Bonum Certa Men Certa

Links 2/3/2022: Windows Sliding Down and Procmail Considered Harmful

  • GNU/Linux

    • Desktop/Laptop

    • Audiocasts/Shows

    • Kernel Space

      • [LWN] Linux 5.16.12
        I'm announcing the release of the 5.16.12 kernel.
        
        

        All users of the 5.16 kernel series must upgrade.

        The updated 5.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • [LWN] Linux 5.15.26
      • [LWN] Linux 5.10.103
      • [LWN] Linux 5.4.182
      • [LWN] Linux 4.19.232
      • [LWN] Linux 4.14.269
      • [LWN] Linux 4.9.304
      • What the Tech: The ‘2038 problem’ is real and threatens digital infrastructure worldwide

        Two events pose a threat to Americans’ ability to connect to the internet. Hackers have always posed a threat through DNS attacks, or denial of services. Another threat is known through the cyber security world as the “2038 problem” which may cause computer problems similar to the fears over the Y2K bug of 20 years ago. The year 2038 problem is 16 years in the future, but the threat can already be seen. Take your own smartphone. Open settings and try to change the date on the calendar to the year 2038. You can’t because a math glitch prevents many computers to see past 2037. When computer programmers built the Unix code in 1970, they used a 32-bit system that counted seconds. As other programs and systems built on the Unix code, they, in a sense, created an “expiration date of some 2.1 billion seconds.

      • Luca Ceresoli joins Bootlin team

        The entire team at Bootlin is extremely happy to welcome Luca Ceresoli, who started working with us on March 1, 2022. Based in Italy, Luca is the first employee of Bootlin based outside of France, and we plan to continue to expand our hiring in a similar way in the future.

      • Torvalds moves Linux to C11

        Old one out-of-date, but this one goes to 11 Linus Torvalds is about to shift Linux from a version of C which is so old it was written before the fall of the Soviet Union – C89. Torvalds has said that it is time to move to something more modern starting with kernel 5.18. Linux had planned to move to a newer standard eventually with C99 being the next version. However, a recent patch to a security problem revealed that there could be problems with C99.

    • Applications

      • [Make Use Of] The 5 Best System Cleaning Apps for Your Linux Desktop

        Linux-based operating systems have complex structures. When you add a file or install an app, the system performs some arrangements by making the right configurations files to support the file or application. These configuration files stack up and consume the system space. Similarly, when you install an update for the OS, it leaves backup files behind. This leftover data affects the system's performance. To remove these temporary files and keep your computer optimized, there are system cleaning apps available for Linux. So, let's look at five of the best system cleaning apps for Linux that are free to use.

    • Instructionals/Technical

      • How to Install SuiteCRM on Ubuntu 20.04 - RoseHosting

        SuiteCRM is an open-source Customer Relationship Management (CRM) software solution that provides a 360-degree view of your customers and business. It is a fork of the popular open-source SugarCRM Community Edition.

      • How to install Flightgear on Zorin OS 16 - Invidious
      • How To Install aaPanel on Debian 11 - idroot

        In this tutorial, we will show you how to install aaPanel on Debian 11. For those of you who didn’t know, aaPanel is a free and open-source hosting control panel for Linux. It’s easy to install & all the web hosting options are well-categorized for easily managing websites and databases. Currently, aaPanel supports Debian, Ubuntu, and CentOS. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the aaPanel free and open-source hosting control panel on a Debian 11 (Bullseye).

      • How to install Rosegarden on a Chromebook

        Today we are looking at how to install the Rosegarden DAW workstation on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • Touch Command on Linux: Tutorial and Examples - Linux Stans

        In this tutorial, we’re going to show you what the touch command is, how to use it, and include practical examples of using the command. Unlike other commands that you should never run on Linux, the touch command is actually recommended and often used by everyone on Linux.

      • Access and modify virtual machines disk images with libguestfs tools

        In a previous article, we saw how to create kvm virtual machines from the command line; in this tutorial, instead, we learn how to access and modify virtual machines disk images, using some utilities which are part of the libguestfs package on the most commonly used Linux distributions. Those tools let us perform a variety of tasks. We will focus on some of them, like virt-filesystems and guestmount, which can be used to list filesystems existing on guest disk images, and mount them on the host system, respectively.

