Bonum Certa Men Certa

Links 18/12/2021: EndeavourOS Atlantis Neo and Wine 7.0 RC2



  • GNU/Linux

    • Server

      • Someone Else's Computer | Self-Hosted 60

        Recent AWS outages sent Alex on a hunt to find more self-hosted alternatives, and Chris digs into the latest Home Assistant release.

        Plus a frenzy of your excellent feedback and questions.

    • Audiocasts/Shows

    • Kernel Space

      • AMD Radeon GPU Driver Code Sees More Fixes For Linux 5.17 - Phoronix

        A new batch of AMDGPU DRM-Next patches were sent in on Thursday and mostly revolve around fixes. Among the notable fixes is reducing buffer object memory usage for multi-GPU systems by being able to share the system memory DMA mapping address and thus in turn reducing memory usage by avoiding the duplicating of that information. There are also fixes around RAS, SR-IOV, compiler warnings, power management, IP discovery, and SVM fixes to the AMDKFD compute code. There are also some new display-related bits exposed via DebugFS, new SMU debug options, and various driver documentation updates.

      • China's Loongson Looks To Mainline LoongArch Support In LLVM - Phoronix

        Not only is Loongson working on bringing up LoongArch ISA support for the GCC compiler and related GNU toolchain components, but the Chinese company has now laid out their plans for LoongArch on LLVM.

        Loongson has been very busy this year bringing up LoongArch, their new downstream of the MIPS CPU architecture. They have been working on porting the Linux kernel to LoongArch as well as the open-source code compilers and related components for what they aim to be a Chinese domestic high performance CPU. Current LoongArch-based 3A5000 CPU benchmarks are not so impressive but will be interesting to see how this new MIPS-based architecture evolves.

      • Radeon Pro Software for Enterprise 21.Q4 Linux Driver Released - Phoronix

        Following the Radeon Pro Software for Enterprise 21.Q4 Windows driver that released earlier in the month, this week brought the similar quarterly enterprise graphics driver update to Linux.

        Radeon Pro Software for Enterprise 21.Q4 for Linux released this week and is officially supported on RHEL/CentOS 7 and RHEL/CentOS 8, Ubuntu 20.04.3 LTS, Ubuntu 18.04.5 LTS, and SUSE SLED/SLES 15 SP3. This Radeon PRO 21.Q4 Linux driver continues to officially support the AMD Radeon Pro W/WX GPUs, Radeon Vega Frontier Edition, Radeon Pro Duo, and the Radeon PRO VII.

      • Micron HSE 2.1 Open-Source Storage Engine Released - Phoronix

        Since early 2020 Micron went public with HSE as an open-source storage engine for SSDs and persistent memory. The HSE key-value store proved to be extremely performant with the likes of a MongoDB implementation but required changes to the Linux kernel that made it initially a higher barrier for entry. HSE 2.0 shipped in October that no longer required those kernel changes while still offering blistering fast performance. Now to round out the year they have HSE 2.1.

      • Xen pvUSB Front-End Driver Coming For Linux 5.17 - Phoronix

        After being more than ten years in the making after being started by Fujitsu engineers in 2008 but never going through all the steps for upstreaming, thanks to a SUSE engineer the Linux 5.17 kernel will finally have the Xen USB virtual host driver.

        Juergen Gross of SUSE recently has been cleaning up, updating, and getting the Xen pvUSB Linux front-end driver in a state for upstream. Earlier this week the goal was realized when Greg Kroah-Hartman pulled this driver into the USB subsystem tree he maintains ahead of the upcoming Linux 5.17 merge window.

      • Graphics Stack

        • NVIDIA NVDEC Video Decode Support Sent Out For Linux 5.17, Better Power Management - Phoronix

          After the open-source NVIDIA Tegra DRM driver changes intended for Linux 5.16 weren't pulled due to timing, they are back around for Linux 5.17 with most notably the open-source Tegra driver feature pull request introducing NVDEC video decoding.

          NVIDIA's Thierry Reding sent out the Linux 5.17 Tegra DRM driver changes to DRM-Next today. Like the work that was intended for Linux 5.16 but un-merged, the big items are a rework to buffer object handling to better match DMA-BUF expectations and then the NVDEC driver.

    • Benchmarks

      • Apple macOS Monterey 12 Performance Is Surprisingly Competitive With Linux - Phoronix

        It's been a while since last comparing the Apple macOS performance to Linux since in part because the newer Apple Silicon (M1) hardware isn't yet in good enough shape for performance tests on Linux. But for those wondering about the Intel-powered Macs and how the performance of the latest Linux distributions compare to that of macOS 12 Monterey, here are some benchmarks of the new macOS 12.1 up against Ubuntu 20.04.3 LTS, Ubuntu 21.10, and Intel's own Clear Linux.

    • Applications

      • What Is Prometheus and Why Is It So Popular?

        Prometheus is an open-source monitoring solution for collecting and aggregating metrics as time series data. Put more simply, each item in a Prometheus store is a metric event accompanied by the timestamp it occurred.

        Prometheus was originally developed at Soundcloud but is now a community project backed by the Cloud Native Computing Foundation (CNCF). It’s rapidly grown to prominence over the past decade as its combination of querying features and cloud-native architecture have made it the ideal monitoring stack for modern applications.

        In this article, we’ll explain the role of Prometheus, tour how it stores and exposes data, and highlight where Prometheus’ responsibility ends. Part of its popularity is down to the software’s interoperability with other platforms which can surface data in more convenient formats.

      • Deluge BitTorrent Client 2.0.5 Released with Automatic Clipboard Detection | UbuntuHandbook

        The Deluge BitTorrent client got an update after more than 2 years of development by releasing v2.0.4 and then v2.0.5 with a quick fix.

        Deluge is a lightweight, free and open-source, and cross-platform BitTorrent client written in Python. It uses libtorrent library and features full encryption, GTK, Web and console UI. And, it has a daemon package to run as a system service, allowing user to control remotely over the web.

      • Version 6.0 of the GNU Nano text editor has been released - Market Research Telecast [Ed: Automated translation]

        Version 6.0 of GNU Nano was released. The slim and easy-to-use text editor for the command line is included in most Linux distributions and provides the most important editor functions including syntax highlighting and macros via keyboard shortcuts. What is unusual about version 6.0 is its code name: “Humor heeft ook zijn leuke kanten” is what it means, translated: “Humor also has its beautiful sides”. The expression goes back to the Dutch comedian Herman Finkers, who coined the sentence: “Humor heeft ook leuke kanten.”, “Humor also has beautiful sides”.

      • The 10 Best Linux Apps for Digital Artists

        Linux continues to be in demand, given its open-source nature, ease-of-use, and various apps and packages. Add a healthy mix of digital art tools to this list, and you will already have a fantastic operating system to work on.

        The highly coveted tools mentioned below promise to deliver highly functional and powerful graphic design utilities to digital artists.

