This has been yet another slow week for Linux news as we only saw a few distro releases, including Kali Linux’s first release in 2022, KaOS Linux’s second release in 2022, as well as AV Linux’s first release in 2022, which is now based on MX Linux.
Also this week, Linux phone and tablet users received a new Ubuntu Touch OTA update, KDE Plasma users got a new point release of their favorite desktop environment, and Linux gamers got a new Proton release to run the latest Windows games.
We put the sports car of Linux laptops to the test. Is it the multi-tasking machine it claims to be?
Microsoft’s stance for decades was that community creation and sharing of communal code (later to be known as free and open source software) represented a direct attack on their business. Their battle with Linux stretches back many years. Back in 2001, former Microsoft CEO Steve Ballmer famously tarnished Linux “a cancer that attaches itself in an intellectual property sense to everything it touches”. Microsoft also initiated its “Get the Facts” marketing campaign from mid-2003, which specifically criticized Linux server usage, total cost of ownership, security, indemnification and reliability. The campaign was widely criticized for spreading misinformation.
However, in recent years, there has been a partial shift by Microsoft to embrace the open source software paradigm. For example, some of their code is open sourced. Examples include Visual Studio Code, .NET Framework, Atom, and PowerShell. They have also made investments in Linux development, server technology and organizations including the Linux Foundation and Open Source Initiative. They have made acquisitions such as Xamarin to help mobile app development, and GitHub a hugely popular code repository for open source developers. And they have partnered with Canonical, the developers of the popular Ubuntu distro. But many developers remain hugely sceptical about Microsoft and their apparent shift to embrace open source.
If you are interested in learning more about how you can install Linux on your old PlayStation 4 console. You may be interested in a new demonstration video created by the team over at Linus Tech Tips. Linux master Anthony takes you through the process and explains what you can expect once you have loaded Linux onto your jailbroken PlayStation 4 system.
Whether you're interested in them as part of your job, for future job opportunities, or just out of interest in new technology, containers can seem pretty overwhelming to even an experienced systems administrator. So how do you actually get started with containers? And what's the path from containers to Kubernetes? Also, why is there a path from one to the other at all? As you might expect, the best place to start is the beginning.
[...]
You've created two containers, and you've run them in a pod. You know enough now to run services in containers on your own server. If you want to move to the cloud, containers are, of course, well-suited for that. With tools like Kubernetes and OpenShift, you can automate the process of launching containers and pods on a cluster.
In this tutorial, we will show you how to install Mesa Drivers on Ubuntu 20.04 LTS. For those of you who didn’t know, Mesa Drivers is an open-source graphics driver of Radeon, Intel, and Nvidia. Over the 20+ years in the Linux and open-source industry, the mesa drivers project has expanded to implement more graphics APIs such as OpenGL ES, OpenCL, OpenMAX, VDPAU, VA API, XVMC, Vulcan, EGL, etc
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Mesa Drivers open-source graphics drivers of Radeon, Intel, and Nvidia on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Knowing how much space a file or folder consumes on a partition is essential for a system administrator or developer. This knowledge allows you to plan for storage upgrades, manage and rotate files, and do other necessary sysadmin tasks. My favorite command for this type of data gathering is the du command.
The du command summarizes disk usage of each file and recursively for each directory. It offers many helpful options individually or in the correct combinations. For all of the options, refer to the du man page. Here is one of my favorite tricks with du.
This tutorial shows you step-by-step how to add a user to a group on Linux, with several examples using the Linux command line. It also explains how to add users and groups on Linux. The commands should work on any Linux distribution and have been tested on CentOS, Debian, and Ubuntu.
There have been many tools to perform sftp operations in Linux in the past. What is different with this tool?
Muon SSH Terminal, formerly known as a snowflake, is a GUI SFTP client for Linux, able to perform tasks related to uploading/downloading files from the remotes system, executing commands locally, monitoring system resources, and many more.
You need to configure ssh on your remote server to use this application. Then install this application in your local system to connect with that remote server over sftp protocol.
There are several ways of NGINX web server security hardening one of which is access control based on IP address. This guide explains how to secure web applications by controlling access based on a client’s IP address in NGINX.
In this article, we are going to learn about how to deploy a Kubernetes Cluster on AWS with Amazon EKS and how to install and configure AWS CLI and Kubectl to interact with the EKS cluster from commandline in Linux.
Before deploying Kubernetes cluster on AWS cloud using Amazon Elastic Kubernetes Service, make sure you have an AWS account. If you don't have an AWS account, check our Introduction to Amazon Web Services (AWS) article to know how to create one.
