Bonum Certa Men Certa

Links 19/1/2022: XWayland 22.1 RC1 and OnlyOffice 7.0 Release



  • GNU/Linux

    • Kubernetes

      • Kubernetes Blog: Securing Admission Controllers

        Admission control is a key part of Kubernetes security, alongside authentication and authorization. Webhook admission controllers are extensively used to help improve the security of Kubernetes clusters in a variety of ways including restricting the privileges of workloads and ensuring that images deployed to the cluster meet organization’s security requirements.

        However, as with any additional component added to a cluster, security risks can present themselves. A security risk example is if the deployment and management of the admission controller are not handled correctly. To help admission controller users and designers manage these risks appropriately, the security documentation subgroup of SIG Security has spent some time developing a threat model for admission controllers. This threat model looks at likely risks which may arise from the incorrect use of admission controllers, which could allow security policies to be bypassed, or even allow an attacker to get unauthorised access to the cluster.

        From the threat model, we developed a set of security best practices that should be adopted to ensure that cluster operators can get the security benefits of admission controllers whilst avoiding any risks from using them.

    • Audiocasts/Shows

    • Kernel Space

      • Overcoming vulnerabilities with live kernel patching in Red Hat Enterprise Linux 8.5

        IT operations folks strive to not only maximize uptime, but also keep systems patched. These might seem like competing goals, but we're here to help with Live kernel patching in Red Hat Enterprise Linux (RHEL) and enjoy some improvements with live kernel patching in RHEL 8.5.

        You can use a built-in tool to get update the kernel on RHEL systems with no downtime. That tool is live kernel patching (kpatch). Kpatch has been a part of our operating system for some time now (since RHEL 8.1, 7.7). However, with RHEL 8.5 (and the 9.0 Beta), there are some significant enhancements.

      • Gentoo Linux: Building/rebuilding a kernel and Intel CPU microcode in an installation with initramfs | Fitzcarraldo's Blog

        In a 2014 post I explained how to update the Intel CPU microcode in a Gentoo Linux installation with an initramfs (I use sys-kernel/genkernel to build the kernel in the installation on my Compal NBLB2 laptop, which is running the Testing Branch of Gentoo Linux although the branch is not important). The initscript method (Method 1 in that post) for updating the CPU microcode is no longer valid, and the behaviour of the tool sys-apps/iucode_tool for updating the CPU microcode (Method 2 in that post) has changed, hence this update.

        Although not essential I normally perform the microcode upgrade procedure when I either rebuild or upgrade the Linux kernel, therefore I explain both procedures contiguously here.

        These days the grub-mkconfig command edits the file /boot/grub/grub.cfg to add a line to the GRUB menu entries, to load the CPU microcode at boot, but nevertheless I prefer to follow a slightly different method that works reliably for me.

      • Intel Media Driver 22 Debuts With Alchemist / ATS-M Support, ADL-N - Phoronix

        Intel's Media Driver 22.1.1 has been released as their firsr 22.x series open-source GPU video encode/decode software release. This quarterly update introduces new hardware support and a number of feature updates.

        Intel Media Driver 22.1.1 serves as Intel's Media Driver "2021Q4" release. New hardware support with Intel Media Driver 22.1.1 includes now supporting DG2/Alchemist also referred to as ATS-M (Arctic Sound Mainstream). These forthcoming Intel Arc discrete graphics have GPU-accelerated video decode now working with this driver and video processing functionality. This Intel Media Driver release also adds Alder Lake N (ADL-N) platform support.

      • Linux 5.17 RISC-V Allows Rebooting Without Needing Special Driver, HiFive Unmatched Improvements - Phoronix

        he RISC-V architecture updates for the in-development Linux 5.17 kernel have been successfully submitted.

        This cycle brings continued upstream work on SiFive's HiFive Unmatched RISC-V development board, which is the best, broadly available RISC-V board so far for enthusiasts, developers, and those just wanting to dabble with this royalty-free CPU architecture.

      • Graphics Stack

        • Khronos and EMVA Issue Call for Participation for New Camera API Working Group - The Khronos Group Inc

          Today, The Khronos€® Group, an open consortium of industry-leading companies creating advanced interoperability standards, together with the European Machine Vision Association (EMVA) announces the formation of a new Khronos Working Group to develop an open, royalty-free API standard for controlling camera system runtimes in embedded, mobile, industrial, XR, automotive, and scientific markets. Over 70 companies participated in an EMVA/Khronos-hosted Exploratory Group during 2021 to develop a Scope of Work document that will guide the direction of the API design. Design work is expected to start in February 2022, and any organization is invited to join Khronos to participate.

        • Khronos Establishing A Camera API Working Group - Phoronix

          In recent years The Khronos Group has been expanding a lot and forming a number of new open industry standards around 3D commerce, analytics rendering, and more. The latest is Khronos now establishing a Camera API working group.

        • AMDVLK 2022.Q1.1 Released With Radeon RX 6500 XT Support - Phoronix

          After ending out 2021 with an AMDVLK update to fix poor performance on Wayland, AMD today issued AMDVLK 2022.Q1.1 with their first set of changes for the new year.

          AMDVLK 2022.Q1.1 most notably introduces Navi 24 support, which is the entry-level RDNA2 GPU used by the Radeon RX 6500 XT graphics card launching today. AMDVLK support is ready to go for today's Radeon RX 6500 series debut for that mainstream GPU offering.

        • VMware's SVGA Gallium3D Driver Lands OpenGL 4.3 Support In Mesa 22.0 - Phoronix

          VMware has been preparing support for OpenGL 4.3 to be exposed within their VMware virtualization software so that guest VMs can enjoy newer OpenGL support that is accelerated by the host.

          With Linux 5.17 the VMware "VMWGFX" DRM kernel driver has the necessary kernel-side bits for OpenGL 4.3 to be exposed by VMware's guest virtual machines. Now in Mesa 22.0-devel, the user-space portion for OpenGL 4.3 with VMware's SVGA Gallium3D driver is now wired up. The remaining portion is updated VMware hypervisor software for exposing the updated virtual device.