        Check out these 10 authentic tools tailor-made for digital artists and creative people alike.

      • QEMU 6.2: Improved compatibility with Apple M1 - Market Research Telecast [Ed: Automated translation]

        Version 6.2 of the open source emulation and virtualization software QEMU has been released. 189 developers contributed over 2300 commits to the minor release. ARM virtualization in particular benefits from the innovations, but there are also innovations in the emulation of RISC-V and PowerPC architectures.

        Among other things, the team improved the compatibility with Apple’s silicon SoC: With the update, QEMU masters the Hypervisor.framework (hvf) accelerator for virtualizing AArch64 architectures on silicon hosts. In addition, virtual machines with QEMU 6.2 can use Intel’s SGX (Software Guard Extensions). The entire changelog can be found in QEMU-Wiki.

    • Instructionals/Technical

      • How To Check OS Version In Linux?

        GNU/Linux distros have lots of good things going for them. For example, they can be a refresher for someone from Windows or macOS. A lot of things in Linux are pretty similar to Windows, but what’s not identical is checking the OS version in Linux.

        One can, arguably, go to the Settings > System Info on a Linux distribution, but provided there are tons of distributions out there, it’ll be hard for us to cover every single one of them as some of them differ. Therefore, in this article, let’s look at the three commands to check the OS version in Linux.

      • How to install Gparted on Ubuntu 20.04 | 22.04 LTS Linux

        Command to install Gparted on Debian-based Linux systems such as Ubuntu 22.04 Focal Fossa and Ubuntu 22.04 LTS Jammy Jelly Fish using command terminal.

        GParted is a GTK -based graphical user interface for GNU Parted. With GParted the partitioning of a drive can easily be changed, for example, partitions can be enlarged or reduced, newly created, moved, or reformatted. General information and safety instructions on partitioning can be found in the article Partitioning.

      • How to Use the Terraform Join Function - buildVirtual

        For Terraform 0.12 and later, you can use the join() function, to allow you to join or concatenate strings in your Terraform plans. The terraform join function has two inputs, the separator character and a list of strings we wish to join together.

      • How to install MetaTrader 4 with the Hugosway Broker on a Chromebook

        Today we are looking at how to install MetaTrader 4 with the Hugosway Broker on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to play Timelie on Linux

        Timelie is a single-player stealth and puzzle game developed and published by Urnique Studio. The game was developed in Unity and was released on Microsoft Windows and Mac OS. Here’s how you can play it on Linux.

      • How to install Linux on your Windows PC | ZDNet

        First, download the newest version of Linux Mint. As I write this, that's Mint 20.2, but Linux Mint 20.3 will be out in early 2022. At about 1.5GB, depending on your internet speed, this may take a while.

        Mint comes with three different desktop interfaces. These are MATE, Xfce, and its default desktop, Cinnamon. I recommend you go with Cinnamon, for starters. If it turns out you really want to get deep into Linux, you'll have plenty of opportunities to explore the various Linux interfaces.

        Once you've downloaded Mint, you should try the Linux distro before installing it. Fortunately, unlike other operating systems, Linux distros like Mint make it easy to give them a test run before committing to it.

        If you don't have an ISO burner program, download one. I recommend freeware programs ImgBurn for optical drives and Yumi for Windows for USB sticks. Other good choices are LinuxLive USB Creator and UNetbootin. These are all free programs.

        Unless you're using an older PC that won't boot from a USB stick, I strongly recommend using a USB flash drive for your test drive. You can run Linux from a DVD, but it's very slow. But, I might add, Linux Mint will run on pretty much any PC that hasn't turned 10 yet. So, if you have a computer collecting dust in the closet that you want to get some use from, go for it.

      • How to set JAVA_HOME path on Ubuntu

        JAVA_HOME is an operating system environment variable that stores the location of the java installation folder. Every time a java program or application is run, this variable is invoked. You need to set up the JAVA_HOME variable correctly to run your java program otherwise you will encounter this error message “Error: JAVA_HOME is not defined correctly.”.

        In this tutorial, you will learn different methods to set up the JAVA_HOME variable and different configuration options that are available to you while setting up this system variable.

      • How to create an SNS Topic and a Subscriber on AWS

        Amazon Simple Notification Service (SNS) is a web service that coordinates and manages the delivery of messages. It is a highly available, durable, secure, fully managed pub/sub messaging service. It uses cross availability zone message storage to provide high message durability. Amazon SNS also ensures that data is encrypted in transit. It is used to broadcast the messages of a message-producer system.

        To receive messages published to an SNS topic, we must subscribe to an endpoint. We can have endpoints such as AWS Lambda, Amazon SQS, HTTP/S, or an email address to the topic we create. When we subscribe to an endpoint to a topic and confirm the subscription, the endpoint begins to receive messages published to the associated topic.

      • How to configure a Nessus Vulnerability Scan Policy

        Vulnerabilities arise every day with the security specialist engaged in fixing it and the hackers working to exploit it. A Vulnerability scanner checks a system with the already known vulnerabilities which can be exploited by attackers to compromise a system. There are many tools available in the market for vulnerability scanning. Nessus is one such powerful scanning tool for discovering vulnerabilities. It is developed and maintained by Tenable Network Security Inc. It was once ranked first in the security tools checklist of Nmap Software LLC. Although it is now dropped to the third position in the list, it is still a powerful remote security scanning tool.

      • How to using Ansible to install and configure Redis 6 on Rocky Linux 8

        In this tutorial we are going to learn how to install and configure Redis 6 on Rocky Linux 8 using Ansible. This guide will also work on other RHEL 8 based servers like Oracle Linux and Alma Linux.

        Redis is an in-memory data structure store, used as a distributed, in-memory key–value database, cache and message broker, with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indices.

        Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows.

      • Install and Use Oh My Zsh Framework for Zsh on Linux

        zsh (Z Shell) is a very popular Unix shell. It’s similar to Bash but comes with many added features that change its appearance and behavior.

        zsh is also very customizable, which allows users to create their own themes and plugins, which further extends its features.

      • How to install OpenProject on Ubuntu 20.04 LTS Server - Linux Shout

        Tutorial to install self-hosted web-based open-source project management software known as “OpenProject” on Ubuntu 20.04 Focal Fossa using command terminal. OpenProject enables companies to have project references, documentation, user manuals, and more, all in one central location, accessible from anywhere to share information with teams.

        OpenProject is a web-based project management software available in the Community Edition, Enterprise on-premises, and Enterprise cloud. Of course, the Enterprise editions will have some premium features along with support & hosting facilities. Whereas the community edition is free to download and can be hosted on any server, well, the user will be responsible for the installation and configuration, here.

        We can use Opensource for universities, educational institutions, research, IT / technology companies, NGOs, administrations, foundations, public institutions, authorities, banks and insurance companies, and the automotive industry.

