Bonum Certa Men Certa

Links 07/04/2022: gzip 1.12 and Rust 1.60.0

  • GNU/Linux

    • There is always something new to learn and do in Linux

      To get more knowledge about Linux I took an 8-week Basic Linux course by Henry White which he ran on an email list. Eventually I was helping Henry with answering questions on the list. Some of us met on IRC (Internet Relay Chat) once a week. This is text-based where we got to know each other as well as take up computer problems or course questions. Later I got involved in another Basic Linux course for a few years. Like Henry, our main goal was to help new Linux users. Back then, Linux was not nearly as user-friendly as it is today. I saw the turn take place with Ubuntu. That was a huge breakthrough for non-geeks to jump in. I was using Debian, but switched to Ubuntu to become familiar with what my mom was now using instead of Windows.

    • Linux Magazine

    • Server

      • TechTargetAdvice for data centers looking to change operating systems

        Which OS a data center uses can vary, but the majority of platforms are based on or have compatibility with Linux. Linux is well known for its incredible flexibility and versatility, largely thanks to its open source nature and highly active global community. Because anyone can use Linux freely, developers around the world have built custom configurations suited to almost any purpose.

        Linux's modular nature also makes it a natural fit for the cloud -- easy to scale and match the pace of potentially rapid data center growth. Some of the biggest cloud platforms in the world are based on hardened versions of Linux, including AWS, Google Cloud Platform and Microsoft Azure.

        Many of today's existing data center OSes are compatible with Linux, but each OS often has a specific purpose. For example, Kubernetes provides a way to configure Docker containers into clusters of interacting services. It automatically accounts for resource density replication and service grouping and intelligently schedules these factors. Photon, on the other hand, operates as a minimal Linux container host with a focus on quick booting on VMware platforms.

    • Audiocasts/Shows

    • Kernel Space

      • LWNProblems emerge for a unified /dev/random /dev/urandom []

        In mid-February, we reported on the plan to unite the two kernel devices that provide random numbers; /dev/urandom was to effectively just be another way to access the random numbers provided by /dev/random. That change made it as far as the mainline during the Linux 5.18 merge window, but it was quickly reverted when problems were found. It may be possible to do that unification someday, but, for now, there are environments that need their random numbers early on—without entropy or the "Linus jitter dance" being available on the platform.

        A bunch of changes for the kernel random-number generator (RNG) were merged by Linus Torvalds on March 21. Those changes included unifying the two RNG devices, because it was hoped that no mainstream platforms would lack a source of unpredictable data that would allow the RNG pool to initialize in short order at boot time. For several years now, the jitter dance has used CPU execution time jitter to initialize the pool in less than a second; it uses the differences in code-execution speed of repetitive operations due to unpredictability in modern CPUs, from caches, branch prediction, and the like. But some systems lack jitter and have no other source of unpredictable data. That leads to the boot process hanging waiting for the RNG pool to initialize.

      • LWNPointer tagging for x86 systems []

        Pointers are a fact of life for developers working in numerous languages. It is often convenient to be able to associate a small amount — a few bits at most — of ancillary information with a pointer. This can often be done within the pointer value itself with some careful masking and shifting. CPU manufacturers have been adding ways to support the addition of this sort of "tag" to pointers; the most recent may be AMD's "upper address ignore" (UAI) feature, support for which was recently posted by Bharata B Rao. This feature has an uncertain future in Linux, though, as the result of a fundamental design decision.

        On a 64-bit system, a pointer is, naturally, 64 bits wide. But the CPU does not actually need all of those bits to dereference an address stored in a pointer. There are no systems (yet) that require — or can provide — all of the memory that can be addressed by 64 bits, meaning that there are ranges of address space that do not map to physical memory. Normally, user-space addresses start at (or near) zero and increase from there; that means that the highest-order bits will be zero even with the largest possible addresses. As a result, it can be possible to use those high-order bits to store other types of information.

        There are numerous use cases for stashing metadata into those unused bits. Memory allocators could use that space to track different memory pools, for example, or for garbage collection. Database management systems have their own uses for that space. Applications can implement this sort of tagging now, but it must be done with care; an address with extra bits set is no longer a valid pointer, so that metadata must be masked out before dereferencing that pointer or passing it into code that does not understand the tagging scheme. That is error-prone and may slow down the application.

