In Putin’s Russia 2023 is the year of Linux on the desktop
Tsar Putin’s invasion of Ukraine is forcing the country to switch to Linux.
According to the Kommersant newspaper, now that Microsoft will not touch Russia with a barge pole, some companies are looking for pirated software.
Russia-based web searches for pirated Microsoft software have surged by as much as 250 per cent after the company suspended new sales on March 4, according to Kommersant. In June so far, there's been a 650 per cent surge in searches for Excel downloads, the media outlet added.
It has been said that the Linux distribution can take in a lot of stress, and they can perform well in the benchmark result with the same hardware as the windows OS. Before running heavy software on your Linux system, you might want to run the Linux CPU stress test to determine how much stress this PC can take for better performance.
The CPU stress tests are mostly run by the developers and programmers who need to know the durability and strength of a system before releasing this publicly. As the Linux systems are free and open-source, the developers build different distributions with different-level hardware optimizations.
Last week, AOPEN unveiled its latest Mini PC, and this tiny box is the most “Flexible” device ever to grace the ChromeOS space. Why flexible? Well, the all-new AOPEN ACE Mini isn’t a standard Chromebox. Instead, this Mini PC is a customizable Intel-based solution that can run a variety of operating systems based on customers’ specific needs. The official OS list includes Windows 10, 11, Ubuntu Linux, and ChromeOS Flex. That’s right. This is the first device to market that will actually support and offer ChromeOS Flex out of the box.
 The 4K Linux laptops are coming and it looks like we will soon be able to buy one from Star Labs, which are known for their powerful StarLite and StarBook Linux notebooks, as well as the Byte mini PC.
Today, Star Labs took to Twitter to tease us with an upcoming Linux-powered laptop, the Star Labs StarFighter, which promises to ship with a 15.6-inch 4K 10-bit matte IPS display, 45W AMD or Intel processors, up to 64GB RAM, and up to 2TB SSD storage.
Cinchy, a provider of a platform that isolates data from the applications used to create it, has released an update that adds Kubernetes support.
Cinchy CTO Karanjot Jaswal says the Cinchy Dataware Platform 5.0 makes it possible to deploy the platform on a Kubernetes cluster that accesses data on external storage systems. That capability also makes it easier to scale the Cinchy Dataware Platform up and down as required, he added.
Microservices allow software developers to design highly scalable, highly fault-tolerant internet-based applications. But how do the microservices of a platform actually communicate? How do they coordinate their activities or know who to work with in the first place? Here we present the main answers to these questions, and their most important features and drawbacks. Before digging into this topic, you may want to first read the earlier pieces in this series, Microservices: Definition and Main Applications, APIs in Microservices, and Introduction to Microservices Security.
[...]
Certain workflows are by their own nature highly synchronous and predictable. Others aren’t. This means that many real-world microservice platforms could and probably should mix both approaches to obtain the best combination of performance and resistance to faults or peak loads. This is because temporary peak loads – that may be best handled with choreography – may happen only in certain parts of a platform, and the faults with the most serious consequences, for which tighter orchestration could be safer, only in others (e.g. purchases of single products by end customers, vs orders to buy the same products in bulk, to restock the warehouse) . For system architects, maybe the worst that happens could be to design an architecture that is either orchestration or choreography, but without being really conscious (maybe because they are just porting to microservices a pre-existing, monolithic platform) of which one it is, thus getting nasty surprises when something goes wrong, or new requirements turn out to be much harder than expected to design or test. Which leads to the second of the two general rules mentioned above: don’t even start to choose between orchestration or choreography for your microservices, before having the best possible estimate of what their real world loads and communication needs will be.
Our guest this week has more Raspberry Pis than anyone we've ever met. We get insights into all the projects he used them for, what's worked great, and what's not worked at all.
Choosing a Linux distribution can be difficult, especially if you don’t know much about Linux. However, over the past several years I’ve tried almost every Distribution that you can choose. There are some that I have not installed, because it was just more of the same.
 The Linux Kernel is a brilliant piece of software engineering. At more than a million lines of code, it is arguably one of the most complex programs that is still in active development today. Since the late 1990s, the Linux kernel has been used in both computationally intensive projects as well as barebones embedded applications.
Despite all of that, the Linux kernel is just a program that serves as a link between the hardware in your computer and the software that you use everyday. It is what allows you to use a wide range of devices for the programs that you use on a daily basis.
One example of this hardware-software linking is the Advanced Linux Sound Architecture (ALSA). ALSA is a sound driver framework that is built-in to the Linux kernel. It allows you, among other things, to easily install a sound card and configure it to immediately run with your favorite program.
