Bonum Certa Men Certa

Links 22/3/2022: CrossOver 21.2 and NVIDIA Developer Kit



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • The Register UKNew Linux kernel has improved random-number generation ● The Register

        A significant rewrite of the Linux kernel's random-number generator is underway, ensuring Linux-based cryptography is a bit more secure, particularly in virtual machines, and some software a bit smoother to run.

        As outlined by the author of the changes, Jason A Donenfeld, the newly released kernel 5.17 contains the first stage of the big rewrite, but more will follow in 5.18. Among other changes, the /dev/random and /dev/urandom devices now do exactly the same. This brings the Linux kernel in line with FreeBSD and macOS.

        The code is contained in a module called random.c, originally written by Ted T'so for kernel 1.3 in 1994. It implements a Unix-style special character device called /dev/random which gives a stream of pseudorandom data. Building this into the kernel was a big deal, and the /dev/random device was adopted into DEC/Compaq Tru64, FreeBSD, HP-UX, IBM AIX, NetBSD, macOS, SGI IRIX, and Sun Solaris. This might make it one of the single most widely influential new features from Linux onto the broader Unix world.

        Generating truly random numbers in pure software is non-trivial. If you run the same code repeatedly with the same inputs, it should produce the same results. Thus if you write a program to output random numbers, it'll produce a predictable, pseudorandom stream of values. If you can predict the output, you can figure out how software using it is going to work and, for instance, break encryption based on it. Researchers managed this for Windows 2000, for instance.

    • Applications

    • Instructionals/Technical

      • How To Install Proxmox VE On Debian 11 Bullseye In Intel NUC

        A few days ago, we discussed how to install Proxmox VE standalone edition. Today, we will see how to install Proxmox VE on Debian 11 bullseye in an Intel NUC mini PC and access Proxmox web dashboard. In addition, we will also discuss how to create a network bridge and how to setup Wireless network card as a bridge.

      • HowTo ForgeHow to Install Adminer MySQL Database Management Tool on Alma Linux 8 - LinuxBuz

        Adminer is a full-featured database management tool written in PHP used for managing several databases including, MySQL, MariaDB, PostgreSQL, SQLite, MS SQL, Oracle, Elasticsearch, MongoDB, and more.

      • How to set up a VPN on Linux – ThisHosting.Rocks

        In this tutorial, we’re going to show you how to set up a VPN on Linux and why you’d need one.

        From our previous articles, you already know what a VPN is, if it’s necessary on Linux, and even how to set up OpenVPN on Ubuntu. In this article, we’re going to show you how to set up a VPN on Ubuntu from a specific VPN provider with their own VPN client, not setting up OpenVPN yourself.

      • H2S MediaHow to install Backdrop CMS on Ubuntu 22.04 Jammy - Linux Shout

        Here we learn the commands to install Backdrop CMS on Ubuntu 22.04 LTS Jammy JellyFish using the terminal.

        Backdrop CMS is a lightweight, feature-rich, and very user-friendly content management system. Designed specifically for small businesses, organizations, and educational institutions, the Drupal fork positions itself as an alternative between WordPress and Drupal. It is a system that already has the most important functions and is extremely easy to use. At the same time, Backdrop CMS offers enough reserves for tailor-made requests and more ambitious development projects.

      • How to Restrict Internet Access to a Single Program on Arch Linux with Firejail - Fasterland

        Sometimes, we may need to restrict the internet access to a single application both for security reasons or testing purposes.

        On Linux, there are different ways to restrict the internet access to a single program. Unfortunately, most of them, are not straightforward at all.

      • How to Restore Corrupt SQL Server Database on Linux? - LinuxTechLab [Ed: Better yet, replace it with a good database which is actually Free software]

        Do you want to recover a damaged/corrupted SQL Server database on Linux? This article explains in detail how to restore a corrupt SQL database on Linux from the backup and by using a professional SQL recovery tool.

