that the definition of an “old computer” varies a lot. A 2014 laptop can almost run any Linux distribution released today, but a 2009 old laptop? Not much. Here, we are talking about hardware which is at most 10 years old.
So let’s end chatting… Here are our 5 most recommended lightweight Linux distributions for you.
The Alpine Linux project is pleased to announce the immediate availability of version 3.14.3 of its Alpine Linux operating system.
ith new entrants and incumbents enlivened by technology, competition is fierce in the auto industry. Yet, it’s how carmakers respond to the digitization, electrification and automation of how we move that will define whether they still exist in a decade’s time.
Automakers can no longer afford to ignore the reality of CASE – Connected, Autonomous, Shared and Electric driving – and the way it’s already reengineering the competitor landscape. The pace of change is only going accelerate.
Tumbleweed keeps being predictable when it comes to the update cadence. This week, we could publish 5 fully tested snapshots (1104, 1105, 1106, 1107, and 1110).
Red Hat Enterprise Linux (RHEL) 8.5 brings new features and improvements to help deployments, optimize performance and help risk mitigation.
Red Hat announced a few days ago the release of the new version of Red Hat Enterprise Linux 8.5. The 8.x branch, which will be supported until at least 2029, is evolving according to a new predictable development cycle, which involves the formation of releases every six months at a predetermined time.
Returning to RHEL basics, its web console, which is based on the open-source Cockpit project, now enables you to live patch the kernel from it. Previously, you could only keep your Linux running while updating the kernel in real-time by using the shell.
The updated web console also includes an enhanced-performance metrics page. With this, you can more easily identify high CPU, memory, disk, and network resource usage spikes and their causes. In addition, you can also more easily export metrics to a Grafana server for a deeper look at what's going on in your servers.
Red Hat is also continuing to integrate its Ansible DevOps program into RHEL. RHEL's system roles now use Ansible roles and modules to configure, automate, and manage RHEL services.
AlmaLinux, the Linux distribution designed specifically as a CentOS replacement, just released version 8.5 as its third stable release.
AlmaLinux OS is an open source, community-governed and forever-free enterprise Linux distribution. It is focused on long-term stability and delivering a robust production-grade platform. It is a production-ready drop-in replacement for the CentOS Linux distribution that will cease to be supported at the end of this year.
AlmaLinux OS Foundation, the nonprofit that stewards the community owned and governed open source CentOS alternative, today announced delivery of its third stable release within 48 hours of general availability of the upstream Red Hat Enterprise Linux 8.5 release.
Less than 48 hours after the release of Red Hat Enterprise Linux 8.5, developers at the RHEL clone, AlmaLinux, pushed their own 8.5 version out the door. This means there’s already a drop in replacement for Red Hat’s latest and greatest, ready for production use without a subscription from Red Hat or anyone else.
AlmaLinux OS 8.5 builds on the changes that Red Hat implemented in their Red Hat Enterprise Linux 8.5 release, and also adds two new repositories, including ResilientStorage and Plus, as well as new OpenSCAP Security Guide profiles, including a new profile aligned with the Australian Cyber Security Centre Information Security Manual (ACSC ISM), a new STIG profile compatible with server with GUI installations, and a new French National Security Agency (ANSSI) high level profile.
rpminspect 1.7 is now available. This release includes a lot of fine tuning and bug fixing as more projects and workflows adopt rpminspect.
The main feature present in the 1.7 release is the unicode inspection. This inspection has been added in response to the Trojan Source vulnerabilities that were recently disclosed to the public. The inspection checks text files in source RPMs as well as extract source archives for any files containing forbidden Unicode code points. The forbidden code points have to be defined in the rpminspect configuration file. See the data/generic.yaml file for an example configuration block for the unicode inspection. The code points defined there are the bidirectional code points the Trojan Source vulnerability discusses.
IBus 1.5.25 is now released and available in Fedora 35.
