Bonum Certa Men Certa

Links 23/01/2023: Fwupd 1.8.10



  • GNU/Linux

    • 9to5Linux9to5Linux Weekly Roundup: January 22nd, 2023

      This week was kinda slow in news and releases, most probably because of the long holidays and festivities this month. Despite that, we still got new Firefox and VirtualBox releases, a new major release of the GCompris educational suite, as well as a new production-ready NVIDIA graphics driver.

      On top of that, a new release of Netrunner OS arrived after two years with a new Debian base, and the upcoming KDE Plasma 5.27 desktop environment and Firefox 110 web browser have entered public beta testing. Below, you can enjoy these and much more in 9to5Linux’s Linux weekly roundup for January 22nd, 2023.

    • Applications

      • 9to5LinuxFwupd 1.8.10 Adds Support for StarBook Mk VI Laptop, System76’s Launch Heavy Keyboard

        Fwupd 1.8.10 adds support for Star Labs’ StarBook Mk VI Linux laptop, System76’s Launch Heavy configurable keyboard, and the Quectel RM520 5G IoT module. This means that you’ll be able to update the firmware of these devices using the latest fwupd release.

        Some new features also landed in this update, such as a PE/COFF firmware parser that promises to allow reading of coSWID SBoM data, the ability to dump CFI SPI chips using devices like CH341a, as well as support for FDT data in the HWIDs functionality.

      • Linux LinksEssential System Utilities: WTF – terminal dashboard

        Essential System Utilities is a series of articles highlighting essential system tools. These are small utilities, useful for system administrators as well as regular users of Linux based systems.

        The series examines both graphical and text based open source utilities. For details of all tools in this series, please check the table at the bottom.

        WTF (also known as ‘wtfutil’) is billed as “the personal information dashboard for your terminal”. The idea is that you’ve got easy access to important but infrequently-needed stats and data. WTF is published under an open source license. This tool is written in Go.

    • Instructionals/Technical

      • University of TorontoHow Let's Encrypt accounts are linked to your certificates in Certbot

        In theory, starting from Certbot 1.23 you can find out information about your accounts with 'certbot show_account'. In practice, Ubuntu 22.04 LTS still has Certbot 1.21, and show_account doesn't show you one critical piece of information, namely Certbot's local identifier for the account. So instead you have to look under /etc/letsencrypt, where in accounts/acme-v02.api.letsencrypt.org/directory/ you will find one subdirectory per production LE account you have. Each account (ie subdirectory) has a name that's 32 hex digits, which is Certbot's (internal) name for this account. In each account's subdirectory, the meta.json will give you some basic information about the account, currently the creation date and hostname, although not necessarily the email address associated with it (which 'certbot show_account' can retrieve from Let's Encrypt).

      • RlangDeploy your own Shiny app server with debian

        That work inspired me to set up my own home server and to write this guide. Although the sources I found are really helpful, they are lacking a few steps if you set up your own server from scratch, and they are also lacking some sources of where to find when the software gets up to date, providing only old links. Therefore, I decided to make this guide, covering all those topics and keeping a registry of the links, to help myself in the future and to help anybody who want to try it.

      • Evan HahnHow I fixed broken Wi-Fi on my 2012 Mac Mini running Zorin OS

        I recently installed Zorin OS Lite on a 2012 Mac Mini. When I booted it up for the first time, the Wi-Fi didn’t work because I didn’t have the drivers. This is how I fixed it.

        These steps worked for me, and I hope they’re helpful for you. I suspect these instructions work on many old Macs with other Linux distros like Ubuntu. (In fact, these instructions were inspired by a similar guide, which was itself inspired by an old Ubuntu guide.)

      • Red Hat OfficialFree up space on your Linux system with this open source tool | Enable Sysadmin

        Try the Top Disk Consumer Report Generator to help find files, directories, and deleted files that are consuming unnecessary storage on your system.

      • Linux CapableHow to Install 7-Zip on Debian 11 or 10 - LinuxCapable

        7-Zip is a popular open-source file archiving and compression software that allows users to compress and extract files in various formats. It is a versatile tool that can be used on desktop and server environments and is particularly useful for users of Debian Linux. This software can save disk space, reduce file transfer times, and increase security by encrypting and password-protecting files.

      • Master the lsblk Command: Block Devices Information

        The lsblk (pronounced “L-S-block”) command is commonly used to get the list of all the block devices in your system with their information, such as size, type, mount point, etc.

        If you are wondering, what are block devices? Then it’s basically files that represent the device connected to your system (except for ram disk).

        In this article, you will learn how to list out and get information about all the block devices using the lsblk command and its options (with practical examples).

      • TecMintHow to Use 'head' Command to Manage Files Effectively

        In Linux, there are various commands available to display the contents of the text file. Some of the popular and most frequently used commands are cat, less, more, view, etc. However, all of these commands are more relevant when we want to display a large part of the file.

      • Trend OceansSL Command: Board with me on the Short Train Journey - TREND OCEANS

        sl command does not have any practical use, but it can be used for fun or entertainment and to start the train simulation you can use the following command to make the train smoke

      • Ruben SchadeRubenerd: FreeBSD pipes and redirection, via @klarainc

        Pipes and redirection were one of those lightbulb moments I had with *nix, albeit on Red Hat Linux at the time. Years later I accidentally realised I could even use them on DOS, albeit in a more limited capacity.

        We take a lot of tooling for granted on these systems, because their use has become second nature. It’s a testament to those forward-thinking engineers.

      • Learn Linux dd Command with 17 Examples

        The dd command is a command-line utility that is abbreviated as “Data Definition“, “Data Duplicator“, or “Disk Dump” depending upon the usage, but it’s commonly known as a utility for copying and converting data in Linux.

