Release of nftables 1.0.5: https://www.mail-archive.com/netfilter-announce@lists.netfilter.org/msg00246.html
Google has expanded the program to stimulate the detection of vulnerabilities in the Linux kernel https://security.googleblog.com/2022/08/making-linux-kernel-exploit-cooking.html
The Linux kernel reveals exploited vulnerabilities in POSIX CPU timer, cls_route and nf_tables https://www.openwall.com/lists/oss-security/2022/08/09/6
Open-based Heroes of Might and Magic 2 - fheroes2 - 0.9.18 [...]
SQUIP - an attack on AMD processors that leads to data leakage through third-party channels https://stefangast.eu/papers/squip.pdf
Release of GNU Binutils 2.39: https://www.mail-archive.com/info-gnu@gnu.org/msg03078.html
Learn how to build an open-source startup from the founders of Chronosphere, Vercel, MongoDB, DBT, mobile.dev and more!
Midjourney is macOS and DALL-E is the Linux CLI.
The obvious question for both beginners and experts is, “What’s the difference?”
The easiest way to answer that is to say that Midjourney is like using a Mac. And DALL-E is like using the Linux command line.
Grafana Annotations have long been one of those 'I should look into this sometime' Grafana features that seemed potentially useful but not immediately compelling, and also a bunch of work to set up. Recently I learned (or re-learned) that you can dynamically generate annotations from Prometheus metrics and other data sources, and spent some time experimenting with this, not always successfully. As a result, I have some notes and some opinions. I'll start with the bad news.
Grafana has two sorts of annotations, basic ones that are a single point in time (for example, 'a new configuration was deployed at this time') and region annotations, which cover a span of time (for example, 'an alert was firing'). Unfortunately, you can't currently generate region annotations from Prometheus metrics; if you try, for example by setting an annotation on the Prometheus 'ALERTS' metric (as the Grafana UI for Prometheus based annotations will lead you to try), the results are unpleasant. The only Prometheus based annotations you can use are single point in time ones. Generally this means that you want a Prometheus metric that is the time something happened, such as when a host rebooted (ie, node_boot_time_seconds) or an alert started (the ALERTS_FOR_STATE metric). Because Grafana deals in milliseconds, you need to multiply these 'time in seconds' metrics by 1000. There's a helpful tooltip in the Grafana UI to remind you of this.
In ZFS, a DVA (Device Virtual Address) is the equivalent of a block address in a regular filesystem. For our purposes today, the important thing is that a DVA tells you where to find data by a combination of the vdev (as a numeric index) and an offset into the vdev (and also a size). This implies, for example, that in mirrored vdevs, all mirrors of a block are at the same place on each disk, and that in raidz vdevs the offset is striped sequentially across all of your disks.
Recently I got confused about one bit of how DVA offsets work on raidz vdevs. On a raidz vdev, is the offset an offset into the logical data on the vdev (which is to say, ignoring and skipping over the space used by parity), or is it an offset into the physical data on the vdev (including parity space)?
This post will explore the various applications of R and show what you can accomplish with it after learning it.
Because the event is located in another country, many hours of travel away, there are a couple of scenarios where remote control of my home router can be a life-saver. For example, should my home router crash, remotely turning power off and on again gets the event back online.
But, power-cycling a machine is a pretty big hammer. For some cases, like locking yourself out with a configuration mistake, a more precise tool like a remote serial console might be nicer.
In this article, I’ll present two cheap and pragmatic DIY out-of-band management solutions that I have experimented with in the last couple of weeks and wanted to share: [...]
As a Linux geek, you are not satisfied with one operating system. You need divisions on your hard disk called partitions to install multiple distributions. Partitions behave as separate hard disks letting you use each sector individually.
Fdisk command enables you to create and manage partition tables. In this tutorial, we will learn about fdisk commands in Linux and perform operations on the hard disk.
REMI is a third-party repository that provides us with the latest PHP versions on RHEL-derived systems. However, it is not only limited to PHP but also many of its modules. Being an active PHP developer, you must enable this repository almost mandatory. An excellent aspect of the repository and its creator is that it is very well documented, so even a newbie can set it up and update their system in no time. Another great thing about this repository is its frequent updates, which means you’ll always have access to the latest versions of PHP and its modules. So if you’re looking for a reliable way to keep your system up-to-date, REMI is worth checking out.
In the following tutorial, you will learn how to import the Remi Repository on AlmaLinux 9 for users who prefer to install the latest version of the PHP branch installed on their system using the command line terminal.
In this series, I'm developing several scripts to help in cleaning up my music collection. In the last article, I used the framework I created for analyzing the directory and sub-directories of music files and carried out the analysis with the fine open source JAudiotagger library to analyze the tags of the music files in the music directory and subdirectories.
PostgreSQL is a robust, stable, and reliable open-source database management system that has been in use for over 20 years. It’s backed by an active community of developers who contribute their time and expertise to its development, resulting in higher levels of resilience, integrity, and correctness. PostgreSQL powers many web applications, including those from Google Earth Engine Geospatial data. Its feature set, performance, and stability make it an ideal choice for mission-critical applications. PostgreSQL’s support for SQL standard compliance ensures compatibility with various software tools. In addition, its extensibility features allow developers to add custom functionality to meet the needs of specific applications. As a result, PostgreSQL is well-suited for a wide range of workloads.
In this tutorial, we will show you how to install Arduino IDE on Linux Mint 21. For those of you who didn’t know, Arduino is a widely-used, open-source electronics platform used to create devices that interact with their environment using sensors and actuators. It consists of a programmable hardware board and a software (Integrated Development Environment) for writing and uploading programs to the board. Arduino runs on Linux, Windows, and macOS, and Linux.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Arduino IDE on Linux Mint 21 (Vanessa).