Since we're slowly coming up to 25 years of having IPv6, but still not actually having IPv6, I tried making a seperate local network that only has v6 access. In theory quite a few of the popular internet services should have IPv6 connectivity working.
From previous network configuration mistakes, I've learned that it takes quite a while before I notice the loss of IPv4 connectivity if IPv6 is still working. Usually, I notice that by having the search engine work perfectly fine, but none of the websites I click loading.
DBeaver is an open-source, fully-featured, and cross-platform universal database management tool and SQL client that runs on Linux operating systems, Windows, and macOS. It supports more than 80 database management systems including PostgreSQL, MySQL, Oracle, SQL Server, SQLite, DB2, MS Access, and a lot more.
MongoDB Atlas is easy and free to set up and deploy MongoDB on Heroku. The MongoDB Atlas is commonly referred to as the multi-cloud data application platform. It is an integrated data and cloud DB service that simplifies and accelerates how users build with data.
When you start building more complex cloud-native apps, selecting the proper tools and services tends to be quite overwhelming. However, that is not the case when choosing the best cloud DB service, as MongoDB Atlas is your best solution.
On the other hand, Heroku is a Platform as a Service (PaaS) that provides developers with the ability to run, build, manipulate and operate apps on the cloud. Heroku supports a multitude of programming languages.
This article guide will illustrate how to deploy MongoDB on Heroku. We shall be using the MongoDB Atlas version since it easily integrates with most Heroku applications. This process might seem complex at first, but you will realize nothing is complicated when you dive deep into it. All needed is to set your MongoDB Atlas cluster connection string to a known Heroku config variable, and you are good to go.
The Atlas edition is a fully-managed cloud MongoDB service that automates MongoDB cluster management in the cloud. It offers users auto-scaling, automated backups, complete suite management, analytic tools, and a multi-AZ tolerance fault. MongoDB Atlas is among the most sophisticated DBaaS.
Follow the steps provided herein to learn how to get MongoDB up and to run quickly. You will also be able to see how to connect the MongoDB Atlas cluster to the Heroku apps by following the in-depth guide provided in this article.
This post is about Jenkins Role-Based Access Control
RBAC is a Role-Based Access Control in which we can create the User and assign the customized permissions on the basis of Global roles, Item roles, and Node Roles.
Hello techies, as we know Kubernetes (k8s) is a free and open-source container orchestration system. It is used for automating deployment and management of containerized applications. In this guide, we will cover how to install kubernetes cluster on Rocky Linux 8 with kubeadm step by step.
We use the SSHFS command in Linux to mount a remote file system using SFTP (SSH File Transfer Protocol).
SSHFS is a filesystem client used to mount and interact with files and directories on a remote server. SSH protocol is used to encrypt data exchange between the two hosts.
FTP (File Transfer Protocol) is a networking protocol used to transfer files between two computers over a network, SFTP on the other hand in addition to performing a similar function to FTP, it incorporates a security layer used to encrypt the data being sent and received between the two machines over the internet.
Now, how do the two tools work together? Well, SSHFS is just a file system in the user space, for it to perform the function of mounting a remote file system, it utilizes SFTP.
Remove primary account from Chromebook
In this tutorial, we will show you the trick to remove the primary account from the Chromebook. Chromebook is powered by Google Chrome OS so we need to tweak the setting on Google Chrome OS to remove the primary account from Chromebook.
Grafana Loki is a log aggregation tool, and it is the core of a fully-featured logging stack.
So in this guide, we will show you how to install Joplin on Ubuntu 20.04
Joplin is a free and open-source desktop and mobile note-taking application written for Unix-like (including macOS and Linux) and Microsoft Windows operating systems, as well as iOS, Android, and Linux/Windows terminals, written in JavaScript using Electron.
Its interface is intuitive that allows users to create notes and to-do lists with just a few clicks and organize them in different notebooks.
Joplin’s workflow and featureset is most often compared to Evernote.
Multi-factor authentication (MFA; enclosing authentication, or 2FA, along with similar terms) is an electronic authentication process in which a user is given access to a website or application only after successfully introducing two or more pieces of evidence (or factors) to an authentication mechanism...
In this post, you will learn how to have your chat server based on the XMMP protocol by installing OpenFire on Debian 11.
SSL / TLS (Secure Socket Layer / Transport Layer Security) are cryptographic protocols designed to provide communications security over a computer network: web, email, instant messengers.
CA (Certificate Authoritative): worldwide recognized entity in charge of generating security certificates for third parties.
CSR (Certificate Signing Request): signing request sended to a CA.