The popular Vim text editor released new major 9.0 version few days ago with many new features and large number of new features.
The new release introduced Vim9 script with drastic performance improvements. The execution speed can be increased via 10 to 100 times faster. However, function must be defined with def, and the argument and return types must be specified to benefit from the speed-up.
Legacy scripts will keep working as before. The new script syntax now looks a lot more like most programming languages. Line continuation does not require using a backslash; Function calls do not require call, assignments are done without let and expressions are evaluated without eval. And, comments now start with #.
Microsoft Exchange Server is a mail server and calendaring server. It is proprietary software that’s not available for Linux. We recommend the following free and open source alternatives.
Since CDs and DVDs have become rather obsolete, USBs are now the primary tool for installing new operating systems. To do so, you first need to make a bootable USB with installation files on it.
On traditional PCs running Windows, Linux, or macOS, you can create a bootable USB using software like Rufus or Etcher. You can even do it through the command prompt or terminal.
If you are using a Chromebook, though, the method is a bit different. Here's how you can create a bootable USB on your Chromebook.
Today we are looking at how to install the PokeMMO on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
Atom is an open-source text editor, built by Github, It is free. User friendly. Has a lot of extensions that you can use when coding or working on your other projects, offers multiple language-syntax support, Cross-platform editing, builtin package manager, smart autocompletion and It is fully customizable, which means you can customize/build your own custom version of Atom.
I want to call out a stellar article that told me exactly what I needed to do in order to use virt-install and cloud-init to launch a cloud-image. The only thing I have to add is the caveat that the #cloud-config comment at the top of the user-data file is required. The system will ignore the file if it does not start with that comment. This is the easiest way I know to launch a brand new VM.
Every so often I need to install Windows, most recently for my GNOME on WSL experiments, and to do this I need to write the Windows installer ISO to a USB stick. Unlike most Linux distro ISOs, these are true, pure ISO 9660 images—not hybrid images that can also be treated as a DOS/MBR disk image—so they can’t just be written directly to the disk. Microsoft’s own tool is only available for Windows, of course.
I’m sure there are other ways but this is what I do. I’m writing it down so I can easily find the instructions next time!
In this video, I am going to show how to install KaOS 2022.06.
A PSK, or pre-shared key, is a password made up of a random string of characters while encrypting and decrypting data. As the name implies, both parties engaged in the cryptographic process are aware of the key in advance, as it is required not only for decryption but also for encrypting the data.
Hackers can’t take our data over a network if we use pre-shared keys during data transfer., which is important because our security is at risk practically all of the time. Using a PSK while sharing data also ensures that only the people you wish to share it with have access to it.
In this article, I am going to explain the ways to generate the PSK keys on Ubuntu Linux with examples and commands.
npm is a software package manager for JavaScript programming language. npm makes it easy for JavaScript developers to share the code they write. npm also provides a command-line interface to manage the dependencies in a project. Docker is a containerization platform that allows developers to package their applications and dependencies into a portable image.
npm with Docker makes it easy to package and ship Node.js applications. npm with Docker also enables developers to share their code easily. npm with Docker is an excellent tool for JavaScript developers who want to share their code with others.
In this tutorial, we will show you how to install OpenRGB on Ubuntu 22.04 LTS. For those of you who didn’t know, OpenRGB is free and open-source software used to control RGB lighting control that does not require manufacturer software. The project is focused to provide support for multiple hardware manufacturers’ products to reduce the program load, which is limited to Windows, superfluous.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the OpenRGB on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
One of the most popular media players is the VLC ( VideoLAN Client) that always finds its way to be on the editorial list of best Open-source players. The key reason behind its wide the acceptance is – VLC media player plays files of all important audio and video formats. A double click is enough, alternatively, you can load files into the VLC interface using drag & drop or tap a video DVD using the menu bar command.
The player supports MPEG and DivX streaming and can therefore also play videos during the download. You can also play files packed by ZIP without having to unpack them beforehand. Users can artificially increase the volume of the film up to 200 percent if the video is too quiet.
Common formats VLC supports are Formate: AAC, AC3/A52, ASF, AVI, DTS, FLAC, FLV, H.264, MIDI, MKV, MOV, MPG, MPEG (ES, MP3, MP4, PS, PVA, TS), MXF, OGG, OGM, Raw DV, Real (RAM, RM, RMVB, RV), WAV, WMA, WMV, 3GP.
In this tutorial, we will explore how to install Android Studio on Ubuntu 22.04.
