Bonum Certa Men Certa

Links 25/11/2022: Bugfixes in Linux and podlators 5.00



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • LWNLinux 5.10.156
        I'm announcing the release of the 5.10.156 kernel.
        
        

        All users of the 5.10 kernel series must upgrade.

        The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • LWNLinux 5.4.225
      • LWNLinux 4.19.267
      • LWNLinux 4.14.300
      • LWNLinux 4.9.334
    • Applications

      • PowerDNSPowerDNS Recursor 4.5.12, 4.6.5 and 4.7.4 Released | PowerDNS Blog

        Today we have released a maintenance release of PowerDNS Recursor 4.5.12, 4.6.5 and 4.7.4, containing fixes for a few minor issues. In particular, RPZ IXFRs now time out if the server becomes unresponsive. For more details on the other fixes, consult the changelogs available at 4.5.12, 4.6.5, 4.7.4.

        The source tarballs (4.5.12, 4.6.5, 4.7.4) and signatures (4.5.12, 4.6.5, 4.7.4) are available from our download server. Packages for various distributions are available from our repository.

        Note that PowerDNS Recursor 4.4.x and older releases are End of Life. Consult the EOL policy for more details.

    • Instructionals/Technical

      • ID RootHow To Install Webinoly on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install Webinoly on Ubuntu 22.04 LTS. For those of you who didn’t know, Webinoly is a free panel for Virtual Private Servers (VPS) that appears to be an extension of EasyEngine or WordOps. With Webinoly you can in just one step optimize the LEMP web server to manage your WordPress, PHP, or simple HTML.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Webinoly on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • Make Use OfHow to Convert Any Image to ASCII Art in the Linux Terminal

        ASCII arts are fascinating and provide a way to share images over low-bandwidth internet. Here's how you can convert any image to ASCII art on Linux.

        ASCII art is the oldest form of image representation online and existed long before the invention of the internet. It offers an easy, low-bandwidth way of rendering a graphical representation using characters, and is an art form in its own right.

        It's simple to convert an image into ASCII in your Linux terminal. Here's how to get started.

      • Linux Made SimpleHow to install Yomi Hustle on a Chromebook

        Today we are looking at how to install Yomi Hustle on a Chromebook.

        If you have any questions, please contact us via a Rumble comment and we would be happy to assist you!

      • It's FOSSHow to Merge PDF Files in Linux - It’s FOSS

        Got several PDFs on the same subject and now you want to combine them into a single PDF?

        Or perhaps you need to upload a single file consisting of different files? Many government and academic portals require that.

        As a Linux user, if you are in a situation where you need to merge PDFs, this tutorial will help you out.

    • Games

      • Positech GamesInertia scaling in Democracy 4 (new feature) - Cliffski’s Blog

        So the big question is… how long does it take for politics and society to convert someone from being hard right to hard left, or liberal to conservative? I have no definitive answer, but its a long time. Democracy 4 limits all inertia to a maximum value of 32, for technical reasons, which is 8 years. probably not long enough…

    • Desktop Environments/WMs

  • Distributions and Operating Systems

    • Open Hardware/Modding

      • Tom's HardwareRaspberry Pi Bird Cries When Users Leave Twitter | Tom's Hardware

        Raspberry Pi makes for a great notification platforms as it can be easily integrated with many APIs. Maker and developer Dr David Pride saw a glowing opportunity and seized the chance to make this clever Twitter-based project he dubbed “Bye-Bye Bird”. This project keeps him up to date on when his friends are leaving the social media platform with a tearful notification system.

        Dr Pride laser cut a board to resemble Twitter’s bird logo. Behind this bird is a Raspberry Pi that listens for Tweets using the #RIPTwitter hashtag. If it detects a tweet using this farewell hashtag, it triggers a system that causes the bird to release a single tear using a syringe of water.

      • EngadgetCritter - Guitari’s 201 Music Synthesizer is the long-awaited successor to its Pocket Piano | Engadget

        Like the Organelle, you can actually hack together your own patches for the 201 using Pure Data or Faust, but that's more of a nice bonus than the main selling point here. Under the hood of the 201 is a 900Mhz ARM processor with 512MB RAM, which should be plenty for most synth patches, but it's not quite as powerful as the Organelle M. The 201 also has a built-in speaker, a 1/4-inch stereo out jack, 1/8-inch MIDI in and out, USB-A for connecting MIDI controllers, and USB-C for accessing the files on the microSD card.