FirewallD is software that provides the system firewall feature to protect Rocky Linux from unwanted access by disabling and enabling ports, services, or protocols. However, for users that are used to an interface such as Graphical User Interface (GUI), then the command line may seem difficult at first glance because there’s no visual representation and who are not comfortable learning the command line terminal to the possibility of having an unsecured system.
However, you can install the FirewallD GUI. This sleek and simple design program is a perfect match for those who want easy access to what’s going on in their system without having too many bells and whistles to distract them from maintaining security.
In the following tutorial, you will learn how to install and enable FirewallD and FirewallD GUI on Rocky Linux 8 Workstation.
LibreOffice is a free, open-source office productivity suite used by millions worldwide. The office suite software uses a native file format ODF or Open Document Format, an accepted and almost required structure in multiple organizations across the globe.
LibreOffice includes Writer (word processing), Calc (spreadsheets), Impress (presentations), Draw (vector graphics and flowcharts), Base (databases), and Math (formula editing).
Fedora typically has the most up-to-date packages, but it can often lag a release behind what is current. Luckily, Fedora has Flatpak natively installed so that you can grab the latest version of the LibreOffice suite.
In the following tutorial, you will learn how to install the latest 7.3 LibreOffice on Fedora Linux 35 using Flatpak.
When it comes to firewall protection for your system, the default Ubuntu UFW program is a great option. It is short for “uncomplicated firewall.” It allows users with little knowledge on how Linux IPTABLES so you can secure your home network or server without the need to learn complicated long-tail commands that is more for the sysadmin side of things.
The tutorial is aimed more at new Ubuntu desktop users, but servers can also use the same commands. You will learn how to check, enable and disable the UFW firewall and, for desktop users, install the firewall GUI to better control UFW for users that do not want to use the terminal in the future.
Fedora 36 is coming soon, and it’s packed with new features! For Workstation users, GNOME 42 and Linux Kernel 5.17 are featured but more so introduce DNS-over-TLS supported, replacing FBDEV kernel drivers with SimpleDRM, DNF/RPM copy-on-write enablement for all variants when running on Btrfs, and more.
The tutorial below will teach you how to successfully upgrade Fedora 35 to the newly released Fedora 36 Beta/Pre-Release Development branch that features the incoming GNOME 42 and Linux Kernel 5.17.
Nintendo Switch emulation, as great as it has already been, is getting even more spectacular. Today, the progress report for Ryujinx — one of the Nintendo Switch emulators available on Linux/PC — has been released for the month of January. But don’t let me do all the talking; just look at this clip for a few moments:
This clip was posted as part of their blog post. This, right here, is a comparison between GLSL, the shader language for OpenGL, and SPIR-V, the shader language for Vulkan. The difference is night and day. Observe how much more quickly the game caches shaders on SPIR-V. And also notice that SPIR-V is only using a single thread, rather than GLSL’s multi-threaded processor usage.
Not only are Valve continuing to go over third-party games, they also continue upgrading their own with a fresh update out for Half-Life 2, Half-Life 2: Episode One and Half-Life 2: Episode Two.
All three of them recently had an update that noted "UI and Input support for Steam Deck verification", although only the original Half-Life 2 has been fully Steam Deck Verified so far. This is the finalization of work that went into a Beta recently, to give them a new gamepad friendly UI.
One of the things that open source prides itself on is choice. You don't have to settle for anything you don't love. You can change your file manager, your text editor, and you even have over 24 desktops to choose from. As with many Linux users, I was pretty flexible about the desktop I used at first. I didn't know what I liked at first, because I hadn't tried everything available to me. On one auspicious day in January 2008, KDE 4.0 was released, and from the moment I laid eyes upon the Plasma Desktop, I knew that it was the Linux desktop I'd been waiting for (and having only been a Linux user for a year by that time, I guess I didn't have to wait long). Even though I have and enjoy GNOME on my laptop, Fluxbox on my Pi, and probably a few other combinations, I consider myself a Plasma Desktop user, and a member of the KDE community.
My trial with Distrobox got off to a rough start and it was mostly due to a lack of documentation. The project has a quick-start guide, some examples on installing fresh guests, and entering the guest containers. However, the documentation hasn't been fleshed out. I couldn't find anything on installing dependencies, dealing with permission issues, finding a list of supported guest distributions, or stopping containers. Hopefully these items will get added later.
As it stands, I spent most of my trial trouble-shooting issues which involved getting Distrobox installed, getting its dependencies running, and trying to figure out which Linux distributions I could install through Distrobox.
