General availability of Elasticsearch 8 was announced last week. There were quite a few rumors that it will break compatibility with third party tools. I tested it as soon as I had a little time: I am happy to share that anything I tested with the elasticsearch-http() destination of syslog-ng still seems to work perfectly well with the latest version of Elasticsearch.
Ensuring the reliability of SIG Node upstream code is a continuous effort that takes a lot of behind-the-scenes effort from many contributors. There are frequent releases of Kubernetes, base operating systems, container runtimes, and test infrastructure that result in a complex matrix that requires attention and steady investment to "keep the lights on." In May 2020, the Kubernetes node special interest group ("SIG Node") organized a new subproject for continuous integration (CI) for node-related code and tests. Since its inauguration, the SIG Node CI subproject has run a weekly meeting, and even the full hour is often not enough to complete triage of all bugs, test-related PRs and issues, and discuss all related ongoing work within the subgroup.
Over the past two years, we've fixed merge-blocking and release-blocking tests, reducing time to merge Kubernetes contributors' pull requests thanks to reduced test flakes. When we started, Node test jobs only passed 42% of the time, and through our efforts, we now ensure a consistent >90% job pass rate. We've closed 144 test failure issues and merged 176 pull requests just in kubernetes/kubernetes. And we've helped subproject participants ascend the Kubernetes contributor ladder, with 3 new org members, 6 new reviewers, and 2 new approvers.
The Node CI subproject is an approachable first stop to help new contributors get started with SIG Node. There is a low barrier to entry for new contributors to address high-impact bugs and test fixes, although there is a long road before contributors can climb the entire contributor ladder: it took over a year to establish two new approvers for the group. The complexity of all the different components that power Kubernetes nodes and its test infrastructure requires a sustained investment over a long period for developers to deeply understand the entire system, both at high and low levels of detail.
Kubernetes and containerized workloads have become a de facto standard of the modern IT landscape, delivering unprecedented agility – on-premises, in the cloud, and across clouds. Managing resource costs in this dynamic environment can be challenging for organizations of any size. We’ve invited Kubecost, a SUSE One partner, to share some highlights of its approach and capabilities that enable SUSE Rancher customers to better manage their Kubernetes infrastructure costs.
Rob La Gesse, whose career spans business, military, politics and other fields, tells Doc Searls and Katherine Druckman how inventive marketing helped make Rackspace a social media star while the company also teamed up with NASA and others on OpenStack, which is still helping grow the cloud business outside of Amazon.
I didn't know AmogOS was still being updated but apparently it is and the developer decided to add a crypto miner into the website for the memes but it does raise a more interesting question is this a valid way to fund a website as opposed to advertising.
Intel's Raptor Lake processors will utilize a next-gen Raptor Cove core configuration and deliver as many as 24 cores and 32 threads. Initially, the 13th gen Intel CPUs will offer 8 Raptor Cove and 16 Gracemont Enhanced cores for the highest SKU accessing a sum of 32 threads. In total, the new Intel family will offer 36 MB of L3 cache for all bodies and 18 MB of L2 cache, reaching a total of 54 MB of Smart Cache for the premium Raptor Core chipset.
Intel is estimated to feature 2 MB L2 / 3 MB L3 cache per Raptor Cove core while each Gracemont Cluster will showcase 4 MB L2 and 3 MB L3 cache — a total of 36 MB L3 cache across all cores, 16 MB (2x8) P-cores, and 16 MB (4x4) E-cores. The 125W Intel Raptor Lake-S variant will offer a PL1 rating of 125W, PL2 rating of 188W, and PL4 rating of 238W. In performance modes, Raptor Lake is rumored to provide between 125W to as high as 314W.
An exploitable bug sitting in a popular Linux kernel module, has been found after five years, researchers have claimed.
Detailing the findings in a blog post, researcher Samuel Page from cybersecurity firm Appgate said the flaw was a stack buffer overflow, found in the kernel networking module for the Transparent Inter-Process Communication (TIPC) protocol.
Page describes TIPC as an IPC mechanism designed for intra-cluster communication. “Cluster topology is managed around the concept of nodes and the links between these nodes,” he says.
