Bonum Certa Men Certa

Links 12/1/2022: WordPress 5.9 RC2, Tails 4.26, and Tor Browser 11.0.4



  • GNU/Linux

    • Desktop/Laptop

      • Review: Black Box Emerald SE Over-IP System Provides Seamless Desktop Experience | HealthTech Magazine

        Healthcare organizations aim to operate with flexibility, scalability, affordability and security. Linux operating systems offer an affordable option for running back-end systems in a secure manner that only open-source architecture provides.

        At the center of the value Linux provides healthcare systems are Kernel-based Virtual Machines, which are based on open-source virtualization technology that is built directly into Linux. KVMs can turn the Linux OS into a hypervisor that supports multiple, isolated virtual environments called guests or virtual machines, according to Red Hat. This is especially useful for deploying mobile solutions.

      • Why You Should Buy a Computer With Linux Preinstalled

        If you're a Linux user considering a new machine, you might be tempted to just buy a standard computer and install Linux on it, irrespective of the operating system it came with.

        There are several reasons you might want to seek out a computer with Linux preinstalled. Let's take a look at some of them.

      • Dell Laptop Intel core i3 11th Gen-1115G4/8GB/256GB SSD/Ubuntu - Latitude 3520

        This laptop is compact and lightweight hence you can easily carry it in your backpack. The dimensions of the Dell Laptop Intel core i3 11th Gen-1115G4/8GB/256GB SSD/Ubuntu - Latitude 3520 are 24.08 x 36.09 x 1.8 cm and it weighs around 1.79 Kg.

    • Audiocasts/Shows

    • Kernel Space

    • Instructionals/Technical

      • Backup your databases with mysqldump - Unixcop the Unix / Linux the admins deams

        Hello, friends. In this post, we will show you how to use the mysqldump command. This command allows you to back up your MySQL / MariaDB databases rapidly.

      • How to download tux paint - TechStory

        Tux Paint is a free, grant-winning drawing program made for youngsters ages 3 to 12, yet delighted in by all! It joins a simple to-utilize interface, fun audio effects, and an uplifting animation mascot who guides youngsters as they utilize the program.

      • How to Install Vivaldi Browser on Rocky Linux 8 - LinuxCapable

        Vivaldi is a freeware, cross-platform web browser developed by Vivaldi Technologies. It had grown from the downfall of Opera with many disgruntled when it changed from the Presto layout engine to a Chromium-based browser. This platform angered traditional Opera users. Since then, Vivaldi has become one of the most popular alternative Internet Browsers amongst the big three Chrome, Firefox, and Edge.

        Vivaldi promotes itself as a leading browser with faster navigation, clever bookmarking, more intelligent browsing, extensive tab management, and a more visual approach.

        In the following tutorial, you will learn how to install Vivaldi Browser on Rocky Linux 8 Workstation.

      • How to Install Opera Browser on Rocky Linux 8 - LinuxCapable

        Opera is a freeware, cross-platform web browser developed by Opera Software and operates as a Chromium-based browser. Opera offers a clean, modern web browser that is an alternative to the other major players in the Browser race. Its famous Opera Turbo mode and its renowned battery saving mode are the best amongst all known web browsers by quite a margin, along with a built-in VPN and much more.

        In the following tutorial, you will learn how to install Opera Browser on Rocky Linux 8 Workstation.

      • How to Install Linux Kernel 5.16 on Rocky Linux 8 - LinuxCapable

        Linux kernel 5.16 has many new features, support, and security. The Linux 5.16 kernel release has a great new feature, FUTEX2, or futex_watv(), which aims to improve the Linux gaming experience, growing considerably with better native Linux porting for Windows games utilizing Wine.

        Other improvements have seen write include improved write congestion management, task scheduler for CPU clusters sharing L2/L3 cache, amongst many other additions. More information can be found on the Linux 5.16 Kernel release changelog.

        In the following tutorial, you will learn how to install the latest 5.16 Linux Kernel on Rocky Linux 8 Workstation or Server.

      • How to Add a Printer to a Chromebook

        A Chromebook is unlike most traditional laptops you'll encounter. It runs a web-based operating system known as Chrome OS, which makes it a modern and versatile device to own.

        But sometimes, even performing rudimentary tasks like setting up printers can be daunting to new users considering the unique interface Chromebooks offer. Let's take a look at how you can add a printer to your Chromebook in a few simple steps.

      • Virtual machine for my courses | VojtÄ›ch Zeisek

        For my courses ofwork in Linux command line not only for MetaCentrum and with molecular data in R I provide VirtualBox image, which allows to run complete desktop Linux (in this case openSUSE Leap) with all preinstalled applications needed for both courses. It's easy way how to get fully working Linux to play with. It requires at least bit powerful notebook, e.g. at least quad-core with at least 8 GB RAM, but more is better.

      • The Complete Guide to User Management in Linux

        User account management is one of the many challenges of Linux system administrators. Some of the responsibilities of a system administrator are enabling/disabling user accounts, preserving the home directory, setting user permissions, assigning groups/shells to users, and managing passwords.

        Effective control of user accounts is only possible after familiarity with the basics of Linux account management. Hence, this article is a stepping stone towards securing user accounts. It demonstrates how to create, delete and modify user accounts and manage predefined settings or files to build the most suitable and secure environment for Linux users.

      • How to install and Configure HAProxy load balancer on Rocky Linux/Alma Linux 8

        HAProxy is a free and open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications that spreads requests across multiple servers. It distributes the load among the web and application servers.

        Haproxy is popular for load balancing because of its efficiency, reliability, and low memory and CPU footprint. Load balancing is a common solution for distributing web applications horizontally across multiple hosts while providing the users with a single point of access to the service.

        It is available for install on major Linux distributions. In this guide we will learn how to install and configure HAProxy load balancer on Rocky Linux 8. This guide also works on other RHEL 8 based distributions like Alma Linux and Oracle Linux.

      • How to install and use Nmap on Ubuntu 20.04 – NextGenTips

        Welcome to today’s topic where we will be talking about how to install Nmap on Fedora 35.

        Nmap (Network mapper) is a free and open-source software for network discovery and security auditing. It is also used for network inventory services, managing service upgrades, and monitoring hosts’ downtime.

        Nmap is designed for bigger networks but it can also work fine with standalone hosts. Nmap suite includes an advanced GUI and results viewer called Zenmap, a flexible data transfer, redirection and a debugging tool called Ncat, a utility for comparing scan results called Ndiff, and a packet generation and response analysis tool called Nping.

      • How to Modify the Configuration of Running Docker Containers – CloudSavvy IT

        Docker containers are usually treated as immutable once they’ve started running. You can update some configuration parameters dynamically though, such as the container’s name and its hardware resource limits.

        In this guide, we’ll show you how to use built-in Docker commands to modify selected parameters of running containers. We’ll also look at what you shouldn’t change and a workaround you can use if you believe you must.

      • How to Secure Docker’s TCP Socket With TLS – CloudSavvy IT

        Docker’s API is completely unprotected by default except for filesystem permissions on its Unix socket. You should set up TLS when exposing the Docker API over TCP so Docker Engine and your clients can verify each others’ identity. Otherwise anyone with access to the TCP port could browse your Docker containers, start new ones, and run actions as root on your system.

        Configured TLS will require clients to present a valid certificate that’s signed by the server’s certificate authority. To get it working, you need to create SSL certificates, then set up Docker Engine to require TLS connections. Docker CLI clients must also be adjusted to expect a TLS server.

    • Wine or Emulation

      • BeOS rebuild Haiku has a new feature that runs Windows apps ● The Register

        The Haiku operating system has an experimental new feature, WINE. Originally a Linux subsystem, WINE can run unmodified Windows programs on other operating systems.

        Edward FitzGerald translated only 158 of the more than 1,200 quatrains attributed to the Persian Astronomer-Poet Omar Khayyám so there are probably more experimental operating systems out there than there are of Omar's rubāÊ¿iyāt in English. Very, very few such OSes ever amount to much – a few demos, some sketchy code on GitHub, and that's the end.

        Haiku is different. An open-source reimplementation of former Apple exec Jean-Louis Gassée's BeOS, the project started in 2001 and took until 2018 to make it to its first beta version. But since then, the pace has picked up a little, with Beta 2 in 2020 and Beta 3 in 2021.

        Partly this is because Haiku didn't start completely from scratch. The project began right after Palm bought Be and cancelled BeOS.

        Haiku uses some of the original code and its GUI is notably based on BeOS's Tracker and Deskbar, which Be released as open source in 2000 – when BeOS was already at version 5 and a decade old. In fact, that year your correspondent reviewed it. I was impressed:

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.24 Wallpaper: “Wavy McWallpaperface” › Ken Vermette

          After two tremendously fun livestreams the Plasma 5.24 wallpaper is all wrapped up. With this particular image we had a lot of fun using new techniques to create this wallpaper, and the entire process was a fun adventure. To download the wallpaper it’s available on OpenDesktop and GetHowNewStuff if you’re a Plasma user.