Once these issues were resolved I found using the software quite enjoyable. I liked being able to quickly install an Arch or Fedora container, experiment with it, mess it up, and then delete it - all within a few minutes. I like being able to start up a container and run a few programs without the overhead or headaches of a full virtual machine. I liked how easily guest programs, even desktop applications, integrated into the host environment.
The whole experience was very similar to my trial with JuNest last year. The setup of JuNest was a little more straightforward, but it required more trouble-shooting for some guest applications once it was up and running. JuNest also focuses exclusively on running Arch environments while Distrobox should be able to run virtually any distribution as a guest.
All in all, I think Distrobox is worth checking out, especially if you find yourself wanting to experiment with new versions of software or run packages not available on your host system.
NSH is a CLI intended for OpenBSD-based network appliances. It replaces ifconfig, sysctl and route with its own simple command language, and consolidates configuration for other daemons into one place, effectively replacing /etc/netstart and parts of /etc/rc for appliance-style usage.
“SUSE Rancher helps us accelerate the evolution of our digital offering. We can quickly and easily allocate more or fewer resources to our applications as needed and optimize infrastructure usage.” Tanja Knuser, Head of Development and Technology, Executive Board Member, CRB.
[...]
Kubernetes orchestration was the natural next step and so, in partnership with IT service provider VSHN, CRB chose SUSE Rancher as its management platform for its cost effectiveness and the ease with which it could run and automate Kubernetes infrastructure management.
Since the onset of the COVID-19 pandemic, no topic has impacted enterprises more than digital transformation. While many marveled at the rapid rate of change in early 2020 – most frequently citing McKinsey’s report that organizations advanced their digitalization by four years in a span of just six months – the sustained emphasis on digital transformation continues to shape the ways in which enterprises approach today’s business challenges.
While 2022 could see a broader return to normalcy than in 2020 or 2021, many organizations are preparing for a future that maintains and expands on the changes made to fully digitize their infrastructure and processes. In an always-online world, and with new technologies like web3 and the metaverse promising future changes to the way we work, enterprises must double down on their digital transformation initiatives to ensure they remain at the head of the pack.
From “traditional” IT positions (such as software developer, system administrator, or security analyst) to more recent titles like DevOps engineer, cloud platform engineer, or site reliability engineer (SRE), automation skills are relevant – and often required – in a great many tech roles today.
So if you’re looking to bolster your appeal on the IT job market, building automation skills is certainly a good way to do it. Automation chops have the added bonus of portability: If you don’t want to be pigeonholed into a particular title or function, automation practices and technologies may pave the way into other roles down the line, too.
One of the world’s leading graphics manufacturers is NVIDIA . It puts at our disposal a good number of hardware products to meet the needs of most users around the world. But not only do we have to thank its physical components, but at the software level we also have good solutions.
As with most of the hardware elements that we install on our PC, they need some type of software support to function correctly. Generally, here we refer to the drivers that we install in the operating system and that help to communicate both elements. A sound card , mouse, printer or webcam will always work better with a correctly updated driver and if it is from its manufacturer, the better.
Today we’re going to be using the new Kywoo3D Tycoon Slim 3D printer to print two new cases for my Raspberry Pis. I’ll be printing one in regular PLA to get an idea of the print quality that the Tycoon Slim can achieve and one in TPU, which is a flexible filament that is perfect for creating bump and drop resistant cases – but is also notoriously difficult to print with. The TPU version will be especially useful for Pi’s that you’re going to use for travelling, like a portable media server or NAS.
This 3D printer was sent to me to try out and share with you by Kywoo3D through the online 3D printing store Tinker Hive. Tinker Hive is an authorised re-seller of Kywoo3D products and they offer three payment options, with the option to pay your printer off in four interest-free instalments, making it more affordable for tinkerers to get into 3D printing.
Kywoo3D is a relatively new company to the 3D printing game, having successfully launched their Tycoon 3D printer on Kickstarter in April last year. They’ve now brought out a more compact, and cheaper version called the Tycoon Slim, and that’s what we’re going to be taking a look at and using for today’s prints.
Jolla is going to be at MWC2022, and the creators of Sailfish OS, which is an evolved version of Nokia’s MeeGo, will be showing their unique AppSupport solution for Linux platforms. These platforms are used in the automotive industry on modern digital car displays, and I’m also interested to see Jolla’s solutions. In case you are at MWC, you can find Jolla in Hall 7, stand 7G23.
Now that the Games are ending, and some 16,000 athletes, organizers, journalists and other visitors are heading home, concerns turn to what malware and other problems those who failed to heed the warnings might be carrying with them.
Converse.js is an open-source, free library that aids developers in creating browser-based chat clients.
Converse.js is a library for XMPP which means you can connect to any public XMPP/ Japper servers, or use your own XMPP server as a messaging backend.
