The Linux ecosystem in many ways found much of its momentum via hardware, rather than software. So it makes sense that there have been some fascinating efforts to reinvent the Linux ecosystem around hardware. The Raspberry Pi has of course built lasting excitement around computer hardware in contexts that fit neatly into the internet of things. But as desktop Linux distros have at times felt like wheel-spinning exercises (just ask Linus Tech Tips, and shout-out to Jason Evangelho), it feels like Linux hardware targeted at consumers is likely to push it over the edge at some point. I’ve already covered two of those efforts in the relatively recent past—the PineBook Pro and the PinePhone, both made by Pine64—but the JingPad represents something different: an attempt to make a piece of hardware that supports Linux from the ground up … that a non-Linux user might actually want to use. Today’s Tedium takes an up-close look at the JingPad A1, an experimental new tablet worth looking into.
You guys. I can't let this go! LTT got it wrong. The comments got it wrong. The fact that YOU don't know where a setting is doesn't mean it's hidden. Hidden means "placed somewhere non-obvious" and, frankly, I'd expect AUR and Flatpak support to be tucked away in Pamac's settings menu. Compare opening Pamac's settings panel, typing in your password, and selecting the "Third Party" tab to literally any other settings menu and you'll see that it's virtually equivalent in almost every instance. The only difference is that most people haven't used Manjaro before.
he Director of EndlessOS joins us to respond to recent Flatpak criticism.
We take the opportunity to expand on the overall effort to solve Linux fragmentation.
An early batch of Intel kernel graphics driver feature updates intended for Linux 5.17 was sent out yesterday to DRM-Next for queuing until that next merge window opens around the start of the new year. Notable with this pull is Icelake "Gen11" graphics finally seeing variable rate refresh enabled!
With the Linux 5.16 merge window well past, the Intel open-source graphics driver developers have been turning their attention to material they want to see in Linux 5.17 for that kernel to be introduced in the early months of 2022. Sent out yesterday was the first of several PRs to DRM-Next of changes to be queued for that next kernel version.
The YouTube downloader GUI is a frontend for /usr/bin/youtube-dl, which is a python script. A problem is that YouTube move the goal posts, in an attempt to stop these downloaders from working. The youtube-dl developers respond by changing their script so that it works again.
Have just downloaded English, French and German Firefox 94.0.2 tarballs, and it will be in the next release of EasyOS.
Version 1.9 of sudo was released almost two years ago. One of the major new features was support for Python plugins. Previously, you could only extend sudo by coding in C to better suit your environment, which is not the easiest task to manage. Python makes both coding and distributing the results easier. Starting with Safeguard for Sudo 7.2, Python support is also available in a commercial sudo management solution.
[...]
The approval plugin API was introduced in sudo 1.9 and lets you create additional policies. These are checked once a command has been accepted by the sudoers policy. You can create plugins either in C or Python. For example you can create additional restrictions based on time and limit your workers to execute commands only during regular working hours.
Just like the approval plugin API, the audit plugin API was also introduced in sudo version 1.9. It allows you to access additional audit information. It can be used in many ways. For example implement custom logging to debug some hard to identify problems. Or you can send events from Safeguard for Sudo directly to Elasticsearch or send alerts to various instant messaging systems.
There are many ways of obtaining information about the hardware you are using. The simplest and most reliable source is your system itself.
There are plenty of tools that delve deep to find everything you need to know. And if you need assistance from others, they will find the information invaluable. Here’s our guide to the commands that you should familiarise yourself with.
Let’s start with a few of our favourites. We’ll then explore other useful tools that also gather hardware information.
The long-awaited Tesseract 5.0 is now available as a big update to this leading open-source, optical character recognition (OCR) engine that via neural networks offers great accuracy and supports more than 100 languages for turning images of text into actual text.
Tesseract 5.0 had been available as alpha since the end of 2020 and the Tesseract beta was released in August. On Tuesday, Tesseract 5.0.0 was officially released. Tesseract 5.0 delivers on faster performance via "fast floats" to use floats instead of doubles now for its LSTM model training and text recognition. This should lead to much faster training and OCR performance while using less system memory.
Google Fonts is a free interactive directory of over 1200 font families that Google has made available to developers and designers. The project was developed in 2010 to combat the licensing and compatibility issues that web developers faced when using proprietary fonts.
