This week has been really great in Linux news and releases. We got huge news from NVIDIA as they finally decided to open-source their graphics drivers, we got a new Fedora Linux release for you to play with on your PC, and we got a new generation of the Kubuntu Focus M2 Linux laptop with upgraded internals.
On top of that, I take a look at Fedora Media Writer 5.0, notify you about the upcoming end-of-life of Ubuntu 21.10 and LibreOffice 7.2, and give you the hands up about the latest distro and software releases. You can enjoy these and much more in 9to5Linux’s Linux Weekly Roundup for May 15th, 2022, below!
There are many reasons why you should use a Linux operating system. Here are a few of them:
Security and reliability. Windows is prone to many security problems. This means that hackers and viruses are always trying to hack into your computer. Windows has many security flaws which can easily be exploited by hackers. With a Linux operating system, there are very little risks that your computer will get hacked or infected with viruses. There are also fewer chances of your personal information being stolen by hackers and thieves.
Ease of use. A Linux operating system is quite easy to use once you because accustomed to it. The interface of a Linux operating system is similar to the interface of a smartphone or a tablet. This makes it easier for the average user to get started using the operating system.
Customization. When you use a Linux operating system, you will have more control over the hardware and software that you own. You can customize the settings of your computer according to your preferences. For example, you can adjust the volume level, change the display settings, and change the brightness of your screen.
Performance. A Linux operating system is known for its good performance. This means that you will have better performance when you are working on your computer than when you are using Windows. In addition, a Linux operating system will run faster than Windows. Because it uses fewer resources, it is easier on your computer. This means that you will have longer battery life when you are using your computer.
There are many benefits of using a Linux operating system. If you are looking for a good operating system, Linux is the best choice.
Why should use a Linux operating system?
Through the course of the podcast so far, Jay and Joao have discussed foundational topics, as well as news and current trends. In this episode, second factor authentication is discussed.
In this video, I am going to show an overview of Feren OS 2022.04 and some of the applications pre-installed.
In the thirty-first episode of the WordPress Briefing, GAAD Co-Founder Joe Devon joins WordPress Executive Director Josepha Haden Chomphosy to discuss Global Accessibility Awareness Day and the role of open source in accessibility.
Chipmaker Intel in recent weeks has poached open source veterans from the likes of Apple and Netflix as it looks to clean up the Linux kernel and reestablish a dialog with the open source community.
The chipmaker last month hired Arun Gupta, who formerly was at Apple, to be vice president and general manager for open ecosystem. Shortly after, the company tapped Brendan Gregg, formerly from Netflix and an expert on Linux performance tools, to be an Intel fellow.
Intel, AMD, and NVIDIA have been hard at work to make sure any new technology released now and in the future will be fully compatible with the upcoming Linux 5.19 kernel. Intel's open-source team has recently added a new update to the kernel for DG2/Arc Alchemist dGPU support and is looking to be in better standards than previously from Team Blue. The update created includes the addition of current IDs and support for compute tasks, allowing the latest kernel to offer enhanced power management handling for the Arc Alchemist family of graphics.
We haven’t posted updates to the work done on the V3DV driver since we announced the driver becoming Vulkan 1.1 Conformant.
But after reaching that milestone, we’ve been very busy working on more improvements, so let’s summarize the work done since then.
[...]
This worked fine in general, except for synchronization. The V3D kernel interface only supported one synchronization object per submission. This didn’t properly map with Vulkan synchronization, which is more detailed and complex, and allowed defining several semaphores/fences. We initially handled the situation with workarounds, and left some optional features as unsupported.
 Portmaster is a free open source cross-platform network activity monitor that is available in an early version for Windows and the Linux distributions Ubuntu and Fedora.
Portmaster combines traditional network activity monitoring with additional features, such as the option to enforce the use of secure DNS or the automatic blocking of advertisement, trackers and malicious hosts using filter lists, which are commonly used by ad-blockers.
GNOME extensions are incredibly useful. Of course, using many of them may not be the best solution to your problem.
However, if you rely on the GNOME extensions to tweak your desktop workflow on any Linux distribution, a convenient option to manage all the extensions should help save your time.
The GNOME team already offers you an “Extensions” app to configure and manage GNOME extensions. But, it does not come pre-installed on every Linux distribution.
New to Linux? These powerful applications can help you hit the ground running regardless of which version of Linux you choose to install.
Linux is a fantastic platform that offers something different from other operating systems. It comprises various open-source applications you can use for day-to-day tasks. These apps can make your work much easier while working on Linux.