      • Terraform Variable with Example

        We learned about the terraform variable in the previous article. Let’s start with an example. Let’s set the terraform provider to AWS with the access key, secret key, and region where we wish to build these resources, as usual.

      • Install OpenVAS – Open Vulnerability Assessment Scanner

        Today you will learn how to install OpenVAS. OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. The scanner obtains the tests for detecting vulnerabilities from a feed that has a long history and daily updates.

      • Suricata Network IDS integration€ with WAZUH

        This post is about Suricata Network IDS integration with WAZUH. Wazuh is an excellent HIDS (Host-based Intrusion Detection System) among other things. In addition to it’s rule-based analysis of log events from agents and other devices, it also performs file integrity monitoring and anomaly detection. This provides a great deal of insight into the security of your digital assets. However, some security issues are most successfully detected by inspecting a server’s actual network traffic, which generally is not accounted for in logs. This is where a NIDS (Network Intrusion Detection System) can provide additional insight into your security in a way that is highly complimentary to the HIDS functionality in Wazuh. Suricata is one such NIDS solution, which is open source and can be quickly deployed either on dedicated hardware for monitoring one or more transit points on your network, or directly on existing Unix-like hosts to monitor just their own network traffic. Because Suricata is capable of generating JSON logs of NIDS events, it integrates beautifully with Wazuh.

      • Terraform's Variable

        The customer receives a response as soon as he opens the URL. The request then uses a mapping of IP addresses from DNS records to identify its destination, landing on a server that owns this IP, and the server processes to give a response, which is then transmitted back to the request’s origin. Because we’re using Amazon Web Services (AWS), we’ll use an EC2 instance. In production, simply having an EC2 instance that can process requests is insufficient. Virtual private cloud plays an important role to separate networks and other virtual networks from the cloud(AWS).

      • Why should you use Terraform and how does it work?

        Terraform core works with two different input sources. Terraform configuration is the first source. You specify what needs to be created or provisioned in this section. Terraform’s second source for keeping up-to-date configuration files is state. As a result, terraform core analyses the data and implements a plan for finishing the work at hand. It compares the state, what is the present state, and the configuration you want as a final result. It decides what’s to be performed in accomplishing the configuration file’s desired state. To develop or provision the infrastructure, it estimates what has to be created, updated, and destroyed.

      • How to Open Ports in Linux

        Need to connect to an outside PC or server—or need another PC or server to connect to you? If you’re running Linux, you’ll need to make sure the right port is open. While other operating systems usually have some graphical tool for this, Linux isn’t so simple. We’ll walk you through how to open ports in Linux below.

    • Games

    • Distributions

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

      • SUSE/OpenSUSE

      • IBM/Red Hat/Fedora

        • [Linux Magazine] Fedora 36 Beta Now Has a Release Date
          It's official, Fedora 36 now has two different release dates. If things go as planned, the beta of the distribution will become available on March 15, 2022. If there's a delay, Fedora 36 will be released on March 22, 2022. Once the public beta testing is complete, the official release will be April 19, 2022, or, if there's a delay, April 26, 2022. As for new features, the most notable will be the addition of GNOME 42, which improves both UI and functionality. The changes to GNOME 42 include a system-wide dark theme preference, wallpapers for both dark and light themes, updates to the folder icon theme, even more support for libadwaita, an improved System Settings application (thanks to GTK 4), a new default text editor (shifting from Gedit to GNOME Text Editor), and an improved screenshot tool and native screen recording.

        • Red Hat Training And Certification Expands Offerings For Partners

          Red Hat has announced that Red Hat Training and Certification is expanding its offerings for partners in order to advance their skills journey with open hybrid cloud technologies. Red Hat partners can now access Red Hat Training self-paced online courses at no cost in order to develop critical skills around Red Hat solutions in key areas such as cloud computing, containers, virtualization, automation and more.

