Bonum Certa Men Certa

Links 07/06/2022: USB-C Causing Issues



  • GNU/Linux

    • Desktop/Laptop

      • Linux MagazineThe System76/HP collaboration Dev One laptop, geared toward developers, is now available for pre-order.

        The System76/HP collaboration Dev One laptop, geared toward developers, is now available for pre-order.

        HP has teamed up with System76 to create a developer-focused laptop, called the Dev One, which ships with Pop!_OS Linux and starts at $1099.00. The original announcement came out in May 2022 and, at the time, the laptop was unavailable for pre-order. Fast forward to now and users can now order one of these shiny new pieces of Linux-powered hardware.

        The Dev One keeps the prices slightly lower by going with an AMD CPU and shrugs off a discrete graphics card. The base model ships with an 8 Core, 16-thread Ryzen 7 Pro 5850U with a 1.9-4.4 GHz clock speed, an integrated Radeon graphics chipset, and 8GB of DDR4-3200 RAM (upgradable to 64GB). The chassis is .75" thick and has a 1TB PCIe 3x4 NVMe M.2 SSD and the display is 14" at 1920x1080 and 1,000 nits max brightness. However, due to the display glass, the brightness is actually 800 nits.

    • Audiocasts/Shows

    • Kernel Space

    • Graphics Stack

    • Instructionals/Technical

      • TecMintHow to Configure SSH Passwordless Authentication on RHEL 9

        Short for Secure Shell, SSH is a secure network protocol that encrypts traffic between two endpoints. It allows users to securely connect and/or transfer files over a network.

        SSH is mostly used by network and system administrators to securely access and manage remote assets such as servers and network devices over a network. It uses strong encryption methods such as AES and hashing algorithms like SHA-2 and ECDSA to encrypt traffic exchanged between a client and a remote system.

      • TecMintHow to Collaborate Documents Using ONLYOFFICE Workspace

        If what you want is to build a collaborative workspace on your Linux server, the most evident options might be Nextcloud, ownCloud, and Seafile. These solutions let you store and share files in one place and offer file synchronization capabilities.

        However, if you not only want to keep files but also need document collaboration functionality, it’s a good idea to turn your attention to ONLYOFFICE Workspace. This groupware platform is designed for both managing and co-editing documents online.

      • FOSSLinuxHow to install KDE on MX Linux

        KDE is a unique and powerful desktop environment available to MX Linux users. Compared to other MX Linux Desktops, it may be said that KDE demands more computational resources to operate and a fair lot of user expertise and experience to configure. It is also significantly larger than the other desktops.

        Therefore it has its own set of recommended system requirements. For instance, the basic visual memory is 64MB. To achieve decent results, you need a minimum of 250MB. This tutorial guide will show how to install and utilize the KDE Desktop Environment on MX Linux.

      • FOSSLinuxHow to add an IPv4 or IPv6 address in Debian | FOSS Linux`

        IPv6 is the present version of the Internet Protocol. It is the communications protocol that offers an identification and location system for computers on networks and routes traffic. The internet is gradually running out of IPv4 addresses as it ushers in the new IPv6 addresses.

        IPv6 was developed by IETF(Internet Engineering Task Force) to fix the IPv4 weaknesses, most preferably the scarcity of available IP addresses, known as IP address exhaustion. This new version of the IP address is 128-bit long and offers many address pools to select from.

        IPv6 handles the network layer; its functionality provides a path to address machines, convey data to the preferred destination, and handle data fragmentation if needed. Fragmentation, in this case, refers to the time protocol splits packets into chunks with a magnitude that relies on the network links to be used on the path and reassembles them in their bona fide order of arrival.

        The IPv6 configuration is akin to IPv4, configured in the /etc/network/interfaces file. If you want your network to be globally accessible, you must ensure that you have an IPv6-competent router that relays traffic to the worldwide IPv6 network.

      • remove junk
      • TechtownHow to Install Visual Studio Code on Manjaro Linux [Ed: But is is proprietary software, controlled by Microsoft, spying on the users]
      • UNIX CopHow To Install Angular CLI on Fedora 36

        In this tutorial, we will show you how to install Angular CLI on Fedora 36

        Angular (commonly referred to as “Angular 2+” or “Angular CLI“) is a TypeScript-based free and open-source web application framework led by the Angular Team at Google and by a community of individuals and corporations. Angular is a complete rewrite from the same team that built AngularJS.

        Angular is used as the frontend of the MEAN stack, consisting of MongoDB database, Express.js web application server framework, Angular itself (or AngularJS), and Node.js server runtime environment.

      • UNIX CopInstalling Cacti on OpenBSD 7.1

        In this post you will learn how to install Cacti on OpenBSD 7.1

      • UNIX CopHow to uninstall anaconda on ubuntu

        In this tutorial, we will show you how to safely uninstall anaconda on Ubuntu systems.

        Anaconda is a distribution of the Python and R programming languages for scientific computing (data science, machine learning applications, large-scale data processing, predictive analytics, etc.), that aims to simplify package management and deployment. The distribution includes data-science packages suitable for Windows, Linux, and macOS. It is developed and maintained by Anaconda, Inc.,

        As an Anaconda, Inc. product, it is also known as Anaconda Distribution or Anaconda Individual Edition, while other products from the company are Anaconda Team Edition and Anaconda Enterprise Edition, both of which are not free.

