Bonum Certa Men Certa

Links 05/04/2022: Firefox 99, Q4OS 4.8, and LXD 5.0 LTS Released

  • GNU/Linux

    • Server

      • Most Reliable Hosting Company Sites in March 2022 [Ed: GNU/Linux dominant, as usual]

        The most reliable hosting company site in March 2022 was Aruba, which has now topped the table for four months in a row. Aruba provides hosting, cloud and digital signature services, fibre optic internet, digital preservation, and more. The company has data centres across Europe, in the UK, Germany, Czechia, Poland, Italy and France.

    • Audiocasts/Shows

      • Videodeepin 20.5 overview | Beautiful and Wonderful - Invidious

        In this video, I am going to show an overview of deepin 20.5 and some of the applications pre-installed.

      • 272: Behind The Scenes of Destination Linux - Destination Linux

        This week’s episode of Destination Linux, we’re taking you on a behind the scenes tour of our studio setups. All the equipment we use each week to produce this show…DL which is quite unique being that it’s a live video and audio podcast. We’re also going to discuss the amazing open-source software that powers it all. Then we’re going to talk about the upcoming Thunderbird email client release. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

      • LHS Episode #462: Hamfest and LHS Deep Dive | Linux in the Ham Shack

        Hello and welcome to Episode #462 of Linux in the Ham Shack. In this episode, the hosts take on two topics. The first is the art and science of the hamfest, exploring what happens at hamfests, what you can do, how you can participate and how you can benefit. Then we discuss future changes to the format and schedule of Linux in the Ham Shack to keep everyone informed and explain how these updates will make the show better. Thanks for listening and have a great week.

      • Late Night Linux – Episode 171 – Late Night Linux

        A varied selection of Discoveries including Telegraf, writing tools, a book about networking, and fixing a Mac. Plus your feedback about Matrix bridges, virtualisation, Pocket alternatives, the BBC, game development, and more.

      • Jupiter BroadcastingSynapse Collapse | LINUX Unplugged 452

        How we nearly crashed our Matrix server; what we did wrong and how we’re fixing it.

        Plus an update on elementary OS, GNOME’s next chapter, and we kick off the NixOS Challenge.

      • Headline Hangout w/Chris | Jupiter Extras 85

        Chris's thoughts on Linux's NVIDIA conundrum, Elon's takeover of Twitter, MailChimp's insider hack, and the Google Drones taking off in Texas.

    • Applications

      • 9to5LinuxFwupd 1.7.7 Adds Support for Logitech M550, M650 and K650, More StarLite Laptops

        Coming one and a half months after fwupd 1.7.6, which added support for Star Labs’ Star Lite Mk III laptop, the fwupd 1.7.7 release is here with support for even more of Star Labs’ StarLite Linux-powered laptops, though no specific model is mentioned in the release notes at this time, so if it works with your device you’re in luck.

      • LWNLXD 5.0 LTS released
        The LXD team is proud to announce the release of LXD 5.0 LTS!

        LXD is a system container and virtual machine manager which provides a cloud-like user experience. It can work on any regular Linux system from a simple laptop all the way to a large cluster of servers.

        As a Long Term Support release, LXD 5.0 will be getting upstream bugfix and security support until June 2027. The first two years will include frequent bugfix releases and the remaining three years will be limited to security fixes.
      • IT Pro PortalBest remote desktop for Linux in 2022 | ITProPortal

        Choosing the best remote desktop for Linux will enable you to access computers and mobile devices remotely from your Linux computer. But there are far fewer options available for Linux users than for Windows or Mac owners, and these tend to be much more difficult to use.

        This can make it hard to select the right option, particularly if you don’t want too steep of a learning curve. Many Linux remote desktops are open-source and versatile, but they also require significant tech skills to install and use.

        To help you find your way through the confusing jargon surrounding Linux remote desktops and select the right option for your business, we’ve put together this guide. In it, we take a close look at the leading Linux remote desktop programs available today.

      • GamingOnLinuxA new tool 'unsnap' helps you move from Snaps to Flatpaks | GamingOnLinux

        Want to migrate over from Snaps to Flatpaks on your Linux machine? Well, unsnap is a new tool in the early stages that will help you do just that. Developed by Alan Pope, who previously worked for Canonical and was an advocate for Snap packages, it's certainly an eyebrow raising move.

        The idea is simple: to allow you to quickly and easily migrate from Snap to Flatpak applications. Done over a two-stage process, it allows you to "view and/or edit the scripts prior to execution to validate or tweak them".