        • 20 Intel ARC GPU IDs listed in upcoming Linux Mesa driver update

          We know Intel plans to release desktop and mobile lineups for its first wave of graphics cards, but 20 different device IDs sounds like a tall order. The list likely accounts for engineering samples, low-end variants, models that are not guaranteed to release, and of course the surefire mainstream gaming-tier entries such as the 512 execution unit model that’s rumored to challenge Nvdia’s RTX 3070 family.

          Seeing as Intel didn’t have anything substantial regarding ARC to show at CES 2022, it remains unclear if the graphics cards will still launch in Q1 this year. But Intel is at least sampling GPUs to laptop manufacturers which is a good sign of progress. Graphics cards are complex components to get right though, so it’s likely for the better if Intel decides to pace the launch and get things right on both the hardware and driver levels. Seeing as the company also plans to cater to Linux users, this sounds like a full scale endeavor by Intel to capture as many new users as possible and continue supporting them. Provided it has the supply to satiate demand.

    • XWayland

      • xwayland 22.0.99.901 (aka Xwayland 22.1.0 rc1)
        As per the schedule, I am please to announce the first release candidate
        of the standalone Xwayland 22.1.0 release.
        
        

        Some notable changes since Xwayland 21.1 include:

        * DRM lease support * Enables sRGB fbconfigs in GLX * Requires libxcvt * Refactoring of the present code in Xwayland * Implements support for touchpad gestures * Support for xfixes's ClientDisconnectMode and optional terminate delay

        Testing of this release candidate would be greatly appreciated.

        Please report any issues at https://gitlab.freedesktop.org/xorg/xserver/-/issues

        The second release candidate is scheduled in two weeks from now.
      • XWayland 22.1 RC1 Released With DRM Leasing, Other Improvements - Phoronix

        The race is on for delivering XWayland 22.1 in time for the spring Linux distribution releases with at least Fedora Workstation 36 expected to carry this updated package for allowing X11 clients to work atop Wayland compositors.

        Plans were recently drawn up XWayland 22.1 in February with it having almost been a year since the last major feature release. This is for the standalone XWayland releases yanked out of the X.Org Server in no longer being bound to the xorg-server release cycle or releasing all those additional components.

    • Instructionals/Technical

      • Git Reset Hard - Example Walkthrough

        In this article I will walk through how to do a git reset hard. When working with git on a project with multiple developers there tends to be a lot of changes to the code repository. Branches are created, files are added and changed, and files are staged and committed. With this amount of activity sometimes changes are made to files in the project which do not have the desired result, leading to you needing to revert the changes and roll back to a previous version of the code.

        With Git being a version control system (specifically a distributed VCS), previous versions of files in the project are available. Read on to find out how to undo your changes in git using a git hard reset.

      • Advanced Git Concepts You Should Know
      • How to Manage Linux Processes With htop

        System monitoring allows you to measure the performance of your Linux applications and services. You can measure processes and services using default tools or ones that you install yourself. With these programs, you can optimize performance, spot problems, and identify their source.

        The htop command is an interactive system-monitoring tool for Linux and Unix-like systems. It's an alternative to the default command-line tool, top, that comes pre-installed on all Linux distributions.

        This article explains how htop is different from the top utility. You'll see how to install htop on various Linux distributions or build it from the source. And you'll find out how to more around htop's interface and perform system monitoring using shortcut keys or your mouse.

      • How to Install Vtiger CRM Open Source Edition on Rocky Linux 8

        vTiger is an enterprise CRM system based on the well-known SugarCRM. Also available in open source edition. And here we learn the steps and commands involved to install Vtiger on Rocky Linux 8 Linux.

        It is a web-based, platform-independent and modular Customer Relationship Management (CRM) software that is particularly characterized by good integration into existing systems and convinces with a clear process orientation. The professional and enterprise versions hosted by vTiger are paid, however, there is a free plan without some limitation, if some want to try out the CRM before going for the paid features. Whereas, if you have the expertise, or a team that can handle the CRM back-end, then go for the self-hosted open-source version of it.

        Vtiger’s open-source edition is 100% free and developers can modify the source code as needed. In order to be able to use the software, the software must be installed either on hardware or on a virtualized machine. Many companies fail at this step because the necessary know-how is not available. If you are of those, here we are with the Vtiger CRM installation tutorial, which certainly helps you.

      • How To Install MariaDB on CentOS 9 Stream - idroot

        In this tutorial, we will show you how to install MariaDB on CentOS 9 Stream. For those of you who didn’t know, MariaDB is a free and open-source database management system and acts as a drop replacement for the Oracle MySQL server. MariaDB is a development of MySQL which puts focus on stability and performance and make it free to users.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MariaDB on CentOS 9 Stream.

      • How To Create and use a Self-Signed SSL Certificate for Apache

        The Transport Layer Security(TLS) and its predecessor SSL(secure socket layer) are web protocols that are used to swap normal web traffic in a protected, encrypted wrapper.

        Signing your own SSL certificates is usually done as an easy alternative to certificate authorities for internal communications or non-user facing sites that need still encryption. Here’s how to set one up with Apache.

      • Install Vtiger CRM Open Source Edition on AlmaLinux 8 - Linux Shout

        vTiger is an enterprise CRM system based on the well-known SugarCRM. Also available in open source edition. And here we learn the steps and commands involved to install Vtiger CRM on Almalinux 8 Linux.

        It is a web-based, platform-independent and modular Customer Relationship Management (CRM) software that is particularly characterized by good integration into existing systems and convinces with a clear process orientation. The professional and enterprise versions hosted by vTiger are paid, however, there is a free plan without some limitation, if some want to try out the CRM before going for the paid features. Whereas, if you have the expertise, or a team that can handle the CRM back-end, then go for the self-hosted open-source version of it.

        Vtiger’s open-source edition is 100% free and developers can modify the source code as needed. In order to be able to use the software, the software must be installed either on hardware or on a virtualized machine. Many companies fail at this step because the necessary know-how is not available. If you are of those, here we are with the Vtiger CRM installation tutorial, which certainly helps you.