We operate a variety of websites and services that are known to users under general names (such as the website 'support.cs') but which are implemented by specific, known machines, such as our primary web server. When we do Blackbox external checks on these services, we have to do it under their general name, and by default this generic name will flow through to our "host" label. In turn, this means that if something happens to a machine (such as its Apache stopping responding), by default we'll get a number of alerts about different nominal hosts.
[...]
Sadly, I suspect that this is a sufficiently obscure or unpopular usage that Prometheus isn't likely to support it. There's also no obvious syntax or small feature addition that could do it, especially if you want to use a file for the mapping table. YAML does have a syntax for maps (aka dictionaries), so you could at least write an inline regex_map YAML map that had a bunch of regexs as the keys and then replacements as the values, but that doesn't fit nicely in with how the replacement attribute is defined.
In recent years, a few significant players have dominated the landscape of web browsers. However, many viable alternatives are still available for those looking for something different. One of these is Otter Browser, based on the open-source Chromium project. Otter Browser strives to recreate the best aspects of Opera 12, focusing on providing powerful features for power users. At the same time, it remains fast and lightweight, making it a good choice for those looking for an alternative to mainstream browsers. If you’re tired of using the same old browsers, Otter Browser may be worth checking out.
The following tutorial will teach you how to install Otter Browser on Fedora 36 Linux using the command line terminal.
The Wine development release 7.16 is now available.
What's new in this release: - Wow64 support in X11 driver. - Session storage in MSHTML. - Unicode regexp fixes in MSXML. - IME improvements in Edit control. - Various bug fixes.
The source is available at:
https://dl.winehq.org/wine/source/7.x/wine-7.16.tar.xz
Binary packages for various distributions will be available from:
https://www.winehq.org/download
You will find documentation on https://www.winehq.org/documentation
You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.
Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
I know some hardcore privacy enthusiasts question if DuckDuckGo is really as private as it claims.
We don't like AppArmor, in large part because it doesn't work in our environment; the net effect of allowing AppArmor to do anything is that periodically various things break mysteriously (for instance, Evince stops working because your $XAUTHORITY is on an NFS mounted filesystem).
The idea of Linux phones had been at least somewhat popularized at that point with the earlier announcement of the Librem 5, but the Pinephoe was far more affordable, and it would be hitting the market well before the Librem 5. I got it as a Christmas gift from my wonderful mother. Unfortunately, this was amidst my hellish time as an undergrad, so I didn't have the time to fully buy into swapping over my mobile compute stack. So it waited until I graduated. I actually am somewhat happy that I waited, though, because the software situation is much better today than it was three years ago.
Amid the many wonderful form factors being explored by the makers of cyberdecks, there’s one that’s emerged which harks back to an earlier generation of portable computers: the handheld pad with a keyboard. These units are typically around the size of a hardback book, with the upper half being a screen and the lower a keyboard. The latest to come our way is from [Richard Sutherland], and it’s a very tidy pad computer indeed.
During my most recent hospitalization, besides making a video about the IV pump, I was messing around with a Raspberry Pi 4G LTE router project I could stash in my hospital go-bag (I am hospitalized about 2.5x per year, on average).
This blog post explains how to setup Fedora 36 to use a SSD1306 OLED connected through I2C.
After playing around a bit more with this C64 I think it is time to put it back together. The plastics were a bit grubby to say the least, so they have been put in sink and gently scrubbed to clean them off. The metallic cardboard shield I have decided not to put back in, as I tried to clean that I found that I was going to damage it more than fix it. This is inside the case now.
Hello all and welcome back to another Friday Product Post here at SparkFun Electronics! It's the last full week of August and we are hard at work with a lot of new boards that will be releasing in the coming weeks and months. In lieu of that, we have a bit of a lighter Friday post for you, with only two component products. The first of which is a compact, Wide Frequency Range Speaker option for your next audio project. Following that, we have a spool of two-conductor Hook-up Wire that can easily be used on any workbench or project station. And that's it! With that, let's jump in and take a closer look at both of this week's new products!
No matter what the job at hand is, if you’re going to tackle it, you’re going to need the right kit of tools. And if your job includes making sense out of any of the signals in the virtual soup of RF energy we all live in, then you’re going to need something like the FISSURE RF framework.
Open source is coming for your business. It is just a matter of time before there exists a compelling open source alternative to your software. It won’t happen overnight, it will start out as a poor alternative, but slowly growing to become the robust and cheap (in fact, free!) solution that everyone uses.
In this blog post, I’ll prove this to you with data. I present a measurement I call “Time Till Open Source Alternative” (TTOSA) which represents how long a proprietary software lasted without a direct open source alternative.
powerctl is a little weekend project I put together to provide a simple tool for managing power states on Linux. I had previously put my laptop into suspend with a basic “echo mem | doas tee /sys/power/state”, but this leaves a lot to be desired. I have to use doas to become root, and it’s annoying to enter my password — not to mention difficult to use in a script or to attach to a key binding. powerctl is the solution: a small 500-line Hare program which provides comprehensive support for managing power states on Linux for non-privileged users.
I’ve been saying that complexity is the worst enemy of security for a long time now. (Here’s me in 1999.) And it’s been true for a long time.
When you read code, you’re often reading the finished product - edge cases, error handling, and more that obscure the main idea.
Decompilers are essential tools for researchers. They transform program binaries from assembly code into source code, typically represented as C-like code. A researcher’s job starts where decompilers leave off. They must make sense of a decompiled program’s logic, and the best way to drill down on specific program paths or values of interest is often pen and paper. This is obviously tedious and cumbersome, so we chose to prototype an alternative method.
Using rational arithmetic, OpenTally e825ca1 processes the 3,821,539-vote 2022 Australian Senate election for Victoria in a mean 11.34 (95% CI €± 0.03) seconds on my Intel i5-7500. This week I put some time into cutting this figure down.