    • Instructionals/Technical

      • TechRepublicHow to switch ChromeOS to use Debian Bullseye | TechRepublic

        If you’ve added Linux support to your Chromebook, chances are pretty good it’s not using the latest version of Debian (which is version 11.3, aka “Bullseye”). Given that there are several important security and bug fixes to this release, you shouldn’t think twice about upgrading it on your Chromebook.

      • Linux JournalHow to Install and Uninstall KernelCare | Linux Journal

        In my previous article, I described what KernelCare is. In this article, I’m going to tell you how to install, uninstall, clear the KernelCare cache, and other important information regarding KernelCare. In case you’re yet to know about the product, here’s a short recap. KernelCare provides automated security updates to the Linux kernel. It offers patches and error fixes for various Linux kernels.

        So, if you are looking for anything similar, you have landed upon the right page. Let’s begin without further ado.

      • Ubuntu HandbookHow to Get Back Previous GNOME Screenshot Tool in Ubuntu 22.04 | UbuntuHandbook

        Ubuntu 22.04 has a new in-shell screenshot UI for taking screenshots and recording desktop. The old default screenshot app (GNOME Screenshot) is no longer available out-of-the-box.

        For those somehow sticking to the old screenshot tool, here’s how to install it back and configure keyboard shortcuts in Ubuntu 22.04.

      • How to install XFCE desktop on Manjaro Linux | FOSS Linux

        Manjaro is a Linux-based distro built upon the Arch Linux OS with a core focus on convenience and an easy UI experience. Like every other open-source Linux-based distro, Manjaro is also free and comes with great support from the community.

        However, unlike popular options like Ubuntu, Manjaro is developed in a rolling release method. It is an excellent option for new Linux users as it offers a flexible desktop experience and is relatively user-friendly.

        One of the best things about most Linux-based distros is that they come with many different editions, each boasting a separate GUI for various users. Manjaro is no exception as it comes in three different versions with other desktop environments, namely KDE Plasma, Xfce and GNOME. You can check them out from the official page by clicking here.

      • How to install Monitorix on Debian 11

        One of the things I like most about Linux is that we have many applications to do a task. And I like this because each one has something to contribute. An example of this are the monitoring tools. One alternative to monitor a server is to install Monitorix. Today, we will show you how to do it on a Debian 11 system.

      • VideoHow to get WiFi working on Linux - Invidious

        It can be a bit frustrating when hardware doesn't work on your Linux install, especially WiFi. Sometimes, WiFi works out of the box - and other times, not so much. In this video, Jay from LearnLinuxTV will let you know why this is sometimes a problem, as well as some of the things you can do about it.

      • Linux HintHow to check network interface status in CentOS8

        Network Interface allows connecting your device with some internet connection. In Linux, the network interface can be either physical or virtual. The physical network interface helps in connecting with various computers or connecting with the internet. On the other hand, the virtual interface usually connects with one device.

        The network interface must be enabled and functioning properly to either connect with the internet or locally. To have a functional network interface, one must keep an eye on the status of the network interface. This article provides the possible ways to get the status of the network interface on CentOS 8.

      • Red Hat OfficialHow to create dynamic inventory files in Ansible | Enable Sysadmin

        Learn how to use the host_list and Nmap plugins to build inventory files for your Ansible playbooks.

      • HowTo ForgeHow to Install and Use SFTP on Linux Servers
      • Linux HintHow to Install GCC for Arch Linux

        GCC (GNU Compiler Collection) comprises compilers for well-known programming languages such as C, C++, Go, Fortran, Objective-C, and many more. The GCC is completely free and provides cross-platform support for Linux, Windows, and multiple BSD-based systems.

        Apart from this, one can suggest or make enhancements to GCC and you can utilize the enhancements done by other developers/users as well. Moreover, the GCC can be used to make executable files for other systems which makes it the best choice for embedded systems (as they don’t have any compiler).

        Keeping in view the importance of GCC, this guide demonstrates the step-by-step procedure to install GCC on Arch Linux.

      • Linux HintHow to Use Rc.local on CentOS 8

        The RC stands for “run commands” and usually the rc phenomenon is practiced by system administrators to run a command at system boot. The “rc.local” is a script that contains the commands to be exercised at system startup.

        In Linux, the system administrators may wish to conduct a system test before startup. In such a situation, the admin must put the relevant commands inside the rc.local file to make their execution possible at system startup.

        If you are curious about using the rc-local file on CentOS 8; you are in the right place.

