Over 2 lakh computers deployed in schools will now run on an upgraded Free and Open Source Software (FOSS)-based Operating System (OS) developed by the Kerala Infrastructure and Technology for Education (KITE). Chief Minister Pinarayi Vijayan released the upgraded KITE GNU/Linux OS Suite here on Thursday.
The OS Suite can be used as a complete computing platform not only by students and teachers in schools, but also in home computers, government offices, DTP centres and by software developers. The new OS Suite has all the important updates of the popular Ubuntu OS. It also features a lot of FOSS-based applications which are not part of the Ubuntu 20.04 repository.
The AlmaLinux OS Foundation is pulling in new members from the world of mainframes, hosting and IT services to contribute to the project and deliver a community-supported Linux compatible with Red Hat Enterprise Linux (RHEL).
The non-profit organization that oversees AlmaLinux said four new entrants had arrived, with AMD, BlackHOST, and KnownHost joining at the Silver Member level, and Sine Nomine Associates joining the Gold tier.
The foundation expects the contributions from these new members to help in bring AlmaLinux closer to full parity with RHEL.
I am making a DLNA Server to be able to stream audio, video and pictures within my house. This article will go over the details of what I have done for my system. I hope some of you can duplicate this if you need to, as well as comment on improving the server.
Chrome OS Flex is a NEW and superfast, Linux-based operating system created by Google. It is a web-first system meaning it focuses on working with web applications.
The lead developer of the bcachefs filesystem is gunning to get it accepted into the Linux kernel… again.
The story of bcachefs is quite long-running, and this isn't the first time – nor even the first time this year the project has attempted this. The filesystem has been around for a while; The Reg first reported on it in 2015. But it looks like it's getting closer to its goal.
Filesystems are serious stuff, and getting them right takes time. As of November 2021, bcachefs gained snapshot support. With the latest update, the on-disk structures have changed. This means that when you mount a volume, the driver will update the format – so you can't go back. This is the sort of issue that would hinder integration into the mainline kernel.
Bcachefs grew out of the existing bcache module, which allows you to use a fast drive (probably an SSD) as a cache for a slower drive, such as a RAID volume. It's more complex than it sounds, which, as ever, shows up if it goes wrong.
Today we’re a Lavapipe blog.
Lavapipe is, of course, the software implementation of Vulkan that ships with Mesa, originally braindumped directly into the repo by graphics god and part-time Twitter executive, Dave Airlie. For a long time, the Lavapipe meme has been “Try it on Lavapipe—it’s not conformant, but it still works pretty good haha” and we’ve all had a good chuckle at the idea that anything not officially signed and stamped by Khronos could ever draw a single triangle properly.
But, pending a single MR that fixes the four outstanding failures for Vulkan 1.2 conformance, as of last week, Lavapipe passes 100% of conformance tests. Thus, pending a merge and a Mesa bugfix release, Lavapipe will achieve official conformance.
And then we’ll have a new meme: Vulkan 1.3 When?
With this quick article I want to share my discovery of the amazing Razer hardware, and why I think it is an excellent choice for Linux users. Before I discuss the main topic of this article, I want to take a step back. I am aware that not everyone is a fan of mechanical keyboards and gaming mice. Switching from a normal keyboard to a mechanical keyboard, and from a regular mouse to a gaming one, is a quality of life improvement that cannot be described with words. My personal opinion is that the relatively low price and great impact in everyday computing is totally worth the cost. But you don’t have to take my word. Instead, I encourage everyone to go out to a store that sells mechanical keyboards and gaming mice, and give them a quick try.
Linux is a very stable operating system with strong security features. On several occasions, we may need to observe the performance of our system, maybe because of some technical glitch or as a part of a routine health checkup. Performance measurement gives us a quick insight into how our system is doing, e.g. performance logs can tell us what processes are running, how much memory is in use, how much CPU is being used etc. This information also helps us in making decisions related to effective resource planning, debugging system issues etc. Most Linux distros provide command-line tools and graphical ones to accomplish this task. Some of these come pre-shipped with the OS and some may need to be installed. These tools are classified as either real-time monitoring tools or log-based tools.
OpManager is an outstanding platform for network and device monitoring. Jack Wallen shows you how to get it up and running on Linux.
In this tutorial, you will learn how to install and setup Teleport access plane on Linux. According to the documentation page, Teleport is a Certificate Authority and an Access Plane for your infrastructure.