If you build a DIY system with Arch Linux or Gentoo, you have to start from zero for the applications. For Linux beginners, it can be challenging to determine which applications are genuinely required while building a DIY system. So if you are also confused, don't worry. In this guide, we will list some must-have applications for Linux users.
The thought of compiling your own kernels strikes fear in the hearts of new Linux users. It sounds terrifying, building the most crucial part of your system from scratch. The truth is, though, building the Linux kernel in Ubuntu is really easy.
Building Linux kernels does not require programming. Some of the best programmers in the world have already written all of the code. You just have to pick the features that you want and put it all together. Here we will show you how to build and install a custom kernel on Ubuntu.
Like Firefox, the Chromium web browser package in recent Ubuntu repository is just empty package that links to Snap version.
If you would like to install the classic .Deb version instead, here are 2 choices that work on Ubuntu 22.04 LTS.
In this tutorial, we will show you how to install Git on Ubuntu 22.04 LTS. For those of you who didn’t know, Git is a free platform that is designed to develop and control app development projects. The community can share the solutions to different issues faced by the other users and this platform is accessible by every user because it’s an open-source project.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Git on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
This will uninstall that hot garbage from your computer.
Next step switch to Blender.
In this tutorial, we will show you how to install WPS Office on Fedora 36. For those of you who didn’t know, WPS Office is an office productivity suite. Like Microsoft Office, it has the ribbon user interface and comes loaded with several templates. WPS Office comes including Writer, Presentation, and Spreadsheets. It is a 100% free office suite for Linux.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Notepad++ text editor on a Fedora 36.
Intermittent network connectivity errors can be hard to diagnose, especially if they happen between monitoring checks.
If you’re using a Linux distro, you’ll often see the hostname (name of the machine) throughout the system. In this simple and easy tutorial, we’re going to show you how to change the hostname on a Linux distro.
This tutorial will work on all Linux distros, including Ubuntu, CentOS, Fedora, Linux Mint, etc.
When you are new to something, even the simplest of the tasks could be confusing.
Take renaming a directory in the Linux command line. There is a rmdir command but it is for removing directories, not renaming them.
Have you forgotten the root password in Fedora? Or do you want to change the root user password in your Fedora system? No problem! This brief guide walks you through the steps to change or reset root password in Fedora operating systems.
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8539176957BCBAF6 Reading package lists... Done W: GPG error: http://ppa.launchpad.net/peek-developers/daily/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8539176957BCBAF6
This is the common error that you will come across on Ubuntu 22.04 LTS while attempting to include third-party package repositories to the apt package manager.
Fedora Silverblue is an operating system for your desktop built on Fedora Linux. It’s excellent for daily use, development, and container-based workflows. It offers numerous advantages such as being able to roll back in case of any problems. If you want to update or rebase to Fedora Linux 36 on your Fedora Silverblue system (these instructions are similar for Fedora Kinoite), this article tells you how. It not only shows you what to do, but also how to revert things if something unforeseen happens.
Gnome Shell has a robust search feature that allows users to find everything from the weather to browser bookmarks, files, and more directly from the app menu. But did you know that you can add your custom search locations to Gnome?
In this guide, we’ll show you how you can customize the search results in Gnome Shell to add custom search locations, turn search features off, and more.
In most cases, disk space can be expanded by adding a new LUN to the system.
But in some scenario, you may need to resize the existing LUN in order to extend the file system.
Extending the file system involves two parts, extending the corresponding logical volume and then growing FS over it.
Adding, resizing or deleting the LUN on a Linux system can be done without restarting.
Linux Mint Debian Edition 5 “Elsie” was released in March. With it come many excellent features and software improvements. Here’s how you can install LMDE 5 on your desktop or laptop.
Wget is a GNU-based free software that has made it possible for numerous Linux-based users to non-interactively download files over the internet or any network without relying on graphical tools like web browsers. Its file download prowess is associated with network/internet protocols like FTP, FTPS, HTTP, and HTTPS.
The primary objective of this article is directly associated with the last stated GNU Wget feature (handling unattended/background operations).
The dependency management tool Composer provides multiple ways to include Git repositories within a PHP: Hypertext Preprocessor (PHP) project.
In many cases, repositories have been created on Packagist, so requiring them with Composer is very straightforward. But what do you do when a repository has not been created as a package on Packagist? You use Composer to require the package directly from the repository. This article explains how.
You may have heard about Wordle, a simple online game that went viral over the past few months. Wordle was created by Josh Wardle who sold it to the New York Times.
