Bonum Certa Men Certa

Links 15/3/2022: C4C Linux is Back and gcobol Unveiled



  • GNU/Linux

    • Server

      • HackadayRun Your Own Server For Fun (and Zero Profit) | Hackaday

        It seems there’s a service for everything, but sometimes you simply learn more by doing it yourself. If you haven’t enjoyed the somewhat anachronistic pleasures of running your own server and hosting your own darn website, well, today you’re in luck!

        Yes, we’re going to take an old computer of some sort and turn it into a web server for hosting all of your projects at home. You could just as easily use a Raspberry Pi –even a Zero W would work — or really anything that’ll run Linux, but be aware that not all computing platforms are created equally as we’ll discuss shortly.

        Yes, we’re going to roll our own in this article series. There are a lot of moving parts, so we’re going to have to cover a lot of material. Don’t worry- it’s not incredibly complicated. And you don’t have to do things the way we say. There’s flexibility at every turn, and you’re encouraged to forge your own path. That’s part of the fun!

    • Audiocasts/Shows

    • Applications

      • HowTo ForgeThree Tools to Scan a Linux Server for Viruses, Malware and Rootkits

        Servers connected to the Internet see a constant number of attacks and scans throughout the day. While a firewall and regular system updates are a good first defense to keep the system secure, you should also regularly check that no attacker came in. The tools described in this tutorial are made for these reason tests, they scan for malware, viruses, and rootkits. They should be run regularly, e.g. every night, and send you reports by e-mail. You can also use Chkrootkit, Rkhunter, and ISPProtect to scan a system if you have suspicious activities such as high load, suspicious processes or if the server suddenly starts sending malware.

    • Instructionals/Technical

      • OSNoteHow to Use RSYNC to Backup Data on Ubuntu – OSNote

        Loss of valuable data and not being able to recover it is the most painful incident that can happen to any of us. To take precautions against this problem, a backup copy of the data needs to be created. A data backup is a copy of valuable data kept on your devices, such as computers, phones, or tablets, that is used to recover the valuable data that has been lost. Data loss is caused in a variety of ways, including failure of hard drives, ransomware, and even human error. Whatever the disaster, a backup of data could provide the relief you need to restore the data on your devices. It’s usually kept in a safe, different location from the original device, such as the cloud. One of the approaches we use in Linux to back up our data is using “rsync”. In this article on Ubuntu 20.04, we use the rsync approach to back up data.

        The “rsync ” is a command-line application that is used for the transfer of files from local to local, local to remote places, and vice versa. It enables rapid progressive file transfer by sending the difference between the source and destination files.

      • How to Install Neovim Editor on Ubuntu 20.04

        Neovim is an extendable Vim-based text editor. It can be extended using plugins and APIs. It can also be hosted on the cloud for teamwork. It is compatible with the Vim editing model and Vimscript.

        Neovim is 30% lighter than regular Vim. It comes with an excellent modern interface. Neovim has a built-in terminal emulator for efficient work.

        I am using Ubuntu 20.04, and I will show you the installation of Neovim on Ubuntu 20.04 LTS edition. The instructions discussed here are compatible with all Debian-based Distributions incl. Ubuntu, Linux Mint, Xubuntu, etc.

      • Add your personal aliases to bashrc the smart way | ArcoLinux

        Since we always use skel to copy/paste the files from /etc/skel to your home directory, the bashrc is overwritten every time.

      • ID RootHow To Install GIMP on AlmaLinux 8 - idroot

        In this tutorial, we will show you how to install GIMP on AlmaLinux 8. For those of you who didn’t know, GIMP (GNU Image Manipulation Program) free and open-source image editor and alternative to Photoshop from Adobe and comes with numerous professional editing functions for images and photos. GIMP is available for Linux, Windows, OS X, and some other OS.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the GIMP open-source image editor on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

      • VituxHow to Install and Use SSHGuard on Ubuntu 20.04 – VITUX

        SSHGuard is an open-source daemon that is used to enhance the security of ssh as well as other network protocols. Moreover, it is used to prevent brute force attacks. It will continuously monitor and keep the track record of the system logs which helps in tracking the continuous login attempts or malicious activity. Once it detects such activity then it will immediately block the IP using firewall backends such as pf, iptables, and ipfw. Then it will unblock the IP after a set interval of time. Several log formats such as raw log file, Syslog-ng, and Syslog are supported by SSHGuard as well as provide extra layer protection to several services postfix, Sendmail, vsftpd, etc. including ssh.

        In this tutorial, you will learn to install SSHGuard and configure the system to prevent brute force attacks in Ubuntu 20.04. Let’s begin with the installation.

      • Its FOSSHow to Install Docker in Fedora Linux [Beginner's tutorial]

        Docker is one of the awesome technologies which is essential for developers and sysadmins these days. Containers have a wide range of applications and they play an important role in numerous areas.

        I am not going in the advantages of Docker in this article. This tutorial will cover the steps to install Docker in Fedora.