It can be easily integrated with any web-based projects, websites, web apps or even hybrid JavaScript mobile apps.
With Converse.js developers can build a collaborative messaging solutions that runs completely within the browser.
Today we’re talking to Nnamani Ezinne Martina, who helps out in LibreOffice’s Quality Assurance project and recently became a member of The Document Foundation:
Nice to meet you, Nnamani! Tell us a bit about yourself…
I was born in Awka Anambra state and I grew up there as well. But I am a native of Amagunze, a town in Nkanu-East Local Government in Enugu state. Both are in the eastern part of Nigeria.
I graduated with a bachelor’s degree in 2017 from Nnamdi Azikiwe University, Awka, Anambra state Nigeria. After my National Service year, I went into the tech space. Years later, I had the opportunity of joining Collabora Productivity and then realized how amazing Open source technology is.
I was intrigued by the strength of community contribution then I began my journey, contributing to open source technology.
release notes:
Gearing up for a Trip Log series to port a small program from Guile-SDL to Guile-SDL2:
https://dthompson.us/projects/guile-sdl2.html
Volunteers familiar w/ Guile-SDL2 welcome!
README excerpt:
Guile-SDL is a set of modules that provide bindings for various Simple DirectMedia Layer (http://www.libsdl.org) libraries.
Most of the SDL functions are wrapped, with the exception of a few functions that are too C-centric. The SDL threads, audio and network functions are not included. However, there are (optionally configured) bindings for SDL_mixer and SDL_ttf.
Also included is SDL_gfx 2.0.26 (by Andreas Schiffler) source code (ZLIB license) and bindings for it.
This is alpha code (pre 1.0 release), tested with various, but not all, versions of Guile and SDL. It may have bugs, and the interfaces may change from version to version.
NEWS for 0.6.1 (2022-02-20):
- changes to ‘(sdl misc-utils)’
- new proc: ‘create-rgba-surface’
This returns a new 32bpp surface of the specified width and height w/ the ‘src-alpha’ flag set.
- new proc: ‘create-rgba-square’
This returns a new 32bpp square surface of the specified edge length w/ the ‘src-alpha’ flag set.
- ‘rotate-square’ fixed / extended
Previously, this proc made reference to ‘roto-zoom-surface’ in the wrong module. This undefined reference was never detected, showing how middlig to poor the test coverage was (and remains). Now, ‘roto-zoom-surface’ is properly imported from ‘(sdl gfx)’.
Another oddity is that previously, the specified ANGLE argument was subtracted by 90 prior to passing it to ‘roto-zoom-surface’. This bizarre practice is no more.
Re extension, ‘rotate-square’ now takes optional 3rd arg MKSQUARE which specifies a procedure to make a new square surface. If omitted, it defaults to ‘create-rgba-square’.
Additionally, if the rotated surface has flag ‘src-alpha’ set, the resizing blit uses ‘(sdl gfx) blit-rgba’ to do the job (otherwise ‘(sdl sdl) blit-surface’, as before).
- bootstrap/maintenance tools
upgraded:
(none)
as before:
Guile-BAUX 20211208.0839.a5245e7 GNU gnulib 2022-01-27 07:00:41 GNU Libtool 2.4.6 GNU Autoconf 2.71 GNU Automake 1.16.5 GNU Texinfo 6.8
tarballs and detached signatures:
https://ftpmirror.gnu.org/guile-sdl/guile-sdl-0.6.1.tar.lz https://ftpmirror.gnu.org/guile-sdl/guile-sdl-0.6.1.tar.lz.sig
source code:
https://git.savannah.gnu.org/cgit/guile-sdl.git/?h=p
homepage:
https://www.gnu.org/software/guile-sdl/
This is the fourth year I’m teaching my D Programming Language course at a very real university in Russia. It’s a full-term course with lectures, practical lessons, and exams, although it’s all remote now. This is the story about how I got there, the challenges I encountered, and how students sometimes surpass their teachers.
Last week the Los Angeles Times reported that half of California students did not meet standards in Math and reading and, no one should care. The state shouldn’t care, the county shouldn’t care, the districts shouldn’t care, the schools shouldn’t care, the teachers shouldn’t care, the parents shouldn’t care, and most of all the students shouldn’t care. What they all should do instead is understand. They should all have a critical consciousness and have an awareness about what is happening in homes, schools, and communities, nation and worldwide. Research shows that tests being cited are meaningless measures of anything other than social class and familiar economic wealth. Regardless of that direction we hold fiercely to the notion that tests matter. They do not.