      • OSNoteHow to Install and Use Podman on Rocky Linux 8 – OSNote

        Podman is a free and open-source daemonless container engine that was developed by RedHat. It exists to help developers manage and deploy their applications in a Linux environment. Similar to the Kubernetes platform, Podman works with pods. Podman seeks to be the alternative to the Docker engine which is also a containerization platform. Podman improves on Docker by decentralizing the components needed for container management. Podman has a few distinguishing differences, the main one being its architecture. It runs on a daemonless architecture.

    • Wine or Emulation

      • Announcing CrossOver 21.2.0

        I’m thrilled to announce that we have released CrossOver 21.2 for macOS, Linux and Chrome OS!

        This new release offers both improvements from upstream Wine and important fixes for a variety of issues.

        CrossOver 21.2 includes over 300 updates to wined3d from upstream Wine. We also included dozens of changes from Wine 6.0.1 and 6.0.2 and updated to Wine Mono 7.0.

        Audio now works on both Mac and Linux for Halo: Master Chief Collection. We also fixed an issue with a recent Steam update that was causing some connections to take a very long time.

        On macOS, we fixed a long-standing issue with mouse control in Unity games. We also included fixes for the latest Rockstar Games Launcher and Quicken updates that caused those applications to stop working on M1 machines.

        For our Linux and Chrome OS users, we fixed rendering issues on Office 365. We also made changes so that CrossOver once again seamlessly installs on Chrome OS, and we added a fix for libldap dependency errors on certain Linux distros (including Ubuntu 21.10).

    • Games

    • Distributions

      • Barry KaulerEasyOS: Enchant spell checking fixed

        Forum member 'proebler' reported that when the geany text editor extra-plugins package is installed (via the package manager), the spell-checking plugin does not work.

      • IBM/Red Hat/Fedora

        • OpenSource.comGet started with reactive programming with Kotlin on Quarkus | Opensource.com

          Moving to the cloud with event-driven architecture raises big concerns for enterprises using multiple programming languages such as Java, C#, JavaScript, Scala, and Groovy to implement business requirements. Because enterprises need to redesign multiple architectures for container deployment separately and put more effort into optimizing production on the cloud, developers often must learn a new programming language in line with the production environment. For example, Java developers have to switch their skill sets to Node.Js to develop lightweight event-front applications.

          Kotlin addresses these issues and targets various developers who deploy business applications with multiple programming languages on top of Java Virtual Machine (JVM). Kotlin handles these issues with both imperative and reactive approaches. However, there's still a hustle to catch up on Kotlin's new syntax and APIs, especially for Java developers. Luckily, the Quarkus Kotlin extension makes it easier for developers to implement Kotlin applications.

        • Red Hat Official8 steps for estimating a cloud application's resource requirements | Enable Sysadmin

          Learn how to calculate a cloud application's resource needs correctly, in order to minimize common operational issues in production.

        • Enterprisers ProjectAutomation and digital transformation: 3 ways they go together

          Automation and digital transformation (DX) have become one of IT’s dynamic duos: Where you see or hear one, the other seems sure to follow.

          They’re certainly linked by their priority and popularity in IT and business circles. Automation and DX have been atop the strategic roadmaps of CIOs and other leaders for years now. Digital transformation has become an industry unto itself, and few CIOs have “automate less” highlighted on their strategic roadmap.

          But do they always go hand-in-hand? What’s the actual relationship between IT automation and DX? Answers to questions like this require more context and nuance.

        • FedoraCollecting ideas for "Feature Spotlight" articles – Fedora Community Blog

          How do we – as in, the developers and package maintainers who are working on Fedora Linux – make sure people actually know about all the cool stuff we’re doing? That’s the question at the heart of previous discussions on the “devel” mailing list (How do we announce new packages?) and on discourse (Idea for collecting “Cool New Features / Cool New Packages” article ideas).