      • [Solved] Target Packages is configured multiple times Error in Ubuntu

        Recently, when I was updating Ubuntu via command line, I encountered a warning that complained about target package being configured multiple times.

      • Using the timedatectl command to control your Linux time and time zone | Network World

        The timedatectl command allows you to both query and change the system clock and its settings on Linux systems.

        To display the current settings, use the command by itself—with no arguments.

      • Virtualization: A Comprehensive Guide for Beginners

        Virtualization in today's time plays a critical role. From consumer level desktop usage to enterprise level cloud services, there are a variety of applicabilities.

        This guide will help you to get started with virtualization in a comprehensive manner. This will give you enough fundamental knowledge to you as a student, engineer or even as a CTO to understand different types of virtualization and how it is used in the industry today.

      • Localtunnel - Expose your Localhost to the Internet

        Want to Expose your localhost on the Internet? Often, clients ask for an update, or your friends want to know the site you were working on. We can solve all these problems using Localtunnel.

        Localtunnel exposes your localhost to the Internet without foul play on DNS or deploying on another commit. Apache, Nginx, and Node Js application can be easily accessed by your friends or client for updates.

      • Manage your APC battery backup system with this Linux command | Opensource.com

        Back in the early days of personal computers, I wrote the IBM training course for the original IBM PC. To complete the course in time for the IBM, ComputerLand, and Sears training, IBM gave me a PC to take home so I could work over evenings and weekends—arguably the first instance of anyone having an IBM PC in their home.

        I did this work in Boca Raton, Florida, where the small, local power company was commonly known as "Florida Flicker and Flash," with good reason. The short but frequent power outages caused me to lose my work more than once. Unfortunately, there were no Uninterruptible Power Supply (UPS) systems to keep my PC up and running through these annoying and sometimes destructive incidents.

        A UPS keeps a computer running long enough to last through minor power events, such as outages and surges of a few seconds up to as much as 20 or 30 minutes. In the case of these longer outages, the function of the modern UPS is to notify the computer to power down before the UPS runs out of battery power. Otherwise, the sudden loss of power can lead to loss of data.

        The computer and UPS communicate through a serial or USB cable. A system service manages the communications and sends appropriate commands to both the UPS and the computer. Windows computers generally use a free version of the software provided by the UPS vendor. However, the apcupsd utility supports Linux, Windows, BSD, Solaris, and macOS, providing consistency across operating systems.

        This set of tools supports APC UPS systems and provides varying degrees of support for UPS systems produced by Tripp-Lite, CyberPower, and others. I currently have UPS systems from all three of these manufacturers running on networks for which I have responsibility. I have not found a list of supported UPS systems. Nor is the apcupsd documentation helpful on this, and I have seen nothing definitive in any web searches.

    • Wine or Emulation

      • The Wine development release 7.0-rc2 is now available.
        The Wine development release 7.0-rc2 is now available.
        
        

        What's new in this release (see below for details): - Bug fixes only, we are in code freeze.

        The source is available from the following locations:

        https://dl.winehq.org/wine/source/7.0/wine-7.0-rc2.tar.xz http://mirrors.ibiblio.org/wine/source/7.0/wine-7.0-rc2.tar.xz

        Binary packages for various distributions will be available from:

        https://www.winehq.org/download

        You will find documentation on https://www.winehq.org/documentation

        You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.

        Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
      • Wine 7.0-rc2 Released With 34 Fixes This Week

        With Wine 7.0 gearing up for release in January, since last week we have been under a feature freeze and weekly release candidates. Wine 7.0-rc2 is out now with more fixes in battening up this next open-source release for enjoying Windows games and applications on Linux / macOS / BSDs.

        Wine 7.0-rc2 brings 34 known bug fixes over the past week. Among the software seeing fixes with this RC are Proteus 8, Final Fantasy XIV, Ace Ventura, Borderlands GOTY Enhanced, Dark Souls: Remastered, Resident Evil 4 HD, and others.

    • Games

      • AetherSX2 is the best way to play PlayStation 2 games on your Android smartphone



        The PCSX2 developers have explained the licensing situation too; in essence, its core code is LGPLv3 licensed, and any of the code still leftover in AetherSX2 that’s covered under GPL will be removed by the time the app is officially released.

        [...]

        Given the alternatives for PlayStation 2 emulation in the past, AetherSX2 is a fantastic step forward. Its support from the PCSX2 developers also goes a long way, and we’re looking forward to seeing how the emulator grows and matures in the future. I’m personally excited to see how the new Qualcomm Snapdragon 8 Gen 1 will fare. Be sure to give it a try and let us know what you think in the comments!

      • AI Kingdoms arrive for Kingdoms and Castles in a new Beta | GamingOnLinux

        The massive AI Kingdoms update for Kingdoms and Castles has finally hit Open Beta for anyone who owns it, so you can now see what the developer has been working on for quite some time.

        Kingdoms and Castles is a city-building simulation game about growing a kingdom from a tiny hamlet to a sprawling city and imposing castle. It has gradually grown from quite a small and relaxed game into a much bigger city-builder / RTS hybrid, although you can still pretty much play how you want and AI Kingdoms are optional to add in.

      • Steam Deck Handheld Gaming PC Poised for Big Streaming Gains

        According to a new Steam Update for the Steam app, Valve's next line of work revolves around improving Steam's Remote Play service within Linux. The update comes as Valve prepares for the Steam Deck and its proprietary Linux operating system, so this prep work will likely benefit the forthcoming handheld.

        The update greatly improves Video Acceleration API (VA-API) hardware decoding on Linux. The touch controls settings have also been fixed to save the settings correctly in the Steam Link app. So there's a lot of work being undertaken to ensure that Remote Play works well within Linux.

        VA-API support is important, as it's an open-source video API used by Linux operating systems, and the Steam Deck will presumably use the API to decode game streams with Remote Play. VAPPI is used by popular applications such as VLC within Linux and supports Intel and AMD open-source video drivers. The video API also supports many video codecs, including MPEG-2, H.264, H.265, VP9, and more.

      • Godot Engine - Maintenance release: Godot 3.4.1

        Godot 3.4 was released a month ago, and it went fairly smoothly! Many thanks to all the contributors who worked on it, including all testers who tried beta and RC releases to ensure that the 3.4-stable branch would be an easy and worthwhile upgrade path for all users.

        No software release is perfect though, so there will always be some things to iron out, which is why we provide maintenance releases for stable branches, focusing on bugfixing and preserving compatibility (see our release policy). Godot 3.4.1 is the first maintenance release in the 3.4 stable branch, and a recommended upgrade for all Godot 3.4 users.

      • Baldur's Gate: Dark Alliance re-release is out now with Linux support | GamingOnLinux

        Only a day after we mentioned that Baldur's Gate: Dark Alliance would be getting a new PC release and it's here already, along with Linux support! Your chance to relive another classic thanks to Interplay Entertainment and Wizards of the Coast.

