Bonum Certa Men Certa

Links 11/05/2022: Rocky Linu Gets a Lot of Money and iXsystems Releases TrueNAS 13.0



  • GNU/Linux

    • Desktop/Laptop

      • OpenSource.com5 surprising things I do with Linux

         OK, I admit Linux on servers isn't at all surprising. In fact, to people who know of Linux but don't use Linux themselves, a data center is usually the first thing that pops into their heads when "Linux" is mentioned. The problem with that assumption is that it can make it seem obvious that Linux ought to be great on the server, as if Linux doesn't even have to try. It's a flattering sentiment, but the fact is that Linux is great on servers because there's a monumental effort across global development teams to make Linux especially effective at what it does.

        It isn't by chance that Linux is the robust operating system that powers most of the internet, most of the cloud, nearly all the supercomputers in existence, and more. Linux isn't stagnate, and while it has a rich history behind it, it's not so steeped in tradition that it fails to progress. New technologies are being developed all the time, and Linux is a part of that progress. Modern Linux adapts to growing demands from a changing world to make it possible for systems administrators to provide networked services to people all over the world.

        It's not everything Linux can do, but it's no small feat, either.

    • Audiocasts/Shows

    • Applications

    • Instructionals/Technical

      • Linux.orgLFCS – Kerberos Authentication (Ubuntu)

        Kerberos is an authentication method which helps improve security between systems. For systems that need to access another, such as Secure Shell (SSH), Kerberos is a great way to keep the connection secure.

        If you have read the previous article on Kerberos Authentication with CentOS, this will not be too different.

      • OpenSource.comManage your Gmail filters from the Linux command line

        Automation is a hot topic right now. In my day job as an SRE part of my remit is to automate as many repeating tasks as possible. But how many of us do that in our daily, not-work, lives? This year, I am focused on automating away the toil so that we can focus on the things that are important.

      • How To Install Pantheon Desktop On Ubuntu 22.04 LTS And Derivatives | Itsubuntu.com

        How To Install Pantheon Desktop On Ubuntu 22.04 LTS And Derivatives

        Pantheon is the desktop environment of elementary OS. It is written in the Vala programming language. GNOME is the default desktop environment on Ubuntu 22.04 LTS. Previously, Ubuntu used to have a Unity Desktop Environment.

      • How to scroll up and down in Tmux | FOSS Linux

        Do you know how to scroll up and down using your Tmux application? This has been a significant concern for those getting started with this application. When I started using this app, I had similar complications, and I did not know how to scroll up and down on Tmux.

        This was because it runs multiple windows simultaneously hence becoming more complex to scroll up and down. However, after a lengthy hassle and tussle, I learned how to scroll in Tmux. Therefore, if you have been experiencing the same problems, I will illustrate how to scroll in Tmux.

        Tmux is a top-notch open-source terminal/shell multiplexer for Unix-based operating systems, derived from the word “terminal multiplexer.” Tmux is a program that lets you use multiple terminals simultaneously from a single application window. It comes in handy when running multiple command-line scripts or programs at once.

      • How to install OnlyOffice suite on Fedora | FOSS Linux

        For the past few decades, Microsoft Office has dominated the office suite market on computers and mobile devices. On the open-source side of things, LibreOffice has been in the limelight of that market for a couple of years after succeeding OpenOffice.

        Many people, including myself, pay hundreds or even thousands of dollars for software subscriptions. You can obtain most of these features without paying a single cent by using open-source software.

        Recently, the compatibility of Libre Office with Microsoft office has been a severe problem. Despite having support for doc and docx formats, LibreOffice struggles to keep formatting constant on these file formats. Text may sometimes exist on another page; pictures are placed in the wrong position, among many other issues. Many people probably gave up on open source software because of these reasons. However, a new competitor has emerged in these few years to solve all these problems – OnlyOffice. It’s a free and open-source office suite almost entirely compatible with Microsoft Office formats.

      • Linux HintHow to Install Sublime Text 4 in Ubuntu 22.04 LTS

        Sublime Text is a lightweight and feature-rich programming text editor available for Linux, Windows, and macOS. Sublime Text 4 is the latest version of Sublime Text at the time of this writing.