      • Installation and Review of Q4OS Linux [Lightweight Distro]

        Q4OS is a new Linux distribution that’s based on Debian; a common base that’s shared with other distributions like Ubuntu and Linux Mint.

        It’s aimed at users who just want a simple, stable, easy to use Linux operating system that they can conveniently run on an aging computer so they may surf the web, check emails, watch videos, and even play games while offering them a good level of security and privacy.

      • Linux Shell TipsHow to Download Files with Curl Command in Linux

        Curl, short for Client URL, is a handy and flexible command-line tool used to transfer data between client systems. It supports a myriad of protocols such as FTP, FTPS, HTTP, HTTP, LDAP, POP3, and SCP just to mention a few.

      • How To Access Proxmox Virtual Machine With SPICE Client

        By default, Proxmox uses noVNC client to access the console of a Virtual machine. The noVNC client is just enough if you want to connect to a Proxmox VM without any additional tools. However, a few things don't seem to work well with noVNC.

        One of the major problem is I can't hear any sound from the VM. Also, when I play a YouTube video, it is lagging and stuttering and out of sync with the audio.

        After searching through Proxmox forums, many users have suggested that SPICE client helped them to solved such issues. So I gave it a try. To my surprise, SPICE works great.

    • Games

      • Unreal Engine 5 is now available! - Unreal Engine

        UE5 will empower you to realize next-generation real-time 3D content and experiences with greater freedom, fidelity, and flexibility than ever before.

      • PhoronixUnreal Engine 5 Officially Released
      • GamingOnLinuxUnreal Engine 5 has officially launched, lots of Linux and Vulkan improvements | GamingOnLinux

        After being available in Early Access since May 2021 and Preview since February 2022, Epic Games has today released Unreal Engine 5 which will no doubt go on to power some of the biggest upcoming releases.

        "With this release, we aim to empower both large and small teams to really push the boundaries of what’s possible, visually and interactively. UE5 will enable you to realize next-generation real-time 3D content and experiences with greater freedom, fidelity, and flexibility than ever before." — Epic Games.

        Epic say that developers will be able to continue using "workflows supported in UE 4.27" but get access to the redesigned Unreal Editor, better performance, improved path tracing and the list goes on.

      • GamingOnLinuxThe Steam Deck hit me over the head with feelings of nostalgia | GamingOnLinux

        Something happened to me recently while playing the Steam Deck that I felt the need to share with you.

        The Steam Deck may be a modern device but it's been giving me a very heavy dose of nostalgia recently. No, it's not because it's a great machine for emulation, which I've done very little of so far because so many amazing modern games work but for something totally different.

        Here's something it reminds me of: I grew up with the likes of the Game Boy. In fact, I originally had the Game Boy Pocket, the one you could see through the case and get a look at the insides. I used to stay up far too late playing Pokémon Yellow, with one of those terrible bulky light and magnifier attachments which had quite a bit of weight to it with the batteries inside. To me, the Steam Deck is bringing back memories of that. As weird as it might be to say from a modern device, the injection of nostalgia I've been getting has been quite wonderful.

    • Desktop Environments/WMs

      • Its FOSSXfce Terminal 1.0.0 is a Feature-Packed Major Upgrade After a Year

         The popular terminal emulator found on almost all Xfce-powered distributions, Xfce Terminal has just released its first major upgrade under a new maintainer (and a new versioning scheme).

        Let us take a look at some highlights of the release.

        Igor Zakharov was leading the development from 2016 until 2020. Unfortunately, it was left unmaintained in 2021 when the new maintainer, Sergios Anestis Kefalidis (also a developer of Thunar file manager), took over the responsibility.

      • K Desktop Environment/KDE SC/Qt

        • LiliputingMaui Shell Alpha released (convergent desktop environment for Linux phones and PCs)
          The developers of the Linux-based NitruxOS (NXOS) have been working on a slick new convergent desktop environment called Maui Shell designed to look good and function well on just about any device no matter the screen size, which makes it an interesting option for phones, tablets, laptops, and desktop computers – or devices that are designed to work as one or more of those, like a phone that can be used as a desktop when an external display is connected.

    • Distributions

      • New Releases

        • Q4OS 4.8 Gemini, stable

          An update to Q4OS 4 Gemini LTS has been released. The new 4.8 series receives the recent Debian Bullseye 11.3 update, updated Debian stable kernel and important security and bug fixes. This update brings along significant Q4OS specific improvements, fixes and a cumulative upgrade covering all the changes from the previous stable Gemini release. Among other improvements, localization and languages support API library for the Desktop profiler as well as for other Q4OS tools has been rewritten and vastly improved, Setup tool gets polished and installation process has been more secured.