Android Studio is the Integrated Development Environment for Android app development. Whenever you want to start developing android applications, the easiest and the most effective IDE is always the Android studio. It is well tested and offers all the functionalities other code editors provide.
The Wine development release 7.12 is now available.
What's new in this release: - Theming support for Qt5 applications. - Bundled vkd3d upgraded to version 1.4. - Improved effect support in Direct2D. - QWORD support in registry tools. - Various bug fixes.
The source is available at:
https://dl.winehq.org/wine/source/7.x/wine-7.12.tar.xz
Binary packages for various distributions will be available from:
https://www.winehq.org/download
You will find documentation on https://www.winehq.org/documentation
You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.
Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
Another couple of weeks, another alpha snapshot from the development branch, this time with 4.0 alpha 11! Same deal as usual, lots of bugs fixed and more refactoring and feature work. We're etching closer and closer to the beta stage, things are starting to fall into place!
Doom was an incredibly popular video game by Id software which, six years following its release, was made open source under the GPLv2 license. Thanks to this release, combined with the solid software design and lasting legacy of backwards compatibility in C, Doom has been ported to countless platforms by countless programmers. And I recently added myself to this number :)
[...]
As I was working, I gradually came to understand that Helios was pretty close to supporting all of these features, and thought that the time to give Doom a shot was coming soon. In my last status update, I shared a picture of a Helios userspace program utilizing the framebuffer provided by multiboot, ticking one box. We’ve had dynamic memory allocation in userspace working since June 8th. The last pieces were a keyboard driver and a C library.
I started with the keyboard driver, since that would let me continue to work on Hare for a little bit longer, providing a more direct benefit to the long-term goals (rather than the short-term goal of “get Doom to work”). Since Helios is a micro-kernel, the keyboard driver is implemented in userspace. A PS/2 keyboard driver requires two features which are reserved to ring 0: I/O ports and IRQ handling. To simplify the interface to the essentials for this use-case, pressing or releasing a key causes IRQ 1 to be fired on the PIC, then reading from port 0x60 provides a scancode. We already had support for working with I/O ports in userspace, so the blocker here was IRQ handling.
Helios implements IRQs similarly to seL4, by using a “notification” object (an IPC primitive) which is signalled by the kernel when an IRQ occurs. I was pleased to have this particular blocker, as developing out our IPC implementation further was a welcome task. The essential usage of a notification involves two operations: wait and signal. The former blocks until the notification is signalled, and the later signals the notification and unblocks any tasks which are waiting on it. Unlike sending messages to endpoints, signal never blocks.
 When it comes to Linux desktops, GNOME is the name that pops up the most. Why is GNOME so popular among the Linux community? And is it the best?
There are many Linux desktop environments, but among all the options, GNOME has long been the leader.
People can easily debate preferences and why they prefer one desktop over another, but GNOME’s position isn’t a matter of opinion. It appears on the largest number of Linux-powered PCs.
So here’s a look at various ways GNOME is the furthest of all the desktop environments in the free software world and some reasons why.
 Work on the next major release of the popular GNOME desktop environment, GNOME 43, is underway and we’re getting closer to the first alpha development release with lots of new features like support for web apps in Software, a new device security info panel in Settings, and support for WebExtensions in Web.
Update on what happened across the GNOME project in the week from June 24 to July 01.
I wrote a technical overview of the WebKit WPE project for the WPE WebKit blog, for those interested in WPE as a potential solution to the problem of browsers in embedded devices.
This article begins a series of technical writeups on the architecture of WPE, and we hope to publish during the rest of the year further articles breaking down different components of WebKit, including graphics and other subsystems, that will surely be of great help for those interested in getting more familiar with WebKit and its internals.
There are thousands of Linux distributions to choose from, ranging from the user-friendly (such as Ubuntu and Linux Mint) to the very complicated (such as Gentoo). Every distribution that claims to be user-friendly isn't exactly cut from the same cloth, and how a distribution is made user-friendly depends on a great number of things. Package managers, desktop environments, and pre-installed applications are all areas that every Linux distribution claiming to be user-friendly must consider.
To that end, when a new distribution arrives, claiming to be user-friendly, the first thing I do is examine those three areas. So when the developer of GeckoLinux announced a new distribution, called Spiral Linux, I did just that.
Zoom, the cloud meeting company, unifies cloud video conferencing, simple online meetings, and group messaging into one easy-to-use platform. Our solution offers the best video, audio, and screen-sharing experience across Zoom Rooms, Windows, Mac, Linux, iOS, Android, and H.323/SIP room systems.
Mozilla Firefox is a mature web browser for the PCLinuxOS desktop. It is ranked as one of the best browsers on the market.