          The wallpaper was first sketched in the Krita painting application. Up until this point wallpapers I authored used a fairly inflexible technique of creating a polygon grid and manipulating it, but this new shape would require new techniques.

    • Distributions

      • MakuluLinux Shift – Good News !

        We have a new Video for showing what’s new and upcoming up with Shift, Some really good news !

      • Haiku Contract Report: December 2021

        For the first time, most of the work I did as part of this contract was not in the month’s activity report aside from a passing reference, as nearly all of it took place outside the main Haiku source tree. So, here I detail it; and thanks once again to the generous donations of readers like you (thank you!).

        Nearly all of my work last month was spent on one thing, which was alluded to in the activity report:

        “Xlibe”: an Xlib/X11 compatibility layer for Haiku

      • BSD

        • Using KeePassXC with SSH-Agent on OpenBSD

          I’m using KeePassXC to manage my secrets. But when I log into my OpenBSD laptop, I’m still asked to enter my SSH passphrase to fill-in ssh-agent(1). Somehow, it’s great ; maybe other system don’t even propose that feature out of the box. But what if KeePassXC could know about my passphrase(s) and interact with ssh-agent(1). Well, it can.

      • IBM/Red Hat/Fedora

        • How To Install Lynis on Fedora 35 - idroot

          In this tutorial, we will show you how to install Lynis on Fedora 35. For those of you who didn’t know, Lynis is the popular security auditing tool for Linux, Unix, and macOS systems. Lynis performs an extensive health scan of your systems to support system hardening and compliance testing. Lynis also gives complete information about the current operating system, current operating system version, hardware running on the Linux machine, firmware information, etc.

          This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Lynis security audit tool on a Fedora 35.

        • How to Tell If You Are a Successful Program Manager [Ed: As a community, Fedora failed, largely due to actions from a community-hostile IBM]

          When I was hired as the Fedora Program Manager, my manager told me that he wouldn’t hold me responsible for Fedora Linux shipping on time. If an on-time release isn’t part of my success, then what could possibly be?! Keeping in mind that a program manager’s primary responsibilities are to coordinate and communicate across functions, I’ve settled on a few ways that I judge how successful I am.

        • Measuring Your Success as an Open Source Program Manager

          Fedora Program Manager Ben Cotton explains how to know when you’re doing a good job as a program manager.

          Cotton says, “as an active and visible member of the team, you have significant influence on the culture. Besides, culture isn’t evenly distributed. So let’s focus primarily on what’s going on near you. Do people trust you? Do they feel safe giving you bad news?”

        • [CentOS] December 2021 Board Meeting Minutes

          Note: Posting late, as we appear to have overlooked posting these after the December meeting.

          Note: The November board meeting didn't happen due to scheduling conflicts, so there are no minutes for that month.

        • Red Hat / Fedora Anaconda Installer Shifting To A Web Based UI

          The Red Hat / Fedora Anaconda installer for carrying out new operating system installs is in the early stages of a major rewrite to its user-interface and moving forward will be web-based.

          Anaconda has long been GTK-based but as part of modernizing it they are now looking at rewriting the UI to be a web browser-based UI that makes use of Red Hat's Cockpit project. The new UI will run locally or also remotely for those wanting to carry out headless server installs and the likes more easily than through VNC, etc.

          Red Hat's Cockpit web-based management system already has Anaconda DBus while they are working on this new installer UI that will allow it to be more consistent with the rest of the system.

      • Debian Family

        • Tails 4.26 is out

          Add a shortcut to open the Tor Connection assistant when starting Tor Browser if Tails is not connected to the Tor network yet.

      • Canonical/Ubuntu Family

        • How low can you go? Running Ubuntu Desktop on a 2GB Raspberry Pi 4 | Ubuntu

          At Canonical we’re proud to be able to offer a full Ubuntu Desktop experience on the Raspberry 4. Ubuntu Desktop provides everything you need to develop software and even deploy it to Ubuntu Server on devices like the Raspberry Pi Zero 2 W.

          However the full desktop environment is quite a lot for the Pi to handle. Up until now, we’ve recommended users stick to models with either 4GB or 8GB of RAM to be confident that it will perform well. One of our goals for the upcoming Ubuntu 22.04 LTS release is to lower that barrier to entry. This means targeting a viable Desktop experience on Raspberry Pi 4 2GB models.

          The secret to this optimisation is a Linux kernel feature called zswap. In this blog, we’ll show you how to enable this functionality today and benefit from the upcoming performance boost that will come as standard in 22.04.

        • Ubuntu Brings Full Desktop to Raspberry Pi 4 with 2GB RAM

          Want to run the full Ubuntu desktop on a Raspberry Pi 4 with 2GB of RAM? Well, now you can.

          Ubuntu already supports the Raspberry Pi 4 Model B 4GB and 8GB versions (and has done since the Ubuntu 20.10 release). Now the team building the distro plan to go further by supporting the Raspberry Pi 4 2GB model too (which costs around €£40, if you’re considering one).

          However, making Ubuntu run decently on devices with modest amounts of memory is difficult.

          Enter zswap, Ubuntu’s ‘secret weapon’ in targeting low-memory Pis with the full-blown Ubuntu experience.

          Most Ubuntu systems come with a swap file. This acts as an ‘overflow’ for RAM, caching processes and tasks that aren’t immediately needed to free up RAM for ones that are. The existing Ubuntu Raspberry Pi builds are no exception to this.

          But all that reading to and from an SD card isn’t the fastest fallback. So Ubuntu is swapping — yes, pun intended— to a compression tool like Zswap.

          “When a process is about to be moved to the swap file, zswap compresses it and checks whether the new, smaller size still needs to be moved or if it can stay in your RAM. It is much quicker to decompress a ‘zswapped’ page than it is to access the swap file so this is a great way of getting more bang for your buck from systems with smaller amounts of RAM,” Canonical’s Oliver Smith explains.

    • Devices/Embedded

      • PinePhone Pro Explorer Edition Linux smartphone is up for pre-order for $399

        Pine64’s PinePhone Pro “Explorer Edition”, the successor of the PinePhone Linux smartphone with a much more powerful Rockchip RK3399S processor, is now available for pre-order for $399 on Pine64 store, but mostly for Linux developers since there’s still a lot of work to do before the phone becomes usable.

        Based on Allwinner A64 processor, the original PinePhone was the cheapest Linux smartphone you could get, but as a user, I can also say it’s sluggish and suspect only a few people have made it their main mobile device. The story should be a different story with PinePhone Pro with much better specs include on hexa-core Cortex-A72/A55 processor tweaked to consume less power than RK3399, 4GB RAM, 128 GB eMMC flash, and a 6-inch display that makes it more like a typical entry-level/mid-range smartphone.

      • PinePhone Pro ‘Explorer Edition’ Pre-Orders Go Live

        You’ll need to move moderately quickly if you want the phone in your hands ASAP, as the upcoming Chinese New Year is expected to temporarily interrupt fulfilment.

        Pine64 say all orders placed between January 11th and 17th will ship by the end of the month. After that? Well you might be waiting until the end of February at the earliest.

        Now that this is the first time people have been able to buy the PinePhone Pro. A ‘developer edition’ went on sale late last year targeted at software enthusiasts wishing to work on bringing up OS support for the device.

        The PinePhone Pro ‘Explorer Edition’ is a little further along the refinement process. It ships with a Manjaro-based OS running the Plasma Mobile UI.

        That said, this phone is still targeted at FOSS enthusiasts willing to workaround flaws and wait for missing features to be added.

        There’s plenty of stock to go around as this is a “large production run” that’s not excepted to sell out in minutes. It is, however, limited to one PinePhone Pro per customer.

      • PinePhone Pro Explorer Edition is now available for $399 (Linux Smartphones) - Liliputing

        The PinePhone Pro is a Linux-friendly smartphone with a 6 inch FHD+ display, a Rockchip RK3399S processor, 4GB of RAM, and 128GB of storage. Priced at $399, it costs about twice as much as the original PinePhone, but it has better specs and should offer significantly better performance.

        Pine64 unveiled the PinePhone Pro last fall and began shipping developer units in December. Today a PinePhone Pro Explorer Edition is available for anyone to purchase – just keep in mind that this is a unit aimed at early adopters and enthusiasts and may not yet be able to do everything you’d expect from a smartphone, especially since software for the PinePhone Pro is still pretty early in the development process.

      • You can pre-order the Linux-powered PinePhone Pro Explorer Edition starting today

        Pine64, the team behind all sorts of Linux-powered hardware like single-board computers, notebooks, and smartphones, announced the PinePhone Pro last October as the successor to its OG PinePhone from 2019. While early units of the Pro model shipped to developers last month, broader availability is only just now getting underway following initial production delays, with the Pro Explorer Edition going up for public pre-order.

        The company posted on its website that it had intended to start pre-orders earlier this month but couldn’t due to some minor problems at the factory, and wanted to be sure everything was running smoothly before opening the floodgates. As a result of that hiccup, only people who place their orders between now and January 17th will have their devices shipped this month, and purchases from the 18th onward will be dispatched after Chinese New Year in February. Regardless of when you choose to place your order, you’re only allowed one unit per person.

      • Open Hardware/Modding

        • How can AI-based analysis help educators support students?
        • 3D Printed Sensor For Finding Wind Direction And Likely Much More | Hackaday

          Have you ever wondered how an electronic wind vane translates a direction into a unique signal? It seems as though it might be very complicated, and indeed some of them are. [martinm] over at yoctopuce.com has an excellent writeup about measuring wind direction using just a single, easily printed disk and some phototransistors.

        • Geniatech spins two SBC options with RK3568

          Geniatech’s “RK3568 Developer Board (K3-3568)” SBC builds on the quad -A55 SoC with up to 8GB DDR4, 2x GbE, HDMI in and out, MIPI-DSI and -CSI, a mic array, M.2, mini-PCIe, and a DVB-T2 tuner. A recent DB3568 version offers even more features.

          Last February, Geniatech announced a RK3568 Development Board and RK3566 Development Board, which is identical except for using a slightly less I/O capable RK3566 instead of the RK3568. We were confused when Geniatech sent us a link to a new RK3568 Developer Board, until we realized it was a different model called the K3-3568. We then saw that our old RK3568 Developer Board product page link had changed to yet another design called the DB3568, which differed from the larger board we covered in that report, which is now used only for the RK3566 Developer Board. Here we look at the two RK3568-based models.

          [...]

          Both boards support Linux and Android.

        • i.MX 8M Plus solderable LGA module follows OSM Size-L standard - CNX Software

          SGET Open Standard Module (OSM) specification was ratified in November 2020. It defined specifications for solderable LGA system-on-modules, and we first noticed it though through the launch of F&S Elektronik “FS 8MM OSM-SF” module powered by an NXP i.MX 8M Mini processor, and following OSM Size-S standard (30x30mm).

          As we noted in our introduction about the Open Standard Module, SGET defined four sizes from Size-0 (30x15mm) to Size-L (45x45mm), and there’s now at least one “Large” OSM module courtesy of iWave Systems, and their iW-RainboW-G40M module equipped with an NXP i.MX 8M Plus processor for AI applications.

      • Mobile Systems/Mobile Applications

        • Some Cool and Free Android Launcher Apps Without Ads!

          Android smartphones on the market usually have their own default launcher. So, the appearance of a certain brand of smartphone will also be different, unless the smartphone uses the default stock android which looks still standard.

          I have several Chinese production smartphones, and most of them embed ads in their UI. Sometimes these ads are embedded in some of the default apps from smartphones. You can delete some default apps without root using adb.

    • Free, Libre, and Open Source Software

      • Events

        • Registration Now Open for CodeNewbie Challenge 2022

          The CodeNewbie Challenge for 2022 (CNC2022) is now open for registration, with a new track and improved resources to help you connect with other participants. This challenge is a free email-based series designed to help you develop your coding skills.

        • First up in 2022: linux.conf.au!

          First up in 2022: linux.conf.au! Mark Filion avatar Mark Filion January 11, 2022 Share on Twitter Share on LinkedIn Share on Facebook Share on Mastodon Share on Email The new year has only just begun, and already our first conference of 2022 is on the horizon. Join us down under this week for the virtual edition of linux.conf.au, as we discuss bringing WebM Alpha support to GStreamer, and provide a status update on the futex2 syscall!

          Proudly sponsored by Collabora, linux.conf.au 2022 is "the largest linux and open source conference in the Asia-Pacific region. The conference provides deeply technical presentations from industry leaders and experts on a wide array of subjects relating to open source projects, data and open government and community engagement".

          Just like last year's edition, LCA2022 will be once again be held entirely online, with four Miniconfs kicking things off this Friday, January 14, followed by a busy two day main conference on January 15 & 16. Among the 80+ sessions spread out over three days will be two from Collabora's André Almeida and Nicolas Dufresne, as well as a talk on KernelCI by Gentoo's Alice Ferrazzi. Here's a look at what each will be discussing.

      • Web Browsers

        • Chromium

          • Can You Use Other Browsers on a Chromebook?

            Chromebooks run Chrome OS, an operating system built around Google Chrome. But what if you want to use another browser like Mozilla Firefox or Microsoft Edge? The answer to that question is not as simple as you might think.

            Naturally, you’d assume a Chromebook—which runs Chrome OS—can only use the Chrome browser. After all, many people consider Chrome OS to be just a glorified browser anyway.

        • Mozilla

          • New Release: Tor Browser 11.0.4

            Tor Browser 11.0.4 is now available from the Tor Browser download page and also from our distribution directory

            This version includes important security updates to Firefox.

      • SaaS/Back End/Databases

        • MySQL vs. MongoDB | FOSS Linux

          MongoDB is a NoSQL document-oriented database primarily used to store high-volume data. MongoDB came into existence around the mid-2000s. It is categorized under the NoSQL databases. MongoDB is maintained and owned by MongoDB Inc.

          NoSQL databases are known for using dynamic schemas. This means that users can create records without defining the structure in the first instance with these databases. Besides, MongoDB is widely known for allowing users to change the record structures, thus adding new fields and deleting existing ones.

          MySQL is one of the extensively used and popular RDBMS (Relational Database Management System). The name MySQL was derived from the co-founder’s daughter’s name “My” and “SQL .”MySQL is maintained and owned by Oracle Corporation.

          MySQL is primarily based on a relational database model since it is a Relational Database Management System). This database model makes DB administration straightforward and flexible.

          Unlike MongoDB, in MySQL, you have to pre-define the database schema based on your preferences and set rules to oversee the relationships between fields in the tables.

      • Productivity Software/LibreOffice/Calligra

      • Content Management Systems (CMS)

        • WordPress 5.9 RC 2

          The second Release Candidate (RC2) for WordPress 5.9 is now available!

          “Release Candidate” means the new version of the software is ready for release. It helps the community check that nothing is missed, given the thousands of plugins and themes and differences in how millions of people use the software.

          Thank you to everyone who has contributed thus far towards testing and filing bugs to help make WordPress 5.9 a great release. WordPress 5.9 is slated for release in just two weeks on January 25, 2022. There’s still time to help! Since RC1 was released, six bugs have been found and fixed. There were 13 bug fixes backported from Gutenberg.

      • FSFE

        • Device Neutrality becomes a reality +++ Stockholm +++ FSFE infrastructure +++ AI

          In our January Newsletter, we recognise the importance of the Digital Markets Act as a mostly positive development for software freedom. Read how the lack of public code cost Stockholm €100 million. Our System Hackers team unravel what lies behind the FSFE infrastructure. Vincent Lequertier stresses that AI needs transparency. FOSDEM is coming up.

          [...]

          Parents in Stockholm receive information about their children's schools or kindergartens directly to their devices with the help of Skolplattformen ('School platform'), a digital platform offered by the city of Stockholm. It cost an estimated €100 million and although it was publicly funded, Skolplattformen's code was private. Parents spotted irregularities and security issues in the platform and proceeded to fix the flaws themselves. They created a functional and secure Free Software alternative, Öppna skolplattformen ('Open school platform'). The city of Stockholm took legal measures against the developers who wanted to help.

      • FSF

      • Openness/Sharing/Collaboration

        • Open Data

          • Space-Eye: Satellite surveillance from underneath

            High-resolution images from earth observation could help with non-governmental sea rescues in the Mediterranean. However, these have to be purchased from commercial providers, because openly accessible images from EU satellites are of low quality. An initiative now wants to enrich this data with other sources and evaluate it with algorithms.

      • Programming/Development

        • Command Line JSON Client In Golang

          I’m an experienced software developer learning Golang by building an activity tracker1. I want a low-effort way to track my physical activity, and building it seems like a fun learning project. Last time I built a REST service for storing my workout activities, and now I’m going to make a command-line client for it.

        • The burden of an Open Source maintainer

          I look at it this way: if I didn't use my strategies to stave off burnout, I wouldn't maintain my projects at all. And having a project that works well and is maintained for 80% of the people who find it is better—in my mind—than adding on extra support and maintenance burden by dealing with every issue and PR that comes my way. And in the end, I maintain the projects for my own needs first.

          Maybe that sounds callous, but it's the reality of the open source contract, whether the project in question is backed by a multi-billion-dollar corporation or a random guy in St. Louis.

        • Good web scraping is not just about avoiding load

          One of my opinions here is that good web scraping is not just about avoiding load on the target. Ultimately, good web scraping is about being polite. One of the things that's definitely impolite is overloading the target; harming a scraping target is not a good thing. But another thing that's impolite, at least in my view (and my view is what matters for Wandering Thoughts), is simple being too large a source of requests and traffic. And 27,000 requests from a single source is at least one order of magnitude larger than I normally see, and the single largest regular source is itself an unreasonable one.

        • AdamW's Debugging Adventures: Bootloaders and machine IDs | AdamW on Linux and more

          Hi folks! Well, it looks like I forgot to blog for...checks watch....checks calendar...a year. Wow. Whoops. Sorry about that. I'm still here, though! We released, uh, lots of Fedoras since the last time I wrote about that. Fedora 35 is the current one. It's, uh, mostly great! Go get a copy, why don't you?

          And while that's downloading, you can get comfy and listen to another of Crazy Uncle Adam's Debugging Adventures. In this episode, we'll be uncomfortably reminded just how much of the code that causes your system to actually boot at all consists of fragile shell script with no tests, so this'll be fun!

          Last month, booting a system installed from Rawhide live images stopped working properly. You could boot the live image fine, run the installation fine, but on rebooting, the system would fail to boot with an error: dracut: FATAL: Don't know how to handle 'root=live:CDLABEL=Fedora-WS-Live-rawh-20211229-n-1'. openQA caught this, and so did one of our QA community members - Ahed Almeleh - who filed a bug. After the end-of-year holidays, I got to figuring out what was going wrong.

          [...]

          When I checked those files, it turned out that on the live image, the ID in both /etc/machine-id and /etc/machine-info was a69bd9379d6445668e7df3ddbda62f86 - the problematic ID on the installed system. When we generate the live image itself, kernel-install uses the value from /etc/machine-id and writes it to /etc/machine-info, and both files wind up in the live filesystem. But on the installed system, the ID in /etc/machine-info was that same value, but the ID in /etc/machine-id was different (as we saw above).

          Remember how I mentioned above that when doing a live install, we essentially dump the live filesystem itself onto the installed system? Well, one of the 'tweaks' we make when doing this is to re-generate /etc/machine-id, because that ID is meant to be unique to each installed system - we don't want every system installed from a Fedora live image to have the same machine ID as the live image itself. However, as this /etc/machine-info file is new, we don't strip it from or re-generate it in the installed system, we just install it. The installed system has a /etc/machine-info with the same ID as the live image's machine ID, but a new, different ID in /etc/machine-id. And this (finally) was the ultimate source of the problem! When we run them on the installed system, the new version of kernel-install writes config snippet files using the ID from /etc/machine-info. But Fedora's patched grub2-mkconfig scriptlet doesn't know about that mechanism at all (since it's brand new), and expects the snippet files to contain the ID from /etc/machine-id.

        • BOLT Merged Into LLVM To Optimize Binaries For Faster Performance - Phoronix

          Merged into LLVM's mono repository minutes ago was BOLT! This is the Facebook-developed tool for optimizing the layout of binaries in the name of delivering greater performance. Facebook (now Meta) already has been using BOLT internally to great success with production workloads, it's continued advancing in the public as open-source for a while, and is now upstream in LLVM for fostering its future development.

        • New blog!

          At the time, I used Blogger because I didn’t want to mess implementing a blog on my own website infrastructure. Why? The honest answer is an object lesson in software engineering. The last time I re-built my website I thought that building a website generator sounded like a fantastic excuse to learn some Ruby.

        • Single attribute in-place editing with Rails and Turbo

          Turbo can largely simplify our front-end needs to achieve a single-page application feel. If you have ever wondered how to do a single attribute in-place update with Turbo, this post is for you.

          I’ll assume you have Turbo (with turbo-rails gem) installed, and you already have a classic model CRUD done. If you don’t, just generate a standard scaffold. I’ll use the User model and the name attribute, but it can be anything.

        • Perl/Raku

        • Python

          • PyCook

            A few months ago, I went on a quest to better digitize and collect a bunch of the recipes I use on a regular basis. Like most people, I’ve got a 3-ring binder of stuff I’ve printed from the internet, a box with the usual 4x6 cards, most of which are hand-written, and a stack of cookbooks. I wanted something that could be both digital and physical and which would make recipes easier to share. I also wanted whatever storage system I developed to be something stupid simple. If there’s one thing I’ve learned about myself over the years it’s that if I make something too hard, I’ll never get around to it.

        • Shell/Bash/Zsh/Ksh

          • Tidy tables for data processing

            I've seen some very pretty data tables in spreadsheets, on webpages and in word-processed documents.

            There were lots of colours. Careful attention had been paid to font, font size and font emphasis. Column widths, row heights and border thickness had been skillfully adjusted. In spreadsheets there were comments and metadata notes. In word-processed documents there were numbered footnotes, with superscript numbers attached to data items.

            Of course, all that colour and data decoration is for human eyes. If the same tables were to be processed digitally, the processing program wouldn't care what the table looks like. It just wants the data to be tidy and workable.

            In this post I explain what "tidy and workable" means for data processing.

        • Java

          • The 10 Best IDEs for Java | FOSS Linux

            Java is a leading programming language and a computing platform in the development world. Its first inception was in 1995 by Sun Microsystem and later acquired by Oracle Corporation. So as you know, Java is one of the first programming languages that many learned because of its popularity levels. It is a high-level, object-oriented, and class-based language designed to be an all-around general-purpose language.

            This language permits developers to “write once, run anywhere,” which means that after compiling a code in Java, it can run anywhere- Hence, Java is supported without needing to recompile. It is nothing different from the C and C++ programming language syntax if you don’t comprehend its syntax.

            To implement Java programming language, you need particular environments to develop codes and apps. So here comes the starring role of Java Integrated Development Environment (Java IDE). This (IDE) was felt as developers encountered issues day in day out while coding huge apps and resolved out to find a solution.

            Typically, huge apps have lots of classes and files, and as such, it gets challenging to debug them. But with the help of an IDE, proper project management can be maintained as it offers hints on code completion and syntax errors.

            The integrated Development Environment (IDE) is typically a software app that gives developers a platform with numerous features to formulate computer-based apps, tools, web pages, services, etc.

    • Standards/Consortia

      • PCIe 6.0 Specification Released With 64 GT/s Transfer Speeds - Phoronix

        While PCIe 5.0 adoption is only in its infancy, the PCI-SIG today announced the PCIe 6.0 specification.

        The PCI Express standard speeds are again being doubled with PCIe 6.0 now being designed to deliver 64 GT/s transfer speeds, double that of PCIe 5.0. PCIe 6.0 will be able to deliver up to 256 GB/s of bandwidth in a PCIe x16 configuration. The specs shouldn't be all that surprising as back in 2019 it was announced PCIe 6.0 would deliver 64 GT/s transfer rates though at that time the spec was expected to be out in 2021.

      • Why Are Hyperlinks Blue

        While musing over my recently published article, Why are hyperlinks blue, I was left feeling a bit blue myself. Yes, it could have been the fact that I was evacuated and Hurricane Ida was destroying my home, I’ll admit. Besides that, I was also bothered by the fact that even though I was able to determine that Mosaic was indeed the first browser to use blue hyperlinks, I was not much closer to determining why the hyperlinks themselves were blue.

        Black hyperlinks had been the standard for many years, but why the sudden shift to blue? One can assume that it is because RGB phosphorescent monitors were becoming more readily available in comparison to monotone phosphorescent monitors that could only produce one color. Okay then, with a palette of colors to choose from, why blue? Why not green? Microsoft 3.1 had used green for hyperlinks. Surely there must have been something to support or inspire Marc Andreessen and Eric Bina on April 12, 1993 to make the hyperlinks blue, but what was it?

        I simply didn’t know, so I published the article anyway and hoped the internet would do as it always does: thrill in pointing out when someone is wrong, in the hope that someone would know the true answer.

        I published the first article, a hurricane destroyed my home, and now two months later I’m once again sitting in my now gutted home with the miracle of the internet once again restored, and I’m back on the case.

  • Leftovers

    • Science

      • Veto Power and Decision Making Process

        Imagine you're a venture capital partnership that has make decisions on whether to invest in a startup or not. A partner comes to the Monday meeting after having met a promising new startup, but not everyone agrees that it's a worthwhile investment. What is the optimal decision making process for the group to maximize their return?

        Majority vote? Supermajority? Unanimous? Does anyone have veto power? Can a single individual with high conviction make a unilateral decision?

        Turns out the answer in practice depends in part on the riskiness of the decision being made. Think about it in terms of the probability of a "yes" decision. All other things equal, the more votes needed to pass the proposal lowers the probability of success. Veto power lowers it even more.

      • Many presentations of axiomatic set theory contain an error

        The axiom of union is a typical example. It states that if !!\mathcal A!! is some family of sets, then there is also a set !!\bigcup \mathcal A!!, which is the union of the members of !!\mathcal A!!. The other axioms of this type are the axioms of pairing, specification, power set, replacement, and choice.

        There is a minor technical problem with this approach: where do you get the elements of !!\mathcal A!! to begin with? If the axioms only tell you how to make new sets out of old ones, how do you get started? The theory is a potentially vacuous one in which there aren't any sets! You can prove that if there were any sets they would have certain properties, but not that there actually are any such things.

        This isn't an entirely silly quibble. Prior to the development of axiomatic set theory, mathematicians had been using a model called naïve set theory, and after about thirty years it transpired that the theory was inconsistent. Thirty years of work about a theory of sets, and then it turned out that there was no possible universe of sets that satisfied the requirements of the theory! This precipitated an upheaval in mathematics a bit similar to the quantum revolution in physics: the top-down view is okay, but the most basic underlying theory is just wrong.

      • Reusable Booster Rockets, Asian Roundup | Hackaday

        The Space Shuttle’s solid rocket boosters were reusable, although ultimately the overall system didn’t prove cheaper than expendable launches. But given the successes of the Falcon 9 program — booster B1051 completed its 11th mission last month — the idea of a rocket stage returning to the launch site and being reused isn’t such a crazy proposition anymore. It’s not surprising that other space agencies around the world are pursuing this technology.

        Last year the India Space Research Organization (ISRO) announced plans for a reusable launcher program based on their GSLV Mark III rocket. The Japan Aerospace Exploratory Agency (JAXA) announced last Fall that it is beginning a reusable rocket project, in cooperation with various industries and universities in Japan. The South Korean space agency, Korea Aerospace Research Institute (KARI), was surprised in November when lawmakers announced a reusable rocket program that wasn’t requested in their 2022 budget. Not in Asia, but in December France’s ArianeGroup announced a reusable rocket program called Maïa.

    • Education

    • Hardware

      • Electronic Drum Toy Built From Scratch | Hackaday

        Drum kits used to be key to any serious band, however, these days, much of our music is created on computer or using a drum machine instead. [spanceac] has built a simple example of the latter, using a microcontroller to build a basic sample-based drum toy.

        The brains of the operation is the STM32F100VET6B, which comes complete with a 12-bit DAC for outputting sound. It’s also got a healthy 512 KB of flash, enabling it to store the drum samples onboard without the need for extra parts. Samples are stored at a sample rate of 22,050 Hz in 16-bit resolution – decent quality for a tiny little build, even if the DAC chops that back down to 12-bits later.

      • Honda Ignition Coils Sing The Song Of Their People | Hackaday

        High-voltage experimenters have been using automotive ignition coils to generate impressive sparks in the home lab for decades, and why not? They’re cheap, easily obtainable, and at the end of the day, producing sparks is literally what they’re designed to do. But that doesn’t mean there isn’t room for improvement.

        In his latest Plasma Channel video [Jay Bowles] revisits this classic experiment, bringing to bear the considerable high-voltage experience he’s gained over the last several years. Building on an earlier setup that used a single Honda ignition coil, this new dual-coil version can produce up to 60,000 volts and is driven by a cleaner and more reliable circuit based on the iconic 555 timer. A pair of potentiometers on the front of the driver can adjust its square wave output from 1 to 10 kilohertz manually, while a commercial Bluetooth audio receiver tied into the 555 circuit allows the output to be modulated by simply playing audio from a paired device.

      • HitClips Custom Cartridge Hack Will Never Give Up, Let Down, Or Turn Around

        In August 2000, Tiger Electronics released HitClips: Music cartridges and players designed to easily share 60 second low quality Clips of a youngster’s favorite Hits. Various players were available, and individual cartridges were inexpensive enough to collect. And it’s these toy music players that [Guy Dupont] has been hacking quite successfully on as you can see in the video after the break and on [Guy]’s Hackaday.io page.

      • The Atari Punk Console, Now With More Vacuum Tubes | Hackaday

        Most of us have beheld the sonic glory of an Atari Punk Console, that lo-fi synth whose classic incarnation is a pair of 555 timers set up to warble and bleep in interesting ways. Very few of us, however, have likely seen an APC built from 555s that are made from vacuum tubes.

        It’s little surprise to regular readers that this one comes to us by way of [David] at Usagi Electric, who hasn’t met a circuit that couldn’t be improved by realizing it in vacuum tubes. His “hollow-state” Atari Punk Console began with the 18-tube version of the 555 that he built just for fun a while back, which proved popular enough that he’s working on a kit version, the prototype of which served as the second timer for the synth. With 32 tubes aglow amid a rats-nest of jumpers, the console managed to make the requisites sounds, but lacked a certain elegance. [David] then vastly simplified the design, reducing the BOM to just four dual-triode tubes. Housed on a CNC milled PCB in a custom wood box, the synth does a respectable job and looks good doing it. The video below shows both versions in action, as well as detailing their construction.

      • LED Bubbles From The 1970s Tell The Time | Hackaday

        [CuriousMarc] is nothing if not curious. Finding some old TI timekeeping chips to reverse engineer, he set out to make a clock using old-fashioned “bubble LEDs.” You can see the result of his tinkering in the video below. For the uninitiated, bubble LEDs are 7-segment LEDs with magnifying bubbles over each digit. These were popular in calculators, watches, and other places that used LEDs before LCDs largely displaced them.

        The history of these has to do with the power required to light an LED. You don’t technically need a magnifying lens, but larger LEDs take more power. These displays were relatively low power and used tiny LEDs with light pipes to make each dot a full segment. The lens made the segments larger and easier to see.

        Beyond the TI chip and HP displays, there isn’t too much else needed. [Marc] just wired the whole thing using the IC as a substrate. Sort of dead bug construction using enameled wire. At first, it didn’t work but it turned out to be a battery issue. The device really wanted 2.5 V and not the 3 V provided by the battery. The solution required a little detective work.

      • 3D Printering: Soldering A Heated Bed | Hackaday

        There’s an old saying about something being a “drop in the ocean.” That’s how I felt faced with the prospect of replacing a 12 V heated bed on my printer with a new 24 V one. The old bed had a nice connector assembled from the factory, although I had replaced the cable long ago due to heating issues with that particular printer. The new bed, however, just had bare copper pads.

        I’m no soldering novice: I made my first solder joint sometime in the early 1970s. So I felt up to the challenge, but I also knew I wouldn’t be able to use my usual Edsyn iron for a job like this. Since the heated bed is essentially a giant heatsink for these pads, I knew it would require the big guns. I dug out my old — and I mean super old — Weller 140 W soldering gun. Surely, that would do the trick, right?

    • Health/Nutrition/Agriculture

      • Headed for six figures The Omicron variant is bringing Russia’s coronavirus epidemic to a tipping point, officials warn

        According to government officials, Russia’s coronavirus epidemic has reached a tipping point. On Tuesday, January 11, Moscow Mayor Sergey Sobyanin, Rospotrebnadzor head Anna Popova, and Russian Health Minister Mikhail Murashko all raised concerns about the rapid spread of the Omicron strain during a meeting of the Presidium of the Government Coordination Council on countering COVID-19. Among other things, they warned that the daily number of new coronavirus cases in Russia could soon hit six figures. Meduza summarizes their remarks here.

      • Republicans Only Extend Unemployment When It Protects Anti-Vaxxers
      • EU Says 'Premature' to Have Urgent WTO Meeting on Covid-19

        After over a year of the European Union blocking a proposed waiver of intellectual property rights for Covid-19 vaccines—and as case numbers surge thanks to the Omicron variant—an E.U. representative on Monday called India's proposal for a World Trade Organization conference on pandemic response "premature."

        "The pandemic hasn't lasted long enough for the E.U.?" asked Dimitri Eynikel, who represents Médecins Sans Frontières (MSF), or Doctors Without Borders, on the issue of access to medicines at the European Union.

      • There Are No Heroes in Djokovic vs. Australia

        If someone is going to compare you to Spartacus, you had better damn well earn it through your words and deeds. Novak Djokovic, the sour, selfish tennis demigod, isn’t even in the conversation. That didn’t stop the father of the tennis great from saying that his son was “the world’s new Spartacus” and “the symbol and the leader of the free world.” Why? Because he was standing up to “corona fascism” by refusing to be vaccinated or tamed by any mandates or restrictions. Yet Djokovic’s desire to remain a vaccine denier collided with Australia’s own policy of denying entry to anyone who has not gotten the vaccine.

      • Omicron has higher asymptomatic carriage: studies

        The results suggest a high carriage rate even in those vaccinated, the South African Medical Research Council said in a release.

      • How triclosan, found in many consumer products, is triggered to harm the gut

        Increasingly, research links triclosan, an antimicrobial found in thousands of consumer products, with the gut microbiome and gut inflammation. A new study looks at the potential for combating damage to the intestine. The findings suggest new approaches for improving the diagnosis, prevention and treatment of inflammatory bowel disease.