Wordle is reminiscent of the late 80’s game show Lingo.
Fancy playing Wordle on your desktop? Warble is inspired by (and not affiliated with) by Wordle. It differs from Warble in a few respects, notably that you’re not limited to one puzzle a day.
Warble is written in Vala and Gtk.
It's time for 2022's first GoGodotJam!
GoGodotJam is a Festival that celebrates Godot's Awesome Community. Join them in live events with tutorials, workshops, interviews and more - all culminating with a Game Jam.
This version of Maui brings new features and bug fixes to Maui’s applications and the frameworks they rely on. The changes introduced in this release will make your experience with Maui Apps much more enjoyable and feature-rich across different devices and form factors.
While working on this review of Quark, I ran into a rare case of writer's block. Which, as Tom Robbins would tell you, is just another way of saying the author is lazy or uninspired. This lack of inspiration is, I feel, a direct reflection of the Quark distribution. The whole experience feels unmotivated.
According to the project's website, Quark has three distinct features: Q4OS utilities running on an Ubuntu base, easy access to the Trinity desktop, and Windows-like themes. The last point is certainly accurate, the distribution does ship with two optional Windows-like themes - mission accomplished.
 In recent times, Red Hat’s community project, Fedora, has gained quite a decent userbase. While GNOME is the default choice of desktop here, Fedora also offers a variety of other desktop environments in the form of Fedora Spins.
This means that you can enjoy an out of box experience of KDE, MATE, Xfce and a few other desktop environments with Fedora without additional effort. Do you prefer KDE instead of GNOME? Download the KDE spin of Fedora and install it like your regular Fedora installation.
Early on, Cleversafe made a name for itself and started to win some very impressive customer deals. They also had an amazing patent portfolio. All of which eventually caught the attention of IBM. And by the Fall of 2015, the official announcement came, IBM was acquiring Cleversafe.
The transition to Big Blue was pretty rough. That isn’t uncommon with acquisitions. The reason for the acquisition was immediately made clear: IBM was behind in the Cloud Computing sector and instead of building a solution from the ground up, they acquired an already established technology. Their focus: the Hybrid Cloud. They needed to catch up to Amazon, Microsoft and Google. What we did not know at the time was that prior to our acquisition, IBM did attempt building its own object storage solution but it either was not progressing quick enough or the project failed to achieve its goals.
This is the first of two articles that show how to simplify the management of services offered for Kubernetes by Amazon Web Services (AWS), through the use of Amazon's AWS Controllers for Kubernetes (ACK). You'll also learn how to use an Operator to simplify installation further on Red Hat OpenShift clusters. Together, these tools provide standardized and familiar interfaces to AWS services from a Kubernetes environment.
Apache Kafka derives great value not just from its technical features and performance, but from the ecosystem that surrounds it. This article is the first part of a two-part series describing the many ways to run Kafka, and the benefits of each. We'll cover distributions for local development, self-managed Kafka, Kafka as a Service, and "serverless-like" Kafka. The series ends with a summary of when to use each type of distribution.
The hybrid workplace is here to stay, so let’s get our heads around it.
In a recent report from Accenture, 83 percent of workers prefer a hybrid working model, where they can split time between the office and a remote environment.
This trend is not surprising; with the world entering year three of the pandemic, many workplaces have shifted at least partially online, and the working world has adjusted to a radically different rhythm.
Prior to the pandemic, remote employees comprised six percent of the total workforce. In that office-centric era, those not physically working in the office often dealt with slow VPNs, cumbersome layers of security, limited access, and other factors that degraded their experience.
The rapid adoption of remote work forced everyone into a digital environment and caused widespread compromise around security and human connection. A two-dimensional engagement model has enabled productivity but also brought screen fatigue and a lack of personal connectivity. The transition to hybrid work and returning to physical offices may actually accelerate these challenges – along with employees’ frustration levels.
MeeraNew is the default Malayalam font for Fedora 36. I have just released a much improved version of this libre font and they are just built for Fedora 36 & rawhide; which should reach the users in a week of time. For the impatient, you may enable updates-testing repository and provide karma/feedback.
The newly released, inaugural edition of the Corporate Banking Innovation Survey report and accompanying webinar, highlighted top-of-mind corporate banking trends and forward-looking perspectives from a global assembly of industry leaders.
GM recently announced that it is working with Red Hat, a well-known Linux company, to work on vehicle operating systems. This could prove to be a big deal, but to explain why, I need to take some readers back to the 1990s.