      • What Are UUIDs and Why Are They Useful? – CloudSavvy IT

        UUIDs are unique values which you can safely use for decentralized identity generation. Collisions are possible but should be so rare they can be discarded from consideration. If you generated one billion UUIDs a second for an entire century, the probability of encountering a duplicate would be around 50% assuming sufficient entropy was available.

        You can use UUIDs to establish identity independently of your database, before an insert occurs. This simplifies application-level code and prevents improperly identified objects from existing in your system. UUIDs also aid data replication by guaranteeing uniqueness irrespective of data store, device, or environment, unlike traditional integer keys that operate at the table level.

        While UUIDs are now ubiquitous in software development, they are not a perfect solution. Newcomers tend to fixate on the possibility of collisions but this should not be your prime consideration, unless your system is so sensitive that uniqueness must be guaranteed.

      • 8 essential Linux file navigation commands for new users | Enable Sysadmin

        The basics are, well, basic. Yet these fundamental commands and skills are critical for day-to-day work on Linux systems. Sometimes new users are overwhelmed by the details of managing Linux from the command line. What they need is a quick overview or reminder to get them going. The fancy options come later.

        To that end, this article gives you eight basic filesystem navigation concepts and commands integral to file management.

      • Manage your passwords in the Linux terminal | Opensource.com

        These days, we all have a few dozen passwords. Fortunately, the bulk of those passwords are probably for websites, and you probably access most websites through your internet browser, and most browsers have a built-in password manager. The most common internet browsers also have a synchronization feature to help you distribute your passwords between the browsers you run across all your devices, so you're never without your login information when you need it. If that's not enough for you, there are excellent open source projects like BitWarden that can host your encrypted passwords, ensuring that only you have the key to unlock them. These solutions help make maintaining unique passwords easy, and I use these convenient systems for a selection of passwords. But my main vault of password storage is a lot simpler than any of these methods. I primarily use pass, a classic UNIX-style password management system that uses GnuPG (GPG) for encryption, and the terminal as its primary interface.

    • Wine or Emulation

      • Wine 7.0 Released With New Features | Itsubuntu.com

        Wine 7.0 is now available for download. It is the major release from the Wine developer. If you don’t know what Wine is then Wine is a software for Linux that lets Linux users run Windows-based applications in Linux.

      • Version 7 of WINE is better than ever at running Windows apps where they shouldn't

        Version 7 of the WINE compatibility tool for running Windows programs on various *nix operating systems is here, bringing notably improved 64-bit support.

        WINE has come a long way. It took 18 years to get to version 1.0 and another nine years to get to version 2, but since version 3 in 2018, it's averaged roughly one major release per year. The project is now mature, stable, and quite functional. A lot of Windows programs work fine that formerly didn't. It's not limited to Linux – it also supports macOS and FreeBSD, and Linux relatives ChromeOS and Android.

        This may in part be due to its corporate backing. The project has had several business sponsors over the decades, including Corel, which invested substantial effort to help port WordPerfect Office, and later Google, which did the same so that the now-cancelled Picasa would work better on Linux.

        These days, its primary sponsor is Codeweavers, which sells a commercial version called CrossOver Office for Linux, macOS and ChromeOS, as well as tools and services to help with porting Windows apps.

    • Games

      • Gaming on Chromebook - Invidious

        Some of the models of Chromebook come with GOOD specs. However, they aren't utilized properly and let me show you how I run BOTH rise of the tomb raider and rocket league on a chromebook.

      • Action-packed 'combat-puzzle' roguelite Red Tether is out now | GamingOnLinux

        It's actually called ---Red---Tether--> but that would look a bit odd in the headline. A new release from indie dev Sleeper Games, it's a thoroughly unique looking shoot 'em up with pretty fun looking gameplay.

        With the help of a tether harpoon, you will take down large space fleets using an indirect combat system. Instead of firing off your phasers, you'll be hoping your harpoon is well placed to help you tear ships apart and throw them around the screen.

      • All Roads Lead to Arch: The Evolution of Linux Distros Used for Gaming Over Time - Boiling Steam

        ProtonDB is mostly used to track games, but there is another way to use it: to track the evolution of Linux distros used by gamers over time. Turns out we have now a great dataset since 2018 of what distributions were used to make reports of ProtonDB, and we can exploit that observe trends. The usual caveats apply (for the methodology, see at the end of this article for more details): this may not be representative of the Linux Gaming market at large, there are variations month after month so we won’t care about a few percents ups and down, and so on. Enough said, you already know all that. Still, I would argue that people who contribute to ProtonDB are avid and active Linux Gamers, and probably at the forefront of larger trends. You can expect ProtonDB users to feature more tinkerers as well, so seeing Arch over-represented is not surprising. But the point is that the sample is probably consistent over time, and we are interested in how the choice of ProtonDB users is evolving since 2018.

      • Total War: WARHAMMER III gets a short hype-trailer for The Daemon Prince | GamingOnLinux

        Total War: WARHAMMER III is getting real close to the release now, and it's getting exciting for strategy fans to see the conclusion of this epic. Launching officially on February 17, it will be "available as close to launch day as possible on macOS and Linux".

        Seems Creative Assembly decided you need to get hyped and remember it's coming, as they've released a short new trailer to show off the rather boringly named (compared with other Warhammer naming that is) Daemon Prince. The trailer may be short but it is pretty great at making me want it now.

      • Humble Choice drops Mac and Linux platforms - NotebookCheck.net News

        Humble Choice has suspended its support for Mac and Linux systems as the company develops a new launcher for its subscription. The launcher will only be available for Windows PCs on February 1. Subscribers on Mac and Linux have until the end of the month to download DRM-free games from the Trove collection that are still supported, as some of these indie games will no longer be available in Mac and Linux versions.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.24 Beta Review Day

          When a new Plasma release enters Beta Phase, there are three weeks of intense testing, bugfixing and polishing.

          During this time we need as many users and developers as possible to help with finding regressions, trying to reproduce incoming reports and generally being on top of as much as possible. The more users, workflows, use cases and hardware the tests are being run on greatly helps to cover a wide variety of the entire software stack.

        • digiKam Recipes 22.01.21 released

          New year, new revision of the digiKam Recipes book. It is a relatively modest update that features two new additions: how to upload photos to a remove machine via SSH directly from digiKam and how to access digiKam remotely via RDP. Oh, and there is a new colorful book cover.