          As it turns out, the answer to that question is: “If what you’ve worked on isn’t big or noteworthy enough, then there’s no place for you”. That’s not good, and it’s why I started working on “Feature Spotlight”.

        • Enterprisers ProjectDigital transformation: 5 layers to build on

          Digital transformation is defined as “the integration of digital technology into all areas of a business, fundamentally changing how you operate and deliver value to customers.” That’s why every company’s digital transformation journey looks different. Ultimately, it is a paradigm shift in how you do business.

        • Red HatWrite Kubernetes in Java with the Java Operator SDK, Part 2 | Red Hat Developer

          Java Operator SDK, or JOSDK, is an open source project that aims to simplify the task of creating Kubernetes Operators using Java. The project was started by Container Solutions, and Red Hat is now a major contributor.

          Part 1 in this series introduced JOSDK and explained why it could be interesting to create Operators in Java. In this article and its sequels, you will take a deeper look at JOSDK's concepts and learn how it simplifies Operator development. Along the way, you'll build a simple example using JOSDK and its quarkus-operator-sdk extension for Quarkus, a Kubernetes-native Java stack.

        • Software Freedom Institute: Red Hat, Inc vs Software Freedom Institute SA: Fedora open source trademark precedent

          Red Hat, Inc, a subsidiary of IBM, attempted to sue the Institute for using the domain name WeMakeFedora.org

          The Institute argued that the doctrine of fair use applies when volunteers collaborate on an open source software product like Fedora.

      • Debian Family

        • Linux Mint Debian Edition 5 Available to Download: discover all its news - LinuxStoney

          Linux Mint Debian Edition 5 Available to Download: discover all its news, There are many Linux distributions that we can use right now to be part of our PC. Among the wide variety that we can download and install, one of the most popular is Linux Mint .

          Here we find a distro capable of meeting the needs of all types of users, both new and more advanced. We are telling you all this because the new version of the operating system has just been released, specifically we are referring to Linux Mint Debian Edition 5 , which is now available. It is worth mentioning that this is something that happens after several months of testing by its developers.

          For those of you who don’t know, we will tell you that this system is based on Ubuntu by default. Considering that the last update of this software dates back to January of this year, the team released Linux Mint 20.3 in the same month. This release was accompanied by the Cinnamon, MATE, and Xfce desktops , all based on the Linux 5.4 kernel. But as we have mentioned, in these lines we are going to focus on Linux Mint Debian Edition.

          One of the goals of this distro is to ensure that it remains available if something happens to Ubuntu. Sure, that seems unlikely, though the team behind this proposal wants to be prepared for all eventualities. At the same time Linux Mint Debian Edition becomes an interesting alternative.

        • In Linux, they are basic, but do you know what DEB files are? [Ed: This is nonsense and false

          The name “DEB” comes from shortening the name of the first distro that introduced and started using them: Debian. These packages are basically the .EXE of Debian-based Linux distributions , such as Debian itself, Ubuntu or Linux Mint, among others. Thus, these are storage files (or packages) that contain all the files to be able to install a program in the distro, in addition to the scripts necessary to carry out this installation and configuration of the program in question.

        • Norbert PreiningPackages for Debian: KDE/Plasma, RSSguard, et al | There and back again

          As mentioned in this post, most of my activity around Debian has come to a complete halt (Send your thanks to da-manager@debian.org!). Since I still have a few computers running Debian, I keep maintaining a few things which I heavily rely on, in particular KDE/Plasma and RSSguard.

          For KDE/Plasma, there are the well known OBS repos I maintain, please read the blog posts tagged KDE.

      • Canonical/Ubuntu Family

        • UbuntuDesign and Web team summary – 25 February 2022 | Ubuntu

          The Web and design team at Canonical run two-week iterations building and maintaining all of the Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration.