While we have pretty good support for screen sharing on Wayland in WebRTC, which is included in browsers like Chromium or Firefox, it is still not enabled by default in Chromium and it is kept behind a flag. Not only you have to remember to always enable it for new configurations, but for many users it is not even something they are aware of. This has been my main focus recently and I would like to share with you steps that has been done and what are the plans for the future.
Linux users running one of Intel's Alder Lake CPUs will likely see a big performance boost following the release of Linux 5.16.
When Intel's 12th-Gen Core processors launched during the third quarter of last year, their performance was much better when running Windows 11 as opposed to Linux likely due to the new scheduler in the latest version of Microsoft's operating system.
Now though as a result of Linux kernel improvements since the release of Linux 5.16, the open source operating system is now capable of squeezing out better performance than Windows 11 on Alder Lake processors.
When I finish with a project, I often like to take all the files I've created for the project and put them into an archive. It not only saves space, but it gets those files out of my way, and prevents them from turning up as results when I use find and grep to search through files I consider current. Once files are in an archive, they're treated as a single object by your filesystem, which means that you can't browse them the way you can a normal folder. You could unarchive them, or you could open a terminal and run the appropriate archive command, such as tar, to list the contents of the archive. Or you can use an application like Ark to list, preview, modify, and manage your archives.
In order to measure the water level of the tank to avoid overflow. Water level sensor with Arduino Uno microcontroller is the best and cheap option.
In this tutorial, I’ll show you how to interface the water level sensor with Arduino Uno. This tutorial will explain the coding, connection diagram, and components list required for doing it. If you have measured the water level in the tank and turned the motor off once it is full, or you have a leakage problem, a water level sensor is a solution to all your problems.
Amazon Cloud (AWS) offers a number of services that aid with container orchestration, including Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), Amazon LightSail, and Amazon Elastic Container Registry (ECR). In this article, we will learn about Amazon EKS, which is Kubernetes in AWS cloud.
In this video, we are looking at how to install Steam Link on Zorin OS 16.
Discord is a fast messaging and digital distribution platform that users can use to communicate with voice calls, video calls, text messaging, media, and files in private chats or as a part of communities called “servers.” Servers are persistent chat rooms and voice chat channels accessed via invite links. It runs on Windows, macOS, Android, iOS, Linux, and web browsers.
Discord is a direct messaging app first created as a medium for easy communication between gamers. Although it was first launched in 2015, it became popular, becoming a general use platform where users can pass information through video calls, voice calls, and text messaging.
Apart from allowing one to create servers (a collection of chat rooms and voice chat mediums that are accessed through invite links), Discord can also be used on any device and is available in thirty different languages.
It works on Linux, Windows, Android, macOS, iOS, iPads, and web browsers. As of 2021, Discord has garnered over three hundred and fifty million (350 million) registered users with over a hundred and fifty million (150 million) active users per month.
The Linux operating system offers commands to create and delete users and check which ones are logged in. However, there’s no command to list users, logged in or not, on the system.
Still, there are a couple of ways to pull this off. If you want to learn how to list users in Linux, follow our steps below.
Today we are looking at how to install MusE DAW workstation on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
The manubot cite command-line interface retrieves and formats bibliographic metadata for user-supplied persistent identifiers like DOIs or PubMed IDs. The manubot process command-line interface prepares scholarly manuscripts for Pandoc consumption. The manubot process command is used by Manubot manuscripts, which are based off the Rootstock template, to automate several aspects of manuscript generation. See Rootstock's manuscript usage guide for more information.
I’ve been having a lot of fun with Cardboard, the scrollable tiling window manager (WM) (STWM) for Linux. It’s quite an unusual WM, and it’s really only at the prototype stage. After the initial learning curve, I found that it helped me stay focused on one task, and it greatly reduced how much time I spent rearranging my windows.
You’re probably most familiar with a stacking WM; an environment where you [mostly manually] arrange windows next to – or on top of each other. This is what you’ll be familiar with from Windows and MacOS.
Cardboard automatically arranges all windows side-by-side on a continuous scrolling horizontal plane.
Neil McGovern is stepping down as the executive director of Gnome Foundation. In a Valentine’s Day blog, McGovern said it’s time for someone else to have a go at running the organization that produces Linux’s most used desktop environment.