Most of the fonts are published under the SIL Open Font License and others under Apache. This has enabled users to make use of fonts on their websites and in different projects without the need to upload them to their own servers.
The Audacity sound editor is one of those open source applications that filled a niche that seemingly nobody else realized existed. Initially developed at Carnegie Mellon University at a time when many people still thought computers were just for office and schoolwork, and you required special DSP peripherals for serious multimedia work. Audacity recognized that, occasionally, the average computer user needed to edit audio. The Audacity team has consistently provided an open source application for recording and cleaning up sound in the two decades since.
I use Audacity a lot, and being an editor by training, I'm used to significant and usually single-key keyboard shortcuts in my applications. By building shortcuts around single letters, you can have one hand on the mouse and one on the keyboard, so the delay between choosing a tool or an important function and clicking the mouse is mere milliseconds. Throughout this article, I'll highlight the keyboard shortcut I use in Audacity if you want to optimize your own settings.
In this tutorial, we are going to learn how to install Telegram desktop on our ArchLinux.
Telegram is a freeware, cross-platform, cloud-based instant messaging service. The service provides end-to-end encrypted video calling, VoIP, file sharing, etc.
Google Chrome is the most used Internet Explorer software on the earth, with a recent update in 2021 that Chrome is currently the primary browser of more than 2.65 billion internet users. However, as you would know, after installing CentOS 9 Stream, only Mozilla Firefox is packaged with the distribution but luckily, installing Google Chrome is a straightforward task.
In the following tutorial, you will learn how to install Google Chrome in three various ways in stable, beta, or unstable versions on CentOS 9 Stream.
When installing CentOS Stream, the user account created during the initial setup has sudo rights if you selected the user to be an admin and create a root account. However, there may be a need to add additional sudo users or to remove the access. This is a straightforward process with a few commands.
In the following tutorial, you will learn to add a user to the sudoers group on any CentOS Stream distribution.
SCP is a protocol for securely transferring files between a local host and a remote host, or between two remote hosts. It is based on the Secure Shell (SSH) protocol. “SCP” refers to the Secure Copy Protocol. SCP or Secure copy protocol is easy to use and is included by default in most Linux and Unix distributions.
This article explains how to get Guake drop-down terminal to work properly under Wayland (GNOME). I've tested this using GNOME desktop running on Ubuntu 21.10 with a single monitor, because I currently don't have access to multiple monitors.
Guake is a Python-based drop-down terminal for the GNOME desktop which includes split terminal functionality, session save/restore (restores panes and tabs), support for transparency, and many other features.
It's inspired by the famous Quake console - the terminal stays hidden until you press a key (default is F12). Execute a command, then press the same key again to hide the terminal, going back to your previous task without breaking your workflow. You can also set Guake to automatically hide when it loses focus.
In this article you will learn how to run windows applications on Linux/Ubuntu 18.04 using Wine and other alternatives. Wine ( Wine Is Not an Emulator ), is an open source application which is provided as a compatibility layer in Linux . It is used to bridge the gap between Linux and windows worlds so that applications that are meant for Windows could run on Linux. An emulator or a virtual machine would simulate internal Windows logic whereas Wine would transform Windows logic into native UNIX/POSIX compliant logic.
This is said, not all Windows based applications can run on Linux and even if they do run, their behavior will differ from that in their natural Windows environment. Wine has a database (AppDB) which lists all applications that have been properly tested and confirmed to work on Linux.
Rainbow Six Siege is a popular multiplayer FPS game that utilizes the BattleEye anti-cheat engine.
Primarily, it does not support Linux. However, now that anti-cheat engines like BattleEye and Easy Anti-Cheat have added official support for Proton, many Linux users hope to get support for popular multiplayer titles that did not work with Linux.
Of course, you can always have Windows in dual-boot to play those titles. But, many users use Linux exclusively and cannot play Rainbow Six Siege even if they want to (or have it in their Steam library).
Well this is quite exciting. Collabora, the open source consulting firm that often works with Valve, has announced the experimental Venus driver for 3D acceleration of Vulkan applications in QEMU. For those not familiar, QEMU is a generic and open source machine emulator and virtualizer.