Late last year, this interesting article “Flatpak Is Not the Future” was published to the public, and very quickly grabbed the Linux community’s attention. I want to go over some of the author's arguments and explain some of the misunderstanding and claims.’
Do keep in mind that I have nothing against the author’s opinion. The point of this response is to reduce the amount of misinformation and misunderstanding that the article might have caused, as I have seen (and still see) many users post this article very frequently, without having a proper understanding of the subject.
Alright, let’s get started.
After nearly nine years, I’m no longer at Red Hat. Feels weird to type that, but it’s true.
I joined in August 2013 to work in the Open Source and Standards office (now OSPO) when the company was fewer than 6,000 people, Jim Whitehurst was CEO and everybody thought OpenStack was going to be the Next Big Thingâ⢠up against public cloud.
It’s that time of year again, time for another Kali Linux release! Quarter #2 - Kali Linux 2022.2. This release has various impressive updates, all of which are ready for immediate download or updating.
Kali Linux is a fantastic distro that is used primarily for digital forensics and penetration testing. Even if you’ve never used it before, you may well have seen it in movies and TV shows like Mr Robot. It comes with wide range of tools to help in investigations and incident responses.
Today the distro’s developer, Offensive Security, announces Kali Linux 2022.2, with new features and tools, as well as a number of impressive updates.
Kali Linux 2022.2 is here exactly three months after Kali Linux 2022.1 and it’s powered by the Linux 5.16 kernel series, which unfortunately reached end-of-life (EOL) last month and it will no longer receive maintenance updates from upstream that patch security vulnerabilities or fix bugs.
Kali Linux still uses the lightweight and customizable Xfce as the default desktop environment, which, in this release, received a bunch of tweaks including a new simplified panel layout for ARM devices, default wallpaper for multi-monitor setups, mouse pointer size improvements, and other changes to make your workflow smoother.
Offensive Security has released ââ¬â¹Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all, new tools to play with!
Kali Linux is a Linux distribution for cybersecurity professionals and ethical hackers to perform penetration testing, security audits, and research against internal and remote networks.
I have fallen behind here. Unknown to me, those schedulers have been deprecated for the last couple of years, and now completely gone from the kernel.
What kernel version did this happen? How long have I been running Easy with "[none]" I/O scheduling? Haven't noticed any performance degradation.
An old problem has come back to haunt us. Debian Bookworm has redshift package version 1.12, which is broken. Or rather, the CLI utility is broken. Version 1.11 works.
The systray has a screen brightness and colour tinting applet, that is a GUI for the redshift CLI utility.
China's military-derived and government-approved Linux distribution, Ubuntu Kylin, has revealed plans to target a second RISC-V platform.
Ubuntu Kylin is Ubuntu’s official version for China and was developed in partnership with Chinese authorities, including the military.
In March 2022, a version of the OS was released for the HiFive Unmatched board – a SiFive product in the Mini-ITX form factor and packing a five-core Freedom U740 SoC.
Canonical, the maker of Ubuntu, today released data from a new global survey revealing the goals, benefits, and challenges of cloud-native technologies. The second annual Kubernetes and Cloud Native Operations report has surveyed more than 1,300 IT professionals over the last year about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications. The report also includes insights gathered by Canonical from experts at AWS, Google, the Cloud Native Computing Foundation (CNCF), Microsoft, WeaveWorks, and others.
[...]
Nearly 50% of respondents reported that lack of in-house skills and limited manpower were the biggest challenges when migrating to or using Kubernetes and containers.
The KINO-TGL is equipped with 11th Gen Intel Core Processors (Tiger Lake), 64GB of DDR4 RAM, quadruple display, and abundant expansion slots including PCIe x4 and Wi-Fi/Bluetooth support.
The KINO-TGL offers four processor configurations. There are three board variations which integrate Intel Tiger Lake processors (i3, i5 and i7), and there is one low-cost version which incorporates the Intel Celeron 6305 (up to 1.8GHz).
Muse Lab’s iCESugar-nano is a tiny FPGA board based on Lattice Semi iCE40LP1K-CM36 programmable via its USB-C port through on-board iCELink debugger, and exposing I/Os for three standard PMOD connectors.
The board is fully supported by Yosys open-source toolchain ( Yosys+ nextpnr + IceStorm), and the onboard debugger supports drag-and-drop programming so that you can just drag the FPGA bitstream into the virtual disk to program it through a USB Type-C cable.
Xidel is a command line tool to download and extract data from HTML/XML pages or JSON-APIs, using CSS, XPath 3.0, XQuery 3.0, JSONiq or pattern matching. It can also create new or transformed XML/HTML/JSON documents.