The announcement came a week-and-a-day after FOSDEM, the huge EU-based open source developer’s conference that was this year held entirely online due to the ongoing pandemic. This is noteworthy because FOSDEM is where the gig he’s leaving behind began.
In the code review cycles for some of the PWA project PRs I’ve put out, the question has been raised about the proper way to version D-Bus APIs, since I am adding a new D-Bus API to GNOME Web. I learned a couple things and thought I’d share in case it’s useful.
Since I discovered Listenbrainz, I always wanted to integrate it with Calliope, with two main goals. The first, to use an open platform to share and store listen history rather than the proprietary Last.fm. And the second, to have an open, neutral place to share playlists rather than pushing them to a private platform like Spotify or Youtube. Over the last couple of months I found time to start that work, and you can now sync listen history and playlists with two new cpe listenbrainz-history and cpe listenbrainz commands. So far playlists can only be exported *from* Listenbrainz, and the necessary changes to the pylistenbrainz binding are still in review, but its a nice start.
There are moments when I think, “I miss the old days of Linux when things were a bit more challenging.” I know … it’s crazy, right? We don’t ever want to move in reverse, it’s always forward, forward, forward. And with Linux, forward means modern, productive, user-friendly and just works. So, when I harken back to those days of yore, I remember the ncurses installers, the challenging network configurations, the manual building of just about any package you want to install.
It wasn’t easy but it certainly set me up to succeed with modern Linux distributions. After all, if you were able to work with those early releases, this new age of simplified Linux is a cakewalk.
But, again, every so often I want to remind myself from whence I came.
Ergo, I decided I need to kick the tires of the latest release of Slackware.
Slackware 15 was only just recently released. This latest iteration was in development for six years. Six. Years. To put that into perspective, when Slackware 15 started its development process, Ubuntu 16.04 had just been released (we’re about to see the release of Ubuntu 22.04).
This new version of Slackware, includes kernel 5.15, KDE Plasma 5.23, support for both Qt4 and Qt5. In fact, the changes between Slackware 14 and 15 are too numerous to list. This is, for all intents and purposes, a completely different version of the same distribution. Everything is new, everything is improved and everything is fresh.
Cockpit used to interfere with browser history. Clicking the back button would frequently get into a loop. Browser history handling is now fixed, so navigating back works as expected.
Additionally, back and forward buttons have been added to Cockpit Client, the desktop app to connect to Cockpit servers using SSH.
Maybe the Xiaomi Cyberdog will soon be able to write its very own hands-on, introduction included. Until then, you will have to make do with me: I had the opportunity to spend an hour with the robot dog from the future and talk to Xiaomi about the vision behind the Cyberdog. Read and see more in our first hands-on.
[...]
Ubuntu, a Linux distribution, is used as the operating system of choice. As mentioned at the beginning, Xiaomi initially targets developers with the Cyberdog to open up other possible fields of application. In the "lifestyle" sector, the manufacturer sees the robot as a guaranteed house-trained toy or as a supplement to the smarthome. In China, Xiaomi's own voice assistant Xiao AI runs on the Cyberdog.
MWC Barcelona is the world’s most influential exhibition for the connectivity industry. Since open source software is a key component of innovation and technology improvements in that space we will be there as well. Ubuntu is the most popular linux operating system but our scope extends far beyond the OS itself. VNF and CNF infrastructure with OpenStack and Kubernetes. Bare metal automation with MAAS. Key, telco specific open source projects like OpenRAN, Magma, OSM, OMEC and others are also part of the Canonical story, as we are trusted, carrier grade distributor of open source in telco.
Before MWC starts I would like to direct your attention to some hot topics we will be talking about in Barcelona, and invite you to our telco community so that your voice is heard and taken into consideration.
Since they were introduced in 2007, Launchpad’s Personal Package Archives (PPAs) have always been hosted on ppa.launchpad.net. This has generally worked well, but one significant snag became clear later on: it was difficult to add HTTPS support for PPAs due to the way that cookies work on the web.