      • IDPH 'Unable' To Say How Many Children Are Hospitalized For COVID
    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Openwashing

            • Instaclustr focuses on pure open source to offer open-core alternative - SiliconANGLE

              The promise of open source is to make software tools free and open, yet some versions contain proprietary add-ons, licensing terms, or risks that must be vetted first.

              This situation is commonly referred to as “open core,” and to address this issue, Instaclustr Pty. Ltd. has built its business around providing managed support to configure open-source technologies such as Apache Cassandra or PostgreSQL while avoiding the encumbrance of open core. Instaclustr has become a player in the estimated $21 billion open-source services market.

        • Security

          • SOK: On the Analysis of Web Browser Security

            Web browsers are integral parts of everyone's daily life. They are commonly used for security-critical and privacy sensitive tasks, like banking transactions and checking medical records. Unfortunately, modern web browsers are too complex to be bug free (e.g., 25 million lines of code in Chrome), and their role as an interface to the cyberspace makes them an attractive target for attacks. Accordingly, web browsers naturally become an arena for demonstrating advanced exploitation techniques by attackers and state-of-the-art defenses by browser vendors. Web browsers, arguably, are the most exciting place to learn the latest security issues and techniques, but remain as a black art to most security researchers because of their fast-changing characteristics and complex code bases.

            To bridge this gap, this paper attempts to systematize the security landscape of modern web browsers by studying the popular classes of security bugs, their exploitation techniques, and deployed defenses. More specifically, we first introduce a unified architecture that faithfully represents the security design of four major web browsers. Second, we share insights from a 10-year longitudinal study on browser bugs. Third, we present a timeline and context of mitigation schemes and their effectiveness. Fourth, we share our lessons from a full-chain exploit used in 2020 Pwn2Own competition. and the implication of bug bounty programs to web browser security. We believe that the key takeaways from this systematization can shed light on how to advance the status quo of modern web browsers, and, importantly, how to create secure yet complex software in the future.

          • Cloud Apps Replace Web as Source for Most Malware Downloads

            New research shows that enterprise organizations these days are far more likely to experience malware downloads from cloud applications than any other source.

            Researchers at Netskope recently analyzed data gathered from customer networks and discovered that more than two-thirds of malware downloaded to enterprise networks between Jan. 1, 2020, and Nov. 30, 2021, originated from cloud applications. The security vendor found that cloud-delivered malware has become more prevalent than malware delivered via the Web and via malware-laced websites.

          • Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird | CISA

            Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. 

            CISA encourages users and administrators to review the Mozilla security advisories for [Firefox 96], [Firefox ESR 91.5], and [Thunderbird 91.5] and apply the necessary updates.

          • ‘Wormable’ Flaw Leads January 2022 Patch Tuesday

            Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

          • Microsoft Releases January 2022 Security Updates [Ed: If CISA and NSA were serious about security, they would advise people to abandon Microsoft for the back doors]

            Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Citrix Releases Security Update for Workspace App for Linux | CISA

            Citrix has released a security update to address a vulnerability in Workspace App for Linux. An attacker could exploit this vulnerability to take control of an affected system.

          • Adobe Releases Security Updates for Multiple Products | CISA

            Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • Privacy/Surveillance

            • Meta Sues Firm For Data Scraping; Claims That Signing Up For New Accounts After Being Banned Is Equivalent Of Hacking

              For years we've talked about the infamous Facebook lawsuit against Power.com. As you may recall, this was a key CFAA case against a site, Power.com, that was trying to create a social media aggregator dashboard -- in which you could login through a single interface, and access content from and post to a variety of different social media platforms. Facebook alleged that this was a form of hacking -- claiming it was "unauthorized access" to Facebook. This was even though there was no actual unauthorized access. Individual users gave Power their login credentials, so everything was completely authorized. After years of winding through the courts, unfortunately, it was decided that this was a violation of the CFAA, mainly because Facebook sent a cease & desist letter, and somehow going against that now made it "unauthorized." In my mind, this is one of the biggest reasons why Facebook has much less competition today than it otherwise might -- because it used the CFAA and cases against Power.com to create a "you can check in, but you can't check out" kind of data arrangement. Things like Power.com were an empowering system that might have made people much less reliant on Facebook -- but it was killed.

            • Standing Up For Privacy In New York State

              The first piece of legislation is A. 7326/S. 6541—New York bills must have identical versions in each house to pass—which protects the confidentiality of medical immunity information. It does this in several key ways, including: limiting the collection, use and sharing of immunity information; expressly prohibiting such information from being shared with immigration or child services agencies; and requiring that those asking for immunity information also accept an analog credential—such as a paper record.

              As New Yorkers present information about their immunity—vaccination records, for example, or test results— to get in the door at restaurants or gyms, they shouldn’t have to worry that that information will end up in places they never expected. They shouldn’t have to worry that a company working with the government on an app to present these records will keep them to track their movements. And they should not have to worry that this information will be collected for other purposes by companies or government agencies. Assuring people that their information will not be used in unauthorized ways increases much-needed trust in public health efforts.€ 

              The second piece of legislation, A. 84/ S. 296, also aims to stop unnecessary intrusion on people’s everyday lives. This legislation would stop law enforcement from conducting a particularly troubling type of dragnet surveillance on New Yorkers, by stopping “reverse location” warrants. Such warrants—sometimes also called “geofence” warrants—allow law enforcement agencies to conduct fishing expeditions and access data about dozens, or even hundreds, of devices at once. Government use of this surveillance tactic is incredibly dangerous to our freedoms, and has been used to disproportionately target marginalized communities. Unfortunately courts have rubber-stamped these warrant requests without questioning their broad scope. This has shown that requiring warrants alone is not enough to protect our privacy; legislatures must act to stop these practices.

            • UK Government Apparently Hoping It Can Regulate End-To-End Encryption Out Of Existence

              Politicians -- those motivated by the notion of "doing something" -- want to end encryption. They don't want this to affect their communications and data security. But they don't see the harm in stripping these protections from the general public. Often, the argument is nothing better than "only criminals want end-to-end encryption," something they trot out as a truism despite plenty of evidence to the contrary.

            • Danish spy chief detained over 'highly sensitive' leak

              The chief of Denmark's Defense Intelligence Service (FE), Lars Findsen, has been held in custody for more than a month over an apparent leak, it was revealed on Monday.

              Local media said the leak involved "highly sensitive" information. It follows allegations last year that Danish intelligence colluded with the US National Security Agency (NSA) to spy on European leaders and private Danish citizens.

            • EDPS sanctions Parliament over EU-US Data Transfers to Google and Stripe

              The European Data Protection Supervisor (EDPS) issued a decision after a complaint filed by noyb confirming that the European Parliament violated data protection law on its COVID testing website. The EDPS highlights that the use of Google Analytics and the payment provider Stripe (both US companies) violated the Court of Justice's (CJEU) "Schrems II" ruling on EU-US data transfers. The ruling is one of the first decisions implementing "Schrems II" on the ground and may show the way for hundreds of other cases pending before regulators.

            • Stop Europol’s illegal bulk data collection!

              For years, the EU police authority Europol has been collecting massive amounts of data without any legal basis. Now Europe’s top data protection official Wojciech Wiewiórowski is taking action against the police agency, according to an order published today.

            • EDPS sanctions European Parliament for illegal data transfer to the US

              Following a complaint by six MEPs, including Patrick Breyer of the Pirate Party, the European Data Protection Supervisor (EDPS) has confirmed that the European Parliament‘s COVID test website violated data protection rules. The EDPS highlights that the use of Google Analytics and the payment provider Stripe (both US companies) violated the European Court of Justice’s (CJEU) “Schrems II” ruling on data transfers between the EU and the US. The ruling is one of the first decisions to implement “Schrems II” in practice and could be groundbreaking for many other cases currently being considered by regulators.

              On behalf of six MEPs, the data protection organisation noyb filed a data protection complaint against the European Parliament in January 2021. The main issues raised are the deceptive cookies banners of an internal corona testing website, the vague and unclear data protection notice, and the illegal transfer of data to the US. The EDPS investigated the matter and issued a reprimand on the Parliament for violation of the “GDPR for EU institutions” (Regulation (EU) 2018/1725 applicable only to EU institutions).

    • Defence/Aggression

      • Kazakhstan: Militarist’s Newest Case For Confronting Putin’s Russia

        The fact that the Russian force includes members of the 45th Brigade, an elite special forces unit, is indeed worrisome.€  This unit fought in both Chechen wars in 1996 and 1999; in South Ossetia in 2008 in the five-day war with Georgia; in the abrupt annexation of Crimea in 2014; and in Syria in 2015.€  Nevertheless, Russia’s overall view of war, as expressed by its own writers, is one of defeat and even humiliation.€  Moscow lost the Crimean War in the 1850; the Russo-Japanese War in 1904-1905; WWI, which opened the door to the Bolshevik Revolution; the Cold War with the United States; and finally the humiliation of the dissolution of the Soviet Union.€  The Soviet demise meant the loss of two million square miles, which exceeds the size of the European Union or India.€  Even the so-called victory in WWII meant the loss of more than 27 million Soviets, and an economic and social recovery that took decades.