        "This revival of the original Baldur’s Gate: Dark Alliance puts the ‘action’ back into the action-RPG genre, plunging players into the heart of Faerûn. As well as looting and leveling, players must actively defend against and dodge attacks, evade deadly traps, and fight hordes of monsters ranging from swarming kobolds to the iconic and all-consuming Gelatinous Cube.

      • Two Tribes open sourced their game engine for RIVE and Toki Tori 2+ | GamingOnLinux

        Netherlands based Two Tribes is an indie game developer who worked on titles like RUSH, EDGE, Toki Tori, RIVE and more just open sourced their game engine. This is the game engine that was used for the likes of RIVE and Toki Tori 2+ and it's now under the GPL2.

      • Get a look at the Total War: WARHAMMER III campaign map and more battles | GamingOnLinux

        Creative Assembly continue rolling out more teaser videos of the upcoming Total War: WARHAMMER III, which will be ported to Linux by Feral Interactive.

        Just recently CA put up a video finally giving us a proper look at the campaign map. Going over many different biomes you can expect to move armies through and perhaps conquer. It sure does look pretty and might have one of the best looking campaign maps of any similar strategy game.

    • Desktop Environments/WMs

      • Window Shuffler: Tiling Window Management From Ubuntu Budgie - Front Page Linux

        This tutorial will showcase how you can be very productive with an on-demand tiling system that does not require you to make a hard choice at login. Window Shuffler allows you to use tiling only when you want, on the monitor or virtual desktop you want, without requiring you to log off your regular DE and switch to a tiling environment.

        Since I started using it, I have a hard time using any other desktop environment that does not bring the features of Window Shuffler.

        Window Shuffler is developed by Jacob Vlijm of Ubuntu Budgie. It is installed by default on Ubuntu Budgie. Various users reported that it works well on other GTK desktop environments, such as Ubuntu MATE. I believe it is also available on the AUR for arch users… btw.

        Having said that, there are some integrations that are done very well on Ubuntu Budgie, so for anyone willing to give it a try, I recommend to spin up a live ISO of the latest Ubuntu Budgie. By doing so, you will be able to have a taste of the full experience of Window Shuffler.

        [...]

        Window Shuffler applet is a nice, optional feature introduced by Jacob Vlijm with Ubuntu Budgie 21.10. It allows us to add an applet to Budgie panel, which controls Shuffler tiling. This is very useful especially for users that are new to tiling, or those that have not learned the shortcuts, or that like tiling windows but are not keyboard fanatics.

        In order to get started, we first have to open Budgie Desktop Settings, Panels, Top Panel, and click the + Icon next to Add applet. Scroll to the bottom, and add Window Shuffler. I am going to leave it in the default position, next to the clock in the middle of my top panel. Feel free to move it around as needed. We can now close Budgie Desktop Settings.

        Next step is to open our Window Shuffler Control. We can now do this from the gear icon in our new Applet.

      • K Desktop Environment/KDE SC/Qt

        • GCompris 2.0 Educational Software for Kids Brings New and Improved Activities

          GCompris is one of the oldest and most popular open-source educational software suites for GNU/Linux distributions, and the new release, GCompris 2.0, is here to provide even more hours of fun and entertainment for your children.

          Highlights of GCompris 2.0 include several new activities, such as Baby Mouse for helping children interact with a computer for the first time, Oware as traditional African strategy game, Positions to help children learn the terms that describe an object’s relative position, and Ordering Sentences for helping children practice reading and grammar by sorting out parts of a sentence.

        • GCompris Releases Version 2.0 (KDE.news) [LWN.net]

          Just in time for the upcoming holidays, "KDE's educational suite of more than 170 activities and pedagogical games", GCompris, has released version 2.0.

      • GNOME Desktop/GTK

    • Distributions

      • New Releases

        • EndeavourOS Atlantis Neo Brings Much-Needed Fixes and a Christmas Surprise

          Coming just two weeks after the major EndeavourOS Atlantis release, the EndeavourOS Atlantis Neo is here as an interim release that addresses a few issues present in the Atlantis ISO.

          For example, EndeavourOS Atlantis Neo improves the Calamares graphical installer, which has been updated to version 3.2.49, to support encrypted Btrfs installations when selecting Swap partition and hibernation, as well as to allow users to install EndeavourOS on machines with less than 2 GB of RAM.

        • Happy holidays, Atlantis neo has arrived – EndeavourOS

          I want to start with the clarification that EndeavourOS is a rolling release and that the changes and updates on our ISOs only affect the installation experience and an update of our offline edition. We don’t hold back packages in any way. The point release numbers in the ISO name simply refer to the year of release followed by the number of releases in that year. Having said that, let’s go back to the Atlantis neo release and here’s what’s going on:

          Major release – The recent Atlantis release was a major release that contained a lot of improvements and new features created and implemented by our developers’ team, next to the regular upstream package updates. A major release will also be “celebrated” with a new wallpaper and a new code name inspired by existing or fictional spacecraft names.

          Hotfix feature – This is an express tool for the dev. team to push out small bug fixes to a released ISO. Those fixes can be, corrected errors created by us, workaround scripts to patch an upstream bug or upstream bug fixes that don’t interfere with other packages on the ISO. Just see it as a band-aid, fixes pushed out by this feature are merely temporary patches.

          Interim release – An interim release ships a slightly updated version of a recent major release, without the addition of new features or new wallpapers. The fixes these releases contain are, reversed workarounds due to an upstream fix and/or upstream bug fixes or changes that also affect the behaviour of other packages on the ISO. Of course, with these changes, they will also ship all the upstream package updates.

      • IBM/Red Hat/Fedora

        • Fedora Community Blog: Friday’s Fedora Facts: 2021-50

          Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!

        • Ben Williams: F35-20211216 updated Live isos released

          The Fedora Respins SIG is pleased to announce the latest release of Updated F35-20211216-Live ISOs, carrying the 5.15-7-200 kernel.

          The next set of isos will be released around 20220115.

          This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 950MB of updates savings )).

        • Davie Street Enterprises embraces cloud technologies and services

          Throughout our fictional case study of Davie Street Enterprises (DSE), we have witnessed how embracing modern tech industry best practices have drastically increased the speed at which the company can accomplish its goals while improving overall operational efficiency.

          DSE has done this by finding platforms, services, and processes that best align with its goals—made possible by the combination of Red Hat products and our partner ecosystem. In this post, we will focus on those operational efficiencies and how they can be further enhanced through the use of Red Hat Cloud Services, all of which are built on Red Hat OpenShift.

        • Red Hat Ansible Automation Platform delivers on high ROI expectations

          In a world where organizations are continually asked to do more with less, IT leaders are always looking for new technologies and strategies that can help their teams become more agile and efficient. Doing so frees up time and resources that can be better used to deliver the essential technologies needed to drive business success.