Today we are looking at how to install Jamovi on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
In this tutorial, you will learn how to install and setup Teleport access plane on Linux. According to the documentation page, Teleport is a Certificate
Having a separate remote Linux server for storing logs has its benefits. Here's how you can set up a remote log aggregation server using rsyslog.
In this tutorial, we will show you how to install Squid Proxy on Debian 11. For those of you who didn’t know, Squid is one of the most used proxy servers for controlling internet access from the local network and securing the network from illegitimate traffic and attacks. Squid also reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Squid Proxy on a Debian 11 (Bullseye).
Ansible is an automation platform used in the area of orchestration, configuration management, deployments, provisioning, etc. If you are a beginner who wants to learn ansible or someone planning to take ansible certification, then you need to have a home lab setup to practice ansible. Setting up a home lab manually is a time-consuming task. There are a couple of automated solutions like Docker, Vagrant, Cloud solutions that can be used to build the ansible lab. In this guide, we will learn an automated way to setup Ansible lab with Vagrant and VirtualBox in Linux.
Zammad is a web-based, open source user support/ticketing solution. It is an open source web based helpdesk and customer support system build to help you manage customer communications via several channels like twitter, telephone, chat, facebook, and e-mails. The Zammad helpdesk software is released under GNU AGPLv3 license. With its REST API, you can link other programs easily and get real-time information on all your channels and operations.
Zammad is developed in the programming languages Ruby and JavaScript. The name Zammad comes from the Bavarian dialect and means “together”.
Let’s Encrypt is a certificate authority (CA) that provides free certificates for Transport Layer Security (TLS) encryption. It simplifies the process of creation, validation, signing, installation, and renewal of certificates by providing a software client—Certbot.
It was developed by the Internet Security Research Group (ISRG) and trusted by all major browsers. It is used to automate the process of certificate creation, validation, signing, implementation, and renewal of certificates for secure websites.
The certificate is valid for only 90 days, so you will need to renew it manually or or set up the auto renewal system,
Let’s encrypt supports automated certification issuance for Apache, Nginx, Plex, and HAproxy. We will cover nginx in this guide.
OpenCart is a free shopping cart system and is one of the most popular open-source carts. It is a complete website solution that provides not only an ecommerce platform, but also an administration system to control your online store, and secure it against hackers . OpenCart includes all the features you would expect from a high-quality ecommerce system, including order management, real-time stock updates, full SEO support, shopping cart functionality – plus many others. OpenCart is backed by an enthusiastic team of developers who are always working on new bug fixes and solutions to keep the cart up-to-date with current technologies.
OpenCart online shopping cart system built upon Adobe’s ColdFusion framework, featuring a multitude of additional features over other carts such as: advanced product search engine; customizable templates; customer loyalty programs, and a whole lot more!
OpenCart makes it easy to get your site up and running within a few minutes – whether you are new to e-commerce or not. It’s also one of the most comprehensive solutions on the market today and has an excellent reputation.
Tutorial to learn the steps and commands for installing LibreNMS on Debian 11 Bullseye or Debian 10 Buster Linux using command terminal to monitor network devices.
The monitoring of network environments is becoming more and more demanding as the complexity increases. Powerful systems such as LibreNMS usually provide a solid basic functionality, but they are often overwhelmed with special tasks such as monitoring or backing up configurations. LibreNMS has long integrated RANCID (Really Awesome New Cisco Config Differ), which specializes in monitoring Cisco router configurations. Using a simple router table with the login data stored there, the tool gains access to the configuration settings and can inform the administrator of any changes by e-mail.
LibreNMS is an open-source network monitoring system that can also graphically process the determined network data. In addition, the tool has a warning system that can also be used together with other tools. LibreNMS can be controlled with apps via Android and iPhone.
PhotoRec is an open-source software utility to recover lost or deleted media files like photos, videos, documents, etc from CD-ROMs, Hard disks, and digital camera memory. PhotoRec is associated with TestDisk. The TestDisk is used to recover deleted partitions and make non-bootable disks bootable again and photoRec recovers deleted media files or document files. It supports and can recover more than 480 file extensions.
When you accidentally deleted the file you better not add more media or document files to that memory or hard drive as you might overwrite your lost data. In this article, we will install and use PhotoRec to recover deleted files in ubuntu 20.04 LTS.