      • LWN5.18 Merge window, part 1 []

        As of this writing, 4,127 non-merge changesets have found their way into the mainline repository for the 5.18 development cycle. That may seem like a relatively slow start to the merge window, but there are a lot of changes packed into those commits. Read on for a summary of the most significant changes to land in the first half of the 5.18 merge window.

      • LWNA way out for a.out []

        The a.out executable format dates back to the earliest days of Linux — and before. It has not been used in any serious way for decades, but support still exists in the Linux kernel and has resisted all attempts at its removal. Back in January, Borislav Petkov tried yet again to delete support for this format, leading to another extended discussion. There is one difference this time around, though: the effort to get rid of a.out support might just succeed.

        The a.out format dates back to the first edition of Unix. When MINIX came along, it naturally used that format for its executable files; that, in turn, led to a.out being used in Linux as well. It is a simple format, and its implementation on Linux was even simpler; among other things, every Linux shared library had to be centrally assigned its own portion of the address space, since libraries could not be relocated at run time. Still, Linux used a.out for some time, until support for the newfangled ELF format was first added to the 0.99.13 development kernel in 1993.

        There was a time when the crazier people among us manually converted our Slackware systems from a.out to ELF in order to be able to try it out and gain the benefits before distributions were updated. They still bear the scars from that time. Not that your editor would ever admit to knowing anybody who would have engaged in any such activity.

        ELF has been the standard executable format for Linux on most architectures since 1995. One might think that would have provided enough time for any users of a.out binaries to grudgingly move on to ELF; its adoption can probably be judged to not be a passing fad at this point. But, in the real world, surprises lurk.

      • LWNSystemd discusses its kernel-version needs

        A query regarding the possibility of dropping support for older kernels in systemd led to some discussion on the systemd-devel mailing list recently. As might be guessed, exactly which kernel would be the minimum supported, what kernel features systemd is using, and when those kernel features became available, were all part of that conversation. A component like systemd that is closely tied to the kernel, and the interfaces different versions provide, has a number of different factors to consider when making a decision of this sort.

        Zbigniew Jędrzejewski-Szmek started things off by asking if changing the minimum required kernel version for systemd to 4.4 would cause problems for anyone. He said that if it did, "please substantiate why you are running new systemd with such old kernels". Currently, systemd minimally requires Linux 3.15 or later, as noted in its README file.

    • Applications

      • MedevelLibrera App is the most used Book and EPUB Viewer for Android

        Librera Reader is a free, open-source eBook reader and viewer for Android devices.

        It comes with a long feature-list that makes it unbeatable among other Android eBook readers.

        The developer offers a free version hover, it comes with advertisements, which you can ignore if you use the Pro version.

        Librera has more than 10 millions download from Google Play store and other platforms.

      • MedevelWinds a personalized RSS and Podcast app with an open-source flavor

        Winds is an open-source RSS & Podcast App Powered by

        Stream is an API for building activity feeds. For Winds the follow suggestions and the list of articles from the feeds you follow is powered by Stream. Stream accounts are free for up to 3 million feed updates and handle personalization (machine learning) for up to 100 users.

      • MedevelEve Reader is a EPUB Book reader with annotation

        Eve Reader is a free, open-source web-based EPUB reader that anyone can host on their servers. It is currently available for Windows, Linux, and the web. The macOS version is still in development.

      • MedevelGimel Studio is an open-source Non-destructive 2D image editor

        There is no shortage of open-source free photo editors, as most of them are aiming to provide an alternative to the commercial counterparts.

        However, Gimel Studio is different, as it node-based non-destructive editor that use GPU and CPU processing.

        Although, Gimel Studio is still in pre-alpha stage, it is gaining momentum of new users every day.

    • Instructionals/Technical

      • How to install XFCE on CentOS 7

        In this tutorial you will learn how to install XFCE desktop environment on CentOS 7.

        CentOS 7 comes with Gnome desktop environment by default, which is heavier than XFCE and it doesn't run that smoothly especially if you are installing centos 7 on a computer with low specs.

        Follow the steps below to install XFCE on CentOS 7.