"Running graphics applications in a Guest OS can be annoying as they are generally greedy of computing resources, and that can slow you down or give you a bad experience in terms of graphics performance. Being able to accelerate all this by offloading the workload to the hardware can be a great deal. The VirtIO-GPU virtual GPU device comes into play here, allowing a Guest OS to send graphics commands to it through OpenGL or Vulkan. While we are already there with OpenGL, we can not say the same for Vulkan. Well, until now."
Recently we had news that DRM-free store GOG has been struggling with losses, and here's Steam continuing to just smash through previous records.
With the previous all-time high of 26,922,926 users online back in April 2021, on November 28 it yet again broke the record with 27,384,959 according to SteamDB. At the time the record hit, around 7.8 million were actually in-game and while it's of course spread across so many, the winner continues to be Valve's own free to play Counter-Strike: Global Offensive with about 915,791 online playing.
There's been some reports circulating thanks to YouTuber Tyler McVicker (previously known as Valve News Network) that goes into some detail about what Valve is up to. Seems like we might get an RTS/FPS hybrid for the Steam Deck. It seems that Half-Life 3 continues to not be a thing too.
Sounds like it will be called Citadel, or perhaps Half-Life: Citadel and will be "a co-operative, competitive, asymmetric, third-person, first-person, RTS, FPS, shooter-hybrid thing that takes place in the Half-Life universe" according to McVicker. Matches seem like they will be some sort of battle between NPCs, with you earning things to give to them using a wave-based system for the battling. The video states that Source 2 has been significantly upgraded with a new lighting system, and new NPC systems too. It's a lot to take in and sounds pretty wild.
While it's currently still in heavy development, OpenTESArena is another great example of what can be done with open source with it reimplementing The Elder Scrolls: Arena in a modern cross-platform game engine. It requires a copy of the original game for the data files, which you can get free officially.
It's not quite playable — yet, but it is showing massive promise and a new release is out now.
In November 2021, the Xfce developers managed to update the Whisker Menu plugin that provides an alternate menu for the Xfce desktop environment up to version 2.7.0. Whisker Menu 2.6.2 was released on mid-November to properly prevent interactive search in the treeview, as well as to fix menu toggling after pressing the Esc key and background shifting when showing the menu.
Whisker Menu 2.7.0 was released later in November with lots of goodies, including support for rounded profile picture, the ability to show categories as icons on top or bottom, optional AccountsService support, Catfish search action, support for CSS classes for theming, improved search result relevance.
The third beta of Krita 5.0 is here with lots of improvements and bug fixes to make the final release more stable and reliable. For example, it improves the alpha-mask PNG brush tips, adds support for loading the thumbnails for MYB mypaint brushes in a bundle, and fixes performance issues in the Magnetic Selection tool and textured brushes.
It also fixes drag and drop of remote images, as well as copy/paste of images from the Google Chrome web browser, disables subpixel translation in the Transform tool, improves the styling of the tagging widget, updates the detection of the Intel GPU driver version, and makes the line tool’s preview faster.
MX Linux MX-21 Xfce is the complete opposite of my MX-21 KDE review - that one was delightful. The Xfce one is the worst experience I had with this distro, probably ever. I didn't really get to properly test anything due to the general sluggishness, the login freeze, the suspend & wake problems, the Firefox slowness, the kernel oops, and all the rest of it. But the visual customization did show me one important aspect - how much more advanced KDE is, and how fragile scaling is in Xfce.
I really am not in the mood to manually tweak 20-30 separate Xfce elements just to have a nice, presentable desktop. That's 2005, and it needs to stop. The Xfce version of MX-21 ain't bad, but it's fragile. Worse yet, the distro behaved far better in the past, so we also have a regression on our hands. All I can say, go for the KDE version, it's amazing (among the best systems I ever tried). Whereas the Xfce one needs to go back to the workshop and get some serious rework. Alas, on that note, and with some mild paranoia swirling in my brain, we end this sad review.
Dubbed “Porcupine” and coming six months after the NixOS 21.05 release, NixOS 21.11 is here with a lot of goodies, starting with the GNOME 41.1 desktop environment for its dedicated GNOME edition and continuing with Wayland support for the KDE Plasma 5.23 edition, as well as version 6 of elementary OS’ Pantheon desktop.
This release ships with Nix 2.3.16 as default package manager, switches the iptables utility to the nf_tables backend, updates the Hadoop module and package to Hadoop 3 as default with new services like JournalNode, ZKFS and HTTPFS, and improves LXD support to build images directly from configurations.