          As always, all digiKam Recipes readers will receive the updated version of the book automatically and free of charge. The digiKam Recipes book is available from Google Play Store and Gumroad.

        • KDE Enjoys Improvement For Much Better NVIDIA Wayland GBM Experience - Phoronix

          A QtWayland module change has landed that should greatly improve the NVIDIA Wayland experience when running the KDE desktop on modern NVIDIA drivers offering GBM API support.

          The change to Qt Wayland is about moving the Wayland socket polling to a separate event thread. In turn this particularly benefits NVIDIA with their latest proprietary 495+ drivers supporting GBM as an alternative to the EGLStreams approach they previously pushed along for the years of supporting Wayland.

      • GNOME Desktop/GTK

        • This Extension Adds Transparent Clock & Date Desktop Widget in Ubuntu 20.04+ | UbuntuHandbook

          Want to display time and date on your Ubuntu Desktop as widget? Without Conky or any other app, there’s now Gnome extension can do the trick by adding a live clock on your wallpaper.

          It’s ‘Showtime’, an extension based on the Budgie Desktop widget. It displays transparent live digital lock, weekday, as well as date on the background wallpaper. And, it shows date and time in both vertical and horizontal styles.

    • Distributions

      • SUSE/OpenSUSE

        • SUSE Liberty Linux – Securing your Linux future without vendor lock in | SUSE Communities

          Running a mixed Linux environment is common in today’s IT world. That is, competitive businesses run a wide variety of workloads on a wide variety of Linux distributions, including production workloads running on different enterprise Linux distributions.

          In this scenario, you are no doubt getting support, maintenance updates and security patches from not only multiple vendors, but also the open source communities. In addition, it’s possible that you are using multiple management dashboards to keep track of the health of your disparate systems.

          Your mixed Linux environment is quite frankly a nightmare for your administrators. Support contracts with multiple vendors are costly and complicated to maintain. And getting community support takes time away from the innovative work that the business is asking of you.

          The question is: how do you keep your workloads running where they run best and simplify your IT management?

      • IBM/Red Hat/Fedora

        • Running Penpot locally, Docker-free, with Podman!

          Penpot is a new free & open source design tool I have been using a lot lately. It is a tool the Fedora Design Team has picked up (we have a team area on the public https://penpot.app server where we collaborate and share files) and that we have been using for the Fedora website redesign work.

          As I’ve used it over a longer length of time, I’ve noticed some performance issues (particularly around zooming and object selection / movement.) Now, there’s a number of factors on my side that might be causing it. For example, I have ongoing network issues (we spent part of Christmas break rewiring our house and wireless AP setup, which helped a bit, but now it seems my wireless card can’t switch APs if the laptop is moved between floors, lol.) In any case, I knew that Penpot can be run locally using containers, and I wanted to try that to see if it helped with the performance issues I was seeing.

        • Reduce data privacy issues with machine learning models

          As the use of AI becomes increasingly pervasive in business, industries are discovering that they can use machine learning models to make the most of existing data to improve business outcomes. However, machine learning models have a distinct drawback: traditionally, they need huge amounts of data to make accurate forecasts. That data often includes extensive personal and private information, the use of which is governed by modern data privacy guidelines, such as the EU’s General Data Protection Regulation (GDPR). GDPR sets a specific requirement called data minimization, which means that organizations can collect only data that is necessary.

          It’s not only data privacy regulations that need to be considered when using AI in business: Collecting personal data for machine learning analysis also represents a big risk when it comes to security and privacy. According to the Cost of a Data Breach Report for 2021, the average data breach costs over $4 million overall for the enterprise, with an average cost of $180 per each record compromised.

        • 2022-01 CentOS board meeting

          Board members

          Thomas Oulevey Tru Huynh Brian Exelbierd Pat Riehecky Davide Cavalca Josh Boyer Mike McLean Johnny Hughes

        • Running Penpot locally, Docker-free, with Podman! – Máirín Duffy

          Penpot is a new free & open source design tool I have been using a lot lately. It is a tool the Fedora Design Team has picked up (we have a team area on the public https://penpot.app server where we collaborate and share files) and that we have been using for the Fedora website redesign work.

        • Red Hat and OS-Climate Data Commons: Helping financial services with data for informed decisions [Ed: IBM Red Hat is greenwashing again]

          Since joining OS-Climate (OS-C), Red Hat has been participating in an initiative to equip financial services institutions with the data they need to make informed decisions. At the 26th UN Climate Change Conference of the Parties (COP26), Red Hat speakers discussed ways financial institutions can more effectively use and share data to address climate change.

          Climate finance was a central talking point among delegates at COP26. How can banks help address these goals of COP26? We’ll share some highlights of our conference presentation in this post.

        • Keeping POWER relevant in the open source world

          I’m not a POWER (or recently: Power) expert, only an enthusiastic user and advocate. Still, in the past couple of weeks a number of people from around the world asked my opinion how the POWER architecture could be kept relevant. This blog is really just an opinion, as I do not have the financial means to go ahead. It is full of compromises some people are not willing to make. However, I think this is the safest and fastest way forward.

          [...]

          IBM treats Power as an enterprise platform, just like mainframes. And as long as they run AIX and IBMi with a couple of proprietary commercial applications, they are right.

        • DevSecOps: 5 tenets to empower your workforce

          The DevSecOps movement promotes a “shift-left” approach where security scans begin at the first commit and continue throughout the pipeline and beyond. Automation is pervasive and threats need to be identified and mitigated early and often. Developers are now tasked to write, build, secure, deploy, and potentially operate their own code.

          Fueled by the two-year pandemic, today's remote workforce has increased the need for heightened security awareness in all aspects of the business. This is particularly true for those who work in the technology sector. The use of new tools, coupled with decreased control over the remote working environment, adds extra layers of complexity. We need DevSecOps today more than ever.

          While we can solve some of these challenges through active automation, we cannot fully realize the benefits of DevSecOps without internalizing DevSecOps principles. DevSecOps is a way of thinking, of awareness, and certainly of behaving. DevSecOps requires a security mindset from developers, security professionals, site reliability engineers (SREs), and business staff.