      • Tom's HardwareRaspberry Pi Pauses Ad Blocking with Big Red Button | Tom's Hardware

        Installing ad blockers on every machine has become somewhat of a standard for modern internet users. But makers in the Raspberry Pi community have found a way to stop them at the source with the advent of Pi-Hole. This is a system designed to stop advertisements at the DNS level on your network but what if you need to let them through for a little while? That’s where maker and developer Kris from Planet Kris comes in with his Pie Stop button project.

        To dig into this project, it helps to know how Pi-Hole works. Check out our guide on how to install Pi-Hole to get an idea of what the application does and how to set it up on the Pi. Unfortunately for Kris, Pi-Hole prevented critical access to important work-related websites. He didn’t want to remove the system so he opted to devise a way to temporarily disable Pi-Hole on his network.

      • SparkFun ElectronicsThe NVIDIA Jetson Nano is Coming Back! - News - SparkFun Electronics

        If you’ve been following or trying to get your hands on the NVIDIA Jetson Nano, then you’re probably aware that global supply chain constraints and component shortages hit hard last year. Since then, we’ve received an impressive number of backorders for our Jetson Products. Well, we’re here to deliver good news for all of you that have been waiting: We have Jetson Nanos that will be trickling in, starting after Black Friday!

        If you have a current backorder, we will do our best to get it fulfilled as soon as we can. For those who are interested in a new Jetson Nano 4GB, backorders are now open! We will make effort to keep you up-to-date on forthcoming ETAs. You may also notice the price of the Nano and its associated kits have gone up - this is unfortunately a necessary consequence of global supply chain changes. We hope you understand.

      • ArduinoDesigning a 3D-printed EMG bionic hand as a low-cost alternative to prosthetic limbs | Arduino Blog

        The cost of a new prosthetic arm can range from several thousand dollars to tens of thousands, putting them out of reach for many people. Ahmad Ikram recognized this need and decided to design and build a far cheaper, open source version that has myoelectric capabilities.

        To begin this project, Ikram decided upon using the InMoov 3D-printed arm design from French sculptor Gael Langevin due to it being easy to construct. The hand itself contains a single wire connected to each finger, while the other end gets wrapped around a servo motor horn so that the finger can bend whenever the serv moves. A Myoware muscle sensor is responsible for reading the electrical signals generated by muscle contractions and converting them into a readable analog voltage, which is read by an Arduino Nano’s analog pin.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Events

      • Daniel PocockViolence, sexism, racist harassment and physical abuse at FOSDEM, DebConf, FrOSCon, Debian, OSI

        FOSDEM organization is getting under way and volunteers have already started receiving anonymous threats and insults. This is not unprecedented and it is no surprise.

        At FOSDEM itself, the former president of Open Source Initiative showed the infamous slide with a cat behind bars. The woman is not a developer. She does not have money to pay developers. People don't consent to be in these experiments. Therefore, the picture implies some force is used to impose upon developers against our will. What she has illustrated here is a concentration camp. If she displayed this slide in Germany she could be prosecuted for glorifying the holocaust.

    • Productivity Software/LibreOffice/Calligra

    • Content Management Systems (CMS)

      • Extremely minimal blogging with WriteFreely: Dissociated Press

        WriteFreely is a “distraction free” blogging platform that people can follow on Mastodon, Pleroma or other ActivityPub services.

        It’s written in Go, and consists of a single binary that you can run alone or with a MySQL backend. (Uses SQLite if you don’t opt for MySQL, which is probably just fine for a single-user setup.)

        If you just want to test it out, you can set it up and start playing with it in just a few minutes. I slapped the binary on a test server and spun it up in single user configuration in less than five minutes.

        Configuring for multiple users and blogs might be a bit more complicated, but I suspect you could set up an instance for multiple users and all the trimmings (like encryption with Let’s Encrypt and OAuth for authentication), in a few hours if you’ve got experience with such things already. A little longer if you’re new to system administration.

        You can also opt to sign up for an inexpensive WriteFreely account or even multi-user hosting with your own domain.