      • MakeTech EasierHow to Use Sed in Linux for Basic Shell Tasks - Make Tech Easier

        Sed is a simple UNIX program. It does not create and edit files. It only modifies the data that passes through its input and presents the modified data on its output. Despite that, sed is considered to be one of the most powerful UNIX utilities that you will encounter in Linux, especially when it is combined with other programs in your system.

        This article aims to teach the basics of how to use this tiny program. Further, it will also give a brief overview of the UNIX philosophy and how that idea is important in understanding how your computer works.

      • How to install and use Progressive Web Apps (PWA) on Linux

        There are tons of apps built for Windows, something that can’t be said about niche operating systems. However, this could be changing as more and more users rely on the internet and online tools to get work done.

      • TechRepublicHow to benchmark your Ubuntu Linux servers with the Phoronix Test Suite | TechRepublic

        Do you know how well your Ubuntu Server instances are performing? Sure, they might be up and running, but do you really know the details of how well they can handle workloads? This is especially important before deploying an app or service that will place a high demand on a machine.

      • How to lnstall Ubuntu 22.04

        Ubuntu 22.04 is the latest stable LTS version of the acclaimed Linux distribution created by Canonical. We are in the presence of one of the most important releases of the Linux year due to the great influence that this distribution has on servers and desktop. That’s why today you will see how to get it without too many problems. That is why, in this post, you will learn how to install Ubuntu 22.04.

      • ByteXDHow to Install Python 3.11 on Ubuntu 22.04 - ByteXD

        Python is one of the most popular programming languages in the world, if not the most popular one. It is a general-purpose programming language that is mostly used for back-end web development, data science, machine learning and software development.

        Python 3.11 is the newest pre-release version of Python.

        In this tutorial we’ll install Python 3.11 on an Ubuntu 22.04 machine.

      • HowTo GeekHow to Check the Python Version on Windows, Mac, and Linux

        To check what version of Python is installed on your Windows, Mac, or Linux computer, all you have to do is run a single command. We’ll show you how to do that as well as what to do if you have multiple Python versions installed.

      • How to Install Sails.js Framework on AlmaLinux - RoseHosting

        Sails.js is a Javascript framework, used for building an application in real-time without writing too much code. It is an MVC(Model-View-Controller) framework based and is developed under the Node.js environment. Sails.js offers a number of features built on Express.js and Node.js enabling the applications to be fully based on javascript. It is good to be mentioned that Sails.js provides an object-relational mapping interface using Waterlin.js. In this blog post, we are going to configure Sails.js with Apache as a reverse proxy so you can access your app via a domain name instead of using an IP address and port.

      • How To Install Grub Customizer On Ubuntu 22.04 LTS And Linux Distros | Itsubuntu.com

        How To Install Grub Customizer On Ubuntu 22.04 LTS And Linux Distros.

        Grub Customizer is a software package that allows the user to customize the grub boot menu. In this tutorial, we will show you how to install the Grub Customizer package on all Ubuntu 22.04 LTS and other Linux distros.

      • Fix "bash: Netstat: Command Not Found" Error On Debian/Ubuntu Linux | Itsubuntu.com

        Fix “bash: netstat: command not found” error on Debian/Ubuntu Linux

        Solution for the “bash: netstat: command not found” error on Debian/Ubuntu Linux is here. The netstat Linux command is used by system administrators.

      • How to on Linux: Delete a User - Linux Stans

        A new tutorial in our series of simpler tutorials for Linux beginners: how to delete a user. In this tutorial, we’re going to show you how to remove users via the command-line interface (CLI, Terminal).

        For this tutorial, you’ll have to be logged in as the root user or a user with sudo privileges.

        If you’re using a GUI, either open up a Terminal and use the commands below or just find the settings menu where you can delete users. For Ubuntu, it would be something like Activities -> Users -> Add or remove users -> Unlock -> Click on the user and click “Remove User”.

      • HowTo GeekHow to Install Linux in VirtualBox

        If you want to try out a Linux distribution, you may want to do it in a virtual machine (VM) before dual-booting or completely overwriting your system. Choose a distribution and let’s run it in a VM using VirtualBox.

      • ByteXDHow to Set Up SSH Keys on Ubuntu 22.04 - ByteXD

        The Secure Shell or better known as SSH is the most used method to admin remote servers.

        It’s an encrypted protocol so that two computers can communicate securely over the internet or any local network.

        It works on the command line, invoking any of the utilities of the openssh secure networking application suite.

        In this tutorial we’ll show you how to set up SSH keys on Ubuntu 22.04. SSH keys provide a more secure way of logging into a server with SSH than using a password alone.

      • FAQForgeHow to Update ISPConfig 3

        The ISPConfig update script is an easy way to update an ISPConfig 3 installation. If you want to make a manual backup of ISPConfig, see the instructions at the end of the article. This tutorial applies to ISPConfig 3.0, ISPConfig 3.1, and also ISPConfig 3.2.

      • FAQForgeHow to Comment Out Code in PowerShell Script

        This guide gives you an overview of code commenting options in PowerShell. Just like any other programming language, you can comment out code in a PowerShell script for documentation purposes.

      • How To Upgrade To Fedora 36 From Fedora 35 [Workstation And Server] - OSTechNix

        Fedora 36 has been released! This step by step tutorial tutorial explains how to upgrade to Fedora 36 from Fedora 35 and older versions. If you're already using Fedora 35, you can now safely upgrade to Fedora 36 desktop or server edition for latest features, performance and stability improvements.

      • ID RootHow To Install AnyDesk on Rocky Linux 8 - idroot

        In this tutorial, we will show you how to install AnyDesk on Rocky Linux 8. For those of you who didn’t know, AnyDesk is a remote desktop application that lets you connect to PCs and other devices running the host application from anywhere in the world. With AnyDesk, you can share your entire screen, part of it, or even individual applications with another user in real-time no matter what device they are using such as Windows, Linux, macOS, or Android.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the AnyDesk remote desktop on Rocky Linux. 8.

      • Linux HintInstall Latest Telegram Desktop Messenger App on Ubuntu 22.04

        Telegram is a cross-platform chat application having end-to-end encryption and is free to use. One of the key features of this desktop messenger app is that it offers video calling and other services that are not available on Twitter or Facebook. The Telegram app also has no association with these big social media companies, so you can be sure your data will be shared with only the person you want to. This feature makes Telegram more secure as compared to other messaging applications.

    • Games

      • Medevelqu3e is an open-source 3D Physics engine

        qu3e is a compact, light-weight and fast 3D physics engine in C++. It is has been specifically created to be used in games.

        It is portable with no external dependencies other than various standard c header files (such as cassert and cmath). qu3e is designed to have an extremely simple interface for creating and manipulating rigid bodies.

      • Boiling Steam2700 Games On The Steam Deck with Dishonored and Exit the Gungeon as Verified - Boiling Steam

        It did not take too long to get to 2700 games – Valve’s verification pace has picked up to where it was in March after a slow-down in April. There are now 2702 games at the time of writing working on the Steam Deck – in two categories as usual...

      • Beta News[Older] Steam snap now available for Linux gamers

        Today we get some very exciting news for the Linux gaming community. And yes, smart aleck, people do play video games on Linux these days. What is the big news? Canonical has released an early-access snap version of Steam for Ubuntu and other compatible Linux-based operating systems!

        What exactly does this mean? Well, Canonical is aiming to make it even easier to get Steam up-and-running on Linux. Gamers will be able to install Valve's software from the snap store for a more elegant experience.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • DedoimedoKubuntu 22.04 Jammy Jellyfish review - Okay, not LTS-y enough

           I will receive feedback on this review, I am sure. And some people will probably say: you know you should wait a couple of months until the first dot release for all those early bugs to be fixed. And to that I say, yes, true, but then, why release the distro now then? Why not test two months more and then unleash it when it's ready? This is true of most "modern" systems, like the half-beta Windows 11 and whatnot. Low bar for quality is not how it should be, and Kubuntu 22.04 is no exception. There are half a dozen issues in this release, obvious ones, which never should have made it past the QA team. But then, testing software seems to be an afterthought since around 2014 or so.

          Anyway, Kubuntu 22.04 is a decent system, but I also feel angry and frustrated. With my recent mission of migrating away from Windows for good (look for it in my Linux and Windows categories) in the coming years, any setback or regression in Linux, especially LTS versions of big distros, creates a great disturbance in the force, and makes me feel extra dejected. As always, always, whenever things start getting slightly better, slightly more stable, distros seem to implode, seemingly terrified of what stability might bring. It's a self-perpetuating, self-destructive cycle. It's getting quite boring in 2022. It was all fun and games and nerdy tinkering in 2005, but now, it feels like Groundhog Day, except it's Penguin Day. But then, who cares anymore right.

          This distro is decent-ish. It's fast, there were no major problems, and you can tweak Plasma any which way you like, almost. Then, you have things like the unresizable main menu, screenshot borders, dubious defaults, and whatnot. Functionality wise, solid, but you have to work hard to get the best out of the system. Worst of all, there is no sense of majesty that an LTS is supposed to deliver. Just another day in the neverending grinder of code and frivolous hobbyism that is the Linux desktop. I guess 6-7/10 for now. Yes, I am sure I will eventually upgrade to this release, blah blah, and I'll be enthused and deluded and such. But the first impression is a bit meh. We are done here, folks.

    • Distributions

      • BSD

        • The Register UKiXsystems releases TrueNAS 13.0 ● The Register

          BSD vendor iXsystems has released the latest version of its FreeBSD-derived Network Attached Storage (NAS) OS, TrueNAS 13.0.

          The company now offers three separate OS products. Two are based on FreeBSD 13: TrueNAS CORE, which replaces FreeNAS, and the commercial TrueNAS Enterprise, available on the company's storage hardware. Complementing them is a new Linux-based product, TrueNAS SCALE.

          It may not be a household name, but iXsystems, Inc is an established player which has been around in various forms for over 30 years.

          The company was originally founded as Berkeley Software Design Inc. (BSDi) to sell a commercial version of BSD Unix for 386 PCs. Over the decades, it's employed many notable Unix luminaries, and after various acquisitions, spin-offs and re-acquisitions, it now sells a range of storage-focused servers and develops the TrueNAS family of operating systems.

          FreeNAS also has a complicated history, involving several forks and changes of name, but is now all grown up, complete with a smart new suit.

          What used to be a separate product is now just the free tier of TrueNAS' offerings, rebranded as TrueNAS Core; iXsystems sells the enterprise version pre-installed on its hardware.

      • SUSE/OpenSUSE

        • SUSE's Corporate BlogOndat and SUSE Rancher – run your stateful applications everywhere

          Stateful applications are essential to your business, and you need to ensure that your Kubernetes landscape is up to the task of supporting them. Bringing together the Ondat data plane with SUSE Rancher enables enterprises to design, deploy, and manage robust, multi-cloud Kubernetes landscapes along with scalable, highly available, and performant persistent storage. ~ Terry

      • IBM/Red Hat/Fedora

        • PR NewswireSoftware Infrastructure Leader CIQ Closes $26 Million Series A Led by Two Bear Capital
        • Venture BeatRocky Linux developer CIQ raises $26M to recreate CentOS for enterprises | VentureBeat

          CIQ, a company that’s setting out to commercialize a new open-source Linux distribution and CentOS-successor called Rocky Linux, has raised $26 million in a series A round of funding.

          The raise comes a little more than a year after CIQ emerged from stealth (originally as “Ctrl IQ”), spearheaded by one of CentOS’s original creators, Gregory Kurtzer. Moreover, today’s news follows shortly after CIQ inked a major deal with Google to help support companies looking to deploy Rocky Linux on Google’s cloud infrastructure.

          While it’s still early days for CIQ, it seems things have gotten off to a solid start — the open-source Rocky Linux project is notching up as many as 250,000 downloads in some months, and its fresh cash injection could go some way toward helping it become one of the major Linux distributions for enterprises.

        • Its FOSSRed Hat Enterprise Linux 9 Announced as the Next-Gen Backbone of Enterprise IT

          Red Hat Enterprise Linux is undoubtedly a significant player in the open-source enterprise ecosystem.

          If you didn’t know, IBM acquired it for $34 Billion in 2019. So, it is safe to say that Red Hat Enterprise Linux 8 was the last major release before the acquisition.

        • Make Use OfFedora 36 Woos Developers With Desktop Overhaul, but Will It Please Linus?

          The Fedora project has announced the release of Fedora 36. The new release comes with some major enhancements to its desktop environment, including an update to the default GNOME environment.

        • Red Hat OfficialTop new features in Red Hat Enterprise Linux 8.6

          We are excited to announce the availability of Red Hat Enterprise Linux 8.6 (RHEL), a new release of the world’s leading enterprise Linux platform — the foundation from which organizations can scale existing apps and roll out emerging technologies across bare-metal, virtual, containers and all types of cloud environments.

        • Yahoo NewsIBM Transforms Business Operations with the RISE with SAP Solution in Expanded Partnership with SAP
        • IBM Transforms Business Operations with the RISE with SAP Solution in Expanded Partnership with SAP [Ed: IBM expanding proprietary software alliances]
        • Call For Proposals Open For Open Mainframe Summit, Philadelphia | Donna Hudi [Ed: Spamnil is openwashing for IBM. A lot of the Web is nowadays webspam.]
        • Enterprisers ProjectCloud strategy: What CIOs really want from cloud providers [Ed: IBM promotes outsourcing (clown computing) instead of server ownership and control]

          Organizations can realize big benefits from a hybrid cloud approach, but strategy and planning matter, especially when working with multiple cloud providers.

          We asked CIOs who recently won the 2022 Ohio CIO of the Year ORBIE Awards about the top cloud benefits their organizations are pursuing now.

          Read on for their responses - and key considerations for your own cloud strategy.

        • Red HatHow to build automated JFR rules with Cryostat 2.1's new UI | Red Hat Developer

          Cryostat is a tool for managing JDK Flight Recorder data on Kubernetes. Cryostat 2.1, the most recent version of the software, has a brand-new user interface for the automated rules that were previously introduced as an API feature in Cryostat 2.0. It is now much easier to manage JDK Flight Recording (JFR) on a large scale for many Java applications.

        • Enterprisers ProjectIT hiring: Tackling the cybersecurity skills shortage [Ed: IBM had the audacity to write this while laying off some of its most talented people (and most valuable in the world) because they became "expensive"]

          Across the globe, technology usage has surged to deal with the challenges brought by the pandemic. The need for remote access to essential work tools and or enhanced online customer experiences is greater than ever before.

          As a result, the demand for professionals with technical capabilities in areas such as cybersecurity and coding has increased massively. As reported in the UK’s Digital Economy Council Jobs and Skills Report 2021, it’s estimated that in the UK, tech-related vacancies make up around 13 percent of all job vacancies, the second-highest by industry.

          Here are four ways to tackle the skills shortage and find talent that brings success.

        • Red HatRHEL 8.6: What's new and how to upgrade | Red Hat Developer

          Version 8.6 of Red Hat Enterprise Linux is now generally available, and includes a number of features and upgrade paths that will benefit developers and DevOps teams. This article covers some of the most notable improvements. Please refer to the release notes for a comprehensive list of changes.

        • Announcing the GA release of Red Hat Enterprise Linux 8.6

          We’re excited to announce the general availability of Red Hat Enterprise Linux 8.6. Red Hat Enterprise Linux provides a flexible and stable foundation to support hybrid cloud innovation. Deploy applications and critical workloads faster with a consistent experience across physical, virtual, private, and public cloud and edge deployments.

        • 9to5LinuxRed Hat Enterprise Linux 8.6 Launches with New Features and Enhancements

          Red Hat Enterprise Linux 8.6 comes six months after Red Hat Enterprise Linux 8.5 and it’s here with new security features to mitigate potential risks across the hybrid cloud. These include support for Smart Card Authentication with sudo and SSH in the Web Console for performing administrative functions and accessing remote hosts, support for SAP HANA in production with Red Hat and SAP, and support for drop-in configuration files to OpenSSH servers.

        • Red Hat Linux to drive General Motors' Ultifi vehicle operating system

          Red Hat will supply General Motors with its In-Vehicle Operating System to use as a “safety certified” Linux base for GM’s Ultifi software platform, the firms announced today.

          GM will start a “phased rollout” of Ultifi in 2023, to which IBM-owned Red Hat will contribute – but the platform will move to the Red Hat In-Vehicle Operating System (IVOS) at a later date.

          “Ultifi will initially launch in 2023 and receive regular platform updates providing more features and system capabilities over time. When the safe Linux is ready for deployment after Ultifi’s initial launch, all capable vehicles will be able to have their systems updated over the air,” a GM spokesperson told The Stack.

        • ZDNetRed Hat Linux is coming to your Vette and Caddy Escalade | ZDNet

          Linux has long played a role in cars. Some companies, such as Tesla, run their own homebrew Linux distros. Audi, Mercedes-Benz, Hyundai, and Toyota all rely on Automotive Grade Linux (AGL). AGL is a collaborative cross-industry effort developing an open platform for connected cars with over 140 members. Red Hat and GM are spring-boarding from these efforts to build a new generation of smart cars using Red Hat Enterprise Linux (RHEL) as their operating system.

        • Red Hat Officialow CIOs can build the future they want with open source

          Just over a decade ago, Marc Andreessen pointed out that software was eating the world. We can definitively update his quote to be more accurate: "Software ate the world." Software has taken over our businesses and how you create value for your customers.

        • Red Hat OfficialCatalyzing an ecosystem of co-creators for the cloud

          There is no doubt that cloud has transformed the IT industry. This transformation has only accelerated due to the global pandemic, with many organizations leaning on hybrid clouds to achieve the necessary balance of speed, efficiency and scale offered by cloud-native technologies and the reliability of existing on-premises infrastructure. As a result, how customers access cloud technology and services has evolved. Now more than ever before, customers lean on an ecosystem of diverse partners to help guide their transformation efforts and consume IT in a variety of ways to deploy innovative solutions.

        • Red Hat Official3 ways to monitor time on OpenShift nodes | Enable Sysadmin

          Today, most organizations rely on vast computer systems, and maintaining accurate time in those computer systems has always been a challenge for administrators. That task became easier with the introduction of the Network Time Protocol (NTP) in the early 1980s. However, NTP also introduced the need to monitor your computer systems to ensure the time is correct and there aren't many corrections or time drift occurrences.

      • Debian Family

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Programming/Development

        • In praise of git-request-pull

          I'm a big enemy of Github monoculture, but I feel like many of the alternatives for project collaboration and communication are somewhat lacking. Using services like Gitea[0] or Gitlab[1] provide a familiar Github-like experience, but inherit a lot of its downsides, including requiring account creation to submit patches and being enormously complex pieces of software that are challenging to self-host. Git-send-email[2] requires somewhat arduous IMAP setup and can be fiddly to get right the first few times. It often requires a custom email client to set up a proper workflow.

        • Upgrading Antenna Toda

          I'm just about to merge the dev branch of Antenna into production. I'm hoping there won't be any downtime because I'll do it in two steps and it's only CGI scripts (no app server! Yay!).

        • QtCall for Presentations for Qt World Summit 2022

          Qt is looking for speakers, collaborators and industry thought leaders to share their expertise and thoughts with the community during the upcoming virtual Qt World Summit on November 9, 2022.

        • Qt 5.15.4

          Qt 5.15.4 release is a patch release made on the top of Qt 5.15.3. As a patch release, Qt 5.15.4 does not add any new functionality but provides bug fixes and other improvements.

        • Rust

          • LWNThe malicious "rustdecimal" crate [Ed: Rust is not about security, it is about depending on Microsoft's proprietary malware delivery system, GitHub, controlled by the NSA]

            The Rust Blog warns developers of a malicious crate named rustdecimal, which was evidently targeted at GitLab users who mistype rust_decimal.

  • Leftovers

    • Springfield isn't the most popular city name in the US

      So I got to wondering, _is Springfield the most popular city name in the US (United States)?_ I know, weird question, but I'm curious. So some quick searching lead me to the United States Geological Survey Geographical Names Database [2]. With some massaging of the data, I was able to determine that there are 34 States with a “Springfield,” but it's not alone. There are eight other cities that are also in 34 States: Arlington, Chester, Clinton, Farmington, Florence, Greenville, Milton, and Newport. Okay, maybe not the same 34 states across all those cities, but you get the idea.

    • CTO Sessions: Victor Palau, Ebury

      We don’t need to talk about NFTs… but on a serious note I think Blockchain is overhyped.

    • Integrity/Availability

      • Proprietary

        • USCERTGoogle Releases Security Updates for Chrome

          Google has released Chrome version 101.0.4951.64 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

        • USCERTCISA Adds One Known Exploited Vulnerability to Catalog [Ed: A correct headline would have said CISA Adds Microsoft Windows Known Exploited Vulnerability to Catalog]

          CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerability in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates.