        • IT talent strategy: 3 considerations for recruitment and retention in 2022
        • Connect IoT devices with Drogue IoT and OpenShift Streams for Apache Kafka

          Internet of Things (IoT) devices typically produce a lot of data, and Apache Kafka is a great tool for streaming that data. This article introduces Drogue IoT, a set of APIs and management tools that work with Kafka. You'll learn how to set up a Drogue IoT application using Red Hat OpenShift Streams for Apache Kafka.

        • From monolith to microservices: How applications evolve

          This is the second article in a three-part series about designing a microservices-oriented application (MOA) and how to adopt microservices in your organization. The first part of the series laid out the five basic principles of microservices-oriented application design. Now we'll talk about implementing microservices.

          To see how you can use microservices in your organization, it's worth looking at why the architectural style came about and how a monolith tends to evolve into an MOA. You can use this historical understanding as a guide for designing an MOA moving forward. So let's start by taking a short walk down IT's Memory Lane.

      • Debian Family

        • How To Install osTicket on Debian 11

          In this tutorial, we will show you how to install osTicket on Debian 11. For those of you who didn’t know, osTicket offers free, open-source ticket management and customer care solutions for businesses of all sizes, especially small and medium-sized businesses. With osTicket, you can manage, organize, and archive your support requests. It integrates customer support requests received by email, web forms, and phone calls into a simple, easy-to-use, multi-user web-based platform.

          This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of osTicket on a Debian 11 (Bullseye).

        • Ayoyimika Ajibade: Nodejs 16 and Webpack 5 transition in Debian

          Transitioning is a concept in Debian about maintaining only one version of a library like webpack, nodejs. There is a bottleneck as other libraries and applications may not support the version we have in Debian. So we have to port that software which For example, node-mini-css-extract-plugin, node-mermaid and so many packages uses webpack. In buster we had webpack4 and in bullseye, we want to update it to webpack5. node-mini-css-extract-plugin already supports webpack5, but others like node-mermaid don't support it yet. So either we wait or we help those projects to update their webpack version. Check out this chat between my mentor and a community member on transitioning of rails6

        • Caleb Adepitan: Everybody Struggles

          I often get intimidated by the brilliance of others by just looking at them from a distance seeing how radiantly they gleam in their knowledge. I often feel like I'm not doing enough or I'm just meant to be a mediocre and there's nothing I can do to be more than that. I often feel like everyone except me is a genius, and are impeccable unlike me.

          But maybe I'm just at a point these people had previously been at, and have now gone past. Maybe it's my time to steer the wheel they once steered, or maybe they aren't even what they seem to me to be and it's all just a misrepresentation cooked up by an imperfect mind. Hmm...it has to be that. A “perfect” portrait painted by an imperfect mind which when found out renders every stroke in the portrait imperfect. It has to be that or all.

        • Everyone Struggles

          As a software developer struggling to grasp both basic and advanced knowledge of a concept can seem daunting, much like learning anything new, you can be overwhelmed when you are surrounded and know there is a whole lot of other new concept, tools, process, languages you have to learn that are linked to what you are currently learning, as you are struggling to grasp the fundamental idea of what you are currently learning. imbued in any struggle to get a solution to the problem is where innovation and inventions lie in, and our learning becomes improved as we dive into fact-finding, getting your hypothesis after a series of tests and ultimately proffering a solution

          Some of my struggles as I intern with Debian has been lack of skill of the shell scripting language as that is one of the core languages to understand so as to navigate your way around maintaining packages for Debian, also funny enough having just an intermediate knowledge of the javascript programming language as arguably having a basic knowledge of javascript is necessary to building and testing javascript packages in Debian as I know only the basic of javascript since my core language is Python, that I struggle with. The good thing is that the more I keep at it the faster the chance of the struggles reducing

      • Canonical/Ubuntu Family

        • Linux Mint Edge Is Ready for the Newest Hardware
          Linux Mint 20.3 is now widely available and ships with kernel 5.4. For anyone that uses the latest-gen hardware, that older kernel could be problematic. So, for those Mint users who do have hardware unsupported by the 5.4 kernel, there’s now an option.

          Linux Mint 20.3 Edge is a version of the distribution that ships with kernel 5.13.0-25, which means you’ll find more new hardware supported. By employing this new kernel, Edge adds support for Apple M1 (initial support), preliminary Intel Alder Lake S graphics, AMD GPU Freesync/Adaptive-Sync HDMI, AMD Alderbaran accelerator, generic USB display, Loongson 2K1000, preparations for Intel discrete graphics, and Intel DG1 Platform Monitoring Technology.

        • Choose the best Docker image for the job at hand

          Docker images revolutionized the computing world, but not all images are created equal. Let's look at how to choose the best Docker image for the job at hand. Because while there are many suitable images your organization could choose, the best option depends on its context.

          The difference in requirements between production-use and quick-and-dirty Docker images is vast. For personal use, a quick, disposable image works. For production images, official, stable and well-supported images work best. A single WordPress image is good for personal use, but not for a business. That said, WordPress is available as an official image.

          In production, it is better to build your own container images to ensure the quality of the Docker image.

          [...]

          Ubuntu. This is one of the most downloaded Docker images in the industry. It is the official OS for Ubuntu and is used as a base image for nearly every type of server OS. It is a small, slim image designed to be built upon. This image is easy to expand and include what resources are needed for a given task.

          Alpine. For those who want something smaller, the Alpine Linux Docker image is the way to go. It is great to run on systems with constrained resources, but Alpine management requires a higher skill level and is not as user-friendly as Ubuntu. Unless there is an overriding reason to use Alpine, keep to the Ubuntu mainstream environment.

          Nginx. Nginx is the current hot web and proxy server. This image is designed to be tiny and respond to use out of the box via mount point for the files.

          MySQL. MySQL databases are a staple of the open source world. This container is easy to download, has a disposable SQL server for experimenting and can be deleted easily when finished. This is part of the benefits of Docker containers in general -- build, use and throw away.