          We welcome everyone to download installation media images from the Downloads section of the Q4OS website. We are currently pushing all the changes mentioned above into the Q4OS repositories, automatic update process will take care about to update computers for current users.

      • SUSE/OpenSUSE

        • Leap Micro Beta Available for Testers

           People browsing through openSUSE’s websites may spot something new on

          Leap Micro, which is currently showing the 5.2 beta version, is for containerized and virtualized workloads. It is immutable and ideal for host-containers and described as an ultra-reliable, lightweight operating system that experts can use for compute deployments. The community version of Leap Micro is based on SUSE Linux Enterprise Micro and leverages the enterprise hardened security of twins SUSE Linux Enterprise and openSUSE Leap, which merges this to a modern, immutable, developer-friendly OS platform.

          Leap Micro has several use cases for edge, embedded/IoT deployments and more. Leap Micro is well suited for decentralized computing environments, microservices, distributed computing projects and more. The release will help developers and IT professionals to build and scale systems for uses in aerospace, telecommunications, automotive, defense, healthcare, robotics, blockchain and more. Leap Micro provides automated administration and patching.

      • IBM/Red Hat/Fedora

        • FedoraAnaconda is getting a new suit and a wizard – Fedora Community Blog

          In January, we published “Anaconda is getting a new suit” to let you know that we’re looking to modernize and improve Anaconda’s user experience. Before starting the redesign work for the Anaconda installer, the team reviewed user feedback and usability study data that we’ve gathered over the years.


          We sorted the feedback into high-level groupings. One of the larger groupings focused on the current installer navigation model, often referred to as “hub and spoke.” In a “hub and spoke” model, the summary screen, known as a “hub”, is the central point. Individual configuration screens are known as “spokes”. The phrase is commonly used today for airport connections because passengers often have to change flights at a central airport—or hub—instead of flying directly between two airports.

      • Debian Family

        • 9to5LinuxTails 5.0 Enters Beta Testing as First Release Based on Debian GNU/Linux 11 “Bullseye”

          Due out next month, Tails 5.0 will be a major update to this GNU/Linux distribution for anonymous surfing of the Internet and the first version to be based on the latest Debian GNU/Linux 11 “Bullseye” operating system series.

        • TailsCall for testing: 5.0~beta1

          We plan to release Tails 5.0 on May 3 or May 31. It will be the first version of Tails based on Debian 11 (Bullseye). It brings new versions of most of the software included in Tails and some important usability improvements.

      • Canonical/Ubuntu Family

        • Make Use OfUbuntu MATE 22.04 Hits Beta, and "Jammy Jellyfish" Is Looking Good So Far

          The 22.04 beta release allows Ubuntu Mate users to test the system with added features but a reduced installation image size.

        • ZDNetUbuntu 22.04 beta has arrived and it's one of the best releases from Canonical yet

          Linux on the desktop continues to grow in popularity. Although it doesn't enjoy the consumer market share of Android, Windows, iOS, or macOS, the open-source operating system on the server end is massively popular within enterprise businesses. But little by little, Linux continues climbing up the market share ladder. One reason for this is Ubuntu.

          For those that don't know, Ubuntu has been, for years, one of the top 10 most popular Linux desktop distributions on the market. One of the many reasons for this is due to remarkable user-friendliness. Ubuntu is simple to install, use, and maintain, supports a wide range of hardware, just works, and (of course) is free to anyone.

        • Yahoo NewsSteelCloud Software Automates eMASS and Splunk Data Integration
        • UbuntuStanding with Ukraine [Ed: The company whose founder flew with Russia to space took 1.5 months to post this]

          In response to the Russian invasion and acts of war in Ukraine, Canonical has sent notice of termination of support, professional services, and channel partnerships with Russian enterprises. We will not resume such engagements while broad and democratically instituted sanctions on Russia remain in place.

          We will not restrict access to security patches for Ubuntu users in Russia – free software platforms like Ubuntu, VPN technologies, and Tor, are important for those who seek news and dialogue outside state control. We will direct any Russian subscription income for such maintenance to Ukrainian humanitarian causes.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open Source InitiativeGoogle OSPO: Why we support the OSI [Ed: Distracting from the fact so much of the OSI's resources go to Microsoft, which attacks the mission?]

        This week, we’re pleased to spotlight another OSI sponsor, Google, and learn why open source is important to their organization.