Starting October 26, 2022, we will begin deleting inactive accounts and associated storage for accounts that have been inactive for over a year. Starting November 28, 2022, we plan to stop offering free product plans and plan to start shutting down free dynos and data services. We will be sending out a series of email communications to affected users.
A few weeks ago, I learned that the IndieWeb community aims to archive all of the Etherpad documents from meetups on the wiki. Etherpad documents are made available at online meetups so participants can document ideas and what happened in the call. Archiving these documents to the wiki makes them easily searchable and ensures their contents are preserved not only in a document that could be edited further down the line.
The Oktoberfest in Munich, also called “Wiesn” in the local Bavarian dialect, is the world’s largest Volksfest. It had been cancelled for the last two years due to COVID-19. Stakes are running high whether it should be cancelled again this year. To get some perspective, read on!
If you are interested to learn more about data science, you can find more articles here finnstats.
Difference Between cat() and paste() in R, you can concatenate strings together using both the cat() and paste() functions, however, they differ differently in the following ways:
In April 2022, the RFC related to the small file “security.txt” was released[1]. It was already popular for a while, but an RFC is always a good way to “promote” some best practices! If you're unaware of this file, it helps to communicate security contacts (email addresses, phone, ...) to people who would like to contact you to report an issue with your website or your organization. This security.txt file was deployed on my websites for a while, and I never really paid attention to its popularity. The ISC also has its one[2].
Following up on my previous posts, I've finally gotten to the part of the actual streaming (which includes muxing). It's not super-broad over all possible clients, but it probably gives enough information to tell roughly where we are.
First, the bad news: There is no iOS support for AV1. People had high hopes after it turned out the latest iOS 16 betas support AVIF, and even embedded a copy of dav1d to do so, but according to my own testing, this doesn't extend to video at all. Not as standalone files, not as <video>. (I don't know about Safari on macOS; I haven't tested.)
Having a smaller website makes it load faster — that's not surprising.
What is surprising is that a 14kB page can load much faster than a 15kB page — maybe 612ms faster — while the difference between a 15kB and a 16kB page is trivial.
This is because of the TCP slow start algorithm. This article will cover what that is, how it works, and why you should care. But first we'll quickly go over some of the basics.
Over the years the ROS-I open source project and within the ROS-Industrial Consortium the creation of frameworks that enable new application development have become a standard approach to enable rapid extensibility from an initial developed application. After numerous conversations with end-users, other technical contributors, it seemed that there was an interest in looking at some of the capabilities within the ROS and ROS-I ecosystem to create a framework that seeks to take advantage of high Degree of Freedom systems and optimization based motion planning to bring a one stop shop in additive manufacturing planning and application.
The problem with the Unix lowest-common-denominator model is that it pushes complexity out of the stack and into view, because of stuff other designs _thought_ about and worked to integrate.
It is very important never to forget the technological context of UNIX: a text-only OS for a tiny, already obsolete and desperately resource-constrained, standalone minicomputer. It was written for a machine that was already obsolete, and it shows.
No graphics. No networking. No sound. Dumb text terminals, which is why the obsession with text files being piped to other text files and filtered through things that only handle text files.
While at the same time as UNIX evolved, other bigger OSes for bigger minicomputers were being designed and built to directly integrate things like networking, clustering, notations for accessing other machines over the network, accessing filesystems mounted remotely over the network, file versioning and so on.
Unfortunately. I derped a little bit. While I was working on it, I accidentally copied some source files from my Swedish website to this website. The mistake itself was quick and easy to revert. The real issue was that I accidentally published several hundreds of ‘new’ posts here, in Swedish.
The drone conference 2022 held in Zimbabwe had a number of outstanding presentations and even more so, the most impressive collection of drones yet. Here we have a First Person View (FPV) drone pilot and one very agile drone.
FPV drones are primarily used for recreation in drone racing and time attacks through obstacle courses. They are also used in film and content creation when filming high agility scenes that regular film and recreational drones cannot tackle.
I'm a huge fan of the US Braille Institute's Atkinson Hyperlegible font. This blog is typeset in it, and I think it looks gorgeous. It's also specifically designed to be readable to people with visual impairments: [...]
According to the authors of the report, from Web of Science owners Clarivate, it is becoming increasingly difficult to root out citation gaming when it involves multiple players.
Nandita Quaderi, editor-in-chief of Web of Science, told Times Higher Education that since 2005 it had suppressed metrics on journals whose data suggested abnormal rates of citation between articles in the same publication.
It has also taken action where its analyses had indicated evidence of “citation stacking”, where referencing activity involving more than one journal was deemed to be unusual.
But, Dr Quaderi warned, “what we are seeing more of now is much more subtle behaviour. Back in 2005 it was quite easy to detect these because the behaviour [was] rare and it was blatant. And it is getting harder now to make those calls because it is becoming more sophisticated.”
After nearly 20 years of development, a small remote-controlled surgery robot is preparing to join the most exclusive medical arena currently known: the International Space Station (ISS).
In partnership with robotics company Virtual Incision, engineers at the University of Nebraska-Lincoln have devised a narrow robot that helps medical professionals conduct surgical procedures from afar. MIRA, short for “miniaturized in vivo robotic assistant,” can be controlled remotely and even perform surgery autonomously. And thanks to a $100,000 grant from NASA, it could be proving its chops in space in as little as two years.
If the quantum computing era dawned 3 years ago, its rising sun may have ducked behind a cloud. In 2019, Google researchers claimed they had passed a milestone known as quantum supremacy when their quantum computer Sycamore performed in 200 seconds an abstruse calculation they said would tie up a supercomputer for 10,000 years. Now, scientists in China have done the computation in a few hours with ordinary processors. A supercomputer, they say, could beat Sycamore outright.