Mozilla Thunderbird is a mature email client for Linux and other operating systems.
TeamViewer provides easy, fast and secure remote access and meeting solutions to Linux, Windows PCs, Apple PCs and various other platforms, including Android and iPhone.
Shotcut is a free and open-source cross-platform video editing application for Windows, OS X, and Linux.
This week, many of us were busy with hack week. Naturally, this took away some resources for regular Tumbleweed work, but I am sure we will see some new things coming out of that week again relatively soon. I tried to keep Tumbleweed rolling this week, which was not that difficult: stagings were never overcrowded, and some snapshots were relatively small changes. And so it comes that we have released 6 snapshots during this week (0624..0629).
One thing I wanted to investigate during the Hackweek was trying out whether openSUSE Leap would offer my Raspberry Pi Zero 2 a nice and stable option for motion detection camera recording. I have had RPi 3 Model A+ doing this for a longer time, and a Zero model before that, but the newer RPi Zero 2 has been a bit unstable for so far unknown reason. There are also some unoptimal combinations of too old or too fresh software in the official Raspberry Pi OS releases. You can read more in my hackweek project page
This is a weekly report from the CPE (Community Platform Engineering) Team. If you have any questions or feedback, please respond to this report or contact us on #redhat-cpe channel on libera.chat (https://libera.chat/).
As Red Hat is modernizing our approach to Compliance as Code, we are making some changes to better provide our customers with the most accurate information available. One of the recent changes involved "ATO Pathways" — the website previously hosted at https://atopathways.redhatgov.io. We’ve removed the content and instead have posted links directing people to alternate sources of information to provide our customers with the best paths forward. We explore those paths in this article.
The IT industry not only looked very different 20 years ago, product security looked very different as well. Open source software wasn’t mainstream and the majority of vendors had full control and secrecy over their product code.
Today, however, almost every software vendor contributes to and incorporates open source software within their product or managed service (herein called "offerings"), but does this impact the security of these offerings? In particular, what is Red Hat doing to demonstrate that our offerings are developed in a secure manner and provide trustworthy solutions? Red Hat, like other software vendors, continues to monitor and participate in developing solutions which meet emerging market requirements, customer demand and ongoing cybersecurity requirements issued by governments around the world.
Even as employers scramble to hire amid “The Great Resignation,” landing a job in an interview starts by focusing not on yourself, but on the company and your potential boss.
Companies looking to hire any position, whether it is a CIO, a C# fullstack developer, a customer success manager, or a chief marketing officer, are recruiting due to need. And the need usually comes in two forms: alleviating pain and/or leveraging an opportunity.
The pain might be replacing a person who is not working out in their role. The opportunity might be growth and meeting new customer demands.
During the pandemic, organizations worldwide rapidly adopted digital technologies that enabled them to work, communicate, and collaborate without face-to-face meetings. These same organizations also had to quickly pivot their hiring practices, relying on video calls instead of traditional interviews. To help navigate this new normal, some hiring teams implemented automated hiring platforms.
Using an automated hiring platform provides many benefits, including increased productivity and less time spent interviewing candidates who may not have the requisite qualifications. Automated platforms can handle some of those pre-screening steps, ensuring that hiring managers meet with candidates who already possess the right skills.
This is a common misconception. Carola is not the project name. It’s the keyword the PVA reacts to by default. It is similar to “Alexa” or “OK, Google” for those who are familiar with those products. You can configure this keyword. You can also configure other things such as your location, which applications to use by default when opening media files, what CardDAV server to use when looking up contact information, etc. These settings can be personalized for each user. Some of them can even be changed by voice command (e.g. the name, the default TTS engine, and the default apps).
In 2021 I read an article about the Speech-To-Text (STT) system Vosk[2] and started to play a bit with it. The installation was easy. But there was no use-case except for writing what one said down to the screen. A few hours and a hundred lines of Java code later, I could give my PC simple commands. After a few more days of work, it was capable of executing more complex commands. Today, you can tell him/her/it to start apps, redirect audio streams, control audio and video playback, call someone, handle incoming calls, and more.
 Debian GNU/Linux 9 “Stretch” was released on June 17th, 2017, and it was superseded by the Debian GNU/Linux 10 “Buster” series on July 6th, 2019. At that point in time, Debian GNU/Linux 9 “Stretch” support was transferred to the Debian LTS project to extend its lifetime to up to five years for those who needed it.
Those five years are now gone as the end of life was reached on June 30th, 2022.
Good news for especially determined fans of Ubuntu's formerly in-house desktop: there's a new version.