      • Web Browsers

        • Mozilla

          • The Theological Problem Behind Firefox in Ubuntu 22.04

            Warning to all Ubuntu users. Starting with Ubuntu 22.04, Firefox users will be forced to migrate to the "Snap" version of Firefox. This will be done automatically. Ubuntu doesn’t provide a native Firefox anymore. You had probably been warned with Ubuntu 21.10.

            You may observe that Firefox is slower to start, that it doesn’t follow your theme anymore and other problems. But the main issue is that Snap Firefox is, by design, unable to speak to other software. In Belgium, this breaks the official Belgian id authentication.

            It should be highlighted that Belgian officials are doing a really good job at providing the official electronic ID tool for Linux (they have a Debian/Ubuntu repository) and they are well aware of the issue.

          • LWN Firefox 99.0 released
          • 99.0 Firefox Release
          • OMG UbuntuFirefox 99 Released with GTK Overlay Scrollbar Support, Fixes


            What’s new? Well, a lots of folks, including Mozilla are hyped about Firefox 99’s support for GTK overlay scrollbars. These slimmer page sliders hide when not in use but appear on scroll and increase in size when you interact with them.

            Thing is they aren’t enabled by default in the stable version, just the beta and nightly builds. So to enjoy GTK overlay scrollbars in Firefox 99 on your system you need to dive into the browser’s about:config page and set the widget.gtk.overlay-scrollbars.enabled setting to true...

          • VideoFirefox DYING is TERRIBLE for the Web - Invidious
      • FSF

        • GNU Projects

          • GNU Health declared Digital Public Good

            We are very proud to announce that the GNU Health project has been declared a Digital Public Good by the Digital Public Goods Alliance (DPGA). GNU Solidario received the announcement this Sunday, April 3rd 2022.

            The Digital Public Goods Alliance is a multi-stakeholder initiative endorsed by the United Nations Secretary-General, working to accelerate the attainment of the Sustainable Development Goals in low-and middle-income countries by facilitating the discovery, development, use of, and investment in digital public goods.

      • Programming/Development

        • OpenSource.comWhat Git aliases are in your .bashrc? |

          Many open source users love a good Bash alias and are usually happy to show off a particularly robust .bashrc file when given the chance. If you're a frequent user of Git, you might benefit from a few Git aliases mixed in with your other Bash aliases. Alternately, you can create aliases specific to Git with this git config command. This example sets the git co command to git checkout.

        • Cython is 20! | Stefans Welt

          Today, Cython celebrates its 20th anniversary!

          On April 4th, 2002, Greg Ewing published the first release of Pyrex 0.1.

          Already at the time, it was invented and designed as a compiler that extended the Python language with C data types to build extension modules for CPython. A design that survived the last 20 years, and that made Pyrex, and then Cython, a major corner stone of the Python data ecosystem. And way beyond that.

          Now, on April 4th, 2022, its heir Cython is still very much alive and serves easily hundreds of thousands of developers worldwide, day to day.

          I'm very grateful for Greg's ingenious invention at the time. Let's look back at how we got to where we are today.

        • LWNBehnel: Cython is 20! []

          On his blog, Stefan Behnel writes about the 20th anniversary of Cython, which is a compiler for Python extensions written in C, for wrapping C libraries in order to provide Python bindings for them, and for embedding Python into other applications. It is used by NumPy, scikit-learn (and other scikit-* extensions), pandas, and more.

        • Dirk EddelbuettelDirk Eddelbuettel: RcppSpdlog 0.0.8 on CRAN: Upstream Update

          A new version 0.0.8 of RcppSpdlog is now on CRAN. RcppSpdlog bundles spdlog, a wonderful header-only C++ logging library with all the bells and whistles you would want that was written by Gabi Melman, and also includes fmt by Victor Zverovich.

        • Dirk EddelbuettelDirk Eddelbuettel: RcppArmadillo on CRAN: Upstream Updates

          Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 972 other packages on CRAN, downloaded over 24 million times (per the partial logs from the cloud mirrors of CRAN), and the CSDA paper (preprint / vignette) by Conrad and myself has been cited 465 times according to Google Scholar.

        • Dirk EddelbuettelRInside 0.2.17

          A new release 0.2.17 of RInside arrived on CRAN and in Debian today. This is the first release in two years since the 0.2.16 release. RInside provides a set of convenience classes which facilitate embedding of R inside of C++ applications and programs, using the classes and functions provided by Rcpp.

        • Rust

          • Rust Lang Roadmap for 2024

            Rust 1.0 was released in 2015. Since that time, we've seen Rust grow from a small language used for a handful of prominent projects into a mainstay in use at virtually every major tech company.