        It can copy data from a file or block device (like a hard drive or USB flash drive) to another and perform various operations like creating backups, cloning hard drives, making bootable USB flash drives, data compression, and many more.

        Knowing all this might make you more attracted to this command, but before that, you should know that this command is able to overwrite or destroy data from the disk if used improperly. It is recommended that the user thoroughly understand the options and arguments of the command before using it.

        In this article, you’ll learn how to use the dd command and its options, as well as some common ways to use it as you learn more about Linux.

      • Real Linux UserHow to set up and use Joplin as a Zettelkasten application - Real Linux User

        When I made the decision quite a few years ago to switch from macOS to Linux as my main operating system for all my personal and productive activities, an important step in this choice was to look for great replacement applications for those applications that I no longer could use from my macOS environment. I needed a good replacement for my note-taking activities, among other things. After a lot of searching, I came across what I consider to be a fantastic free and open-source application, named Joplin. Joplin is basically a hierarchically oriented note-taking application, which fits in well with my way of capturing and organizing notes. But more and more I see people switching from a hierarchical system to a Zettelkasten Personal Knowledge Management system in which notes are interconnected. The question is to what extent Joplin can support the Zettelkasten method. In this article, I want to explain how to set up and use Joplin as a Zettelkasten application.

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • OpenSource.com3 predictions for open source in confidential computing

      Open source is key in confidential computing. The Enarx project provides a runtime environment, based on WebAssembly. This allows deploying a workload into a TEE in an architecture- and language-indifferent way. With the general awareness trends I've described above, I expect more engineers to join the open source ecosystem of confidential computing projects. This year, more developers might contribute to all elements of the stack, including the kernel, WebAssembly, Rust crates and tools, and Enarx itself.

      Maybe one of those developers is you. If so, I look forward to collaborating with you.

    • Jaakko KeränenA SmörgÃ¥sbord of Problems

      For the past several days, while combating another flu, I've been polishing Lagrange's dev branch for the v1.15 release. Preparing for a release typically involves solving a series of small(ish) problems. Here's a sampling of what I encountered this time.

      Operating systems have fundamental differences when it comes to windowing and event processing. I do most of my development on macOS, so a bunch of small issues typically pop up when testing on Windows, Linux, and *BSD.

    • Ruben SchadeThe writer of ahiru.pl also uses desktop email

      This was the impetus I had for merging my personal email hosted in Alpine back into Thunderbird too. Having everything in one place makes life much easier, even if I still invoke some specific keybindings sometimes.

    • Web Browsers/Web Servers

      • University of TorontoHow Prometheus makes good use of the HTTP Accept: header

        Prometheus metrics exporters are queried ('scraped') by Prometheus and respond with metrics in some format. Historically there has been more than one format, as sort of covered in Exposition Formats; currently there's two text ones (Prometheus native and OpenMetrics) and one binary one (with some variations). The text based formats are easy to generate and serve by pretty much anything, while the binary format is necessary for some new things (and may have been seen as more efficient in the past). A normal metrics exporter (a 'client' in a lot of Prometheus jargon) that supports more than one format will choose which format to reply with based on the query's HTTP Accept header, defaulting to the text based format.

      • OpenSource.comCreate your own website with Joomla!, an open source CMS

        Joomla! is among the leading open source content management systems (CMS) for publishing web content. It's user friendly, accessible, extensible, responsive, and multilingual. What's more, it's also search engine optimized. No wonder Joomla! has a 3.5% share of the content management system market.

        In this article, I'll introduce you to Joomla! and why I think it's an excellent choice for your website or online application.

    • Funding

    • Licensing / Legal

      • Ali Reza HayatiI’m NOT changing my license!

        I’m a free software person. I care about software freedom and that’s why I advocate for GNU GPL family of licenses. GNU GPL license makes sure that you have freedom to do anything with your copy but you have to keep it free. If I truly advocate for freedom, I think I wouldn’t want my piece of software to become proprietary. And I thought the same argument goes for other forms of published work.

    • Openness/Sharing/Collaboration

      • Open Access/Content

        • Times Higher EducationOpen access accord ‘to weaken publishers’ negotiating position’

          Under a new commitment agreed by members of the N8 Research Partnership, whose institutions include the universities of Leeds, Manchester and Sheffield, researchers will be urged to retain their intellectual property (IP) rights, rather than sign them over to publishers.

          By doing so, scholars would be free to post final versions of research articles on institutional repositories, after obtaining a CC BY licence – a move that some publishers will not permit, or only allow after an embargo period, a route to publication known as green open access.

    • Programming/Development

      • FactorFive Questions

        Many years ago, there was a blog post containing five programming problems every software engineer should be able to solve in less than 1 hour. I had bookmarked it at the time and didn't notice the controversy it created on Reddit. The original link seems to be down, but there are various solutions posted online, including a solution in Python.

        I finally got around to looking at it and writing up some solutions to the problems listed. Apparently, instead of solving this in 1 hour in Factor, it took me almost 8 years: [...]

      • The GradientDo Large Language Models learn world models or just surface statistics?

        From various philosophical [1] and mathematical [2] perspectives, some researchers argue that it is fundamentally impossible for models trained with guess-the-next-word to learn the “meanings'' of language and their performance is merely the result of memorizing “surface statistics”, i.e., a long list of correlations that do not reflect a causal model of the process generating the sequence. Without knowing if this is the case, it becomes difficult to align the model to human values and purge spurious correlations picked up by the model [3,4]. This issue is of practical concern since relying on spurious correlations may lead to problems on out-of-distribution data.