# dnf update ibus
This release changes the default Emoji shortcut key to Ctrl-period, which was Ctrl-Shift-e previously, to follow GTK shortcut keys. MS-Windows provides Super-period shortcut key for Emoji typing and MacOS does Command-Shift-space shortcut key currently.
One of the biggest misconceptions about job searching is that hiring stops during the holiday period. Job seekers often wait until the beginning of the year to restart their job application process, but there’s no need to take a break.
Organizations are looking to fill open spots before they close the budget for the end of the year. Many are desperately looking for candidates. By strategically applying for opportunities during the holiday period, you can increase your chances of landing a job even before the start of the next year.
Phil Andrews, VP and General Manager, CEMEA Region, Red Hat, shares insights into the findings of the latest ‘The State of Enterprise Open Source’ report and calls on organisations to work with the right vendors to fully maximise the opportunities and innovations within open source communities.
The Linux Foundation and Red Hat are sponsors of The New Stack.
The most frustrating thing about this whole deal is that I wasn't able to get to the point where init matters, to see how it fares and compares to systemd. But then, the live system started in only about 20 seconds from an ancient USB2.0 stick, not different from any other distro. It was blazing fast in the live session. Ugly but fast. Then, I remembered. MX Linux. There's a Debian-based distro, which is fast, simple, elegant AND uses init. And it boots fast and true. So I can relax.
Back to Devuan. The experience is quite similar to Debian. It's not meant for home use unless you're willing to invest a lot of energy getting everything sorted out nicely. But then, at that point, you might as well use a derivative distro that has been polished, tweaked and made practical by someone else. On top of that, Devuan wouldn't even boot after the installation, so there's very little else for me to say. Until the next time.
As part of the snap creation cycle, the Snapcraft tool creates isolated build instances inside which all of the necessary work – download of sources, compilation, packaging, etc. – is done in a safe manner, without touching the host system. While there are many advantages to the use of the virtual machines (via Multipass) or containers (via LXD) for these tasks, the downside is a fairly liberal use of the network bandwidth to setup and configure the Snapcraft work environment.
In some scenarios, you may be constrained in your available network throughput or data. To help with that, the latest build of Snapcraft comes with a new, experimental offline mode, designed to minimize the reliance on online sources, and allow you to continue working and building snaps even if you have no access to the network.
Created by renowned XDA member KonstaT (KonstaKANG), there’s now an unofficial LineageOS 19.0 build for Raspberry Pi 4 Model B, Raspberry P 400, and Raspberry P Compute Module 4 (CM4) computers, based on the Android 12 mobile operating system and, to my surprise, it runs quite well.
The image is distributed in the same format as any other Raspberry Pi operating system, which means that after you’ve downloaded the image (see direct download link at the end of the article), you’ll be able to easily write it on a microSD card with the official Raspberry Pi Imager utility or a similar tool.
Nexcom’s rugged, IP65 protected “VMC-220” in-vehicle computer runs Linux on an i.MX8M with an 8-inch, 1K-nits touchscreen, 80 dB speakers, GPS, 2x M.2, M12 ports for GbE, USB, GPIO, CAN, and COM, and battery and RFID options.
Nexcom announced a rugged vehicle mount computer with an 8-inch touchscreen for vehicle fleets, port warehouse management, vehicle control in mines, and indoor and outdoor stacker storage vehicles used for smart warehousing and logistics management. The VMC-220, which follows earlier 8- and 10.4-inch Nexcom VMC vehicle mount systems based on Intel’s Apollo Lake, runs Linux on a quad-core, Cortex-A53 i.MX8M clocked at 1.3GHz. Android is available by request.
Portwell PCOM-B657VGL joins other COM Express and COM HPC modules based on Intel Tiger Lake-H Xeon, Core, and Celeron embeddded processors such as ADLINK Express-TL and Congatec conga-HPC/cTLH.
Just like its competitors, the Portwell COM Express Type 6 Basic module offers 8K video output, PCIe x16 Gen 4, up to 64GB DDR4, USB 3.2 Gen 2, and 2.5GbE networking for a wide range of higher-end embedded applications such as industrial automation, medical equipment, graphics-intensive applications, and artificial intelligence.