“I think they’re right that if they had access to a big enough supercomputer, they could have simulated the … task in a matter of seconds,” says Scott Aaronson, a computer scientist at the University of Texas, Austin. The advance takes a bit of the shine off Google’s claim, says Greg Kuperberg, a mathematician at the University of California, Davis. “Getting to 300 feet from the summit is less exciting than getting to the summit.”
Researchers from North Carolina State University have developed a wireless system that uses radio transmitters and receivers to estimate soil moisture in agricultural fields at multiple depths in real time, improving on existing technologies that can be used to inform irrigation practices that both improve crop yield and reduce water consumption.
“Estimating soil moisture is important because it can be used by growers to irrigate their fields more efficiently – only irrigating fields when and where the water is needed,” says Usman Mahmood Khan, first author of a paper on the work and a Ph.D. student at NC State. “This both conserves water resources and supports things like smart agriculture technologies, such as automated irrigation systems. What’s more, conserving water resources can also help reduce carbon emissions, because less energy is used to pump water through the irrigation system.”
Wooden objects are usually made by sawing, carving, bending or pressing. That’s so old school! Today, scientists will describe how flat wooden shapes extruded by a 3D printer can be programmed to self-morph into complex 3D shapes. In the future, this technique could be used to make furniture or other wooden products that could be shipped flat to a destination and then dried to form the desired final shape.
The researchers will present their results at the fall meeting of the American Chemical Society (ACS). ACS Fall 2022 is a hybrid meeting being held virtually and in-person Aug. 21–25, with on-demand access available Aug. 26–Sept. 9. The meeting features nearly 11,000 presentations on a wide range of science topics.
A wearable sensor developed by researchers at the California Institute of Technology can detect amino acids and certain vitamins in small amounts of human sweat.
The technology features molecularly imprinted polymers that act as reusable antibodies, overcoming the challenges associated with previous sweat sensors that use antibodies (which can be used just once) to detect compounds at low concentrations.
Researchers at Radboud University in the Netherlands have developed technology that can “read minds” by turning a person’s neurological activity into stunningly accurate pictures.
Sadly, I fear that source projects are both unable to attend GHC and GHC seems unable to accommodate the budgets of non-profits. If GHC truly wants to serve its attendees, give out booths to non-profits at a token price, say $50.
I also see OSCON going the same way. They are getting very picky as to who they want at their conferences.
As students return to the classroom, school districts across the country are facing a historic number of teacher vacancies – an estimated 300,000, according to the National Education Association (NEA), the largest U.S. teachers union.
We like big keyboards and we cannot lie, and we’ve seen some pretty big keyboards over the years. But this one — this one is probably the biggest working board that anyone has ever seen. [RKade] and [Kristine] set out to make the world’s largest keyboard by Guinness standards – and at 16 feet long, you would think they would be a shoe-in for the world record. More on that later.
Making machines go fast has always been a seemingly unavoidable impulse for humans. With the advent of radio control, it’s possible to get a taste of the rush without putting your life and too much money on the line. In the spirit of speed, [James Whomsley] strapped a jet turbine engine to an RC car, and learned some hard lessons along the way.
The GK3V is a Mini-PC equipped with the Celeron N5105 processor along with Intel’s UHD Graphics 24EUs. The device supports Wi-Fi6/BT 5.0, dual 4K displays via HDMI ports and customizable SSD storage.
The GK3V comes with the Celeron N5105 processor which features a max frequency of 2.9GHz. The base model comes with 8GB of RAM and 128GB SSD storage. The product also includes a Micro SD card slot for extra storage.€
The short summary of U.2 is that it's NVMe drives in more or less the 2.5" SSD form factor (although according to Wikipedia, U.2 can also deliver two SATA lanes), with a different edge connector. Our recent experience with some U.2 based servers says that this works; our U.2 NVMe drives in drive carriers look and handle basically the same as SATA SSDs in drive carriers in other servers. To tell them apart, you have to either look at the back of the drive where the connectors are or notice the big 'NVMe' sticker on the front of the drive carrier.
Material matters. You can have one of the best 3D printers on the market, use all the right settings in your slicer and end up with horrible output or a complete failure if you use sub-par filament.
The best filaments can not only provide good adhesion, with tangles or clogging, but also make models with sharp edges, vibrant colors and a durable feel. We’ve burned through cases of filament on dozens of printers using both Bowden and direct drive extruders.
We love filament, and we’ve tried scores of rolls to help you find the best.
Expensive, heavy, poor battery life, right? Wrong! Many gaming laptops are none of these things—in fact they’re ideal for students on the go
When it’s not just sticking fake gears on things and calling it a day, the Steampunk look is pretty cool. Imagining technology in a world stuck with Victorian aesthetics is a neat idea, and one that translates to the look of other time periods — Fallout, anyone?
Granted this has more to do with the precipitous decline of CD sales; vinyl isn’t approaching the peaks CDs were a few years ago. But it’s still floors me that this observation is true! It could be because people buy media to have a physical token of music they care about, and a large vinyl cover is far more compelling than a CD jewel case.
Clara and I started collecting CDs (albeit in folders) again recently once we started noticing more acts aren’t releasing them anymore. Our little sound system now plays CDs, LPs, cassettes, 45s, and Minidiscs, in descending order of how many we have of each type. I’d love a DAT player and a reel-to-reel, but even for a nostalgic fool like me it’s hard to justify when you only have two tapes of each!