And that’s basically it. Zigbee2MQTT (Z2M) users will have to download silabs.js file, add it to their Z2M config folder, and add the custom converter to the configuration, but this will not be necessary for too long since the device will probably be added to Z2M builds. Check out Digiblur instructions for the full details.
I have written about this technology before. It isn’t anything new. Now, a little over a week ago, it was revealed that in the year 2020, Intel had reported a half-billion dollar loss on its Optane 3D XPoint business. Yikes! Also, Intel’s Optane head left the company.
[...]
The future may not be looking good for the technology. At least, not in the near term.
Anyway, circling back to the original comment regarding the large negative financial impact, I personally feel that the root of this problem comes from the fact that the technology is manufactured and distributed under a very restrictive licencing model.
India has revealed the identities of companies that have applied to build semiconductor manufacturing facilities on its soil under a $10 billion subsidy scheme – and none are substantial chipmakers.
As The Register reported last week, a consortium of Taiwan's Foxconn and Indian firm Vedanta committed to build a plant under the scheme, despite neither company having any previous experience in the field. Now India's government has announced another two bidders: Singapore's IGSS Ventures and an outfit called ISMC.
IGSS operates an eight-inch CMOS foundry through its CompoundTek brand, which focuses on silicon photonics. ISMC is backed by a company called Next Orbit Ventures, and already had plans to build a fab in India.
The government says the three applications it has received will build product on processes ranging from 28nm to 65nm, and have collective output of 120,00 wafers each month.
Sound recording has been a consumer technology for so long now that it is ubiquitous, reaching for a mobile device and firing up an app takes only an instant. Anyone who takes an interest in audio recording further will find that while it’s relatively straightforward to make simple recordings. But, as those among you who have fashioned a pair of Shure SM58s into an X configuration with gaffer tape will know, it can be challenging to create a stereo image when recording outside the studio. In the quest to perfect this, [Kevin Loughin] has created a binaural microphone, which simulates a human head with microphones placed as ears to produce ambient recordings with an almost-immersive stereo image.
[...]
The results as you can hear in the video below the break are impressive, certainly so for the cost. It’s not the first such microphone we’ve shown you, compare it with one using a foam-only head.
On Tech Twitter, some people are known for Their Thing – for example, [A13 (@sad_electronics)], (when they’re not busy designing electronics), searches the net to find outstanding parts to marvel at. A good portion of the parts that they find are outstanding for all the wrong reasons. Today, that’s a through-hole two-pin USB Type-C socket. Observing the cheap tech we get from China (or the UK!), you might conclude that two 5.1K pulldown resistors are very hard to add to a product – this socket makes it literally impossible.
We’ve seen two-pin THT MicroUSB sockets before, sometimes used for hobbyist kits. This one, however, goes against the main requirement of Type-C connectors – sink (Type-C-powered) devices having pulldowns on CC pins, and source devices (PSUs and host ports) having pull up resistors to VBUS. As disassembly shows, this connector has neither of these nor the capability for you to add anything, as the CC pins are physically not present. If you use this port to make a USB-C-powered device, a Type-C-compliant PSU will not give it power. If you try to make a Type-C PSU with it, a compliant device shall (rightfully!) refuse to charge from it. The only thing this port is good for is when a device using it is bundled with a USB-A to USB-C cable – actively setting back whatever progress Type-C connectors managed to make.
It’s fair to say that for most of us, using a fiber optic cable for digital audio or maybe networking will involve the use of an off-the-shelf termination. We snap the cable into the receptacle, and off we go. We know that inside there will be an LED and some lenses, but that’s it. [TedYapo] though has gone a little further into the realm of fibers, by building his own termination. Faced with the relatively high cost of the ball lenses used to focus light from an LED into the end of the fiber he started looking outside the box. He discovered that spherical glass anti-bumping balls used when boiling fluids in laboratories make an acceptable and much cheaper alternative.
Users of Windows 11 Pro are set to be required to connect to the internet and sign-in with a Microsoft Account during the installation. This is already the case when installing Windows 11 Home, but now the ‘feature’ is being tested with Windows 11 Pro.
The change was revealed in the change log for the Windows 11 insider preview build 22557 (via Tom’s Guide). “Similar to Windows 11 Home edition, Windows 11 Pro edition now requires internet connectivity during the initial device setup (OOBE) only. If you choose to setup device for personal use, MSA will be required for setup as well. You can expect Microsoft Account to be required in subsequent WIP flights.”