      • TechRepublicHow to safely store passwords on a Linux server | TechRepublic

        How many times have you been working on a Linux server (without a GUI) and wished you had the means to safely store passwords? Having such a feature available to your headless servers would be such a time saver.

      • UNIX CopHow to install Zulip on Debian 11

        For those who don’t know, Zulip is an open-source application for enterprise chat and distributed teams. You could say it’s a solid alternative to Slack and even Microsoft Teams.

        The server-side code is written in Python using Django, which gives you an idea of its robustness. On the client side we have versions for Linux, Windows, macOS, Android and iOS, and an integrated web interface is also provided.

      • Linux Made SimpleHow to install Deltarune Chapter 2 on a Chromebook

        Today we are looking at how to install Deltarune Chapter 2 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • ID RootHow To Install Apache Web Server on Rocky Linux 8 - idroot

        In this tutorial, we will show you how to install Apache Web Server on Rocky Linux 8. For those of you who didn’t know, The Apache HTTP Server aka Apache is a free and open-source cross-platform web server software released under the terms of Apache Licence 2.0. The goal of this project is to provide a secure, efficient, and extensible server that provides HTTP services in sync with the current HTTP standards.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Apache Web Server on Rocky Linux. 8.

      • FFmpeg Commands: 31 Must-Haves for Beginners in 2022 - VideoProc

        FFmpeg is a free and open-source command line-based tool to handle video, audio, and other multimedia files. It packs many encoders and decoders, making it powerful enough to support almost all common and uncommon multimedia formats.

        FFmpeg comes with a learning curve especially if you are new to a command line tool. You will need to type commands with your keyboard to transcode multimedia files and streams. So here in this post, I will introduce 31 most commonly used FFmpeg commands with examples to perform various tasks like converting media formats, trimming videos, extracting audio/video streams, etc.

      • Update Supermicro BIOS firmware from Linux | Major Hayden

        The Linux Vendor Firmware Service (LVFS) and fwupd turned the troublesome and time consiming activities of updating all kinds of firmware for laptops, desktops, and servers into something much easier. Check your list of updated firmware, update it, and submit feedback for the vendors when something doesn’t work. You can even get notifications right inside GUI applications, such as GNOME Software, that notify you about updates and allow you to install them with one click.

      • [Older] Install ThinkOrSwim on Fedora Linux | Major Hayden

        Over the past two years, I picked up stock trading and general finance knowledge as a hobby. There are plenty of things I enjoy here: complex math, understanding trends, and making educated guesses on what happens next. Getting the right tools makes this job a little bit easier.

        I use TD Ameritrade for the majority of my trading and learning. They offer a desktop application with a great name: ThinkOrSwim. Using it feels a bit like flying the Space Shuttle at first, but it delivers tons of information and analysis in a small package.

      • [Older] Disable HiDPI in alacritty | Major Hayden

        The alacritty terminal remains my favorite terminal because of its simple configuration, regular expression hints, and incredible performance. It’s written in Rust and it uses OpenGL to accelerate the terminal output.

      • TechRepublicHow to deploy a service to a Docker Swarm cluster | TechRepublic

        Docker Swarm is a way to create a cluster for container deployment. Jack Wallen walks you through installing a Docker Swarm cluster and then deploying and managing a service to the cluster.

      • UNIX CopHow to install Icaros Desktop

        I’ve already wrote some articles about some of the lesser know FLOSS Operating Systems. For example ReactOS or Haiku. Because not everything in life is unix, today I’ll write about how to install Icaros Desktop.

      • Find User Accounts With Empty Password In Linux - OSTechNix

        The worst kind of password is not a weak password but no password at all. As as system admin, you must ensure that every user account has a strong password. This brief tutorial explains how to find user accounts with empty password in Linux.

        Before getting into the topic, let us have a quick recap of shadow file and its purpose.

      • How to Resize Images in Linux KDE Plasma Dolphin with ReImage - Fasterland

        ReImage is a convenient and useful KDE service menu extension for Dolphin and Konqueror that allows you to manipulate images and their metadata directly from your preferred KDE Plasma file manager.

