Razer is known for its gaming peripherals and hardware.
On the other hand, Lambda offers workstations, servers, and GPU clusters equipped with their software stack to facilitate deep learning as conveniently as possible.
They have collaborated to present a sleek-looking modern laptop (powered by Ubuntu 20.04) tailored for deep learning on the go.
Razer has unveiled a rather eye-catching new Linux laptop as it looks to stamp its mark in sectors beyond PC gaming.
The new Tensorbook is the product of a collaboration with a company called Lambda, which specializes in workstations, servers and cloud services for machine learning.
The notebook is tuned specifically for scientific workloads, and has been billed by the two companies as the “world’s most powerful deep learning laptop”.
Not all IT administrators realize this, but when an enterprise is developing deep-learning applications for industrials, pharmaceuticals, academics and medical research, it’s much more efficient and time-saving to develop them using Linux workstations. Why? Because the apps eventually will run on Linux production servers and they’ll have been talking the same code language long before they connect.
Lining up the apps built on Linux laptops running operating systems such as Red Hat, Ubuntu, Debian or others with production servers running the same operating systems avoids many potential snafus when putting the apps into action, an expert in this field, Stephen Balaban, CEO and cofounder of Lambda, told VentureBeat.
I've used pretty much every desktop out there, and the Linux desktop is still the best of the best.
I've been working with desktop computers since CP/M-80 was the operating system of the day. Since then, I've used MS-DOS, Windows, OS/2, AmigaOS, System 7, macOS, Xenix, SCO OpenDesktop, and more versions of Linux than you can shake a stick at. Even today, I have Windows 10 and 11 and macOS running on test boxes. But what I run on my production PCs and laptops is Linux. Here's why.
First, long before there were PCs, I was running Unix on minicomputers. My first "desktop" was the Bourne shell on a VT-102 terminal. I cut my teeth on shell commands. So, naturally, early Linux came easily to me. Linux turned 30 last year and it was about this time 30 years ago that I started using it on a desktop.
But, enough of techie nostalgia. True I'm still comfortable running a Bash-based terminal for my desktop, but I don't have to. Despite the eternal garbage about how hard Linux is to use, anyone – anyone – can use it today. Heck a decade ago, I taught my then 82-year-old mother-in-law how to run Linux and we didn't even share a common language! She's a native Spanish speaker, I grew up with English, and neither of us has a lick of talent in learning other languages.
 Released a little over three months ago, Linux kernel 5.16 brought features like Collabora’s futex_waitv() kernel system call that boosts your gaming experience when playing both native Linux games and Windows games via Wine, updated Zstd (Zstandard) compression, a new fanotify event type for file system health reporting, as well as Raspberry Pi Compute Module 4 (CM4) support
A while ago I helped a colleague, Vadim, debug a performance issue with TensorFlow in an unexpected location. I thought this was a bit interesting so I've been meaning to share it; here's a rough post of the details.
If you are trying to open a PDF file on Ubuntu 22.04, you will need some extra software in order to view the document. Since Ubuntu does not have a native way to open PDF documents by default, users will need to install a PDF viewer. In this tutorial, you will see several different options for software that can be downloaded and installed to open PDF documents on Ubuntu 22.04 Jammy Jellyfish.
Mumble is a free, open source, low latency, high quality voice chat application.
Mumble was the first VoIP application to establish true low latency voice communication over a decade ago. But low latency and gaming are not the only use cases it shines in.
This is an idea that I’m playing around with. Here are some categories for any reviews. They could later depending on what I learn while doing the reviews.
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 267 and cockpit-machines 266...
Mtr (my traceroute) is a command-line network diagnostic tool that provides the functions of the ping and traceroute commands. It is a simple and cross-platform tool that outputs information about the entire route that network packets take from the host system to the specified destination system. The mtr command is superior to the traceroute command because it also outputs the response percentage and response times for all network hops between the two systems.
As a network administrator, you must know how to use the mtr command and the flags that you can use to customize the output in order to perform productive network diagnostics. This article explains the use of the mtr command in detail and provides examples to show you how to use specific flags with this command.