      • Linux Shell TipsHow to Cut, Copy, and Paste in Vim Editor

        You are never fully integrated into the Linux operating system fraternity until you have tested your text editing skills on the Vim editor. A newbie’s first interaction with the Vim text editor can be very discouraging.

        The cursor behavior of the vim editor is not as predictable as the one in other text editing environments. This cross-platform editor is available for installation and usage in almost all Linux operating system distributions. It is certainly available in all the latest Linux OS distribution releases.

        This article will familiarize us with cutting, copying, and pasting text under the Vim editor environment in Linux.q

      • H2S MediaHow to install Pale Moon Browser on Ubuntu 20.04 LTS Focal

        Let’s discuss the steps to install the Pale Moon browser on Ubuntu 20.04 LTS Focal Fossa using the command terminal.

        The Web browser Pale Moon is a fork of Firefox. The program initiated and maintained by Moonchild Productions, like the original program, is licensed under the MPL license. However, special rules apply to the distribution of the binary version: Redistributing Pale Moon. In addition to Linux, it is also available for Windows and Mac (unofficially), and the Android version has been discontinued.

        Pale Moon is based on the look of the old Firefox versions (FF 28 and earlier). Older plugins for Firefox incl. plugins that use the NPAPI interface are basically supported, the newer Firefox plugins (“Web Extensions”) do not work with Pale Moon, and support is not planned.

      • Trend OceansInstall Fotoxx photo editor and manager on Ubuntu 20.04 | 22.04 LTS

         Fotoxx is a free and open-source collection of photo editing and management tools for managing extensive collections (5000+) of photos that every photographer wishes to have.

        The user interface might not be intuitive, but if your goal is speed with easy-to-use tools, then fotoxx should be your first choice.

      • APNICRFC 9099 — Operational security considerations for IPv6 networks

        As I’ve written and presented on previously, IPv6 security is inherently hard. But just because something is hard doesn’t mean it should be ignored or used as an excuse to not do it. It’s why I and other IPv6 and security proponents spent the best part of eight years working on the recently published RFC 9099, which analyses the operational security issues associated with several types of networks and proposes technical and procedural mitigation techniques.

      • Ruben SchadeUsing sudoedit to sudo… edit

        From the manpage(8), the tool creates a temporary copy of the file, then invokes whichever editor you have defined in SUDO_EDITOR, VISUAL, or EDITOR. When you’re done editing, the temporary modified file is copied back to the original location.

      • Niall MurphyWhat SRE could be

        When I see work like those two examples above, I see work that explores a relationship between things. A relationship is an equation, an area for exploration, and an invitation to examine exciting edge-cases. A number of these relationships, integrated with a strong theoretical vision — underpinned by empiricism — could provide a lot of insight into how we should do systems and software management. It would be the beginning of a kind of biology of systems development and management, or a special case of systems science in the production domain.

      • Jan Piet MensTen years of Ansible

        It gives me a warm, fuzzy feeling that you might in some part of the world be using some small portion of Ansible in which I muddled, back in the time. Enjoy it. And what really gives me warm feelings is that along the way I’ve met a number of people (in real life) whom I enjoy encountering when I can.

        And why did I even glance at something as unfinished as Ansible was at the time, those ten years ago? I worked in a project in which I wanted to automate deployment of a number of DNS servers, and I disliked the tool I had to use so intensely, that I grasped at any straw I could find. That’s my story, and I’ve no regrets.

      • Linux JournalHow You Can Change the Cursor Theme on Your Ubuntu Desktop | Linux Journal

        Are you finding an alternative for your default Yaru cursor themes on Ubuntu? This article is where you’ll get to know about the procedure of changing and installing cursor themes on Ubuntu. So, read on and find out.

      • Linux Made SimpleHow to install Firealpaca on a Chromebook in 2022

        Today we are looking at how to install Firealpaca on a Chromebook in 2022. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

      • GNOME Desktop/GTK

        • Introduction – Space Penguin

          I’m Marco Melorio, a 22-year-old Italian computer science student. I’m a GNOME user for about 2 years and I’ve quite literally felt in love with it since then. Last year I started developing Telegrand, a Telegram client built to be well integrated with GNOME, which is a project I’m really proud of and it’s gaining quite a bit of interest.

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • Why Emacs has Buffers

      In Emacs, the buffer is the focal point of nearly all user (and machine!) interactions. You read and you write, and you do so in a structure that tugs at its roots in computer science, but it’s so much more than that. And that’s really what I want to talk about, as it will go a long way towards explaining why Emacs and Emacs Lisp is the way it is.

    • Andre Alves GarziaPatchfox reborn as a desktop app

      The changes to manifest v3 proved to me that Google has complete control over the WebExtension ecosystem and will force their hand whenever they feel they should. Mozilla will do a mea culpa and follow suite because they are not strong enough to resist that pressure at the moment. Mozilla can’t steer the WebExtension ecosystem in any direction that Google doesn’t want it to go. It might be able to steer it in a direction that Google feels it is OK to go even if they don’t really care, but try to ship a feature that makes a dent on Google business and you’ll see how quickly this ecosystem fragments.

    • Open Source Software in the Modern Enterprise

      Open source software seems to be the new hotness in the data center, but in reality, it's been here forever.