        The goal of our paper [5] (notable-top-5% at ICLR 2023) is to explore this question in a carefully controlled setting. As we will discuss, we find interesting evidence that simple sequence prediction can lead to the formation of a world model. But before we dive into technical details, we start with a parable.

      • SalonAI chatbots learned to write before they could learn to think

        The internet can't stop talking about an AI program that can write such artful prose that it seems to pass the Turing Test. College students are writing papers with it, internet marketers are using it to write marketing copy, and numerous others are just having earnest and fun conversations with it about the meaning of life. The AI chatbot in question is called GPT-3, and it's the latest iteration of a long project from the company OpenAI. Short for "Generative Pre-trained Transformer 3," GPT-3 is what is known to computer scientists as a large language model (LLM).

      • Daniel MiesslerOpenAI’s Purpose is to Build AGI, and What That Means

        Anyway, the point of all this is to say that this isn’t something that might fall out of ChatGPT. It’s not a conspiracy that they’re trying to build AGI. It’s not a rumor. It’s their stated goal.

      • Terence EdenAdding restaurant review metadata to WordPress

        I've started adding Restaurant Reviews to this blog - with delicious semantic metadata. Previously I'd been posting all my reviews to HappyCow. It's a great site for finding veggie-friendly food around the worlds, but I wanted to experiment more with the IndieWeb idea of POSSE. So now I can Post on my Own Site and Syndicate Elsewhere.

      • ButtondownFunny Programming Languages ● Buttondown

        One of the weirdest and most wonderful things about people is that they can make a joke out of anything. For any human discipline there’s people making jokes about that discipline. In programming, that starts with memes like “how do I exit vim” (as typified in places like r/programmerhumor), or funny examples of awful code (such as from TheDailyWTF).

      • ButtondownUse the Wrong Tool for the Job ● Buttondown

        I’ve recently been real fascinated by the topic of complexity and what keeps us from keeping software simple. The wider net likes to blame “lazy programmers” and “evil managers” for this, as if any software could, with sufficient time, be made as simple as “hello world”. I’ve instead been looking at how various factors create complexity “pressure”. Code that needs to satisfy a physical constraint is more likely to be complex than code that doesn’t, etc.

        One complexity pressure is “impedance”: when the problem you are solving isn’t well suited for the means you have to solve it. For example, if you need to write really fast software, then Python will be too slow. You can get around this by using foreign function interface, as scientific libraries do, or running multiple processes, as webdevs do, but these are solutions you might not need if you were using a faster language in the first place. In a sense impedance is complexity that comes from using “the wrong tool for the job.”

  • Leftovers

    • Connor TumblesonDangling domain abuse.

      On January 15, 2023 I deleted an old Linode as I helped migrate an old website I hosted to a new provider and webmaster. This went as seamless as possible with zero downtime - I asked all WordPress contributors to hold on writing - did an rsync of all contents and one quick export/import of database and I was done.

      The short TTL I had on the domain led folks to the new host extremely quickly and for those contributors who didn't respect TTL - I had a draft blog in the old site titled - "This is old - do not write here.". I kept the old site up for about a week for stragglers then deleted the Linode as mentioned on January 15.

      Five days later on January 20, 2023 I obtained an alert that a new owner was verified in the Google Search Console. I was pretty busy at work on that Friday, so I only started piecing together this mistake on the weekend.

      So this is the story.

    • Counter PunchA Poem is a Secret Shared by People: 5 x 5

      A poem is a secret shared by peopleWho have never met each other*€ Out there wet January snow’s falling Stovetop homemade chicken broth simmering— Would you like to share a secret? I have been to the top of the mountain Before they lopped it off to pit-mine coal Here on Grant Street we pit-mine soul— The penny-ante pin-wheel the PoetPilfered from a Parkway lawn’s been warped by rain & drivenBy the drunk & dirty snow but’s it’s still spinning. Here’s a secret I shouldn’t oughta tell— Dylan says that then time will tell just who has fell &Who’s been left behind when you go your way & I go mine—So times not really on my side. Hit the brakes hard & gas her into a Rubber-burning four-wheel spin lovin’ theSpin we’re in under that ol’ Black Magic— Does life here have to be fucking tragic? We need some Steely-Dan pretzel-logic.A poem is a secret shared by peopleWho have never met each otherShare secrets w/ me Sisters & Brothers— Might we keep the aspidistra flying? Secrets are truth while all-else is lying.

      * Charle “Dusan” Simic 1938-2023



    • MWLUpdates to Print Bookstore and FAQ

      I’ve made some updates for the pandemic age, updated and clarified a few Q&As, and puttered with the text.

    • Ruben SchadeUsing PCI slots for SSD brackets

      I’m spoiled in server land at work. The build quality of desktop cases has improved significantly over the last few years, but all the innovation is being poured into radiators, chintzy lighting, and vertical mount GPUs. Storage is relegated to awkward positions behind motherboards, in flimsy trays in the power supply shroud area, or eschewed (gesundheit) altogether. All together? English is weird.

      In what I dub a reverse-Tardis, cases are getting bigger, but their internal storage is shrinking. Some of this can be attributed to the introduction of NVMe and eMMC that cleanly mount directly to the motherboard without data or power cables. But their price, and limited board slots, make them ill-suited for bulk storage, scratch space, and redundancy. People often say that about me.

    • Terence Eden[Repeat] Lessons learned from a power-cut

      The first indication I had that anything was wrong at home was my solar panels's cloud service casually emailing me to say they hadn't generated any electricity that day. We were on holiday - literally on the other side of the planet - and there were reports of snow at home, so I didn't think anything of it.

      But the same thing happened the next day. And our alarm system app started complaining that it couldn't reach our home network. Nor could our security camera app, heating app, and lighting app.

      Bother.

