Bonum Certa Men Certa

Links 14/12/2021: Linux Mint 20.3 “Una” Beta and Kaisen Linux 2.0



  • GNU/Linux

    • Linux Distros: Year in Review

      2021 was a pretty exciting year for Linux distributions within the cloud native and developer world. Not only did two CentOS replacements release new iterations, but they also reached a level of stability to surpass that of the platform they replaced (Red Hat changed the direction of CentOS late last year towards a more experimental approach).

      And although there were no new distributions released that were purpose-built for cloud, container, and edge use cases, there were plenty of updates for other operating systems that strengthened the offerings to make nearly every Linux server distribution widely appealing to most businesses and developers.

    • Desktop/Laptop

      • System76 Launches Pop!_OS 21.10 with Linux 5.15 LTS, New Application Library

        Coming almost six months after Pop!_OS 21.04, the Pop!_OS 21.10 release introduces a new Application Library feature for its GNOME-based desktop environment that replaces the big Application Wall window that opened in full-screen when you wanted to search for and open an installed application.

        Now, in Pop!_OS 21.10, the Application Library feature, which you can access it from the dock, menu bar, using a 4-finger swipe, or the Super+A keyboard shortcut, will open in a smaller window over the current workspace.

      • Linux needs to be pre-installed on more hardware to hit mainstream

        Honestly, it really is that simple. There's a fair bit of that now already with the likes of System76, Slimbook, TUXEDO , Star Labs and others I'm forgetting. However, none of those are particularly known outside of Linux circles (TUXEDO claim otherwise). Even if they're slowly pulling in newer non-Linuxy customers, they're still tiny and often expensive. Other vendors like Dell and Lenovo may have a few but they're often harder to find. It's a bit like the old Linux gaming loop — people don't want to switch due to "no games" and developers don't want to support directly due to "no users". Vendors don't often do it because they don't perceive there to be enough interest.

      • System76 Releases Pop!_OS 21.10

        Linux PC vendor System76 has released Pop!_OS 21.10 as the newest version of their Ubuntu-based operating system.

        Pop!_OS 21.10 is the latest version of their popular open-source desktop OS that features desktop improvements and other mostly UI alterations compared to Ubuntu 21.10. One of the new features with Pop!_OS 21.10 is its "Application Library" window that they aim as an alternative to GNOME's Application Wall.

      • Pop!_OS 21.10 has landed!

        Pop!_Pi Tech-Preview for Raspberry 4

        Tinkerers, this one’s for you! A tech preview of Pop!_OS 21.10 is now available on the Raspberry Pi, a mini computer for STEM learning and experimentation. We built Pop!_Pi for the Raspberry Pi 4 to gain experience building for ARM platforms. The Raspberry Pi 4 performed much better than we anticipated, so we decided to release it to the public.

        It’s a Tech-Preview because it doesn’t receive as much Quality Assurance focus as Pop!_OS for the desktop, but is nonetheless an excellent option for users. We plan to continue releasing Pop!_Pi with future Pop!_OS releases.

        Latest Hardware Support

        Pop!_OS 21.10 features the 5.15.5 kernel and latest NVIDIA driver. Pop!_OS has a new kernel policy whereby the latest kernels will be released once they’ve passed extensive quality assurance tests. This is the same release policy we’ve used for NVIDIA drivers.

        The System76 hardware lab contains a broad spectrum of chipsets, processors, and components to test for regressions prior to release so customers and users can be confident that new kernel releases will only improve their hardware performance and support.

        New, More Intuitive Refresh OS Feature

        Your system will now recognize when Pop!_OS is installed from the recovery partition and offer the Refresh OS option prior to unlocking an encrypted drive. This makes it easier to see when the Refresh OS option is available.

      • First Look at System76’s Pop!_Pi OS for Raspberry Pi 4

        That’s right, Pop!_OS Linux has been ported to Raspberry Pi devices, and 9to5Linux.com is the first website to take the new Pop!_Pi 21.10 operating system for a spin on a Raspberry Pi 4 board with 8GB RAM. System76 informed me that Raspberry Pi 400 models are also supported.

        According to System76, Pop!_Pi was built for the Raspberry Pi 4 to help them gain experience building for ARM platforms, but the system performed so well that they decided to release it to the public.

      • Pop!_OS 21.10 is Here, Jumps Ahead to GNOME 40

        System76 has released Pop!_OS 21.10, its bespoke Linux distribution based on Ubuntu. So let’s take a quick look what’s new!

        For those of you unaware, Pop!_OS was born when Canonical, the company behind Ubuntu, abandoned the Unity desktop. The distro is developed by System76, a US computer manufacturer of Linux-based laptops, desktops and servers.

        Pop!_OS 21.10 is the latest version of the System76’s popular open-source desktop operating system that features some improvements and other mostly desktop alterations.

      • Pop OS 21.10 Introduces Mini Application Menu + Bumper Updates

        The Pop team officially released the POP OS 21.10. In this post, we wrap up the release highlights and give you download & upgrade details.

      • Pop!_OS 21.10 rolls out with new Application Library | GamingOnLinux

        System76 has rolled out Pop!_OS 21.10 today, the latest major upgrade to their Ubuntu-based operating system designed to be used by everyone - professionals and gamers alike. It comes with some absolutely massive improvements too and it really does look fantastic.

        The big user-facing feature is the new Application Library. Instead of getting a big full-screen wall of information and icons, you now get a smaller searchable window over your currently used workspace. It can be opened in a few ways too like the top bar, a 4-finger swipe right on the trackpad, or by using Super + A on the keyboard.

        With this change it gives a better workflow for multi-monitor users (hooray!) since it will go to the display that has your current mouse focus. The list is sorted alphabetically too making it more natural, you have the ability to drag and drop into folders for organisation and of course the search makes it quick and easy to find exactly what you want.

      • Pop!_OS 21.10 Released with New App Library Feature + More - OMG! Ubuntu!

        System76 have slipped in to their Santa suits to deliver Linux users an early festive treat: Pop!_OS 21.10.

        Yes, the latest version of their Ubuntu-based Linux distro is available to download. It includes a new Linux kernel, the bulk of GNOME 40, a new App Library feature (more on that in a mo) and refinements to its (handy) OS restore options.

        Notwithstanding a recent red-faced encounter with a tech YouTuber, Pop!_OS has proven a popular choice with Linux gamers since launching in 2017. Part of the reason is that this distro offers a newer Linux kernel and more recent graphics drivers than vanilla Ubuntu.

        But soon there’ll be an even greater distinction: System76 plans to build its own desktop environment! Having found that the direction of upstream GNOME is out of kilter with their needs they’re going it (sort of) alone.

      • Pop!_OS is Now Available for the Raspberry Pi 4 - OMG! Ubuntu!

        Pop!_OS is now available for the Raspberry Pi.

        The sweetly-named Pop!_Pi is available to download as a ‘tech preview’ alongside the latest Pop!_OS 21.10 release from System76.

        While Pop!_Pi is the first version of Pop!_OS to be available for Raspberry Pi devices it doesn’t support all Raspberry Pi Models. Instead, the Pop!_Pi tech preview caters to the ‘desktop class’ Raspberry Pi 4 board (which regular Ubuntu also supports). It requires the model with 4GB RAM or more.

        If you use Linux (whatever flavour) you’ll have no doubt heard of the Raspberry Pi even if you haven’t ever used one. The line of cheap mini-computers has been nothing short of a revolution, lowering the barrier to entry for tech across the world and throughout industry.