          Manually performing routine tasks and complicated processes eats up both time and money, and automating those efforts can make the difference between keeping pace with customer demand and falling behind.

      • Debian Family

        • 2,000 fonts for Debian - Bits from Debian

          Debian comes with tons of fonts for all kinds of purposes, you can easily list them (almost) all with: apt-cache search ^fonts-.

          However, sometimes they are not in their latest version, or as a user you would like to get access to new fonts that are not present in Debian stable yet.

          With the tool fnt you can easily preview, and install fonts from Debian sid and Google Web Fonts (that's about 2,000 fonts that are DSFG compliant). Any user can use the tool to install fonts only for the user itself, or the system administrator can run it as root to install the fonts system wide.

          The package fnt is already in Bookworm, so if you run Debian testing you can use it to get, test and use many fonts that are in their way of being packaged in Debian...

      • Canonical/Ubuntu Family

        • Data centre networking: What is OVN? | Ubuntu

          With the development of open source software-defined networking solutions, virtualisation took a progressively more important place in modern data centres. Concepts like virtual switching and routing became part of the data centre networking scene, with OVS as a pioneering example. Virtual switches nevertheless did initially miss very important networking features and standards, which hardware-based network devices already had – and which were proven and widely implemented. OVN came to represent those network features in virtual switching environments and address their extensibility across multi-host clusters. Let’s first take a closer look in order to understand what OVN is.

        • Data centre networking: SmartNICs

          With the explosion of application traffic and the multiplication of data centre workloads during the last decade, east-west traffic greatly increased and ended up impacting the traditional north-south based architectures. This raised the need to review the entire data centre architecture while keeping the goal of meeting performance, security, and monitoring requirements.

          From a performance and security perspective, rather than shunting the traffic to centralised security and management blocks within the data centre (which might cause performance issues) or accepting uncontrolled zones, the forwarding and security intelligence can be distributed throughout the data centre.

    • Devices/Embedded

      • Linux vs Windows 10 IoT. How to Choose the Best OS for Your Medical Device?

        Linux has become one of the most user-beloved operating systems since it was released in 1991. Linux, based on the kernel combined with the GNU Project, was actually the first complete open-source operating system.

        Linux is characterized by the great versatility of its use. You can run it on a credit-card-sized single-board computer, such as the Raspberry Pi, to teach kids computer science at school. At the same time, Linux assists in performing computations in quantum mechanics on the most powerful supercomputers.

        There are a wide variety of Linux distributions and operating systems based on the Linux kernel. Some of them are purely open-source, like Debian or Gentoo, while the others are provided by commercial vendors (for example, Red Hat and Ubuntu). Probably, the most prominent Linux-based OS is Android, which is an absolute winner in the market of mobile operating systems.

        The Linux OS is widely used in embedded systems due to its high flexibility. Embedded Linux development is aimed at customizing Linux to make it fully compliant with your product requirements.

        Linux is compatible with almost any modern hardware platform. If you need to move to different electronics or update the current hardware version, it won’t be a problem to port your operating system and run it successfully on the new system on a chip or desktop platform.

        If you want to get a more detailed understanding of Linux and its strengths for healthcare, please check out our guide on why choose Linux for medical devices.

      • Build a DIY FM Radio with this $12 kit - CNX Software

        I’ve not used an FM radio for years, but if you’d like to teach younger generations about older technology and show them how to solder components there’s an RDA5807 based kit that would allow you to build DIY FM Radio operating in the 87 MHz to 108 MHz range.

        The JC-300 kit comes with a bare PCB, and all components required including a speaker, an antenna, and a holder for a 18650 battery. Some of the main components of the kit include...

      • Inforce 68A1 SoM supports up to seven 4Kp120 cameras, dual 4Kp120 video encoding/decoding - CNX Software

        SMART Wireless Computing has announced the Inforce 68A1, a compact system-on-module based on Qualcomm QCS8250 IoT processor with support for up to seven concurrent 4Kp120 camera inputs, and decode/encode two 4Kp120 video streams simultaneously.

        Equipped with 8GB PoP DDR5 memory, 64GB UFS storage, a wireless module supporting 802.11ax Wi-Fi 6E and Bluetooth 5.1, the module is designed for high-end IoT applications such as smart cameras, video collaboration, AI hubs, connected healthcare, and smart retail.

      • Qualcomm QCS8250 module and kit can handle seven 4K120 cam inputs

        Smart Wireless unveiled an “Inforce 68A1 SoM” that runs Android 10 on a Qualcomm QCS8250 with 8GB LPDDR5, 64GB UFS, and 802.11ax (Wi-Fi 6E) that supports dual 4K120 displays and up to 7x 4K120 camera inputs. An “ACC1C20” dev kit is also available.

        In July, we reported on Thundercomm’s TurboX C865 SOM and dev kit, as well as eInfochips’ EIC-QCS8250-210 Mini-ITX board, both of which run Android on Qualcomm’s octa-core QCS8250. The octa-core SoC is an embedded oriented variant of the Snapdragon 865. Now, Smart Wireless has launched an Inforce 68A1 SoM and ACC1C20 reference board based on the QCS8250.

      • Open Hardware/Modding

        • Year End Update for 2021, Looking Forward to 2022

          2021 was a year of transformation and growth for Purism, amidst real challenges. Thank you for all your support and contribution! This has been a particularly daunting year for the supply chain. Really, the global pandemic has made supply chains less reliable, and lead times and shipping times for various parts incredibly unpredictable. In midst of these, we deeply sympathize with those who are waiting on their devices. We assure you that our teams have been working overtime to fulfill orders and build the inventory of critical parts.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Firefox Nightly: These Weeks in Firefox: Issue 106
          • Despite improvements, delaying the deprecation of third party cookies in the CMA’s Privacy Sandbox commitments will hold back privacy on the open web

            Recently, the UK’s Competition and Markets Authority (CMA) initiated a second round of consultation on the voluntary commitments offered by Google in the Chrome Privacy Sandbox (GCPS) investigation. We welcome the inclusion of greater transparency, consultation, and restrictions on self-preferencing, as we had advocated for in the initial consultation. However, we remain concerned by the broadening scope of the standstill period that will further delay both the deprecation of Third Party Cookies (TPCs) and the deployment of privacy forward technologies such as Privacy Budget or GNATCATCHER which have the potential to address cross-site tracking that occurs through fingerprinting and IP addresses.

          • Data@Mozilla: This Week in Glean: Looking back at Glean in 2021

            A year ago I posted Glean in 2021 as a way to look into the future and set out a vision and plan for the project. Today I’m looking back at 2021, if we were able to follow up on my plans back then and look at all the other things we did for Glean.

            Let’s start easy: According to the index we wrote 21 This Week in Glean blog posts (including this one). Close enough to one every other week. Communicating about our work is important and TWiGs are one way to put our ideas and thoughts about the project out there.