      At first, I thought the Internet had temporarily gone out. Our ISP's fault page showed no disruption in the area and no problems with the line.

      Arse.

      I checked with the local power company - and there were no cuts reported in the area. So I checked our smart meter data. Our energy company gets reports every 30 minutes from the meter. That let me see that, at some point after 0930 one morning, the power had gone out and hadn't come back.

      FUCK!

      The smart meter was sending back 0kWh every 30 minutes. So I was reasonably sure that the house hadn't burned down. And, after a moment of panic, felt sure that if there had been a gas explosion, ram-raid, or meteor strike, someone would have found a way to contact me. So it was probably a fuse tripping which had knocked everything out.

      Wait! What about our UPS?!!?

      [...]

      I have a UPS. It has a USB port. It is connected to my server. My server can communicate with my UPS. Do I make use of any of this? NO!

    • Seth Michael LarsonHi-Chew Pokédex

      I love the idea of having "personal Pokédexes", a set of known things out there in the world that you want to collect. My current personal Pokédex is Hi-Chew flavors. Below I've listed ones I've either tried or aspire to try one day. What's your personal Pokédex?

    • Xe's BlogSite Update: CSS Fixes - Xe Iaso

      So yesterday my blog was on the front page of Hacker News. Twice. The comments were brutal, however some people politely pointed out some issues that I've brushed off in the past because it's difficult to interpret comments like "ur website is gay furry trash because I can't tell what is a conversation snippet lol" in a positive enough light to want to act on it.

    • CoryDoctorowEleanor Janega's "Once and Future Sex"

      The Once and Future Sex is Eleanor Janega's new history of gender and sex in the medieval age, describing the weird and horny ways of medieval Europeans, which are far gnarlier and more complicated than the story we get from "traditionalists" who want us to believe that their ideas about gender roles reflect a fixed part of human nature, and that modern attitudes are an attempt to rewrite history.

      [...]

      This extends in all directions: whether women did hard physical labor, whether beauty ideals are eternal, whether women went to war, or ruled, or engaged in scholarship.

    • Ruben SchadeRubenerd: The @cartron on blogging regularity

      I love that we’re the master of our own domain with blogging. If you want to post once every year, or a few smaller posts a day, or take a break for a few months, you absolutely can. You can write without titles, have a complicated or simple site design, include inline images or only post text, whatever you want. There aren’t any rules, beyond writing syntax a browser and RSS aggregator can interpret.

    • Hardware

      • Linux GizmosICP Mini-ITX board runs on Intel Alder Lake-S/Raptor Lake-S processors

        The KINO-ADL-H610 is a Single Board Computer compatible with various Intel 12th/13th Gen Core processors. The SBC is equipped with dual 2.5GbE LAN ports, dual 4K @60Hz displays, SATA 6GB/s and various I/O interfaces€ 

      • HackadayOff-Grid Van Build Uses 3D Scanning For Smarter Planning

        Folks who refurbish and rebuild vans into off-grid campers (especially with the ability to work in them remotely) put a fantastic amount of planning and work into their projects. [Rob] meticulously documented his finished van conversion and while he does a ton of clever work, we especially liked how he shows modern tools like photogrammetry can improve the process.

      • HackadayMinimalist Homebrew Hardware Recreates Arcade Classics

        Classic video games might look primitive by today’s standards, but the addictive gameplay of Breakout or Pac-Man remains fun no matter what decade you were born in. Keeping the relevant hardware running becomes harder as the years pile up however, so when [Michal] decided to introduce his kids to classic video games, he didn’t dig up his old game consoles. Instead, he decided to recreate several games from scratch using the bare minimum amount of hardware needed.

      • HackadayReading Data From A CD, With A Microscope

        There was a time when electronic engineering students studied the audio CD, for all its real-world examples of error correction and control systems. There’s something to be found in the system still for young and old though, and thus we were intrigued when we saw [Peter Monta] reading the data from a CD using a microscope.

      • Ruben SchadeThoughts on an entirely new Commodore 64

        Taking a step back though, you’d fall off a cliff. We’ve reached the point where serious technical enthusiasts, armed with off the shelf components, FPGAs, programming knowledge, and an understanding of electronics, are able to create socket-compatible components that a 1980s chip foundry Commodore literally had to buy could. Couple that with injection moulds, 3D printing, video creators with large audiences, and a community of interested fans offering feedback, views, and money, and it’s feasible in 2023 to recreate an entire 1980s computer.

      • HackadayRunning Cray OS And UNICOS On Your Own Cray Simulator Instance

        The Cray series of super computers have been pretty much symbolic for high-powered computing since the 1970s, and to this day there’s a certain level of mysticism to them. Much of this is also helped by how rare these systems were and are today. Unlike Commodore, Apple and IBM PC systems which got sold by the truckload, Cray super computers and the much smaller workstation systems were and are significantly more rare. Despite or perhaps because of this [Andras Tantos] embarked on a decade-long quest to bring together what is left of the Cray legacy in the form of the Cray Files.

      • HackadayDesigning A Simpler Prosthetic Finger

        Prosthetic limb design is an area where desktop manufacturing has made huge strides, but there’s always room for improvement. For example, take a look at [Ian Davis] and his attempts to design a simpler prosthetic finger.

    • Health/Nutrition/Agriculture

      • VideoVaccines and viral variants

        The use of antibiotics has promoted antibiotic resistance, which is a major global threat to the treatment of bacterial infections. The bacteria which survive are the ones which are resistance to an antibiotic. These are the bacteria which will survive to infect the next person.

        The situation is much the same with vaccines which act against viral infection.