      • ID RootHow To Install Okular on Ubuntu 20.04 LTS

        In this tutorial, we will show you how to install Okular on Ubuntu 20.04 LTS. For those of you who didn’t know, Okular is a universal document viewer developed by KDE. Okular allows you to read PDF documents, comics, and EPub books, browse images, visualize Markdown documents, and much more.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Okular Document Viewer on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to install and play Among Us on Linux | FOSS Linux

        Among Us is a video game that lets you play with other people and figure out what they think. In this game, the player is placed in a game with other people, and they work to complete tasks and try to find the “imposter” in the group.

        Among Us is a huge hit, but the game doesn’t work well on Linux. Even though it’s not easy to get Among Us to work on Linux, it can be done with some help, as illustrated in this article guide.

      • Fix Sudo Apt-get Install Openssh-server Not Working Error : Enable SSH Server On Ubuntu |

        In this tutorial, we will show you the methods to enable ssh server to fix the Sudo apt-get install OpenSSH-server not working error. SSH (Secure Shell) is a standard network tool. It is mostly used to establish a secure connection between systems in the network. If you are using Ubuntu then Ubuntu comes by default with SSH as an OpenSSH server but sometime you might not have SSH installed in your Ubuntu.

      • How to Install MongoDB on RHEL 8 / CentOS 8

        MongoDB is a scalable, Open source, high performance, and document-oriented NoSQL database. It is developed and supported by 10gen. NoSQL stats that MongoDB doesn’t use Tables and rows.

        MongoDB provide better performance as compared to other databases because it saves the data in JASON like documents along with dynamic schema. In this guide, we will cover MongoDB Community Edition Installation on RHEL 8 and CentOS 8 system. Without any further ado, let’s deep dive into the installation steps.

      • Find User Accounts With Empty Password In Linux - OSTechNix

        The worst kind of password is not a weak password but no password at all. As as system admin, you must ensure that every user account has a strong password. This brief tutorial explains how to find user accounts with empty password in Linux.

        Before getting into the topic, let us have a quick recap of shadow file and its purpose.

      • How To Migrate WordPress Manually To New Host

        Any website migration is regarded as one of the most difficult operations. Fortunately, WordPress provides a plethora of backup plugins to help and automate the entire backup and migration process. However, WordPress is constructed in such a way that manually migrate WordPress could not be simpler.

        In this tutorial, I’ll show you how to migrate a WordPress site manually to a new host or server. This is especially useful if the site is hosted on a server with insufficient resources to enable the backup plugin. Backup plugins typically demand a minimal amount of resources to execute site backup and migration to another server. I’ve prepared a list of backup plugins for WordPress. So, if your server is healthy and has sufficient resources, I recommend that you install a backup plugin for WordPress migration.

      • Ubuntu HandbookHow to Install the Simple Audio Recorder in Ubuntu 22.04 | UbuntuHandbook

        This simple tutorial shows how to install the tiny sound recording app “Audio Recorder” in Ubuntu 22.04 LTS.

        “Audio Recorder” is a little open-source app that can record audio from your system’s sound card, microphone, browsers, webcams and any sound that your PC plays out.

        The tool has a built-in timer that automates audio recording on given clock time or after time period, auto stop when the recorded file size exceeds a limit. And, it can be controlled via Rhythmbox, VLC, Audacious and other MPRIS2 compatible players. For Skype users, it can automatically record all your Skype calls without any user interaction.

    • Games

      • Boiling Steam2100 Games On The Steam Deck, with Metro 2033 Redux and Resonance of Fate as Verified - Boiling Steam

        A rather slow week again after the 2000 games milestone on the Steam Deck. There are now 2100 games (1997 at the time of writing) working on the Steam Deck – in two categories as usual...

      • GamingOnLinuxSteam Deck gets a small update to fix Downloads, adds Triggers for Keyboard | GamingOnLinux

        Here we go again Steam Deck fans, another upgrading ready and waiting to be downloaded. This time though, it's a pretty small one with only a few changes. All welcome changes though of course.

        Some users noticed recently that downloading on the Steam Deck might cause the Steam Client to freeze. Obviously a pretty major problem and one thankfully Valve has solved quite quickly since the last update.

      • GamingOnLinuxValve marks the first month of the Steam Deck | GamingOnLinux

        Valve has released a news post going over some of the changes and improvements of the Steam Deck over the first month since the initial release. There's a lot that's been going on, with updates releasing rather regularly. Most of it, we've already gone over in articles you can follow on the Steam Deck tag and videos on the GamingOnLinux YouTube Channel.