Unity 7.6 just appeared, although there is a more complete list of changes in the earlier announcement that it was in testing.
It has been quite a while since the Ubuntu's Unity desktop was updated. The last time it was bundled was Ubuntu 17.04, and the last release from Ubuntu itself was v7.5.
This new release doesn't come from Canonical: it's from Linux wunderkind Rudra Saraswat and his UnityX project. Users of the unofficial Ubuntu Unity remix, which we looked at a few month ago, will get the new version automatically.
The Reg FOSS desk has Ubuntu Unity 22.04 running on a couple of laptops and we can report that the new version does fix a few small glitches. The Unity remix is progressively replacing GNOME components, such as the text editor and file manager, with ones from other desktop projects, in order to get back features which GNOME has removed – notably, menu bars.
So Ubuntu Unity 22.04 uses the Nemo file manager from the Cinnamon desktop, rather than GNOME's Nautilus, and MATE's Pluma text editor instead of GEdit. As a small example, the update makes right-clicking the trashcan in the Launcher to empty it work again, without needing to open the trashcan's own window.
The Web and design team at Canonical run two-week iterations building and maintaining all of the Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration.
[...]
Have you had to do dull, slow and repetitive actions at work? Sometimes it’s unavoidable, but sometimes it can also be an opportunity for a developer to rediscover what it means to be a developer and solve these situations with code.
The UA-QA tool originated from such a situation. It will help us test our Ubuntu Advantage subscription system on ubuntu.com. This also aims to improve the quality of our test scenarios: we can prepare test accounts to hold a wide variety of subscriptions just as users would have in real-world scenarios.
ZigUNO Zigbee development board comes with an Ebyte E18-MS1 module equipped with Texas Instruments SimpleLink CC2530 8051 Zigbee microcontroller and follows Arduino UNO form for Arduino Shield compatibility.
The board works with PTVO Zigbee firmware that comes with a graphical configuration tool to select the Zigbee chip used (CC2530), configure I/O behavior (input/output, pull-up, etc…), and more. The developers also suggest using DIYRuZ projects as examples to get started.
TileMill is a design environment developed by MapBox for cartography, constituting Mapnik as a renderer, CartoCSS as a stylesheet language, and a locally-served web interface with Node.JS as a server and based on Backbone.js for the client.
Older versions up to 0.10.x are available with a native GUI on all supported platforms.
OmniDB is an open source browser-based app designed to access and manage many Database Management systems, e.g. PostgreSQL, Oracle and MySQL.
OmniDB can run either as an App or via Browser, combining the flexibility needed for various access paths with a design that puts security first.
OmniDB’s main objective is to offer an unified workspace with all functionalities needed to manipulate different DMBS. DBMS specific tools aren’t required: in OmniDB, the context switch between different DBMS is done with a simple connection switch, without leaving the same page. The end-user’s sensation is that there is no difference when he/she manipulates different DBMS, it just feels like different connections.
[...]
OmniDB is an open-source project that is released under the MIT license.
Payload is a free open-source headless CMS that built on top of Node.js technologies as TypeScript, React, and Express. It uses MongoDB as a database backend.
It comes with a clean clutter-free admin control panel, a rich documentation, and a developer-friendly structure to build websites, CMS, mobile apps, eCommerce solutions, and any web apps.
RosarioSIS is a Free & open source Student Information System (SIS), also known as School Management System (SMS) or even School ERP.
It is designed to address the most important needs of administrators, teachers, support staff, parents, students, and clerical personnel.
However, it also adds many components not typically found in Student Information Systems.
Collabora has released CODE 22.05, the new Developer Edition of its web-based corporate version of LibreOffice.
CODE is the Collabora Online Development Edition of Collabora Office, which we took a quick look at recently. The new version 22.05 offers a number of fresh features and performance improvements.
The suite now supports external grammar checkers, which you can check out using LanguageTool. This not only detects spelling errors but grammatically incorrect sentences as well as everything from errant apostrophes to duplicated words and faulty punctuation.
Spreadsheet handling got a major uplift with capability to support 16,384 columns, and the app can now generate sparklines – tiny, scaleless line graphs, inline with written text, which are an easy-to-understand way to visualize trends in data.
Lately there has been a lot of discussion about various silos and their activities, notably GitHub and an up and coming alternative to Tumblr called Cohost. I’d like to talk about both to make the point that silos do not, and can not elevate user freedoms, by design, even if they are run with the best of intentions, by analyzing the behavior of both of these silos.