    • Programming/Development

      • Jussi PakkanenNibble Stew: Experimenting on how to add CMYK and color management to Cairo

        Cairo is an amazing piece of tech that powers a lot of stuff, like all of GTK. Unfortunately it is not without its problems. The biggest one being that it was designed almost 20 years ago with the main use case of dealing with "good old" 8 bit uncalibrated RGB images. There has been a lot of interest in adding native support for things like CMYK documents, linear RGB, color calibration, wide gamuts and all of that good stuff. Sadly it has not come to be.

        The reasons are mostly the same as always. The project is sadly understaffed and there does not seem to be a corporate sponsor to really drive the development forward. What makes things extra difficult is that Cairo supports a lot of different platforms like Postscript, Win32, Quartz and SVG. So if someone wants to add new features in Cairo, not only do they need to understand how color math works and how to do C, they would also need to handle all the various backends. That is a rare combination of skills. In any case the patchset needed to make all that happen would be enormous and thus hard to get reviewed and merged.

      • EarthlyAn Ultimate Guide to Kubernetes Role-Based Access Control - Earthly Blog

        Kubernetes has many resources and components that must be kept out of reach of certain users and service accounts. Resources such as secrets have to be encrypted and have strict access. If everyone in a company who has access to the cluster is given limitless power when using the cluster; this is dangerous because Kubernetes secrets and keys can be stolen and used inappropriately. Mostly, anyone can change the cluster’s configurations, and it will be hard to know who made changes in case of vulnerability detection.

      • Carlos BeckerGoReleaser v1 — one year later

        Since v1.0.0, we continue making steady progress towards making it easier to release increasingly more complex projects, with increasingly more integrations, and with good defaults — especially regarding security and supply chain, thanks to our friends at Sigstore and Anchore.

      • Always use [closed, open) intervals. A programmer's perspective

        Intervals or ranges pop-up everywhere in the programming world. The classic example is picking a start and end date, like you would when booking an AirBnB or a flight. But that's just one example: from slicing a JS Array, to Java's List#sublist and even SQL's LIMIT operator, ranges are everywhere.

        Have you ever wondered why they are always implemented as [closed, open) as opposed to [closed, closed]?

      • Ignore RuboCop changes in Git Blame

        Have you ever run git blame, looked at the commit for a line, and seen some big refactoring or formatting commit? It’s so frustrating not to be able to find the useful context on changes when this happens. When adding StandardRB or RuboCop, or when making changes to your .rubocop.yml configuration, you’ll probably end up with a large commit like this that doesn’t include valuable context when spelunking history.

      • SusamPalC Quines - Susam Pal

        A quine is a computer program that produces an exact copy of its own source code as its output. It must not consume any input, so tricks involving reading its own source code and printing it are not permitted.

      • Perl / Raku

        • Eagle's Path: podlators 5.00 (2022-11-25)

          podlators is my collection of POD formatting modules, which generate *roff or text (possibly with escape sequence markup) from the documentation format used by Perl and some other packages.

          This is a major release, the biggest since the Pod::Simple rewrite in 2005. The headline news is that after some fairly extensive investigation, this release of Pod::Man finally changes the default output format to Unicode. No more replacement of characters in people's names, or text in non-English languages, with ugly X characters! There is a new encoding option to set the output encoding, and new options groff (which uses the groff extension for Unicode code points and is the default on EBCDIC systmes) and roff (which does the old, broken X substitution).

          Since this was a major backward-incompatible change, I also finally removed most of the formatting touch-ups that Pod::Man tried to do for troff output but which would be invisible for the (by far more commonly used) nroff output. These have been an endless source of bugs and are very difficult to maintain, most of them were of marginal utility, and I am dubious many people are using troff to print Perl manual pages these days instead of, say, printing the rendered output from one of the many excellent POD to HTML modules.

        • PerlThis Week in PSC (088) | Perl Steering Council [blogs.perl.org]

          A smaller-than-usual meeting because of the US Holiday; only Paul and Philippe today.

    • Standards/Consortia

      • Tom MacWrightWeb technology optimism hour

        It’s too easy lately to get into a very pessimistic mood about technology. Between the developer energy wasted on crypto, which has produced negative real-world value, the wider downturn in tech stocks, and the often-antagonistic interactions between developers on Twitter and elsewhere, the vibes can be bad.

        [...]