Launchpad uses a cookie for your login session, which is of course security-critical, and because we use multiple domain names for the main web application (bugs.launchpad.net, code.launchpad.net, and so on), the session cookie domain has to be set to allow subdomains of launchpad.net. We set the “Secure” flag on session cookies to ensure that browsers only ever send them over HTTPS, as well as the “HttpOnly” flag to prevent direct access to it from JavaScript; but there are still ways in which arbitrary JS on an HTTPS subdomain of launchpad.net might be able to exfiltrate or abuse users’ session cookies. As a result, we can never allow any HTTPS subdomain of launchpad.net to publish completely user-generated HTML that we don’t process first.
[Kent VanderVelden] has come up with an interesting VR system to assist operators who are monitoring CNC lathes. (video, embedded, below) The idea is to first produce a ‘frozen’ video stream of the workpiece. This was achieved by placing a high-speed camera above the lathe, and triggering an image capture, synchronized to the rotational position of the workpiece. A high-speed rotary encoder, attached to the tailstock via a belt drive, feeds the current position into an Altera Terasic DE-Nano FPGA eval board. This is then compared to the position from another encoder, doing duty as an angular set point control. The resulting signal is used as the camera trigger to generate a video stream of just the frames where the angle is as selected by the operator, thus giving the impression of a frozen position. The video stream is sent over to a client device based on a Raspberry Pi 4 with a UPS hat, allowing it to be portable.
This video stream is overlaid with details of the current machine position, as well as the LinuxCNC G-code being executed and a graphical representation of the operation being performed by the machine. This combined video is then fed to a Vufine VUF-110 wearable, which is minimally invasive, allowing the operator to clearly see the machine of interest. As [Kent] suggests, there are many possible usage scenarios for such a setup, including remote monitoring of multiple operating machines by a single operator.
Simula One is a $2699 standalone Linux headset with a “no earlier than Q4 2022” shipping target.
While all current standalone VR headsets use Qualcomm Snapdragon chips, Simula One will use a Intel i7 chip intended for high end laptops – the most powerful chip in any announced standalone headset. It will come preloaded with SimulaOS, an open source Linux distribution designed for VR. Using an x86 architecture chip means any existing Linux desktop apps should run on the headset – Qualcomm chips use the ARM architecture, which enables better power efficiency but can’t run PC applications.
If you want to measure the blueness of an object, you can shine a pure blue light at it and then measure the reflected light intensity with a photodiode. Do the same for red and green light, and you can get an RGB color value. Conversely, you can shine a white light at an object and use three photodiodes with the appropriate color filters to calculate your RGB levels. This sorter, built by Redditor Dumjim, relies on these principles to organize large quantities of beads.
This machine sorts the kinds of beads used for beadwork crafting. Those may come in individual containers, but they soon end up mixed up. But now, Dumjim can quickly and easily sort those beads by color. It utilizes a 3D-printed frame and mechanisms, which Dumjim designed in Autodesk Inventor CAD software.
FairEmail is a free, open-source email client app for Android systems that protect user privacy.
It is easy to setup, configure and use even for non-technical users. It is minimal software, built to provide the best performance, and seamless user experience.
Although it looks minimal, but it is feature-rich app, it supports unlimited accounts, email boxes, offers a unified inbox and more.
[...]
FairEmail is released as an open-source project under GPL-3.0 License. The source code is available on GitHub.
Privacy online is in desperate need of reform and Mozilla’s efforts to improve the ecosystem and empower people take many shapes. We advocate to policy makers for comprehensive privacy legislation, for greater ad transparency and for strong enforcement around the world. We offer industry-leading anti-tracking protection by default to all users in the Firefox browser and offer a VPN service. But we know we cannot do it alone. Others need to change too. That’s why we work with other browser makers, ad networks, publishers and advertisers to put forward proposals that would make online advertising less privacy-invasive and improve people’s privacy. And why we push other tech companies to reinforce their privacy protections.
Data Privacy Day has come and gone. But here at Mozilla, helping educate people around online privacy is so important to us that we want to be your guide to protecting your data over the next four weeks. Save this page on Pocket, come back every Wednesday and find a couple of quick things you can do to help you live your best and most secure digital life. Don’t wait for the next data privacy settlement or breach. Put on a playlist and you’ll be done by the time your favorite song ends.
Firebird Project is happy to announce general availability of Firebird 3.0.9 — the latest point release in the Firebird 3.0 series.
This sub-release offers a few important bugfixes, please refer to the Release Notes for the full list of changes.