NixOS is an original Linux distribution built atop its own unique Nix package manager that is focused on being functional, reliable, and reproducible. The Nix package manager concept is great but somewhat ironic is the new NixOS 21.11 release not even shipping with the latest Nix package manager version due to known regressions.
NixOS 21.11 released yesterday and rather than shipping with the latest-and-greatest Nix, it's being held back to the latest Nix 2.3 point release by default rather than Nix 2.4. Holding up the default version of Nix was done as "Nix has not been updated to version 2.4 due to regressions in non-experimental behavior."
NixOS 21.11 “Porcupine” is here, but default Nix version remains at 2.3 point release rather than Nix 2.4.
NixOS is a Linux distribution that is entirely different than what one can expect from a regular Linux distro. It’s a Linux distribution which takes a unique approach to package and configuration management, because it’s built around Nix tool. So let me first explain what the NIX tool is.
NIX is a package manager and it could be used on any Linux distribution on top of the distribution package manager. To put things simple, NixOS is an operating system, and Nix is a package manager.
Now, everything in NixOS down to the kernel, is built by the Nix package manager with a declarative functional build language. The whole system configuration: fstab, packages, users, services, firewall, etc., is configured from a global configuration file that defines the state of the system.
When installing software on a Linux system, your package manager keeps track of what's installed, what it's dependent upon, what it provides, and much more.
The usual way to look at that metadata is through your package manager. In the case of Fedora or Red Hat Enterprise Linux, it is the RPM database.
The RPM database can be queried from the command line with the rpm command, which supports some very nice formatting options. For example, to get a list of all packages sorted by size, I can use a little bit of Bash glue to do the following:
DevSecOps is an extension of DevOps that emphasizes security automation and cooperation across the organization. More than just hype, DevSecOps is a crucial addition to your organization's development and deployment processes, especially given the range of ransomware groups, industrial spies, identity thieves, and other attackers plaguing today's cyberworld. In this article, you will learn how DevSecOps extends familiar DevOps tools and processes to help cross-functional teams work together on the design and implementation of security policies and procedures.
2021 was a big year in the world of Kubernetes and Red Hat OpenShift, and over the past twelve months, we have aimed to provide content that will satisfy developer curiosity on how to best use these platforms, from info on the big release of OpenShift 4.8 to tutorials on deploying Helm charts and working with OpenShift Serverless Functions. Keep reading for these highlights and more.
The Jconf.dev community Java conference is going virtual for 2021, which means that developers worldwide will be able to stream sessions of interest wherever they are. The conference is on December 9, and a number of Red Hatters are presenting material that will be of interest to the developer community. Read on to learn more and find out when to tune in.
Each month, through our partnership with Harvard Business Review, we share five new HBR articles we believe CIOs and IT leaders will value highly. As 2021 comes to a close, we are taking a look back at the five most popular HBR articles from this past year. Here are the stories that resonated with you.
Sun Aug 14 10:36:37 2016, this is the birth date of BespokeSynth. Since that date, BespokeSynth has grown a lot; both in terms of its user base and the size of its codebase. BespokeSynth is an application for performing modular synthesis. Because it has been written by a newcomer to modular synthesis, it is quite different from the usual modular synthesizer. Note: I am the manager of the LinuxMAO / Audinux Copr repository.
This month I didn't have any particular focus. I just worked on issues in my info bubble.
Coming three weeks after the previous security updates, which addressed 13 vulnerabilities, the new Linux kernel security patches are available for Ubuntu 21.10 (Impish Indri), Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as Ubuntu 16.04 ESM (Xenial Xerus) and Ubuntu 14.04 ESM (Trusty Tahr) releases to address up to six security vulnerabilities.
For all supported Ubuntu releases, the new security updates fix CVE-2021-3744 and CVE-2021-3764, two security issues discovered in Linux kernel’s AMD Cryptographic Coprocessor (CCP) driver, which could allow a local attacker to cause a denial of service (memory exhaustion).
Hello! My name is Cristina, I’ve been a programme manager at Canonical for almost three years. I work across all the squads in our web and design team, helping with sprints planning and cross team collaboration.
[...]
The Apps team develops the UI for the MAAS project and the JAAS dashboard for the Juju project.