        Vaccines which do not sterilise the body of a virus will leave some viral particles alive. It is these surviving viruses, which are not killed by vaccine induced antibodies, that survive to reproduce. This is why vaccines can lead to the evolution of new variants of a virus. In other words, the virus must evolve to avoid vaccine induced immunity.

        [...]

        It is also noted that repeated vaccination can stimulate the T suppressor lymphocytes that actually inhibit the immune response.

        [...]

        Fortunately, these genetic changes have so far led to covid viruses which cause less severe disease, while still being very transmissible. This has reduced serious illness and deaths, while promoting widespread natural immunity.

    • Proprietary

      • Times Higher EducationUniversity ‘will never pay ransoms’ despite darknet data leak [iophk: Windows TCO]

        Professor Albert said the November 2022 attack “created a complex situation with regard to the damage caused”, including the encryption of 1,200 virtual servers and takeover of a central system for controlling access.

        The scale of the attack means the university has had to reconstruct its IT infrastructure. Raimund Vogl, president of the European University Information Systems Organisation and chief information officer at the University of Münster, said replacement hardware and security consultants could cost around €100,000 (€£88,000), but that this would typically be dwarfed by the labour costs of having tens of IT and administrative staff working around the clock on recovery for months.

      • QtRegarding recent reported security vulnerabilities from Cisco Talos

        Back in October 2022, the Qt Project Security team was contacted by someone at Cisco Talos to report an issue with integer and buffer overflow issues in QML which they considered a vulnerability in Qt 6.3. This has recently been made public by Cisco Talos here. This has also resulted in two CVEs , CVE-2022-40983 and CVE-2022-43591.

    • Linux Foundation

      • Bryan LundukeLinux Foundation decreased Linux spending to 3.2% in 2022.

        I’m not going to sugar coat this… it is absolutely ridiculous.

        The highlight? Funding for the Linux kernel, in 2022, dropped to a measly 3.2% of the foundation’s total revenue of $243 Million dollars.

        Down from the — already absurdly low — 3.4% from 2021.

        Considering the name of the foundation… that is, needless to say, highly amusing. Or infuriating. Possibly concerning. Likely all three.

        Let’s dive into the details and try to figure out why this is happening.

      • Bryan LundukeLinux Foundation, bored with Linux, launches Open Metaverse Foundation

        In 2021, The Linux Foundation decided to branch out from their core business (“Linux”) to create an entire foundation focused on “Health” and, specifically, creating vaccine passports.

        Was it weird that The Linux Foundation was now in the vaccine business?

        Yes. Yes, it was.

        Well, it appears that someone has dared Jim Zemlin — the head of The Linux Foundation — to keep making new projects and sub-foundations that make absolutely no sense. Perhaps, even, double-dog dared him.

        Because yesterday — January 18th, 2023 — The Linux Foundation unveiled their latest attempt to do absolutely anything other than Linux.

        [...]

        For that matter, will “The Linux Foundation” keep their name? How long before they re-brand… removing the word “Linux” entirely?

    • Security

      • Integrity/Availability/Authenticity

        • Ciprian Dorin Craciun[remark] Memorable password schemes and patterns? -- Volution Notes

          Questions (without definitive answers) about memorable password schemes and patterns.

        • Ciprian Dorin Craciun[remark] Password strength for offline storage? -- Volution Notes

          Questions (without definitive answers) about password strength (i.e. entropy bits) for offline storage.

        • Jan Piet MensJan-Piet Mens :: Notes to self: KeePassXC

          More and more frequently, when I ask friends and family (people with a mainly non-computing background) how they manage their passwords their eyes cloud over, and I then feel the need to tell them that they ought to apply good password hygiene. (I tend to mensplain a bit.) As such I’ve been looking much more deeply into KeePassXC as a multi-platform, Open Source, and very decent password manager.

          I ran away from 1Password many years ago when, IIRC, forced cloud upon their users and also converted to a subscription model and settled for EnPass at the time. Aside from a number of UI quirks in EnPass I’ve been happy enough with it, and I got it at the time when they had a purchase model; I believe that has meanwhile also changed to a subscription model. I want to be able to recommend a program which has a fixed price (Open Source is fine) and a UI which will hopefully remain somewhat consistent. I think KeePassXC matches the requirement.

        • Ruben SchadeRubenerd: The “I lost my phone” scam

          I’m seeing an uptick in spam messages claiming the sender lost their phone, and that they’re messaging from a friend’s device. They impart a sense of urgency by claiming they’re stranded, need money, and that their friend’s phone is also running short of battery. Or long, depending on the form factor. Thank you.

      • Privacy/Surveillance

        • Ruben SchadeRubenerd: Joe Biden’s online privacy op-ed

          Mike Masnick asserts the devil is in the details. For example, he says it’d be infeasible and undesirable to to verify the age of web visitors. While true, it muddies the issue: it’d be easy to legislate against companies buying ads targeting children in the first place. We already do this with tobacco and gambling.

      • Confidentiality

        • Old VCRBringing TLS to the Magic Cap DataRover

          Today we're adding TLS 1.3 to the one and only web browser on a 36MHz MIPS handheld running Magic Cap, the most unique mobile operating system from the most influential startup you never heard of. But before we do, a thank-you to Scott and Barbara Knaster: [...]

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • Counter PunchBreaking the Addiction to Secrets and Secrecy

        The mainstream media has done their best to scramble the information on classified documents and the issue of secrecy.€  Because the media treasures the idea of balance and equivalence, it has unnecessarily equated the criminal culpability of Donald Trump and the sloppiness of Joe Biden’s staff.€  The former led to Trump’s intentionally keeping large amounts of classified material at Mar-a-Lago; the latter led to small amounts of intelligence at Biden’s former office and his home.€  Since I held high-level security clearances for more than four decades while in the U.S. Army, the Central Intelligence Agency, the Department of State, and the Department of Defense, I have something to offer on the issue of secrets and secrecy.