        • Hands-on: Comino Grando RM-S

          Three of the VMs get 16 cores of the 3975WX, 64GB of RAM and an RTX 3090 each. The fourth VM only receives 14 cores and 50GB of RAM and still possesses its own discrete RTX 3090. This discrepancy is due to some resources being dedicated to running Ubuntu LTS. This manages all of the VMs, and without it, none of these powerful VMs would be able to function at all.

          Ubuntu LTS

          Software and hardware is directly managed through Ubuntu LTS installed onto a 2TB drive. This is the beating heart of the Comino Grando RM-S, and you’re able to further manage the configuration from here, which is incredibly complex. The native Linux LTS package offers the opportunity to monitor each VM’s usage and resources individually for full control over maintenance and diagnostics, giving you easy access to resolve any issues.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Orion Browser: A Future Best Web Browser for the Mac?

          Today in Tedium: It’s often been suggested that the web browser is at real risk of becoming a monoculture, all thanks to the browser engine behind most of our clicks. Chromium and its forked-off predecessor WebKit are everywhere, defining the frame through which we access the internet. (Not helping is the fact that Firefox, the internet’s third rail, occasionally has a show-stopping problem, like the issue with HTTP/3 that made it briefly unusable last week.) The concerns about the market becoming driven by just one or two browsers is a key reason why the browser market appears to be evolving in a way probably not seen in quite some time; a lot of new browsers are in the works these days! Sure, there are some quite-good options that are fairly established at this point, like the power-user-focused Vivaldi, that appear to be focused on more specific niches, but the mainstream seems like something of a lost cause. So what makes someone want to reinvent the wheel and make a mainstream play on one of the most common things in all of tech? Well, I asked someone who’s working on a hot new browser. (Perhaps you’ve heard of it? It’s called Orion.) Today’s Tedium talks browsers, ad-tracking, and shifting paradigms

          [...]

          $49

          The amount that Netscape charged for version 3.0 of its Navigator software, which at the time was competing against version 3.0 of Microsoft’s Internet Explorer, which was available for free. (It was, admittedly, something of a leaky-faucet business model, akin to shareware.) In a 1996 review in Fast Company, reviewer John R. Quain made the case that Netscape was a better deal despite the significant cost difference by saying this: “When did you hear of Bill Gates giving away for free something you’d want? Bottom line: cough up the $49 for Navigator.” Most people did not heed this advice, and within a few years, Netscape’s 80 percent market share was basically gone, in favor of a free (and dominant) Microsoft browser.

        • Mozilla

          • Firefox Nightly: These Weeks in Firefox: Issue 107

            Mozilla has a booth at FOSDEM with some talks scheduled. Come hear us talk about Firefox Development, Searchfox, Common Voice, SUMO and more!

          • Foxstuck: Firefox browser bug boots legions of users offline

            In a hard-to-beat demo of the perils of software telemetry, Mozilla accidentally kicked legions of users offline last week by an update to its telemetry servers that triggered an existing bug in Firefox. Internally, Mozilla is calling the bug "foxstuck".

            Firefox periodically reports back some fairly innocuous info, including how long your session lasted, how many tabs and windows you had open, what extensions you have and so on. You can see a list by entering about:telemetry in the address bar.

      • Productivity Software/LibreOffice/Calligra

        • OnlyOffice 7.0 Released with Form Filling, Windowed Mode + More

          ONLYOFFICE 7.0 is now available to download for Windows, macOS and Linux.

          As the first major update to this free, open source office suite this year you won’t be surprised to hear it’s a fairly big one with a wide range of tweaks, features, and improvements included.

          ONLYOFFICE 7.0 (that’s how they stylise the name; it’s not me shouting) inherits all of the improvements in the cloud-side version the suite, such as the ability to create and edit forms (often distributed in the .docxf format). Filled-in forms can be saved as a PDF file to share elsewhere or the native .oform format.

        • ONLYOFFICE 7.0 released

          Version 7.0 of the ONLYOFFICE office suite is available.

        • ONLYOFFICE 7.0 Brings Online Forms and Big Updates for All Editors

          Fillable forms, password protection, and version history in spreadsheets are just some of the new features in this ONLYOFFICE 7.0 release.

          ONLYOFFICE is a free cross-platform business-class productivity platform designed for internal team collaboration. It’s unique in that it includes document, spreadsheet, and presentation editors in a single desktop app.

          This open-source Office alternative works with the most popular file formats including DOCX, ODT, XLSX, ODS, CSV, PPTX, and ODP, and is free to use on Linux, Windows, and Mac platforms. In addition, ONLYOFFICE can be integrated with popular sync and share apps, such as ownCloud, Nextcloud, and Seafile.

          Recently, a new version ONLYOFFICE 7.0 was announced by the team. With that said, let’s quickly take a look at what’s new.

        • LibreOffice Sees New Activity For Compiling To WebAssembly - Phoronix

          Last May there was some work on compiling LibreOffice to WebAssembly as another means of getting this open-source office suite executing within the web browser and other environments. It had been quiet since on the LibreOffice WASM front but a number of new commits were merged this morning.

          [...]

          This activity comes with LibreOffice 7.3 already being branched ahead of its release in February, so we'll see how much more WebAssembly development activity and interest there is for the office suite's cycle ahead to see what sort of shape it will be in come August. Outside of safe browser execution, there is growing interest among many for WebAssembly to be a portable format for software on the desktop with various run-times / implementations for sandboxed execution in a performant manner.

      • Public Services/Government

        • Help Chile write free software values, privacy, and digital sovereignty into their constitution

          For those out of the loop, a group which included myself up until recently, Chile is in the midst of a revolution. They’re fighting against the increased cost of living, privatization of essential services, and worsening inequality — problems facing everyone who lives under capitalism around the world — but in Chile’s case, the people actually seem to be winning. The Chilean people voted overwhelmingly in favor (80% with a 50% turnout) of rewriting the constitution, a constitutional convention has been assembled, and a call has been made for the Chilean people to re-define their country’s values.

          One of the answers to this call arrived in my inbox courtesy of Felix Freeman, a Chilean hacker and activist for free software, free culture, and free knowledge, who asked me to signal boost Propuestas constitucionales para Chile en la era de la información, three proposals to establish the following principles in the foundations of Chilean law...