        In the two and a half years since I wrote second-guessing the modern web, framework developers have been chipping away at those problems.

        Both Remix, which went from a paid-product indie startup to a VC-backed startup to an acquisition by Shopify, and Next have rolled out techniques to render more of the application on the backend. Next uses React Server Rendering, a very confusing but promising technology. Remix is pushing people to use patterns with React that can work without client-side JavaScript, in a way that mirrors some of the techniques from Ruby on Rails, like “progressively enhancing” form submissions to use AJAX instead of full-page refreshes.

  • Leftovers

    • Taking the 100 Days to Offload challenge €· 🤠 Major Hayden

      While scrolling through toots in my Mastodon account recently, I stumbled upon the #100DaysToOffload hashtag. That led me to the 100 Days To Offload challenge. The challenge looks very straightforward: write 100 posts within one year on your blog. There’s no prize involved other than being able to share your ideas with others. However, one problem stands in my way: I’m suffering from some serious writer’s block.

    • LiliputingLilbits: Run Palm Pilot apps in your browser with the Internet Archive’s emulator - Liliputing

      The Internet Archive manages to keep internet history alive by offering backups of millions of web pages and other content, including many pages that are no longer available in their original forms.

      But the Internet Archive is also an online library that offers access to plenty of other content, including music, videos, and (somewhat controversially) eBooks. You can also find old computer games… and now you can relive your earlier professional career by running Palm Pilot apps (and games) in a browser.

    • Proprietary

    • Security

      • LWNSecurity updates for Friday [LWN.net]

        Security updates have been issued by Fedora (firefox), Mageia (dropbear, freerdp, java, libx11, and tumbler), Slackware (ruby), SUSE (erlang, grub2, libdb-4_8, and tomcat), and Ubuntu (exim4, jbigkit, and tiff).

      • Top 8 Free Tools for security testing and audit of your Kubernetes cluster in 2022

        Docker is a technology for containerization, while Kubernetes is a tool for orchestrating container deployments. In the subsequent subsections, we will discuss a variety of open-source tools that really are useful for securing Kubernetes clusters. These open source tools involve code snippets that will help with static scanning of Docker images, security auditing, hardening Kubernetes clusters, and incorporating runtime security. Some of the most popular Kubernetes clusters managed by cloud providers include AWS EKS, Azure AKS, and Google CKE. The following is a list of open source tools that may be used to do security scans and that can be incorporated into your CI/CD pipeline in order to analyze images while your apps are being built:

      • Introduction to MITRE ATT-CK - Featuring Version 12 (2022)

        Have you ever wondered how to create a prioritized list of threat actors? Or identify what malicious tactics and techniques are most relevant? Or what security controls should be improved first? The MITRE ATT&CK Framework can help. Version 12 has just been released and this blog will help you understand what the Framework is and what’s new.

      • Data SwampSolene'% : Hard user separation with two NixOS as one

        This blog post is a republication of the article I published on my employer's blog under CC BY 4.0. I'm grateful to be allowed to publish NixOS related content there, but also to be able to reuse it here!

      • Privacy/Surveillance

        • Stacey on IoTPodcast: Alexa’s drama and our holiday gift guide

          The biggest news in the internet of things this week was the staggering story about Amazon’s Alexa business being responsible for the majority of an estimated $10 billion loss in the year ahead. So Kevin and I discuss what Amazon pulling back on Alexa might look like and what it means for voice and the smart home. Then we talk about how a newly available Amazon device signals Amazon’s problem and the potential solutions to that problem. After talking about voice, we take a look at a new controller from Aqara that uses gestures and share our thoughts about the form factor. After all our user interaction talk, we then cover some news, such as the FIDO Alliance planning to work on security and authentication issues for the IoT, Google’s plans for aggregating fitness data, and a new dev kit from T-Mobile. We also talk about new devices from Wyze and Firewalla. Finally, we answer a listener’s question about connecting LED fairy lights. Then it’s time to talk about the holidays.

        • Stacey on IoTIoT news of the week for Nov. 18, 2022 - Stacey on IoT | Internet of Things news and analysis

          If you want a chance to opine on the Federal Trade Commission’s advance notice of proposed rulemaking (ANPR) on commercial surveillance and data security, then sharpen your pencils, because Monday is the deadline for comments.

          [...]