It is said that if you are not paying for a service, that you are the product. To look at this, we will start with GitHub, who have had a significant controversy over the past year with their now-commercial Copilot service. Copilot is a paid service which provides code suggestions using a neural network model that was trained using the entirety of publicly posted source code on GitHub as its corpus. As many have noted, this is likely a problem from a copyright point of view.
Microsoft claims that this use of the GitHub public source code is ethically correct and legal, citing fair use as their justification for data mining the entire GitHub public source corpus. Interestingly, in the EU, there is a “text and data mining” exception to the copyright directive, which may provide for some precedent for this thinking. While the legal construction they use to justify the way they trained the Copilot model is interesting, it is important to note that we, as consumers of the GitHub service, enabled Microsoft to do this by uploading source code to their service.
Now let’s talk about Cohost, a recently launched alternative to Tumblr which is paid for by its subscribers, and promises that it will never sell out to a third party. While I think that Cohost will likely be one of the more ethically-run silos out there, it is still a silo, and like Microsoft’s GitHub, it has business interests (subscriber retention) which place it in conflict with the goals of digital autonomy. Specifically, like all silos, Cohost’s platform is designed to keep users inside the Cohost platform, just as GitHub uses the network effect of its own silo to make it difficult to use anything other than GitHub for collaboration on software.
Flamerobin 0.9.3.12 Snapshot released with a few Firebird 4 fixes , here is the changelog
So my previous post introduced a trivial interpreter for a TCL-like language.
In the past week or two I've cleaned it up, fixed a bunch of bugs, and added 100% test-coverage. I'm actually pretty happy with it now.
[...]
Doing more than that is hard though without support for more primitives written in the parent language than I've implemented. The obvious thing I'm missing is a native implementation of upvalue, which is TCL primitive allowing you to affect/update variables in higher-scopes. Without that you can't write things as nicely as you would like, and have to fall back to horrid hacks or be unable to do things.
Following the release of 5.36.0, we have a new Perl Steering Council (PSC). The PSC for the next year comprises Ricardo Signes (RJBS), Paul Evans (PEVANS), and Philippe Bruhat (BOOK). These three will serve until 5.38.0 is released, at which point the next PSC will be elected.
As described in a previous blog post, in 2020 we established a new governance structure for the Perl programming language. In brief, the perl5-porters (P5P) mailing list continues to be the place where the future of Perl is discussed. Anyone on the list can follow the RFC process to propose new language features. The PSC are shepherds for that process, and adjudicate where consensus doesn't emerge.
The Linux fold command enables you to break a string of characters into same-size chunks, but it can also be used to provide a series of characters or strings to drive a loop. This post reviews the basic command and then demonstrates how you can use it to loop through the characters or strings that it creates.
The basic use of the fold command is to take long lines of text and break them into shorter pieces. One common use is to shorten lines in a text file so that they display well in a terminal window. Lines wider than the terminal width might otherwise wrap in inconvenient places.
The fold command can also be used to create a narrower file from a file with lines that are inconveniently long.
The Java programming language is well into its third decade, and the language and its byte code have found a home in everything from embedded chips to massive server farms. Java's combination of a rock-solid virtual machine and a large collection of libraries make a fertile ecosystem for writing code that runs everywhere.
One area where Java has struggled, however, is the world of servers, which often must juggle connections from thousands or even millions of users. In the early years, Java tools were among the best for creating server-side applications that enforced business logic for all users. Java frameworks like J2EE, Hibernate, Spring, and the basic Java servlets model made it relatively easy to create strong web applications.
The Rust Language Server (RLS) is being deprecated in favor of rust-analyzer. Current users of RLS should migrate to using rust-analyzer instead. Builds of RLS will continue to be released until at least the Rust 1.64 release (2022-09-22), after which no new releases will be made. This timeline may change if any issues arise.
RLS is an implementation of the Language Server Protocol (LSP) which provides enhanced features with any editor that supports the protocol, such as code-checking and refactoring. RLS was introduced by RFC 1317 and development was very active from 2016 through 2019. However, the architecture of RLS has several limitations that can make it difficult to provide low-latency and high-quality responses needed for an interactive environment.
Development of rust-analyzer began near the beginning of 2018 to provide an alternate LSP implementation for Rust. rust-analyzer uses a fundamentally different approach that does not rely on using rustc. In RFC 2912 rust-analyzer was adopted as the official replacement for RLS.
All vehicle manufacturers are having quality control problems, but Tesla is very nearly the worst.
This is according to J.D. Power and Associates and their survey of new vehicle owners for the 2022 model year.