    • Standards/Consortia

      • Font-independent pixel-perfect negative CSS text-indents

        The CSS text-indent property is used to offset the first line of text in a text block from the parent element’s inner box (the content area). It behaves like the padding-inline-start property, but only for a paragraph’s first line of text. It’s meant to allow your design to e.g. indent the first line to designate the start of a new paragraph (a more compact alternative to separating paragraphs by empty lines).

        The text-indent property has some additional uses with negative values. In this article, I’ll explore how the property can be used to implement hanging punctuation and list item markers. I’ll also discuss how difficult it is to know how many pixels to subtract for the desired effect, and how you should implement it instead. Some familiarity with CSS syntax, layout concepts, and common properties is assumed.

        The CSS Text Module includes a hanging-punctuation: first property. It’s meant to let leading paragraph punctuation, such as opening quotation marks in a blockquote, be hung adjacent to the first paragraph but be outside the content area. This effect lets the text itself maintain a rigid line against the left-side gutter.

  • Leftovers

    • Hardware

      • Giving Vintage Synths New Life In A Potentiometer Cleaning Showdown | Hackaday

        As anyone who has ever owned a piece of older equipment that has a potentiometer in it can attest to, these mechanical components do need their regular cleaning ritual. Whether it’s volume knobs on a receiver or faders on a mixer, over time they get crackly, scratchy and generally imprecise due to the oxidation and gunk that tends to gather inside them.

    • Integrity/Availability

      • How CTAP2.0 made UserVerification even more confusing — Firstyear's blog-a-log

        I have previously written about how Webauthn introduces a false sense of security with how it manages UserVerification (UV) by default. To summarise, when you request “preferred” which means “perform UV if possible”, it can be bypassed since relying parties’s (RP) do not check if UV was actually performed, and Webauthn makes no recommendations on how to store credentials in a manner that allows future checking to ensure UV is requested or validated correctly.

        From this, in Webauthn-RS we made the recommendation that you use either “required” to enforce all credentials have performed UV, or “discouraged” to request that no UV is performed by credentials during authentication or registration.

        At the same time, in the Webauthn-RS project we begun to store two important pieces of credential metadata beyond the Webauthn specification - the result of UV from registration, and the policy that was requested at the time of registration. We did this because we had noticed there were classes of credentials, that even in “discouraged” would always verify themself at registration and authentication. Because of this property, we would enforce that since UV was performed at registration, we could continue to enforce UV on a per credential basis to detect possible credential compromise, and to further strengthen the security of credentials used with Webauthn-RS.

      • Proprietary

        • Pseudo-Open Source

        • Security

          • Sysjoker: The Malware Hiding In Plain Sight - Invidious

            Modern malware is boring but by being boring it can hide in plain sight, this is Sysjoker the malware that hides as a system update and runs on all 3 major updates

          • Security updates for Wednesday [LWN.net]

            Security updates have been issued by CentOS (firefox, gegl, kernel, and thunderbird), Debian (nvidia-graphics-drivers), Fedora (btrbk and thefuck), Mageia (clamav, kernel, kernel-linus, vim, and wpa_supplicant), openSUSE (java-1_8_0-ibm, jawn, nodejs12, nodejs14, SDL2, and virglrenderer), Red Hat (gegl, gegl04, java-17-openjdk, and kernel-rt), Scientific Linux (gegl and httpd), SUSE (apache2, firefox, java-1_7_1-ibm, java-1_8_0-ibm, libvirt, nodejs12, nodejs14, openstack-monasca-agent, spark, spark-kit, zookeeper, python-Django, python-Django1, python-numpy, SDL2, and virglrenderer), and Ubuntu (byobu, clamav, and ruby2.3, ruby2.5, ruby2.7).

          • Identifying Malware By Sniffing Its EM Signature | Hackaday

            The phrase “extraordinary claims require extraordinary evidence” is most often attributed to Carl Sagan, specifically from his television series Cosmos. Sagan was probably not the first person to put forward such a hypothesis, and the show certainly didn’t claim he was. But that’s the power of TV for you; the term has since come to be known as the “Sagan Standard” and is a handy aphorism that nicely encapsulates the importance of skepticism and critical thinking when dealing with unproven theories.

            It also happens to be the first phrase that came to mind when we heard about Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification, a paper presented during the 2021 Annual Computer Security Applications Conference (ACSAC). As described in the mainstream press, the paper detailed a method by which researchers were able to detect viruses and malware running on an Internet of Things (IoT) device simply by listening to the electromagnetic waves being emanated from it. One needed only to pass a probe over a troubled gadget, and the technique could identify what ailed it with near 100% accuracy.

          • The Linux Foundation Announces SupplyChainSecurityCon will be Featured Under the Open Source Summit North America 2022 Conference Umbrella
          • The Linux Foundation Announces SupplyChainSecurityCon will be Featured Under the Open Source Summit North America 2022 Conference Umbrella
          • Linux admins urged to patch full-disk encryption bug that allows decryption without a password [Ed: Requires physical access]

            Linux admins have been urged to patch a high-risk, full-disk encryption (FDE) vulnerability impacting Linux Unified Key Setup (LUKS) encryption software and its crytpsetup programme, which could allow an attacker with physical access to a system to decrypt data on the machine without using a password.

            The issue, indexed as CVE-2021-4122, impacts LUKS 2.2.0 and later, according to Milan Broz, a cryptsetup administrator, who was credited for discovering the bug.

          • Reproducible Builds: Debian and the case of the missing version string

            If you’ve been following my twitter recently you probably noticed there’s now a rebuilderd based Debian rebuilder run by the Purdue Trustworthy Software Ecosystems Lab. The rebuilder backend - the code that’s actually re-creating the build environment and running the build - is debrebuild.py, written by Frédéric Pierret from the QubesOS project. The setup as a whole automatically monitors packages in Debian unstable, then downloads the source code, build-dependencies and attempts to compile a bit-for-bit identical binary package. If this succeeds, the package is marked as “reproducible”.