        Russians know the cost of war, and Putin, who lost a brother in WWII, presumably shares that concern.€  His so-called adventurism has involved very short campaigns with limited risk.€  The short war with Georgia was typical, and in fact was brought on by the Bush administration’s encouragement of Georgian irredentism in Abkhazia and South Ossetia.€  The seizure of Crimea was quick and tidy, and returned to Moscow a territory that had been in Russian hands for hundreds of years.€  As in Georgia, U.S. manipulation of Ukraine’s political firmament had much to do with Putin’s decision to retake Crimea.€  (Politically, Ukraine is more united and stable without Crimea because of the heavy concentration of Russian ethnics in the region.)

      • Tech giants banned Trump. But did they censor him?

        But there’s another, more conceptual debate that transcends partisan politics and carries implications beyond Trump’s freedom to tweet. It’s the question of whether the largest social media companies have become so critical to public debate that being banned or blacklisted — whether you’re an elected official, a dissident or even just a private citizen who runs afoul of their content policies — amounts to a form of modern-day censorship. And, if so, are there circumstances under which such censorship is justified?

      • Former Army Chaplain at Guantánamo Was Jailed There Himself
      • Twenty Years Of Barbarism At Guantánamo: Biden Could End It But Lacks The Political Will

        The first “high-value detainee” at Guantánamo military prison was approved for transfer a day before the detention camp marked the 20th anniversary of confining prisoners in the “war on terrorism.”

        According to lawyers from Center for Constitutional Rights (CCR) who represented him, Guled Hassan Duran was captured in Djibouti in March 2004. The CIA renditioned him to a secret prison site, where he was tortured and abused prior to his transfer to Guantánamo in 2006. He was designated by President Barack Obama’s review task force for indefinite detention, even though he was not charged with a crime. Duran is a citizen of Somalia with “prior residence in Germany and Sweden.” Congress prohibited the United States government from transferring any Guantánamo prisoners to Libya, Somalia, Syria, or Yemen in 2015. Because he cannot return to Somalia, it could be several years before he is released to a country willing to accept him. € Thirty-nine prisoners remain indefinitely detained at Guantánamo. They have been in confinement for the past 15-to-20 years without charge or trial.

      • Guantánamo Turns 20: Ex-Prisoner Moazzam Begg Calls on Biden to Close Site & End Legacy of Torture

        On the 20th anniversary of the first prisoner’s arrival at Guantánamo Bay, we spend the hour with former detainees, starting with Moazzam Begg, who was imprisoned for three years at the military prison and eventually released without ever being charged with a crime. He now advocates on behalf of victims of the so-called war on terror, calling on the Biden administration to follow through on promises to shut down the military prison and release the remaining 39 prisoners. Twenty years after the detention center opened, Begg reflects on the absurdity and lawlessness of Guantánamo, describing how its torture methods were not only unethical but ultimately extracted very little credible intelligence. “The legacy of this place is imprisonment without trial, torture, the absence of the rule of law, the removal of the presumption of innocence,” says Begg.

      • Twenty Years Of Barbarism At Guantánamo: Biden Could End It But Lacks The Political Will

        This article was funded by paid subscribers of The Dissenter, a project of Shadowproof. Become a paid subscriber and help us expand our work.

        The first “high-value detainee” at Guantánamo military prison was approved for transfer a day before the detention camp marked the 20th anniversary of confining prisoners in the “war on terrorism.”

      • Guantánamo 2.0: Former Prisoner Mansoor Adayfi Says Injustice Continues Even After Release

        Former Guantánamo Bay detainee Mansoor Adayfi was imprisoned for 14 years without charge before being released in 2016 to Serbia. Adayfi says those released from Guantánamo become “stateless men” who experience a brutal legal limbo even after being cleared of all charges, often released to countries where they have no history or connection with their families. Even exonerated former detainees of Guantánamo “live in the stigma of Guantánamo, viewed by the hosting countries as terrorists, as killers,” says Adayfi. He joins advocates everywhere in calling for President Biden to shut the prison down.

    • Environment

      • REPORT Lufthansa group confirmed that 18,000 flights had been flown empty to keep airport slots

        The airline’s parent company, Lufthansa Group, confirmed that 18,000 flights had been flown empty, including 3,000 Brussels Airlines services, according to a report in The Bulletin.

        EU rules require that airlines operate a certain percentage of scheduled flights to keep their slots at major airports.

        Under these “use it or lose it” regulations, prior to the pandemic carriers had to utilise at least 80pc of their scheduled take-off and landing slots.

      • Energy

        • Living Closer to Oil and Gas Drilling Linked to Higher Risk of Pregnancy Complications, New Study Finds

          Living near oil and gas drilling may increase pregnant women’s risk of developing gestational hypertension and eclampsia, according to a new study.

          “We observed for those pregnant women within one kilometer of drilling that there’s about a 5 percent increase in odds of gestational hypertension, and 26 percent increase odds of eclampsia,” Mary Willis, a postdoctoral scholar at Oregon State University and one of the authors of the study, told DeSmog. “So, it’s this really close range where we are seeing a potential impact right on women’s health.”

        • [Cryptocurrency] Startup Lets You Fund Other People’s Lawsuits Against Each Other

          First, some background on litigation funding. Half-gambling and half-fundraising, the process of litigation funding is a way for people with money to help those without fund their lawsuits — and in return, they get a share of whatever potential settlements the claimants receive.

        • Another Entire Country Just Banned [Cryptocurrency] Mining

          This week Kosovo, located in southeastern Europe, announced that it’s banning mining as well, after spending the last 60 days in a government state of emergency over an ongoing energy crisis.

      • Wildlife/Nature

        • Environmentalists Sue to Stop Livestock Grazing Plan for Point Reyes National Seashore

          Point Reyes is a spectacular landscape of open prairies and patches of woodlands home to 460 species, 876 plants, and many different marine and terrestrial mammals. In addition, the seashore harbors a hundred listed rare, threatened, and endangered species, an incredible diversity given the seashore’s relatively small size.

          While the peninsula possesses unquestioned scenic value, Point Reyes National Seashore’s ecological significance is recognized by its designation as an international biosphere reserve, part of the UNESCO’s Man and the Biosphere program.

        • What to expect from the world's sixth mass extinction

          Over the next few decades alone, at least 1 million species are at risk of being wiped out. That's according to an estimate in a landmark report published in 2019 — but many scientists say it could well be an undercount.

          Trying to predict the results of a complete collapse in biodiversity is almost a black art — ecosystems are incredibly complex.

          Scientists agree, however, that there are several clear predictions should extinctions continue at this rate. And all the effects are inextricably linked, like a game of Jenga.

    • Finance

      • I won't let you pay me for my open source

        What I do think is interesting is how both Gates and Stallman anchored their worldview in a scarcity paradigm that embraced a similar fear of the freeloader problem, and relied on software licenses, that is contracts, to counter it.

        Gates was afraid that users would take his software and not pay him for it. Stallman was afraid that users would extend his software and not hand over their contributions.

        Both men believed that the distribution of software was a trade exchange. One that had to be bound by certain explicit debt obligations, which had to be settled or else!

        Neither Gates nor Stallman were unique in their zeal to control the terms under which their software was used and distributed. Most of the software world fall in the same category. Share the same mistrust of users, and consider some level of debt obligations for using software completely natural.

      • Too Cheap to Meter

        Like the distances in the race between Achilles and the Tortoise, halving makes things get small quick. At some point, we stopped thinking about how much internet bandwidth we were using and we got free services like YouTube. Storage became so cheap that many companies gave it away for free, and we got practically unlimited storage in our Gmail inboxes. Now, computing power is becoming cheap enough for businesses like Replit or GitHub Codespaces to give it away for free.

        There's something special about when things are so cheap that they're free. As I wrote in Jevons Paradox and Software Efficiency, when the efficiency of something increases, sometimes we end up using more of it. There's few distribution strategies that work better than giving a paid service away for free.

    • AstroTurf/Lobbying/Politics

      • Companies propose scanning content pre-encryption to fight CSAM

        According to a government press release, the three companies will work “to develop software focusing on user privacy, detection and prevention of CSAM and predatory behaviour, and age verification to detect child sexual abuse before it reaches an E2EE environment, preventing it from being uploaded and shared”.

        The firms have said any CSAM detected by the system will be reported to moderators for further action to be taken. When CSAM is discovered by the AI algorithm, the information given to moderators will be tracked and audited to prevent any misuse.

        The developers claim there are currently no products in the market that provide this kind of pre-content filtering with end-to-end encryption.