      • How to Start & Stop Service using Command Prompt – TecAdmin

        A service is used for continuous running processes on any operating system. Generally, it is used for task automation, listening for specific events on a system.

        Any Windows system user can stop, start or restart a Service in two ways. You can easily manage the service state using the graphical user interface. In this tutorial, we will discuss about another option to manage the service using the command-line interface.

      • How to Check and Install Security Updates on RHEL 6/7/8 - ByteXD

        Linux is always regarded as the most secure operating system because the code is open source.

        Therefore, researchers and developers can find bugs and send patches, making it much safer over time. However, that doesn’t mean that you sit back, relax, and enjoy the services after installing a Linux distribution like RHEL. No! You need to ensure the system is up-to-date with the latest security updates and patches.

        This post will give you a detailed guide on checking and installing the latest security updates for RHEL 6/7/8 systems. We will also show you how to automatically set up your system to install any security updates and patches.

      • Red Hat OfficialConfigure Apache HAProxy to balance web server traffic | Enable Sysadmin

        Prevent bottlenecks on web servers by using load balancing to distribute traffic.

      • Add your personal aliases to fish the smart way | ArcoLinux

        Since we always use skel to copy/paste the files from /etc/skel to your home directory, the config.fish is overwritten every time.

      • Add your personal aliases to zsh the smart way | ArcoLinux

        Since we always use skel to copy/paste the files from /etc/skel to your home directory, the .zshrc is overwritten every time.

      • UNIX CopHow to Disable kdump and Reclaim Missing RAM On CentOS 8 - Unix / Linux the admins Tutorials

        In this article, We will show you how to disable kdump and reclaim missing RAM on CentOS 8.

        kdump is a feature of the Linux kernel that creates crash dumps in the event of a kernel crash. When triggered, kdump exports a memory image (also known as vmcore) that can be analyzed for the purposes of debugging and determining the cause of a crash.

        The dumped image of main memory, exported as an Executable and Linkable Format (ELF) object, can be accessed either directly through /proc/vmcore during the handling of a kernel crash, or it can be automatically saved to a locally accessible file system, to a raw device, or to a remote system accessible over network.

      • CitizixGetting started with Kubernetes – Kubernetes Components

        A Kubernetes cluster is made of control plane nodes and worker nodes. And the nodes are made up of a number of components with specific functionalities

        Kubernetes follows a client-server architecture. It’s possible to have a multi-master setup (for high availability), but by default there is a single master server which acts as a controlling node and point of contact. The master server consists of various components including a kube-apiserver, an etcd storage, a kube-controller-manager, a cloud-controller-manager, a kube-scheduler, and a DNS server for Kubernetes services. Node components include kubelet and kube-proxy on top of a container runtime like docker.

      • UNIX CopOSQuery€ system information Centos Rhel 8 - Unix / Linux the admins Tutorials

        osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

        osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. For example, with osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events, or file hashes.

      • How to Install Setuptools for Python on Linux
    • Games

      • Boiling SteamSteam Deck First Impressions

        Something is definitely strange in the neighborhood: FedEx was swift and perfect, delivering my Steam Deck during lunch on Friday! I got the order email on Monday in the second round and tried to prepare myself to wait for the next week to receive it. Instead, I was pleasantly surprised (we’re cool now FedEx!) and got the whole weekend to play on my new Steam Deck. I’ll have lots more to come, but first, I wanted to share some early impressions.

        Before diving in, let me say that I (and I think the rest of the staff here) have been feeling a bit left out of the big Deck launch. We did not have a review unit, and while I was very lucky to get in a reservation so quickly, we did not have a unit in the first round of orders either. This is one of the most significant events in Linux and, more broadly, PC gaming for a very long time, sure to go down as a before/after type moment.

      • GamingOnLinuxHere's some of the latest Steam Deck Verified titles including the popular Valheim

        Currently across games, software and DLC there's a total of 1,352 that are either Verified (740) or Playable (612).

      • GamingOnLinuxSpace Invaders gets reinvented with Beat Invaders and it's slick | GamingOnLinux

        Wow, I didn't think I would be playing a fresh version of Space Invaders in 2022 but here I am sucked right into the new Beat Invaders from developer Raffaele Picca. Note: key provided by the developer.

        An arcade classic, reinvented for the modern era with neon visuals and a seriously good soundtrack that makes the action really come alive. This is a very musical game. The enemies movements and firing rates change with the music's beat and tempo too, so you end up getting completely absorbed by it. Especially in the later game, where the music gets faster and more complex leading to a thorough challenge.

      • GamingOnLinuxAction-shooter The Ascent is Steam Deck Verified, adds a little tweak for Deck players | GamingOnLinux

        The Ascent is a solo and co-op top-down looter-shooter from Neon Giant and Curve Games. It got Steam Deck Verified, and so the developer made a fun little tweak for players on Deck.

        "The Ascent is a solo and co-op Action-shooter RPG, set on Veles, a packed cyberpunk world. Welcome to The Ascent Group arcology, a corporate-run metropolis stretching high into the sky and filled with creatures from all over the galaxy. You play as a worker, enslaved by the company that owns you and everyone else in your district. One day, you are suddenly caught in a vortex of catastrophic events: The Ascent Group shuts down for unknown reasons and the survival of your district is threatened. You must take up arms and embark on a new mission to find out what started it all."

      • GamingOnLinuxSteam Deck update fixes buying games for some, touch input on 'Digital' keyboard theme | GamingOnLinux

        Valve has released the latest small update for the Steam Deck to fix up a couple of nuisances, a few of which were definitely annoying me.

      • GamingOnLinuxDouble Fine say Psychonauts 2 for Linux and macOS still coming | GamingOnLinux

        While they're now pretty late on it, Double Fine say that the Linux and macOS dedicated builds of Psychonauts 2 are still actually on the way.

      • Boiling SteamNew Steam Games with Native Linux Clients - 2022-03-15 Edition - Boiling Steam

        Between 2022-03-08 and 2022-03-15 there were 30 New Steam games released with Native Linux clients. For reference, during the same time, there were 280 games released for Windows on Steam, so the Linux versions represent about 10.7 % of total released titles. Here’s a quick pick of the most interesting ones

      • What's The State of Play With Linux Online Poker Rooms - LinuxBuz

        Although it may not be the most commonly used operating system, there’s no doubt that Linux has grown in popularity in recent years. Recent reports indicate that over 1.2 million active Linux users are currently utilizing the gaming platform Steam, and the numbers are continuing to grow.

      • FOSSBytes[Update] Apex Legends Is Borked Again On Steam Deck & Linux

        Steam Deck fans and the Linux community were entranced when Apex Legends finally started working on the Steam Deck and got the Deck verified badge. However, some of the recent reports on Protondb suggest that the game has stopped working.

      • CNX SoftwareDoom ported to Raspberry Pi RP2040 - CNX Software

        Doom has been ported to all sorts of platforms, including ESP32 platforms with 4MB PSRAM but “RP2040 doom” port of Doom to the Raspberry Pi RP2040 is more challenging, since RAM is limited to the measly 264KB built-in into the microcontroller, and for boards with only 2MB flash like the Raspberry Pi Pico, storage capacity becomes an issue.

        But Graham Sanderson solved all those issues by compressing the data, changing the code to use less RAM, making full use of the two Arm Cortex-M0+ cores, both overclocked at 270 MHz, in order to run Doom (DOOM1.WAD) on Raspberry Pi Pico at 320×240 resolution @ 60 fps, and the full Ultimate Doom and DOOM II WADs expected to fit into Raspberry Pi RP2040 boards with 8MB SPI flash.

      • [Older] New Gadgets: Thumby (Tiny Game Console) & the Sony MZ-N505 (MiniDisc Recorder/Player)

        Overall, the Thumby is largely a novelty thing to say “look at this neat thing on my keychain, it's the world's smallest game console!” I can legitimately see myself playig Tinysaur Run if I was really bored though since I don't have video games on my phone and don't carry my Gameboy/GBA/Vita/Switch around most of the time. I'm quite enamored with this little nifty guy, more than the average person would be.

        I'll have to look into programming it (which was the main reason I was interested in it in the first place) and also check out some community-made games. Maybe the community will have figured out how to make more legitimately playable games.

      • Ubuntu PitTop 5 Best Simulation Games for Linux: Live Out Another Life

        Among all the popular gaming genres, simulation games are always special. In a simulation game, you play the roles of different characters holding various professions. So, here, you can experience your favorite career and understand the task for the profession genuinely. That’s why from young to adults, we all love simulation games. Well, Linux users often be in difficulties finding the best Simulation games for Linux. And that’s what we are talking about here in this content.

    • Distributions

      • Its FOSSThe C4C Linux Distro Rises from the Grave

        When I started writing for It’s FOSS, I covered a Christian Linux distro. It’s been six years since I did so. Let’s take a quick look and see what has changed for the project in that amount of time.

        When we first encountered Computers4Christians, they were a Christian group that refurbished old computers by adding Linux and donated them to their local community. They gave away over 1,000 systems. The group created their own version of Linux, based on Lubuntu, named the Computers4Christians Linux Project.

      • Solène: Reproducible clean $HOME in OpenBSD using impermanence

        Let me present you my latest project: home-impermanence, under this name is a reference to the NixOS community project impermanence. The name may not be obvious about what it is doing, let me explain.

      • New Releases

        • IPFire 2.27 - Core Update 165 is available for testing

          Another update is ready for testing: IPFire 2.27 - Core Update 165. It comes with various updates for the firewall engine that improve its performance and increase its flexibility, as well as with an updated toolchain, Python 3.10 and various more bug and security fixes.

          The firewall engine has received various improvements for better performance, faster ruleset reloads, and easier code for developers...

      • SUSE/OpenSUSE

        • CubicleNateopenSUSE on the Raspberry Pi 400 – CubicleNate's Techpad

          It was just over a year ago that there was an incredible buzz over the release of the Pi 400. In 2022, this ARM based computer is still a fantastic device that I highly recommend for just about anyone that wants to projects of any kind. I was late to the party in adding the Pi400 to my “cubicle” but better late than never. The Pi400 hearkens back to the age of the personal microcomputer from the 1980s where the keyboard and motherboard are contained in one device with the business end of the machine on the back side of it.

          I have an almost unhealthy obsession with the openSUSE project and absolutely adore this Raspberry Pi. Putting together the fun, flexibility, ease of management and reliability of openSUSE with the low cost and highly capable hardware seems like the absolute perfect combination.

          openSUSE is touted as the “makers choice” distribution and many makers out there love Single Board Computers like the Raspberry Pi. The combination of a makers’ choice distro and a very common SBC used by makers seems like the perfect fit.

      • Arch Family

        • The Register UKArch Linux turns 20: Small, simple, great documentation
          Arch Linux, arguably the most widely known rolling-release distribution, just celebrated its 20th anniversary. The project has commemorated its first public release, 0.1, with a snapshot of its original homepage.

          A few years back, The Reg looked at "the last refuge of the DIY Linux user" and liked it. Arch has several virtues that have helped it to survive and quietly thrive, largely out of the limelight.

      • IBM/Red Hat/Fedora

        • CPE Quarterly Update Q4 2021

          This is a summary of the work done on initiatives by the CPE Team. Every quarter, the team together with CentOS and Fedora community representatives, choose initiatives to work on. The CPE Team is then split into multiple smaller sub-teams for initiatives and a dedicated team for day to day infrastructure and release engineering work.

        • The NeuroFedora Blog: Next Open NeuroFedora meeting: 28 March 1300 UTC

          Please join us at the next regular Open NeuroFedora team meeting on Monday 28 March at 1300 UTC The meeting is a public meeting, and open for everyone to attend.

        • Peter Czanik: I'm an IBM Power Champion for 2022

          I’m happy to announce that I became an IBM Power Champion for the year 2022. This blog is long overdue, however with the conflict raging in our neighbor country, Ukraine, I just did not feel the strength to write about anything. In this blog I try to introduce myself and share my plans for this year.

        • Manage Java versions with SDKMan

          Java is more than just a programming language: It's also a runtime.

          Applications written in Java are compiled to Java bytecode then interpreted by a Java Virtual Machine (JVM), which is why you can write Java on one platform and have it run on all other platforms.

          A challenge can arise, however, when a programming language and an application develop at different rates. It's possible for Java (the language) to increment its version number at the same time your favorite application continues to use an older version, at least for a while.

          If you have two must-have applications, each of which uses a different version of Java, you may want to install both an old version and a new version of Java on the same system. If you're a Java developer, this is particularly common, because you might contribute code to several projects, each of which requires a different version of Java.

          The SDKMan project makes it easy to manage different versions of Java and related languages, including Groovy, Scala, Kotlin, and more.

        • Choose the best camel for your integration ride, Part 2

          This article is the second installment of a series that helps you choose among the many open source integration runtime provided by the Apache Camel framework. Part 1 of the series introduced the landscape of Camel runtime options and explained the use case and historical needs addressed by each runtime. This article expands on the advantages and recommended uses for the main runtimes currently supported by the Apache Camel project: Apache Karaf (OSGi), Spring Boot, Quarkus, and Camel K.

          Camel's light footprint and versatility also allow for other types of deployment. For instance, you might embed Camel directly as a library to empower your existing application with integration abilities. Or, for similar reasons, you might deploy Camel in an existing web container.

          This series doesn't intend to enumerate all the available Camel permutations. We're simply covering the most common community-supported runtimes to run Camel in the enterprise, whether standalone or using a containerized environment such as Kubernetes.

        • Preview: Clustering support for JBoss EAP on Azure App Service [Ed: IBM Red Hat pushing Microsoft's proprietary garbage while asking us to cancel GNU's founder]

          Clustering support for Red Hat JBoss Enterprise Application Platform (JBoss EAP) on Azure App Service is now available in public preview. JBoss EAP has been available as a supported runtime on both Azure virtual machines (via the Azure Marketplace) and Azure App Service since June 2021.

        • Enterprisers ProjectHybrid work: 5 tips for a flexible future

          Gone are the days when millions of people traveled to their offices five days a week. In today’s employment culture, workplace approaches vary from one business to another. As organizations learn the pros and cons of remote work, many are now formalizing their long-term strategies.

          Flexible work has become one of the most talked-about workplace trends, and employers are under pressure to maximize the opportunities it presents. While working from home is no longer considered an occasional perk, success for each stakeholder requires much more than simply doing office-based tasks outside the office.

        • Enterprisers ProjectDigital transformation: 4 pillars for success

          If you ask a room full of IT leaders to define digital transformation you’d likely get a variety of responses touching on areas such as strategy, operations, and complexity. These elements certainly are at play, but in my view, the most important component of digital transformation is creating a compelling customer experience – and continuing to do so as new technologies scale and enterprise complexity increases.

        • LWNRed Hat fails to take WeMakeFedora.org [Ed: See my take on this self-harming SLAPP. The closing words are: "Complainant [Red Hat/IBM] having failed to establish all three elements required under the ICANN Policy, the Panel concludes that relief shall be DENIED and declares that the Complaint was brought in bad faith and constitutes an abuse of the administrative proceeding."]

          Red Hat recently filed a request to have the domain name WeMakeFedora.org transferred from its current owner, Daniel Pocock, alleging trademark violations, bad faith, and more. The judgment that came back will not have been to the company's liking...

        • Red Hat OfficialRed Hat’s commitment to equal pay [Ed: Typical lies and hogwash from IBM (Red Hat); there are lawsuits to that effect and Red Hat has long been slow to adopt female workers at higher or engineering levels]

          For Red Hat, diversity, equity and inclusion are core tenets of our culture and the foundation of the company that we strive to be. And as part of that, one area we have been focused on for several years is pay equity. In recognition of Equal Pay Day, taking place in the U.S. today and in the spirit of transparency, I wanted to share the steps and tools that have worked for us — many of them we consider to be essential for businesses wishing to commit to closing the pay gap.

    • Devices/Embedded

      • CNX Software802.11ah WiFi HaLow development board launched for $99 (Crowdfunding) - CNX Software

        When 802.11.ah WiFi operating in the 900 MHz frequency range for low-power long-range communication was announced in 2014, then named WiFi HaLow in 2016, I naively assumed it would soon compete against other LPWAN standards like LoRaWAN or Sigfox.

        However, over the next few years, we did not see much interest in the wireless standard. But it may be picking up now, as Gateworks recently announced a Newracom NRC7292 based 802.11ah WiFi HaLow Mini PCIe module for their Arm Linux SBC’s, and a company called TELEDATICS has now introduced the Halo TD-XPAH 802.11ah Hallow development board featuring an AzureWave AW-HM482 module.

      • CNX SoftwareQuartzPro64 SBC coming soon with RK3588 SoC, 16GB RAM, $300+ price tag - CNX Software

        As expected, Pine64 has now unveiled its own Rockchip RK3588 SBC with the QuartzPro64, joining many others from Radxa to Banana Pi, and lesser-known companies such as Mixtile and Mekotronics.

        The QuartzPro64 single board computer will be equipped with 16GB RAM, 64GB eMMC flash, and with a large 180×180 mm form factor, offers plenty of ports including two HDMI outputs, one HDMI input, two SATA ports, two Gigabit Ethernet RJ45 connectors, and more.

      • Linux GizmosPine64 previews RK3588-based QuartzPro64 SBC

        Pine64 has unveiled a “QuartzPro64” SBC based on the octa-core Rockchip RK3588. The SBC will ship with 16GB LPDDR4X, 64GB eMMC, PCIe Gen3, HDMI in, 2x HDMI out, MIPI-DSI/CSI, 2x SATA, 2x GbE, and 4x USB including Type-C with DP.

        Pine64 has posted preliminary specs for its much-anticipated SBC based on the Rockchip RK3588. The feature-rich, 180 x 180mm QuartzPro64 will initially be sold only to Pine64 community developers via the coupon system the company used for the early versions of the RK3566-based PineNote and RK3399-powered PinePhone Pro smartphone. Pricing has not been determined, but Pine64 expects the board to cost more than $300, which it says will be based on cost or a possible vendor subsidy.

      • Mobile Systems/Mobile Applications

        • Librem 5 First Impression

          just received the Purism Librem 5 that I paid for years ago (I think it was 2018). The process of getting the basic setup done was typical (choosing keyboard language, connecting to wifi, etc). Then I tried doing things. One thing I did was update to the latest PureOS release which gave me a list of the latest Debian packages installed which is nice.

          The first problem I found was the lack of notification when the phone is trying to do something. I’d select to launch an app, nothing would happen, then a few seconds later it would appear. When I go to the PureOS app store and get a list of apps in a category nothing happens for ages (shows a blank list) then it might show actual apps, or it might not. I don’t know what it’s doing, maybe downloading a list of apps, if so it should display how many apps have had their summary data downloaded or how many KB of data have been downloaded so I know if it’s doing something and how long it might take.

    • Free, Libre, and Open Source Software

      • The Register UKReactOS now supports SMP ● The Register

        ReactOS, the open-source project for creating a binary-compatible drop-in replacement for Windows, has crossed a crucial milestone with a first look at symmetric multiprocessing (SMP) support.

        The developers are clear: this is a work in progress and not yet in the trunk, but persuading the operating system to run in SMP mode to the point where one can get to the familiar face of the Windows XP Task Manager is an impressive achievement.

      • Web Browsers

      • FSFE

        • Germany: 100 days of coalition agreement - hardly one day for Free Software - FSFE

          At the end of the week, the new German government will have been in office for 100 days. The coalition agreement contains ambitious statements on the use of Free Software (also known as Open Source), but so far nothing has been implemented. On the contrary: dependencies are to be further cemented.

          Just 100 days ago, the new government set out to finally drive forward the digitisation of Germany. Fortunately the use of Free Software is to play a major role. The FSFE has been demanding for a long time: "Public Money? Public Code!" - an implementation of the principle finally seems tangible.

          [...]

          SAP and Arvato, for example, want to offer Microsoft products to German administrations and the new government is open to this. The cloud strategy based on "open interfaces as well as strict security and transparency requirements", which was still mentioned in the coalition treaty, is thus moving further and further away.

      • FSF

        • GNU Projects

          • LWNAn OpenStreetMap viewer for Emacs [LWN.net]

            For those who do everything in the Emacs editor: the MELPA repository has just gained an OpenStreetMap viewer. A quick test (example shown on the right) suggests that it works reasonably well; click below for the details.

      • Public Services/Government

        • NSF Announces Pathways to Enable Open Source Ecosystems

          The National Science Foundation (NSF) has launched a new initiative called “Pathways to Enable Open-Source Ecosystems” (POSE), which will “harness the power of open source development for the creation of new technology solutions to problems of national and societal importance.”

      • Programming/Development

        • LWNAnnouncement: gcobol
          Greetings, gcc!  We come bearing gifts! 
          
          

          When you set your clock ahead an hour yesterday, you might not have realized you set your calendar back to 1985. There's a new gcc COBOL compiler. We call it: gcobol.

          On the books, we have 1 man-year invested: two full-time programmers since October 2021.

          We have so far compiled just over 100 programs from the examples in "Beginning COBOL for Programmers", by Michael Coughlin. We are near the end of that phase of the project, and expect to have ISAM and Object-Oriented Cobol features implemented in the next few weeks. We are working on compiling the NIST COBOL test suite, which we expect will take a few months to complete. We have begun work on gdb, too, and hope to have it working by year end.

          Our project should not be confused with GnuCOBOL (https://savannah.gnu.org/projects/gnucobol). That project is a Cobol translator: it compiles Cobol to C, and invokes gcc to produce executable code. Our gcobol compiler is (currently) a fork of gcc. It implements a gcc frontend for Cobol and (obviously) invokes the gcc backend to produce executables. (We have a friendly relationship with GnuCOBOL, and its maintainer supports our undertaking.)

          Ours should also not be confused with prior efforts to create a gcc Cobol compiler. Others have tried and failed. Failure wasn't an option for us. I won't say it was easy, but here we are.

          Eventually, if the gcc maintainers are interested, we would like to pursue full integration with gcc. For the moment, we have questions we're hoping can be answered here by those who ran the gauntlet before us. Given the state of the internals documentation, that seems like our best option. We've been rummaging around in the odd sock drawer for too long.

          If you're like me (like I was), your visceral response to this announcement can be summed up in one word: Why?

          The answer is as easy as it is trite: the right tool for the job.

          I wouldn't write an operating system in Cobol. But I wouldn't write one in Python or Java, either. Cobol has a niche no other language occupies: a compiled language for record-oriented I/O.

          That might sound strangely specialized, but it's not. Record-oriented I/O describes, I would argue, nearly *all* applications. Yet, since the advent of C, nearly all applications have relegated I/O to an external library, and adopted the Unix byte-stream definition of a "file".

          If you've written a CGI web application, you know what I'm talking about. Cobol eliminates a lot of gobbledygook by reducing free-form run-time variables to compile-time constants.

          That's the rationale, and it's not just a theory. Cobol is alive and kicking. Estimates vary, but they all say north of 100 billion lines of Cobol are still in use, with millions more written every year, even now, in the 21st century. Odds are your last ATM transaction or credit card purchase went through a Cobol application.

          There's another answer to Why: because a free Cobol compiler is an essential component to any effort to migrate mainframe applications to what mainframe folks still call "distributed systems". Our goal is a Cobol compiler that will compile mainframe applications on Linux. Not a toy: a full-blooded replacement that solves problems. One that runs fast and whose output runs fast, and has native gdb support.

          I am happy to debate the lunacy of this project and the viability of Cobol, either here or off-list. Today, we want to make the project known to those in the technical community who might most want to know what we're up to, and explain why we'll be asking the questions we're asking.

          Also, if you want to give it a whirl, please don't hesitate. We're happy to help, and expect to learn something in the process.

          Thank you for you kind attention.

          --jkl

        • LWNgcobol: a native COBOL compiler [LWN.net]

          The gcobol project has announced its existence; it is a compiler for the COBOL language currently implemented as a fork of GCC.

        • Port SwiggerNode.js security: Parse Server remote code execution vulnerability resolved

          Users of Parse Server, a popular API server module for Node/Express, are being urged to immediately apply a fix for a remote code execution (RCE) vulnerability.

          Discovered by security researchers Mikhail Shcherbakov, Cristian-Alexandru Staicu, and Musard Balliu, the vulnerability impacts the parse-server NPM package, versions below 4.10.7.

        • QtQt for WebAssembly on mobile devices

          Qt for WebAssembly on mobile devices, specifically phones, has lacked an essential feature - support for the native keyboard. It may or may not have worked. If it worked, it did not work very well. The tricky issue is opening the keyboard when needed and closing when it wasn't. There is no simple API for doing that on any platform we target - iOS, Android and Windows.

        • Drew DeVaultDrew DeVault's blog: Status update, March 2022

          Greetings! The weather is starting to warm up again, eh? I’m a bit disappointed that we didn’t get any snow this winter. Yadda yadda insert intro text here. Let’s get down to brass tacks. What’s new this month?

          I mainly focused on the programming language this month. I started writing a kernel, which you can see a screenshot of below. This screenshot shows a simulated page fault, demonstrating that we have a working interrupt handler, and also shows something mildly interesting: backtraces. I need to incorporate this approach into the standard library as well, so that we can dump useful stack traces on assertion failures and such. I understand that someone is working on DWARF support as well, so perhaps we’ll soon be able to translate function name + offset into a file name and line number.

  • Leftovers

    • Hardware

      • MakeTech EasierCOVID Closes Foxconn, Possibly Delaying Next iPhones

        At a time when the U.S. and U.K. are loosening COVID restrictions greatly, China seems to be going in reverse. While the threat to human lives is tragic, it’s also having an impact on the tech world, just as it did in 2021. Troubling COVID numbers have caused Chinese authorities to shutter the Foxconn factory and the rest of Shenzhen, possibly delaying the next iPhones.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

        • Security

          • Multi-Factor Authentication involving TOTP

            Yes I have used SMS-based one time passwords historically on some sites but such setups are problematic and not much of a security improvement. Some argue they make things worse because the false sense of security stops people using higher quality passwords. Here are just a couple of articles that scratch the surface of this topic.

          • LWNSecurity updates for Tuesday [LWN.net]

            Security updates have been issued by Debian (spip), Fedora (chromium), Mageia (chromium-browser-stable, kernel, kernel-linus, and ruby), openSUSE (firefox, flac, java-11-openjdk, protobuf, tomcat, and xstream), Oracle (thunderbird), Red Hat (kpatch-patch and thunderbird), Scientific Linux (thunderbird), Slackware (httpd), SUSE (firefox, flac, glib2, glibc, java-11-openjdk, libcaca, SDL2, squid, sssd, tomcat, xstream, and zsh), and Ubuntu (zsh).

          • Associated Press[Cr]acked US companies to face new reporting requirements [Ed: Microsoft Windows TCO]

            Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress.

            The rules are part of a broader effort by the Biden administration and Congress to shore up the nation’s cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. The reporting will give the federal government much greater visibility into hacking efforts that target private companies, which often have skipped going to the FBI or other agencies for help.

          • Bruce SchneierUS Critical Infrastructure Companies Will Have to Report When They Are Hacked [Ed: Would be better if the "news" reported that this is a Microsoft Windows issue]

            Even better would be if they had to report it to the public.

          • CISAPTC Axeda agent and Axeda Desktop Server (Update B) [Ed: Microsoft Windows TCO]

            ATTENTION: Exploitable remotely/low attack complexity

            [...]

            Axeda Desktop Server for Windows: All versions

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • QNAP warns severe Linux bug affects most of its NAS devices [Ed: Microsofters have found a new angle for attacking Linux (recycle); Maybe the Microsofters want to start naming EVERY SINGLE PRODUCT THAT USES LINUX... and then name-drop "dirty pipe" for FUD's sake.]

              Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges.

              The 'Dirty Pipe' security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged users to inject and overwrite data in read-only files, including SUID processes that run as root.

            • Hacker News'Dirty Pipe' Linux Flaw Affects a Wide Range of QNAP NAS Devices

              Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems.

            • ‘Dirty Pipe’ security patched kernels available

              All users that use any 5.10 kernel are strongly advised to upgrade to the latest version – 5.10.104 – in the antiX repos. This applies to 64 bit and 32 bit pae and non-pae kernels for antiX-17, antiX-19, antiX-21 and testing/sid users.

    • Internet Policy/Net Neutrality

      • News publishers furnish their details voluntarily, MIB claims in RTI Appeal

        We had filed an RTI Application with the the Ministry of Information & Broadcasting (‘MIB’) seeking information about certain notices issued by MIB to publishers of news media asking them to furnish information under Rule 18 of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (‘IT Rules’). While the MIB revealed that 2100 publishers have furnished information already, it refused to provide information on how many notices were sent to publishers and why they were sent despite the stay on operation of Rules 9(1) and 9(3) of the IT Rules. Accordingly, we filed a first appeal on 25.01.2022. Now, in appeal proceedings, MIB has claimed that all 2100 publishers voluntarily offered information about themselves in a fiduciary capacity and has refused to provide further information citing exemptions under the Right to Information Act, 2005 (‘RTI Act’) and made some interesting observations.