            Let’s first look at the topics I identified as important in last year’s blog post.

      • FSF

        • Open Source Advent Calendar

          • Open Source Advent Calendar: The WordPress Blog and Web Builder - Market Research Telecast

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: The Thunderbird email program - Market Research Telecast

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: the Libreoffice office suite

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: the image editing program Gimp

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

        • Licensing/Legal

      • Programming/Development

        • Error Codes And The Law Of Least Astonishment | Hackaday

          Do you know the law of least astonishment? I am not sure of its origin, but I first learned it from the excellent “Tao of Programming.” Simply put, it is the principle that software should always respond to the users in a way that least astonishes them. In other words, printing a document shouldn’t erase it from your file system.

          Following the law of least astonishment, what should a program do when it hits a hard error? You might say that it should let the user know. Unfortunately, many systems just brush it under the rug these days.

          I think it started with Windows. Or maybe the Mac. The thinking goes that end users are too stupid or too afraid of error codes or detailed messages so we are just leaving them out. Case in point: My wife’s iPhone wouldn’t upload pictures. I’m no expert since I carry an Android device, but I agreed to look at it. No matter what I tried, I got the same useless message: “Can’t upload photos right now. Please try again later.” Not only is this not very informative, but it also implies the problem is in something that might fix itself later like the network.

        • GStreamer ❤ Windows: A primer on the cool stuff you’ll find in the 1.20 release

          The GStreamer community keeps focusing their efforts on improving Windows support and is still adding various super fascinating features for Windows. GStreamer is about to release a new stable release (1.20) very soon, so you may want to know what’s new on the Windows front

        • webrtcsink, a new GStreamer element for WebRTC streaming

          webrtcsink is an all-batteries included GStreamer WebRTC producer, that tries its best to do The Right Thingâ„¢.

          Following up on the last part of my last blog post, I have spent some time these past few months working on a WebRTC sink element to make use of the various mitigation techniques and congestion control mechanisms currently available in GStreamer.

          This post will briefly present the implementation choices I made, the current features and my ideas for future improvements, with a short demo at the end.

          Note that webrtcsink requires latest GStreamer main at the time of writing, all required patches will be part of the 1.20 release.

        • awstranscriber

          awstranscriber, a GStreamer wrapper for AWS Transcribe API

          If all you want to know is how to use the element, you can head over here.

          I actually implemented this element over a year ago, but never got around to posting about it, so this will be the first post in a series about speech-to-text, text processing and closed captions in GStreamer.

          Speech-to-text has a long history, with multiple open source libraries implementing a variety of approaches for that purpose[1], but they don't necessarily offer either the same accuracy or ease of use as proprietary services such as Amazon's Transcribe API.

          My overall goal for the project, which awstranscriber was only a part of, was the ability to generate a transcription for live streams and inject it into the video bitstream or carry it alongside.

          The main requirements were to keep it as synchronized as possible with the content, while keeping latency in check. We'll see how these requirements informed the design of some of the elements, in particular when it came to closed captions.

          My initial intuition about text was, to quote a famous philosopher: "How hard can it be?"; turns out the answer was "actually more than I would have hoped".

        • Dirk Eddelbuettel: RcppArmadillo 0.10.7.5.0 on CRAN: Bugfixes

          Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 937 other packages on CRAN, and downloaded over 22 million times (per the partial logs from the cloud mirrors of CRAN).

          This release brings another bug fix release 10.7.5 by Conrad in the ‘long-term support’ 10.7.* series we started with 0.10.7.0 on September 30. As the bug fixes can come a little quicker than the desired monthly cadence CRAN aims for, we skipped a few of those release for CRAN only but of course still provide them via the Rcpp drat repo.

        • Dirk Eddelbuettel: RProtoBuf 0.4.18: Multiple Updates



          A new release 0.4.18 of RProtoBuf arrived on CRAN earlier today. RProtoBuf provides R with bindings for the Google Protocol Buffers (“ProtoBuf”) data encoding and serialization library used and released by Google, and deployed very widely in numerous projects as a language and operating-system agnostic protocol.

          This release, the first since March of last year, contains two contributed pull requests improving or extending the package, some internal maintance updating the CI setup as well as retiring an old-yet-unused stub interface for RPC, as well as an update for UCRT builds on Windows.

        • Qt5 qtbase compiled in OE

          But, would really like to compile the latest Scribus. Also, Vym is a great mind-mapping tool that requires qt5. What else? -- krita is another qt5-base app I think.

          So, I examined the error message where it failed. It is code supporting the AVX instructions. These are instructions that were added onto Intel x86 CPUs in 2011, though even now not all recent Intel CPUs support AVX.

          Apparently, although qt5 will compile-in support for these instructions, it will detect support in the CPU at run-time, and fallback if AVX not supported.

        • Qt4 and Scribus 1.4.8 compiled

          Back in OE Pyro-series, I compiled Qt5 and Scribus 1.5.x in OpenEmbedded. Now on the OE Dunfell-series, no such luck.

          OE has a 'meta-qt5' layer, which is supposed to be compatible with the Dunfell release, however compile fails. The error message looks like it might be related to the gcc version. My guess is that the meta-qt5 developers are focussed on OE releases after Dunfell and have neglected the Dunfell release.

          OE does have a 'meta-qt4' layer, and that has recently had commits to make it compatible with the Dunfell release. It just needed a couple of little patches, and it compiled.

        • First stable release of the Mold linker developed by the developer LLVM lld

          Rui Ueyama, author compositor LLVM lld and compiler chibicc , introduced the first stable release of the new high-linker the Mold , well ahead of the binding rate of object files linkers GNU gold and LLVM lld. The project is considered ready for production deployments and can be used as a faster transparent replacement for GNU linker on Linux systems. The plans for the next significant release include bringing support for the macOS platform to readiness, after which work will begin to adapt Mold for Windows.

          Mold is written in C ++ (C ++ 20) and is distributed under the AGPLv3 license, which is compatible with GPLv3, but not compatible with GPLv2, since it requires opening changes when developing network services. This choice is explained by the desire to receive funding for the development – the author is ready to sell the rights to the code for relicensing under a permissive license such as MIT, or to provide a separate commercial license for those who are not satisfied with the AGPL.

        • Perl/Raku

        • Rust

          • Follow-up on the moderation issue [Ed: 'Damage control' from an abundantly censorious project]

            Last week, the following e-mail was sent to all members of the Rust project (including all working groups) to follow up on the moderation issue. The footnotes have been added to provide additional context to the wider Rust community, and were not part of the original e-mail.