CrafterCMS is a free, open-source headless CMS for enterprise that uses Git-based versioning and offers multiple backend support.
[...]
CrafterCMS is released as an open-source project under GPL-3.0 License.
In June 2021, @beafialho in collaboration with @pablohoney floated the idea of giving WordPress News a new look. Today, those ideas become a reality—we’re excited to share that redesign of WordPress News is live!
The new design leans on the aesthetics of jazz, intrinsically connected to WordPress and which ultimately translates its uniqueness, historic significance and future potential. Among other improvements, the new design leaves more space for content and includes new typefaces for better readability. It also uses a color palette intended to reflect the evolving Gutenberg language.
OSS-Fuzz is a free service that continuously runs fuzzers for open source projects. This GitHub repository manages the service and enrolling in it is handled by pull requests.
Once a project has integrated with OSS-Fuzz, the fuzzers affiliated with that project run daily—continuously and indefinitely. OSS-Fuzz emails maintainers when a bug is found and also has a dashboard with details about all issues found (stack traces, artifacts for reproducing issues, and so on).
The benefits of integrating with OSS-Fuzz are that most aspects of managing fuzzer execution and analyzing the results are done by OSS-Fuzz itself. This is important in fuzzing because fuzzers build up a historical profile over time, meaning that continuous analysis is essential to maximize the results. On one project, which we detail in a blog post, fuzzing had been run on just an ad hoc basis for months, with no reports of any specific issue. However, after integration with OSS-Fuzz, the service reported an issue within about a week of continuous execution. In this case, a severe security issue was only discovered because of the continuous analysis done by OSS-Fuzz.
A couple of weeks ago, we guided you through setting up a chat application and server in our first blog of this series. This is the second and final blog of this Qt Allstack series.
[...]
Now that we have a functional chat application, it’s time to add real world features, like push notifications. Firebase Cloud Messaging allows you to send push notifications to your users while your app is not running and integrates with APNs (Apple Push Notification services). This way, you only care about one API and can have push notifications on both Android and iOS.
It is important to note here that, even though you can choose not to use Cutelyst on your backend, you still need to add Firebase support on your mobile application. It needs to link to the Firebase library so it can retrieve an unique device token. Once you have the Firebase token, you can send push notifications using any kind of server. Since the idea is to use Qt on all stacks, we will cover how to do so in Cutelyst.
Back in the ChatAppBack project, we need to fetch and link to FirebaseAdminQt. Since Google doesn’t provide a Qt/C++ FirebaseAdminSDK, I have implemented one that supports some of its features.
With my last blog on the Munin plugins CPU usage I complained about Oracle Linux doing something really weird, driving up CPU usage when running a fairly simple Shell script with a loop in.
Turns out, I was wrong. It is not OL7 that makes this problem show up. It appears to be something from the Oracle “Enterprise” Database installed on the system, that makes it go this crazy. I’ve now had this show up on RedHat7 systems too, and the only thing that singles them out is that overpriced index card system on it.
I still don’t know what the actual reason for this is, and honestly, don’t have enough time to dig deep into it. It is not something that a bit of debugging/tracing finds - especially as it does start out all nice, and accumulates more CPU usage over time. Which would suggest some kind of leak leading to more processing needed, or so - but then it is only CPU affected, not memory, and ONLY on systems with that database on. Meh.
Christopher Aker, founder and chief executive officer, Linode, added, “We started Linode 19 years ago to make the power of the cloud easier and more accessible. Along the way, we built a cloud computing platform trusted by developers and businesses around the world. Today, those customers face new challenges as cloud services become all-encompassing, including compute, storage, security and delivery from core to edge. Solving those challenges requires tremendous integration and scale which Akamai and Linode plan to bring together under one roof. This marks an exciting new chapter for Linode and a major step forward for our current and future customers.”
Under terms of the agreement, Akamai has agreed to acquire all of the outstanding equity of Linode Limited Liability Company for approximately $900 million, after customary purchase price adjustments. As a result of structuring the transaction as an asset purchase, Akamai expects to achieve cash income tax savings over the next 15 years that have an estimated net present value of approximately $120 million. The transaction is expected to close in the first quarter of 2022 and is subject to customary closing conditions.