      • Manufacturing Modi’s popularity

        The Wire news portal last week reported that a little-known app called Tek Fog was used to inflate the BJP’s clout. It can unleash a barrage of orchestrated trolls also against critics through a secret set-up.

        The Wire is among a clutch of courageous media outfits that have refused to be cowed by the state’s daily intrusions and intimidations. The portal observed for two years the existence of the app when a former insider turned whistleblower revealed its use “by political operatives affiliated with the BJP to artificially inflate the popularity of the party, harass its critics and manipulate public perceptions at scale across major social media platforms”. The orchestration was visible quite pronouncedly in the phrases used and references made, for example, to Mr Modi’s convoy, which last week got stranded in Punjab for all of 15 minutes. “Menacingly close to the Pakistan border” was repeated ad nauseum by the chorus of TV anchors to enlarge the threat Mr Modi faced after a change in his travel plan hit a roadblock of protesting farmers who had no clue he was travelling by.

      • Tek Fog: An App With BJP Footprints for Cyber Troops to Automate Hate, Manipulate Trends

        Over subsequent conversations, the source claimed their daily job involved hijacking Twitter's 'trending' section with targeted hashtags, creating and managing multiple WhatsApp groups affiliated to the BJP and directing the online harassment of journalists critical of the BJP, all via the Tek Fog app.

        The source went on to allege that they had decided to come forward after their supposed handler – Devang Dave, ex national social media and IT head, Bharatiya Janata Yuva Morcha (the youth-wing of the BJP) and current election manager for the party in Maharashtra – failed to deliver on a lucrative job offer promised in 2018 if the BJP was able to retain power in the 2019 Lok Sabha elections.

    • Misinformation/Disinformation

      • The Shocking Things the GOP and Trumpians Believe

        “What you see is what you get” is an old cliche, but it’s endured all these centuries because there’s so much truth in it. “Don’t listen to what people say, instead look at what they do” is another truism we can apply to inform us about today’s politics.

        The past forty years have seen three Republican and three Democratic presidencies, and the modern priorities and values of each Party are now quite clear.

      • Covid Test Misinformation Spikes Along With Spread of Omicron

        Misinformation about Covid-19 tests has spiked across social media in recent weeks, researchers say, as coronavirus cases have surged again worldwide because of the highly infectious Omicron variant.

        The burst of misinformation threatens to further stymie public efforts to keep the health crisis under control. Previous spikes in pandemic-related falsehoods focused on the vaccines, masks and the severity of the virus. The falsehoods help undermine best practices for controlling the spread of the coronavirus, health experts say, noting that misinformation remains a key factor in vaccine hesitancy.

      • AI’s 6 Worst-Case Scenarios: Who needs Terminators when you have precision clickbait and ultra-deepfakes?

        Hollywood’s worst-case scenario involving artificial intelligence (AI) is familiar as a blockbuster sci-fi film: Machines acquire humanlike intelligence, achieving sentience, and inevitably turn into evil overlords that attempt to destroy the human race. This narrative capitalizes on our innate fear of technology, a reflection of the profound change that often accompanies new technological developments.

        However, as Malcolm Murdock, machine-learning engineer and author of the 2019 novel The Quantum Price, puts it, “AI doesn’t have to be sentient to kill us all. There are plenty of other scenarios that will wipe us out before sentient AI becomes a problem.”

    • Censorship/Free Speech

    • Freedom of Information/Freedom of the Press

      • Niger: Suspended Jail Terms for Journalists Who Published Report On Corruption

        Reporters Without Borders (RSF) is appalled by the suspended prison sentences passed yesterday on two Nigerien journalists who published an international report about drug trafficking and corruption in Niger. These totally unjustified sentences send a shocking signal about the state of justice and the fight against corruption in this country, RSF says.

        In a terrible start to the year for journalists in Niger, L'Événement news website editor Moussa Aksar was given a two-month suspended jail sentence and freelance reporter Samira Sabou got a one-month suspended jail sentence for publishing a report by the Geneva-based Global Initiative Against Transnational Organised Crime (GI-TOC) in May.

      • Suspended jail terms for journalists in Niger who published report on corruption

        Reporters Without Borders (RSF) is appalled by the suspended prison sentences passed yesterday on two Nigerien journalists who published an international report about drug trafficking and corruption in Niger. These totally unjustified sentences send a shocking signal about the state of justice and the fight against corruption in this country, RSF says.

    • Civil Rights/Policing

    • Digital Restrictions (DRM)

      • Chip Shortage Forces Canon To Issue Workarounds For Its Own Obnoxious DRM

        For decades now, consumers have been lured into a sour deal: pay for a relatively inexpensive printer, then spend a lifetime paying an arm and a leg for viciously overpriced printer cartridges. As most have learned first-hand, any attempt to disrupt this obnoxious paradigm via third-party printer cartridges has been met with a swift DRM roundhouse kick to the solar plexus. In fact if there's an area where the printer industry actually innovates, it's most frequently in finding new, creative and obnoxious methods of preventing cartridge competition.

      • Indie Label Ilian Tape Removes Entire Catalog From Spotify — “It Just Felt Like the Right Thing to Do” [Ed: DRM]

        The Munich-based label was founded in 2007 by the Zenker Brothers. They announced the shift away from Spotify for 2022 on December 30, celebrating the new year. “This year has been one of the busiest for the label. We want to deeply thank all the artists and all our supporters! Ilian Tape turns 15 next year, lots of fresh stuff coming up,” the tweet reads. “It’s also time for a change; none of the music will be available on Spotify anymore. Happy new year!”

    • Monopolies

      • Big Tech 'Antitrust Reform' Agenda Sags, Revealing Mostly Empty Rhetoric

        Much of last year was dominated by talk about how there was a "new, bipartisan coalition" of folks interested in "reining in big tech" via "antitrust reform." The GOP in particular, which has, for forty years, largely embraced and encouraged monopolization and consolidation at every turn (see telecom as a shining example) was repeatedly portrayed as "very serious about antitrust reform this time." At least as it applied to "big tech." There are countless U.S. business sectors where monopolies and anticompetitive behaviors are rampant that Congress simply couldn't give any less of a shit about, whether it's banking, health care, telecom, airline travel, or energy.

      • Small Changes, Big Effects

        EU regulators long-since recognize in principle that academic publishers are monopolies, i.e., they are not substitutable, justifying the single-source exception granted to academic institutions for their negotiations with academic publishers (another such negotiation round just recently concluded in the UK). Openly contradicting this justification for the single source exemption, the EU Commission nevertheless classifies academic publishing as a market and, moreover, demonstrates with Open Research Europe, that public, competitive tenders for publishing services are possible. This now offers the opportunity for the first decision: we propose that now is the time for regulators to no longer allow academic institutions to buy their publishing services from academic publishers that do not compete with one another in such tenders. The consequences would be far-reaching, but the most immediate ones would be that the (mostly secret and NDA-protected) negotiations between institutions and publishers, which allowed prices and profits to skyrocket in the last decades, would now be a thing of the past. Another consequence is that the obvious contradiction between academic publishing as a set of recognized monopolies in procurement regulation, but as a regular market in anti-trust regulation would be resolved. After this decision, academic publishing would be an actual market that could be regulated by authorities in pretty much the same way as any other market, preventing future lock-ins and monopolies. Yet another consequence would be that competitive pricing would reduce the costs for these institutions dramatically, by nearly 90% in the long term, amounting to about US$10 billion annually world-wide.

      • Copyrights

        • How The Financialization Of Music Could Lead To Demands For Perpetual Copyright

          Back in October, I noted the huge amounts of money pouring into music copyrights, largely driven by the global rise of online streaming. Since then, that trend has continued, most notably with Bruce Springsteen's sale of his recordings and songwriting catalogue to Sony, for a rumored $550 million. As I pointed out in the post, one of the problems with this "financialization" of the sector is that music copyrights become completely divorced from the original creativity that lies behind them. They become just another asset, like gold, petroleum or property. On the Open Future blog, Paul Keller has pointed out a plausible – and terrifying – consequence of this shift.

        • Twitch Streamers Deliberately Get Themselves Banned For Copyright Infringement

          One of the more controversial trends to gain traction on Twitch lately is the wholesale streaming of copyrighted TV shows by some of the site's top streamers. Bizarrely they appear to have understood the consequences in advance and some are currently sitting out suspensions. So why bite the hand that feeds?

        • AimJunkies Returns Fire in Destiny 2 Copyright Lawsuit: 'Cheating Isn't Against the Law'

          AimJunkies.com has asked a federal court in Washington to dismiss the lawsuit filed a few months ago by "Destiny 2" creator Bungie. The defense argues that cheating isn't against the law and notes that Bungie's copyright infringement claims fall flat. As it turns out, two Destiny copyrights were registered after the cheats were sold in public, which may cause problems.



Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
 
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024