        • Java

          • This Week In Security: Log4j, PDF CPU, And I Hacked Starlink | Hackaday

            The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most severe vulnerability ever, and it does look like it’s at least in the running. The bug was first discovered by security professionals at Alibaba, who notified Apache of the flaw on November 24th. Cloudflare has pulled their data, and found evidence of the vulnerability in the wild as early as December 1st. These early examples are very sparse and extremely targeted, enough to make me wonder if this wasn’t researchers who were part of the initial disclosure doing further research on the problem. Regardless, on December 9th, a Twitter user tweeted the details of the vulnerability, and security hell broke loose. Nine minutes after the tweet, Cloudflare saw attempted exploit again, and within eight hours, they were dealing with 20,000 exploit attempts per minute.

            That’s the timeline, but what’s going on with the exploit, and why is it so bad? First, the vulnerable package is Log4j, a logging library for Java. It allows processes to get log messages where they need to go, but with a bunch of bells and whistles included. One of those features is support for JNDI, a known security problem in Java. A JNDI request can lead to a deserialization attack, where an incoming data stream is maliciously malformed, misbehaving when it is expanded back into an object. It wasn’t intended for those JNDI lookups to be performed across the Internet, but there wasn’t an explicit check for this behavior, so here we are.

          • The Log4j Vulnerability: What You Still Need to Know

            Easterly adds that “this effort also underscores the urgency of building software securely from the start and more widespread use of Software Bill of Materials (SBOM)” as directed by President Biden earlier this year. An SBOM, Easterly says, “would provide end users with the transparency they require to know if their products rely on vulnerable software libraries.”

          • CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

            CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability, directing federal civilian executive branch (FCEB) agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228.

            Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations review ED 22-02 for mitigation guidance. For additional details, see CISA’s webpage Apache Log4j Vulnerability Guidance.

          • Google Online Security Blog: Understanding the Impact of Apache Log4j Vulnerability

            More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted by the recently disclosed log4j vulnerabilities (1, 2), with widespread fallout across the software industry. The vulnerabilities allow an attacker to perform remote code execution by exploiting the insecure JNDI lookups feature exposed by the logging library log4j. This exploitable feature was enabled by default in many versions of the library.

            This vulnerability has captivated the information security ecosystem since its disclosure on December 9th because of both its severity and widespread impact. As a popular logging tool, log4j is used by tens of thousands of software packages (known as artifacts in the Java ecosystem) and projects across the software industry. User’s lack of visibility into their dependencies and transitive dependencies has made patching difficult; it has also made it difficult to determine the full blast radius of this vulnerability. Using Open Source Insights, a project to help understand open source dependencies, we surveyed all versions of all artifacts in the Maven Central Repository to determine the scope of the issue in the open source ecosystem of JVM based languages, and to track the ongoing efforts to mitigate the affected packages.

          • Understanding the Impact of Apache Log4j Vulnerability (Google) [LWN.net]

            The Google Security Blog looks into the ripple effects of the Log4j vulnerability.

          • GIMP is not affected by the log4j vulnerability

            Everyone is asking us if GIMP is vulnerable to the recent log4j vulnerabilities (also dubbed “log4shell” in the media, in particular regarding to the CVE-2021-44228 zero-day vulnerability).

            As an official statement: no, GIMP is not vulnerable to log4shell!

            We do not use log4j and there is not even any Java code in GIMP. So enjoy GIMP and feel safe while creating more wonderful artworks!

          • Security firm Blumira discovers major new Log4j attack vector

            A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.

          • Mars helicopter has Log4j bug, breaks records all the same ● The Register

            NASA has revealed that Ingenuity – the experimental helicopter sent to Mars with the Perseverance Rover – has clocked up a whole half-hour of flight in the Red Planet's meanly thin atmosphere.

            The 'copter passed the thirty-minute mark during its 17th flight, on December 5, which sets a new record for the space agency.

            But NASA was unsure of the craft's status because of what the US agency has described as "an unexpected cutoff to the in-flight data stream as the helicopter descended toward the surface at the conclusion of its flight."

            At this point of the story we need to share this old tweet from the Apache Software Foundation.

          • How to Check If Your Server Is Vulnerable to the log4j Java Exploit (Log4Shell)

            A critical exploit in widespread Java library has been found, disrupting much of the internet as server admins scramble to fix it. The vulnerable component, log4j, is used everywhere as an included library, so you will need to check your servers and make sure they’re updated.

            [...]

            The exploit was quickly patched in log4j‘s latest release, 2.16.0, but the problem isn’t fixing it—it’s finding out where you need to. Since log4j is an embedded dependency, it may be non-trivial to search for the specific version of it on your system. And, since Java is so popular, many third-party tools and components may use it, so you may not even know if you are running Java software on your machines.

            Even if you think you aren’t vulnerable, you probably still need to double check. This exploit affects so many systems that there is a solid chance you may be running log4j or Java without realizing it.

            Luckily, JDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the primary attack vector (using LDAP) that’s being exploited the most right now. You still need to patch it regardless, since it can easily be used with other attack vectors as well. Also, just the simple act of making a request to an endpoint can reveal data about machines on your network, which isn’t a good thing either.

            This exploit highlights why it is important to keep a Software Bill of Materials (SBOM), basically a list of all the software on your systems, where it comes from, and what it’s made from. In the future, this knowledge can help you quickly patch against attacks like this.

            In the present, you are probably just concerned about getting your network patched. To do that, you’ll need to scan your systems to find log4j versions used by your software, and make a list of all the vulnerable components.

  • Leftovers

    • 2021 in Tedium, Through Another Set of Eyes

      Throughout 2021, Tedium has covered a variety of stories with all sorts of weird angles. Like your crankiest uncle, I’ve fired off numerous “letters to the editor” (emails to Ernie) after reading a Tedium article and thinking there was something left out.

    • Hardware

      • DIY Mechanical Flux Dispenser Syringe Has Fine Control | Hackaday

        [Perinski]’s design for a mechanical flux dispenser uses some common hardware and a few 3D printed parts to create a syringe with fine control over just how much of the thick stuff gets deposited. The design is slick, and there’s a full parts list to accompany the printed pieces. [Perinski] even has some useful tips on how to most effectively get flux into 5 mL syringes without making a mess, which is a welcome bit of advice.

      • Weather Station Dumps CR2032 Cells, Gains 18650 | Hackaday

        Despite the fact that we’re rapidly approaching the year 2022, there are still an incredible number of gadgets out there that you’re expected to power with disposable batteries. Sure you can buy rechargeable stand-ins that come in the various shapes and sizes of the traditional alkaline cells, but that’s a stopgap at best. For some, if a new gadget doesn’t feature an internal Li-ion battery and standardized USB charging, it’s a non-starter.

        [Danilo Larizza] is one of those people. Bothered by the fact that his Oregon Scientific weather station required a pair of CR2032 coin cells, he set out to replace them with an integrated rechargeable solution. The conversion ending up being easier to implement than he initially expected, and by his calculations, his solution should keep the unit up and running for nearly 40 days before needing to be topped off with a standard USB charger.