    • Devices/Embedded

      • Linux GizmosJetson edge AI box offers four PoE ports with a choice of Onvif or GigE camera support

        Adlink unveiled an “EOS-JNX Series” of Jetson Xavier NX based edge AI vision systems with 4x PoE ports. The EOS-JNX-I has 10/100Mbps PoE ports that support Onvif surveillance cams plus a 1Gb NVR uplink; the EOS-JNX-G has GbE PoE ports with GigE camera support.

        Last September when Adlink announced its Edge Vision Analytics (EVA) SDK for systems including its Nvidia Jetson Xavier NX powered NEON-2000-JNX embedded camera, the company mentioned that an upcoming EOS-JNX line of computers would support the AI stack. Adlink has now announced the Xavier NX based EOS-JNX Series of computers with EVA support. In somewhat related news, Adlink announced a partnership with ANSCENTER to integrate its ANSCENTER ANS Video Intelligence System (ANSVIS) software with Adlink’s NEON cameras.

      • CNX SoftwareNVIDIA launches Jetson AGX Orin Developer Kit, Orin NX modules, and Isaac Nova Orin AMR platform - CNX Software

        NVIDIA Jetson AGX Orin module was first introduced in November 2011, but the company has now officially launched the Jetson AGX Orin Developer Kit, andunveiled the lower cost Orin NX modules still with 70 TOPS or more, and the Isaac Nova Orin AMR (autonomous mobile robot) reference platform.

      • Open Hardware/Modding

        • CNX SoftwareQuadric devkit features q16 hybrid AI, DSP, computer vision accelerator - CNX Software

          The Quadric devkit is an M.2 Key M module equipped with the company’s q16 edge processor offering a hybrid data-flow + Von Neumann machine for not only neural networks, but also computer vision, digital signal processing, BLAS (Basic Linear Algebra Subprograms), and other workloads.

          This architecture allows the Quadric q16 to be more flexible than traditional AI accelerators and can deliver more effective solutions for heterogonous systems that may have multiple accelerators or require a powerful processor. The M.2 form factor enables easy integration into boards with an M.2 Key M socket such as the Gumstix Raspberry Pi 4 development board shown below with the Quadric devkit.

      • Mobile Systems/Mobile Applications

        • Murena & /e/OS — a product roadmap for 2022: towards our V1? - Gaël Duval (blog, mandrake, /e/ my data is my data...)

          It’s interesting to have a look back at our past year roadmap: most of the features we announced are either done or close to be completed, which is not too bad! The two things that shew very little progress are the Smart Assistant project, and the energy efficiency project.

          For others items, we have started to introduce better compatibility with Android applications (SafetyNet support), first for the stable devices, and later, progressively, for as many supported smartphones as possible…

          We will also soon be offering a much larger and transparent access to mobile applications, with our new application installer called “App Lounge”. On this aspect, even if we didn’t have a single case of tampered application during the past three years, we’re progressively abandoning our dependency to the “CleanAPK” service. CleanAPK is still going to be used momentarily for the catalog of apps coming from F-Droid and Progressive Web Apps, but will be totally abandonned this year.

    • Free, Libre, and Open Source Software

      • LWNThe Open Source Initiative elects a new board

        The Open Source Initiative has announced the results of its 2022 board election.

      • Daniel StenbergA headers API for libcurl | daniel.haxx.se

        For many years we’ve had this outstanding idea to add a new API to libcurl that would offer applications easy access to HTTP response headers.

        Applications could already retrieve the headers using existing methods but that requires them to write a callback and to a certain amount of parsing and “understanding” HTTP that we always felt was a little unfortunate, a bit error-prone on the behalf of the applications and perhaps also a thing that forced a lot of applications out there having to write the same kind of extra function logic.

        If libcurl provides this functionality, it would remove a lot of (duplicated) code from a lot of applications.