            As we work towards Rust 2024, it's natural to ask what's next for the language. This roadmap provides insight into that question by describing what we, as members of the lang team with input from other Rust teams, would like to prioritize.

  • Leftovers

    • Hardware

      • Peter 'CzP' CzanikThe cult of Amiga and SGI, or why workstations matter | Random thoughts of Peter 'CzP' Czanik

        I’m considered to be a server guy. I had access to some really awesome server machines. Still, when computers come up in discussions, we are almost exclusively talk about workstations. Even if servers are an important part of my life, that’s “just” work. I loved the SGI workstations I had access to during my university years. Many of my friends still occasionally boot their 30 years old Amiga boxes.


        I started my IT life with x86: an XT then 286, 486, and so on. I used some really powerful RS/6000 machines remotely at Dartmouth College. I learned basics of scripting on them, how to exit from vi, and few more things. But it was just a bit of curiosity, not any kind of attachment. I also had access to Macs there, but I never really liked it, as MacOS felt a kind of dumb, and does so ever since.

        Fast forward a few years. Soon after I started university I became part of the student team at the faculty IT department. When a couple of SGI workstations arrived there, I got user access, and soon admin access as well. This is where I first used Netscape Navigator, ran Java applications, and enjoyed running a GUI on a UNIX machine.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • FSFEEuropean Parliament recognises Free Software as key for fair AI

                The Special Committee on Artificial Intelligence in a Digital Age (AIDA) of the European Parliament voted on its resolution on Artificial Intelligence in a Digital Age on March 22nd, and underlined the importance of Free Software for AI with a broad majority. We now ask EU co-legislators to take this position into account and to include provisions and guidelines on Free Software in the upcoming legislation.

                Public authorities using AI systems should make them publicly available. Public research inventing AI systems should make them publicly available. Transparency in AI technologies is necessary to test them, evaluate their results, and improve them. The FSFE is following closely the legislative process and analysed how AI can remain verifiable and trustworthy as well as lead to further innovation with Free Software.

              • Linux Foundation's Site/BlogAI is better with open source [Ed: Produced using proprietary software]

                Open Source Software (OSS) is a proven model that delivers tangible benefits to businesses, including improved time-to-market, reduced costs, and increased flexibility. OSS is pervasive in the technology landscape and beyond it, with adoption across multiple industries. In a 2022 survey by Red Hat, 95 percent of IT leaders said they are using open source in their IT infrastructure, which will only increase.

              • I ProgrammerApplications Open For LiFT Scholarships [Ed: Lots of this paid-for webspam]
        • Security

          • LWNSecurity updates for Tuesday []

            Security updates have been issued by Arch Linux (polkit, postgresql, and zlib), openSUSE (389-ds and opera), Red Hat (kpatch-patch), SUSE (389-ds and util-linux), and Ubuntu (waitress).

          • security things in Linux v5.10 €« codeblog

            Linux v5.10 was released in December, 2020. Here’s my summary of various security things that I found interesting:

            seccomp user_notif file descriptor injection Sargun Dhillon added the ability for SECCOMP_RET_USER_NOTIF filters to inject file descriptors into the target process using SECCOMP_IOCTL_NOTIF_ADDFD. This lets container managers fully emulate syscalls like open() and connect(), where an actual file descriptor is expected to be available after a successful syscall. In the process I fixed a couple bugs and refactored the file descriptor receiving code.

          • LWNCook: Security things in Linux v5.10 []

            Kees Cook catches up with the security-related changes in the 5.10 kernel, released at the end of 2020.

          • Matthew Garrettmjg59 | Bearer tokens are just awful

            As I mentioned last time, bearer tokens are not super compatible with a model in which every access is verified to ensure it's coming from a trusted device. Let's talk about that in a bit more detail.

          • CISACISA Adds Four Known Exploited Vulnerabilities to Catalog
          • Privacy/Surveillance

            • Bruce SchneierHackers Using Fake Police Data Requests against Tech Companies - Schneier on Security

              Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.


              The “credentials” are even more insecure than we could have imagined: access to an email address. And the data, of course, isn’t very secure. But imagine how this kind of thing could be abused with a law enforcement encryption backdoor.

            • MakeTech Easier4 Ways Google Tracks You and How to Stop it

              From Gmail and Google Photos to Google searches and other online activities, the tech giant tracks all your movements. Almost anything connected with Google (hardware and software) gathers your personal information. However, the tech giant insists it doesn’t spy on you with malicious intent. Instead, your collected details are used to enhance the performance of its services and tools.