It is a platform-independent package which runs on Windows, Linux, and macOS.
Together with the Alliance of Telecommunication Terminal Equipment Manufacturers (VTKE), the FSFE organised the online event "The Future of Router Freedom in Austria" where decision makers could debate with industry and civil society stakeholders on the future developments regarding the free choice of terminal equipment in Austria.
The Free Software Foundation Europe (FSFE) and the Alliance of Telecommunication Terminal Equipment Manufacturers (VTKE) organised an online session about the future of Router Freedom in Austria. In this session, key stakeholders had the opportunity to debate and raise arguments supporting free choice of terminal equipment for internet connection.
If I asked you to name a handwritten note-taking app for Linux chases are you’d namecheck Xournal++. It’s arguably the best one out there as it’s open source, well featured, and a real best-in-class application.
But there’s always room for more.
Scrivano is a relatively new hand-written note taking app for Linux (and Windows) that could prove itself handy for anyone looking to jot down hand-written notes, draw simple charts and diagrams, mark-up images, and other similarly nimble tasks.
The app features four different paper backgrounds: Plain, Lined, Grid, or Dotted. The space between the lines/dots/grid spaces are all configurable too, which is great if you want to get really detailed with sketches and notes.
Response is a free, open-source lightweight program built for developers to test their web pages against several screens.
You can use it to test any live page responsiveness or against your local development pages.
It is built using Vala for Linux systems, and it is available as a Flatpak package on Flathub, and as a Deb package for Debian and Ubuntu -based distros.
The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache€® YuniKornâ⢠as a Top-Level Project (TLP).
Hello, everyone --let's review the Apache community's activities from over the past week...
Sorry everyone, it has been a while. Of course, the lack of updates to my blog doesn’t mean that the KDE Goals were also not progressing. On the contrary! Wayland, Consistency and Apps are looking better than ever before.
Today, I don’t want to talk about the Goals themselves, but rather about the process of selecting new Goals.
You see, Akademy 2022 has been recently announced. And because we have a date of the event, it means we can take a look at the process that is described on the community wiki and determine when the new Goals can be created.
Embedded World 2020 was a lonely affair with many companies canceling attendance due to COVID-19, and Embedded World 2021 took place online only. But Embedded World is back to Nuremberg, Germany in 2022 albeit with the event moved from the traditional month of February to June 21-23.
Last Friday, I gave a talk at the Free Software Conference in Szeged. It was my first IRL conference talk in well over two years. I gave my previous non-virtual talk in Pasadena at SCALE; after that, I arrived Hungary only a day before flights between the EU and the US were shut down due to Covid.
I must admit that I could not finish presenting all my slides. I practiced my talk many times, so in the end, I could fit my talk into my time slot. However, I practiced the talk by talking to my screen. That gives no feedback, which is one of the reasons I hate virtual talks. At the event, I could see my audience and read from their faces when something was really interesting, or something was difficult to follow. In both cases, I improvised and added some more details. In the end, I had to skip three of my slides, including the summary. Luckily, all important slides were already shown. The talk was short, so the summary was probably not really missing. Once my talk was over, many people came to me for stickers, and to explain which of the features they learned about they plan to implement once they are back home.
In our continued efforts to improve the security of the web PKI, we are taking a multi-pronged approach to tackling some long-existing problems with revocation of TLS server certificates. In addition to our ongoing CRLite work, we added new requirements to version 2.8 of Mozilla’s Root Store Policy that will enable Firefox to depend on revocation reason codes being used consistently, so they can be relied on when verifying the validity of certificates during TLS connections. We also added a new requirement that CA operators provide their full CRL URLs in the CCADB. This will enable Firefox to pre-load more complete certificate revocation data, eliminating dependency on the infrastructure of CAs during the certificate verification part of establishing TLS connections. The combination of these two new sets of requirements will further enable Firefox to enforce revocation checking of TLS server certificates, which makes TLS connections even more secure.
LibreOffice Conference 2022 will be a hybrid event, both in presence and remote, scheduled for the month of September, from Thursday, September 29th at 9:00AM CEST, to Saturday, October 1st at 1:00PM CEST (https://conference.libreoffice.org/2022/). In addition, there will be a community day on Wednesday, September 28th. The event will be at NOI Tech Park in Bolzano/Bozen (https://noi.bz.it/it), the capital city of South Tyrol, in northern Italy.