            The 62.89% reproducible number is currently significantly lower than the 94.6% reproducible number reported at tests.reproducible-builds.org/debian/. This blogpost is diving into why that is and why there are different challenges in “rebuilding” done in this setup vs “build environment fuzzing”2 done by tests.reproducible-builds.org.

          • Protect your PHP website from bots with this open source tool | Opensource.com

            PHP is a widely-used programming language on the web, and it's estimated that nearly 80% of all websites use it. My team at CrowdSec decided that we needed to provide server admins with a PHP bouncer to help ward away bots and bad actors who may attempt to interact with PHP files.

            CrowdSec bouncers can be set up at various levels of an applicative stack: web server, firewall, CDN, and so on. This article looks at one more layer: setting up remediation directly at the application level.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

            • Australia's privacy laws: recommendations for legal changes

              Australians’ privacy hangs in the balance as the government reviews the Privacy Act 1988 and updates the law. Here are the key legal changes Australians should fight for.

              The future of privacy in Australia is taking shape, and now is the time to take a stand. The government review of the Privacy Act is crucial to protect Australians’ right to privacy and ensure people’s control of their information in the digital environment. The resulting law will determine how Australia will enforce data protection, which is key for its success. While the government’s Discussion Paper has some good proposals, they’re not sufficient. We must push for additional improvements to the law.

              Access Now has submitted comments on the Privacy Act review, and you can read them in full here. We encourage fellow civil society organisations and human rights advocates to take advantage of all opportunities to push for changes that will shape the law for the better.

              Here are some of the most important changes we are calling for. We hope you join us to demand a privacy law fit for today’s digital world.

    • Finance

      • 'Silicon Savannah' Kenya targets loan apps abusing customer data

        Digital lenders have boosted access to credit in Kenya but some are using 'predatory' practices to profit from the poor, consumers and authorities say

        The 14 days given to John Bigingi to repay a loan of 8,200 Kenyan Shillings ($72) had barely lapsed when he started receiving text messages threatening to call the contacts on his phone and expose him as a defaulter.

        "Silence means you don't want to pay your loan which is already due," said an SMS message sent by digital lender iPesa to Bigingi and shown to the Thomson Reuters Foundation.

        "Take it serious. Your 50 contacts and emergency contacts will start receiving 20 calls and 15 messages (at) exactly 6 p.m. Pay now to avoid embarrassment!!!" read the message, which was written in capital letters.

        The 42-year-old Kenyan taxi driver was horrified.

        "I didn't understand how they got my contacts but soon after they called my closest relatives, including my brother and my wife, who didn't know about the loan," he said.

    • Internet Policy/Net Neutrality

      • How to use the new dislike-less Youtube

        You may have also heard that there's a whole bunch of new browser extensions out there, which restore the Dislike count functionality. While this is a noble effort, it is also totally misplaced. Like any solution that tries to fix a fatal flaw in the original product, it actually helps perpetuate the flaw by hiding it.

        We're all guilty of doing this. For instance, I am using Open-shell in Windows 8 and Windows 11 (which I only use for testing, mind). The real solution is, if you don't like something, don't use it. If you keep using it, the original creator or owner of the flawed product has no incentive to change it (unless materially affected). And so, if you keep using Youtube even though you HATE the change - you're doing exactly zero. It's a very simple formula. Youtube makes a change to their UI, people continue using the product, end of story. No dilemma. Nothing. Simple maffs!

        And so, I think the extensions don't actually help. They allow more people antagonistic to the change to keep using Youtube despite the change, they hide the change, and help perpetuate its status, regardless of everything else. If people still go by the Like/Dislike ratio as their gauge for the video clip quality, well all right then, be my guest. But since I think the whole metric is pointless, removing one half of it doesn't make any difference. Half of pointless is still pointless. And there are better ways. I just showed you.



Recent Techrights' Posts

On Groupthink, Mindless 'Sheep', and Toxic Online Cults
This week, treat yourself to a life free of social control media
BetaNews is Run and Written by Bots That Make Clickbait
At least one author is doing this
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 25, 2024
IRC logs for Monday, November 25, 2024
Links 26/11/2024: International Microsoft Outages, Microsoft Mass Layoffs Bigger Than Reported Last Friday
Links for the day, Deutsche Welle and CBC focus
Gemini Links 26/11/2024: Not Pagan, Emacs Wiki, and More
Links for the day
Links 25/11/2024: Egypt Harasses Bloggers, The University of Michigan Has Become Like a Corporation
Links for the day
Links 25/11/2024: Climate News, Daniel Pocock Receives a Fake/Fraudulent €17,000 Electricity Bill
Links for the day
[Meme] Microsoft: Our "Hey Hi" Hype is Going So Well That We Have MASS Layoffs Every Month. Makes Sense?
Contradiction
Latest Mass Layoffs at Microsoft Are Confirmed, Bing and Vista 11 Losing Market Share
They tried to hide this. They misuse NDAs.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 24, 2024
IRC logs for Sunday, November 24, 2024
Gemini Links 25/11/2024: Purity and Cory Doctorow's Ulysses Pact, Smolnet Portal and SGI
Links for the day
Technology: rights or responsibilities? - Part VIII
By Dr. Andy Farnell
GNU/Linux Reaches All-Time High in Europe (at 6%)
many in Europe chose to explore something else, something freedom-respecting
Patents Against Energy Sources That Reduce Pollution
this EV space (not just charging) is a patent mine field and it has long been that way
DARPA’s Information Innovation Office, Howard Shrobe, Values Compartmentalisation But Loses the Opportunity to Promote GNU/Linux and BSDs
All in all, he misses an opportunity
Wayland is an Alternative to X
the alternative to X (as in Twitter) isn't social control media but something like IRC
BetaNews, Desperate for Clicks, is Pushing Donald Trump Spam Created by LLMs (Slop)
Big clap to Brian Fagioli for stuffing a "tech" site with Trump spam (not the first time he uses LLMs to do this)
[Meme] Social Control Media Bliss
"My tree is bigger than yours"
Links 24/11/2024: More IMF Bailouts and Net Client Freedom
Links for the day
Gemini Links 24/11/2024: Being a Student and Digital Downsizing
Links for the day
Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular