Bonum Certa Men Certa

Links 28/06/2022: Vim 9.0 and vnlog 1.33



  • GNU/Linux

    • Audiocasts/Shows

    • Applications

      • LWNVim 9.0 released

        Version 9.0 of the Vim text editor has been released. The biggest change would appear to be the addition of the "Vim9 Script" language for editor customization...

      • vnlog 1.33 released

        This is a minor release to the vnlog toolkit that adds a few convenience options to the vnl-filter tool.

    • Instructionals/Technical

      • Julia EvansNotes on running containers with bubblewrap

        Hello! About a year ago I got mad about Docker container startup time. This was because I was building an nginx playground where I was starting a new “container” on every HTTP request, and so for it to feel reasonably snappy, nginx needed to start quickly.

        Also, I was running this project on a pretty small cloud machine (256MB RAM), a small CPU, so I really wanted to avoid unnecessary overhead.

        I’ve been looking for a way to run containers faster since then, but I couldn’t find one until last week when I discovered bubblewrap!! It’s very fast and I think it’s super cool, but I also ran into a bunch of fun problems that I wanted to write down for my future self.

      • HowTo GeekFix: Why Isn’t Linux Detecting My Wi-Fi Adapter?

        Historically, Linux has had a somewhat strained relationship with Wi-Fi cards. In recent years, the situation has changed considerably—and for the better—but it is still possible to boot into your new Linux installation and get that sinking feeling when you realize you’ve got no Wi-Fi.

        Installation routines are very good at identifying the various components of the target computer and configuring itself to work with that hardware. But problems can still happen.

        Troubleshooting hardware issues is difficult, especially if the only computer you have on hand is the broken device. Obviously, not everything presented here will be applicable to all cases. But hopefully, something below will either fix your issue or point you in the right direction.

      • Network WorldOpen-sourced tool speeds up Linux scripts via parallelization | Network World

        MIT has open-sourced pa.sh (also called pash), a tool that can dramatically speed up Linux scripts by using parallelization, saving time and without risk of introducing errors.

        The process of parallelization first examines a script for code that can be run separately and independently, so not all scripts can benefit from the tool. But when pa.sh does find portions that can run independently, it runs them in parallel on separate CPUs. It also uses other techniques to get the code to run faster.

        Below is a demonstration I ran on my home Fedora box, first running a script on its own and then again using pa.sh. Note that this script was provided with the pa.sh tool and lends itself to parallelization. It’s not nearly as demanding as scripts that might process gigabytes of data in a scientific or artificial-intelligence lab, so the results are not dramatic.

      • HaikuOS[GSoC 2022] ARM port and device tree support Phase 1

        The following will show how to compile haiku on osx and run it on qemu (my version: hrev56168)

      • EarthlyBuilding in Kubernetes Using Tekton

        Continuous integration/continuous delivery (CI/CD) principles offer multiple benefits to software organizations, including faster time to market, higher-quality code, and simpler and faster fault isolation. Applications built using CI/CD pipeline best practices tend to see a huge increase in users over time, necessitating a migration from a large codebase and low-scalability monolithic architecture to a more manageable and efficient microservice architecture.

        Kubernetes is one of the most popular platforms for automating the management, deployment, and scaling processes of microservice applications. Because Kubernetes is complex, though, a framework can help developers and operations teams use the platform to follow CI/CD practices in building applications. This is where Tekton comes in.

      • DragonFly BSD DigestHetzner cloud and DragonFly

        When you are setting up a DragonFly machine on Hetzner, pay attention to this bug report for dhcp setup. The short answer is “use dhcpcd”.

      • MakeTech EasierEmacs Keyboard Shortcuts - Make Tech Easier

        Emacs is a fully-featured text editor that is both powerful and extensible out of the box, without needing to install any additional packages to make it work. With Emacs, you can easily manipulate text and files by executing Lisp commands. These commands, in turn, are then bound to a series of simple keybindings which allows you to focus on what you need to do.

      • ELinuxHow to easily encrypt/decrypt a file in Linux with gpg

        No matter what you’re doing on your computer, you need to do so with an eye to security — that means using strong passwords, storing files in safe locations, and in some cases encrypting files. Fortunately, for nearly every usage, there are tools to enable you to encrypt your data…from transferring data online to storing data on a locally attached storage, even encrypting your entire drive.