    • ZDNet10 Years of Zuul Continuous Integration/Continuous Delivery rises to new successes | ZDNet

      We rarely think of software tools and car manufacturing together but in today's engineering world they fit like nuts and bolts. That's certainly true of the Open Infrastructure Foundation (OpenInfra)'s open-source continuous-integration/continuous delivery (CI/CD) program Zuul. As Johannes Foufas, the Volvo senior principal engineer, explained, "Zuul is the default CI system for the code in our cars. In our core computer platform at Volvo, we have hundreds of modules that depend on each other, comprising repositories from all around our company. With Zuul's built-in dependency management, we went from a week of integration to 3.5 hours."

    • SaaS/Back End/Databases

      • Matt RickardUsage-based Pricing in a Downturn

        For the last few years, usage-based pricing has been an excellent strategy for SaaS companies. But there's a question of how it will affect companies in a downturn. Everyone was looking toward Snowflake, one of the largest SaaS companies with usage-based pricing. One should note that at high contract values, usage-based pricing looks more like subscription-based pricing. Committed spend and negotiated discounts help companies have more predictable spend at scale.

        However, sometimes usage-based pricing can lead to unpredictable and surprising bills. An unoptimized query or scanning a large table might be costly in a product like Snowflake or BigQuery. Collecting metrics that accidentally explode in cardinality can lead to shocking Datadog bills.

    • Education

      • UndeadlyNetwork Management with the OpenBSD Packet Filter Toolset from BSDCan 2022

        Peter Hansteen, Massimiliano Stucchi and Tom Smyth gave a presentation on pf at BSDCan 2022. While a video recording from the event has yet to appear, the slides from their presentation may be viewed here: [...]

      • Bryan LundukeA 2001 documentary on Linux is available in full for free

        On September 26, 2001 a director from Finland (Hannu Puttonen) released an hour-long documentary covering the early days of Linux.

        That documentary, “The Code”, is available to watch on YouTube. And I highly recommend watching it in its entirety if you haven’t seen it before.

      • RlangR-Ladies Cotonou Talks About Running an R users Group in Benin, West Africa

        A lot of what we use in the day to day life in the developed world may not always be available to those in the developing world. R Consortium talks to Nadejda Sero about running an R-Ladies group in Benin, West Africa, that is both dominated by men as well as lacks basic infrastructure such as reliable internet to hold online meetings.

    • Programming/Development

      • [Old] The true cost of linked lists

        Linked lists are often overused in introductory algorithmics courses, due to a heavy focus on theorical complexities. Unfortunatly, in practice, computers are complex beasts. They don’t execute instructions sequentially 1 with the same cost 2. This means that a data structure with faster theorical complexities does not necessarily translate to a more efficient data structure in practice.

        In this article I’ll illutrate this by comparing the real performances of linked lists versus a contiguous vector, and I’ll show that even in some use cases where the list seems to be favored the vector is still a better choice. Of course, this doesn’t mean you should never use a linked list, but that you should be aware of its practical limitations and more informed when making the decision to use it or not.

      • James GSome thoughts on walled gardens

        One thought has been bouncing around in my mind for the last few months: did social media need to evolve in this way? Money has been central to social media and has created some hard-to-beat incentives around platforms being closed. A social media platform that is completely open and that provides free and comprehensive permissions for developers to create new things is going to run into continual issues with monetization. How does a social network make money if all data on the platform can be represented in a third-party client?

      • Repositioning ForgeFed? Scope to Code Forges or Free Software Development Lifecycle (FSDL)

        For the rationale to 1) it is best to start looking at Github. With its popularity, network effects and FOMO it has established a real dominant position in software development community. There’s much more than the code forge alone, as Github is the center for an enormous ecosystem of vendors that offer value-added services and tools covering the entire software development lifecycle. It cements Githubs position, and they can selectively adopt attractive new features into their platform, making them a de-facto walled garden. Gitea and others eternally trying to catch up.

      • Daniel LemireData structure size and cache-line accesses

        When loading a data structure from memory, a naive model of the cost is the number of cache lines that are accessed. If your data structure spans 32 bytes or 64 bytes, and you have aligned the first element of an array, then you only ever need to access one cache line every time you load a data structure.

        What if my data structures has 5 bytes? Suppose that I packed them in an array, using only 5 bytes per instance. What if I pick one at random… how many cache lines do I touch? Expectedly, the answer is barely more than 1 cache line on average.

        Let us generalize.

      • BSidesSF 2022 CTF: Cow Say What?

        As the author of the Cow Say What? challenge from this year’s BSidesSF CTF, I got a lot of questions about it after the CTF ended. It’s both surprisingly straight-forward but also a very little-known issue.

        The challenge was a web challenge – if you visited the service, you got a page providing a textarea for input to the cowsay program, as well as a drop down for the style of the cow saying something (plain, stoned, dead, etc.).

      • Java

        • The Server SideBest Jar file opener apps

          When you install Java with the JDK, you get both a Java Runtime Environment that allows you to run Java JAR files, and you also get a special utility that allows you to both create and open JAR files.

    • Standards/Consortia

      • [Old] Android AuthorityIt's 2021 and USB-C is still a mess

        Even the seemingly most basic function of USB-C — powering devices — continues to be a mess of compatibility issues, conflicting proprietary standards, and a general lack of consumer information to guide purchasing decisions. The data speeds available over USB-C have also become increasingly convoluted. The problem is that the features supported by different USB-C devices aren’t always clear, yet the defining principle of the USB-C standard makes consumers think everything should just work.

      • [Old] Pocket NowUSB-C compatibility problems are the worst!