Treating yourself to a new Linux Mint ‘Una‘ installation or you’re seeking your first foray into the world of Ubuntu-based Linux, then you couldn’t possibly go wrong with this flavor of Linux Mint running XFCE with a slew of bundled applications and unique customizations running in a tight-knit but lightweight environment.
This version of Linux Mint is peculiar due to its introduction of dark mode and will be forever immortalized as a result.
In this video, I am going to show how to install MX Linux 21.1.
Booting a Linux system into rescue mode or single user mode is one of the important troubleshooting for Linux admins. Rescue mode is also known as single user mode. Generally Linux system is booted into rescue mode in order to recover forgotten root password and to repair and fix corrupted file system.
Apart from the rescue mode, Linux system can be booted into emergency mode, the main difference between them is that rescue mode loads a minimal environment with read only root file system whereas emergency mode doesn’t mount root file system.
Jupyter Notebook is a powerful and open-source tool for the documentation of data and scientific analysis. Python, R, Julia, and Scala are just a few of the languages supported by Jupyter Notebook. It has a kernel for each language, an editor for writing and running code, and real-time output cells.
In this tutorial, we will show you how to install TradingView on Ubuntu 20.04 LTS, as well as some extra required packages by TradingView
If you admin websites, you know how important data analysis can be. You might need to keep abreast of things like visitors, search engines and keywords used, languages spoken, pages liked, downloaded files and more. That data can be an important part of growing and optimizing your sites and the content you provide.
Jitsi Meet is a WebRTC-based video conferencing software that allows you to communicate with others. A Jitsi Meet server allows you to join multi-person video conference rooms that function similarly to a Zoom or Skype meeting. The advantage of a Jitsi conference is that all of your data travels only through your server, and end-to-end TLS is used to secure the connection.
Linux has many desktop applications that make the system more and more usable, and more and more people can feel comfortable with it. So today, I will show you how to install FeatherNotes on Debian 11. This note-taking application can become a great ally for our work with the system.
Are you using the latest version of Ubuntu and looking for a way to clear your DNS cache? Then you’ve come to the right place. In the following tutorial, you will learn how to clear the DNS cache in Ubuntu 20.04 and Ubuntu 22.04. We’ll also explain why you should clear your DNS cache from time to time. So let’s start with the process
In this tutorial, we will show you how to install MySQL on Rocky Linux 8. For those of you who didn’t know, MySQL is an open-source, cross-platform, and one of the most widely used Relational Database Management Systems (RDMS). MySQL 8.0 was released a while back and it is built with a number of improvements to enable innovative DBAs and developers to create and deploy the next generation of applications on the latest technologies.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MySQL database on Rocky Linux. 8.
Learn how to use callback plugins to customize Ansible's output and then save that output to a file.
By default, Ubuntu 22.04 Jammy Jellyfish sports the GNOME desktop environment, or no GUI at all in the server edition. If you would like to change things up and install Mate instead, the GUI can be downloaded and installed directly from Ubuntu’s package repositories.
This can be done whether you are switching from GNOME to Mate, or you currently are running command line interface only and wish to install a graphical desktop environment. Mate is a great choice that comes with all the tools you will need to administrate your Ubuntu system.
In this tutorial, we will go through the step by step instructions to install the Mate GUI desktop environment on Ubuntu 22.04 Jammy Jellyfish.
After installing SSH on your Linux system, one of the most important security practices it to make sure that the service is only enabled for intended accounts. If you have one or more accounts which do not need SSH access, then the service should be disabled for those accounts. This is to prevent one being exploited, or maybe you just do not want that particular user to be using SSH to access the server.
In this tutorial, we will go through the step by step instructions to enable or disable SSH for a specific user on a Linux system.
Ubuntu’s keyring is a feature that collects all of your passwords in a secure application (gnome-keyring) and will use these stored passwords to automatically log you in to various services. All of your stored passwords inside of the keyring are protected by a single master password. The keyring gets “unlocked” when you first provide your system password at sign in.