We know you like soldering irons, we’re quite fond of them ourselves. But the reality is, modular components and highly capable development boards allow the modern hardware hacker to get things done with far less solder smoke then ever before. In fact, sometimes all you need to finish your project is the right code.
Case in point, check out the slick electronic paper weather display that [Danko Bertović] shows off in the video below. While it certainly fits the description of a DIY project, he didn’t have to put any of the hardware together himself. The M5Paper is an ESP32 development kit designed around a crisp 4.7ââ¬Â³, 960 x 540 e-paper panel that includes everything from environmental sensors to an internal 1150 mAh battery. To make your handheld e-paper dreams come true, the only thing you need to provide is the software.
[pmig96] loves PalmOS and has set about on the arduous task of reimplementing PalmOS from scratch, dubbing it Pumpkin OS. Pumpkin OS can run on x86 and ARM at native speed as it is not an emulator. System calls are trapped and intercepted by Pumpkin OS. Because it doesn’t emulate, Palm apps currently need to be recompiled for x86, though it’s hoped to support apps that use ARMlets soon. Since there are over 800 different system traps in PalmOS, he hasn’t implemented them all yet.
Generally speaking, his saving grace is that 80% of the apps only use 20% of the API. His starting point was a script that took the headers from the PalmOS SDK and converted them into functions with just a debug message letting him know that it isn’t implemented yet and a default return value. Additionally, [pmig96] is taking away some of the restrictions on the old PalmOS, such as being limited to only one running app at a time.
My regular greeting is *finally* appropriate, as we announce the latest version of Raspberry Pi OS, named Bullseye. (Get it? Bullseye is the horse owned by Woody in Toy Story, who is a cowboy and says “howdy” all the time? Never mind.)
We also gave Japan the good news that a Raspberry Pi 400 variant with a Japanese keyboard layout is now available to buy.
It’s aimed at educators who use (or want to use) Arduino kits in their middle school or high school classrooms. Arduino Certification is an online exam that tests your knowledge of electronics and programming. Students, makers, professionals and everyone in between can take the exam, too.
Here's a new video from the Raspberry Pi Foundation regarding the upgraded Raspberry Pi OS that is now based on Debian 11. See also the blog post on the update.
Different project management software tools come in all shapes and sizes, vary in functionality and deployment models (SaaS or on-premises) but they are always used to collaborate and delegate tasks based on the needs of a team.
No matter the size of the team and its field of activity, the goal remains the same – assigning project roles and responsibilities to team members, monitoring their progress, and managing the project budget to achieve some valuable results.
Almost 14 months since I celebrated 15,000 commits in curl’s source code repository I have now passed 16,000 commits.
My commit number 16,000 was a minor man page fix.
The official gitstats page shows that I’ve committed changes on almost 4,600 separate days since the year 2000.
Odyssey team is pleased to announce the release of Odyssey 1.2, a scalable multi-threaded connection pooler for PostgreSQL\GreenplumDB designed for the cloud.
PgBouncer 1.16.1 has been released. This is a minor release with a security fix.
Le Gouvernement de la République française – the government of France for Anglophones – has published a website containing 9,067 repositories of FOSS software created by 1,022 organisations and groups in the French public sector.
After two years of work, the site hit version 1.0 on Wednesday.
Helpfully for non-Francophones, the homepage and much of the info is in English – although saying that, just to warn you, the same isn't true of all the background information and the various organisational pages we're about to link to.
The site is run by Etalab [Fr], which is a department of DINUM [Fr], the Interministerial Digital Directorate, and the software is released under Etalab's Open License 2.0 – defined in English in this PDF file.
The release happened as a result of a decree [Fr] of Open Government [Fr] from 30 October 2019 after the French government joined the Open Government Partnership in April 2014.
As we reported previously, a study from the European Commission investigating the impact of open source software (OSS) and hardware estimated that a €1 billion investment in open source software resulted in an impact of between €65 and €95 billion on the European economy. The report also outlined extensive recommendations for enabling future EU growth of open source hardware and software.