      • Pop!_OS 21.10 Introduces a New Application Library, GNOME 40, and a Refresh Install Option

        Pop!_OS is undoubtedly one of the best Linux distributions, also happens to be a popular recommendation currently for Linux newbies (and gamers).

        If you do not prefer non-LTS releases, you should stick to Pop!_OS 20.04 LTS. But, if you are looking for the latest and greatest update, Pop!_OS 21.10 is finally here for you to download!

        Not to forget, the Pop!_OS 21.10 release sets things in motion for a potential list of features that you can expect with Pop!_OS 22.04 LTS, April next year.

      • Five Linux distributions to resurrect an old laptop - TechStony

        It seems that Microsoft is making it difficult to run Windows 11 on a large number and variety of hardware, especially if it is not recent and does not meet certain requirements. Seeing this situation, that Windows 7 is officially “defunct” and that Windows 10 may not shine on those computers, we are going to publish a list of Five Linux Distros That Could Bring An Old Laptop To Life.

        Of course, when we talk about an old laptop, we are not referring to what some may be thinking. In this post we will focus on old 64-bit x86 computers, because those computers exist, although in a large part of the collective imagination it is not like that. More concretely, we will put the ground on the Intel Core 2 Duo, the generation of processors that together with the Core 2 Quad ended up standardizing the 64-bit x86 processors 15 years ago in the consumer market.

        The extremely long life that Windows XP enjoyed, together with the fact that applications compiled for 64-bit x86 did not begin to be standardized in Windows until approximately 2011-2012, ended up generating in the collective imagination the idea that the processors of this architecture has been with us for a few years.

        In fact, few remember the hype that arose around Battlefield 3 when Electronic Arts announced in 2011 that it would require Windows 7 64-bit as a system. At that time Windows XP was still widely used, which aroused the complaints of many users, but DICE and Electronic Arts remained firm and did well, because that was the beginning of a technological leap necessary for video games to take better advantage of the processors that They have been with us for years.

    • Server

      • What’s New In Kubernetes v1.23?

        Kubernetes v1.23 is the last major release of 2021. The latest update to the leading container orchestration platform promotes 11 features to the stable channel, marking them as suitable for general use. Here’s what you need to know before you upgrade.

        [...]

        While an “ephemeral” volume may initially sound strange, there are several use cases for this functionality. Volumes are often used to provide a Pod’s process with first-run config values that are only accessed once. In this scenario, an ephemeral Pod is ideal as it’ll be deleted when the Pod stops, instead of being reattached to future Pods that’ll never use the data. Another possible case is processes which cache large amounts of data but don’t need it to be persisted between individual Pod terminations.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.15.8
        I'm announcing the release of the 5.15.8 kernel.
        
        

        All users of the 5.15 kernel series must upgrade.

        The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • Linux 5.10.85
      • Linux 5.4.165
      • Linux 4.19.221
      • Linux 4.14.258
      • Linux 4.9.293
      • Linux 4.4.295
      • Don't expect a new cut of Linux to ease your NYE hangovers

        The Register can at last reveal the answer to the question on everyone's lips: who would win a hypothetical fight between Santa Claus and Linus Torvalds?

        And the winner is … Santa! We have reached this decision based on Torvalds's regular state of the kernel post for this week, in which he rated the development process for version 5.16 of the Linux kernel as "fairly normal".

        "This rc5 is perhaps a bit bigger than usual, but it's not like it's breaking any records," Torvalds wrote. "I blame people trying to get stuff done before the holidays, and/or just random timing effects."

        Torvalds thinks the holidays will slow the release of this version of the kernel.

        "With the holidays coming up, things are probably going to slow down both on the development and testing front, and as a result I expect that I will also extend the rc series by another week," he added.

        That addition won't be because the extra rc is needed – although Torvalds left open the possibility of messes making it necessary – "but simply because nobody will want to open the next merge window immediately in the new year".

      • Graphics Stack

        • LLVM Working On "HIPSPV" So AMD HIP Code Can Turn Into SPIR-V And Run On OpenCL - Phoronix

          Upstreaming progress is being made on a new "HIPSPV" toolchain for AMD's HIP path so that SPIR-V kernels can be executed and ultimately allowing for execution by OpenCL drivers. This HIPSPV effort driven outside of AMD aims to be able to allow HIP code to work on other GPU drivers such as those from Intel.

          AMD's HIP is their C++ Runtime API and kernel language for portable applications on AMD and NVIDIA GPUs from a single source tree. HIP has been AMD's answer to NVIDIA's CUDA by aiming to make it easy to port CUDA code to run on AMD Radeon / Instinct hardware. With tools like their open-source HIPIFY they even aim to make it easy and automated as possible for converting CUDA sources to HIP.

        • Radeon RADV Lands Emulated ETC2 Support For Improving Android Support - Phoronix

          While the ETC2 texture compression standard is royalty-free and popular for OpenGL / GLES / Vulkan use, recent AMD Radeon GPUs and APUs have removed their native support for this alternative to the likes of ASTC and S3TC. But now in Mesa 22.0 there is emulated ETC2 support for the Radeon "RADV" Vulkan driver to in turn improve this open-source driver's Android support.

          As covered last week, RADV ETC2 emulation has been in the works with only the likes of AMD Stoney APUs and Vega/GFX9 featuring native ETC2 hardware support.

        • X.Org Server Hit By Its Latest Batch Of Security Vulnerabilities - Phoronix

          Given the age of the X.Org/X11 code-base security issues have become quite frequent. It was nearly a decade ago that the X.Org Server was considered a "security disaster" and a security researcher saying it's even worse than it looks. Today another batch of X.Org Server security vulnerabilities have been made public.

          Four more CVEs were made public today around input validation failures in the X.Org Server that could lead to local privilege escalation. This is for cases where the X.Org Server is still running as a privileged process and supporting remote code execution for SSH X forwarding sessions.

    • Benchmarks

      • AMD Ryzen 7 PRO 5850U Linux Performance

        For those looking at upgrading your business notebook this holiday season, here are our first benchmarks of the AMD Ryzen 7 PRO 5850U mobile processor under Linux using a Lenovo ThinkPad T14s Gen2. For ~$1299 USD this holiday season on sale, this Linux-friendly ThinkPad offers a lot with the 8-core / 16-thread Zen 3 processor with Vega graphics, 32GB LPDDR4X 4266MHz system memory, 1TB NVMe SSD, 4K IPS display, and legendary ThinkPad build quality.

        While the AMD Ryzen 6000 "Rembrandt" processors are expected in the coming months with Zen 3+. Zen 3 mobile APUs are widespread these days. While I hadn't planned on upgrading my main production system/laptop to Cezanne given what's on the road-map for 2022 and after not finding any compelling laptop options readily available when Cezanne first appeared, Lenovo has been oferring some surprisingly aggressive holiday sales.

    • Applications

      • Best Video Editors For Ubuntu [ Completely Free ] [Ed: Newer one, might not be very original]

        This is the list of free and best video editors for Ubuntu-based operating systems. Try these editors which are completely free to use and share your experience.

      • PeerTube 4.0 Free Video Platform Comes More Powerful Than Ever

        PeerTube 4.0 with channel customization, playlists search, custom instance homepage and more video filters is out!