Users that have enabled automatic log in for their system may have noticed a persistent and annoying popup message that says The login keyring did not get unlocked when you logged into your computer. This is just the gnome-keyring application asking for your password so that it can be used to authenticate with various services and applications on your system.
The problem is that having an automatic login does not do you much good if you still need to provide your password every reboot for some other application. In this tutorial, you will see how to deactivate the keyring pop up on an Ubuntu Linux system.
Two-step verification is highly recommended to secure your online accounts. Most services now provide you with a feature to enable two-step verification. In the early days, we were dependent on OTP for two-factor authentication, but now you can choose several third-party applications for this specific task, and one of them is Twilio Authy.
War for the Overworld, a Dungeon Keeper inspired game from 2015 had a huge free upgrade recently bringing some graphical improvements and performance optimizations. Nice to see a developer come back to an older title.
The game for the most part is in maintenance mode but this was something of an experiment for a member of their team, and still quite impressive to just come out with years later. One of the major additions is the inclusion of real-time shadows, which dramatically improves the moody look of the game.
Splitgate is actually a pretty great online FPS but it has a major problem with its matchmaking system, so it's getting a rewrite to suck less.
The problem with the current system is that not only is it slow, it's forgetful. It will reset constantly, and re-queue you as it tries to find a bunch of new people to play with. One of the results of how slow it works, is that you end up playing with more bots than intended as it forces you into a game eventually and the developer is solving this.
With an upcoming update the "entire backend" is being rewritten. 1047 Games say the new system will be much smarter, it will keep you playing with people previously found to be a good match instead of entirely resetting, it's fast and scalable and more configurable.
Back 4 Blood, the zombie shooter from Turtle Rock Studios has a fresh update out, and the developer has gotten it working on Linux and Steam Deck with Proton.
An important note though, is that this is "experimental" right now so there may be other issues. However, I've personally tested it on Steam Deck and it works quite well. You get a chat disconnection message often, and cut-scenes seem to stutter with the official Proton but other than that, it's quite playable and enjoyable on the defaults.
Arx Fatalis is an Arkane Studios classic from 2002 that was officially open sourced. This update for Arx Libertatis should hopefully make it work even better on the Steam Deck, and Linux desktops using Mesa drivers.
"This critically acclaimed first-person RPG from Arkane Studios takes the player on an amazing journey into the fantasy world of Arx. Arx is wrought with turmoil, brought to the brink of destruction by a violent war. The sun has disappeared from overhead to shroud the world in eternal darkness, forcing communities to begin inhabiting underground mines. But as food and drink becomes scarce, the wars become even more violent as each race – from trolls, goblins, and rat-men, to humans – struggle for survival."
 Once, we had time to enjoy the mighty arcade games on the vendors. And we spent all our pocket money there for the games. However, as we all have PC and smartphones near our hands, the arcade vendor machines are not so much popular nowadays. But if you are a 90’s kid, I am sure you are missing those nostalgic arcade games. Well, if you are using a Linux-based PC, I have good news for you. Just try the best arcade games for Linux and get back those memorable experiences again.
Being an arcade game doesn’t mean that you will enjoy it. Even most arcade games for Linux are not worth getting a try for their poor graphics, storyline, and theme. Anyway, we manage to get some of the arcade games that can be your pieces of cake. And here, we are reviewing the games to help you find the appropriate one for yourself. Don’t forget to glance over the features to find the one that suits your test the most.
 GCompris is KDE’s educational software suite and currently includes around 170 activities for children aged from 2 to 10 years old. All these activities have big, bright and colorful images, designed to encourage children to have fun with the tasks.
Two months ago Karl, a GCompris contributor, asked if the images on our Erase activity could be updated to use higher-quality images.
 Hey, I know what you’re thinking: Linux isn’t exactly short of music players. From colossal collection comperes like Clementine to classy command-line clients like mpd, by way of streaming music services like Spotify, or a middle-minded media manager like Rhythmbox — Linux has ’em all.
Amberol slots in nicely. It’s neither derivative or original, but it is modern: it’s built using GTK4 and Rust. Design wise it’s novel to look at with its gradient backgrounds and matches the aesthetic of modern GNOME ecosystem perfectly.