      • Peter Czanik: The system() source of syslog-ng now also works on MacOS
      • The syslog-ng insider 2022-03: syslog-ng 4; MQTT source; Zinc; Elastic Cloud; 3.36; - Blog - syslog-ng Community - syslog-ng Community

        This is the 99th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

      • Open Source InitiativeComcast: Why we support the OSI

        Comcast is a global media and technology company that operates as three primary businesses: Comcast Cable in the U.S., Sky in Europe, and NBCUniversal globally. In addition, Comcast also provides communications services, including residential high-speed internet, phone, and wireless services.

      • FSFE

        • FSFESFP#14: The world of mesh networking with Elektra Wagenrad

          With this episode the Software Freedom Podcast opens the door to the fascinating and sometimes complex world of mesh networking. And who better than Elektra Wagenrad can take us on this journey? Elektra is one of the original developers of the B.A.T.M.A.N. protocol and the person behind the Mesh Potato project.

      • FSF

        • GNU Projects

          • GNUGNU Linux-libre 5.17-gnu
            GNU Linux-libre 5.17-gnu cleaning-up scripts, cleaned-up sources, and
            cleaning-up logs (including tarball signatures) are now available from
            our git-based release archive git://linux-libre.fsfla.org/releases.git/
            tags {scripts,sources,logs}/v5.17-gnu.
            
            

            Compressed tarballs and incremental patches are also available at <https://www.fsfla.org/selibre/linux-libre/download/releases/5.17-gnu/>.

            Freesh and RPMFreedom, the .deb and .rpm distributions of GNU Linux-libre maintained by Jason Self, already have binaries of 5.17-gnu. Thanks, Jason!

            We had hoped for a release during FSF's amazing LibrePlanet conference, but alas, that was not meant to be. Cleaning up scripts have required changes for the final release, compared with -rc8, and that delayed the release quite significantly.

            This release required updates to cleaning up logic for tegra, bnx2x, mt7915, btmtk, mscc, and new logic for dts files for various new aarch64 SoCs, and for a new driver for x86 android tablets.

            In other news, Jason Self has started sharing the work of preparing and verifying the multiple upstream stable releases we clean up and put out every week. Please join me in thanking him for adjusting our bus factor in a desirable way! There are likely to be upcoming changes in details about signatures as we streamline this new mode of cooperation.

            You may also enjoy the beautiful artwork with our mascot, Freedo, that he's made and published at https://jxself.org/git/?p=freedo.git;a=tree

            For up-to-the-minute news, join us on IRC (#gnu-linux-libre on libera.chat), or follow me on P2P or federated social media (the link in my signature has directions).

            Be Free! with GNU Linux-libre.

            What is GNU Linux-libre? ------------------------

            GNU Linux-libre is a Free version of the kernel Linux (see below), suitable for use with the GNU Operating System in 100% Free GNU/Linux-libre System Distributions. http://www.gnu.org/distros/

            It removes non-Free components from Linux, that are disguised as source code or distributed in separate files. It also disables run-time requests for non-Free components, shipped separately or as part of Linux, and documentation pointing to them, so as to avoid (Free-)baiting users into the trap of non-Free Software. http://www.fsfla.org/anuncio/2010-11-Linux-2.6.36-libre-debait

            Linux-libre started within the gNewSense GNU/Linux distribution. It was later adopted by Jeff Moe, who coined its name, and in 2008 it became a project maintained by FSF Latin America. In 2012, it became part of the GNU Project.

            The GNU Linux-libre project takes a minimal-changes approach to cleaning up Linux, making no effort to substitute components that need to be removed with functionally equivalent Free ones. Nevertheless, we encourage and support efforts towards doing so. http://libreplanet.org/wiki/LinuxLibre:Devices_that_require_non-free_firmware

            Our mascot is Freedo, a light-blue penguin that has just come out of the shower. Although we like penguins, GNU is a much greater contribution to the entire system, so its mascot deserves more promotion. See our web page for their images. http://linux-libre.fsfla.org/

            If you are the author of an awesome program and want to join us in writing Free (libre) Software, please consider making it an official GNU program and become a GNU Maintainer. You can find instructions on how to do so at https://www.gnu.org/help/evaluation. We look forward to hacking with you! :)

            What is Linux? --------------

            Linux is a clone of the Unix kernel [...]