ArduCam has launched a $25 16MP camera with autofocus for Raspberry Pi boards with 40% higher resolution than the 12MP Raspberry Pi HQ camera, while keeping the compact form factor of the 8MP Raspberry Pi Camera V2.
The camera is equipped with a 16MP Sony IMX519 sensor, works with any Raspberry Pi board with a MIPI CSI interface, and the company claims that with the existing camera tuning algorithms from the Raspberry Pi Foundation, the camera module beats the Raspberry Pi HQ camera’s quality in every aspect including sharpness, saturation, exposure, and more. The downside is that it lacks supports for interchangeable lenses.
3D printer owners have for years benefitted from using Octoprint to help manage their machines, and most people run Octoprint on a Raspberry Pi. [Martijn] made it run on his PinePhone instead, which turned out to be a surprisingly good fit for his needs.
While [Martijn] was working out exactly what he wanted and taking an inventory of what Raspberry Pi components and accessories it would require, it occurred to him that his PinePhone — an open-source, linux-based mobile phone — would be a good candidate for his needs. It not only runs Linux with a touchscreen and camera, but even provides USB, ethernet, and separate DC power input via a small docking bar. It looked like the PinePhone had it all, and he was right. [Martijn]’s project page gives a walkthrough of the exact steps to get Octoprint up and running, and it even turns out to not be particularly difficult.
With the new Raspberry PI computer models having much more RAM, improving Chromium performance can be a core goal for people using it as Desktop computer. To achieve this, a good practice is moving cache on a RAMDisk
When [jns] and their colleague came across an industrial or possibly military grade keyboard/trackball combo on eBay, their minds did the same backflips that yours or mine might. Enthralled by the specialty key caps, the custom layout, and companion trackball adorned with its own keys rather than buttons [jns] and his workmate they did the only thing that infatuated hackers can do: They each bought one! [jns]’s goal? Make it work via USB. Everything’s been documented in both software and in a very well done video that you can see below the break.
[...]
In the video, [jns] goes into more detail about the discovery of reed switched keys, the RS422 protocol being used, blowing up an Arduino Pro Micro, and even repairing the aging trackball. Success was had, and he’s graciously shared the software and hardware design with the world.
November come with lots of rain, at least in my part of the world. It certainly creates a different vibe. I believe you also experience similar weather change lately, be it snow or rain. Whatever it is, I hope you all safe and healthy wherever you are. Oh, and happy thanksgiving for you who celebrate! Sorry for being late with the update this month (maybe it’s better to have it by the end of the month anyway), so let’s just dive into it!
The LibreOffice Quality Assurance ( QA ) Team is happy to announce LibreOffice 7.3 Beta1 is available for testing!
LibreOffice 7.3 will be released as final at the beginning of February, 2022 ( Check the Release Plan for more information ) being LibreOffice 7.3 Beta1 the second pre-release since the development of version 7.3 started in mid June, 2021. Since the previous release, LibreOffice 7.3 Alpha1, 1199 commits have been submitted to the code repository and 205 issues got fixed. Check the release notes to find the new features included in this version of LibreOffice.
The first beta of LibreOffice 7.3 is now available for testing as the next installment of this leading open-source, cross-platform office suite.
LibreOffice 7.3 Beta is the latest test candidate and comes with more than one thousand commits over 7.3 Alpha 1 from just over one month ago.
Jeff Bezanson, Jameson Nash, Ian Butterworth, Kristoffer Carlsson, Shuhei Kadowaki, Elliot Saba, Viral B Shah, Mosè Giordano, Simeon Schaub, Nicholas Bauer, Keno Fischer
After 4 betas and 3 release candidates, Julia version 1.7 has finally been released. We would like to thank all the contributors to this release (more than 79 people) and all the testers that helped with finding regressions and issues in the pre-releases. Without you, this release would not have been possible.
The full list of changes can be found in the NEWS file, but here we'll give a more in-depth overview of some of the release highlights.
Version 1.7 of the Julia programming language implementation is now available, the open-source high-performance language that is general purpose but especially popular for computational science and numerical analysis.
The Julia programming language is increasingly used for numerical computing/analysis use-cases and by all accounts remains on a terrific upward trajectory. Julia 1.7 is the latest feature release adding on new features and functionality.
We have released Qt 6.2.2 today. Along with close to 300 new bug fixes it brings security updates, an updated MinGW compiler and re-introduces two modules especially beneficial for automotive customers.
Mike visits Pallet Town and comes back with some SQLAlchemy performance wisdom to share. Meanwhile, struggling with a lack of performance, Chris has kicked the tires of his new M1 Max MacBook Pro and is ready to share his counter-narrative take on the new hardware.
Release 0.6.29 of the digest package arrived at CRAN earlier today, and will be uploaded Debian shortly.
digest creates hash digests of arbitrary R objects (using the md5, sha-1, sha-256, sha-512, crc32, xxhash32, xxhash64, murmur32, spookyhash, and blake3 algorithms) permitting easy comparison of R language objects. It is a mature and widely-used as many tasks may involve caching of objects for which it provides convenient general-purpose hash key generation.
PHP 8.1 was released in November 2021 as the latest minor version of the PHP language. It adds several new language features alongside some smaller improvements and performance enhancements. There are a few breaking changes to be aware of but most upgrades from PHP 8.0 should be straightforward.
[...]
PHP 8.1 adds many new features that make the development experience easier and more streamlined. Enums have long been a missing piece of the type system while readonly properties and new in initializers will make it quicker to write new classes.
Fibers help to make async PHP more approachable while first-class callables facilitate streamlined function references when practicing functional programming techniques. All these changes further mature PHP as a flexible language that offers strong safety guarantees for your code while still being simple to work with.
Pascal is not one of the biggest programming languages these days; it’s fallen into the background as the world moved on to newfangled things like C#, Python and Java. However, the language has its fans, one of whom put together a new compiler which targets retro platforms – and it goes by the name Turbo Rascal.
The list of supported platforms is extensive, with Turbo Rascal able to compile highly-optimized binaries for the C64, Amiga 500, BBC Micro, IBM PC, Atari ST, Game Boy, Amstrad, NES, ZX Spectrum, and more. There’s a usable IDE and even an included graphics editor for getting projects put together quickly. Also known by its full name of Turbo Rascal Syntax Error, or TRSE, it’s the work of one [Nicolaas Groeneboom].
It was a cold wintry night in the North Pole and Santa was in a mood.
“Naughty. Naughty. Naughty. Ni..aughty” he grumbled, checking his list. Then checking it again.
“Everything ok?” chipped cheerful Sparkleface the elf, bouncing into the room. “Isn’t it nice to have some cold weather for a change?”
Santa scowled at Sparkleface with an icy stare that froze all the water molecules in the room. He said nothing, gazing through Sparkleface into some distant place in another dimension.
Undeterred, Sparkleface continued: “did you see all those wonderful images we’ve received from the children of the world who are looking forward to the holiday, and have been sending us pictures of what they want for Christmas? Isn’t it great that everyone has cell phones these days and can so easily send us high resolution images instead of writing out lists by hand like in the olden days?”
Python, one of the world's most popular programming languages, may soon become even more ubiquitous as it finds a home within web browsers.
Ethan Smith, a Berkeley-based software developer, recently revealed a project that allows CPython, the default implementation of the Python programming language, to run within web browsers via WebAssembly, or WASM.
WASM is a binary format that provides near-native performance within web browsers. It's a compilation target for languages like C/C++, C# and Rust. It's commonly used to create performance-sensitive code that JavaScript isn't well-suited to handle; wedding Python to WASM though its Emscripten compiler is more about ease of use and distribution than performance, at least at this point.
Whenever I clicked a button that was supposed to open these dialogs, I might see a brief white flash that hinted at the brief appearance of a dialog window. Most of the time, absolutely nothing happened.
Deep-rooted problems with Windows are incredibly difficult to troubleshoot. When developing its software, Microsoft always assumes everything will work flawlessly all the time. Apps and system services rarely generate log files, report errors to the Events system, or even record diagnostics data about the problem. The Diagnostics Viewer reported to Microsoft that I’d opened the desired dialog for less than a millisecond and that everything was fine.
The option allows Edge to suggest a sponsored BNPL payment method when customers begin entering their card numbers into retail sites - even if specific sites do not offer it natively.
Microsoft has signed a deal with third-party BNPL company Zip (previously Quadpay) to feature the sign-up option on retail checkout pages at browser level, for any purchase Edge detects between $35 to $1000.
At my day job, we’ve just purchased Yubikeys for my team to help in the neverending process of securing our infrastructure. While we’re looking at implementing MFA in a number of places, the starting point is securing our SSH connections to our servers. We use FreeIPA to manage authorization and authentication through SSH, so key management is pretty straightforward. The real question is how best to secure an SSH key using a Yubikey. There are two main options: setting up a PIV key on the Yubikey or creating an OpenSSH Security Key (SK) key that requires the Yubikey to login.
I tried out the SK key first because the documentation made it look like it was easiest to set up, and (perhaps surprisingly) it was! Generating the key was a piece of cake. From a security point of view, I prefer it because the key is stored on my laptop and can be protected with a passphrase. Theft of the Yubikey alone isn’t enough to compromise the key. Using the key is simple too. I just need to have my Yubikey plugged into my laptop and tap on it after initiating the SSH session.
The first problem that came up is that our servers run an in-house rpm-ostree distribution based off of AlmaLinux 8, and the latest release of OpenSSH there doesn’t support SK keys. This problem was easily resolved by taking Fedora’s OpenSSH builds and rebuilding them for our distribution.
The Council of the EU intends to simplify rules around the use of mass biometric surveillance by law enforcement and make it possible for private actors to provide such services to police forces, even expanding the scenarios under which systems can be used according to the proposed Artificial Intelligence Act, reports Statewatch.
The monitoring organization noticed the changes in a progress report on the overall Artificial Intelligence Act. However, Slovenia, which holds the presidency of the Council of the EU in 2021, has circulated a compromise on the wording. Statewatch lays out the texts to highlight the changes, such as the bold type here:
“Concerning the use of ‘real-time’ remote biometric identification systems in publicly accessible spaces by law enforcement authorities, it has been clarified that such systems could also be used by other actors, acting on behalf of law enforcement authorities…
“…the objectives for which law enforcement should be allowed to use ‘real-time’ remote biometric identification, as well the related authorisation process, have been extended.”
In our latest explainer, we look at the National Digital Education Architecture that was introduced earlier this year. Here, we detail what this policy entails and explore its legislative and policy origins. We also discuss what people have been saying about the architecture and explore issues of a lack of internet access, low digital literacy, and an inadequate consent framework.
What is NDEAR?
The National Digital Education Architecture (NDEAR) is an architectural blueprint that aims to facilitate achieving the goals laid out in the National Education Policy, 2020 through a unified digital infrastructure in the education ecosystem. Simply put, the document states that under the NDEAR framework, the government will play the role of an enabler by providing a framework in which technology can be built by the government, society or market actors. Any NDEAR compliant technology will be able to interact with each other (for example, an educational app made using the NDEAR will easily interact with a particular school’s own digital ecosystem).
NDEAR follows the National Open Digital Ecosystem (NODE) strategy which can be best explained through an analogy - in the physical infrastructure of a city, it is the responsibility of the government to build roads, parks, public transport etc., which form the public ‘commons’, and it is only above this ‘platform’ that public and private actors can build other things. Similarly, the NODE approach aims to create a ‘Digital Commons’ using open software, open Application Programming Interfaces (APIs), open standards, open licences etc., while enabling interoperability so that these platforms can interact with each other; and public and private actors can build solutions on top of this platform.
The government of The Gambia shut down the internet on the eve of the 2016 presidential elections. But as the nation prepares for the next vote on December 4, Access Now and the #KeepItOn coalition have a clear message for authorities: uphold democracy and keep the nation connected.
“The Gambia is on the #KeepItOn coalition’s radar,” said Marianne Díaz Hernández, #KeepItOn Fellow at Access Now. “We will not sit back and allow authorities to shut down the internet and plunge the nation into digital darkness during the 2021 presidential elections.”
Although the current administration has not deliberately disrupted the internet, there have been frequent network disruptions attributed to undersea cable cuts that affected access approximately four times in 2021 alone.
“The previous government shut down the internet in The Gambia, but we’re looking to the current government to set a higher standard,” said Felicia Anthonio, Campaigner and #KeepItOn Lead at Access Now. “By safeguarding internet connectivity to all before, during, and after the December 4 vote, it is an opportunity to prove to the nation, and the neighbours, that internet shutdowns have no place in democracy.”
Our End-of-Year Fundraiser is launched, and the new postcards theme will be Ink.