Buick was at the top of the list for quality control, and Tesla was near the bottom, which is also a problem because it costs too much to repair them after the warranty ends and you may not see your car for days or weeks.
Tesla is also having huge financial problems and Elon Musk is busy firing thousands of people, many over a video call that’s arranged with no notice.
Most recently, he fired the entire office in San Mateo, California which was working on “autopilot”, which crashes into things and leaves the owner liable. The “job creator” destroyed 200 jobs before breakfast that day.
Most of the complaints people have are with their Apple Carplay or Android Auto not working properly, on vendors that support it, but Tesla owners are basically stuck with some custom thing that hasn’t improved much at all since 2014, which also malfunctions.
Microwave superconducting quantum interference device (SQUID) multiplexing technology development for future x-ray observatories
Security updates have been issued by Debian (firefox-esr, isync, kernel, and systemd), Fedora (chromium, curl, firefox, golang-github-vultr-govultr-2, and xen), Mageia (openssl, python-bottle, and python-pyjwt), Red Hat (compat-openssl10, curl, expat, firefox, go-toolset-1.17 and go-toolset-1.17-golang, go-toolset:rhel8, kernel, kpatch-patch, libarchive, libgcrypt, libinput, libxml2, pcre2, php:7.4, php:8.0, qemu-kvm, ruby:2.6, thunderbird, and vim), and Ubuntu (curl, libjpeg6b, and vim).
Andrew Appel has a long analysis of the Swiss online voting system. It’s a really good analysis of both the system and the official analyses.
If I can shop and bank online, why can’t I vote online? David Jefferson explained in 2011 why internet voting is so difficult to make secure, I summarized again in 2021 why internet voting is still inherently insecure, and many other experts have explained it too. Still, several countries and several U.S. states have offered e-voting to some of their citizens. In many cases they plunge forward without much consideration of whether their e-voting system is really secure, or whether it could be hacked to subvert democracy. It’s not enough just to take the software vendor’s word for it.
Switzerland is a country that wanted to do it right, fumbled, and in the process learned that an important part of getting it right is a careful (and expensive) study, that’s independent of the vendor selling the system, and independent of the governmental body that’s purchasing the system. The study wasn’t particularly expensive—about half a million Swiss francs, which is about half a million US dollars—but that’s half a million that most U.S. states or other countries have not spent before rushing to deploy a system. After the study, the Swiss government’s conclusion was, “The e-voting system currently being developed by Swiss Post has been significantly improved. However, further developments, some of them substantial, are still required.”
Original release date: July 1, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
Security researchers have uncovered an unusually sophisticated malware that has been targeting small office/home office (SOHO) routers for nearly two years, taking advantage of the pandemic and rapid shift to remote work.
Such routers are rarely monitored or up-to-date, making them attractive targets for hackers to reach adjacent corporate networks. According to Lumen’s Black Lotus Labs, this sophisticated campaign “has been active in North America and Europe for nearly two years beginning in October 2020.”
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window.
"Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more," Cybereason said in a report.
Evidence indicates the ransomware strain was still in development as recently as February 2022, and only started to be used in attacks starting April after it was advertised on underground forums with an intent to buy and monetize corporate network access for a share of the profits.
Similar to other ransomware operations, Black Basta is known to employ the tried-and-tested tactic of double extortion to plunder sensitive information from the targets and threaten to publish the stolen data unless a digital payment is made.
A new entrant in the already crowded ransomware landscape, intrusions involving the threat have leveraged QBot (aka Qakbot) as a conduit to maintain persistence on the compromised hosts and harvest credentials, before moving laterally across the network and deploying the file-encrypting malware.
Microsoft already (says) they apply both laws to anyone using their products. Can you imagine how much worse Microsoft could be without them?
It’s 2022 and women can see a witch doctor in an app and tell the state when she’s ovulating as evidence for her abortion trial.
An app called “Stardust” says it is an “astrology based period tracker”.
When Houston resident Lauren Price read the leaked draft of the Supreme Court ruling that overturned Roe v. Wade, she emailed her period-tracking app’s customer support team to ask how they were protecting her personal health information.
The Montrose resident, 37, is an activist and data specialist for a local school district, so she worried that law enforcement or others might seek out data while investigating whether someone had an illegal abortion. The prospect is of particular concern in Texas, where a state law allows private citizens to collect a $10,000 bounty in lawsuits against anyone who aids or abets the procedure.
When Price never heard back from that company – Kindara – she decided to stop using the app.
With many activities carried out in the business environment taking place digitally, the amount of sensitive and confidential data that organizations use and store is also increasing. The protection of private data in medical fields, which can be considered as one of the most sensitive of these data, has also gained great importance. In this direction, organizations continue to make efforts to keep their data at the highest level of security.