            (snipped from Documentation/admin-guide/README.rst)
          • GNU Linux-Libre 5.17 Kernel Released
      • Programming/Development

        • Linux HintScala Abstract Class

          We have to create classes in programming in any language. Classes have methods and have values defined in them. In real life, we want to hide some information in a class or don’t want to show unnecessary details of the class. Just putting forward the subject that we have created for users. In Scala, there is a way out of hiding details of implementation through creating an Abstract class and showing only the functionality we want to display. We will learn the concept of creating an Abstract class in Scala in this article. Scala’s Abstract class and Java’s Abstract class are quite similar. Let’s have some more information about the Scala Abstract class.

        • Linux HintScala Collections

          A collection in Scala in particular or in any other programming language, in general, is simply a container that can hold the data. However, as far as the Scala programming language is concerned, then it supports multiple different collections. Therefore, today’s article will be dedicated to the collections in the Scala programming language in Ubuntu 20.04.

        • Linux HintScala Hello World

          Whichever programming language you are comfortable with, you must be familiar with a Hello World program in it. This program is generally the first program that you will ever create in any programming language. With this basic program, you try to understand the syntax of the programming language that you wish to learn. In this guide, we will learn to write a Hello World program in the Scala programming language in Ubuntu 20.04.

        • Linux HintHow to Use Strings in Rust

          A string is defined as a sequence of Unicode characters that are encoded into the UTF-8-byte stream. Strings are a fundamental concept in any programming knowledge as they are a source of great trouble or great productivity.

          This article will explore how to work with strings in the Rust programming language and determine what makes strings in Rust different.

  • Leftovers

    • Hardware

      • CubicleNateWireless Network Bridge Solution

        Wireless bridging is not a real common residential application, at least, not that one that I would think to be common. When you are in a situation where a wireless bridge is necessary, this is a solution I can highly recommend. I am glad I went with the long distance model as it seems to do well even when obstacles re put its way. I think the money spent on the wireless bridge was the better solution to burred wire.

    • Integrity/Availability

      • Proprietary

        • Help Net SecurityLapsus$ Gang Says it Has Breached Okta and Microsoft

          After breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta.

          [...]

          If Lapsus$’s assertions prove to be true, this (previously) relatively unknown hacking group has quickly become another threat actor that big corporations have to worry about.

        • MIT Technology ReviewActivists are targeting Russians with open-source "protestware" | MIT Technology Review [Ed: MIT Technology Review is blaming "open source" for Microsoft shipping malware]
        • LWNActivists are targeting Russians with open-source "protestware" (Technology Review) [Ed: MIT Technology Review basically blames the victims of Microsoft for what Microsoft is doing; see comments]

          MIT Technology Review has taken a brief look at open-source projects that have added changes protesting the war in Ukraine and drawn some questionable conclusions...

        • ZDNetCorrupted open-source software enters the Russian battlefield [Ed: Steven Vaughan-Nichols now helps Microsoft by spinning Microsoft shipping malware as an "open source" issue]

          It started as an innocent protest. Npm, JavaScript's package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia's invasion of Ukraine. But then, it took a darker turn: It began destroying computers' file systems.

        • USCERTDelta Electronics DIAEnergie [Ed: Microsoft SQL 'Server']
        • CISADelta Electronics DIAEnergie (Update B) [Ed: Microsoft SQL 'Server']
        • Security

          • USCERTFBI and FinCEN Release Advisory on AvosLocker Ransomware [Ed: AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines; FBI and CISA do not even name Microsoft or Windows, as usual. Microsoft cannot defend Windows (too many back doors and defects), so the best it can do it pay the media to stay quiet, change the topic, or blame the wrong parties.]

            The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors.