A recent article by Frank Nagle for the Brookings Institution further examines the study in terms of U.S. digital infrastructure and in light of the bipartisan infrastructure bill.
We are happy to announce that Qt Installer Framework, Qt Online Installer and Qt Maintenance Tool 4.2.0 have been released.
The Ephemeral Miniconf is planned on thursday 18th of november 2021!
Have you heard about The Ephemeral Miniconf ?
It's a Perl/Raku free and online miniconf that will take place on Zoom! Think "TPRCiC" but smaller with only one track :)
Util::H2O is an incredibly powerful tool for managing HASH references in a more natural way.
This post is the first of several that will explore this awesome module. I've started using it quite a bit in both new code and in existing code. There are several imporant cases where it really shines. Here we explore the power it has to iteratively refine existing code. It's also fun and easy to introduce into existing code.
Util::H2O provides a method called h2o that provides a very powerful way for turning a hash reference to an object. Generally speaking, this means I get accessors with as few keystrokes as possible.
Between January and September 2021, 24 legislatures across the United States introduced 54 separate bills intended to restrict teaching and training in K-12 schools, higher education, and state agencies and institutions. The majority of these bills target discussions of race, racism, gender, and American history, banning a series of “prohibited” or “divisive” concepts for teachers and trainers operating in K-12 schools, public universities, and workplace settings. These bills appear designed to chill academic and educational discussions and impose government dictates on teaching and learning. In short: They are educational gag orders.
Collectively, these bills are illiberal in their attempt to legislate that certain ideas and concepts be out of bounds, even, in many cases, in college classrooms among adults. Their adoption demonstrates a disregard for academic freedom, liberal education, and the values of free speech and open inquiry that are enshrined in the First Amendment and that anchor a democratic society. Legislators who support these bills appear determined to use state power to exert ideological control over public educational institutions. Further, in seeking to silence race- or gender-based critiques of U.S. society and history that those behind them deem to be “divisive,” these bills are likely to disproportionately affect the free speech rights of students, educators, and trainers who are women, people of color, and LGBTQ+. The bills’ vague and sweeping language means that they will be applied broadly and arbitrarily, threatening to effectively ban a wide swath of literature, curriculum, historical materials, and other media, and casting a chilling effect over how educators and educational institutions discharge their primary obligations. It must also be recognized that the movement behind these bills has brought a single-minded focus to bear on suppressing content and narratives by and about people of color specifically–something which cannot be separated from the role that race and racism still plays in our society and politics. As such, these bills not only pose a risk to the U.S. education system but also threaten to silence vital societal discourse on racism and sexism.
Computers, from the simplest to the most complex, aren’t very useful if they can’t provide feedback to a user. Whether that interface takes the form of a monitor, a speaker, or a simple LED, there’s almost always some kind of output. One of the most ubiquitous is the ever-present seven-segment display. They’re small, they’re easy to use, and, perhaps most important, they’re cheap.
[Applied Procrastination] is in the business of vertical ferrofluid displays, but struggles somewhat with the electromagnets available off the shelf and the proliferation of wiring that results. [Carl Bugeja] is in the business of making PCB coils, both with rigid and flex PCB substrates, so when the opportunity for a collaboration arose, [AP] jumped at the opportunity.
The evolution of the trackball, which is more than an upside-down mouse. It's the Royal Canadian Navy’s greatest gift to modern-day computing. Really.
Ever find yourself in a bar with a single arcade machine, and the machine is inevitably not targeting gamers? Like, rather than, say, a fighting game or something iconic like NBA Jam or even Donkey Kong, it’s either a variation of Big Buck Hunter, a bowling game like Silver Strike Bowling, or a golf game like Golden Tee. These games, of course, aim for a wide audience, quite literally in the case of Big Buck Hunter. But the golf and bowling games are notable, really, because of their control method—they don’t use a joystick; they use a massive trackball. As far as input devices go, the trackball is perhaps the nerdiest, and therefore the most interesting. It’s also older than you might expect. Today’s Tedium is gonna tell you all about it—and why it’s not just a glorified mouse. — Ernie @ Tedium
(From a joke I made on IRC. I bet I get banned from #windows on Libera Chat shortly.)