What app does that? It is 'gtk3-widget-factory', and I didn't even know I have it in EasyOS. It is in the GTK3 package.
I'm excited to finally announce the stable release of Turnkey v17.0. It's been a bit of a slog, taking way longer than I had hoped and there are only two this time. Regardless, we've finally made it to the stable release milestone, at least for Core and TKLDev. Hopefully we can keep the momentum up and have more v17.0 appliances ready really soon!
In the meantime, these 2 new v17.0 appliances are published to our mirror network and are also available for download direct from their relevant appliance pages (app page links above, direct download links below) or launched directly from the Hub.
Finally, whilst I can't take any credit at all, I'm super excited that community member, Yannick has produced "preliminary" Raspberry Pi 4 builds! I've only just ordered mine, so I can do some testing and hopefully get "official" RPi builds released sometime soon. If you have an RPi4, please do download an image and give it a test drive. I'm sure that Yannick would welcome some feedback, considering all the hard work he has put in developing this from scratch!
The Arch-based distro EndeavourOS has a new release with plenty of improvements and some new feature additions.
Archcraft April 2022 release is now available for download with updated applications and bug fixes.
Archcraft is a super lightweight Arch Linux based Linux distribution that primarily features the Openbox and BSPWM window managers with a clean look and built-in themes.
The openSUSE community has published results from the annual community survey.
This year’s results increased from last year’s results by more than 100 participants, with 1,320 respondents this time around. While participation increased, results indicated a larger amount of people located in Europe took the survey. Since other regions were less represented, people should be aware of this fact while reading the results.
Information was gathered about the project, its distributions, the demographics and how the community is contributing to the project. A number of questions in this year’s survey provided participants with a wider opportunity to express their opinions and satisfaction with the above topics. A document lists all the comments from the survey.
Moin,
In the last months many people have brought up the topic of "When will the next SLE major version come out?". Today we would like to give you a first update on the plans.
Since 2018, when SLE 15 was initially released a lot of things have changed, including requirements from users and customers, technologies, the speed of new versions of applications, languages and their libraries appearing.
Also the connection between Leap and SLE has changed. And while some bits and pieces got better, we firmly believe we can do better. SLE 15 is a great general purpose operating system, yet challenges with some use cases, now places of deployment, and the type of enhancement requests show that it's time for a successor.
 RebornOS is a unique Linux platform that has much to offer. It goes well beyond the concept of the Linux legacy being all about freedom of choice.
Your desktop choice can also affect system performance and features. Some of the options draw more heavily on system resources. Others are more lightweight and provide fewer frills.
The live session experience suggests that RebornOS is devoid of standard applications. The default GNOME environment can be somewhat unimpressive.
Push beyond that initial negative impression. Much of this distro’s power and uniqueness is not evident until you install it.
Agile development is a valuable enabler of digital transformation. It allows organizations to respond rapidly to changing competitive forces, address developing customer needs, and drive strategic changes. Agile does this by empowering team autonomy and self-determination, establishing a tight alignment between development and clients or users, and implementing short, targeted, rapid development cycles (“sprints”) to rapidly deliver minimum viable product (MVP) releases prior to iteration.
Collaboration is a critical ingredient for successful IT organizations. Whether teams are fully remote, in the office, or hybrid, they need seamless and simple ways to seek out help, troubleshoot issues, and work on solutions collaboratively. IT leaders have an important role to play here.
We asked CIOs who recently won the 2022 Florida CIO of the Year ORBIE Awards how they create a culture of collaboration on their teams.
Read on for four ways you can ensure your teams have what they need to collaborate effectively in a hybrid work era.
Cluster administrators on Kubernetes need to create namespaces for multiple developer teams and limit their use of resources by provisioning those namespaces with resource quotas and limit ranges. In this article, you'll learn how to automate these tasks with Argo CD, and how to use either Kustomize or Helm charts to simplify the process. The result implements the fundamentals of DevOps and GitOps, whereby any changes to the repository update the deployed resources.