Arctic Tern (and its associated soft-BMC Kestrel) is a product that's hard to describe just looking at it. Is it a boot accelerator? Is it a BMC replacement? Is it a development board? Is it OpenPOWER's answer to the Pi Nano? (Answers to pop quiz: yes (in the sense you get the BMC up quicker), yes, yes, and sort of but not really, since the clock speed is too low and it lacks some accoutrements.) Raptor's new manual should address some of these concerns, and particularly covers the worry I and others had about bricking our system trying to get it installed (disclosure: yours truly reviewed a pre-release copy and submitted comments). Yes, it does need a PCIe slot if you want it to act as a VGA controller or USB host device; yes, it comes with all the necessary cables, including a JTAG programmer; yes, it's compatible with the Blackbird; no, soldering isn't required. But the instructions that are there are step by step and copiously decorated with illustrative photographs such that anyone reasonably handy with their machine should be able to do it.
As you probably know, we love our clocks here at Hackaday. Odd display technologies are always interesting to see, as are unusual encoding techniques such as binary, ternary or higher-radix number systems. Still, clocks are typically meant to be human-readable, even if their encoding might be a little eccentric.
I can’t describe how much these useless, attention-seeking threads annoy me. And yes, I know they shouldn’t, and I should just ignore them and move on. But I can’t.
The irony of these posts is that they’re not helping a lot of people. For many, these “I’m doing great ner ner ne-ner nerrr” posts do nothing but kick people when they’re down.
Peter’s dilemma brought to my mind a term that has been used, in recent years, to describe the modern Internet user’s feeling that she must constantly contend with machine estimations of her desires: algorithmic anxiety. Besieged by automated recommendations, we are left to guess exactly how they are influencing us, feeling in some moments misperceived or misled and in other moments clocked with eerie precision. At times, the computer sometimes seems more in control of our choices than we are.
Since these are Zigbee, they follow the standard Zigbee pairing process making it so easy to connect to whatever platform you want!
Written in the Golang (Go) cross-platform programming language, the threat has the ability to reboot systems in safe mode and to stop server-specific processes and services.
Agenda targets Windows-based systems and has been used in attacks against healthcare and education organizations in Indonesia, Saudi Arabia, South Africa, and Thailand.
At a hacker conference held in the Netherlands last month, Karsten Nohl, founder of Berlin-based Security Research Labs, outlined how his team had breached live 5G networks in a series of “red teaming” exercises—where hackers are hired by a company to test their defenses. In most cases they were able to take control of the network, he says, potentially allowing them to steal customer data or disrupt operations.
SpaceX has launched a total of 3,009 satellites to low Earth orbit, building out a megaconstellation designed to beam down connectivity to even the most distant parts of the world. Starlink customers get a 19-inch wide Dishy McFlatface (a clever name bestowed upon the company’s satellite dish) to install on their homes, or even carry with them on the road.
In the late 1990s, we came to the realization that users were central to computer and information security. Ross Anderson famously argued that "the threat model was completely wrong" when referring to our historical focus on securing technical components while ignoring possible human mistakes. A large and growing body of research has subsequently attempted to study how people face computer security challenges. Studies in the adjacent field of information privacy revealed that user behavior is complex. People may profess caring about their privacy, but frequently end up making decisions that prove costly, for example, due to limited information or to behavioral biases that lead them to miscalculate long-term risks.
That growth is no surprise, with commonplace nation-state attacks on critical infrastructure and government data assets. The U.S. federal government and its agencies, with the aid of the Cybersecurity & Infrastructure Security Agency (CISA), are ramping up cyber defenses to combat disabling ransomware and complex attacks. They are using approved security products that the government and the military vet specifically for these purposes.
However, government organizations are not the only ones in jeopardy.
Global software company Elastic, which serves half the Fortune 500, says Andy Penn’s call for greater government investment in education is the bottom line for strengthening Australia’s cyber protections.
The fake was discovered by Nick Wilding, a history professor at Georgia State University who had uncovered other counterfeit Galileo works. He contacted UM officials in May about his concerns about Galileo's supposed original notes on the orbits of Jupiter's four moons. Galileo invented the telescope that helped him discover Jupiter's moons.
Wilding reached out to the UM's special collections library and curator Pedro Alvarez, who provided materials that led to the confirmation that the notes, previously thought to be the first observational data on objects orbiting a celestial body other than Earth, were a forgery.
After an internal investigation of the findings of a Georgia State University professor of history, the University of Michigan Library has concluded that its "Galileo manuscript" — for almost a century considered one of the jewels of the library’s collection — is not a document written by Galileo himself in 1609 and 1610 but a 20th-century fake, most likely executed by the well-known forger Tobia Nicotra.
Recently GitHub announced support for SSH key signing of commits, which is awesome! I followed the instructions to configure my git for SSH signing which was very straightforward. Went to create a commit to test the signing and was met with this error: [...]
This may be old news to some of you, but it's really disturbing how even how many security folks will follow a shortened link. It's enough of a problem that "de-fanging" links is a standard feature in many mail filter / anti-spam products.
Mr. Ogletree still complied with the request for a scan, which lasted from between 10 and 20 seconds up to a minute, court papers said. He then sued the school, which he still attends, claiming it had violated his Fourth Amendment right to privacy.
Judge Calabrese agreed in his ruling. “Holding otherwise, as Defendant argues, raises even more difficult questions about what legal standard, if any, governs the scans and the potential consequences of such a ruling in other areas of life and the law that technology touches,” he wrote.
The judge ordered attorneys for Mr. Ogletree and the university to discuss potential remedies in the case and to provide an update in September.
Analytics India Magazine caught up with Depoorter to understand what propelled him into this. Talking about The Flemish Scrollers, Depoorter said that he had this idea at the back of his mind for a long time. He wanted to do something with the live stream of his government. “Even before this, I had done a lot of projects with cameras that were connected to the internet without a password. Some of these connections would be open, and some secured with passwords. Hence, I use live streams in different art projects to bring awareness to cameras and cybersecurity.”
The short answer is no as Apple limits HomeKit Secure Video recording to events only. I think that’s a little silly considering HSV requires an Apple iCloud plan to store webcam footage.