        • David Cantrell: rpminspect-1.9 released

          rpminspect 1.9 is now available. The last release was in November of 2021, so this release includes a lot of new functionality and bug fixes. Among the many changes and bug fixes is the addition of the rpmdeps inspection. This inspection checks for consistency and expected changes in dependency tags in build comparisons. It also checks to ensure subpackages that gained automatic shared library dependencies also carry the appropriate explicit dependency on the providing package (in cases where the providing package is another subpackage in the build).

      • Debian Family

        • Ben Hutchings: Debian LTS work, February 2022

          In February I was assigned 16 hours of work by Freexian's Debian LTS initiative and carried over 8 hours from January. I worked 16 hours, and will carry over the remaining time to March. I spent most of my time triaging security issues for Linux, working out which of them were fixed upstream and which actually applied to the versions provided in Debian 9 "stretch". I also rebased the Linux 4.9 (linux) package on the latest stable update, but did not make an upload this month.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • [Mozilla] How to secure your data in less than 10 minutes

            Data Privacy Day has come and gone. But here at Mozilla, helping educate people around online privacy is so important to us that we want to be your guide to protecting your data over the next four weeks. Save this page on Pocket, come back every Wednesday and find a couple of quick things you can do to help you live your best and most secure digital life. Don’t wait for the next data privacy settlement or breach. Put on a playlist and you’ll be done by the time your favorite song ends.

      • Productivity Software/LibreOffice/Calligra

    • Standards/Consortia

      • OGC Code Sprint: developing open standards and software

        The Open Geospatial Consortium (OGC) has organised a code sprint, along with two other organisations which promote open source software: the Open Geospatial Foundation (OSGeo) and the Apache Software Foundation (ASF). Both OSGeo and ASF have several projects which implement OGC data standards. At Ordnance Survey, we think it’s essential to encourage OS developers to be part of the conversation and development of the open data standards used in our products and services. That’s why we are sponsoring OGC’s code sprint event, and as an OGC member, we implement many OGC standards on the OS Data Hub.

      • War and the Power of Standards - ConsortiumInfo.orgConsortiumInfo.org

        The unleashing of unprovoked acts of violence against the people of Ukraine has both horrified and united much of the world against Russia. Even historically neutral Switzerland has condemned Putin’s aggression. And aid is flooding into the beleaguered democracy from around the world. Why? Not because the Russian Federation has breached any existing treaty, but because Putin has violated widely shared standards of conduct and decency. And while nations have the sovereign right to withdraw from written agreements, they are powerless to disavow an international consensus over what nations may and may not do. Or to avoid the consequences when they violate that consensus.

  • Leftovers

    • Science

      • [Hackaday] You Can Find Military Radars On Publicly-Available Satellite Data | Hackaday

        When it comes to hunting down military radar installations and associated hardware, we typically think of equipment that is firmly in the price bracket of nation states and their military forces. Whether it’s early warning radar, those used for air defence, or for naval purposes, you’d think it was relatively difficult to intercept or track these emissions. However, a new tool built by geocomputation lecturer Ollie Ballinger shows this isn’t the case. In fact, openly-available data captured via satellite can be used to find all manner of military radar emitters. Let’s explore how!

    • Hardware

      • [Hackaday] Electric Jet Engine Uses 3D Printed Compressor, Skips The Turbine Altogether. | Hackaday

        Turbojet engines are an incredible piece of 20th century engineering that except for some edge cases, have mostly been replaced by Turbofans. Still, even the most basic early designs were groundbreaking in their time. Material science was applied to make them more reliable, more powerful, and lighter. But all of those incredible advances go completely out the window when you’re [Joel] of [Integza], and you prefer to build your internal combustion engines using repurposed butane canisters and 3d printed parts as you see in the video below the break.

      • [Hackaday] Learn To Play Guitar, Digitally | Hackaday

        Learning to play a musical instrument takes a major time commitment. If you happened to be stuck inside your home at any point in the last two years, though, you may have had the opportunity that [Dmitriy] had to pick up a guitar and learn to play. Rather than stick with a traditional guitar, though, [Dmitriy] opted to build his own digital guitar which is packed with all kinds of features you won’t find in any Fender or Gibson.