Maybe we really were better off with ASCII. Back in my day, we had space for 256 characters, didn’t even use 128 of them, and we took what we got. Unicode opened up computers to the languages of the world, but also opened an invisible backdoor. This is a similar technique to last week’s Trojan Source story. While Trojan Source used right-to-left encoding to manipulate benign-looking code, this hack from Certitude uses Unicode characters that appear to be whitespace, but are recognized as valid variable names.
[...]
Last week, the coa and rc packages temporarily updated to versions containing malicious code. The timing, and nearly identical added code, indicates that it was the same individual or group behind both packages. While the malware seemed to be non-functional on some systems, it should be assumed that anywhere these malicious versions were deployed is compromised. At a combined 20 million weekly downloads for these two packages, there are sure to be many compromises, even given the short time the malicious packages were available on the 4th. NPM was hosting the malicious version of coa for one hour and twelve minutes. The rc package pushed the malicious update a couple hours later, and it’s unclear how long that version was available.
The malicious code was run using a preinstall script, which seems to be the common vector for these hacks. There have been suggestions that install scripts should be disabled by default. While that would prevent these very simple attacks, it wouldn’t actually protect against the underlying problem. Supply chain attacks are a growing problem, but they seem to be particularly problematic in the world of full-stack JavaScript. If the popularity of node.js and npm are to continue, we will need a better solution to this pernicious problem.
Security updates have been issued by Debian (node-tar, postgresql-11, postgresql-13, and postgresql-9.6), Fedora (autotrace, botan2, chafa, converseen, digikam, dmtx-utils, dvdauthor, eom, kxstitch, pfstools, php-pecl-imagick, psiconv, q, R-magick, radeontop, rss-glx, rubygem-rmagick, synfig, synfigstudio, vdr-scraper2vdr, vdr-skinelchihd, vdr-skinnopacity, vdr-tvguide, and WindowMaker), Mageia (kernel, kernel-linus, and openafs), openSUSE (kernel), Red Hat (freerdp), SUSE (bind and kernel), and Ubuntu (openexr, postgresql-10, postgresql-12, postgresql-13, and samba).
CISA has released an Industrial Control Systems Advisory (ICSA) related to a public report detailing vulnerabilities found in multiple open-source and proprietary Object Management Group (OMG) Data-Distribution Service (DDS) implementations. Successful exploitation of these vulnerabilities could result in denial-of-service or buffer-overflow conditions, which may lead to remote code execution or information exposure.
CISA encourages users and administrators to review ICSA-21-315-02: Multiple Data Distribution Service (DDS) Implementations and apply the necessary updates as quickly as possible.
Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. It was a “watering hole” attack, which means the malware was hidden in a legitimate website. Users visiting that website would get infected.
Google researchers caught hackers targeting users in Hong Kong exploiting what were at the time unknown vulnerabilities in Apple’s Mac operating system. According to the researchers, the attacks have the hallmarks of government-backed hackers.
On Thursday, Google’s Threat Analysis Group (TAG), the company’s elite team of hacker hunters, published a report detailing the hacking campaign. The researchers didn’t go as far as pointing the finger at a specific hacking group or country, but they said it was “a well resourced group, likely state backed.”
“We do not have enough technical evidence to provide attribution and we do not speculate about attribution,” the head of TAG Shane Huntley told Motherboard in an email. “However, the nature of the activity and targeting is consistent with a government backed actor.”
The diffoscope maintainers are pleased to announce the release of diffoscope version 191. This version includes the following changes:
[ Chris Lamb ] * Detect XML files as XML files if either file(1) claims if they are XML files, or if they are named .xml. (Closes: #999438, reproducible-builds/diffoscope#287) * Don't reject Debian .changes files if they contain non-printable characters. (Closes: reproducible-builds/diffoscope#286) * Continue loading a .changes file even if the referenced files inside it do not exist, but include a comment in the diff as a result. * Log the reason if we cannot load a Debian .changes file.