Andrei Baranovich, a spokesperson for the Ukrainian Cyber Alliance, an activist collective, reported that his group had found backdoors to critical parts of Ukraine’s IT and operations management within two weeks of searching in 2017. Some are even advertised for purchase on the black market: “Water canals, power stations, and even the atomic energy sector—you name it, we found a way in.” The “NotPetya” cyber-attack in 2017, considered to be the most damaging in Ukraine’s history and attributed to Russia by the White House, disabled a radiation-monitoring system at the defunct but still highly contaminated Chernobyl power plant.
Josh and Kurt talk about the Coinbase Super Bowl ad. It was a QR code, lots of security people were aghast at how many people scanned the QR code. The reality is scanning QR codes isn’t dangerous. What other security advice just won’t go away?
Linux developers take less time to patch security vulnerabilities than the teams at large software companies — including Microsoft, Apple, and Google.
That is according to Google’s Project Zero, a research initiative that reports security vulnerabilities to the largest software vendors and assesses their performance in addressing them based on a 90-day deadline.
Vendors can also request a 14-day grace period if they confirm a plan to release the fix by the end of the 104-day window.
A recent report from Google’s Project Zero suggests that Linux developers fixed bugs faster than anyone. For starters, Project Zero contains a team of Google’s security analysts and is used to find zero-day vulnerabilities in open-source projects.
An interesting incident response investigation showed exploitation of a recent OAuth related consent-phishing issue. We had been asked to investigate as the organisation had noticed some odd behaviours in the mailbox of one of the exec team. The mailbox was being queried using GraphAPI and mailbox rules were being added.
Correlating logs and reviewing the forensic image of the phone, it was clear that the user had interacted with a phishing email and given permissions to a rogue application that exploited application consent to steal an OAuth token
The crisis over Ukraine is on the verge of boiling over. Russia has amassed troops on the Ukrainian border, demanding the U.S. promise not to bring Ukraine into NATO. The Biden administration rejects that demand and warns a Russian invasion will be met with harsh economic sanctions.
In the massive propaganda blitz over Ukraine, there is one place where you can find, in enormous detail, the truth about what is happening in the civil war conflict zone on a daily basis. That is in the daily reports of the Organisation for Security and Cooperation in Europe (OSCE) Monitoring Mission.
Investigators have identified a Black student is responsible for racist graffiti found over a water fountain at C.K. McClatchy High School with a message that alluded to segregation, community leaders announced Thursday.
Mark Harris, a community liaison with Sacramento City Unified School District, said the student confessed to writing “colored” on one side of the dual water fountain and “white” on the other side. He said he saw video that showed the student writing the graffiti that corroborates her confession.
Ethiopia has been diverting Nile water to fill a vast reservoir behind the dam.
Egypt, which lies downstream and depends almost completely on the Nile for its irrigation and drinking water, is worried this will affect the levels of water flowing into the country.
It therefore wants a guarantee of a certain of volume of water coming into Egypt.
The project has raised tensions with Egypt, an arid nation of nearly 100 million people, depends on the Nile for most of its water needs, including for agriculture.
Cairo claims a historic right to the river dating from a 1929 treaty between Egypt and Sudan, represented by colonial power Britain, that gave Egypt veto power over construction projects along the river.
A 1959 treaty boosted Egypt's allocation to around 66 percent of the river's flow, with 22 percent for Sudan.
Ethiopia was not party to those treaties and does not see them as valid.
The 145-metre high dam lies on Blue Nile River in the Benishangul-Gumuz region of western Ethiopia, not far from the border with Sudan.
Egypt, which depends on the Nile for about 97 percent of its irrigation and drinking water, sees the dam as an existential threat.
Kifle declined to reveal how much water was collected last year or what the target is for the coming rainy season.
The dam, which will have a total power generating capacity of 6,500 megawatts, has been a source of tensions between Ethiopia and the other riparian states, Sudan and Egypt. Ethiopia has already conducted two fillings of the dam, but the speed at which it will be filled and the amount of water that will be released during drought seasons remains unsolved.
Egypt fears a quick filling of the dam will reduce its share of Nile waters and seeks a binding legal agreement in case of a dispute.
The meeting stressed the need to reach a legal and binding solution under the patronage of the African Union (AU) in a manner that preserves Sudan's interests and its water rights, the statement noted.
A whistleblower leak to German newspaper Süddeutsche Zeitung€ and other media led to reporting on Sunday revealing that Credit Suisse—one of the world’s biggest private banks—knowingly€ accepted “corrupt autocrats, suspected war criminals and human traffickers, drug dealers and other criminals” as customers.
Data on more than 18,000 bank accounts, holding more than $100 billion was leaked. The accounts included personal, shared and corporate accounts with opened as far back as the 1940s.