Enterprise Java applications don't run in a vacuum, but interact with other components such as databases, load balancers, monitoring, and so forth. Eclipse JKube makes it easier to build Java applications and connect them with the resources they need when running as containers under Kubernetes. This article builds on a previous article, Build a bootable JAR for cloud-ready microservices, and shows some advanced uses of JKube. We'll build and deploy a bootable JAR using Red Hat JBoss Enterprise Application Platform (JBoss EAP) and Jakarta EE, and incorporate a PostgreSQL database and MicroProfile capabilities.
New features and a substantial reduction in false positives bring GCC's static analysis closer to being production-ready for C code.
One of the most important security changes for OpenSSH in Red Hat Enterprise Linux (RHEL) 9 is the deprecation of the SCP protocol.
We’re making this change because the SCP protocol is decades old, and carries multiple security risks and issues that have no straightforward solutions. New issues are being reported frequently (CVE-2020-15778 is the most recent as of this writing, but we can’t be sure it will be the last) and it is rather difficult to fix them all properly because the protocol is inherently trustworthy of authenticated sessions.
For this reason, some RHEL customers wish to completely disable the SCP protocol in their systems. At the same time, we have SFTP, a well-defined protocol that covers most of SCP’s use cases, so it makes sense to switch to the better protocol.
 Powered with latest technology of Free Libre Open Source Software aka FLOSS, comes with a brand new logo, got fantastically enjoyable user interface and experience, while being fast and ready to empower your computers, here's a pre-release overview of Ubuntu 22.04 LTS Jammy Jellyfish. We really found Ubuntu changed bravely this time with Snap adoption and Gimp re-inclusion. We'd love to discover these things for our beloved readers. Happy reading!
MLOps pipelines are a set of steps that automate the process of creating and maintaining AI/ML models. In other words, Data Scientists create multiple notebooks while building their experiments, and naturally the next step is a transition from experiments to production-ready code. The best way to do this is to build an effective MLOps pipeline.
What’s the alternative, I hear you ask? Well, each time you want to create a model, you run your notebooks manually. This process is time-consuming, error-prone and is just not scalable. It will consume the time and the energy of your people. Above all, it pulls them away from higher-value work.
In this blog post, we present how to build your own advanced MLOps pipeline using Kubeflow Pipelines (KFP), MLFlow and Seldon Core. We take a look at the tools and get them working seamlessly together in order to deliver your model to production in a scalable, efficient manner.
Arduino has released a new bootloader based on MCUBoot to increase the range of features and firmware safety of Arduino products, with the first release targetting STM32H7 based Arduino Portenta and Nicla Vision boards from the Arduino Pro family.
The release focuses on Arduino Mbed OS-based boards, but MCUboot is OS agnostic, and should also work with Zephyr, Nuttx, and Apache mynewt. The company has also made sure that the transition is easy and reused the existing OTA firmware upgrade process in place on Arduino boards.
To control things through gesture movement, GY-61 is a great and cheap way module enabling to manage all three directions moments
In this tutorial, we’ll interface the GY-61 accelerometer with Arduino Uno including code, connection diagram, and component list.
HedgeDoc is a self-hosted, web-based collaborative markdown editor for teams and enterprise. It is an ideal solution for students, researchers, and writers.
Formally it was called CodiMD, but changed its name in order to overcome a similar name conflict for another Markdown app.
GSoC is a Google-sponsored program that promotes open source development and enables individuals to submit project proposals to open source mentor organizations. Applicants whose proposals are accepted get paid to work on their project during the Northern Hemisphere's summer. The Apache Software Foundation (ASF) has been a GSoC mentor organization for the past 17 years. It acts as an umbrella organization, which means that applicants can submit project proposals to any subproject within the ASF, including Apache Cassandra.
 If convenience is your thing where you require sync/sign-in account features, Mozilla-specific offerings, and essential privacy protections, Mozilla Firefox should suit you better.
In case you do not want cloud-sync features, extras, and hardcore privacy-focused settings out of the box, LibreWolf will be the perfect solution.
Performance-wise, both should offer similar experiences. The benchmarks test (Basemark 3.0, Speedometer 2.0) didn’t work with LibreWolf for some reason, so I did not include any performance comparison chart.
I will prefer using Firefox because I do need the convenience of account-based sync without aggressive blocking capability. However, LibreWolf is a solid alternative for those who want to switch away from Firefox or just want to try something that’s laser-focused on user freedom and privacy.
“The Duri malware, for example, uses the Javascript blob technique.
The attacks are triggered by visiting a website with the malicious code.”
(this could be a well known, sincere, but hacked website)
“By downloading, the malware can install itself on the target device.”
“HTML smuggling is also made possible by the HTML5 “Download” attribute for anchor tags.”
“When a user clicks the HTML link, a download of the file is triggered.”
Qt's own QMake project files have been converted with a Python script named pro2cmake that lives in qtbase. This script is specially tailored for converting the projects in Qt repositories and is little useful for converting user projects.
We have forked this script and turned it into a converter for your projects: Say hello to qmake2cmake!
I could literally watch my technology deteriorating. My releases were always late. We had too many bugs. The UI felt old. That was when I used to head the R&D and product management of a cloud-based B2B solution. The solution used Java as the backend and Angular JS as the frontend UI framework. While the Java code was more than 15 years old, it performed well in the Docker containers. It was the UI framework I was worried about.
Finally the time has come! we are really excited to let you know everything we have been working on for this release so let's dive into the details
Conditional statements are the bread and butter of programming. They allow the machine to make decisions procedurally, through a process of elimination and repetition, almost making it act like it has its brain. Just a brain with a minimal amount of knowledge and no creative prowess (yet!) but functioning, nevertheless.
Today, we will talk about one specific conditional statement: the if-else statement. We will show you how to write the syntax for Bash scripting and use its different variations.
We first noticed the new WiFi 7 (802.11be) standard in January 2022 with MediaTek demonstrating Filogic 802.11be processors, and later Qualcomm introduced the FastConnect 7800 WiFi 7 and Bluetooth 5.3 solution for wireless clients, but we had not seen anything for WiFi 7 access points yet.
It all started with a simple pull request [1] to fix a bug. I have never attempted to just “merge” a pull request on Github before, but I figured, with such a simple change [2], why not try? Why not indeed.
Well, it broke my local repository. The commit message wasn't what I would have liked, and I felt a revision of the version number was required, which also involved updating the makefile and the Luarocks specification file [3]. I made the mistake (I think—I don't know) of ammending the merge message with a reformatted title and extra files and that was that. I was unable to push the changes back to Github.
I ended up having to reset both my local repositories and the Github repository. Hard. As in with the `git reset --hard` nuclear option. And hand added the patch into the code, redid all the changes to the makefile and Luarocks specification file multiple times. Ugly stuff. But I got it as I like it.
And then I went to load the new version of the code into Luarocks [4] and of course it failed. Of course. Github decided several months ago to depcrecate support for `git:` URL (Uniform Resource Locator)s [5] and guess what I'm using?
The Linux Foundation continued its push to infuse open source projects into the telecom space, launching the Kubernetes-based Nephio project with Google Cloud.
The Nephio project is designed to provide Kubernetes-based cloud-native intent automation and automation templates to make it easier for telecom operators to deploy and manage multi-vendor cloud infrastructure and network functions across large-scale edge deployments. It sits on top of a Kubernetes substrate either directly controlled from an operator or a hyperscaler-based platform like Google Config Connector, Amazon Web Services (AWS) Controllers for Kubernetes, and Azure Service Operator.
On March 15th 2022, president Joe Biden and the US Government passed new legislation to strengthen the Department for Justice (DOJ) Cybersecurity and Infrastructure Security Agency (CISA) position by requiring the reporting of all cyber incidents or ransomware payments. The Cyber Incident Reporting for Critical Infrastructure Act.
The bill only affects organisations that provide critical national infrastructure in the USA. A list of them is yet to be defined but it’s likely to include hospitals, power plants, water utilities, airports and similar entities.