          • LWNSecurity updates for Tuesday [LWN.net]

            Security updates have been issued by Debian (apache2 and thunderbird), Fedora (abcm2ps, containerd, dotnet6.0, expat, ghc-cmark-gfm, moodle, openssl, and zabbix), Mageia (389-ds-base, apache, bind, chromium-browser-stable, nodejs-tar, python-django/python-asgiref, and stunnel), openSUSE (icingaweb2, lapack, SUSE:SLE-15-SP4:Update (security), and thunderbird), Oracle (openssl), Slackware (bind), SUSE (apache2, bind, glibc, kernel-firmware, lapack, net-snmp, and thunderbird), and Ubuntu (binutils, linux, linux-aws, linux-aws-5.13, linux-gcp, linux-hwe-5.13, linux-kvm, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-hwe, linux-gcp-4.15, linux-kvm, linux-oracle, linux-snapdragon).

          • CISADrupal Releases Security Updates | CISA

            Drupal has released security updates to address a vulnerability affecting Drupal 9.2 and 9.3. An attacker could exploit this vulnerability to take control of an affected system.

          • Market ScreenerQualys : Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 1) [Ed: WSL is an attack on Linux, it's Windows in disguise, and firms should quit using Microsoft's attack on Linux as a pretext for bashing the security of GNU/Linux]
          • SBOMs Supporting Safety Critical Software [Ed: This isn't the solution, this is the LF acting as a marketing proxy for sponsors]
    • Defence/Aggression

      • Here’s why Putin won’t use nukes in Ukraine — Pass it on. | I, Cringely

        President Putin of Russia has been talking a lot lately about his forces using nuclear weapons — presumably tactical nuclear weapons — in the war with Ukraine. It’s an easy threat to make but a difficult one to follow-through for reasons I’ll explain here in some detail. I’m not saying Mr Putin won’t order nuclear strikes. He might. Dictators do such things from time to time. But if Mr Putin does push that button, I’d estimate there is perhaps a 20- percent chance that nukes will be actually launched and a 100 percent chance that Mr. Putin will end that day with a bullet in his brain.

        Given that I don’t think Mr. Putin really wants a bullet in his brain, my goal here is to lay out facts and probabilities to show how nuking Ukraine would be a huge mistake for Putin and Russia. With the facts thus presented and presumably repeated by many people in many venues, that information will quickly reach everyone in positions to make such a nuclear war NOT happen. But without essays like this one, that education and intervention is much less likely. So I am writing this as a public service. Pass it on.

        What do I know? I worked as an investigator for the Presidential Commission on the Accident at Three Mile Island in 1979. Part of my portfolio then was to study the Federal Emergency Management Agency’s response to that nuclear accident, which was pathetic.

        TMI was FEMA’s first big crisis as FEMA. Most of the agency had been called Civil Defense until a short time before TMI. Their idea of nuclear safety (remember the Nuclear Regulatory Commission, not FEMA, actually regulates the reactors) had been tracking clouds of predicted fallout from Russian nuclear attacks driven by prevailing winds and coming up with plans to move civilians out of the way of those clouds. In the northeast USA around Three Mile Island, the old Civil Defense plans called for moving 75 million people in 72 hours — an impossible task, then or now.

    • Censorship/Free Speech

      • WiredWhy WhatsApp Survived Russia’s Social Media Purge

        It has become easier to be labeled an extremist in Russia. On Monday the label—once reserved for the likes of the Taliban and the Islamic State—was given to Facebook’s parent company, Meta.

        A Moscow court ruled that Meta was an extremist organization in a decision that effectively banned social media platforms Facebook and Instagram from operating in Russia. But the court ruling included an interesting carve-out: WhatsApp. Both of the other platforms had been blocked earlier in March after clashing with the Kremlin over content referencing the war in Ukraine. But the ruling purposefully allowed the company’s messenger platform WhatsApp to continue operating in the country. “The decision does not apply to the activities of Meta's messenger WhatsApp, due to its lack of functionality for the public dissemination of information,” the court said, according to Reuters.