        Compatibility between USB-C ports and cables is a total nightmare. All the ports are the same and they fit into each other fine, but the likelihood of the chargers working between devices is difficult to predict. The Wacom Mobile Studio has its own USB-C charger and won’t charge when plugging in any other chargers I own. The Samsung devices all seem to charge from the same Samsung chargers, but the Huawei charger is again incompatible. Samsung chargers do charge my Alcatel IDOL 4S Windows phone, but not my Lumia 950. Even the 2016 Huawei Matebook charger is not compatible with the 2017 Huawei Matebook X.

      • [Old] HowTo Geek3 Problems With USB-C You Need To Know About

        The Wrong Cable Could Fry Your Devices

        This is the most pressing thing new USB-C users need to learn about. In previous generations of USB, a cable was pretty much a cable. Sure, if you plugged a USB 1 cable into a USB 2 port, it might not work—or at least, work well—but that was the extent of it. People mostly didn’t need to think about which cables to buy.

        That’s not the case with USB-C, and ignoring this could cost you dearly.

      • [Old] HowTo GeekWatch Out: How to Buy a USB Type-C Cable That Won’t Damage Your Devices

        USB Type-C brings a new universal connector to laptops and smartphones, and many devices are already starting to use it. But beware: many USB-C cables aren’t designed properly and could potentially damage your hardware.

        Before buying any USB Type-C cables for your new devices, you should look up whether the cable is actually compliant with the USB-C specification. More people are sure to run into this problem as more USB Type-C-enabled devices are released.

      • Deutsche WelleEU agrees on single phone charger law

        Nearly a decade after the measure was first floated, EU member states agreed on Tuesday to the text of a law that will impose one standard charger for smartphones and tablets sold within the bloc.

      • France24EU to require single charger for all smartphones to combat electronic waste

        The EU member states and parliament on Tuesday agreed the text of a law imposing a standard charger for smartphones and tablets sold in the bloc, in a blow to Apple. For most portable devices the requirement for charging via a USB Type-C port will come into effect from late 2024, the European Parliament's press service said.

      • PC MagUSB-C Charging Will Be Mandatory Across the EU in 2024

        We knew it was likely, and now the European Parliament has confirmed it: the EU is set require a USB-C port for charging most electronic devices.

        The European Parliament Internal Market Committee (IMCO) tweeted this morning that "We have reached a deal on the common charger!" As The Verge reports(Opens in a new window), the mandatory requirement for a USB-C port will extend to smartphones, tablets, ereaders, digital cameras, handheld video game consoles, and headphones.

      • The VergeUSB-C will be mandatory for phones sold in the EU ‘by autumn 2024’

        European Union lawmakers have reached an agreement on legislation that will force all future smartphones sold in the EU — including Apple’s iPhone — be equipped with the universal USB-C port for wired charging by fall 2024. The rule will also apply to other electronic devices including tablets, digital cameras, headphones, handheld video game consoles, and e-readers. Laptops will have to comply with the rule at a later date.

        The legislation has been under development for more than a decade, but an agreement on its scope was reached this morning following negotiations between different EU bodies.

      • BloombergEU Agrees Deal on Common Phone Charger in Blow to Apple

        All smartphones and tablets would have to use a common charger under a provisional European Union agreement clinched on Tuesday.

        The plan would force all companies -- most notably Apple Inc. -- to make phones, tablets, e-readers and digital cameras to use the USB-C charger, negotiators announced.

      • NPROne charger for them all: The European Union sets a new standard for mobile devices

        Cell phones and handheld electronic devices in the European Union will now be required to have a USB-C charging port, according to an agreement reached Tuesday by the European Commission, the E.U.'s executive branch.

        As of 2024, tablets, digital cameras, video game consoles, headphones, portable speakers, e-readers, portable navigation systems, keyboards, mice and earbuds will need to be equipped with the port.

        Laptop manufacturers have until 2026 to implement the universal charging port in their products.

      • Mark NottinghamA New Definition of HTTP

        The emergence of HTTP/2 and now HTTP/3 have made it clear that HTTP’s “core” semantics don’t change between protocol versions. For example, methods and status codes mean the same thing no matter what version of the protocol you use; with a few exceptions, the same can be said about header fields.

        However, RFC7231 entangled the definition of these core semantics with the specifics of HTTP/1.1. Given the progression of new protocol versions, the HTTP Working Group decided that it would be better to have a clear, generic defintion of the versionless semantics of HTTP separated from the individual wire protocols that people use.

  • Leftovers

    • Closure(s) and not - biosejo

      A post about some recent events, closures, new beginnings, and other reflections.

      Testing, testing... We are reconnecting...

      The past couple of weeks have been a time of closing cycles. We had our farewell party, and my semester of teaching creative coding ended. With it, it was also the end my two years of teaching there. I'm very grateful about these events and experiences.

      Regarding paperwork, we are getting closer. It was very exciting to go to the consulate to request our visas. The idea of us moving to another continent felt even more real when going there. But we still have to wait...

    • Thoughts on parenting books



      There is no guarantee that following the precepts of some parenting book will yield the results you expect. Parenting is messy, it's emergent. There are constantly things that will get in the way of a perfectly designed parenting trajectory, and you have to constantly adjust course, improvise, be flexible.

      The world will interact more and more with your child, and the quicker you get rid of the illusion that your child is your design project, the better.

    • the practice of everyday life notes (for reading group)

      both of these examples point to what i'm having the hardest time with, which is that de certeau seems to have an entirely metaphorical relationship to critical theory and an insufficiently antagonistic relationship with the world that critical theory so powerfully describes.