Not unlike the UK’s GDPR requirements to report, the impacted entities will be required to report a cyber incident within 72 hours to the CISA. However, when it comes to ransomware, if an organisation providing critical infrastructure pays the ransom this must be reported within 24 hours of the payment.
A timely reminder is being issued to the effect that free web services are not the same as free software: the creator of the SSLPing service says he can't look after it anymore.
SSLPing was a useful tool to have around. Sign up, add your servers and the service would check certificates, protocols, ciphers and known vulnerabilities. It checked versions of TLS from SSL v3 to TLS 1.2 and, importantly for some major vendors who should know better, would also bleat if certificates were due for renewal (with nags at 10 days, three days and then on the renewal date.)
The tool was wielded by over 500 registered users, monitoring more than 12,500 TLS servers. It was lightweight and mercifully ad-free. Which appears to have become a problem for its creator, Chris Hartwig.
"It's broken and I can't and won't fix it," said Hartwig in a message posted on the project's homepage, pulling down the shutters on an operation that has run since March 2016.
We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. This may influence how and where their products appear on our site, but vendors cannot pay to influence the content of our reviews. For more info, visit our Terms of Use page.
Security updates have been issued by Arch Linux (gzip, python-django, and xz), Debian (chromium, subversion, and zabbix), Red Hat (expat, kernel, and thunderbird), SUSE (go1.16, go1.17, kernel, libexif, libsolv, libzypp, zypper, opensc, subversion, thunderbird, and xz), and Ubuntu (git, linux-bluefield, nginx, and subversion).
Have you considered using a YubiKey? In this complete guide, you'll learn everything you need in order to get started with these awesome security keys.
For more than five years, the Tunisian authorities have been deliberating over a new biometric ID law in Tunisia. Currently, every Tunisian over the age of 18 must carry an ID card. With the new bill, every Tunisian over the age of 15 would also have to give their fingerprints and face photo to the Ministry of Interior, gathering the sensitive information of an entire population in one single place for the purpose of identification and “electronic administration.”
With an outdated data protection law and no adequate privacy safeguards, the new biometric ID carries serious risks and threats to the right to privacy and other fundamental rights in Tunisia.
When in Thailand, I sent a postcard to my mum. "The man on the stamp is the local despot", I said. "He's a cunt"
I later found out that this sentence made me eligible for jail time, or death, which makes this the biggest crime I have ever committed. Post cards, unfortunately, cannot make use of end-to-end encryption (at least not when writing to my mum), but a privacy respecting protocol would undoubtedly solve the problem.
Canadian law recently changed to allow people to smoke cannabis. If the initial laws had worked in clamping down the use of cannabis, none of the pro-cannabis campaigning could have succeeded. Nobody would have thought 'I miss back when I could smoke cannabis, so I'll start the campaigning again, and one day have a joint'. They valued smoking weed because they already smoked weed. If police could have enforced anti-cannabis laws perfectly, no campaign or informed debate could have taken place, so nobody could have fixed the bad law.
Police could never have perfectly enforced the law, or even enforced it well, without mass surveillance. The crime hurt nobody, so nobody could have informed the police of any illegal acts with a clean conscience. The change in law required a healthy cannabis culture, which required a large populating of people who habitually smoked weed without being caught or causing any fuss.
Access Now supports Costa Rica’s call for a global moratorium on spyware technology, made publicly by Ambassador Catalina Devandas, Permanent Representative of Costa Rica to the United Nations in Geneva. At Protecting Defenders Online, a virtual side conversation at U.N. Human Rights Council’s 49th session, hosted by Access Now, and the United States and European Union Trade and Technology Council (U.S.-EU TTC) Partnership, Ambassador Devandas became the first state representative in the world to publicly call for the “immediate moratorium on the use of spyware technology until a regulatory framework that protects human rights is implemented.”
The call from Ambassador Devandas comes just weeks before the UNESCO World Press Freedom Day, an event that this year will focus on journalism under surveillance. Until now, most of the momentum demanding accountability for the use of Pegasus spyware has been driven by civil society and international organizations, while governments remain largely silent, despite regularly reported new confirmed cases of infection.