        PeerTube is an open source piece of software that enables anyone to run their own tube site (like YouTube) very easily. All of the sites everyone runs can talk to each other, and people with accounts on one can interact with people on others. To put it short, PeerTube is a network of tube sites.

        PeerTube is decentralized by most useful definitions of the word. Anybody can run their own PeerTube instance, and the instances can follow (or “connect”) to each other to form a larger whole. This is not an option you have with YouTube.

        When you watch a video on PeerTube the data will come from the instance hosting the video, any other instance that follows that instance and has redundancy enabled and other people watching the video at the same time as you do.

        Now the PeerTube’s devs has finally released PeerTube 4.0. Let’s see what are the new features.

      • Flamerobin 0.9.3.11 Snapshot released with new firebird 4 features and fixes

        Flamerobin 0.9.3.11 Snapshot released with new firebird 4 features and fixes...

    • Instructionals/Technical

      • Install Gnome Tweak Tool on Ubuntu 22.04 LTS Jammy JellyFish

        With the help of GNOME Tweaks on Ubuntu 22.04 LTS and other Linux running Gnome GUI can be used to customize this desktop environment. Using it, many settings can be edited on the GNOME Shell and on the rest of the system. More settings can be configured than in the system settings. Such as changing of Desktop theme, icons, colour, top, app dock.

        It is available via the default system repository and can also enable the missing minimize and maximize icons on default Gnome Interface.

        Here we will learn the command to install Gnome Tweaks on Ubuntu 22.04 LTS Jammy JellyFish.

      • How to become a Linux pro | ZDNet

        As technical job site Dice wrote in its most recent job report, "Job postings in the third quarter demonstrated that employers are looking for technologists who understand the core concepts of software development and project management, in addition to possessing technical skills such as … ."

      • MAAS 3.1 for hot metal

        Back a few months ago, we did a feature poll on our MAAS forum, and the most-requested new feature turned out to be “Recommission/rescan a machine after it has been deployed“. With the release of MAAS 3.1, we’ve added that feature, making MAAS an even better choice for linux deployment tools. Here’s a sample of how it works.

      • How to Install Apache to Host Website with SSL in AlmaLinux

        AlmaLinux is tagged as a forever-free Linux Operating System Distribution because of the numerous benefits it has to offer to its user community. If you were too attached to CentOS before it got discontinued, think of AlmaLinux as its renamed and continued OS version.

        AlmaLinux is a free and open-source server-oriented Linux operating system distribution is a carbon copy of the discontinued CentOS. It offers the same user footprints with features like Errata and Secure Boot Support. Also, it is easy to migrate from CentOS to AlmaLinux.

      • How to Create HTTPS Server in Node Js - TREND OCEANS

        How do I create an HTTPS server for Node Js? This is the most frequent question asked by node js developers. For various security reasons, many popular modules ask to enable HTTPS protocol.

        What is HTTPS protocol? If you remove S from HTTPS, we get HTTP, which is a standard protocol for accessing web applications. It’s not secure; anyone can intercept your data packets connected to the same network.

        While HTTPS is a secure protocol for web applications, here, all the communication between your browser and server is encrypted and decrypted by only using a private key. This makes communication more secure and private.

      • How To Launch RHEL 8 From Amazon EC2 In AWS - OSTechNix

        In this article, we are going to learn the step-by-step process to create and launch RHEL 8 from Amazon EC2 in AWS Cloud and how to access the RHEL 8 instance using Putty application.

        Before we create the RHEL 8 instance on AWS EC2, let me give you a brief introduction to Amazon EC2.

      • How To Install SuiteCRM on Debian 11 - idroot

        In this tutorial, we will show you how to install SuiteCRM on Debian 11. For those of you who didn’t know, SuiteCRM is an open-source alternative to the popular customer relationship management (CRM) software, SugarCRM. It is a fully-featured and highly-extensible CRM application that runs on any operating system. It became popular when SugarCRM decided to stop the development of its community edition. It is used for creating business strategies, actions, and decisions.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of SuiteCRM on a Debian 11 (Bullseye).

      • How to Install Tor Browser on Linux

        Privacy and anonymity are hard to come by on the internet. Luckily, there are a few steps you can take to safeguard your personal data from the prying eyes of data collection algorithms, marketers, and advertisers.

        This guide will show you how to install Tor Browser on Linux. Tor Browser is an open-source, cross-platform, and modern web browser with privacy at heart. The main purpose of the browser is to give you the basic right to privacy on the internet.

      • How to Install R Programming Language on Fedora 35 - LinuxCapable

        R is an open-source programming language and free software environment for statistical computing and graphical representation created and supported by the R Core Team and the R Foundation. R’s popularity is widely used amongst statisticians and data miners for statistical and data analysis software developers.

        In the following tutorial, you will learn how to install R on Fedora 35.

      • How to Install OpenProject on Debian 11

        R is an open-source programming language and free software environment for statistical computing and graphical representation created and supported by the R

      • How to build an initramfs using Dracut on Linux

        In a previous article we talked about listening and extracting the content of an initramfs image using standard, simple tools like gzip, dd and cpio or with dedicated scripts like lsinitramfs, lsinitrd and unmkinitramfs. In this tutorial we learn how to (re)build an initramfs on Linux using dracut.

      • How to Setup Samba Server in RHEL, Rocky Linux and AlmaLinux

        Sharing files is an essential part of server administration. It allows sharing of resources across the network which are needed by users to carry out their tasks. One of the widely used file-sharing software is Samba.

        Samba, a re-implementation of the popular SMB (server message block) protocol, is a stable and free application that allows sharing of files and print services across a network. The software is installed on a central Linux server from which shared files can be accessed from both Linux and Windows systems.

        In this guide, we will walk you through the installation of the Samba Server on RHEL-based distributions such as CentOS Stream, Rocky Linux, and AlmaLinux.

      • How to Setup Opencart with LAMP (PHP, Apache, Mariadb) on Debian 11

        In this guide, we will explore setting up Opencart in a Debian 11 Server with Apache serving it and Mariadb10 acting as the database.

        Opencart describes itself in its website as “The best FREE and open-source eCommerce platform. Everything you need to create, scale and run your business”. It is an Open Source online store management system. It is PHP-based, using a MySQL database and HTML components. Its github page can be found here.

        Apache is a popular web web server software that is often used to serve php content. Mysql is also a popular relational management system used by popular websites.

      • How to Install Wireshark Network Packet Analyzer on Ubuntu 20.04

        Wireshark (formerly Ethereal) is an Open-Source software that is used for capturing and investigating network traffic. It is a very popular packet analyzer among network professionals, security analysts, and research scholars around the world. The good thing is that it is open source and freely available under the GNU General Public License version 2. It can examine data from various network interfaces like: Ethernet (IEEE 802.3 ), FDDI, Token ring, IEEE 802.11 wireless LAN etc. It is available for major OSes like Windows, macOS, Linux, and UNIX.

        Wireshark has many features like profound inspection of network traffic, real-time capture, offline analysis, R/W support for different capture file types etc. It also organizes SharkFest, an annual educational conference, around the world for imparting knowledge of their product. These conferences are focused on best practice of using Wireshark.

      • How to install Java 17 in OpenSUSE Leap 15.3

        In this guide we are going to explore how to install Java Runtime Environment (JRE) and the Java Developer Kit (JDK) in OpenSUSE Leap 15.3 system.

        Java and the JVM (Java’s virtual machine) are required for many kinds of software, including Tomcat, Jetty, Glassfish, Cassandra and Jenkins.

        Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. Java was developed by Sun Microsystems (which is now the subsidiary of Oracle) in the year 1995. James Gosling is known as the father of Java.

      • How to install Java 17 in FreeBSD 13 – Citizix

        In this guide we are going to explore how to install Java Runtime Environment (JRE) and the Java Developer Kit (JDK) in FreeBSD 13 system.

        Java and the JVM (Java’s virtual machine) are required for many kinds of software, including Tomcat, Jetty, Glassfish, Cassandra and Jenkins.

        Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. Java was developed by Sun Microsystems (which is now the subsidiary of Oracle) in the year 1995. James Gosling is known as the father of Java.

      • How to install Envoy Proxy server on Ubuntu 20.04 – NextGenTips

        In this tutorial, I will show you how to install the Envoy proxy server on Ubuntu 20.04.

        Envoy is an L7 proxy and communication bus designed for large modern service-oriented architecture. The project was born out of the belief that the network should be transparent to applications. When network and applications problems occur, it should be easy to determine the source of the problem.

        Envoy is an open-source edge and service proxy, designed for cloud-native applications.

      • How to install and set up PHP and Apache(LAMP stack) on Debian 11

        In this guide we are going to Install and set up Apache virtual host to serve PHP content on a Debian 11 system.

        The Apache HTTP Server(Apache), is one of the most popular free and open-source cross-platform web server software, released under the terms of Apache License 2.0. Apache is popular as part of the LAMP setup, being the A in the Acronym. The apache server functionality can be extended with the many available modules.

        PHP is a general-purpose scripting language geared towards web development. It is one of the popular programming languages for the web. Popular tools such as WordPress are coded using php. Big companies like Facebook also uses php heavily.

      • How to install Nextcloud Hub II with Nextcloud Office - TechRepublic

        Nextcloud 23 brings a major overhaul to the platform and introduces Nextcloud Office and plenty of other features and fixes to make it an outstanding choice for anyone looking to host a full-fledged cloud service in-house (in your data center, your cloud-hosted provider or even on a server in your home).

      • How to install Kali Linux 2021.4 - Invidious

        In this video, I am going to show how to install Kali Linux 2021.4.

      • How to uncompress and list an initramfs content on Linux

        Suppose we have our Linux system setup with an almost-full disk encryption, with only the /boot partition unencrypted. Assuming we achieved encryption by using a LUKS container, we need the appropriate software to unlock it at boot. This software, however, is part of the encrypted system. Since the Linux 2.6 series, the solution to this, and other similar problems, is called initramfs (Initial ramfs). In this article we see how an initramfs is composed and how to extract or list its content.

      • How to upgrade Linux Kernel on Ubuntu 20.04 to 5.16 Release – NextGenTips

        In this tutorial, we are going to learn how to upgrade Linux Kernel to 5.16 on Ubuntu 20.04.

        Linux Kernel is a free and open-source, monolithic, modular, multitasking Unix-like operating system. It is the main component of a Linux operating system and is the core interface between the computer’s hardware and its processes. It makes communication possible between computer hardware and processes running on it and it manages resources effectively.

        Linux 5.15 mainline was released recently by Linux Torvalds with better new features to try out. The mainline tree is maintained by Linus Torvalds and It is where all new features are added and releases always come from.

      • How to install the SuiteCRM Customer Resource Manager on Ubuntu Server - TechRepublic

        As your business grows, you'll probably find yourself needing to manage customer relations. With such a platform available to your business, your staff can better manage their clients, customers, opportunities, leads and much more.

        [...]

        I'll walk you through the process of installing the open-source SuiteCRM platform, one that focuses on sales, marketing and services administration.

        The only things you need to make this work are a running instance of Ubuntu Server and a user with sudo privileges. With those things at the ready, let's get to work.

      • How to test if your Linux server is vulnerable to Log4j - TechRepublic

        This vulnerability has the highest CVSS score of 10.0, so you need to pay attention. One of the big problems is knowing if you're vulnerable. This is complicated by the many ways Log4j can be deployed. Are you using it as part of a Java project, is it rolled into a container, did you install it with your distribution package manager, and (if so) which log4j packages did you install? Or did you install it from source? Because of this, you might not even know if your server is vulnerable.

        Fortunately, for Linux servers, GitHub user, Rubo77 created a script that will check for for packages that include vulnerable Log4j instances. It's in beta, and it's not one 100%, but it's a great place to start. Understand, this script doesn't test for jar files that were packaged with applications, so do not consider it anything more than a launching point to start your forensics.

        I tested this script against a server that I knew had a vulnerable Log4j package installed, and it correctly tagged it. Here's how you can run that same script on your Linux servers to find out if you might be vulnerable.

      • Control Keyboard Backlight Brightness via System Menu Slider Bar in Ubuntu | UbuntuHandbook

        Has a backlit keyboard in your PC? This extension makes possible to control the backlight brightness by adding a slider bar into upper right corner system tray menu in GNOME desktop.

        Under system volume and screen brightness sliders, it adds a third slider bar allows to easily control the keyboard backlight.

      • Creating your first deployment on a Kubernetes Cluster

        In this article, we will see how to create your first deployment on a Kubernetes Cluster. As an example, we will create a deployment for NginX.

        Once we have a running Kubernetes cluster, we can deploy our containerized applications on top of it. We can create a Kubernetes Deployment configuration to achieve this.

        A Deployment provides declarative updates for Pods and ReplicaSets. We describe a desired state in the Deployment and the Deployment Controller changes the actual state to the desired state at a controlled rate.

      • Install OpenShift's Web Terminal Operator in any namespace | Red Hat Developer

        The Web Terminal Operator in Red Hat OpenShift provides a web terminal with common cluster tooling pre-installed. The operator gives you the power and flexibility to work with your product directly through the OpenShift web console, eliminating the need to have all your tooling installed locally.

        This article is an overview of the new features introduced in Web Terminal Operator 1.4. One of the most important improvements is that you can now install the Web Terminal Operator in any namespace. In addition, our tooling has been updated to be compatible with OpenShift 4.9.

      • how to configure centos 8 to boot with old kernel version - Unixcop the Unix / Linux the admins deams

        We will edit CentOS 8 the GRUB2 configuration parameter and change it using grubby to boot with old kernel or to change the default boot entry for kernel in the system.

        Grubby is a command line tool for updating and displaying information about the configuration files for various architecture specific bootloaders. It primarily designed to be_used from scripts which install new kernels and need to find information about the current boot environment.

        Grubby will use these default settings to search for an existing configuration. If no bootloader configuration file found, grubby will use the default value for that architecture.

    • Wine or Emulation

      • Use Wine for gaming on Linux? Try out Bottles | GamingOnLinux

        Bottles isn't exactly a new Linux application but it's one I had only heard about recently. It's been advancing a lot in the last year and it's really looking great. Unlike other manager applications including Lutris, GameHub and so on it has a singular purpose — Bottles is designed to give you the best possible experience when managing the Windows compatibility layer Wine.

        It includes a lot of options to allow you to easily tweak your installs with a few clicks of a button, which is exactly what I love about it. There's a few "runners" included which are various versions of Wine like their own Vaniglia, that has a few wine-staging patches and a newer updated theme and Lutris' Wine.