    • Human rights in the metaverse
    • The Noguchi Filing System

      The Noguchi Filing System is for keeping track of physical paper. I keep paper in envelopes on a shelf and new envelope go on the right (or on the left if you live in Japan) and if I use an envelope, it goes on the right as if it were new. Linux nerds can think of this as sorting the envelopes by atime. Envelopes always must have a date along the spine and a word or sentence describing what’s in ‘em. Optionally they can have a color, using markers or stickers.

    • Current project

      Reinstalled lineage witCurrent projectsh no gapps at all, and only got what I needed from F-Droid. This got me to discover a few new app like Manyverse and Briar that I would like to play a bit more with.

    • Hardware

      • WiredCompanies Are Hacking Their Way Around the Chip Shortage

        As the global chip shortage stretches toward the two-year mark, manufacturers are pulling some unusual tricks to keep production lines moving. Carmakers are using semiconductors taken from washing machines, rewriting code to use less silicon, and even shipping their products without some chips while promising to add them in later. With the shortage of semiconductors now a new normal, everyone is being forced to adapt.

    • Health/Nutrition/Agriculture

      • Bozhidar BatsovBack in Action

        Social media can be truly toxic, especially in times of crisis. We’re better off without it. I know that I am. Now I plan to channel everything gained by cutting down on news and social media into more productive activities. It’s good to be back. See you around!

    • Proprietary

      • [Old] What is HEIC, and how to convert photos from HEIC to JPG?

        If you’re using iOS 11 or later, you may have noticed that photos taken with your iPhone camera are saved as HEIC files instead of the previous format, JPG. This new file format was introduced to offer better compression while still preserving image quality. The problem with HEIC is that it’s not widely compatible with other apps or devices, and you may not be able to open a HEIC photo after moving it to your computer. This article will explain how you can convert an HEIC to a JPG or even how to stop taking pictures in HEIC format altogether.

      • [Old] Ubuntu HandbookHow to Open iOS HEIC Photos or Convert to JPG/PNG in Ubuntu 20.04 | 22.04

        Got .HEIC photo images import from your iPhone? You may found that Ubuntu does not open the file format out-of-the-box.

        It’s however easy to either enable this file format support or convert it to JPG or PNG image.

      • Arca NoaeResolving issues with GMail and OAuth 2.0 requirements

        At the end of May, 2022, GMail discontinued use of standard authentication methods for POP3, IMAP, and SMTP connections. The available OAuth2 authentication mechanism in the latest SeaMonkey and Thunderbird for the OS/2 platform is unable to properly complete the authentication procedure with GMail, and will leave the application in a hung state.

        There are several methods to work around this, but perhaps the easiest is simply to generate what Google calls an app password, which is, quite simply, a 16-digit passcode which gives a non-Google application or device permission to access your Google Account.

      • The VergeApple’s macOS Ventura leaves trusty 2015 MacBook Pro behind

        A new version of macOS means a new collection of Macs can no longer run Apple’s latest desktop operating system. Perhaps most notably, the new macOS Ventura update won’t be available for the 2015 MacBook Pro.

      • Helsinki TimesMTV: Owner of Vastaamo ruled entitled to compensation for acquisition [iophk: Windows TCO]

        Investigators have estimated that the details of 33,000 psychotherapy clients were compromised in the [cracking]. The [compromised] database is believed to have been without the protection of a firewall for as long as 18 months, between November 2017 and March 2019. The server was infiltrated illicitly at least twice, first on 20 December 2018 and later on 15 March 2019.

        While the investors that acquired the service provider were ruled entitled to compensation, the victims of the [compromise] have yet to receive either justice or compensation.

    • Security

      • CISACISA Provides Criteria and Process for Updates to the KEV Catalog | CISA [Ed: Microsoft dominates this list because it barely patches holes that are already known to be widely exploited]

        CISA has updated the Known Exploited Vulnerabilities (KEV) catalog webpage as well as the FAQs for Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, which established the KEV catalog. The updates provide information on the criteria and process used to add known exploited vulnerabilities to the KEV catalog.

      • Bleeping ComputerLinux version of Black Basta ransomware targets VMware ESXi servers [Ed: This isn't an issue with Linux itself; these are Microsoft operatives in the media trying to change the subject and shift attention/blame, as usual]
      • TechTargetUsing SSH tunneling for good and evil

        Secure Shell is an indispensable tool for anyone who needs to open a terminal session on a remote host. SSH does more than enable remote login sessions, however, especially for security professionals and network engineers. SSH can secure pipelines using public key cryptography to enable any kind of network traffic -- but SSH is also an important cybersecurity tool, used both by security professionals and hackers.

        SSH tunneling, also known as SSH port forwarding, is how SSH tunnels network traffic through application ports from the localhost -- the computer physically present -- to a remote system or vice versa. SSH port forwarding enables two communicating systems to exchange data securely across the internet and through firewalls.

        If hackers gain access to a host running SSH on an organization's internal network, they can use SSH on that host as a secure pipeline for exploiting private network services, so it is vital to understand how SSH access can be used for good -- and for evil.

      • USCERTPeople’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices [Ed: So China does exactly what the NSA and CIA do]

        CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure across public and private sector organizations. The advisory details PRC state-sponsored targeting and compromise of major telecommunications companies and network service providers. It also provides information on the top vulnerabilities associated with network devices routinely exploited by PRC cyber actors since 2020.