The registration process of the IATA Travel Pass (ITP) is flawed. The flaw allows an attacker to create an ITP account impersonating any person, while only needing the victim’s passport details, but not the passport itself. This flaw is currently circumvented by requiring users to present their physical passports whenever an ITP account is being authenticated at a physical location.
ITP utilizes a blockchain-based technology “Sovrin” to verify the validity and authenticity of user-supplied digital COVID-19 test reports. Sovrin provides a way for entities to issue unforgeable digital proofs, and a way to independently verify them. However, in ITP, most if not all issuers (COVID-19 testing laboratories) rely on the same cloud-based web application centrally managed by Evernym, a provider of Sovrin technologies. With this design, it is technically possible for Evernym to issue valid digital proofs in the name of the laboratories without their knowledge. This is one of the flaws that we show, in which the ITP system design nullifies the advantages brought by Sovrin, a decentralized blockchain system.
In the wake of COVID-19, governments and companies around the world are seeking ways to maximize the safety and security of airline passengers, the staff of airlines and airports, and the broader population with which passengers interact. These efforts include requiring COVID-19 testing, vaccination, or immunization prior to authorizing individuals for flights. In addition to conventional paper-based systems, various digital solutions catering to this need have been developed by governments. In April 2021, close to 50 airlines have signed up to trial ITP. For example, the European Union developed the EU Digital COVID Certificate, which stores and verifies COVID-19 statuses by QR codes; Doan, a US-based company, developed a mobile application VeriFL; and the International Chamber of Commerce developed AOKPass.
The International Air Transport Association (IATA, a trade association of the world’s airlines) has developed IATA Travel Pass (ITP), a COVID-19 digital passport solution led by an international NGO. We conducted a security and privacy audit of the application and found two vulnerabilities: an impersonation vulnerability with limited impact and a server information leak. We also found that ITP utilizes a non-conventional blockchain technology in a way that mostly neutralizes the benefits of the technology, resulting in a system with security properties that are fundamentally the same as conventional server-client systems. This core technology of the app is implemented by the company Evernym. This study adds to growing research on security and privacy issues with technologies and data privacy policies for tracking and managing COVID-19 information.
Florida's GOP-controlled Legislature on Monday effectively handed Republican Gov. Ron DeSantis control over the process of drawing the state's congressional map for upcoming U.S. House elections, a move that voting rights advocates decried as an "unprecedented and dangerous" abdication of responsibility.
Caving to pressure from the right-wing governor's office, Florida's state Senate President Wilton Simpson (R-10) and state House Speaker Chris Sprowls (R-65) said in a joint statement that "at this time, Legislative reapportionment staff is not drafting or producing a map for introduction during the special session."
The first of these is already the law; the second will be in the Queen's Speech in a few weeks. In parallel, there is controversial legislation before Parliament concerning building safety.
The European Commission’s last-minute proposal of Article 27a to the Digital Services Act (DSA) must be revised to ensure rights are upheld across the EU throughout times of crisis.
The war in Ukraine is bringing forward a myriad of issues around content governance and the role of platforms in emergency situations, currently being reflected in the ongoing EU DSA negotiations. While Access Now welcomes discussions around emergency response, the last-minute scramble to include a “crisis response mechanism (CRM)” in the Act would enable far-reaching restrictions on freedom of expression, and of the free access to and dissemination of information for millions of people.
At a time when it feels like significant parts of the internet can suddenly fall under the control of wealthy people seemingly more focused on causing chaos than improving digital infrastructure for the vast majority of people, it can easily be forgotten that so much of the modern internet came from public, or not-for-profit roots, where digital culture was not about the size of your following, but about getting everyone online. It wasn’t just about who had the largest megaphone or the biggest axe to grind, but about building and ensuring access to information for the largest number of people. At this time, the center of the digital universe wasn’t Silicon Valley or anywhere that a bunch internet oligarchs live today. It might just be in your hometown—especially if you live in Cleveland. It was a time before Logan Paul, a time when Web1 didn’t even really exist. Today’s Tedium ponders the Free-Net, the way people got on the internet before the internet cost money.