            • AccessNowFacing the consequences: Access Now welcomes legal action against NSO Group - Access Now

              Access Now welcomes the new lawsuit filed today, April 5, in France against the Israeli spyware company NSO Group for facilitating the unlawful surveillance of French-Palestinian human rights defender, Salah Hammouri, through the use of its spyware Pegasus.

              The legal action was submitted jointly by the International Federation of Human Rights (FIDH), the Human Rights League (LDH), and Salah Hammouri.


              “Litigation remains an important tool in the fight against spyware abuses,” said Natalia Krapiva, Tech-Legal Counsel at Access Now. “Spyware companies like NSO Group and states that use their technologies should know: you will be held accountable.”

              Access Now reiterates its call to the European Union to urgently sanction NSO Group and take all appropriate action to prohibit the sale, transfer, and use of NSO Group’s surveillance technologies until adequate human rights safeguards are in place.

            • Citizen LabPeace through Pegasus: Jordanian Human Rights Defenders and Journalists [cr]acked with Pegasus Spyware - The Citizen Lab

              Jordanian human rights defenders (HRDs) work in a generally hostile environment. Since the Arab Spring in 2011, grassroots protests have emerged, reflecting growing discontent with government corruption and wealth inequality, among other issues. In response, authorities have often arrested activists and curtailed freedoms.

              Jordan saw a wave of protests in 2011, as part of the Arab Spring. Protests were driven partly by the Hirak, groups of youth activists not connected with traditional centres of political power in Jordan. Protests flared up again in June 2018, galvanised by a government plan to increase taxes and reduce subsidies, as required by the International Monetary Fund (IMF). More than 30 trade unions called a general strike, and protesters occupied the Fourth Circle area of Amman near the Prime Minister’s office. In response, the government temporarily withdrew the bill, and re-introduced it in September 2018 with minor changes. When the bill’s final text was published in the Official Gazette in December 2018, activists once again held protests in the Fourth Circle that persisted into 2019. In March 2019, Jordanian authorities began a wave of arrests against Hirak members, charging them with “insulting the King” and “undermining the political regime.”

            • Authoritarians love smart cities. Russia is no exception

              Authoritarians love smart cities projects.

              Vladimir Putin is no exception. Moscow has been on a mission to become a smart city for the last decade. Russia’s capital has around 200,000 surveillance cameras. That’s more cameras per square mile than in Beijing or New York. In October 2021, the Moscow Metro launched a facial recognition payment system. Branded as a quick, contactless way of paying ride fares, it was also used for surveillance. Since September 2020, almost 3,000 criminals have been caught in the Moscow Metro because of the system, according to city authorities. But the extreme crackdown on dissent triggered by the war in Ukraine makes Moscow’s technological advances terrifying for anyone who opposes the government.

              Since the start of war in Ukraine, speaking out against the government has become incredibly risky for the Russians. Over 15,000 people have been detained for protesting and anyone who does as little as sharing a social media post that contradicts the official position risks a 15-year prison sentence.

  • Defence/Aggression

    • How to document war crimes in the digital age

      The stories coming out of Bucha, a small city near Kyiv that was under Russian occupation since early March, are horrific. Witnesses have described scenes of torture, summary executions and mass graves. Journalists who accompanied Ukrainian troops moving into the city have reported seeing civilian corpses along the road, some with their hands tied behind their backs, others with a gun blow to the head.

      This adds to the growing pile of evidence that Russian troops have perpetrated war crimes in Ukraine. On April 4, President Biden called for Russian President Vladimir Putin to be brought to trial. The European Union created a Joint Investigation Team with Ukraine that will collect and process evidence that can be brought before the International Criminal Court.

    • The Washington Post4,000 letters and four hours of sleep: Ukrainian leader wages digital war
    • PoliticoUkraine minister pleads to expand ‘digital blockade’ on Russia
  • Internet Policy/Net Neutrality

    • I Answer Questions, Part III

      In the last couple of years I've mostly seen talk about how the Internet hasn't fulfilled its promise of making the world better. Centralised social media, algorithmic amplification, the control of military drones or state surveillance, proof or work cryptocurrencies.

    • Ukraine's Internet System Is A Hidden Weapon In The War (VIDEO)

      Ukraine's ability to keep its internet up and running has allowed its citizens to stay connected to the world despite Russia's invasion.

      Since the beginning of the invasion of Ukraine, Russia has launched cyberattacks and missiles that have knocked out large portions of the country's internet, but it's failed to push Ukrainians completely offline thanks to a robust telecommunications system.