[ Zbigniew JÃâ¢drzejewski-Szmek ] * Fix inverted logic in the assert_diff_startswith() utility.
Following command will ssh through host in the middle. Unreachable_host is unavailable from local network, but it’s available from reachable_host’s network. This command creates a connection to unreachable_host through “hidden” connection to reachable_host.
In recent years, continuous fuzzing has become an essential part of the software development lifecycle. By feeding unexpected or random data into a program, fuzzing catches bugs that would otherwise slip through the most thorough manual checks and provides coverage that would take staggering human effort to replicate. NIST’s guidelines for software verification, recently released in response to the White House Executive Order on Improving the Nation’s Cybersecurity, specify fuzzing among the minimum standard requirements for code verification.
Over on the Google Security blog, Jonathan Metzman announced the release of ClusterFuzzLite, which is "a continuous fuzzing solution that runs as part of CI/CD workflows to find vulnerabilities faster than ever before". ClusterFuzzLite is a descendant of OSS-Fuzz, which we looked at in 2017.
LAW ENFORCEMENT USE of surveillance drones has proliferated across the United States in recent years, sparking backlash from privacy advocates. But newly leaked aerial surveillance footage from the Dallas Police Department in Texas and what appears to be Georgia's State Patrol underscore the breadth and sophistication of footage captured by another type of aerial police vehicle: helicopters.
[...]
The footage the group released Friday, samples of which were viewed by WIRED, shows helicopters operating during the day and at night, capturing everything from vistas high overhead to cars lined up at a McDonald's drive-through, and individuals standing in their yards or on local streets. The leak illustrates the inherent risk of collecting and retaining sensitive footage that could be breached.
“This is exactly one of the things that people are constantly warning about, especially when it comes to government surveillance and corporate data mining,” Best told WIRED in a text message interview. “Not only is the surveillance itself problematic and worrisome, but the data is not handled in the ideal conditions we're always promised."
The vast majority of the leaked footage appears to come from the Dallas Police Department. In response to three screenshots from the leak, DPD public information officer Brian Martinez wrote in an email that “the pictures show screenshots of video from the department helicopter.” He declined to comment about DPD’s data storage practices, including how long the department retains helicopter surveillance videos. “Due to security measures, we are not able to discuss data storage,” he wrote. “All video from the helicopter is available to any person requesting the video through the Open Records Act.”
The single best option for reducing the risk of nuclear war is hidden in plain sight. News outlets don’t mention it. Pundits ignore it. Even progressive and peace-oriented members of Congress tiptoe around it. And yet, for many years, experts have been calling for this act of sanity that could save humanity: Shutting down all of the nation’s intercontinental ballistic missiles.
Four hundred ICBMs dot the rural landscapes of Colorado, Montana, Nebraska, North Dakota, and Wyoming. Loaded in silos, these missiles are uniquely—and dangerously—on hair-trigger alert. Unlike the nuclear weapons on submarines or bombers, the land-based missiles are vulnerable to attack and could present the commander in chief with a sudden use-them-or-lose-them choice. “If our sensors indicate that enemy missiles are en route to the United States, the president would have to consider launching ICBMs before the enemy missiles could destroy them. Once they are launched, they cannot be recalled,” former Defense Secretary William Perry warns. “The president would have less than 30 minutes to make that terrible decision.”
In what would have been a monumental first for the group, the Yes Men supposedly got an absurd fake company — "YASAVA," producing "bespoke airplane couture" for private corporate fleets — accepted into two official COP26 "Net Zero" programs: the Race to Zero and Science-Based Targets initiatives (which also, incidentally, include Maersk, Chevron, Halliburton, Delta, United, American, DL Piper, Edelman, JP Morgan, Hitachi, Iberdrola, Unilever, and thousands more climate luminaries from the transport, mining, and fossil energy sectors).