      • Bottles Wine Prefix Manager Released With Stable Versioning Feature, New Console For Flatpak Users And A Bottles Runtime - Linux Uprising Blog

        Bottles is a graphical tool that makes it easy to run Windows software and games on Linux, via Wine.

        For handling Wine prefixes, the tool uses environments, which is a combination of ready-to-use settings, libraries and dependencies. Wine / Proton, DXVK and the required dependencies are downloaded using a built-in download manager.

        Bottles also features the ability to easily add environment variables, override DLLs, various gaming optimization options (esync, fsync, DXVK, cache, shader compiler, etc.), built-in task manager for Wine processes, import / export bottles, as well as an experimental installers database, among many other features.

    • Games

      • Retro game maker GB Studio gets a big upgrade | GamingOnLinux

        Want to make retro games? How about making games on Linux that can be played on a Game Boy or the upcoming Analogue Pocket? GB Studio is your new best friend and a huge new release is out. A free and open source app (MIT license) developed by Chris Maltby, it's pretty fancy and incredibly easy to use too.

      • Perhaps now I've seen it all - have a dance and a fight in Sewer Rave | GamingOnLinux

        What do you get when you put together a sewer and a bunch of rats? Obviously a rave, plus a little fighting and lots of really weird stuff happening around you. Sewer Rave is out now. I feel like now, perhaps, I might just have "seen it all" when it comes to gaming.

        "SEWER RAVE is a surreal randomized exploration game where you crawl around a rat infested sewer during a giant rave. Search the labyrinthine sewers to discover games, secrets, and wisdoms meant only for rodents. Grab a cup of sludge and meet some rats!"

      • Wrought Flesh is a delightfully grotesque new FPS out now | GamingOnLinux

        Wrought Flesh is a game where you not only eat your enemies corpses to regain health, you also harvest their organs to place inside yourself to gain improved character stats. Totally grotesque and awesome.

        "Rip out enemies organs and equip them in your own body. Fight biopunk monsters and drugged-up space bandits. You are a Gajeshian Cultist: A near-mythological being built from the bodies of long-dead saints. You have arrived on the partially terraformed planet of Chrisembourgh on a temple-ordained mission to find and kill someone. Explore the planet and trace your victims steps to the end."

      • PlanetSide 2 is now available on Linux

        PlanetSide 2 (PS2) is a free-to-play/pay-to-customize massively multiplayer online first-person shooter game. It was released for Windows in 2012 and three years later for PlayStation 4 in 2015. Now, nine years later, it’s debuting on Linux through the Proton Compatibility layer in Steam.

        In PS2, three factions fight for dominance over the four continents on the planet Auraxis. It has been my go-to game during the pandemic. The game has set and currently holds the world record for most simultaneous players participating in the same battle in an online game.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kdenlive 21.12 introduces artificial intelligence and multi-camera support - itsfoss.net

          KDE Gear 21.12 has recently appeared as the latest release of the suite of applications that follow the parent project’s schedule (others like Krita and the Calligra suite do not). As usual in an environment as lively as KDE, applications tend to receive major improvements and changes at each iteration, so we take the opportunity to dig deeper into Kdenlive, the non-linear video editor.

          Kdenlive is a well-known editor that little by little has made a place for itself in non-professional and even professional video editing that does not require the advanced possibilities offered by solutions such as DaVinci Resolve and Adobe Premiere. Within its segment, it is probably the most popular application among Linux users, although it also has a Windows user base. Its codebase is currently released under the GPLv3 license.

          Kdenlive 21.12 comes with important new features that will surely make the application take an important qualitative leap, since it has incorporated a tracking algorithm based on deep learning. In other words, it has included support based on artificial intelligence, thus, at least roughly, in the wake of OpenShot.

      • GNOME Desktop/GTK

    • Distributions

      • Reviews

        • Impressions of Linux Mint & elementary OS

          In a recent post, I spoke about some things that Linux distros need to do better to accommodate end-users. I was reminded that there are some Linux distros which are, at least to some extent, following my recommended playbook, and have been re-evaluating two of them over the past couple of weeks: Linux Mint and elementary OS. I installed these on one of my laptops and used it as my daily driver for a day or two each.

          Both of these distributions are similar in a few ways. For one, both distros required zero printer configuration: it just worked. I was very impressed with this. Both distros are also based on Ubuntu, though with different levels of divergence from their base. Ubuntu is a reasonably good choice: it is very stable and mature, and commercially supported by Canonical.

          I started with elementary OS, which does exactly what I proposed in my earlier article: charge users for the OS.1 The last time I tried elementary, I was less than impressed, but they’ve been selling the OS for a while now so I hoped that with a consistent source of funding and a few years to improve they would have an opportunity to impress me. However, my overall impressions were mixed, and maybe even negative.

          The biggest, showstopping issue is a problem with their full disk encryption setup. I was thrilled to see first-class FDE support in the installer, but upon first boot, I was presented with a blank screen. It took me a while to figure out that a different TTY had cryptsetup running, waiting for me to enter the password. This is totally unacceptable, and no average user would have any clue what to do when presented with this. This should be a little GUI baked into the initramfs which prompts for your password on boot, and should be a regularly tested part of the installer before each elementary release ships.

          The elementary store was also disappointing, though I think there’s improvements on the horizon. The catalogue is very sparse, and would benefit a lot by sourcing packages from the underlying Ubuntu repositories as well. I think they’re planning on a first-class Flatpak integration in a future release, which should improve this situation. I also found the apps a bit too elementary, haha, in that they were lacking in a lot of important but infrequently used features. In general elementary is quite basic, though it is also very polished. Also, the default wallpaper depicts a big rock covered in bird shit, which I thought was kind of funny.

          There is a lot to like about elementary, though. The installer is really pleasant to use, and I really appreciated that it includes important accessibility features during the install process. The WiFi configuration is nice and easy, though it prompted me to set up online accounts before prompting me to set up WiFi. All of the apps are intuitive, consistently designed, and beautiful. I also noticed that long-running terminal processes I had in the background would pop-up a notification upon completion, which is a nice touch. Overall, it’s promising, but I had hoped for more. My suggestions to elementary are to consider that completeness is a kind of polish, to work on software distribution, and to offer first-class options for troubleshooting, documentation, and support within the OS.

      • New Releases

        • CasaOS: Open-source home cloud based on the Docker ecosystem

          For parents and families, the thought of someone gaining access to sensitive information can be nothing short of a nightmare. However, one group of developers are on a mission to empower families to take their privacy into their own hands. IceWhale Technology uveiled CasaOS, an open-source home cloud OS based on the Docker ecosystem.

        • Kaisen Linux | Kaisen Linux 2.0

          After 4 months of intensive work, here is the 2.0 version of Kaisen Linux, two years to the day after the release of the first alpha version! This new release is a major revision of the previous rolling versions!

          Detailled and significant changes:

          Numerous improvements and bug fixes make this the most stable release ever. That's partly why it is called 2.0, the numerous refactorings justified the version number change. Kaisen is now based on Debian Bookworm (Debian 12), also justifying the version number change.

          Among the most important things done on this new release, a complete overhaul of the menu with new, nicer and more modern icons, simplification of the menu and removal of about 15 launchers among the basic commands (such as mount and umount for example), new implementation of BTRFS snapshot tools, new tools dedicated to Cloud engineers!