      • AccessNowUpdate: internet access, censorship, and the Myanmar coup

        Access Now, outraged by today’s announcement that the Myanmar Investment Commission has approved the sale of Telenor Myanmar, is calling for international actors to implement sanctions and stop the company’s irresponsible disposal of its Myanmar operations to a company whose 80% majority shareholder is military-linked Shwe Byain Phyu Group.

        Telenor stated that its sanctions screening “assured” them that Shwe Byain Phyu and its owners were not subject to any current international sanctions. However, they are linked to multiple individuals and companies currently subject to U.S., European Union, and UK sanctions.

        “The purchaser, Shwe Byain Phyu, may not be sanctioned now — but it needs to be. International actors must recognize and take action against the company’s multiple and flagrant links to the military,” said Wai Phyo Myint, Asia Pacific Policy Analyst at Access Now.

    • Internet Policy/Net Neutrality



Recent Techrights' Posts

Links 19/11/2024: War on Cables?
Links for the day
The Free Software Foundation is Looking to Raise Nearly Half a Million Dollars by Year's End
And it really needs the money, unlike the EFF which sits on a humongous pile of oligarchs' and GAFAM cash
 
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban
Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites
Problems cannot be addressed and resolved if merely taking about these problems isn't allowed
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP
Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia
Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk
Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West
Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West
Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024
IRC logs for Tuesday, November 19, 2024
Gemini Links 19/11/2024: Private Journals Online and Spirituality
Links for the day
Drew's Development Mailing Lists and Patches to 'Refine' His Attack Pieces Against the FSF's Founder
Way to bury oneself in one's own grave...
What IBMers Say About IBM Causing IBMers to Resign (by Making Life Hard/Impossible) and Why Red Hat Was a Waste of Money to Buy
partnering with GAFAM
In Some Countries, Desktop/Laptop Usage Has Fallen to the Point Where Microsoft and Windows (and Intel) Barely Matter Anymore
Microsoft is the next Intel basically
[Meme] The Web Wasn't Always Proprietary Computer Programs Disguised as 'Web Pages'
The Web is getting worse each year
Re-de-centralisation Should Be Our Goal
Put the users in charge, not governments and corporations in charge of users
Gemini Links 19/11/2024: Rain Music, ClockworkPi DevTerm, and More
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 18, 2024
IRC logs for Monday, November 18, 2024
Links 18/11/2024: Science News and War Escalations in Ukraine
Links for the day
Gemini Links 18/11/2024: Degrowth and OpenBSD Fatigue
Links for the day
Technology: rights or responsibilities? - Part VII
By Dr. Andy Farnell
BetaNews is Still 'Shitposting' About Trump and Porn (Two Analysers Say This 'Shitposting' Comes From LLMs)
Probably some SEO garbage, prompted with words like "porn" and "trump" to stitch together other people's words
Market Share of Vista 11 Said to be Going Down in Europe
one plausible explanation is that gs.statcounter.com is actually misreporting the share of Vista 11, claiming that it's higher than it really is
Fourth Estate or Missing Fourth Pillar
"The term Fourth Estate or fourth power refers to the press and news media in explicit capacity of reporting the News" -Wikipedia on Fourth Estate
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 17, 2024
IRC logs for Sunday, November 17, 2024
LLMs Are Not a Form of Intelligence (They Never Will Be)
Butterflies are smarter than "chatGPT"
Business Software Alliance (BSA), Microsoft, and AstroTurfing Online (Also in the Trump Administration Groomed by BSA and Microsoft)
Has Washington become openWashington? Where the emphasis is openwashing rather than Open(Source)Washington?
Windows at 1%
Quit throwing taxpayers' money at Microsoft, especially when it fails to fulfil basic needs and instead facilitates espionage by foreign and very hostile nations