A voice jammer can now stop anyone recording the speech of a single target person.
Voice jammers work much like noise-cancelling headphones, which effectively squash unwanted background sound waves out of existence by playing a copy of a background sound wave but with the wave pattern inverted. Such jammers generally stop electronic eavesdropping on conversations by broadcasting inverse sound waves that affect all microphones within earshot.
You won’t see a single Tesla cruising the glamorous beachfront in Beidaihe, China, this summer. Officials banned Elon Musk’s popular electric cars from the resort for two months while it hosts the Communist Party’s annual retreat, presumably fearing what their built-in cameras might capture and feed back to the United States.
Back in Florida, Tesla recently faced a negligence lawsuit after two young men died in a fiery car crash while driving a Model S belonging to a father of one of the accident victims. As part of its defense, the company submitted a historical speed analysis showing that the car had been driven with a daily top speed averaging over 90 miles per hour (145 kilometers per hour) in the months before the crash. This information was quietly captured by the car and uploaded to Tesla’s servers. (A jury later found Tesla just 1 percent negligent in the case.)
Meanwhile, every recent-model Tesla reportedly records a breadcrumb GPS trail of every trip it makes—and shares it with the company. While this data is supposedly anonymized, experts are skeptical.
[Mark J Hughes] volunteers as a part of a local community fire watch which coordinates by radio. The La Habra Heights region of Los Angeles is an area of peaks and valleys, which makes direct radio connections challenging. Repeaters work well for range improvement, but in such areas, there is no good place to locate these. [Mark] says that during an emergency (such as a wildfire) the radio usage explodes, with him regularly tracking as many as eight radio frequencies and trying to make sense of it, whilst working out how to send the information on and to whom.
“Plots against public officials and threats to the FBI are a disturbing extension of radicalized domestic terrorism that festers in our nation, threatening the very foundation of our republic,” Whitmer said.
The causes of the revenue crisis are varied. They include the government’s dependence on oil exports since production boomed in the 1970s, external shocks such as COVID-19 and the Russia-Ukraine war, corruption and oil theft, and an economic structure that’s incompatible with its rapidly growing population. Policy choices such as the ongoing petroleum subsidy have exacerbated the situation.
Nigeria has struggled to overcome the Boko Haram threat since it turned violent in 2011. Current conflict dynamics are even more worrying, with three active factions, significant external support, and an expansionist drive that has widened the geographical scope of the insurgency.
To make matters worse, the dilemma involving herdsmen is worsening. Some have evolved into violent criminal gangs, or bandits, who kill and kidnap Nigerians and sometimes foreign nationals. In the South of the country, violent secessionists are further stretching the capacity and resources of security personnel.
“The Rojava Revolution, which was realized under the leadership of the YPJ, with the toil of the people’s regions and the blood of dozens of internationalists, has always been a target of the occupying Turkish state. That fascist mindset has laid bare its aggressiveness by providing finance and support to DAESH (ISIS) mercenaries and targeting the prominent figures of the Rojava Revolution in occupation attacks. Through these attacks, the fascist Turkish state desires to avenge and revive ISIS.
The whole world knows that DAESH mercenaries were defeated under the leadership of the YPJ, and the Rojava Revolution grew even more with this victory.
The investigation sponsored by the Syrian British Consortium collected evidence and testimonies from witnesses of the atrocities committed by Bashar Assad’s forces in the Damascus suburb a decade ago, providing for the first time in-depth accounts of the killings of some 700 people.
In 2019, Turkey's Ministry of Education published an edition of a two-volume textbook called "Fundamentals Of Religious Knowledge – Islam II." The book, which is reportedly used in 12th-grade classrooms across Turkey,[1] includes a chapter about jihad that, among other things, says that: "All actions, including war, done to exalt the name of Allah (may his glory be exalted) are included in this concept [of jihad]... It can be performed by any means of the heart, tongue, hand, or weapon that human action makes possible... Our ancestors, who saw martyrdom as one of the supreme stages, when they set out for jihad in the path of Allah, would say 'If I die, I will be a martyr; if I live, I will be a gazi [a fighter in a holy war],' and in saying so they never held back from sacrificing their lives." In 2019, over 891,000 students graduated from high school in Turkey, while in 2020, 894,100 students did the same.[2]
It is not unusual for the so-called refugees to be well-dressed, equipped with smartphones, healthy and originating from countries where there is no war. Obviously, they are relatively resourceful people in search of a more comfortable existence, while real refugees are suffering on the ground in war zones and urgently need help. The so-called refugees enrich the criminal trafficking mafias.
The Space Force has conducted a demonstration using dog-like quadruped unmanned ground vehicles (Q-UGVs) for security patrols and other repetitive tasks. The demonstration used at least two Vision 60 Q-UGVs, or "robot dogs," built by Ghost Robotics and took place at Cape Canaveral Space Force Station on July 27 and 28.
According to a statement (opens in new tab) from the Department of Defense, Space Launch Delta 45 will use the robot dogs for "damage assessments and patrol to save significant man hours." The unit is responsible for all space launch operations from Kennedy Space Center and Cape Canaveral.
With the threat of a nuclear conflict believed to be at its highest level since the Cold War amid growing tensions between the U.S. and Russia—which together possess more than 90% of the world's nuclear weapons—the 191 parties to the nonproliferation treaty (NPT) attempted over the past several weeks to negotiate a deal reaffirming and strengthening the document's core objectives.
"As a result of periodic shelling, the infrastructure of the station has been damaged,"€ Energoatom said in a statement, cautioning that "the fire hazard is high" and that the plant "operates with the risk of violating radiation and fire safety standards."
Zuckerberg’s deployment of algorithms to please the F.B.I. is a glaring example of how billionaires and government work together to control information in an oligarchy.