        First, there is a simple fix to the problem of presidents being responsible for the closing of their White House offices and the boxing of sensitive materials.€  This work is done at the final stages of a presidential term by members of the president’s staff, some of whom probably even lack the clearances to handle sensitive materials.€  The closing down of these offices and the sorting of materials should be done by qualified members of the General Services Administration or, better yet, the National Archives and Records Administration, which can catalogue sensitive materials as well as package them.€  In the case of Trump’s perfidy, the National Archives knew it was missing certain documents but had no idea about the rest of the items Trump was concealing.€  This must be corrected.

    • Environment

      • Counter PunchOur Planet Versus Plastic Bags: a Tale of Two Cities

        With oceans, countries, populations, and governments inundated by a plague of plastic worldwide, it may be useful to focus on the single-use plastic bag choices made by two cities, in the same U.S. state, located at a distance of only 64 miles (104 km) from each other. Both Santa Fe and Albuquerque share many qualities and conditions, foremost among them a distinctive cultural mix of American, Hispanic/Latino, and Native American citizens. But the two communities are also dissimilar, and this is reflected in the way they have dealt with the plastic bag dilemma.

        Santa Fe is the oldest capital city in the United States. It is the seat of the New Mexico government and is home to the country’s third-largest art market. It calls itself “the City Different” and has more than 250 art galleries and dealers, a dozen state and private museums, and a world-class opera, for its more than 88,000 residents.

      • Energy/Transportation

        • Counter PunchThe Blowback From Sanctions Against Russia

          Plenty of media focus on Ukrainian military success and Russian failure in the fighting in Ukraine but far too little attention is given to the way in which the Western economic war against Russia has boomeranged against the EU states.

          The bid to ensure that Russia went on exporting plenty of crude oil – 11.2 million barrels a day in December – while at the same time limiting its earnings from higher oil prices was always contradictory and bizarre. President Vladimir Putin was derisive about the economic impact of a Western price cap on the price of Russian crude that is above the Russian sales price.

        • Common DreamsExxonMobil and the Endless Climate Lie

          Swedish climate activist Greta Thunberg is getting carried away. Literally. She joined thousands in the village of Lützerath, Germany, to oppose the expansion of an open-pit lignite mine, one of the dirtiest forms of coal. Police in riot gear hauled her away as the mass arrests progressed. Greta wrote on Twitter, “Yesterday I was part of a group that peacefully protested the expansion of a coal mine…We were kettled by police and then detained but were let go later that evening. Climate protection is not a crime.”

        • Ruben SchadeRubenerd: Printers and wasted tech potential

          Last year I mentioned what a waste cryptocurrency and blockchain guff was. I didn’t just mean in terms of electricity and silicon, but also the wasted potential among thousands of engineers who could be directing their craft to solving real problems, helping their fellow human travellers, and making the world a more beautiful place.

        • [Old] Network UPS ToolsNetwork UPS Tools

          The primary goal of the Network UPS Tools (NUT) project is to provide support for Power Devices, such as Uninterruptible Power Supplies, Power Distribution Units, Automatic Transfer Switches, Power Supply Units and Solar Controllers. NUT provides a common protocol and set of tools to monitor and manage such devices, and to consistently name equivalent features and data points, across a vast range of vendor-specific protocols and connection media types.

          NUT provides many control and monitoring features, with a uniform control and management interface. If you are just getting acquainted with NUT, that page also explains the technical design and some possible set-ups.

        • Pro PublicaWhat to Know About the Risks of Gas Stoves and Appliances

          As a climate reporter, I was well aware of the growing concern about the gas stoves in people’s homes leaking dangerous pollutants, like methane, a potent greenhouse gas and explosive hazard; nitrogen dioxide, which worsens asthma; and benzene, which causes cancer. But I was a renter who had no control over my appliances. So I mostly ignored it — until one day last fall when I smelled the rotten-egg odor of leaking natural gas while baking focaccia.

          I borrowed a $30 gas leak detector from a friend (a fellow climate reporter, of course). When I turned on the oven in my New York City apartment, the lights for a “significant” leak lit up. My kitchen was filling up with methane. According to the user manual, that meant I should “VENTILATE THE AREA IMMEDIATELY and move to a safe location” in case of an explosion. I opened the windows and ignored the evacuation advice (don’t follow my example), too intent on taking a video of the leak as proof for my landlord before turning off the oven. Then I vented my frustration by panic-texting friends and eating too much focaccia — after cutting it into pieces and baking it in my toaster oven. Luckily, my landlord replaced my faulty stove within days. I made sure to check the new stove (still gas, alas) for leaks after it was installed.

        • ScheerpostPeru’s Natural Resources: CIA-Linked US Ambassador Meets With Mining and Energy Ministers to Talk ‘Investments’

          Peru has large reserves of copper, gold, zinc, silver, lead, iron, and natural gas. After a coup overthrew left-wing President Pedro Castillo, the US ambassador, CIA veteran Lisa Kenna, met with mining and energy ministers to discuss “investments”. Europe is importing Peruvian LNG to replace Russian energy.

        • MeduzaA Tyumen resident got a subsidy for utility bills — 1 kopeck — Meduza

          Authorities in the city of Ishim, in the Tyumen region, gave a resident a subsidy of 1 kopek (around 1/100 of a cent) to help pay utility bills. The resident, who wishes to remain anonymous, posted the official notice on Telegram.