All sessions at NOI Tech Park will be streamed live and recorded for download, but it will be possible to present from remote on Friday, September 30th (details will follow). Workshops will be possible only in presence, and should be agreed with organizers in order to schedule them in a specific room (which will be recorded but not streamed).
Google Analytics (GA) has been the industry standard web analytics tool for about as long as there have been analytics tools. Nearly every brief that my WordPress agency receives specifies that GA must be installed. And there is rarely any debate around whether it's the best tool for the job.
My team at Wholegrain Digital has had concerns about GA in terms of privacy, General Data Protection Regulation (GDPR) compliance, performance, user experience, not to mention Google as a global advertising, and search monopoly. However, we continued using GA for 99% of our projects because we didn't feel that there was a strong enough alternative.
Well, that has changed. We've made a decision that GA will no longer be our default analytics tool. Instead, our default analytics tool will be Plausible.
In this article, I'll outline why we consider Plausible a better choice as a default analytics solution, the compromises to be aware of, and how it will impact our clients.
WordPress is considered the most popular CMS (Content Management System) ever built. It is used by millions of companies, individuals, and enterprise. WordPress has a vast ecosystem, which is full of themes, plugins, and apps.
With WordPress, developers can build more than websites, they can build apps, as it offers a built-in headless mode, which allows developers to use WordPress as a backend for their mobile and web apps, or integrate it with other apps.
Software Freedom Conservancy announces it has succeeded in federal court with its motion to have its lawsuit against Vizio, Inc. remanded back to Superior Court in Orange County, California. Vizio, Inc. previously filed a request to “remove” the case from California State Court into U.S. Federal Court.
The May 13 ruling by the Honorable Josephine L. Staton stated that the claim from Software Freedom Conservancy succeeded in the “extra element test” and was not preempted by copyright claims, and the court finds “that the enforcement of ‘an additional contractual promise separate and distinct from any rights provided by the copyright laws’ amounts to an ‘extra element,’ and therefore, SFC's claims are not preempted.“
Software Freedom Conservancy (SFC) has announced that it succeeded with its motion in US Federal Court to send the case back to California, where it was originally filed. The suit was filed in October 2021 by SFC, as an owner of Vizio televisions, to get the company to comply with the GPL on some of the code in the TVs. Back in November, Vizio had asked to move the case to Federal Court, because the GPL is only a copyright license (which is a dispute handled at the Federal level) and not a contract (that could be adjudicated in state court).
PiNote is a simple lightweight open-source code editor for Windows, Linux, and macOS. It is a small software package, written using Free Pascal and Lazarus IDE.
PiNote supports multiple languages, macro, syntax highlighting, built-in file encryption and decryption, and more other features.
The Open Source Security Foundation (OpenSSF) and the Linux Foundation released an action plan to improve open source software’s security and resilience. Part of that is eliminating non-memory-safe programming languages like C and C++.
The action plan specifically proposes a $5.5 million investment to remove root causes of vulnerabilities by replacing non-memory-safe languages.
This was an exciting month: the Hare programming language is a secret no more! You can now try out the programming language I first teased over a year ago and tell me what you think. I hope you like it! I’m quite pleased with it so far.
One thing Hare has done is allow me to unshelve several projects which were blocked pending the availability of a suitable language to write them in. I have actually been working on several of these for a while now — and several more are to come later — but I couldn’t share them thanks to Hare’s policy of secrecy early in its development. Allow me to introduce you to a few projects!
Helios is a micro-kernel for x86_64, and ideally later for aarch64 and riscv64 as well (and possibly other targets as Hare grows additional ports). We have a few things working, such as paging and interrupts, and as of this morning we have entered userspace. Next up is rigging up syscalls and scheduling, then we’re going to start fleshing out an L4-inspired API and writing some drivers in userspace.
CudaText is a cross-platform text editor, written in Object Pascal. It is open source project and can be used free of charge, even for business. It starts quite fast: ~0.3 sec with ~30 plugins, on Linux on CPU Intel Core i3 3GHz.
For FreeBSD things, there are four bug lists I keep track of; those are the “important bits” for me. It’s my bugs, and CMake bugs, and desktop bugs, and KDE bugs. Four lists, and sort-of-easy to query from FreeBSD’s bugzilla. I sometimes post to the socials a “daily buggle” of the counts of those lists. That started as a spoof of Wordle posts (I prefer Worldle myself) but has now grown to a tool of its own.
Anton Antonov reminded us that there is a cool Raku module in the ecosystem called Chemistry::Stoichiometry which allows you to do stochiometry: calculation of molecular masses for chemical compound formulas, and perhaps more interestingly doing chemical equations balancing! With support for many (natural) languages!