        Since gpg is built into almost every Linux system, you won’t have to install anything to get this working from the command line. I’ll also show how to gain this functionality within the Nautilus (GNOME Files) file manager tool.

      • dwaves.degnu linux – bash console – animated ascii art – sl steam locomotive
      • OMG UbuntuTerminal Tip: 'duf' is Prettier Alternative to the 'df' Command - OMG! Ubuntu!

        I wouldn’t call myself a command line ninja but I do have a soft spot for getting things done using a CLI.

        At the end of 2021 I wrote a list of the best command line apps I use on the regular. In that rundown I spotlighted btop, a powerful and engaging alternative to top, and intro’d ncdu, an awesome, interactive replacement for the regular du command, written in Ncurses.

        This week I came across a similarly flashy “replacement” for another command that I use from time to time: df.

        Df is a command line basic that relays file system disc space usage on a(ll) drive(s). There are ample options you can pass to Df to tailor the output to your needs (something the df man-page will walk you through better than I can):

      • Linux Made SimpleHow to install FNF Psych Engine 0.6 Week 7 on a Chromebook

        Today we are looking at how to install FNF Psych Engine 0.6 Week 7 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • Using fwupdmgr to update NVME firmware – nullr0ute's blog

        The fabulous fwupdmgr provides the ability to easily update firmware that is published to Linux Vendor Firmware Service (LVFS) but it can also be used to apply updates that aren’t necessarily in LVFS. One type of firmware that it supports updating is NVME firmware, that’s basically any NMVE, because the standard specifies a standardised mechanism for updating the firmware on all NVME devices.

        I had a need to update a NVME firmware in an aarch64 device to see if it fixed an issue I was seeing. The Crucial P2 supported options were of course x86 only. The ISO download actually contained a little LinuxOS in an initrd on the .iso. The advice from Richard the fwupd technical lead was to “Look for a ~4mb high entropy blob” so mounting it up, I mounted the iso, extracted the initrd, and then used fwupdmmgr to apply the new firmware.

  • Distributions and Operating Systems

    • Fedora Family / IBM

      • IBM’s AI-powered Mayflower ship crosses the Atlantic [Ed: This was a complete failure. It did not even reach its destination.]

        A groundbreaking AI-powered ship designed by IBM has successfully crossed the Atlantic, albeit not quite as planned.

        The Mayflower – named after the ship which carried Pilgrims from Plymouth, UK to Massachusetts, US in 1620 – is a 50-foot crewless vessel that relies on AI and edge computing to navigate the often harsh and unpredictable oceans.

      • HPE Allies With Red Hat and SUSE on Containers - Container Journal

        At the HPE Discover 2022 conference, Hewlett-Packard Enterprise (HPE) today expanded its reach into container environments via separate alliances with Red Hat and SUSE.

        The Kubernetes-based Red Hat OpenShift platform along with Red Hat Enterprise Linux (RHEL) operating system and Red Hat Ansible automation platform will be made available via the HPE GreenLake managed service, HPE said.

    • Debian Family

      • Daniel PocockConsent & Debian's illegitimate constitution

        When an association is founded, whether it is incorporated or not, each member must give positive consent to be a member and to be bound by the organization's constitution. Being a member and being governed by the constitution are inseparable. The constitution is effectively a type of contract between the members. If a contract is not signed, it is not valid and if a member has not assented to create the association, they are not a member at all.

        Between 1993 and 1998, the original authors of Debian worked together without a constitution. They achieved a lot.

        When a constitution was proposed in 1998, 357 co-authors of Debian were asked to vote on the constitution. This is not really voting though: people who gave a positive vote were agreeing to be members. People who gave a negative vote or did not vote at all have not consented to the constitution and therefore there is no way we can think of them as members of anything.

        The names of people who voted were published. Those people, just 86 developers, became members of an association by giving their positive assent to be governed by a constitution in their dealings with each other.

        That means there are 357 - 86 = 271 people, or 76 percent, who were satisfied to work on Debian as joint authors without any notion of an association.

        A few weeks after 86 people formed their association, Jonathan McDowell copied 489 keys into the Debian keyring repository. Some people have more than one key so it is not exactly 489 people. By combining the 86 confirmed members with all the people who did not choose to be a member, McDowell and others have made it hard for the rest of the world to distinguish who is a member and who is simply an author of Debian.