Only one location has been announced so far: a community of 1,900 housing units named Cotino that will be built in the city of Rancho Mirage in California’s Coachella Valley (a location where Walt Disney himself once lived).
Concept art for Cotino shows villas, condos, and housing complexes clustered around a 24-acre “grand oasis,” which Disney says will offer “clear turquoise waters” powered by the Crystal Lagoons technology deployed at its resorts. Amenities will include “shopping, dining, and entertainment,” as well as a beachfront hotel and clubhouse hosting “Disney programming, entertainment and activities throughout the year.”
The real meat of the video comes toward the end however, with its explanation of the different Battery Management Systems (BMS), and a discussion of the difficulty of doing battery repair correctly and safely. Lastly, the video covers something a bit more sinister: Batteries that are made to resist being repaired with new cells; DRM for batteries, so to speak.
Had you already noticed that “So many TV shows and movies now have a dull filter applied to every scene, one that cuts away vibrancy and trends toward a boring sameness. Every frame’s color scheme ends up feeling the same as every other frame. And when there are so many projects using similar techniques, you end up with a world of boring visuals.”
I had noticed that, and it has been annoying me for years now. And yesterday, finally, the Vox published a great investigation on how and why colors vanished from TV and movies
[...]
To me, the most intriguing of those answers is the fourth: “We’re obsessed with the end of the world”, so we want to give or have confirmation (by exposition to dark scene after dark scene), but without seeing clearly enough what is the problem. Maybe because that would force to look for a solution?
[...]
The colors that disappeared from movies are all gone into the smartphones.
The James Webb Space Telescope (JWST) has become something of a celebrity here on Earth, and rightfully so. After decades of development, the $10 billion deep space observatory promises to peel back the mysteries of the universe in a way that simply hasn’t been possible until now. Plus, let’s be honest, the thing just looks ridiculously cool.
So is it really such a surprise that folks would want a piece of this marvel hanging up in their wall? No, it’s not the real thing, but this rendition of the JWST’s primary mirror created by [James Kiefer] and [Ryan Kramer] certainly gets the point across.
Blues Wireless has just launched the Wi-Fi Notecard M.2 module that can be used as a replacement to the company’s Notecard LTE Cat-M / NB-IoT M.2 modem that sells with 10 years of connectivity up to 500MB for $49 and up.
The Wi-Fi Notecard came to be as some customers wanted to have mixed deployments where cellular makes sense in some locations, while Wi-Fi is better suited to other sites. Others preferred to use WiFi during development or prototyping to save on Notecard cellular data usage.
For British teenagers in the 1980s, the delights of 8-bit computers such as the Sinclair Spectrum, Commodore 64, or BBC Micro were firmly restricted to the offline arena. We would read about the BBS scene on the other side of the Atlantic, but without cheap local calls and with a modem costing a small fortune, the chances of us ever experiencing one was zero. When we took the British school rite of passage of a trip to France though, we were astounded to see that every French person was not merely online, but that they were doing so with a neat little all-in-one terminal. We’d just been introduced to the French Minitel system, and in that minute shared a glimpse of the future.
Deci unveiled AutoNAC generated “DeciNets” models for Intel Cascade Lake CPUs claimed to be much faster and more accurate than other image classification models for CPUs. Meanwhile, Aaeon announced that the Hailo-8 NPU is available on its UP boards.
Last July, Deci announced its DeciNets family of pre-trained image classification models, which are generated from the Israel-based company’s proprietary Automated Neural Architecture Construction (AutoNAC) technology. Today, Deci said that the pre-trained DeciNets are now available for Intel Cascade Lake processors, such as 2nd Gen Xeon Scalable CPUs. The DeciNets, running on Intel’s Cascade Lake, “deliver more than 2x improvement in runtime, coupled with improved accuracy, as compared to the most powerful models publicly available such as EfficientNets, developed by Google,” claims Deci.
If you’ve had any dealings with Cat 5 and Cat 6 cable, and let’s be honest, who hasn’t, you’ve probably wrestled with lengths anywhere from 1 meter to 25 meters if you’re hooking up a long haul. Network admins will be familiar with the 0.1 m variety for neat hookups in server cabinets. However, a Reddit community has recently taken things further.