    • Integrity/Availability

      • Proprietary

        • Security

          • [The Anarcat] procmail considered harmful - anarcat

            procmail is a security liability and has been abandoned upstream for the last two decades. If you are still using it, you should probably drop everything and at least remove its SUID flag. There are plenty of alternatives to chose from, and conversion is a one-time, acceptable trade-off.

          • Privacy/Surveillance

    • Defence/Aggression

      • [NewYorkTimes] A Group Founded by Colin Kaepernick Is Providing Free Second Autopsies

        A group founded by the former N.F.L. quarterback Colin Kaepernick started this week to offer free secondary autopsies for families of people who died under “police-related” circumstances. A certified autopsy can be prohibitive, sometimes costing $5,000 or more, so those without means have had to rely on the official inquiry conducted by a medical examiner or coroner. But proponents of a second autopsy argue that forensic pathology is not an exact science, and that medical experts can have differing opinions that are sometimes colored by bias. Not having the means for an independent autopsy — a second opinion, in medical speak — prohibits one’s access to equal justice, supporters of Mr. Kaepernick’s initiative said. “There is definitely a deep-seated subconscious bias — and in some instances a conscious bias — on the part of medical examiners vis-à-vis police-related deaths,” Dr. Cyril H. Wecht, one of country’s most famous forensic pathologists and one of the board-certified examiners who will be conducting autopsies as part of this effort, said in an interview on Thursday.

    • Environment



Recent Techrights' Posts

Loss of Technical Merit(ocracy)
"buzzword diplomas"
World Wide Web: Only Criminals Would Want Real Security and Vouch for Themselves When They Use Encryption
In "modern" browsers, the podlock icon probably does not mean what users might think it means
[Meme] OSI Digging Its Very Own Grave (With Microsoft)
The very latest blog post from OSI is a hoot
Geminispace is More Trustworthy (and Private) Than the World Wide Web
Unlike the Web, Geminispace does not route the lion's share of traffic through a collective of spying companies
 