      • Screenshots/Screencasts

      • IBM/Red Hat/Fedora

        • Installing syslog-ng on CentOS Stream 9

          CentOS Stream 9 has been around for a while, but it was officially announced just a few days ago. I already tested some earlier snapshots and they had some rough edges. The current version installed without random crashes, has networking and runs smoothly. EPEL – the semi-official repository by Fedora maintainers – is already there, but practically empty, syslog-ng or it’s dependencies are not yet there. As someone asked about syslog-ng support, I had a first try at building it.

          I built syslog-ng for CentOS Stream 9 in the Copr build service. Many of the syslog-ng dependencies are not yet available, so I had to compile them myself. EPEL 9 is expected to have the latest Fedora versions, so I used those. I could not get MongoDB client libraries compiled, but the rest of the dependencies are there.

        • Fedora 36 Planning To Use plocate As New "locate" Replacement - Phoronix

          Fedora 36 is planning to use plocate as its new provider of the locate command for finding files on file-systems. Plocate should make for even faster locating of files on disk as well as doing so using less CPU cycles.

          Currently Fedora uses mlocate as its locate command while for the next Fedora Linux release they intend to move to Plocate as a compatible re-implementation.

        • Gathering security data for container images using the Pyxis API

          In the previous post, we covered how to use the Red Hat Security Data API to collect useful security information about CVEs and Red Hat products programmatically.

          In this post, we’ll look at how to collect security data for container images by using the Pyxis API. As before, we will be addressing real world use cases and concerns programmatically. Each of the examples used below can be easily modified to address your own needs.

        • How open source is making diabetes more manageable

          For the average person, you go about your day without too much thought to what is happening within your body. For diabetics however, their entire day is built around monitoring the minute changes that could have serious health implications for them. In order to manage these changes, they need special tools that are designed to track as blood sugar levels rise and fall, produce insulin and time its delivery to maintain health. But what happens when the tools and systems don’t serve the people who need them?

          Premiering today, "Opening the Loop: Autonomy, Access, and Insulin"—the latest documentary in the Open Source Stories series from Red Hat—follows the growing DIY community of makers, patients and caregivers that are reshaping those systems to better match their needs. Their work happens in bedrooms, at kitchen tables, in conference rooms and at the lab bench. And it’s making life better for untold numbers of others.

          In the film we learn about the challenges type 1 diabetics and caregivers face as they identify the need for insulin, access and acquire it and actually inject it. These challenges stem from the use of closed-source solutions like off-the-shelf blood glucose monitors that only share data with certain devices, insulin pumps that communicate with some monitors, but not others, and issues with the insulin itself.

        • Use Ansible to test containers in OpenShift 4 | Enable Sysadmin

          Are you developing or maintaining containers to run in OpenShift 4 environments? If so, you will want to test the container to be sure that it is working correctly.

        • 4 new IT leadership habits for the new year

          The new year offers a natural time to set new goals and build strong leadership habits that can help you achieve everything on your priority list for the year ahead. It’s also a good time to take a hard look at practices that are no longer serving you.

          We asked CIOs who recently won the 2021 SoCal CIO of the Year ORBIE Awards what habits IT leaders should try to cultivate in the year ahead, and which they should leave behind. The awards were presented by the SoCal CIO Leadership Association, a professional community that annually recognizes CIOs for their excellence in technology leadership.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • SeaMonkey 2.53.10.1 looking good

            I have compiled SeaMonkey 2.53.10.1 in EasyOS. Went to some sites and it looked good, unfortunately youtube.com did not look good...

          • Final fixes before releasing 3.1.15

            The post commented that Chromium startup time is 20 seconds and Firefox 24 seconds on my Compaq Presario. Well, I am happy to report 8 seconds for SeaMonkey. Which is blink-of-an-eye startup on a modern computer. EasyOS 3.1.15 will have SeaMonkey. No Chromium, Firefox, Balsa or Claws, or BlueGriffon, just SeaMonkey. I must comment on SM Mail module, it is good. I have played a little bit with Balsa, Claws Mail and SM News module -- and my preliminary "goodness rating" is in that order, going up. The SM News module is pretty much the same as Thunderbird.

          • Firefox Add-on Reviews: Firefox’s most popular and innovative browser extensions of 2021

            About one-third of Firefox users have installed an add-on—be it an extension to equip Firefox with a custom feature or a visual theme to personalize their browsing experience.

            What kind of extensions did we use most in 2021? And what are some of the new, innovative extensions to emerge this year? Let’s find out!

      • Productivity Software/LibreOffice/Calligra

        • Record number of LibreOffice downloads

          The chart says it all! Last week, we had a record number of downloads for LibreOffice in a single week. More and more people are discovering the free and open source office suite, the successor to OpenOffice, that respects users’ privacy and freedom.

          Downloads have been growing steadily over time, and one week ago we released an important security update, so we recommend downloading it, if you’re using an older version.

      • FSF

        • Be part of LibrePlanet 2022: submit today!

          The call for LibrePlanet sessions and Awards nominations will close this Wednesday. With holiday preparations taking up its share of energy, we thought a last reminder just might be the last push you needed to bring pen to paper (or finger to keyboard!) and submit your ideas for a presentation, workshop, panel, or instructional video at LibrePlanet 2022: Living Liberation. The event will be held on March 19 and 20, 2022. Registration for the conference will open in a few weeks. Keep an eye on our communications as well, because we'll be announcing our first keynote soon!

      • Public Services/Government

        • European Commission to Open Source its Software Solutions

          The European Commission has announced plans to make its software solutions open source. On the heels of a recent report detailing the impact of open source, the Commission has adopted new rules that will “enable its software solutions to be publicly accessible whenever there are potential benefits for citizens, companies or other public services.”

          “The new rules will increase transparency and help the Commission, as well as citizens, companies and public services across Europe, benefit from open source software development. Pooling of efforts to improve the software and the co-creation of new features lowers costs for the society, as we also benefit from the improvements made by other developers. This can also enhance security as external and independent specialists check software for bugs and security flaws, said Johannes Hahn, Commissioner for Budget and Administration, in the announcement.

      • Programming/Development

        • Shell/Bash/Zsh/Ksh

          • How to disable internal keyboard/touchpad when a cat arrives

            I’m using an external keyboard (1) and mouse (2), but the laptop lid is usually still open for better cooling. That means the internal keyboard (3) and touchpad (4) – made of comfortable materials – are open to be used by a cat searching for warmth (7), in the obvious “every time” case that a normal non-heated nest (6) is not enough.

            The problem is, everything goes chaotic at that point in the default configuration. The solution is to have quick shortcuts in my Dash to Dock (8) to both disable (10) and enable (9) keyboard and touchpad at a very rapid pace.

            It is to be noted that I’m not disabling the touch screen (5) by default, because most of the time the cat is not leaning on it – there is also the added benefit that if one forgets about the internal keyboard and touchpad disabling and detaches the laptop from the USB-C monitor (11), there’s the possibility of using the touch screen and on-screen keyboard to type in the password and tap on the keyboard/touchpad enabling shortcut button again. If also touch screen was disabled, the only way would be to go back to an external keyboard or reboot.

        • Java

          • Explore Java 17 language features with Quarkus

            Quarkus is a Kubernetes-native Java framework made for Java virtual machines (JVMs) and native compilation, optimizing Java for containers. Java 17, the latest long-term support release of standard Java, became generally available on September 14, 2021. If you'd like to experiment to see how Quarkus works with the new language features that have rolled out since Java 11, this article offers a technical preview to help you get started.