      • Privacy/Surveillance

        • EDRIConsumer and digital groups in Europe and the U.S. call for a full ban on surveillance-based advertising

          On 1 June, the Transatlantic Consumer Dialogue (TACD), that EDRi is part of, published a policy resolution on banning surveillance-based advertising. The invasive practices of collecting, sharing, and processing of individual data to deliver personalized advertising, has become the primary business model in the online advertising space. Surveillance advertising is promoted by the world’s largest technology companies, like Meta (Facebook) or Alphabet (Google), and is a key driver behind the spread of misinformation, undermining democratic discourse, economic and political equity, marketplace competition, privacy, public health, and basic consumer protections.

        • ACMDigital Synergy

          This also leads me to think about the provenance of data used for these analytical purposes. Provenance factors into data quality as do measures of data integrity. Maintaining data quality from source to final analysis seems intimately connected to the utility of the results obtained. One can imagine testing for digital data and algorithm quality by making predictions and evaluating their success rates. Certificates and digital signatures over hashes of data are obvious potential tools to ensure a kind of end-to-end integrity of information. To the extent that ACRONYM is willing to share any of its accumulated information, one can imagine it could contribute to a wide range of emergency response preparedness planning exercises as might be conducted by a federal emergency response agency, for example.

        • Atlantic CouncilSpyware like Pegasus is a warning: Digital authoritarianism can happen in democracies, too

          Kanimba and Panyi spoke Monday at a panel discussion on “Digital Authoritarianism on the Open Market,” hosted by the Atlantic Council’s Digital Forensic Research Lab at this year’s 360/Open Summit in Brussels. Here are some more key takeaways from the conversation.

    • Defence/Aggression

      • Defence WebCombating piracy in the world’s most dangerous waters

        Norway and Ghana introduced the initiative and led the negotiation process leading up to the resolution, the Norwegian government said in a press release dated 31 May.

        “The waters off West Africa are the most dangerous in the world. Pirates have posed a threat to the safety of ships sailing in the Gulf of Guinea off West Africa for more than 10 years. The adoption of the resolution by the Security Council today is an important step in countering this threat,” said Norway’s Minister of Foreign Affairs Anniken Huitfeldt.

      • Craig MurrayBiden Works to Prolong Ukraine War

        Turkey continues to be the centre of diplomatic activity on resolving the Ukraine war. It is therefore particularly revealing, and a sign of Western priorities, that I did not come across a single western journalist there trying to follow and cover the diplomatic process. There are hundreds of Western journalists in Ukraine, effectively embedded with the Ukrainian authorities, producing war porn. There appear to be none seriously covering attempts to make peace.

      • Modern DiplomacyTerrorism, Radicalisation and Legitimacy

        In discussions about fighting terrorism, the word “radicalisation” is often used, yet its meaning remains unclear. Focusing only on intellectual radicalisation risks assuming that radical ideas are a proxy for terrorism or a crucial precursor when we know this is not the case. Different paths and processes of engagement in terrorism act differently for different individuals at different times and circumstances.

        This article examines the difficulties in defining radicalisation and radicalism and concludes that radicalisation, especially participation in terrorism, is best understood as a collection of distinct processes. It then discusses several potentially exciting theories, such as social movement theory, social psychology, and conversion theory, that could encourage future research into these processes. Further, the article describes potential frameworks for comprehending how the processes may assist terroristic activity.

      • SheffieldSheffield asylum seeker ‘posted Islamic State propaganda on social media after Liverpool bomb’, court told

        Denise Breen-Lawton, prosecuting, said it was the Crown’s case both were Islamic State (IS) supporters intending to encourage terrorism, or were reckless as to whether they might.

        She said the two defendants were communicating together through the chat function on Telegram from last April.

      • FirstpostKarnataka: Hizbul Mujahideen terrorist, hiding in Bengaluru mosque, who delivered Friday sermons, arrested

        News agency PTI quoted its sources in police saying that Hussain had fled Jammu and Kashmir with his wife and children as the hunt for him was intensified by the armed forces. He was hiding in Bengaluru and had allegedly taken shelter at a mosque in Srirampura.

        At the mosque, he used to deliver sermons during Friday prayers.

      • teleSURUN Strongly Condemns June 5 Attack on Church in Nigeria

        "The secretary-general condemns in the strongest terms the heinous attack in the St. Francis Catholic Church in Owo, Ondo State, on June 5 that resulted in the death and injuries of scores of civilians as people gathered for the Pentecost service," a statement from the UN Secretary General's spokesman, Stephane Dujarric said.

        "The secretary-general emphasizes that attacks on places of worship are abhorrent. He urges the Nigerian authorities to spare no effort in bringing the perpetrators to justice," the statement added.

    • Transparency/Investigative Reporting

      • RFA'Follow the party and prosper: oppose it and die'

        I finally found out that Li Peng had registered a complaint with the State Council that I, Bao Tong, had leaked details of a classified military decision made by the Central Committee's Politburo standing committee to the 13 researchers at the Central Political System Reform Research Group. In actual fact, those 13 people all testified that I had made no mention whatsoever of martial law, but instead had said I would be subjected to censorship, and asked them to abide by party discipline and keep quiet.

    • Environment

      • Energy

        • David RosenthalYou Can't Have One Without The Other

          I can paraphrase an important part of the epidemic of Blockchain Gaslighting as "cryptocurrencies have all sorts of problems but blockchains are a fantastic new technology with all sorts of uses that are nothing to do with financial speculation". Below the fold I show why this is false.