The "fake" Yes Men release went out at 8am GMT Monday, Nov. 8 and was soon followed up with a (fake) "reveal" from our partners in crime, Glasgow Calls Out Polluters (GCOP), who simultaneously released their (very real) report, "Race to Zero (credibility)," about the same two COP26 "net zero" initiatives.
On the steps of city hall, Mayor David Anderson hollered a guttural “Wahhh!!!” and shot his arms into the sky to celebrate, looking like an inflatable air dancer blowing in the wind.
“Four! Hundred! Million! Dollars!” he shouted, in July, to city residents in Bronson Park, a leafy plaza adorned with bronze busts and plaques honoring pioneers and philanthropists.
Anonymous donors had just given what is thought to be the largest-ever gift to support a municipality, and for city officials, it felt like winning the lottery. It was also a win for two of Kalamazoo’s richest men, philanthropists William Parfet and William Johnston, who created the foundation that received the money and that will determine how most of it is spent.
Every new subculture eventually develops its own language, and the people buying and selling NFTs are no different.
The blockchain scene is full of crypto-heads spouting phrases like WAGMI (we are going to make it), cope, and GM (good morning). Sometimes a subculture will produce a new phrase or buzzword so beautiful it gets adopted by the wider culture. So it is with “right-clicker mentality.”
An NFT-bro using the phrase “right-clicker mentality” went viral on October 26 on Twitter while talking about Salt Bae. If you aren’t familiar, Salt Bae is a Turkish chef named Nusret Gökçe who went viral in 2017 for the way he sprinkles salt on meals. His restaurants boomed on the back of his internet success and now he charges tens of thousands of dollars for gold-encrusted steaks at his London location.
A popular genre of post online right now teaches you how to make Salt Bae-quality meals at bargain prices. In one video, a man recreated one of Salt Bae’s $2,000 steaks for about $90. A NFT fan apparently felt that this was an example of what they called a “right-clicker mentality” and took to Twitter to share their frustration.
“This is a great example of right-clicker mentality,” Midwit Milhouse said on Twitter. “Sure, you can make your own gold-coated steak for 65GBP, but then you don’t have the satisfaction, flex, clout that comes from having eaten at Salt Bae’s restaurant. The value is not in the cost of the steak. Go ahead, make yourself a gold-coated steak at home. Post a picture of it on Instagram. See how much clout it gets you. Salt Bae’s dish costs around 1500GBP because people want to pay 1500 GBP to show off that they can afford to pay that much. It’s all about the flex.”
A system modeled after Linux operations strives to improve institutional adoption, the next step in the technology’s mainstream usage.
[...]
aelf is designed as a customizable OS, the equivalent of a “Linux system” for blockchain. Considering Linux as an example, the Linux Kernel and other Linux versions make up a greater Linux family. The Linux Kernel addresses the critical parts within this family, while other developers can address the customized systems. aelf operates with a similar system, where the whole network is built in the platform’s innovative multi-library selection structure, enabling unlimited scalability and lower costs.
Margaret Thatcher was the least science-fictional world leader in modern history.
Her motto was “There is no alternative,” a phrase she repeated so often it became an acronym: “TINA.”
She was referring to capitalism, asserting that there is no conceivable alternative. It was a cheap but remarkably effective rhetorical device, treat€ing a demand as an observation. The true meaning of TINA isn’t “No alternative is possible,” but rather, “Stop trying to think of an alternative.”
I mean, thinking of alternatives is literally my job.
TINA is part of a philosophy, “capitalist realism,” a phrase coined by Mark Fischer in the early 2000s. Fischer said that capitalist realism is best captured in the quote “It is easier to imagine an end to the world than an end to capitalism” (this quote has been vari€ously attributed to the philosopher Slavoj Žià ¾ek and the literary critic Fredric Jameson).
Žià ¾ek (or possibly Jameson) got a lot closer to the problem than Thatcher ever did. For while it’s easy to imagine something after capitalism, imagining capitalism’s sunset is far harder.