Fastpanel is a web-hosting control panel. It provides web-based intuitive, point-and-click interfaces for common tasks such as transferring files, installing applications, updating PHP versions, and creating email accounts.
Fastpanel is written in PHP5, uses the PEAR DB database layer, and includes over 100 database functions (including MySQL-specific functions such as “orelse” or “bcp”) as well as a large number of other useful functions (including file management, image conversion, HTTP authentication, and session handling). Fastpanel is compatible with all major web servers on Unix/Linux platforms: Apache 1.3+, Nginx 0.7+, and Lighttpd 1.5+.
Have you ever wanted to install FastPanel on Ubuntu? Have you been scared to try it because you thought it would be a huge pain to get started? We’ve done all the hard work for you. Read this guide, then follow along, step by step. In no time, FastPanel will be up and running on your Ubuntu server in minutes.
In this video, I am going to show how to install Clear Linux 36010.
In this tutorial, we will show you how to install Vuze on Ubuntu 20.04 LTS. For those of you who didn’t know, Vuze is the easiest to use and the best torrent download software on the internet. Vuze is written in Java and uses the Azureus Engine. It’s a cross-platform application available for Microsoft Windows, Linux, macOS, and Android.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Vuze BitTorrent client on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Starting a new training series? You may find the fast-paced sysadmin life changes how you learn and retain information.
Most of my recent IT career has been about fighting fires and being pulled into time-sensitive projects. I have strong analytical and troubleshooting skills, and I understand the basics of how my organization operates. I've learned through trial-by-fire, as I battle split-brain clusters and broken storage arrays. When I decided to start new a training series for my position, though, I worried that I might not know how to study effectively anymore.
I've been juggling about five classes and planning for two upcoming trips. Due to these interruptions, I found myself at a loss every time I went back to my classes. For me, repetition is key, so I am now on my third pass through my lesson plans. I've reworked every exercise and lab along the way. I am discovering that, as I get into each exercise, all my older knowledge comes back.
Hostname is the name or label of a computer or a network device. Computer or network device has it own IP address but it is very difficult for the humans to remember it that’s why hostname is set on computer and network devices. Hostname is a human readable string which one can easily remember.
The su command is a special Linux command that allows you to run a command as another user and group. It also allows you to switch to the root account (if run without any arguments) or another specified user account.
All users by default are allowed to access the su command. But as a system administrator, you can disable su access for a user or group of users, using the sudoers file as explained below.
The sudoers file drives the sudo security policy plugin which determines a user’s sudo privileges. The sudo command allows users to run programs with the security privileges of another user (by default, as the root user).
Grafana is a multi-platform open-source analytics and visualization platform to monitor computer systems. Grafana lets you create and share dashboards and has a thriving ecosystem of over 100 plugins for data collection, storage, visualization, and sharing.
In this article, we’re going to show you how to install Grafana on Ubuntu 20.04 so that you can get the most out of your data. So let’s get started with the setup!
I hope you read all the previous Zorin OS tutorials so you already know how to create a bootable USB drive with Zorin OS and how to start and use the Zorin OS Live environment. Based on that experience it should be relatively easy to start the actual installation process and successfully install Zorin OS on your computer. The icon to start the installation process is already available and ready to use on the desktop of your Zorin OS live environment, or you can choose to install directly after you booted from the USB drive. So in this tutorial I will explain how to install Zorin OS on a PC or Mac.
System76 had unveiled their new Kudu laptop earlier in February. I was fortunate enough to be able to get a review unit (albeit it’s not new; it’s refurbished. I didn’t get any stickers!). Featuring a Ryzen 9 5900HX processor and a RTX 3060, I’m once again a spoiled gamer for just a few weeks. It’s fairly similar to the Tuxedo Stellaris I had reviewed several months ago, with the same processor, same RAM capacity, same storage, but a few classes behind on the RTX family. Here’s my thoughts on the device.
We have been covering this topic for a long time, and Google has finally admitted that Steam is on its way to ChromeOS. Short of an actual release, it’s a confirmation, validating one of our predictions for 2021, albeit a little late. It all happened during the Google for Games Developer Summit, shown in one of the slides without too much of specific comments about it...
Home Wind released into Early Access recently as a free city-builder, although not really like many others as it takes a much more relaxed approach. Tested on Linux with Proton 7, it works perfectly.
It actually reminds me of ISLANDERS, in fact the basic mechanics are very close, with you placing down buildings trying to build up a score by what they're near. Not particularly challenging but that's the point. Home Wind wants you to slow down, make a cuppa and build up some points as you stare at its lovely hand-painted styled artwork and I'm all for it.
While Elgato continue to ignore the Linux market, developers from around the community end up creating applications to fill the gap. Now there's Boatswain, which allows Linux users to control Elgato Stream Deck devices.
It's not the first of its kind, with streamdeck_ui also being an option (I covered it back in 2019) that is still being updated. More options are good though! Why make a new one anyway? In a blog post, the developer mentioned they "did not find these apps adequate to my usage".
If you want to revamp your Linux desktop, you might overlook the icon design, which forms an integral part of a system's theme. However, an eye-catching icon theme accentuates your desktop design and makes computing aesthetic and engrossing.
Whether you are new to Linux customization or continue to be a seasoned user, you can't oversee these nine icon packs to give your desktop environment a facelift.
KStars v3.5.8 is released on 2022.03.19 for MacOS, Linux, and Windows. This is a mostly bugfix release with a couple of exciting new features.
Libadwaita 1.1 and Libhandy 1.6 are now released to match the upcoming GNOME 42.
Update on what happened across the GNOME project in the week from March 11 to March 18.
This month has had a big focus on music! I just released a 4 track EP called Rust In Peace, which you can listen to on various popular music platforms and (better still) download it from Bandcamp.
The COVID19 pandemic is not over (I can name 5 folk who have been COVID+ just this week), but its effects on society are becoming less, to the point I could even do a launch gig for the EP in the amazing Café Arume in Santiago – my first real “gig” since 2018.
[..]
I am also hoping to travel to Italy next month to attend Linux App Summit 2022 in person, so, see you there? Talk submissions for LAS (online + face to face) are open until midnight tonight (18th March), so perhaps its not too late to submit a talk or lightning talk!
Here we are, on the Friday before the flagship GPU Technology Conference hosted by Nvidia is set to kick off. And we are without a doubt excited in anticipation of what we conjecture will be a deluge of compute and networking hardware and puzzling over what this Omniverse really means (like many of you).
But for some reason, out thoughts keep coming back to software, and how Nvidia is building out an increasingly complete and ornate set of systems software to run HPC, AI, data analytics, visualization, and now world-simulating applications.
Another week filled with 7 snapshots, and this despite of one snapshot being discarded. We have published 0310, 0311, 0312, 0313, 0314, 0316, and 0317 (0315 was skipped due to some elevated risk of braking systems with a dracut update; maintainers are looking into this)
Introducing students to modern computing systems can be complicated and challenging. When Boston University faculty members Jonathan Appavoo, computer science (CS) professor, and Orran Krieger, electrical and computer engineering (ECE) professor, were looking for a new, simplified way to educate their students on the critical concepts of computing systems, they turned to Red Hat OpenShift Data Science.
Red Hat OpenShift Data Science provided theCS and ECE departments at Boston University a scalable environment for students while ensuring a personalized Linux playground that only requires a web browser to get started and provides a platform for hosting open source textbook and interactive lectures.
How do you determine if your Red Hat Enterprise Linux (RHEL) infrastructure is compliant with security standards? Today, it’s entirely possible that you are using OpenSCAP to scan your RHEL hosts to find out if they meet a particular security policy.
Unfortunately, this gets complicated fast.
Consider this situation: The security team wants to implement a specific policy that contains hundreds of rules. However, it determines that specific rules do not apply and should not be scanned. Furthermore, the policy may have several rules that apply to a particular version of a host. That same policy may have another number of rules that apply to a different version of the host.
In the 1990s, open source was generally viewed as experimental approach to software development mostly used by research and academic communities on emerging projects like the Internet and Linux. Open source has since evolved to become a well-accepted model of economic production across just about all private- and public-sector communities around the world. But, while widely used, what’s been the economic impact of open source on nations and firms? This question was addressed in a recent study on the impact of open source on the European economy.
“The increasing relevance of Open Source (OS) during the last two decades requires an update of an in-depth analysis of its current role, position and its potential for the European economy,” said the European Commission (EC) in its report on The impact of open source software and hardware on technological independence, competitiveness and innovation in the EU economy.
“Whereas Open Source Software (OSS) has become mainstream across all sectors of the software industry during the past 20 years, Open Source Hardware (OSH) is still in an emerging phase. However, the business ecosystem for OSH is developing.”
The EC conducted a comprehensive analysis of the commercial uses, costs, and benefits of OSS and OSH. “On the basis of this information, the study assesses the potential for the European Union (EU) to achieve its policy goals (including economic growth, greater competitiveness, innovation, and job creation) through the use, promotion and support of OSS and OSH.”
The report includes a detailed, quantitative cost-benefit analysis of the economic impact of open source investments; a survey on the views of over 900 stakeholders; a number of concrete case studies; and several public policy recommendations to the EC and the EU members countries. Let me summarize each of these areas.
According to the U.S. Labor Department, there were 11.3 million job openings at the end of January 2022. This reflects a fact that many of us already know: There is an enormous demand for talent across all industries. Tech leaders must continuously find new ways to retain and attract the best talent to compete.
Over the past three years, no single trend has influenced the world around us more than digital transformation. From remote work to emerging technologies to a dramatic expansion of e-commerce solutions, people and organizations throughout the world are exploring new ways to automate their everyday lives in pursuit of improved performance and efficiency.
Setting goals for automation and digitalization may seem simple, but the nuts and bolts of their implementation can be surprisingly complicated. A digital transformation initiative could be hampered by the transition from legacy technologies, cybersecurity risks, or even just employees who are resistant to change.
Even a limited transformation involves tremendous complexity, as IT teams must navigate hybrid work environments, a combination of company-owned and private devices, and a growing range of third-party microservices that can help to automate individual business functions.
LMDE or Linux Mint Debian Edition 5 “Elsie” Is Now Available For Download
Linux Mint Debian Edition 5 is based on the Debian GNU/Linux 11 “Bullseye”. You will find Linux 5.10 LTS kernel in LMDE 5. Linux Mint Debian Edition 5 will have a Cinnamon 5.2 desktop environment by default.
Registration for DebConf22 is now open. The the 23rd edition of DebConf will take place from July 17th to 24th, 2022 at the Innovation and Training Park (ITP) in Prizren, Kosovo, and will be preceded by DebCamp, from July 10th to 16th.
Along with the registration, the DebConf content team announced the call for proposals. Deadline to submit a proposal to be considered in the main schedule is April 15th, 2022 23:59:59 UTC (Friday).
DebConf is an event open to everyone, no matter how you identify yourself or how others perceive you. We want to increase visibility of our diversity and work towards inclusion at Debian Project, drawing our attendees from people just starting their Debian journey, to seasoned Debian Developers or active contributors in different areas like packaging, translation, documentation, artwork, testing, specialized derivatives, user support and many other. In other words, all are welcome.
I'm happy to announce the Debian Clojure Team will hold a remote sprint from May 13th to May 14th 2022.
The goal of this sprint is to improve various aspects of the Clojure ecosystem in Debian. As such, everyone is welcome to participate!
Debci exist to make sure packages work currently after an update, How it does this is by testing all of the packages that have tests written in them to make sure it works and nothing is broken This project entails making improvements to the platform to make it easier to use and maintain.
This personalisation staple is found in many other desktop environments and operating systems out there, including macOS and Windows 11. But a similar feature had, until now, not been offered in Ubuntu.
However, thanks to a spurt of last minute activity Ubuntu developers managed to land all of the pieces required to get the feature working in Ubuntu 22.04 (ahead of that all-important user-interface freeze deadline, the point past which no major UI changes should be made to Ubuntu without a very good reason).
If you are a Ubuntu user then you must be eagerly waiting for the release of Ubuntu 22.04 LTS. Ubuntu 22.04 LTS is the upcoming LTS version from Ubuntu. Meanwhile, at the moment the new default wallpaper that you will see in the upcoming Ubuntu 22.04 LTS release has been revealed.
Ubuntu 22.04 LTS is the latest version from Ubuntu that is going to be made available in 2022. Ubuntu 22.04 LTS ‘Jammy Jellyfish’, will be made available on April 21, 2022. Ubuntu 22.04 LTS is the Long Term Support release.
LibreOffice is made by a worldwide community of volunteers, certified developers and many other people. Every summer, we participate in the Google Summer of Code programme: this is focused on introducing contributors to open source software development, and last year LibreOffice received a bunch of new features and improvements thanks to the work of several contributors.
Over on the Software Freedom Conservancy blog, Bradley M. Kuhn considers the question of the interaction between copyleft and the "ethical source" effort that seeks to use copyleft-like licensing to bring about additional changes, beyond just software freedom; the Hippocratic License is an example of such a license. In his view, copyleft and ethical software are not really compatible, even though many in free-software world (including Kuhn) are highly sympathetic to the goals, especially in light of the recent invasion of Ukraine by Russia.
Erin was experimenting with old fashioned web technology and discovered you can just serve files with a regular web server, like straight from a directory, and these web servers are like free and super easy to set up.
If you’re a programmer or a software developer, or even more if you work in a field where you need to interact a lot with Git, there is no donut you’ve been looking for tools that can reduce the workload for you and can automate some of your repetitive tasks. Git is mostly used for storing software codes, revising the codes, distributing them to many clients. These tasks might sound easy to do, but in the real world, with a time limitation, you might need to be more efficient while handling Git. There are many authentic Git GUI tools and Git extensions for both Linux, Windows, and Mac that can genuinely reduce a huge amount of your load.
[...]
GitKraken is one of the oldest and most user-friendly GUI Git tools for both Linux, Mac, and Windows. It has the GIT integration for VS Code, Jira, and the desktop client. This tool provides you with 7 days of full pro features to explore the application before you make a full purchase. The commit node history of the GitKraken tool allows you to see the nodes, file trees in the Git directory. You can easily maintain the Git repository’s recent changes and track your files on the Git universe.
Victor Shepelev, known as @zverok on Twitter and GitHub, is a Ruby developer and software architect who lives in Kharkiv, Ukraine. Since Russia invaded his country on February 24, 2022, he's had more pressing concerns than writing code, such as keeping his family safe and helping his fellow citizens survive.
In a blog post on Tuesday, he wrote about his situation in the hope that public attention will encourage international political action to help Ukraine prevail.
Kharkiv (Ã¥ðÃÂÃâ¬ÃºÃâò in Ukrainian) is the second largest city in Ukraine and home to about 1.4 million people, or about 2.6 million if you count the entire province (oblast), at least in peacetime. Therein, one can find the Derzhprom building and Freedom Square, Pokrovskyi Monastery, Dormition Cathedral, the Kharkiv Zoo, and numerous other landmarks now eclipsed by Ukraine's collective struggle to survive. For locals, the Kharkiv Metro has become a destination for its resilience against Russian bombs.
For several years, I spent much time writing code for the Raspberry Pi, including hardware level register C code so that we can use various Integrated Circuit chips and sensors with Perl.
A couple of years ago, I acquired much larger and much more expensive toy, an all-wheel drive, full auto-pilot Tesla Model-X SUV, so of course, I want to write Perl code to access and manipulate it.
In the ensuing two years, I developed several microcontroller-based devices for the car, including one that knows where the car is, and its battery charge and state, and dispslays this information via an LED light strip and an OLED screen inside of my garage, along with an audible alarm that sounds for 1/8th of a second every three seconds if the battery is below a certain threshold so I don't forget to plug the charger in.
Traveling, in one way or another, is a series of belts. Perhaps you’re traveling in a car, and you’re putting on a seat belt to ensure your safety. Perhaps you’re one of those infamous customers of size on an airplane and you’re forced to ask the flight attendant for a seat belt extender. Maybe you’re just walking around town with your Chrome Industries bag, which features a prominent seat belt buckle. Either way, the seat belt has become a key part of our lives, a strap of nylon webbing that has saved a whole lot of lives in the roughly 100 or so years since they’ve been embedded into the mainstream. But at a time of year when weekend road trips are likely to be picking up (well, at least with electric vehicles, something about gas prices), now’s a good time as any to talk about ’em. Buckle up, because today’s Tedium is all about seat belts.
The US Court of Appeals for the Ninth Circuit in February affirmed a lower court decision concluding that it’s false advertising to claim that software is “open source” when it’s not licensed under an open source license. The court’s decision last month held that the defendants, The Graph Foundation, PureThink and iGov misrepresented ONgDB as a free version of Neo4j EE licensed under the APGLv3, and that the price differential was likely to influence customers’ purchasing decisions. By adding the non-free Commons Clause the software could not be characterized as “open source”, therefore advertising it to be so was unlawful false advertising.