        Some of what's mentioned includes jumping over 2,000 Verified and Playable titles, which is a nice healthy number for such a new system. There's quite a lot of issues there though, they know this, and so the feedback system was introduced to see how different the experience is compared with Deck Verified and what players actually see.

    • Distributions

      • New Releases

        • Barry KaulerFinal changes before releasing EasyOS 3.4.5

          I have been doing some final testing before uploading Easy 3.4.5.

          Problems were encountered flipping between ROX-mode icons-on-desktop and JWM-mode icon-free-desktop. I tweaked /root/.xinitrc and had to modify JWMDesk -- the PET is now version

          Firefox has been bumped to version 99.0, and youtube-dl updated -- the youtube-dl in Easy 3.4.4 no longer works -- though the GUI does have an update button.

      • SUSE/OpenSUSE

        • SUSE's Corporate BlogSolidify your containerisation strategy with SoftIron and SUSE Rancher | SUSE Communities

          SoftIron recently announced that it has partnered with SUSE to provide integration support for SoftIron’s HyperDrive storage appliances (purpose-built to deliver optimal Ceph performance) using HyperDrive Storage Plugin for SUSE Rancher. Read on the guest blog authored by Craig to find out why this is a big win for those working with containers and Ceph! ~Vince

      • Debian Family

      • Canonical/Ubuntu Family

        • If things don't change, things will stay as they are.

          The 'canary' ISO for Ubuntu 22.04 (Jammy Jellyfish) introduces the new Ubuntu Desktop installer which uses 'subiquity' as a backend and 'Flutter' for the UI.

          Rather than hack '' to coerce compatibility I'm developing a new script which takes the most useful features and targets functionality that is more relevent to current usage.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • IBM/Red Hat, Fedora and Ubuntu

        • VideoIn the Clouds (E22) | Edge Computing in Space - Invidious
        • Red Hat OfficialRed Hat Adds Common Criteria Certification for Red Hat Enterprise Linux 8 | Red Hat

          Red Hat, Inc., the world's leading provider of enterprise open source solutions, today announced a new Common Criteria Certification for Red Hat Enterprise Linux 8.2, further strengthening Red Hat Enterprise Linux as a platform of choice for users with critical workloads in classified and sensitive deployments.

        • Red Hat’s Retiring CFO on her Advice for Younger Professionals
        • ZDNetRocky Linux arrives on Google Cloud | ZDNet

          For years, CentOS Linux was Linux-savvy system administrators' top choice. They could use it and get the best of Red Hat Enterprise Linux (RHEL) without paying for support -- unless they really needed the help. Then, when Red Hat shifted focus from CentOS Linux, other groups seized the opportunity to build RHEL clones, such as AlmaLinux and Rocky Linux, for cost-conscious server and cloud users.

          The latest move in this arena came when CIQ, the high-performance computing company and Rocky Linux's parent, joined forces with Google Cloud to provide customers with unified best-in-class support.

        • UbuntuIBM z16 is here, and Ubuntu 22.04 LTS beta is ready

          IBM has just unveiled its IBM z16 next-generation computing platform. As the latest product in the zSystems server family, IBM z16 delivers the outstanding performance and security that IBM mainframes are known for, while also bringing innovations in AI inferencing, hybrid cloud support, and quantum-safe cryptography.

          Building on the long-standing partnership between IBM and Canonical, Ubuntu Server 22.04 LTS (currently in beta) has been developed in parallel with IBM z16 to enable organisations to make the most of the new IBM platform from day one.

          In order to utilise many of the new features available with IBM z16, operating system support is essential. Ubuntu 22.04 provides this support not only for the core system, but also across the full scope of peripherals and special facilities. What’s more, several brand-new packages were added to Ubuntu 22.04 to improve ease-of-use for advanced IBM z16 capabilities.

        • Unicorn MediaUbuntu's Throwing a Release Party and Needs Speakers! - FOSS Force

          It looks like it’s party season in Linuxland! There’s now an announced release party for Ubuntu’s upcoming 22.04 released.