    • Open Hardware/Modding

      • Tom's HardwareRaspberry Pi Restores Guitar Amp, Complete With Effects | Tom's Hardware

        Restoring old hardware is always more fun when you can throw in a Raspberry Pi. This project, created by maker and developer David Silverman, does just that, using a Pi to power an old Vox guitar amplifier. Not only does it work as an amplifier, it also has a few special effects thrown in to create custom sounds.

        This Pi-powered guitar amp system is housed inside the cabinet of an old Vox amplifier that, according to Silverman, is no longer working. A Pi 3B+ brings back the original functionality, with the help of a class D amplifier and some custom Python scripts created by Silverman himself. The case has been modified to house the Pi and features panels with port access, as well as knobs for the effects array.

      • LiliputingLilbits: Anbernic Win600 (handheld gaming PC), PineNote (Linux-friendly E Ink tablet), Firefox 102 and Chrome OS 103 - Liliputing

        The Anbernic Win600 handheld gaming PC is expected to go on sale July 5th. While Anbernic has been offering ARM-based handheld consoles with Android or Linux-based software for years, this will be the company’s first model with an x86 chip. It ships with Windows 10 software and supports alternate operating systems – Anbernic has already posted a download image and installation instructions for Valve’s Linux-based Steam OS.

        [...]

        In other recent tech news from around the web, developers are making progress porting Linux to work with Pine64’s PineNote E Ink tablet, specs and pictures of Samsung’s next rugged phone have leaked, Mozilla has released a new version of the Firefox web browser, and Google has released a new version of the operating system that powers Chromebooks.

  • Free, Libre, and Open Source Software

    • OSI BlogSentry: Why we support OSI

      Sentry is a developer-first application monitoring tool that allows development teams to holistically monitor their application health from frontend to backend. Used by 3.5 million developers and 85,000 organizations including some of the world’s best-known companies including GitHub, Peloton, Cloudflare and more.

    • Web Browsers

      • Mozilla

        • Make Use OfFirefox 102 Lands on Linux With Upgraded Geolocation, PDF Viewer, but Will Users Care?

          Firefox 102 has just been released by the Mozilla Foundation. One major Linux-specific change is the addition of GeoClue geolocation support, as well as a new PDF viewer.

          Firefox 102 Linux Enhancements

          Firefox 102's major enhancement for Linux is its support for the GeoClue service. GeoClue is a Linux-specific service for the D-bus message service that allows programs running on the same machine to communicate with each other. GeoClue is a service that approximates a user's location and allows apps that use geolocation to function, such as mapping apps.

        • OMG UbuntuThunderbird 102 is Available to Download — And It Looks Amazing - OMG! Ubuntu!

          A new version of Thunderbird, the popular free, open source e-mail client, is available to download for Windows, macOS, and Linux.

          And from the off the update makes a great first impression thanks to refreshed app icons and colourful new mail folders.

          I know, I know: “new icons” sounds a bit fluffy on paper, but their reality is more impactful. In an app like Thunderbird icons are used everywhere. They’re not there to (just) look good but also convey purpose/intent as clearly and concisely as possible. They’re how people understand the app.

        • ThunderbirdThunderbird 102 Released: A Serious Upgrade To Your Communication

          Thunderbird 102 is here! On behalf of the entire Thunderbird team, I’m thrilled to announce the availability of our major yearly release. Thunderbird 102 is loaded with highly-requested features, and we think you’ll be delighted by them.

          It features refreshed icons, color folders, and quality-of-life upgrades like the redesigned message header. It ushers in a brand new Address Book to bring you closer than ever to the people you communicate with. Plus useful new tools to help you manage your data, navigate the app faster, and boost your productivity. We’re even bringing Matrix to the party!

    • FSF

      • FSFHelp others find free software: Watch and share Escape to Freedom

        "Escape to Freedom" is a new animated video from the Free Software Foundation (FSF), giving an introduction to the concepts behind software freedom: both what we gain by having it, and what rights are at stake.

        Join our lead freedom-seeker, Zara, as she learns the importance of free software, and guides herself through the labyrinth of challenges posed to her by contemporary digital society, which offers the tempting allure of convenience in exchange for important rights. In search of freedom, she learns how to seize control of her own seemingly predetermined narrative and helps others do the same -- taking the ladder that leads to digital liberation step by step.

      • FSFFlock over to Mastodon on July 8 for an interactive session

        I hope this message finds you well, because we have some exciting news! On July 8, from 16:00-17:00 EDT (20:00-21:00 UTC), we are hosting a "Mastodon Hour."