Last year, the Graph Foundation had to rethink how it develops and distributes its Open Native Graph Database (ONgDB) after it settled a trademark and copyright claim by database biz Neo4j.
The Graph Foundation agreed [PDF] it would no longer claim specific versions of ONgDB, its Neo4j Enterprise Edition fork, are a "100 percent free and open source version" of Neo4J EE. And last month, two other companies challenged by Neo4j – PureThink and iGov – were also required by a court ruling to make similar concessions.
ONgDB is forked from Neo4j EE, which in May 2018 dropped the GNU Affero General Public License (AGPL) and adopted a new license that incorporates the AGPLv3 alongside additional limitations spelled out in the Commons Clause license. This new Neo4j EE license forbade non-paying users of the software from reselling the code or offering some support services, and thus is not open source as defined by the Open Source Initiative.
A new Cloud Native Developer Bootcamp has been launched by the Linux Foundation and the Cloud Native Computing Foundation (CNCF).
American Virtual Cloud Technologies, Inc.’s (Nasdaq: AVCT) announced that its Kandy Communications business unit (Kandy), has joined the new, open source project: “CAMARA - The Telco Global API Alliance.” The global partnership will address challenges in porting and reproducing API services across heterogenous operator and cloud architectures. Kandy provides global carrier/operator grade white-label cloud communications services including CPaaS, UCaaS, CCaaS, Microsoft Teams Direct Routing as a Service, SIP Trunking services, and a rich portfolio of real-time communications APIs and supporting functions.
CAMARA is the latest project introduced by The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and by the GSMA, a global organization unifying the mobile ecosystem to discover, develop, and deliver innovation foundational to positive business environments and societal change.
We’re months into the disclosure of the log4j vulnerability and new attacks are still popping up. Cybersecurity researchers from Qihoo 360, a Chinese cybersecurity company, have just discovered a new Linux botnet, taking advantage of the flaw to distribute rootkits and steal sensitive data.
They named the botnet B1txor20, and claim it uses the log4j vulnerability to target Linux Arm and 64-bit x86 systems.
"In addition to traditional backdoor functions, B1txor20 also has functions such as opening a Socket5 proxy and remotely downloading and installing a rootkit," the researchers said.
Security updates have been issued by Debian (python-treq), Fedora (openvpn, pesign, rust-regex, and thunderbird), Oracle (expat), Red Hat (kpatch-patch-4_18_0-147_58_1), Slackware (bind and openssl), SUSE (python-lxml), and Ubuntu (apache2).
Jason Donenfeld has published a lengthy look at the changes to the Linux random-number generator (RNG) for Linux 5.17 and the upcoming 5.18 kernel. It covers his efforts "to modernize both the code and the cryptography used" and also peers into the future for changes that may be coming.
The random number generator has undergone a few important changes for Linux 5.17 and 5.18, in an attempt to modernize both the code and the cryptography used. The smaller part of these will be released with 5.17 on Sunday, while the larger part will be merged into 5.18 on Monday, which should receive its first release candidate in a few weeks and a release in a few months.
As I wrote to Linus in the 5.18-rc1 pull request yesterday, the goal has been to shore up the RNG’s existing design with as much incremental rigor as possible, without, for now, changing anything fundamental to how the RNG behaves. It still counts entropy bits and has the same set of entropy sources as before. But, the underlying algorithms that turn those entropy sources into cryptographically secure random numbers have been overhauled. This is very much an incremental approach toward modernization. There’s a wide array of things that can be tackled in the RNG, but for the first steps, accomplished in 5.17 and 5.18, the focus has been on evolutionarily improving the existing RNG design.
CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers.
Up next is the announcement of another Linux Kernel vulnerability, CVE-2022-25636, this one an out-of-bounds write in the Linux firewall code. If you’re suddenly having heart palpitations at the thought of Remote Code Execution, try to relax. This flaw is serious, but just like DirtyPipe we covered last week, it’s entirely limited to a local user account that can run shell commands. A pair of tricks allows any user the ability to trigger the flaw with any hardware, meaning that it’s a straightforward elevation of privileges.