    • Finance

    • AstroTurf/Lobbying/Politics

      • NYPostNancy Pelosi’s husband bought up to $2.1M worth of Apple, Microsoft shares

        House Speaker Nancy Pelosi’s husband bought up to $1.5 million worth of Apple stock as well as up to $600,000 in Microsoft shares, according to recent financial disclosures submitted by the powerful Democratic lawmaker.

        The periodic transaction report, which was posted on the House of Representatives’ website, indicates that Paul Pelosi bought Apple call options between $500,001 and $1 million on May 13.

        Eleven days later, the venture capitalist bought additional Apple call options worth an amount between $250,001 and $500,000, according to the disclosure forms.

        That same day, Paul Pelosi also purchased Microsoft call options worth as much as $600,000.

      • Gatestone InstituteNATO Should NOT Pay Ransom to Turkey; Instead, Should Amend Rules to Expel It

        ErdoÄŸan seems to think that he has found a golden opportunity to blackmail the entire Western alliance, and get the maximum out of a list of official and unofficial demands. ErdoÄŸan also seems to be hoping to reset Turkey's badly strained ties with the West, most notably with the U.S. He appears to want a new, warm political welcome back into the Western world, along with a narrative to Turkey's anti-Western masses of how he brought the evil West to its knees -- always a sure vote-catcher in xenophobic Turkey. He badly needs that Western appeasement for his campaign for re-election in June 2023. Turkey's economy, with an annual inflation rate of 70%, is in doldrums to put it mildly.

      • Malay MailReligious affairs minister advises Muslims not to participate in Japanese folk festival to be held in Shah Alam next month

        He said this when asked to comment on the organisation of the annual Japanese festival, which has also received negative reactions on social media, especially among Muslims in the country.

        The event’s promotional poster also depicted an anime of a kimono-clad woman wearing a hijab.

      • The Register UKMusk repeats threat to end $46.5bn Twitter deal – with lawyers, not just tweets

        Elon Musk is prepared to terminate his takeover of Twitter, reiterating his claim that the social media biz is covering up the number of spam and fake bot accounts on the site, lawyers representing the Tesla CEO said on Monday.

        Musk offered to acquire Twitter for $54.20 per share in an all-cash deal worth over $44 billion in April. Twitter's board members resisted his attempt to take the company private but eventually accepted the deal. Musk then sold $8.4 billion worth of his Tesla shares, secured another $7.14 billion from investors to try and collect the $21 billion he promised to front himself. Tesla's stock price has been falling since this saga began while Twitter shares gained and then tailed downward.

    • Censorship/Free Speech

      • RFERLBlocked In Russia, TV Dozhd Gets License In Neighboring Latvia

        The popular Russian television station Dozhd, which was forced to suspend operations in March amid pressure linked to its coverage of the Russian invasion of Ukraine, says it will resume operations from Latvia.

        The chief of Latvia's National Council on Electronic Media (NEPLP), Ivar Abolins, said on June 6 that along with granting Dozhd TV a license, his agency also banned 80 Russian television channels from broadcasting in the country.

        The decision will come into force on June 9. It was not clear when Dozhd would begin broadcasting from Latvia.

      • The StrategistSmart Asian women are the new targets of CCP global online repression

        Right now, and often going back weeks or months, some of the world’s leading China journalists and human rights activists are on the receiving end of an ongoing, coordinated and large-scale online information campaign. These women are high-profile journalists at media outlets including the New Yorker, The Economist, the New York Times, The Guardian, Quartz and others. The most malicious and sophisticated aspects of this information campaign are focused on women of Asian descent.

        Based on open-source information, ASPI assesses the inauthentic Twitter accounts behind this operation are likely another iteration of the pro-CCP ‘Spamouflage’ network, which Twitter attributed to the Chinese government in 2019.

      • Gannett'Tool of genocide': Chinese government is forcibly removing organs from prisoners' bodies

        The leading medical transplant journal in the world recently made the case that Chinese prisoners are being forced to give up organs at the expense of their lives. The journal article carried this shocking headline – "Execution by organ procurement: Breaching the dead donor rule in China."

      • RFAPolice arrest six on banned Tiananmen massacre anniversary in Hong Kong

        Police in Hong Kong have arrested six people on public order offenses around the 33rd anniversary of the Tiananmen massacre near Victoria Park, commemoration of which has been banned under a draconian national security law for the third year in a row.

      • RFERLChechens Involved In Group Sex Video That Went Viral Have Been Killed, Says Police Source

        The video featuring two men and two women went viral and allegedly angered the leadership of Russia's tightly controlled, predominantly Muslim, republic of Chechnya.

    • Freedom of Information / Freedom of the Press

      • LA ProgressiveHarvard Students Protest Merrick Garland’s Commencement Speech over Assange Prosecution

        On Sunday, May 29, U.S. Attorney General Merrick Garland gave the commencement speech at the Harvard University graduation ceremony for the class of 2020-21. Harvard students teamed up with Boston Area Assange Defense and other local activists to protest Garland’s speech over the continued prosecution of Julian Assange.

      • The ConversationA new book argues Julian Assange is being tortured. Will our new PM do anything about it?

        If you answered yes to any or all of these questions, you are not alone. But the answers are actually no. At very least, it’s more complicated than that.