    • FSFE

      • FSFEGreece about to secure Router Freedom but leaves fiber out

        Greece is one step closer to securing Router Freedom, but regulators are excluding fiber (FTTH) connections from the legislation. A coalition of organisations, allies of the FSFE, is now requesting that lawmakers reconsider this and thus safeguard the freedom of all users.

        Since 2021, the regulatory process that defines the network termination point (the NTP) in Greece has been carried out by the Hellenic Telecommunications and Post Commission (EETT). Defining the NTP is necessary to determine whether users have the right to choose their own router and modem or if their Internet Service Providers (ISPs) have the final say over network equipment.

        In April 2022, we welcomed that the Greek regulator proposed legislation safeguarding Router Freedom for common networks, such as DSL and coaxial. This is a leap forward in safeguarding consumer rights. However, in the same proposal, EETT has explicitly excluded fiber connections (FTTH), a decision that has the potential of negatively impacting end-users’ rights. The proposed regulation sets the NTP for fiber connections in a position that would make the optical terminal equipment part of the ISPs’ networks, making home network access equipment the property of the ISP.

        The FSFE assisted a coalition of organisations to respond to the EETT’s public consultation, supporting the regulator to implement Router Freedom for all types of internet connection, including FTTH.

    • Programming/Development

      • MedevelBishop AI: A JavaScript-based Virtual Assistant With Natural Language Processing

        It was created in 2018, making it one of the newest open source software. And it is also released under the MIT license. The program is written in JavaScript, and built to handle Q/A style conversation.

        [...]

        Bishop AI is a MIT project; that’s why it is very likely that you will find it already packaged and available to install.

      • MedevelAI Based Virtual Assistant in Python

        Many automation tools aims to help user in many fields in their life such as opening any application on the system, play and control music, solve mathematical expressions, getting weather details, and more.

  • Leftovers

    • Hardware

      • CNX SoftwareKEEN Ranger PT 4G LTE camera supports animal and human detection [Ed: Another gimmick with "apps" and fake camouflage]

        I’ve tested a few security cameras with human and vehicle detection capabilities, but Reolink has now added animal detection via the KEEN Ranger PT trail camera mostly designed to monitor four-legged animals in the wild.

        It’s somewhat similar to the Reolink Go Plus 4G camera with solar power support and 4G LTE connectivity, but also offers a 360€° view with pan/tilt control, a low-glow IR night vision, a 0.5s fast trigger speed, as well as GPS to track the position of cameras or sightings of animals on the mobile app.

      • HowTo Geek“Atari Was Very, Very Hard” Nolan Bushnell on Atari, 50 Years Later

        It’s been 50 years since Nolan Bushnell co-founded Atari, which brought video games to the mainstream. To celebrate, we asked Bushnell what he learned during the early years—and what we’ve lost sight of since then.

    • Health/Nutrition/Agriculture

      • John GruberThe Dissent

        There’s a lot to read regarding today’s 6-3 decision by the U.S. Supreme Court to overturn Roe v. Wade, making official what we’ve known was about to happen since a near-final draft leaked in early May. I humbly suggest starting with the dissent, written by all three dissenting justices, Breyer, Sotomayor, and Kagan. Their dissent begins on page 148 of the PDF decision.

    • Linux Foundation

      • FOSSLifeOpen Source Security Report Highlights Vulnerabilities in Code Dependencies [Ed: FUD as "studies"]

        Snyk and the Linux Foundation have released The State of Open Source Security, a joint research report that details various security risks resulting from the widespread use of open source software (OSS) in application development, including vulnerabilities found in dependencies.

      • Linux Foundation's Site/BlogDelta Lake project announces the availability of 2.0 Release Candidate - Linux Foundation

        Delta Lake has been a Linux Foundation project since October 2019 and is the open storage layer that brings reliability and performance to data lakes via the “lakehouse architectures”, the best of both data warehouses and data lakes under one roof. In the past three years, lakehouses have become an appealing solution to data engineers, analysts, and data scientists who want to have the flexibility to run different workloads on the same data with minimal complexity and no duplication – from data analysis to the development of machine learning models. Delta Lake is the most widely-used lakehouse format in the word and currently sees over 7M downloads per month (and continues to grow).