It all started on r/ubiquiti, where user [aayo-gorkhali] posted a custom-built cable just over 2 inches long. The intention was to allow a Ubiquiti U6-IW access point to be placed on a wall. The tiny cable was used to hook up to the keystone jack that formerly lived in that position, as an alternative to re-terminating the wall jack into a regular RJ45 connector.
Naturally this led to an arms race, with [darkw1sh] posting a shorter example with two RJ-45 connectors mounted back to back with the bare minimum of cable crimped into the housings. [Josh_Your_IT_Guy] went out the belt sander to one-up that effort, measuring just over an inch in length.
[rickyh7] took things further, posting a “cable” just a half-inch long (~13 mm). In reality, it consists of just the pinned section of two RJ-45 connectors mounted back to back, wired together in the normal way. While electrically it should work, and it passes a cable tester check, it would be virtually impossible to actually plug it into two devices at once due to its tiny length.
Because the research is based on information gathered since November 2020, it represents significant activity from a threat actor that allegedly had more than 90% of its infrastructure disabled a month before. That said, it was apparent within the month that Trickbot had begun to bounce back and deploy more ransomware.
According to Check Point, more than 140,000 machines have been infected by Trickbot in the past 16 months, representing customers of 60 corporations. The corporations whose customers are affected include Amazon, Microsoft, PayPal, Bank of America, Wells Fargo, American Express and others.
Microsoft’s Settings menu within Windows 11 has taken a quiet, significant step forward with the addition of subscription information, though it’s still incomplete. Nevertheless, it provides a handy starting point to understand and manage your Microsoft subscriptions.
Throughout Windows 10’s life, Microsoft offered major feature updates in the spring and fall. With Windows 11, we expected those to move back to one update per year. But all bets are off after Tuesday’s release of a handful of new “experiences.” Microsoft will release new Windows 11 features when and if it wants.
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) highlighting regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors.
[...]
CISA encourages all critical infrastructure organizations to review the joint CSA: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology and apply the necessary mitigations. For more information on Russian state-sponsored malicious cyber activity see CISA's Russia Cyber Threat Overview and Advisories page.
The top nine of 10 products with confirmed software vulnerabilities last year were desktop or enterprise versions of Linux. That’s according to the latest report from a company called Risk Based Security.
Google has released a new Chrome update for Windows, macOS, and Linux that fixes a total of 11 security issues. Of these vulnerabilities, the update patches a highly-severe zero-day bug that has already been exploited by attackers. It is known as a ‘use-after-free' vulnerability that exists in Chrome's Animation component. An attacker can exploit the bug to corrupt data or even execute a code on the system, without letting its users know. This is notably the first zero-day bug impacting the Chrome browser that has been patched by Google.
USB drives are convenient, trivially affordable, and ubiquitous. That convenience comes at the expense of security. USB drives are portable, concealable, and can be used to exfiltrate sensitive information from corporate computers and networks. For that reason, many organizations ban USB drives from the workplace and use software tools to disable USB access. Such measures are not the norm. Typically, they are deployed only in larger organizations. Elsewhere, USB drives are free to be used.
The theft of data is only one of the threats. USB drives can be misplaced and lost, exposing private and sensitive information. USB drives are typically used to transport files and move them between computers. If a drive is plugged into a computer that is infected with malware, the USB drive is infected. It then becomes a transport mechanism for the malware. USB drives are likely to be plugged into poorly-protected domestic computers as well as corporate ones, raising the risks of infection.
As well as accidental infection with malware, USB drives can be primed with malicious software and left as bait. The easiest way to do that is to camouflage a malicious program so that it looks like a PDF or document file, and hope the victim tries to open it. Others are much more subtle.
In January 2022, the FBI issued a statement regarding a new wave of USB drive-based cyberattacks, dubbed BadUSB. USB drives were posted to employees at transportation, defense, and financial organizations.
The USB drives were accompanied by convincing letters. Some purported to be from the US Department of Health and Human Services and spoke about COVID-19 guidelines. Others imitated Amazon gift boxes and even included a forged gift card. The USB drives were modified so that they attacked the target’s computers as soon as they were plugged in.