      • NBCRussia is nearly isolated online. What does that mean for the internet’s future?
    • Digital Restrictions (DRM)

      • [Old] miscellaneous mini post

        Apparently there's some sort of anti-copy mechanism for discs recorded via optical (but not analog), but I'm the only person I've ever known with minidisc anything so I think I'm okay on that front, *and* I still have all the original sources anyways.

    • Monopolies



Recent Techrights' Posts

A Free Software Foundation (FSF) Led by Dr. Richard Stallman Can Still Raise a Lot of Money
Give people more time (e.g. until end of January) and maybe hit the target
Good Gains for Android for GNU/Linux in New Zealand This Year
Notice that GNU/Linux rose to its highest point (this month)
2024 a Record Year for Android (Almost 50% "Market Share"), Which is Now Bigger in Europe Than Microsoft Windows
a look at Europe
Wishing for a Wikileaks Renaissance in 2025
as a site that facilitates whistleblowers, hosting large leaks
[Meme] Getting Banned From Social Control Media 2 Days or Two Weeks Before Leaving Office
Seems like interference using dinners with an insurrectionist
Jimmy Carter on Globalisation of "Tech"
Carter's legacy in the area of science (and technology)
The True Importance of Diversification
Monopoly or monoculture breed fragility
This New Talk Helps Explain Why Crimes at the European Patent Office (EPO) and Patent Policy Deficits Remain Unaddressed by the European Commission
Corporations write and enforce the law
Enshittification is Everywhere
Computer Science has been reduced to just "computer" (spyphone)
Move to GNU/Linux and Save the Planet, CCC Talk Explains
video of the talk
The Free Software Foundation (FSF) Tells Us All to "Keep Putting Pressure on Microsoft"
"Grassroots organization against a corporation as large as Microsoft is never easy"
 
Links 30/12/2024: Fentanylware (TikTok) Concerns and Aftermath of Cut Cables
Links for the day
Is Microsoft's Plundering of Africa Coming to an End?
Microsoft had many layoffs in Africa this year
Microsoft Windows Down From 23% to 20% This Year in Asia (Android Up From 54% to Almost 60%)
Less and less of Windows, more of the Linux-powered Android
15 Years Ago Mozilla Firefox Had Over 50% of the Slovakian Market, Now Google's Chrome Has Over 70%
Peaked at 72.4% earlier this year
Remembering When Photography Meant Realistic Captures of Reality, Not "Hey Hi" (AI) and 'Instagrammed' (Filtered, Manipulated)
Fake pictures predate the "hey hi" hype; Instagram in particular was full of these
Apple's Main Stronghold (North America) at Risk From GNU/Linux
Apple had several rounds of layoffs in the US this year
statCounter: Microsoft Windows Down a Percent This Year in South America, GNU/Linux Up to 3.2%
Microsoft down, freedom up
The Threat of Googlebombing and LLMs
There are many Carters, but search engines and LLMs lack the "logic" (or common sense) to tell the difference
Social Control Media (Not Just TikTok) is a "Modern Challenge" to Democracy
Society is worse off with Social Control Networks
IBM's Bad Leadership is a Threat to GNU/Linux
We worry that since Red Hat controls so much of the GNU/Linux stack difficulties at IBM will result in divestment
Putting Some Eggs in the Geminispace Basket
Do not bet on the future of the Web
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 29, 2024
IRC logs for Sunday, December 29, 2024
Gemini Links 30/12/2024: Countdown to New Year, Tinylogging, and LLM Hype
Links for the day
Incredible! Beta'News' Now Runs Ads as 'Articles' About 'Hey Hi' (AI), Written by LLMs
Does it get any more rogue than this?
Our Most Relaxing Christmas Ever?
this Christmas was our most calm every (in recent memory at least)
Bad Year for Microsoft in India (and Another All-Time Low, Windows at 12% "Market Share")
Microsoft is the next Intel
Keeping Online Even During Wars
the Internet is still quite robust
Fascistic Regimes and Their Justices Will Leverage Social Control Networks to Their Advantage (Power Grab), They Won't Protect Constituents From Them
"controlling the voices and all the narratives, including the press because they too buy into the lies that it is a communications medium"
New Year's Resolution for Techrights: No More Very Short Posts
If we publish memes, as above, then we'll try to at least contextualise them somewhat
Links 29/12/2024: Phytium Sells Chinese CPUs and Landing Gear Malfunction Crashes Plane in Korea
Links for the day
Links 29/12/2024: Facebook Wants More Bots and Slop, Whistleblowers and Bloggers Under Attack
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 28, 2024
IRC logs for Saturday, December 28, 2024
Gemini Links 29/12/2024: Supernatural Mystery and Mechanical People
Links for the day
Links 28/12/2024: Standards Emphasised, Putin Implicitly Admits Taking Down Passenger Plane
Links for the day
Links 28/12/2024: BRICS-Controlled Social Control Media Defended by GOP, "Paper Passport Is Dying"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 27, 2024
IRC logs for Friday, December 27, 2024
Links 28/12/2024: Having Bosses, Ada's Dependent Types
Links for the day