In his presentation, Ok went into the developments of the past 5000 years and reported on dam projects and the displacement of the Kurdistan population, especially since the 1990s. The destruction of nature and culture is a central element of the warfare by the Turkish state. Kurdistan, in the state’s view, should be depopulated.
Williams described “many conflicts” with foreign industrial trawlers that are capable of catching hundreds of times more fish than artisanal canoes. About 75% of the foreign industrial trawlers fishing near Sierra Leone are from China, according to the European Union.
David Battisti answers questions about a new climate study that has stark warnings about dangerous heat in the future.
This document describes the command/response protocol currently used in the management of Uninterruptible Power Supply (UPS) units and other power devices often deployed in small offices and in IT installations subject to an erratic public power supply. The UPS units typically interface to an Attachment Daemon in the system they protect. This daemon is in turn polled by a Management Daemon that notifies users and system administrators of power supply incidents and automates system shutdown decisions. The commands and responses described by this document are exchanged between the UPS Attachment Daemon and the Management Daemon. The practice current when this protocol was first developed risks weak security, and this is addressed in the Security Considerations sections of this document.
[...] UPS systems are divided into three types based on how power flows through the unit: standby, line-interactive and online double-conversion.
All three basic uninterruptible power supply (UPS) technologies have their place in protecting today’s distributed IT infrastructure especially on the network edge. Each technology has its advantages and each may be necessary for configuring cost effective power protection, especially in complex systems. Selecting a UPS for your particular application requires an examination of a number of factors. The load size, location and criticality of the equipment to be protected are key, as well budgetary considerations, when choosing a UPS for power backup.
The three major types of UPS system configurations are online double conversion, line-interactive and offline (also called standby and battery backup). These UPS systems are defined by how power moves through the unit.
The Memorandum of Understanding (MoU) on energy cooperation that was recently signed between the European Union (EU), Israel, and Egypt at the East Mediterranean Gas Forum headquarters foresees the supply of Israeli gas through Egyptian LNG facilities to Europe. As provided in the MoU, the EU is committed to encourage European energy companies to engage in gas exploration tenders in Israeli and Egyptian maritime areas. To meet however enhanced export goals for Europe as Israel brings new fields online, Egypt should expand the capacity of its LNG facilities in Damietta and Idku by adding new liquefaction trains, a cost-effective enterprise that can be fulfilled within three years. Notably, Israel is estimated that it can export to Europe surplus gas of approximately 500 billion cubic meters (bcm) over the next two decades.
Edward J. Drake may not be a household name, but he made our modern households possible when he drilled the world's first oil well on August 27th, 1858. This Saturday, National Petroleum Day honors his contribution, as well as that of the countless innovations that flowed from that humble little well in Titusville, Pennsylvania producing just 25 barrels a day. Today the United States is the world's largest oil producer, producing roughly 12 million barrels of oil a day.€
Someday, maybe sooner than later, people building homes and offices may be able to 3D-print their roofs and walls using soil implanted with seeds – think oversized Chia Pets – thanks to new sustainability research at the University of Virginia.
You’ve probably seen buildings with rooftop gardens and terraces that support trees and grasses. It’s cumbersome for architects and builders to graft soil and plants onto steel and cement, although the environmental payoffs can be big. Gardens are natural insulators, soak up rain and provide green spaces for people, animals and pollinators.
Ji Ma, an assistant professor of materials science and engineering at UVA’s School of Engineering and Applied Science, wondered: “Why do we have to make it so that the structure or building is separate from the nature it sits in?”
Wouter wrote a post yesterday discussing being candid about pay, how pay structures work in academia, the inevitable comparisons that come up in the private sector. This is something I’ve been thinking about a lot again lately, but also in a broader context.
Money is a cell. It’s a store of energy that we charge with labour, investments, and other activities, then discharge on things we need and want. Clara and I are in the lucky position where we’re topping up and never reaching zero. Much of the world doesn’t (or can’t) live like this, as evidenced by payday loans, rolling credit card debt, and other predatory finance.
We humans tend not to share everything. Among the best kept—and probably most lied about—secrets is our salary, yet we still have the irresistible urge to brag and to compare. I was all the more surprised to stumble upon blogger and software engineer Jamie Tanna’s public salary history page that lists yearly salary amounts together with the companies he worked for and optional bonuses.
Jamie lives in the UK and worked for companies in London and Nottingham. It’s important to take this into consideration when looking at a table like that because getting paid €£70k sounds like an awful lot for just five years of experience—and it probably is—compared to average software engineering wages here in Belgium.
From groceries to rent, prices are rising on just about everything these days—and those with already-stretched budgets are feeling the pinch.
Government Executive reported Friday that "more than 200 post offices and other U.S. Postal Service facilities are set to shed some of their operations as soon as this year as the mailing agency seeks to consolidate those functions at larger buildings, according to documents shared by management."
"We can keep pushing," the New York Democrat wrote in an email to supporters. "Remember that the Biden administration didn't want to do this at all. It was YOUR pushing, YOUR pressure, YOUR organizing that got them to this point. They have forgiven far, far more debt for business owners in the form of [Paycheck Protection Program loans] who didn't need to meet ANY sort of income requirements or means testing for almost $1 TRILLION in forgiveness."
On August 24, the Biden White House announced its plan to provide relief for Americans carrying student debt. The amount of debt cancellation may be as much as $20,000 for Pell Grant recipients, and otherwise $10,000, in either case for individuals with annual incomes under $125,000 and married couples earning less than $250,000.
While Judge Kathaleen McCormick allowed the Tesla boss's team an opening to bolster its argument that Musk was misled, she chastised them for "absurdly broad" requests for "trillions upon trillions of data points."
The judge ordered Twitter to hand over data on 9,000 accounts the firm audited at the end of 2021, which opens the door...