On Wednesday, June 29, 2022, Wai Phyo Myint, our Asia Pacific Policy Analyst, addressed the United Nations (U.N.) Human Rights Council regarding the escalating digital threats faced by the people in Myanmar during the Interactive Dialogue with the U.N. Special Rapporteur on Myanmar
Myint highlighted how targeted communications blackouts are being used by the military junta in regions where people’s resistance has been most intense. She illustrated why losing connectivity in Myanmar is life-threatening – because people cannot get critical information for their safety, contact their families, or expose serious human rights violations.
In her oral statement, Wai Phyo Myint also raised the alarm that the military could be requiring the (International Mobile Equipment Identify) IMEI number of phones to be registered. Linking data from IMEI number and SIM card registration will potentially give the military the power to collect data needed to track and locate people anytime they want.
This past Monday June 27th, Concurrences partnered with the Computer and Communications Industry Association (CCIA) to present an event titled Rulemaking Authority of the Federal Trade Commission. This event focused on the rulemaking authority of the Federal Trade Commission (FTC) as the agency seems to be tipping away from the economics-driven antitrust enforcement of the past 40 years and more towards neo-brandeisian policies. The event also included the presentation of a new publication, Rulemaking Authority of the US Federal Trade Commission, which analyzes the “myriad questions raised by the prospect of notice-and-comment rulemaking to make major changes in antitrust law.”
Of primary concern in this debate was the overall role of the FTC, its balance of rulemaking and case-by-case antitrust adjudication, its relationship with Congress, and finally the agency’s potential pursuit of problems in the economy outside of the realms of antitrust.
Throughout the event, panelists warned of the misuse of guidelines and rulemaking by the Commission and weighed in on the potential harmful effects of the American Innovation and Choice Online Act (S.2992 or AICOA).
[...]
In contrast, Richard Pierce, Professor of Law at George Washington University, argued that the FTC should rely on the tools it knows how to use best. “There are incremental ways of improving antitrust law that can improve it greatly. Go for the kinds of changes where you have solid empirical support for what you want to do.” Many panelists throughout the day warned of passed rules and the FTC itself falling prey to partisan activity upon the change of leadership. Maureen Ohlhausen, Partner at Baker Botts, asserted “the way the FTC has changed antitrust law is through case-by-case adjudication, a solid record of solid enforcement based on evidence.” Ohlhausen emphasized that this takes time and patience, but the FTC was created to make that sort of change. James Rill, Senior Counsel at Baker Botts, echoed Ohlhausen’s point, stating that “we have an evolutionary aspect to antitrust and it is complex and takes time. We trade off the difficulty of the method for the building of a proper foundation in time.”
The first edition of the challenge consisted into spending a week (during your non-work time) using an old computer, the recommended machine specifications were 1 core and 512 MB of memory at best, however some people enjoyed doing this challenge with other specifications and requirements, and it's fine, the purpose of the challenge is to have fun.
While experimenting the challenge last year, a small but solid community gathered on IRC, we shared tips and our feelings about the challenge, it was very fun and a good opportunity to meet new people. One year later, the community is still there and over the last months we had regular ideas exchange for renewing the challenge.
I didn't want to do the same challenge again, the fun would be spoiled, and it would have a feeling of déjà vu. I recently shared a new idea and many adopted it, and it was clear this would be the main topic of the new challenge.
I really appreciate all the ways community is built into the fabric of geminispace. It's nice being able to search for an article and see right there what pages referenced it and continued the conversation. I like all the aggregators that have popped up and let me engage with gemlogs I probably wouldn't have found on my own. I love that it's all built out of long established technologies (all you need is an atom XML).
According to my git logs I switched to Vim about six years ago. It was probably initially an experiment to see "how the other side lived" that became permanent once I fell in love with its operation. Vim clicks with me because at it's core it is a large collection of verbs that can act on a smaller collection of nouns (words, paragraphs, code blocks, etc). Learning it is a lot more like learning a spoken language than a collection of keybinds.
So I decided to go dig in the Lisp 1 Programmer's Manual (1960) and the Lisp 1.5 Programmer's Manual (1962). I'm sure there's lots of computing history buried in those pages, from how real programming on the IBM 704 is done to how they made a full-featured interpreter and self-hosted compiler work on such a system. But we don't have time for that, so I just grepped for “association list” and “property list”.
It works on the fact that kamalatta.ddnss.de keeps a list of work- ing gopherholes. This script downloads the list, and picks one at random using the shuf command.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.