        • Bleeping ComputerCritical F5 BIG-IP vulnerability exploited to wipe devices

          A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable.

        • Tedium10 iPod Competitors That Didn’t Make It

          Some say it was overdue, some lament that it remains a missed opportunity, but the truth of the matter is, the iPod has left us, after years of neglect. The final iPod Touch was released in 2019, four years after the previous model, and essentially as a legacy model for a niche audience of people who don’t want modems in their phone-like devices—think hackers and the parents of young children. It was not what it was upon the device’s general release. But I want to take a step back with today’s Tedium to consider the many, many competitors to the digital music throne that Apple’s legacy device vanquished. There were many. And as the latest entry in my series of obscure things that “didn’t make it” or fell into modern-day obscurity, I’m covering 10.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • VMWare GPL case: Linux Foundation reneged on Conservancy funding

                The leaked email below may be a bit old but it reveals the consequences suffered by Conservancy when they began the VMware GPL lawsuit.

                The key point is that a sponsor canceled a donation after signing documentation. It is believed to be Linux Foundation.

                [...]

                The Register already reported on a leaked copy of the email but they didn't mention that a sponsor had reneged on a signed agreement.

                Karen Sandler nominated in the Linux Foundation elections and Linux Foundation responded by removing the independent membership class, effectively expelling Sandler and all other private members in one go.

        • Security

          • LWNSecurity updates for Wednesday [LWN.net]

            Security updates have been issued by Debian (mutt), Fedora (blender, freerdp, kernel, kernel-headers, kernel-tools, mingw-freetype, and vim), Oracle (kernel and kernel-container), Red Hat (aspell, bind, bluez, c-ares, cairo and pixman, cockpit, compat-exiv2-026, container-tools:3.0, container-tools:rhel8, cpio, dovecot, exiv2, fapolicyd, fetchmail, flatpak, gfbgraph, gnome-shell, go-toolset:rhel8, grafana, grub2, httpd:2.4, keepalived, kernel, kernel-rt, libpq, libreoffice, libsndfile, libssh, libtiff, lynx, maven:3.5, maven:3.6, mod_auth_mellon, mod_auth_openidc:2.3, openssh, php:7.4, pki-core:10.6, postgresql:10, python-lxml, python27:2.7, python3, python38:3.8 python38-devel:3.8, python39:3.9 python39-devel:3.9, qt5-qtbase, qt5-qtsvg, rust-toolset:rhel8, samba, squid:4, udisks2, virt:rhel virt-devel:rhel, webkit2gtk3, xorg-x11-server xorg-x11-server-Xwayland, and zsh), SUSE (gzip and php-composer), and Ubuntu (busybox, cairo, cron, dnsmasq, libsndfile, and nss).

          • Debian 9 soon out of (free) security support

            Organizations that are still running Debian 9 servers should be aware that the security support of the Debian LTS team will end on June 30th 2022.

            If upgrading to a newer Debian release is not an option for them, then they should consider subscribing to Freexian’s Extended LTS to get security support for the packages that they are using on their servers.

          • USCERTCISA Joins Partners to Release Advisory on Protecting MSPs and their Customers [Ed: As long as they use software with NSA back doors (like Windows), they will never be safe]

            The cybersecurity authorities of the United Kingdom, Australia, Canada, New Zealand, and the United States have released joint Cybersecurity Advisory (CSA), Protecting Against Cyber Threats to Managed Service Providers and their Customers, to provide guidance on how to protect against malicious cyber activity targeting managed service providers (MSPs) and their customers.

          • USCERTMicrosoft Releases May 2022 Security Updates [Ed: NSA et al would not simply advise people and businesses to abandon Microsoft software with NSA back doors]

            Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

          • Help Net SecurityZerto enhances ransomware recovery capabilities to address a wide range of data protection issues [Ed: Sounds like proprietary snakeoil doing nonsense, protecting systems having already been breached, as they were outsourced to spy companies]
          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Linux Foundation's Site/BlogBrian Behlendorf Testifies on Open Source Software Security to the US House Committee on Science and Technology [Ed: Reaction to Microsoft funded media and FUD]

              On Wednesday, May 11, 2022, Brian Behlendorf, OpenSSF General Manager, testified to the United States House of Representatives Committee on Science, Space, and Technology. Brian’s testimony shares the work being done within the Open Source Security Foundation and broader open source software community to improve security and trustworthiness of open source software.