      • Wildlife/Nature

    • Finance

      • Counter PunchOmitting the Evidence: What the IMF Gets Wrong About Venezuela

        On December 5, 2022, the International Monetary Fund’s (IMF) Western Hemisphere Department published a report titled “Regional Spillovers from the Venezuelan Crisis,” which assesses the causes of Venezuela’s economic crisis, the drivers of the country’s record emigration, and the impact that this influx of Venezuelan migrants has had on neighboring countries. While these are worthy topics of research, and there is much of value in the report, authors Alvarez et al. curiously omit a critical piece of the puzzle, and one of the single most important factors contributing to Venezuela’s current economic and humanitarian plight: US economic sanctions.

        In August 2017, the Trump administration issued Executive Order 13808, barring the government of Venezuela, including the state-owned oil company Petróleos de Venezuela, S.A. (PDVSA) and its joint ventures, from accessing US financial markets. Though the United States had imposed sanctions on certain Venezuelan individuals and entities before this, including under the Obama administration’s E.O. 13692, which declared a US national emergency with respect to Venezuela, the August 2017 sanctions marked the beginning of a series of sweeping sanctions that would define the Trump administration’s approach to US-Venezuelan relations. Sanctions were escalated even further alongside the recognition of a parallel government beginning in 2019, most notably with the January 28 designation of PDVSA as a sanctioned entity, and the 2020 imposition of secondary sanctions against shipping companies involved in the transportation of Venezuelan oil. The vast majority of these sanctions remain in place today.

      • Common Dreams2022 Was a Bad Year for Billionaires—But Not Nearly Bad Enough

        Sometimes the daily news about our billionaires just doesn’t seem to make any sense.

      • Counter PunchA Down Year for Our Deepest Pockets?
      • MeduzaRussian banks to release stickers to replace Apple Pay — Meduza

        Russian banks plan to start issuing stickers containing NFC chips to replace foreign contactless payment services such as Apple Pay and Google Pay, which were suspended in Russia soon after Moscow launched its full-scale invasion of Ukraine, RBC reported on Monday.

      • Common DreamsWe Need a New Approach to Debt—One Borrowed From the Past

        On Friday, Jan. 13, Treasury Secretary Janet Yellen wrote to Congress that the U.S. government will hit its borrowing limit on Jan. 19, forcing the new Congress into negotiations over the debt limit much sooner than expected. She said she will use accounting maneuvers she called “extraordinary measures” to keep U.S. finances running for a few months, pushing the potential date for default to sometime in the summer. But she urged Congress to get to work on raising the debt ceiling.

      • Common DreamsWe Need Housing for People to Live In, Not for Corporations to Invest In

        Anyone who is active in our communities knows that housing insecurity and homelessness are rising fast, due in part to an ever-shrinking lot of affordable rentals and homes. Housing should be the rallying cry right now.

    • AstroTurf/Lobbying/Politics

      • Computer WorldUK gov't amendments to Online Safety Bill include criminal liability

        The bill was updated on Tuesday after Conservative back benchers threatened to vote against the legislation unless it included a provision that would allow regulators to prosecute social media executives who are found to have compromised the safety of children online. Earlier in the week, the Labour Party also signaled it would be willing to back the inclusion of criminal liability to the bill.

      • ScheerpostIs SCOTUS on the Verge of Dismantling Labor and the Administrative State in One Blow?

        By Nancy Snyder / CounterPunch On Tuesday, January 10,€  the United States Supreme Court heard oral arguments in the matter of€ Glacier Northwest, Inc. v. International Brotherhood of Teamsters Local Union 174.€ If Glacier Northwest prevails, the Supreme Court ruling will make it far easier for alleged labor disputes that result in damage to company property, to […]

    • Freedom of Information / Freedom of the Press

      • The DissenterKevin Gosztola On 'The Chris Hedges Report'
      • ShadowproofKevin Gosztola On ‘The Chris Hedges Report’

        Chris Hedges, longtime journalist and host of “The Chris Hedges Report,” had Shadowproof editor Kevin Gosztola on his show to discuss his book, Guilty of Journalism: The Political Case Against Julian Assange.

        The book can be pre-ordered from Seven Stories Press. It will be released on February 21.As Chris said in the introduction, “I think your book and Nils Melzer’s book are books I would recommend for people who don’t understand the case.”Chris and Kevin go issue by issue, like the book, which is not a chronology but a meticulously organized guide to all aspects of the United States government’s charges and allegations.

      • ScheerpostChris Hedges: The Plague of Social Isolation

        The rupture of social bonds and loss of community, caused by the decades-long assault on the poor and working class and the ravages of the pandemic, have resulted in a dangerous social isolation.

    • Civil Rights/Policing

      • TruthOutGreta Thunberg’s Arrest Demonstrates Why Energy Charter Treaty Must Be Abolished
      • TruthOutPeet’s Coffee Baristas Unionize First Cafe With Help from Starbucks Workers
      • Common DreamsBaristas Form First Unionized Peet's Coffee in US With Help From Starbucks Workers

        In a win for workplace democracy, employees at a Peet's Coffee & Tea located in Davis, California formed the chain's first unionized shop in the United States on Friday.

      • Common DreamsThousands Across US Demand Reproductive Freedom on Roe's 50th Anniversary

        Thousands of people called for reproductive freedom at rallies around the United States on Sunday—the 50th anniversary of the landmark Roe v. Wade decision that made abortion a constitutional right until the Supreme Court's reactionary majority overturned it last summer.

      • India TimesThousands of Indian IT professionals now jobless scrambling for options to stay in the US

        According to The Washington Post, nearly 200,000 IT workers have been laid off since November last year, including some record numbers in companies like Google, Microsoft, Facebook and Amazon. As per some industry insiders, between 30 to 40 per cent of them are Indian IT professionals, a significant number of whom are on H-1B and L1 visas.