      • Gluggle Jug Is Neat Application Of Hydrodynamics | Hackaday

        The Gluggle Jug is an aptly-named thing – it’s a jug that makes loud, satisfying glugging noises when poured. But how does it work? [Steve Mould] set out to investigate.

        [Steve]’s first plan was to cut apart an existing Gluggle Jug to see how it worked, but cutting ceramics can be difficult and time-consuming, and the asymmetric design only made things harder. Instead, he simply smashed a jug to see what it looked like inside, and replicated the basic design in a transparent laser-cut version.

        The design is simple – the glug sounds are from bubbles passing into a closed cavity within the jug as the water is poured out. Stop pouring, and air from that cavity then escapes back through the open mouth of the jug via more bubbles, making an even louder glugging sound. The frequency of the sound is determined by the height of the jug, which is essentially acting as a closed-pipe resonator.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • Coinbase publishes Kryptology library of distributed crypto algorithms

              Coinbase, the company supporting the eponymous digital currency exchange platform, announced the opening of the source texts of the cryptographic library Kryptology , which offers a set of cryptographic algorithms for use in distributed systems in which encryption and authentication is carried out with the involvement of several participants. The code is written in the Go language and is distributed under the Apache 2.0 license.

        • Security

          • Is Linux a More Secure OS Than Windows? | by Stephen Pelzel | Upskilling | Dec, 2021 | Medium

            The Linux OS has built itself a reputation for being a haven for internet privacy enthusiasts, and for good reason. The freedoms offered by Linux to their users is unmatched by other popular OS systems such as Windows and ChromeOS, but how does it stack up in the department of software security? Is Linux more secure from malware and hackers than the mega corporate alternative that is Windows?

          • What does your code use, and is it vulnerable? It-depends! | Trail of Bits Blog

            We are proud to announce the release of it-depends, an open-source tool for automatic enumeration of dependencies. You simply point it to a source code repository, and it will build a graph with the required dependencies. it-depends currently supports cargo, npm, pip, go, CMake, and autotools codebases, packages in their associated package managers, and Ubuntu apt.

          • Kubernetes: What's new in Security Profiles Operator v0.4.0

            The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement to make the management of seccomp, SELinux and AppArmor profiles easier and more convenient. We're happy to announce that we recently released v0.4.0 of the operator, which contains a ton of new features, fixes and usability improvements.

          • Privacy/Surveillance

            • Apple quietly deletes details of derided CSAM scanning tech from its Child Safety page without explanation [Ed: Apple does not care about the US Constitution; it'll treat all of its clients like pedophiles (until they prove otherwise)]

              Apple evidently has decided against forcing customers to run its sex crime detection software on their iPhones in order to refer those stashing illegal child abuse images in iCloud to authorities.

              We say "evidently" because the iTitan has simply erased the explanatory text it posted in August that describes its non-consensual image vetting system and has not responded to a request to clarify its plans.

              That month, Apple announced its intention to implement Child Sex Abuse Material (CSAM) Detection [PDF], one of two initiatives that it detailed on its Child Safety webpage. The other, a parental control for its Message app to "warn children and their parents when receiving or sending sexually explicit photos," debuted in iOS 15.2, which was released on Monday.

            • UK Mensa arm pays libel damages to former CTO ● The Register

              British Mensa Limited has paid former CTO Eugene Hopkinson defamation damages and costs settling his claims of libel, malicious falsehood, and breach of his rights under the UK GDPR relating to a series of statements it made on the subject of a January 2021 cyber-attack and a data leak at the org.

              In February, the club for people with a high intelligence quotient launched an investigation following a brute force attack on 20 January. There were two separate incidents in which "limited personal data of a few members and officers" was briefly exposed in the website's forum.

    • Censorship/Free Speech

      • Farewell Telegram - Hello Signal! - Ignorance is bliss...

        In the last few years I started to use Telegram as my main messenger, beside good old SMS/e-mail.

        I never used WhatsApp as I try to stay away from the Facebook/Meta/… ecosystem.

        Telegram seemed like a good choice as a lot of people I know are there and we e.g. mirror our KDE channels often to Telegram for better outreach, too. And all old messengers like ICQ more or less were abandoned by everybody I know including myself ;=)

        Unfortunately, during the current pandemic, I met more and more people that went down into the rabbit hole thanks to totally uncontrolled Telegram groups.

        Yes, you can say: this is free speech.

        It is.

        But on the other side, I think it can’t really be tolerated that people start to live in some parallel universe that completely ignores any science/laws/facts of the real world.

    • Civil Rights/Policing

      • Opinion | Abortion Rights Are a Religious Freedom for Progressive Jews - The New York Times

        Nearly 30 years ago, my mother was one of the hundreds of thousands of people who attended the 1992 March for Women’s Lives in Washington, D.C. It was a pivotal moment for abortion rights at the Supreme Court, which was about to hear arguments in the case Planned Parenthood v. Casey. Though she left me at home, the words on her sign — “Every child a wanted child” — made an impression. So did the fact that the buses to Washington were chartered by our synagogue. When she returned, I wore the neon pink “Choice” hat she’d bought to my classroom at Jewish day school and began to spread the word.

        That anecdote is not unique in the Jewish American experience: For many Jews, abortion rights are an ethical value, passed on from parent to child, with community support. The latest Pew Religious Landscape Study, from 2014, found that 83 percent of Jews surveyed supported legal abortion in most or all cases, more than any other religious group surveyed.

        A firm commitment to abortion rights isn’t just one of the socially liberal stances that progressive American Jews take. It’s also a belief rooted in our sacred texts, which — despite differing interpretations across time and denominations — consistently prioritize the ultimate well-being of the pregnant person over that of the fetus.



Recent Techrights' Posts

Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
 
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024
Gemini Links 19/12/2024: Fast Year Passes and Advent of Code Ongoing
Links for the day
Twitter is Going to Fall Out of Top 100 Domains as Clownflare (DNS MitM) Sees It
evidence of Twitter's (X's) collapse
[Meme] Making Choices at the EPO
Decisions, decisions...
'Dark Patterns' or a Trap at the European Patent Office (EPO)
insincere if not malicious E-mail from the EPO's dictators
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
Large and Significant Error Correction in South America?
Windows now has less than half what Android achieved in terms of "market share"
IBM's Leadership Ruining Lives of People Who Thought Working for IBM Would be OK
Nobody gets fire-lined for buying IBM?
The United States' Authorities Ought to Become Enforcers of the General Public License (GPL) for National Security's Sake
US federal agencies ought to pursue availability of code and GPL compliance (copyleft), not bans
The Problem of Microsoft Security Problems is Microsoft (the Solution is to Quit Microsoft) and "Salt Typhoon" Coverage Must Name CALEA Back Doors
Name the holes, not those who exploit them.
A "Year of Efficiency"
No, we don't mean layoffs
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024