          About a week-and-a-half ago we told you about Fedora’s upcoming release party bash to celebrate the release of Fedora 36. Evidently party-animal-with-a-tie Mark Shuttleworth read the news from the Isle of Woman and Man and decided it wasn’t fair for Fedora users to have all the fun, so a decree has come down from on high that Ubuntu’s having a release party too, for Ubuntu 22.04, which ready for prime time in two weeks.

          Ubuntu’s release party will come before Fedora’s planned event, on May 1st, or Mayday — which is both the international distress signal and an important holiday for labor union folks. We’re not sure which is pertinent here.

      • FSF

        • GNU Projects

          • GNUGNU gzip - News: gzip-1.12 released [stable] [Savannah]
            Thanks to Paul Eggert and Lasse Collin for all the work
            on fixing the exploitable zgrep bug, and to Paul for
            handling most of the other changes.

            Here are the compressed sources: (1.3MB) (808KB)

            Here are the GPG detached signatures[*]:

            Use a mirror for higher download bandwidth:

            Here are the SHA1 and SHA256 checksums:

            91fa501ada319c4dc8f796208440d45a3f48ed13 gzip-1.12.tar.gz W0+xTTgxTgny/IocUQ581UCj6g4+ubBCAEa4LDv0EIU gzip-1.12.tar.gz 318107297587818c8f1e1fbb55962f4b2897bc0b gzip-1.12.tar.xz zl4D5Rn2N+H4FAEazjXE+HszwLur7sNbr1+9NHnpGVY gzip-1.12.tar.xz

            The SHA256 checksum is base64 encoded, instead of the hexadecimal encoding that most checksum tools default to.

            [*] Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this:

            gpg --verify gzip-1.12.tar.gz.sig

            If that command fails because you don't have the required public key, or that public key has expired, try the following commands to update or refresh it, and then rerun the 'gpg --verify' command.

            gpg --locate-external-key

            gpg --recv-keys 7FD9FCCB000BEEEE

            wget -q -O- '' | gpg --import -

            This release was bootstrapped with the following tools: Autoconf 2.71 Automake 1.16d Gnulib v0.1-5194-g58c597d13b


            * Noteworthy changes in release 1.12 (2022-04-07) [stable]

            ** Changes in behavior

            'gzip -l' no longer misreports file lengths 4 GiB and larger. Previously, 'gzip -l' output the 32-bit value stored in the gzip header even though that is the uncompressed length modulo 2**32. Now, 'gzip -l' calculates the uncompressed length by decompressing the data and counting the resulting bytes. Although this can take much more time, nowadays the correctness pros seem to outweigh the performance cons.

            'zless' is no longer installed on platforms lacking 'less'.

            ** Bug fixes

            zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. [bug introduced in gzip-1.3.10]

            zgrep now names input file on error instead of mislabeling it as "(standard input)", if grep supports the GNU -H and --label options.

            'zdiff -C 5' no longer misbehaves by treating '5' as a file name. [bug present since the beginning]

            Configure-time options like --program-prefix now work.
      • Programming/Development

        • The Bargain Bin B-Tree

          I've been working lately on a bit of an overhaul of how the search engine does indexing. How it indexes its indices. "Index" is a bit of an overloaded term here, and it's not the first that will crop up.

          Let's start from the beginning and build up and examine the problem of searching for a number in a list of numbers. You have a long list of numbers, let's sort them because why not.

        • MozillaMozilla Performance Blog: Performance Sheriff Newsletter (March 2022)

          In March there were 175 alerts generated, resulting in 21 regression bugs being filed on average 5.4 days after the regressing change landed.

          Welcome to the March 2022 edition of the performance sheriffing newsletter. Here you’ll find the usual summary of our sheriffing efficiency metrics, followed by a review of the year. If you’re interested (and if you have access) you can view the full dashboard.

        • Sok’22 Week 11: Finalizing the Left-Right Click Activity – Samarth raj

          In my previous blog, I discussed the random placement of the animal cards and avoiding the overlap between two animal cards.

          As we are moving towards the end of the SoK period. I want to thank my mentors for resolving all my doubts(mostly silly) and helping me improve.