LinuxSecurity (Guardian Digital, Inc) Sloppy With Its 'Linux' Slop
This kind of stuff is killing the World Wide Web and ruins human knowledge
[Meme] Chin-dropping and Jaw-dropping (Considerable Drop in Patent Validity and Quality)
This drop is very much intentional
Gemini Links 10/10/2024: Untruth, SSH, Gopher, and More
Links for the day
Geminispace Beyond 4,100 Capsules
4,000 was less than 8 weeks ago
Links 10/10/2024: TikTok's Legal Problems, WeblogPoMo Challenges
Links for the day
[Meme] European Patent Convention and Vienna Convention Became Only Fictions (Laws and Constitutions Are Now Works of Fiction in Europe)
A political crisis and blunder
Almost a Thousand EPO Staff Protesting to EPO Member States That the Office Illegally Grants Software Patents and Other Invalid European Patents
"The outcome confirms that the concerns about the EPO’s ability to grant legally sound patents remain"
Junk Science
science is being compromised for business purposes
[Meme] Dismantling .io (Stick a Fork, the Hype is Done)
NVIDIA is an excellent new example of hype driving up fictional "value"
UNIX is 55 This Year, It is 6 Years Older Than Microsoft
It should be noted that the surviving co-creator of UNIX, Ken Thompson, 'moved' to GNU/Linux (Debian) in recent years
This Year, for the First Time Since August 2019 (Bill Gates MIT Scandal, Jeffrey Epstein Bribes), libreplanet-discuss Was Inactive an Entire Month
The MIT injustice remains and recent "libreplanet" events were held in a venue that's not MIT and far less prestigious than MIT (the "Wentworth" imitation)
[Meme] Different Ending for Jurassic Park
UNIX in old movies
Evolution of Hype
Passing fads and rebranding
Groklaw Will Hopefully Come Back
Sites should be able to run for decades with hardly any human role/interaction, but that's not where we are...
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 09, 2024
IRC logs for Wednesday, October 09, 2024
Gemini Links 09/10/2024: YouTube Woes, Post-Truth Slop
Links for the day
Nothing Will Be Secure and Robust to Failure Until Microsoft Windows is Eradicated and/or Disconnected From the Internet
Every system has limited capacity, Windows botnets push things to their limits
GNU/Linux Took Off at the BSDs' Expense (Amid Telecom Lawsuit) and the Rivalry Persists Because Microsoft is Negligible in the Server Space
UNIX or POSIX is the future
Links 09/10/2024: Samsung's Fall, Tensions Growing Near China
Links for the day
Gemini Links 09/10/2024: Retroware and gmlgcd 2.0
Links for the day
Links 09/10/2024: Microsoft's Surface Duo 2 Officially Dead, X/Twitter Shutdown in Brazil, and "OpenAI Is A Bad Business"
Links for the day
Technology: rights or responsibilities? - Part III
By Dr. Andy Farnell
[Meme] Bill Gates With a Side of "Linux"
Linux Foundation is trolling us with Bill Gates
Once Again Linux Foundation Makes It Clear It's Being 'Absorbed' by Bill Gates
Linux Foundation devotes about 2% of its budget to Linux
Links 08/10/2024: Australian Fines for Twitter (X), Fake Patent Courts Still Not Scuttled
Links for the day
World Wide Slop
If it quacks like a duck...
IBM is a Boys' Club
If IBM collapsed, the Red Hat engineers who work on GNU and Linux would simply work elsewhere (on the same projects)
The Miserable State of GAFAM
Looking for government handouts
Microsoft is Acting Like a Company That's Running Out of Money (But Still Pretends to be Wealthy in Order to Attract or Retain Shareholders)
Azure has had mass layoffs every year since 2020, yet Microsoft keeps telling shareholders that "clown computing" is growing
Dr. Andy Farnell's Article on Societal Disorganised Attachment and the Role of Social Control Media
The article is quite long and typos were still being fixed as recently as last night
Smear Alert: Linus Torvalds Asking for Better Commit Messages Makes Linus a (Grammar) Nazi
Maybe the "mainstream media" is looking for clickbait or maybe it's actively looking to make a scandal - a phony controversy with which to make the job of coordinating Linux unpleasant
Gemini Links 09/10/2024: Climate Doom and Clagrange
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 08, 2024
IRC logs for Tuesday, October 08, 2024
Dr. Andy Farnell's Article on Why Passwords Still Rock
"Seven for a secret never to be told"
[Meme] Driver Issues
Where do you want to drive today?
The Problem Isn't That New Cars Use Electricity But That They Use Too Many Bits of Electronics
"...and proprietary software wrapped in proprietary APIs and protocols all without a modicum of compartmentalisation," an associate adds
We're Turning 18 in 30 Days
30 days from now the site turns 18
GNOME Foundation Says It's Nearly Broke (Again), It's Getting Rid of More People (Only Women Get the Boot), and It Will Improve Communications and Transparency Even Though It Secretly Ousts People From the GNOME Foundation Board (for Secret Reasons)
It only talks about this months later (under strict gag orders, only public shaming of a person)
Gemini Links 08/10/2024: Guilt by Association, Workers vs Owners
Links for the day
Links 08/10/2024: War Updates, Samsung's Layoffs, and Gemini
Links for the day
Another Dose of Fake 'Articles' About Linux
Don't give visibility to the nonsense of Microsoft
Links 08/10/2024: Microsoft Deleting Office Documents Instead of Saving Them, "Threads Still Sucks"
Links for the day
gemini.techrights.org and techrights.org (Same Server, Not the Same Protocol)
We're reminding readers that everything in this site is fully accessible via gemini.techrights.org in Gemini Protocol
X Has Axed Itself. This is Great News and Further Affirmation of Everything We've Said About Social Control Media.
Don't waste any more time on social control media
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 07, 2024
IRC logs for Monday, October 07, 2024
Gemini Links 08/10/2024: Contingency Begets Complexity, Playing With Bezier Curves
Links for the day