The next version of the standard Python interpreter, CPython, is expected in October. It will include significant performance improvements and support for running inside the browser.
Last week, the first Python language summit since 2019 took place in Salt Lake City. At the event, the language's development team announced various changes for the forthcoming version of the language, as well as its near future. The Reg has covered some future improvements before, and as they get closer, details are becoming clear, as well as what's coming in Python 3.12.
There are multiple editions of Python out there, including interpreters for the JVM and .NET CLR, as well as compilers, but the core implementation of the language is the CPython interpreter. This has some well-known limitations, including the Global Interpreter Lock or GIL, which prevents the language from taking full advantage of multicore processors.
Rust is a general-purpose statically-typed programming language that focuses on performance, safety, and concurrency. As it is popularity is growing, Rust community gained a proper attentive for Electron, which allows developers to build a desktop apps using web technologies, HTML, JavaScript, and JavaScript frameworks. So, here comes Tauri.
So this is a kind of goofy thought experiment about responsibility and ethics.
Imagine two people who hand out bread to the starving.
One, Alice, is trying to help people but has accidentally & unknowingly got poisoned bread and is hurting the people she’s trying to help. It got mildewed or something.
The other, Bob, is trying to kill people but accidentally forgot to put the poison in. The entire jar of poison is back on his kitchen counter. He thinks it’s all laced up because he’s a big old himbo.
The carbon dioxide was falling out of the air as dry sleet, little needle-like slivers of frozen gas, sticking to the supercooled metal surfaces, flashing back into gas when they hit the warmer water ice on the ground, only to freeze again in the thinning atmosphere. Overhead, the sun glowed dully red and huge, and shapes unresolvable by the mind's eye moved through the dry rain and darkness, on their own unknowable erands.
Quantum computing outfit D-Wave Systems has announced availability of an Advantage quantum computer accessible via the cloud but physically located in the US, a key move for selling quantum services to American customers.
D-Wave reported that the newly deployed system is the first of its Advantage line of quantum computers available via its Leap quantum cloud service that is physically located in the US, rather than operating out of D-Wave’s facilities in British Columbia.
Demand for chips needed to make smartphones and PCs has dropped "like a rock" – but mostly in China, according to Zhao Haijun, the CEO of China's largest chipmaker Semiconductor Manufacturing International Corporation (SMIC).
Speaking on the company's Q1 2022 earnings call last Friday, Zhao said smartphone makers currently have five months inventory to hand, so are working through that stockpile before ordering new product. Sales of PCs, consumer electronics and appliances are also in trouble, the CEO said, leaving some markets oversupplied with product for now. But unmet demand remains for silicon used for Wi-Fi 6, power conversion, green energy products, and analog-to-digital conversion.
Ailing Japanese giant Toshiba has revealed it has 10 potential suitors for its possible sale.
A Friday announcement revealed that Toshiba's decision to consider a sale to a private buyer has progressed to the point at which discussions are under way with ۤ0 parties who have expressed an interest in submitting a proposal to buy the company.
Those talks have become sufficiently serious that Toshiba has appointed two sets of advisors – from Mizuho Securities and JP Morgan Securities – to offer financial advice and assist the special committee Toshiba assembled to consider offers.
Researchers at the University of Cambridge's Department of Biochemistry have run an Arm CPU for six months using algae as a power source.
As explained in a paper titled Powering a microprocessor by photosynthesis, the biochem boffins built an AA-battery-sized device that hosts an algae named Synechocystis that "naturally harvests energy from the sun through photosynthesis."
This is a region which is traditionally known for cows and dairy products (milk, butter, cheese like Camembert, Pont-L'evêque, Livarot, Neufchâtel, etc.) and also a region which led to the production of cidre (French only). The origin is not that clear but probably, people from Normandy have started to make €« cidre €» in the 12th century. Some competing stories have been developed about the origin. But people were growing the fruits for a long time already and probably were fermenting them. And a craft emerged.
Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store.
The Linux Foundation, a global nonprofit organization enabling mass innovation through open source, today launches the World of Open Source research series with its initial focus on the European community. The initiative will be championed by LF Research in collaboration with several European distribution and research partners. Furthermore, key executives of the Linux Foundation and partners will be speaking at KubeCon in Valencia, Spain this week as they kickstart the research series and meet with the extended open source and cloud native communities.