        • Hacking the Linux Kernel in Ada – Part 1
        • Hacking the Linux Kernel in Ada – Part 2
        • Hacking the Linux Kernel in Ada – Part 3
        • Python

          • How to Change a String to Lowercase in Python - buildVirtual

            With Python there are lots of ways you can manipulate strings. One of the most common I find myself using is to convert a string to lowercase, often before passing the string to another function. This can be useful with dealing with anything that is case sensitive. Luckily, its easy to change a string to lowercase in Python.

          • How to choose the right tool for your web scraping project? - Anto ./ Online

            Many people in different fields have employed Python to do web scraping. The most common purposes for this are data science and mining large amounts of structured or unstructured information from the Internet, which can be difficult without appropriate software tools.

            Python is excellent for web scraping because Python allows programmers to write a simple scraping script containing 1000 or more lines of code in 10 to 15 minutes. So you do not need to be a super experienced developer to do this. If you don’t know Python, read this guide to see why you should!

        • Shell/Bash/Zsh/Ksh

          • People are the best data cleaners

            Did you raise your eyebrow skeptically when you read the title of this blog post?

            If you did, maybe you're a penny-pinching manager in a business or government agency. "People are expensive. Isn't there some off-the-shelf software or online service that can clean our data automatically?"

            Or you might be an ambitious developer. "If people can do it, software can do it. And data's just text, for Heaven's sake. How hard could it be to write a text-cleaning package?"

            Or you might be a machine-learning specialist, confident that after just a few hundred hours of training with the right sort of datasets, your pet ML project could become the Leela Chess Zero or GNMT of data cleaning.

            Readers who agree with the title of this post are likely to be a bit closer to the realities of data cleaning than my hypothetical manager, developer and ML enthusiast.

        • Rust

          • Announcing Rust 1.60.0 | Rust Blog

            The Rust team is happy to announce a new version of Rust, 1.60.0. Rust is a programming language empowering everyone to build reliable and efficient software.

          • LWNRust 1.60.0 released []

            Version 1.60.0 of the Rust language is available. Changes include coverage-testing improvements, the return of incremental compilation, and changes to the Instant type...

    • Standards/Consortia

      • Khronos Blog - The Khronos Group Inc

        The release of the OpenCLâ„¢ 3.0 specification was a significant milestone for this open standard for low-level heterogeneous parallel programming, creating a pervasive baseline that can be cleanly extended with new functionality requested by developers. But a strong open standard ecosystem is much more than just an API document and Khronos is making significant investments to improve the OpenCL developer experience. Read on to discover the latest updates to the OpenCL SDK and what is coming on the SDK roadmap!

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • The Register UKRed Hat gets RHEL 8.2 certified for high level US government security

            Linux slinger Red Hat has achieved Common Criteria certification for Red Hat Enterprise Linux 8.2.

            This means it is cleared as a platform suitable for US users with critical workloads in classified and sensitive deployments, including national security agencies, finance and healthcare organizations.

          • Steinar H GundersonUbuntu plocate security review
          • USCERTVMware Releases Security Updates | CISA

            VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

          • eSecurity PlanetProtecting Against the Spring4Shell Vulnerability | eSecurityPlanet

            Spring4Shell (CVE-2022-22965) is a remote code execution (RCE) vulnerability that affects Spring Core, a comprehensive framework for Java-based enterprise applications.

            Spring4Shell gets its name from the Log4Shell vulnerability, one of the most critical zero-day threats ever, which affected a Java software component called Log4j and allowed hackers to take control of web servers and networks.

            Spring4Shell is a critical vulnerability for web applications and cloud services. Any RCE is a serious threat, and GitHub is already full of POCs (proofs of concept) that disclose the exploit publicly, so cybercriminals can’t miss it.

          • Red Hat OfficialSecure your Edge Solutions with Red Hat and ZettaSet

            Modern environments, especially edge computing and 5G, are complex, highly distributed, highly multi-tenant. Such environments push enterprise data close to the edge and create numerous exposure points and attack surfaces that did not exist in legacy monolithic deployments.

            In the previous article, we outlined five security considerations for edge deployments. The key component that will be addressed in this post is data. Let’s walk through how Red Hat OpenShift and Zettaset XCrypt for OpenShift customers can take advantage of a platform for microservices deployments with the granular and high performance data protection and management capabilities that modern architectures require.