            • CSOStealthy Linux implant BPFdoor compromised organizations globally for years [Ed: IDG redefines "backdoor"; it's not when Microsoft puts back doors there for US spy agencies but when a system gets breached for some reason and then the intruder installs something]

              Malware researchers warn about a stealthy backdoor program that has been used by a Chinese threat actor to compromise Linux servers at government and private organizations around the world. While the backdoor is not new and variants have been in use for the past five years, it has managed to fly under the radar and have very low detection rates. One reason for its success is that it leverages a feature called the Berkeley Packet Filter (BPF) on Unix-based systems to hide malicious traffic.

            • InfoWorldUnderstanding Flatcar Container Linux [Ed: Simon Bisson is scattering Microsoft propaganda under headlines with the word "Linux" on them. IDG isn't a news site. It's a Microsoft operatives' network/hive.]
          • Privacy/Surveillance

            • Bruce SchneierICE Is a Domestic Surveillance Agency
            • AMERICAN DRAGNET [Ed: Microsoft-powered ICE]

              When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI. You might even think of a powerful police agency, such as the New York Police Department. But unless you or someone you love has been targeted for deportation, you probably don’t immediately think of Immigration and Customs Enforcement (ICE).

              [...]

              Most Americans probably do not imagine that their information is captured by ICE’s surveillance networks. In fact, ICE has used face recognition technology to search through the driver’s license photographs of around 1 in 3 (32%) of all adults in the U.S. The agency has access to the driver’s license data of 3 in 4 (74%) adults and tracks the movements of cars in cities home to nearly 3 in 4 (70%) adults. When 3 in 4 (74%) adults in the U.S. connected the gas, electricity, phone or internet in a new home, ICE was able to automatically learn their new address. Almost all of that has been done warrantlessly and in secret.

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • In a petition filed by the Journalist Union of Assam, Supreme Court directs governments to not use Section 124A

        It is official. The Supreme Court has stayed the operation of Section 124-A of the Indian Penal Code, 1860 (‘IPC’) which criminalises speech that excites or attempts to excite ‘disaffection, hatred or contempt’ against the Government established by law. Through its interim order dated May 11, 2022 (‘Order’), which goes a long way in protecting the freedom of speech and expression across the country, the Supreme Court has also put in abeyance all ongoing prosecutions under Section 124-A. This Order was issued in a batch of petitions challenging the constitutional validity of Section 124-A, one of which was the petition filed by the Journalist of Union of Assam (‘JUA’). Over the past two weeks, the Supreme Court extensively heard the counsels of the petitioners, including Mr Chander Uday Singh, Senior Advocate, who represented JUA, before passing this historic order.

    • Civil Rights/Policing

      • FOSSLifeQuestions Job Interviewers Are Not Allowed to Ask

        The best way to handle illegal questions during an interview, according to Barbara Casarin, is to say, "I'm not sure how this question is relevant to my application." This will alert the interviewer to the inappropriate nature of the question and allow them to retract the question and move on.

    • Internet Policy/Net Neutrality

      • India TimesVPN Services: UnCERT-in times for VPN services providers in India - The Economic Times

        Users of virtual private networks (VPNs) in India face disruptions, with providers such as Surfshark and NordVPN saying they are unlikely to be able to adhere to a new security directive from the government due to privacy policy concerns. India has more than 270 million VPN users, who use them to access company networks securely, remain anonymous, access geo-restricted content, stay safe on public Wi-Fi networks and get around internet restrictions among other things.

      • Public KnowledgePublic Knowledge Urges Congress To Pass Bill Restoring FTC’s Authority To Return Money to Ripped Off Consumers - Public Knowledge

        Today, the Senate Commerce Committee marked up the “Consumer Protection Remedies Act of 2022,” a bill introduced by Senators Maria Cantwell (D-WA), Ben Ray Luján (D-NM), Amy Klobuchar (D-MN), and Rev. Raphael Warnock (D-GA) to restore the Federal Trade Commission’s authority to return money to consumers victimized by illegal scams, fraud, and other unfair or deceptive practices. Public Knowledge urges Congress to pass this bill to ensure that harmed consumers receive just compensation from companies that have wronged them.



Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024