Whitney is joined by Robbie Martin and researcher “Gumby” to unpack what we actually know about the US-funded biolabs in Ukraine and how the programs behind these labs originated with suspect “bioterror” claims at the end of the Cold War.
The current geopolitical moment has prompted digital services to confront state-backed information warfare on the Internet as never before. In the wake of the Russian invasion of Ukraine, multinational digital services immediately responded to protect their users in Ukraine, Russia, and beyond. These efforts involved partnering with the U.S., EU, and Ukraine against security and information threats emerging from Russia and Belarus. That response is ongoing, but the evolving regulatory environment in the United States — including legislation being considered in Congress — raises questions about whether those steps could continue.
In response to the ongoing crisis, digital services have taken multiple actions. In addition to compliance with U.S. Government sanctions, digital services have suspended numerous products and services including payment systems operations in Russia, blocked Russian state media from their sites, and suspended advertising in Ukraine and Russia.€¹ Many of these actions were proactive; some were carried out in partnership with governments, including the Ukrainian Prime Minister, among other policymakers.
Companies are also working to ensure the safe availability of basic technological tools like apps for secured communications and private browsing, providing avenues for people in Russia, Ukraine, and elsewhere to receive truthful and reliable information about the war. For example, while the Russian government has sought to block access to legitimate Western news websites, press freedom advocates have enabled Russian and Ukrainian citizens to access news reports via VPN, messaging apps, and even creative applications of shortwave radio. As a State Department spokesperson told the Washington Post, “It is critical to maintain the flow of information to the people of Russia to the fullest extent possible”. This underscores how critical it is that digital services remain agile and capable of making timely and nuanced decisions about how to help people in the region learn the truth about the Russian government’s increasingly brutal offensive against its neighbor.
Across our global oceans, coastal communities are suffering as populations of sharks, rays, dolphins and other wildlife are decimated by industrial fishing. Huge fishing fleets targeting squid, a species that plays a vital role in the ocean food web, are industrialising international waters.
The importance of cephalopods in sustaining marine ecosystems cannot be overstated. Worldwide, they are a key component of food webs, providing a major prey source for coveted fish species like tunas and salmon, cetaceans like dolphins, sea lions and whales, and a variety of seabirds.
Squids in the Spotlight uncovers the huge scale of the global squid fishery, which has grown over 10-fold since 1950 to almost 5 million tonnes annually in the last decade and is now jeopardising marine ecosystems around the world. Operating out-of-sight in international waters, the meteoric rise of squid fishing and resulting demand for the species has no historical precedent, with some areas seeing a more than 800% increase in the number of vessels in just the last five years.
The signatories to this letter deplore Russia’s invasion of Ukraine, condemn in the strongest possible terms the grave violations committed by Russian forces there, and applaud efforts by the Biden Administration and other governments to respond with strong and targeted measures. However, we write to express our concerns about growing calls to interfere with the Russian people’s access to the internet, which we fear will hurt individuals attempting to organize in opposition to the war, report openly and honestly on events in Russia, and access information about what is happening in Ukraine and abroad. These measures could also unnecessarily facilitate further repression by the Russian government.
Some governments, including the U.S. government, may be considering disrupting internet access in Russia through new sanctions. There is also increasing pressure, internally and externally, on information and communications technology vendors like internet, telecommunications, and cloud service providers to voluntarily restrict or block access by users in Russia. Moreover, Ukraine has made repeated requests along these lines. (These include requests to the Internet Corporation for Assigned Names and Numbers (ICANN), the International Telecommunication Union, and other bodies.)
Today, Senators Thom Tillis (R-NC) and Patrick Leahy (D-VT) introduced the “Strengthening Measures to Advance Rights Technologies (SMART) Copyright Act of 2022.” The bill forces every digital platform or website that allows for user-generated, uploaded content to use content monitoring software designated by the Copyright Office to avoid facing copyright infringement claims. Public Knowledge opposes the bill due to its reliance on government technology mandates; the lack of technical expertise within the Copyright Office; and unconstitutional delegation of authority to a non-expert agency within the legislative branch.
The following can be attributed to Nicholas Garcia, Policy Counsel at Public Knowledge:
“This bill is the latest example of legislation that threatens the vibrant, open, and innovative internet in the name of intellectual property protection. This bill will force digital platforms and websites to implement technical measures that monitor all content that users upload, automatically scrutinizing everything we write, create, and upload online for the sake of copyright protection.