          • Privacy/Surveillance

            • GoogleProject Zero: CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability

              As well as doing my own vulnerability research I also spend time trying as best as I can to keep up with the public state-of-the-art, especially when details of a particularly interesting vulnerability are announced or a new in-the-wild exploit is caught. Originally this post was just a series of notes I took last year as I was trying to understand this bug. But the bug itself and the narrative around it are so fascinating that I thought it would be worth writing up these notes into a more coherent form to share with the community.

Recent Techrights' Posts

There's Nothing "Funny" About Attacking Free Speech and Software Freedom
persistent focus on the principal issues is very important
GNU/Linux Adoption in Africa, a Passageway Towards Freedom From Neo-Colonialism
Digi(tal)-Colonialism and/or Techolonialism are a thing. Can Africa flee the trap?
Links 05/12/2023: Microsoft's Chatbot as Health Hazard
Links for the day
Professor Eben Moglen Explained How Software Patent Threats Had Changed Around 2014 (Alice Case) and What Would Happen Till 2025
clip aged reasonably well
CNN Contributes to Demolition of the Open Web
Reprinted with permission from Ryan Farmer
Eben Moglen on Encryption and Anonymity
The alternate net we need, and how we can build it ourselves
Yet More Microsofters Inside the Board of Mozilla (Which Has Just Outsourced Firefox Development to Microsoft's Proprietary Prison)
Do you want a browser controlled (and spied on) by such a company?
IRC Proceedings: Monday, December 04, 2023
IRC logs for Monday, December 04, 2023
GNU/Linux Now Exceeds 3.6% Market Share on Desktops/Laptops, According to statCounter
things have changed for Windows in China
Over at Tux Machines...
GNU/Linux news
Links 05/12/2023: Debt Brake in Germany and Layoffs at Condé Nast (Reddit, Wired, Ars Technica and More)
Links for the day
[Meme] Social Control Media Giants Shaping Debates on BSDs and GNU/Linux
listening to random people in Social Control Media
Reddit (Condé Nast), Which Has Another Round of Layoffs This Month, Incited People Against GNU/Linux Users (Divide and Rule, It's 2003 All Over Again!)
Does somebody (perhaps a third party) fan the flames?
Who Will Hold the Open Source Initiative (OSI) Accountable for Taking Bribes From Microsoft and Selling Out to Enable/Endorse Massive Copyright Infringement?
it does Microsoft advocacy
Using Gemini to Moan About Linux and Spread .NET
Toxic, acidic post in Gemini
Web Monopolist, Google, 'Pulls a Microsoft' by Hijacking/Overriding the Name of Competitor and Alternative to the Web
Gulag 'hijacking' 'Gemini'
Links 04/12/2023: Mass Layoffs at Spotify (Debt, Losses, Bubble) Once Again
Links for the day
ChatGPT Hype/Vapourware (and 'Bing') Has Failed, Google Maintains Dominance in Search
a growing mountain of debt and crises
[Meme] Every Real Paralegal Knows This
how copyright law works
Forging IRC Logs and Impersonating Professors: the Lengths to Which Anti-Free Software Militants Would Go
Impersonating people in IRC, too
IRC Proceedings: Sunday, December 03, 2023
IRC logs for Sunday, December 03, 2023
GNU/Linux Popularity Surging, So Why Did MakeUseOf Quit Covering It About 10 Days Ago?
It's particularly sad because some of the best articles about GNU/Linux came from that site, both technical articles and advocacy-centric pieces
Links 04/12/2023: COVID-19 Data Misused Again, Anti-Consumerism Activism
Links for the day
GNOME Foundation is in Reliable Hands (Executive Director)
Growing some good in one's garden
Links 03/12/2023: New 'Hey Hi' (AI) Vapouware and Palantir/NHS Collusion to Spy on Patients Comes Under Legal Challenge
Links for the day
'Confidential Computing'? More Like a Giant Back Door.
CacheWarp AMD CPU Attack Grants Root Access in Linux VMs
IRC Proceedings: Saturday, December 02, 2023
IRC logs for Saturday, December 02, 2023
Links 03/12/2023: CRISPR as Patented Minefield, Lots of Greenwashing Abound
Links for the day