        To take one example, the reason Assange was dishevelled was that staff in the Ecuadorian embassy had confiscated his shaving gear three months before to ensure his appearance matched his stereotype when the arrest took place.

        That is one of the findings of the United Nations Special Rapporteur on Torture, Nils Melzer, whose investigation of the case against Assange has been laid out in forensic detail in The Trial of Julian Assange.

      • WSWSAustralian Broadcasting Corporation televising Ithaka: A fight to free Julian Assange this week

        The World Socialist Web Site spoke this week to Gabriel Shipton, a film producer and brother of Julian Assange. The WikiLeaks founder is again before a British court that will decide whether he will be dispatched to the United States for the “crime” of exposing illegal US wars, human rights abuses, mass spying operations and global diplomatic conspiracies affecting the lives of millions of people.

      • Michael West MediaAssange is still in jail – what can the new government do?

        Julian Assange is an Australian citizen facing over 170 years in a US prison for revealing the truth about US war crimes in Iraq and Afghanistan. His case is important for a number of reasons, including the inhumanity of keeping him locked up in the notorious Belmarsh prison in the UK as his mental and physical health declines. Assange’s case is an attack on freedom of speech. It also represents a dangerous development for citizens, journalists and publishers around the world because the United States is using its domestic laws to snare an individual who has no connection to the jurisdiction. This is the sort of law which Australia has condemned in the context of Beijing imposed laws on Hong Kong.

        Tonight, the ABC broadcasts a documentary Ithaka, a film by Julian’s brother Gabriel Shipton which follows their father John Shipton across the world as he campaigns for his son. The broadcast is a milestone in the Australian campaign to free Assange from the shackles that the US and UK have bound him since 2012, when he sought asylum in the Ecuadorean embassy in London, fearing, rightly, that he would extradited to the US.

      • Deutsche WelleIndia: Independent journalists take risks, lack support

        As journalists increasingly use social media to get their stories out, they take on all the risks of the job themselves. And these are growing. Last year, India saw one of its deadliest years on record for reporters.

    • Civil Rights/Policing

      • NPRThree Arizona police officers are placed on leave after looking on as a man drowned

        Authorities say they plan to release additional portions of the body camera video this week from all three responding police officers. That footage will also be edited "due to its graphic, sensitive nature," they said.

      • The Uvalde Massacre Has Exposed the Lies That Once Justified Police Militarization

        For years, the ever-increasing militarization of US police forces has been cast by its defenders as an indispensable tool for dealing with large-scale violence and mass-casualty events. Since the Uvalde massacre last month, that rationale lies in tatters.

      • ABC'Cowards': Teacher who survived Uvalde shooting slams police response

        In the wake of the shooting, law enforcement has come under immense scrutiny for failing to act faster. Seventy-seven minutes passed from the time the gunman entered the school until officers breached the door and killed him.

        "They're cowards," Reyes said. "They sit there and did nothing for our community. They took a long time to go in… I will never forgive them."

        Law enforcement and state officials have repeatedly corrected themselves and at times provided conflicting details about their response. At one point, a Texas Department of Public Safety official said the on-scene commanding officer made the "wrong decision" to wait to breach the barricaded classrooms.

    • Internet Policy/Net Neutrality

      • Ish SookunBenjamin Eshun appointed as Chairman & Dr. Abdalla Omari, Vice-Chairman of AFRINIC

        Last Friday, the Annual General Members Meeting of AFRINIC was held at Le Méridien Hotel, Mauritius. The AGMM was held in a hybrid format – members could attend the meeting on-site or virtually via an online meeting platform.

      • [Old] Brookings InstitutionStrengthening digital infrastructure: A policy agenda for free and open source software

        Like physical infrastructure, this digital infrastructure requires regular investment to further enable innovation, commerce, and a flourishing economy. However, also like physical infrastructure, there is a market failure in the private sector that leads to an underinvestment in digital infrastructure. Therefore, there is a clear need for government investment and regulation to ensure the future health, security, and growth of the FOSS ecosystem that has become indispensable to the modern economy.

        In this article I lay out policy proposals based on my academic research and that of others, as well as policies that exist in other countries who are ahead of the United States on investing in this critical asset. I first discuss the overall challenge FOSS faces and the limits of existing policy in the U.S. (which are primarily focused on government usage of FOSS, not on investing in the FOSS ecosystem directly). Finally, I present 11 policy proposals separated into four domains of focus: creating an open source program office; measuring and understanding the FOSS ecosystem; enhancing the positive economic impact of FOSS; and securing the FOSS ecosystem. Although there is no silver bullet for guaranteeing the future health and growth of FOSS, these proposals will go a long way towards ensuring FOSS can continue to play its essential role in enabling the modern U.S. economy to grow and flourish.

      • Gemipedia and Kennedy

        I've added both Gemipedia and Kennedy to the default search engines in Eva. That means that in the next version of Eva you will be able to search Gemipedia...

    • Monopolies

      • Copyrights

        • NYPostEx-senator’s wife accused of plagiarizing history book from Wikipedia

          California author Jean McCorquodale is under investigation from authorities following accusations that she plagiarized large passages of her “high-priced government history book” from Wikipedia and other sources. She claims to have been working on the tome since 2018.

        • The Progressive Street Performer Protocol

          The "Street Performer Protocol" is a classic vision for how creative works could be funded without using copyright to prevent copying. In short, the work is released only once people have pledged enough money to pass a threshold set by the creator.



Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day