As part of multiple covert campaigns, the troll farms were using deceptive tactics to promote pro-Western narratives to social media users in the Middle East and Central Asia. Two overlapping sets of accounts were removed in July and August 2022 by Twitter and Facebook parent Meta, Graphika and SIO report.
Zuckerberg said that MMA has replaced surfing and hydrofoiling for him when he is unable to be on his Hawaii ranch, which he obtained in part by suing native Hawaiians who had a claim to the land. While he mentioned training wrestling and jiu-jitsu, two of the three main constituent elements of MMA, in the interview, he didn’t mention whether he’s taken up any striking discipline.
This is the 50th anniversary of our Congress Project that profiled in detail members of Congress. No citizen group has ever done this before or since.
The same day as his historic inauguration on August 7, the newly-elected President of Colombia Gustavo Petro introduced his ambitious tax reform bill to Congress. The proposed legislation would collect $50 trillion Colombian pesos annually—approximately $12.5 billion USD—through a new, progressive tax system.€
The fatwa encouraging Mr. Rushdie’s murder, issued by then Iranian ruler Ayatollah Ruhollah Khomeini, is over 30 years old. But in that ruling one can see the seeds of the angry, almost gladiatorial tone in modern American public discourse that has led to moves to restrict the expression of opinions that cause offense – with the definition essentially left to those who say they feel offended.
That runs counter to the sort of society for which Mr. Rushdie advocated, along with dozens of other writers, in an open letter published two years ago in Harper’s Magazine.
President of Religious Affairs Ali Erbaà Ÿ wrote, "It is unacceptable to the imam-hatip schools and their members. I strongly condemn this."
The news signals the rise of artificial intelligence assisted cameras placed in delivery vehicles and the visceral push back against them. Motherboard previously reported on how similar cameras installed to monitor Amazon delivery drivers were punishing the workers for mistakes they didn’t make.
Since the U.S. Supreme Court overturned Roe v. Wade this summer, red states have rolled out a series of ever-harsher anti-abortion laws.
It’s been more than a year since the backlash against teaching U.S. students about racism began. Many administrators have borne the rage of (mostly) White parents angry because they perceive that their children are being taught they are racists (even though this is not what teachers have been doing). Many states have passed laws to prevent any instruction in schools about historical or structural racism.
Internet exchange points are an important part of the Internet, improving connections for people and businesses and helping economies flourish. A single Internet exchange point (IXP) can serve many communities, based on their digital market size and geographic limits. But in Africa, many on the continent are connecting to Internet traffic that zig zags between faraway places before it reaches them—and they’re paying a steep price for it, with costly, slow Internet connections.
Researchers at the Vienna University of Technology (TU Wien) and the University of Rennes have discovered a new method that allows Wi-Fi signals to penetrate walls more effectively, a development that could transform home broadband connectivity – as well as and 6G.
The Swedish Performing Rights Society, STIM, presents Cora Music, providing YouTubers unlimited access to a catalog of copyright-protected, high-quality music. For a monthly fee of €25, users can select from a broad music catalog and add tracks directly to their creative content with no additional costs or catches.
YouTubers have lots of pre-licensed song catalogs at their disposal. But PROs aren’t the ones offering them, and the content itself is rarely well known material.
Cora Music is based on a collaboration with record labels and publishers, allowing music creators and rights holders access to a previously untapped market. STIM says it’s the first rights collecting society worldwide to offer a broad selection of music in a one-stop-shop platform.
Meta released a demo of its conversational AI this week. The BlenderBot can engage in some clever discussions but also has a more devious side to it. As it turns out, the bot uses torrent sites to download content when it's not made available legally, and it also admits to streaming leaked movies.
This weekend has been a bit up and down. Being with family was nice and I did go out on the walks I promised myself I'd do. Unfortunately, my kidney has been acting up and causing me more pain than it has in a while. I can't really work out why.
Shohei Ohtani is a Japanese baseball player currently playing for the LA Angels. If you have no idea who this is, that's totally understandable. Until I started really watching baseball this year I also had no idea. However, now that I know, I feel like everyone should be aware of how incredible his man is.
I got some work setting up some servers recently from an old friend. He had me over to his house last night for dinner. Now, this is a guy that I know from a while back. We went to school together even. I'm going to throw him under the bus, just a little bit, so we'll just call him Wil here.
While we were growing up, we used to sit around, when we had nothing better to do, and listen to punk albums and sometimes play guitar together. Last night he put a few tracks on that we used to play together in a friend's garage. I'd not listened to much of this music in ten or even 15 years.
Wil's definitely into Apple products and had those big, thick fabric tubes that will play music wirelessly from your phone. I had to admit that it sounded nice. I don't ever remember turning up the Dead Kennedys that loud and the music still being so clear. Wil went on and on, like a guy like that does, about how you could hear the nuance in Klaus's bass playing. He wasn't wrong, you could. It was neat.
The sites served by Phoebe are now setup differently. There’s now a single ten year certificate in use for all the sites. The problem is, of course, what to do when I add a new domain. At the moment, this one certificate serves all the domains.
[...]
In any case… If you now visit transjovian.org:1965 with a web mega-browser like Firefox, it should refuse to load it because it doesn’t like the self-signed certificate. If you use a web browser like w3m, it still works; if you use a web browser like eww within Emacs, it should ask you whether you trust the certificate (and you should answer yes). For Firefox and the like, you need to visit transjovian.org:1966, and I’m now redirecting the default HTTP and HTTPS ports to 1966 because that’s where I’m using the web certificate I get from Let’s Encrypt and that’s the one Firefox trusts. Gaaaah.
I occasionally get feedback about my blog, most of the time people are impressed with the rate of publication when they see the index page. I'm surprised it appears to be huge efforts, so I'll explain how I work on my blog.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.