      "Unlike a much smaller country that may rely on just a couple of connections out to the outside world, there is a rich fiber optic backbone connecting the cities of Ukraine," said Doug Madory, director of internet analysis at Kentik. "If one line gets cut, there's other paths to get around it."

      "We haven't seen very long-term outages for the larger providers," said Amanda Meng, research scientist at Georgia Tech. "For some smaller operators, we do see disconnections that we've seen for weeks."

    • PoliticoThe West’s plan to keep global data flows alive

      U.S. President Joe Biden and European Commission President Ursula von der Leyen just secured a political agreement to keep data flowing between the European Union and the United States.

      But with EU and U.S. negotiators still hammering out details on the new transatlantic data pact — and legal challenges expected once the deal is completed — policymakers are already scrambling to shore up the free flow of data across the Western world.

      The Organization for Economic Cooperation and Development, a Paris-based group of mostly rich countries, may have an answer.

  • Digital Restrictions (DRM)

    • MashableHow to stop Spotify from sharing your data, and why you should

      It sounds like the setup to a bad joke, but the wildly popular music streaming service in fact collects, stores, and shares reams of seemingly mundane user data, adding up to an intrusion that's much more than just the sum of its parts. While Spotify customers are busy rocking out, the company has its metaphorical hands full profiting off the data that rocking generates. And it generates a surprising amount. What Spotify does with that data, and why that should concern you, are complex questions involving third-party advertisers, densely written terms of service, and inferences drawn from every piece of music or podcast you've ever listened to on the streaming platform. But according to privacy experts, one aspect of this digital mess is absolutely straightforward: Spotify users should pay attention to how their data is used, and take the available steps to limit that use whenever possible.

Recent Techrights' Posts

Over at Tux Machines...
GNU/Linux news
[Video] To Combat Efforts to Cancel or Kill the Career (and Reputation) of the People Who Made GNU/Linux We Must Rally the Community
nobody speaks better for projects and for licences than their own founders
Rumour: Major Finance Layoffs at Microsoft Next Week
If the rumour is true, we'll be hearing barely anything from the mainstream media next week
Links 07/12/2023: More EPO Patents Squashed, More Pfizer COVID-19 Vaccine "Glitches" Found
Links for the day
Still Not 'Canceled'
Ted Ts'o, Jan Kara, Linus Torvalds last month
Google is Googlebombing the Term "Gemini"
Could Google not pick a name that's already "taken"?
Links 06/12/2023: Bitcoin Rebound, China Downgraded by American Firm, Yahoo! Layoffs Again
Links for the day
Shooting the Messenger Using Bribes and Secrecy Bonds
We seem to live in a world where accountability for the rich and well-connected barely exists anymore
The Myth of an Aging (or Dying) GNU/Linux Leadership
Self-fulfilling prophecies as a tactic?
Links 06/12/2023: Many More December Layoffs
Links for the day
IRC Proceedings: Tuesday, December 05, 2023
IRC logs for Tuesday, December 05, 2023
PipeWire 1.0: Linux audio comes of age
Once upon a time, serious audio users like musicians and audio engineers had real trouble with Linux
This is How 'Linux' Foundation Presents Linux to the World
Right now it even picks Windows over Linux in some cases
Links 05/12/2023: Microsoft's Chatbot as Health Hazard
Links for the day
There's Nothing "Funny" About Attacking Free Speech and Software Freedom
persistent focus on the principal issues is very important
Professor Eben Moglen Explained How Software Patent Threats Had Changed Around 2014 (Alice Case) and What Would Happen Till 2025
clip aged reasonably well
GNU/Linux Adoption in Africa, a Passageway Towards Freedom From Neo-Colonialism
Digi(tal)-Colonialism and/or Techolonialism are a thing. Can Africa flee the trap?
CNN Contributes to Demolition of the Open Web
Reprinted with permission from Ryan Farmer
Eben Moglen on Encryption and Anonymity
The alternate net we need, and how we can build it ourselves
Yet More Microsofters Inside the Board of Mozilla (Which Has Just Outsourced Firefox Development to Microsoft's Proprietary Prison)
Do you want a browser controlled (and spied on) by such a company?
IRC Proceedings: Monday, December 04, 2023
IRC logs for Monday, December 04, 2023
GNU/Linux Now Exceeds 3.6% Market Share on Desktops/Laptops, According to statCounter
things have changed for Windows in China
Over at Tux Machines...
GNU/Linux news
Links 05/12/2023: Debt Brake in Germany and Layoffs at Condé Nast (Reddit, Wired, Ars Technica and More)
Links for the day