      • Dark ReadingLinux Foundation Announces Open Programmable Infrastructure Project to Drive Open Standards for New Class of Cloud Native Infrastructure
      • Silicon AngleDatabricks donates Delta Lake framework and MLflow operations platform entirely to open source - SiliconANGLE

        Databricks Inc. opens its Data + AI Summit today with the announcement that it will release the entirety of its Delta Lake storage framework to open-source under the oversight of the Linux Foundation.

        That means there will no longer be any functional differences between the Databricks-branded Delta Lake and the open-sourced version. The company said it will similarly release its recent enhancements to the MLflow machine learning operations platform and Apache Spark analytics framework to open source. Databricks also rolled out several new features for its core Lakehouse data lake.

    • Security

      • Daniel StenbergOops, I spilled the beans | daniel.haxx.se

        Saturday June 18: I had some curl time in the afternoon and I was just about to go edit the four security advisories I had pending for the next release, to brush up the language and check that they read fine, when it dawned on me.

        These particular security advisories were still in draft versions but maybe 90% done. There were details, like dates and links to current in-progress patches, left to update. I also like to reread them a few times, especially in a webpage rendered format, to make sure they are clear and accurate in describing the problem, the solution and all other details, before I consider them ready for publication.

        I checked out my local git branch where I expected the advisories to reside. I always work on pending security details in a local branch named security-next-release or something like that. The branch and its commits remain private and undisclosed until everything is ready for publication.

        (I primarily use git command lines in terminal windows.)

        The latest commits in my git log output did not show the advisories so I did a rebase but git promptly told me there was nothing to rebase! Hm, did I use another branch this time?

        It took me a few second to realize my mistake. I saw four commits in the git master branch containing my draft advisories and then it hit me: I had accidentally pushed them to origin master and they were publicly accessible!

        The secrets I was meant to guard until the release, I had already mostly revealed to the world – for everyone who was looking.

      • The Register UKTencent admits to poisoned QR code attack on QQ account
      • Sysdig Adds Ability to Make Container Runtimes Immutable - Container Journal

        Sysdig today added a Drift Control capability to its container security platform that makes it possible to lock down runtime environments.

        Daniella Pontes, senior manager for product marketing at Sysdig, says IT teams can now maintain immutable instances of runtimes in production environments that can’t be modified.

        At the same time, Sysdig says it is partnering with Proofpoint to make threat intelligence feeds available to IT teams that have deployed its container security platform.

        The Sysdig container platform is built on Falco, an open source container runtime security platform that is being advanced under the auspices of the Cloud Native Computing Foundation (CNCF).

      • TechRepublicBest ways to incorporate security into the software development life cycle

        The software development life cycle is not a one-off process that software developers can implement in a linear form. Instead, there are phases of the SDLC that intertwine into many loops where thorough checks are carried out to ensure the proper outcome of the software.

        However, it’s not just enough to loop through the phases of SDLC without the proper integration of security checks in each phase. So, what, then, makes a secure software development life cycle?

      • Security WeekCISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks [Ed: Well, CISA and the media also downplay all the actively-exploited holes in Windows. In corporate media, remote compromise of Microsoft Windows is treated as equally severe as a GNU/Linux users, already with access to a machine, running a command as a more privileged user. Amazing.]

        The US Cybersecurity and Infrastructure Security Agency (CISA) says a Linux vulnerability tracked as CVE-2021-4034 and PwnKit has been exploited in attacks.

        The flaw, which came to light in January, affects Polkit, a component designed for controlling system-wide privileges in Unix-like operating systems. Polkit is developed by Red Hat, but it’s also used by other Linux distributions.

        PwnKit has been described as a memory corruption issue that can be exploited for privilege escalation — it allows any unprivileged local user to elevate permissions to root.

    • Defence/Aggression

      • Marcy WheelerCassidy Hutchinson Proves that Trump Knew the Mob He Sicced on Mike Pence Was Armed

        Cassidy Hutchinson just gave absolutely historic testimony implicating Donald Trump, Mark Meadows, and other in January 6. (My live tweet is here.) The woman is incredibly poised and courageous. Her testimony might help to turn the tide against Trumpism in this country.

        But her testimony is not enough, yet, to charge Trump in January 6.

        Without taking anything away from her dramatic testimony, I’d like to boil down what she said that will be useful in holding Trump accountable.

  • Gemini (Primer)



Recent Techrights' Posts

Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
 
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024