Spotify, aiming to juice sales of its podcasting ad biz, has acquired two companies in the space: Podsights, a podcast advertising measurement service, and Chartable, a podcast analytics platform for publishers.
Financial terms of the deals were not disclosed. The addition of Podsights and Chartable will help make the audio-streaming giant a more attractive partner for advertisers and publishers to do business with, according to Dawn Ostroff, Spotify’s chief content and advertising business officer.
Assistant U.S. Attorney Kathryn Rakoczy revealed that Rhodes wrote in a group chat with other co-conspirators that Jan. 6 could be "final nail" in the coffin of the United States.
A Chicago man who posted online to urge others to join massive crowds that were looting downtown businesses in the summer of 2020 has pleaded guilty to inciting and participating in a riot.
James Massey's guilty plea in federal court on Tuesday came just under a year after he was arrested. He faces a maximum prison sentence of five years in prison, but the Chicago Sun-Times reported that he will likely be sentenced to two years when he returns to court May 10.
The 23-year-old Massey was arrested after an investigation revealed that he posted a series of sometimes profane messages and videos on Facebook on Aug. 9, 2020, in which he urged people to take part in the widespread violence that erupted in the city that day and the next.
To Burns, America in 2022, teetering under the weight of propaganda and plague, is facing stark choices that will determine if it remains true to its foundational belief that “all men are created equal” or succumbs to political polarization and dysfunction.
“America is facing the greatest threat it ever has — period, full stop,” Burns says. “COVID and the unique set of political problems we are dealing with have made it the fourth great crisis. The others are the Civil War, the Depression and World War II.”
So where does that leave the rest of us? The country is in the middle of a racial reckoning and a pandemic that has killed nearly 900,000 Americans. At the same time, politicians like Donald Trump have successfully sold a myth of election fraud to the point where the majority of Republicans believe that Joe Biden is an illegitimate president.
“It’s going to take a concerted effort on the part of a lot of well-intentioned people not to stand by and just say, ‘I don’t agree with what’s going on,’ but to somehow get involved in the political process and shore up these institutions,” Burns says.
The lawsuit reportedly calls on the officials to block the release of any other information concerning the "Full House" actor's death, adding that his family "would suffer irreparable harm in the form of extreme mental pain, anguish, and emotional distress" should more details about his death "be released or disseminated to the public," the news outlet noted.
Comedian Bob Saget died after sustaining what appeared to be significant head trauma, according to a recently released autopsy report.
The 65-year-old star was found unresponsive in his hotel bed in Orlando, Florida, on January 9. Last week, Saget's family announced that he had died after he "accidentally hit the back of his head on something, thought nothing of it and went to sleep."
The turbine in question is an older generation wind turbine produced by Enercon. According to Sõnajalg, the technology used by their Eleon turbines is new and better protected against such situations.
Whenever a fresh disaster happens on the blockchain, increasingly I learn about it from the same destination: a two-month old website whose name suggests the deadpan comedy with which it chronicles the latest crises in NFTs, DAOs, and everything else happening in [cryptocurrency].
In its 2021 annual report to the U.S Security and Exchange Commission, released earlier this February, Meta noted that the present lack of a framework regulating transatlantic data transfer between the EU and the United States may leave the organization with no choice but to retract its online services, like Facebook and Instagram, from the region. Google also expressed similar concerns in January 2022, highlighting the “lack of legal stability for international data flows” facing the American and European business ecosystem. These concerns from Meta and Google come on the heels of multiple European Court of Human Rights and Data Protection Commissions rulings in European countries that have, in essence, held all current and existing frameworks for data transfer from Europe to the USA to be in breach of the EU’s General Data Protection Regulation (GDPR).
[...]
In August 2020, the Irish Data Protection Commission made a preliminary finding that Facebook’s SCC for data transfer from Europe to the USA does not comply with the GDPR. In effect, the commission required Facebook to suspend processing of any European Data on American servers. However, this has not happened yet because it is a preliminary ruling that will be followed by a final ruling in the next few months.
In December 2021, the Austrian Data Protection Authority made similar findings about a local medical news company’s use of Google Analytics, which was found to be in non-compliance with the GDPR since the use of Google Analytics required data transfer to the USA. The French Data Protection Authority followed suit, by making a similar finding about the use of Google Analytics in February 2022.