  • Leftovers

    • Hardware

      • Fixing a Tiny Corner of the Supply Chain €« bunnie's blog

        No product gets built without at least one good supply chain war story – especially true in these strange times. Before we get into the details of the story, I feel it’s worth understanding a bit more about the part that caused me so much trouble: what it does, and why it’s so special.

        [...]

        It’s clearly a great part for a low-power mobile device like Precursor, which is why I designed it into the device. Unfortunately, there’s also no real substitute for it. Nobody else makes a MEMS oscillator of comparable quality, and as outlined above, this device is smaller and orders of magnitude lower power than an equivalent quartz crystal. It’s so power-efficient that in many chips it is less power to use this off-chip oscillator, than to use the built-in crystal oscillator to drive a passive crystal. For example, the STM32H7 HSE burns 450uA, whereas the SiT8021 runs at 160uA. To be fair, one also has to drive the pad input capacitance of the STM32, but even with that considered you’re probably around 250uA.

        To put it in customer-facing terms, if I were forced to substitute commonly available quartz oscillators for this part, the instant-on standby time of a Precursor device would be cut from a bit over 50 hours down to about 40 hours (standby current would go from 11mA up to 13mA).

        If this doesn’t make the part special enough, the fact that it’s an oscillator puts it in a special class with respect to electromagnetic compliance (EMC) regulations. These are the regulations that make sure that radios don’t interfere with each other, and like them or not, countries take them very seriously as trade barriers – by requiring expensive certifications, you’re able to eliminate the competition of small upstarts and cheap import equipment on “radio safety” grounds. Because the quality of radio signals depend directly upon the quality of the oscillator used to derive them, the regulations (quite reasonably) disallow substitutions of oscillators without re-certification. Thus, even if I wanted to take the hit on standby time and substitute the part, I’d have to go through the entire certification process again, at a cost of several thousand dollars and some weeks of additional delay.

    • Health/Nutrition/Agriculture

      • Landmark COVID-19 vaccine trial in sub-Sahara | EurekAlert!

        A highly anticipated clinical trial in eight sub-Saharan countries is the first to specifically evaluate the efficacy of a COVID-19 vaccine in people living with HIV, including those with poorly controlled infections. It also is the first study to evaluate the efficacy of vaccines – in this case, Moderna mRNA-1273 – against the omicron variant of SARS-CoV-2, the virus that causes COVID-19.

        In addition to examining the efficacy of COVID-19 mRNA vaccines in people living with HIV, the study investigators seek to identify the optimal regimen for this population and how it might vary based on whether an individual has previously had COVID-19 or not.

        The trial will be conducted in East and Southern Africa – regions of the world that have been highly impacted by HIV. It is expected to enroll about 14,000 volunteers at 54 clinical research sites in South Africa, Botswana, Zimbabwe, Eswatini, Malawi, Zambia, Uganda and Kenya, where adult HIV prevalence ranges from 4.5% to 27%.

        [...]

        The trial is sponsored by the SAMRC and funded by the U.S. government and supported by the National Institute of Allergy and Infectious Diseases (NIAID) within the National Institutes of Health. Funding originates from the Department of Health and Human Services (HHS) through the Countermeasures Acceleration Group (CAG).

    • Integrity/Availability

      • Proprietary

        • Vivaldi CEO criticizes Microsoft Edge for anti-competitive practices

          In 2013, the European Union slapped a massive $731 Million fine on Microsoft for failing to offer users a choice to set a default browser. 8 years have passed since then, has the Redmond company learned its lesson? Vivaldi's CEO/Co-founder Jón von Tetzchner, says no.

          Tetzchner founded Opera browser along with Geir Ivarsøy in the mid-90s, before leaving the company in 2011. He founded Vivaldi Technologies in 2013, though the browser they created was released a couple of years later.

        • Pseudo-Open Source

        • Security

          • Security updates for Tuesday [LWN.net]

            Security updates have been issued by Debian (libsamplerate and raptor2), Fedora (pam-u2f and python-markdown2), openSUSE (chromium, fetchmail, ImageMagick, and postgresql10), Oracle (samba), SUSE (fetchmail, postgresql10, python-pip, python3, and sles12sp2-docker-image), and Ubuntu (apache-log4j2, flatpak, glib, and samba).

          • Apple Releases Security Updates for Multiple Products | CISA

            Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Google Releases Security Updates for Chrome | CISA

            Google has released Chrome version 96.0.4664.110 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

          • More new malicious files discovered in 2021 than ever before [Ed: ITProPortal running de facto ads for a Russian malware company (proprietary) and then says "ITProPortal is supported by its audience"]

            A larger number of new malicious files were discovered in 2021 than ever before, researchers at security firm Kaspersky researchers have suggested.

            According a new report, 5.7 percent more malicious files have been detected this year, compared to 2020. Kaspersky says its systems have detected 380,000 new malicious files every day on average.

          • Log4j

            • Log4Shell vulnerability: What we know so far | WeLiveSecurity [Ed: Insecurity profiteers comment on it]

              The zero-day flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what you should know.

            • Log4j hole revives chatter on Big Biz funding open source ● The Register

              The disclosure of a critical security hole in Log4j last week has renewed calls to rethink how open-source software gets developed, paid for, and maintained, not that the long-simmering issue ever really went away.

              The Log4j bug, an unauthenticated remote code execution flaw (CVE-2021-44228) in Apache's open-source Log4j Java-based logging library, is particularly serious and far-reaching because exploitation is not difficult and the software is widely used and buried deep within many programs.

              Annoyance with the handful of project maintainers for failing to catch the bug prompted one, developer Volkan Yazici, to voice indignation about all the people bashing the maintainers for their unpaid, volunteer labor without offering any financial support or contributed code fixes.

            • On the Log4j Vulnerability - Schneier on Security

              Threat advisory from Cisco. Cloudflare found it in the wild before it was disclosed. CISA is very concerned, saying that hundreds of millions of devices are likely affected.

            • Log4j Vulnerability Puts the Entire Internet at Risk: What You Need to Know - It's FOSS News

              Log4Shell is a Remote Code Execution Class vulnerability denoted as CVE-2021-44228 disclosed as an exploit that affects millions of servers that run Java applications, or particularly the open-source Apache Log4j library.

              If you are curious, a wide range of applications/servers and digital systems across the internet use Log4j for logging purposes. Even the back-end systems used by Steam, Minecraft, Cloudflare, and iCloud were found vulnerable.

              Why is it one of the most significant vulnerabilities in recent times? Let me tell you more about it.

            • The Log4j bug exposes a bigger issue: Open-source funding (Updated)

              While you were watching the F1 title decider between Max Verstappen and Lewis Hamilton or excited for the Succession finale, companies running the internet were scared shitless.

              You might not have noticed it because services like Twitter, Facebook, Gmail, and smaller ones all stayed up. But a bug in an open-source tech called Log4j was (and still is) causing panic amongst the infosec community across the world.

              While the bug has affected billions of devices, and companies are scrambling to apply fixes, the open-source community has a raging debate going on about funding volunteers that maintain projects like Log4j.

            • Log4j Bug Highlights Open Source Funding Issues

              A critical bug in a bit of open source tech called Log4j has been causing panic in the infosec community, reports Ivan Mehta. And, while major companies are scrambling to apply fixes, “the open source community has a raging debate going on about funding volunteers that maintain projects like Log4j.”

              Many large corporations depend heavily on free and open source software projects such as Log4j, Mehta notes; however, project contributors and maintainers often receive only a small amount of financial support through GitHub or Patreon.

    • Environment

      • Measuring Air Quality Using Mobile Sensors For The Masses | Hackaday

        Poor air quality is a major problem for city dwellers the world over. Dust, smoke, particles and noxious gases from vehicles, industry and agriculture makes many megacities downright hazardous to live in. Pinpointing the source of pollution and developing strategies for mitigation requires accurate data on pollutant levels, but obtaining these numbers is not always easy.

        Enter CanAirIO, a citizen science project that aims to gather air quality data from around the world by putting sensors into the hands of as many people as possible. Its team has developed two different sensor nodes for this purpose: an indoor one that can measure CO2, and a mobile one that can measure particulate matter (PM) levels. Both versions are powered by an ESP32 microcontroller that reads out the air quality sensors and connects to the Internet using WiFi or BlueTooth. The data can then be shared online to create detailed maps showing local variations in air quality.

    • Freedom of Information/Freedom of the Press

      • Victories in the DSA vote: IMCO Committee puts people’s rights before corporate interest - Access Now

        Access Now welcomes important victories green-lighted by the Committee for Internal Market and Consumer Protection (IMCO) in yesterday’s Digital Services Act (DSA) vote, indicating concrete steps towards the further protection of freedom of expression and opinion online across the European Union. Since the beginning of negotiations, Access Now has fought side-by-side with partner organisations to protect freedom of expression and opinion online, while countering short-sighted proposals that would only bolster the undesirable status quo in the content governance in defiance of fundamental rights standards.

        “We see victories in yesterday’s DSA vote. The fact that the IMCO Committee did not cave in to corporate interest, and centred people’s empowerment and their fundamental rights in the negotiations is an encouraging sign for the next stages,” said Eliska Pirkova, Europe Policy Analyst and the Global Freedom of Expression Lead at Access Now. “But there is still room for improvement, and the fight for a truly human rights centric model of platform governance will continue throughout the trilogue negotiations, where we must fix prevailing issues in the text. Yesterday’s vote is a reason to celebrate, but there is more hard work to ensure the protection of free expression and opinion online on the horizon.”



Recent Techrights' Posts

Once Again Linux Foundation Makes It Clear It's Being 'Absorbed' by Bill Gates
Linux Foundation devotes about 2% of its budget to Linux
Links 08/10/2024: Australian Fines for Twitter (X), Fake Patent Courts Still Not Scuttled
Links for the day
World Wide Slop
If it quacks like a duck...
 
Links 09/10/2024: Samsung's Fall, Tensions Growing Near China
Links for the day
Gemini Links 09/10/2024: Retroware and gmlgcd 2.0
Links for the day
Links 09/10/2024: Microsoft's Surface Duo 2 Officially Dead, X/Twitter Shutdown in Brazil, and "OpenAI Is A Bad Business"
Links for the day
Technology: rights or responsibilities? - Part III
By Dr. Andy Farnell
[Meme] Bill Gates With a Side of "Linux"
Linux Foundation is trolling us with Bill Gates
IBM is a Boys' Club
If IBM collapsed, the Red Hat engineers who work on GNU and Linux would simply work elsewhere (on the same projects)
The Miserable State of GAFAM
Looking for government handouts
Microsoft is Acting Like a Company That's Running Out of Money (But Still Pretends to be Wealthy in Order to Attract or Retain Shareholders)
Azure has had mass layoffs every year since 2020, yet Microsoft keeps telling shareholders that "clown computing" is growing
Dr. Andy Farnell's Article on Societal Disorganised Attachment and the Role of Social Control Media
The article is quite long and typos were still being fixed as recently as last night
Smear Alert: Linus Torvalds Asking for Better Commit Messages Makes Linus a (Grammar) Nazi
Maybe the "mainstream media" is looking for clickbait or maybe it's actively looking to make a scandal - a phony controversy with which to make the job of coordinating Linux unpleasant
Gemini Links 09/10/2024: Climate Doom and Clagrange
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 08, 2024
IRC logs for Tuesday, October 08, 2024
Dr. Andy Farnell's Article on Why Passwords Still Rock
"Seven for a secret never to be told"
[Meme] Driver Issues
Where do you want to drive today?
The Problem Isn't That New Cars Use Electricity But That They Use Too Many Bits of Electronics
"...and proprietary software wrapped in proprietary APIs and protocols all without a modicum of compartmentalisation," an associate adds
We're Turning 18 in 30 Days
30 days from now the site turns 18
GNOME Foundation Says It's Nearly Broke (Again), It's Getting Rid of More People (Only Women Get the Boot), and It Will Improve Communications and Transparency Even Though It Secretly Ousts People From the GNOME Foundation Board (for Secret Reasons)
It only talks about this months later (under strict gag orders, only public shaming of a person)
Gemini Links 08/10/2024: Guilt by Association, Workers vs Owners
Links for the day
Links 08/10/2024: War Updates, Samsung's Layoffs, and Gemini
Links for the day
Another Dose of Fake 'Articles' About Linux
Don't give visibility to the nonsense of Microsoft
Links 08/10/2024: Microsoft Deleting Office Documents Instead of Saving Them, "Threads Still Sucks"
Links for the day
gemini.techrights.org and techrights.org (Same Server, Not the Same Protocol)
We're reminding readers that everything in this site is fully accessible via gemini.techrights.org in Gemini Protocol
X Has Axed Itself. This is Great News and Further Affirmation of Everything We've Said About Social Control Media.
Don't waste any more time on social control media
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 07, 2024
IRC logs for Monday, October 07, 2024
Gemini Links 08/10/2024: Contingency Begets Complexity, Playing With Bezier Curves
Links for the day
Almost Half the Web Users Connecting to Your Site Are Using Linux
almost 1 in 2 Web-connected devices runs Android and about 2% run "proper" GNU/Linux
The Web Has Severe Amnesia Problems, But We Still Remember How Gilberto Gil Promoted Free Software in Brazil
The Digital Tipping Point (DTP) is years behind us now
Synthesised Voices Aren't a New Technology (the Hype Might Be, They Call It "Hey Hi" Now)
I still consider this an extension of the "hey hi" (AI) hype
LLM Hype is Already Descending, Apple Stopped Investing in the Money Furnace
Wall Street is a perverse force in the technology market, incentivising the most harmful (and mostly useless) things
Change Control and What Will Come After Git (If That's Still Possible at All)
It would be wrong to believe (at least misguided) Git can be a "standard" skill 30 or 50 years from now.
On the Web, HTTPS Has Actually Become a Privacy Problem (Broadcasting Usage/Access to the All-Seeing CA Eye). Geminispace Doesn't Have This Problem.
Down to 23 capsules: the rapid demise of Certificate Authority (CA) Let's Encrypt in Geminispace
Links 07/10/2024: Politics, Education, Wars, Financial Crunch
Links for the day
Munich Was Having Real Difficulties Moving From GNU/Linux to Windows
How many are still using GNU/Linux?
Links 07/10/2024:China’s 'Deflation' (Price Decreases), Brazil Still Bars Twitter ("X")
Links for the day
Links 07/10/2024: "Creative Computing" Turns 50, Long War in Middle East Turns 1
Links for the day
Gemini Links 07/10/2024: Luck and Dishonesty, Gaming Getting Worse
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 06, 2024
IRC logs for Sunday, October 06, 2024