          They signal the direction the agency is leaning and ask for comments. In the case of surveillance tech, the FTC is asking how companies surveil customers, what harms may accrue from that surveillance, how aware consumers are when it comes to that surveillance, and more. Go read the document to get a sense of how important this issue is today and how important it will continue to be going forward.

    • Environment

      • Wildlife/Nature

        • The Ancient Japanese Technique That Produces Lumber Without Cutting Tr | DSF Antique Jewelry

          Daisugi is an ancient Japanese forestry technique in which planted cedars are pruned in a special way to produce "shoots" that eventually become perfect, straight, knot-free lumber.

          This is an ancient method, developed in the 14th century, which was originally used by people living in the Kitayama region of Japan because saplings were lacking.

          The terrain in the region is very mountainous, and the steep slopes make planting and caring for trees very difficult, so arborists used the daisugi technique not only to reduce the number of plantations but also to produce denser wood in a much shorter time.

    • Finance

      • Grayscale Bitcoin Trust suffers due to FTX collapse and doubts over reserves

        Grayscale Bitcoin Trust (GBTC), the largest publicly traded crypto fund, hit record lows in the wake of the FTX collapse. The fund was trading at nearly a 50% discount on the underlying Bitcoin asset, as holders rushed to sell off their GBTC holdings.

        This was not helped by Grayscale's response to those in crypto who were pushing Grayscale to follow suit with some other crypto platforms and publish proof of reserves. Grayscale announced that "due to security concerns, we do not make such on-chain wallet information and confirmation information publicly available through a cryptographic Proof-of-Reserve, or other advanced cryptographic accounting procedure". They did not elaborate on what these "security concerns" might be, and stoked fears in some that the company might not have the backing they ought to have.

      • CoryDoctorowCitizens United and the FTX meltdown

        The collapse of the FTX cryptocurrency exchange and its affiliated businesses has left a million creditors holding the bag for a chaotically managed, corrupt enterprise that created vast personal fortunes for the conspirators who ran it, even as it stole the life's savings of retail investors who bought into its lies.

        Could the unsuspecting public have been shielded from the FTX Ponzi scheme? Hindsight is 20/20, but there's good reason to believe that FTX could have been brought down in a controlled glide, rather than a nose-first crash landing and ensuing fireball.

    • Digital Restrictions (DRM)

      • Stacey on IoTSonos eyes hardware subscriptions to broaden customer base

        “This isn’t a very compelling subscription service,” Tzuo wrote, adding that he would have preferred that the company include additional service features on top of device rentals. As he put it, “Automatic equipment upgrades just don’t cut it anymore.”

      • [Repeat] CoryDoctorowEven if you're paying for the product, you're still the product

        There's something oddly comforting about the idea that "if you're not paying for the product, you're the product," namely, the corollary: "If you can afford to pay for a product, you won't be the product." But it's bullshit. Companies don't make you the product because you don't pay – they make you the product because you can't stop them.

        The theory behind "if you're not paying for the product…" is that old economist's saw: "incentives matter." Companies that monetize attention are incentivized to manipulate and spy on you, while companies that you pay just want to make you happy.

        This is a theory of corporate behavior grounded in economics, not power, a creature of theory and doctrine that never bothers to check in with the real world to see how that theory and doctrine map to actual events. Reality is a lot uglier.

      • FSFEThe universal right to install any software on any device
  • Gemini* and Gopher

    • Technical

      • Finished

        Batteries are finally in. I ended up going a different route to the one planned in my last post; it turns out that it's actually quite hard to get an AC-coupled battery system that permits the solar PV to keep running when the grid is down. I found an article describing four different "levels" of grid independence; actually getting someone to fit, say, "Manual Whole House Backup" is just... difficult.

      • Internet/Gemini

      • Programming

        • `BIOMASS::getWoodDensity()` description

          I looked through the code for the getWoodDensity() function from the {BIOMASS} R package[1], to get a better idea of how it estimates tree wood density.

        • Woes of python module system

          We all love that for every ugly problem in the world there is Python module that mostly solves it, but lets talk about details of module system. What exactly happens when Python executes "import foo.bar.baz"? As you can guess, answer is much more complicated than "find foo/bar/baz.py under some directory in sys.path and load it, if it wasn't loaded already".


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
 
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024