Despite losing the last election by seven million votes, it is conventional wisdom that Donald Trump remains the leader of the Republican Party. Partly this reflects the Republican base. The media also plays its role: they would rather cover him like an ESPN announcer extolling Tom Brady than filling airtime with colorless androids like Mitch McConnell or Kevin McCarthy.
Want to unite conservatives and liberals in the Red and Blue states? Just mention those unreadable computer-generated bills we all get online or in the mail. Overflowing with abbreviations and codes, they are inscrutable, especially health care bills.
I haven’t had much truck with the Democratic Party since 1965 or ’66, when I was expelled from my college chapter of the Young Democrats because I said out loud that I was rooting for the Viet Cong to win the war the US government was waging against them. The only Democratic presidential candidate I’ve ever voted for was George McGovern, the antiwar senator who got the nomination in 1972. (Admittedly, I might have made some different choices if I’d ever lived in a state that wasn’t “safe” for the Democrat.) And I never donated money to Democratic candidates.
One can oppose this, but doing so can easily being assimilated into the neoliberal equivalent of the borg on Star Trek—a phenomenon described in Wikipedia like this: “The Borg co-opt the technology and knowledge of other alien species to the Collective through the process of "assimilation": forcibly transforming individual beings into "drones...." Whether one is cross-dressing a la David Bowie, Lou Reed and other so-called glam rockers in the 1970s, becoming an alien as Bowie did at least twice in his career (Ziggy Stardust and The Man Who Fell to Earth) or playing video games where one assumes a character intent on murder, the rejection of the powers that be is ultimately atomized and meaningless. In other words, resistance is futile.
As Almaty, Kazakhstan’s largest city, spiraled into chaos last month over rising energy costs and anger at the government, the country’s leaders took a drastic step to quell protests: They blocked the internet.
First, they tried to ban access to some news sites, social networks and messaging services. Then, as activists bypassed those curbs with software that masked their locations, the authorities shut down almost all connectivity in the country.
The moves added uncertainty to an already dire situation. After payment apps and point-of-sale machines used to swipe debit cards went down, lengthy lines formed at A.T.M.s as Kazakhs rushed to get cash. Families could not communicate with loved ones. Taxi drivers who relied on ride-hailing apps said they stopped driving because they could not connect with passengers.
“It was impossible to communicate,” said Darkhan Sharipov, 32, an accountant who was part of the protests. “The lack of information multiplied the chaos and disinformation.” The scenes in Kazakhstan offer a preview of what may unfold in Ukraine, where the internet could be one of the first targets of the Russian military in a potential conflict. Ukrainian and Western officials have warned that cyberassaults could be part of any Russian intrusion.
In it, IFF highlighted that internet shutdowns are extremely common in India, citing reports by Top10VPN and Access Now, and data from the Software Freedom Law Center and Meta.
According to the TopVPN report, the Indian government imposed major internet restrictions on citizens for 1,157 hours in 2021, the equivalent of more than 48 days. This included 317.5 hours of total internet blackout and 840 hours of bandwidth throttling.
In all, internet restrictions cost the Indian economy $582.8 million (Rs 4,348 crore) in 2021. Only Myanmar ($2.8 billion) and Nigeria ($1.5 billion) did more economic damage with these self-inflicted wounds.
This dismal performance was actually an improvement for India from 2020, when it lost an estimated $2.8 billion – more than any other country by far – after shutting down the internet for a combined 8,927 hours.
Overall, government internet outages in 21 countries lasting over 30,000 hours cost the global economy $5.45 billion in 2021, a 36% increase from 2020, when $4.01 billion was lost, the report said.
The Parliament also resisted the push to include a so-called media exemption from these rules — a dangerous provision that would give content by media publishers privileged treatment and thereby foster the spread of disinformation online. As negotiations over the final shape of the DSA continue, it is essential that Parliament defends this solid position with potential to empower users, instead of allowing the private sector to continue escaping transparency and accountability.
To those outside the “Brussels bubble” the Parliament vote on the DSA might look like the end of the lawmaking process. In reality, we still have a road ahead before we see the final text.
Below, we explain where we are in the DSA negotiations and what is coming next. We also highlight how the positions of the three main negotiators — the European Parliament, the Council of the European Union, and the European Commission — differ, providing hints as to what to expect.
In 2018, Watch Tower filed for a DMCA subpoena that would've required YouTube to hand over the identity of an animator who parodied the religious group in his videos. When that stalled, Watch Tower filed a copyright lawsuit. Citing fair use, a judge has now ruled that the subpoena will not be granted. Surprisingly, Watch Tower is pressing ahead with its copyright lawsuit regardless.