Industrial control systems security is slowly improving, partly a result of attention from regulators and lawmakers. However, we often see security controls implemented that don’t take account of the unique challenges that engineers looking after OT environments face. We see controls brought in from IT environments that just don’t work in OT. No-one sat down with the engineers to discuss how systems are used and agreed controls that actually worked in practice.
So what happens?
No surprises – the engineers will work around the control. The controls are broken down, possibly exposing the systems. It’s a familiar story.
Here are a few examples we’ve seen of security controls not taking the real world of OT and / or maritime in to account.
I believe him. This is what the NSA did with NIST’s candidate algorithms for AES and then for SHA-3. NIST’s Post-Quantum Cryptography Standardization Process looks good.
Last month I wrote about how bearer tokens are just awful, and a week later Github announced that someone had managed to exfiltrate bearer tokens from Heroku that gave them access to, well, a lot of Github repositories. This has inevitably resulted in a whole bunch of discussion about a number of things, but people seem to be largely ignoring the fundamental issue that maybe we just shouldn't have magical blobs that grant you access to basically everything even if you've copied them from a legitimate holder to Honest John's Totally Legitimate API Consumer.
Security updates have been issued by CentOS (gzip, java-1.8.0-openjdk, java-11-openjdk, and zlib), Debian (adminer, htmldoc, imagemagick, libgoogle-gson-java, lrzip, openjdk-8, openssl, and ruby-nokogiri), Fedora (ecdsautils, et, libxml2, podman, and supertux), Mageia (cairo, clamav, curl, fish, freetype2, golang-github-prometheus-client, python-django-registration, python-nbxmpp, python-waitress, and xmlrpc-c), Red Hat (pcs), SUSE (curl, kernel, pidgin, and webkit2gtk3), and Ubuntu (tiff).
Last week I attended OAuth Security Workshop at Trondheim, Norway. It was a 3-day single-track conference, where the first half of the days were pre-selected talks, and the second parts were unconference talks/side meetings. This was also my first proper conference after COVID emerged in the world.
The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information.
The US Immigration and Customs Enforcement (ICE) agency has spent about $2.8 billion over the past 14 years on a massive surveillance "dragnet" that uses big data and facial-recognition technology to secretly spy on most Americans, according to a report from Georgetown Law's Center on Privacy and Technology.
The research took two years and included "hundreds" of Freedom of Information Act requests, along with reviews of ICE's contracting and procurement records. It details how ICE surveillance spending jumped from about $71 million annually in 2008 to about $388 million per year as of 2021. The network it has purchased with this $2.8 billion means that "ICE now operates as a domestic surveillance agency" and its methods cross "legal and ethical lines," the report concludes.
San Francisco police have been using driverless cars for surveillance to assist in law enforcement investigations.
According to an SFPD training document obtained by Motherboard [PDF]: "Autonomous vehicles are recording their surroundings continuously and have the potential to help with investigative leads."
It indicates that police officers will receive additional information about how to access this evidence, and added: "Investigations have already done this several times."
Mr Tanul Thakur's satirical website, dowrycalculator.com was banned by an order of the Ministry of Electronics and Information Technology (‘MeitY’) without providing him a hearing or even a copy of the ban order. Mr Thakur challenged this censorship action before the Delhi High Court. On 11th May 2022, the Court extensively heard Advocate Vrinda Bhandari, who represented Mr Thakur, and directed MeitY to provide Mr Thakur a copy of the ban order and a post-decisional hearing under the Information Technology (Procedure and safeguards for blocking of Access of Information by public) Rules, 2009 (“Blocking Rules, 2009”). The order is significant because MeitY never publishes its censorship orders and rarely, if ever, provides a hearing. IFF has provided legal assistance to Mr Thakur in the proceedings before the Delhi HC.
[...]
This is the first time a MeitY censorship order, or a hearing before MeitY, will be provided to a content creator. This order is crucial in the fight to bring transparency in the censorship process and affix accountability towards the government. MeitY consistently relies on Rule 16 of the Blocking Rules, 2009 to claim confidentiality and deny these requests. MeitY has never published or disclosed its orders in the past, and has rarely, if ever, provided a hearing to the creator whose content is censored.
Access Now joins civil society from across the globe to call on the government of Cambodia to revoke plans to establish an internet gateway — which looks set to intensify state censorship of content and violations of rights online.
Much as been made in the posts and discussions surrounding the design of the gemini protocol and about limiting what user-agents can reveal about their user to servers. The general call to arms is "It's None of Your Damned Business!" which in general sums the mission statement of the TOR-Browser and other privacy centered browser plugins.