      • Counter PunchGoogle’s Stock Climbed After It Fired 12,000 Employees, But What Did They Get Out of It?

        Alphabet, the parent company of Google, has announced it will lay off about 6 percent of its global workforce. Google CEO Sundar Pichai sent his employees a letter warning of imminent layoffs and saying how “deeply sorry” he was. He offered for workers to “feel free to work from home” for the day in order to process the tough news that about 12,000 of them would soon lose their jobs.

        This was roughly the same number of new employees that Alphabet lured to join its workforce last quarter. According to Investor’s Business Daily, the company “added 12,765 employees, which was above Wall Street estimates.”

      • Pro PublicaDEA Had Evidence on García Luna Long Before Bribery Trial

        When federal prosecutors walk into the United States Courthouse in Brooklyn on Monday to present their opening statements against Genaro García Luna, the highest-ranking Mexican official ever tried in the United States for drug corruption, they will unveil a complex case that took years to build.

        But the fuller story of the government’s investigation of García Luna — a former security minister who was arguably the United States’ most important Mexican partner in a long and failed effort to transform his country’s criminal justice system — is hardly a triumph of determined American law enforcement.

      • Counter PunchA Second Civil War?

        The far-right love it, liberals dread it. Since the 2021 Capitol Attack a second American civil war has entered mainstream discussion. The far-right embraces it, an apocalypse that will birth a White ethno-state. Scared, liberals demand electoral and judicial reforms, or harken to the good ol’ days of Obama and Clinton, where neoliberal consensus kept politics civil.

        Socialists and Marxists dismiss the possibility of civil war. “They got you fighting a culture war to stop you fighting a class war” is a popular saying. Presumably, the culture wars are superficial, with no economic basis. What is forgotten is that class conflict is not only between classes, but within classes. In America, conflict is emerging between urban and rural capitalists, with the culture wars acting as a proxy to recruit the working-class. While it is in capitalists’ collective interest to fight the working class, it is in each capitalist’s individual interest to fight each other until monopoly is established. Usually this is done through the market. But when expansion in the market reaches its limit, war becomes another means towards capital accumulation.

      • Craig MurrayAnn Gloag and Human Traffic

        Scotland has no shortage of dreadful right wing judges, but as the very epitome of reactionary conservatism, one gobsmacking judgment from Perth Sheriff Michael Fletcher stands out.

    • Internet Policy/Net Neutrality

      • Eesti RahvusringhäälingAgency investigating Estonia's expensive high-speed internet prices

        In Estonia, 100 Mbit/s internet costs the same as 1 Gbit/s in Latvia and Lithuania, a situation the minister described as "incomprehensible". To buy a 1 Gbit/s connection in Estonia costs €70, but €19 in Lithuania and €21 in Latvia.

        Estonia ranks 6th in the European Union in terms of the cost of 100 Mbps fixed connection.

      • Ruben SchadeRubenerd: Making mistakes with NICs

        I spent twenty minutes today trying to figure out why I hadn’t been able to SSH into a VM. I verified I had the correct ports open on the firewall, that the OpenSSH service was running, and more embarrassing checks including making sure the VM was indeed running.

        I hadn’t attached an IP address.

    • Monopolies

      • Copyrights

        • Torrent FreakUnder a New EU-Focused Copyright Law, Musical Artists Currently Earn *Nothing*

          With war raging over the border in Ukraine, a pro-Moscow separatist region to its east, and inflation at 35%, former soviet republic Moldova was granted EU candidate status last summer. New copyright law crafted to protect artists under strict EU standards is now mired in allegations of corruption and Russian interference. Meanwhile, local artists are currently being paid absolutely nothing.

        • Torrent Freak10 Most Popular Torrent Sites of 2021

          Continuing a long-standing annual tradition, today we publish our list of the most popular torrent sites at the start of 2023. Measured by traffic, we see that YTS takes the top spot, closely followed by 1337x. Anime torrent site NYAA, meanwhile, has entered the top three.

    • Gemini* and Gopher

      • Personal

        • 🔤SpellBinding: EZILOSF Wordo: PURGE
        • Computers are still bicycles for the mind, even though people use them for pretty much everything else

          Probably everyone in Geminispace has heard Sturgeon’s Law and most can probably recall most of it just from seeing the phrase “Sturgeon’s Law”. While “90% of everything is crap” is the part that everyone knows, what’s lesser known is that he’s claimed, rightfully in my view, that the remaining 10% makes science fiction a genre worth the time and attention that it gets.

          I think the same is true of computers and bicycle-for-the-mind computing. Most of the time, computers aren’t used for augmenting humans and instead are used for communication tasks of varying levels of importance. However, the times when I pull out the actual mind bicycle — oftentimes Excel, but not infrequently Ulysses (many people swear by Obsidian instead) — I’m struck by how these sorts of tasks would break my brain with their difficulty if I were thrown back into the technology level of the early 80s before spreadsheets and ⌘F became common technologies.

        • mobile gaming

          The sun is out and most of the daylight hours is going gone. It makes me sad, but what can I do. I woke up at noon and did not make it to church. Oh well, I guess I needed the rest more. I do feel well rested but a little out of sorts since I am not used to getting that much rest.

        • Heat

          I live in the mountains. During the warmer months the power

          company regularly turns off our power to do "maintenance"

          upgrades on the system. They generally do this during the

          day... when it is 90*F (+/-) and generally for anywhere

          between 4 and 16 hours.

          In the years that I have lived up here they never did this

          during the winter... until this year. But now they have

          decided to only do it overnight. So from 8pm until 4am

          we will be without power. Our heating system is natural

          gas based, but requires power to function. It is 23*F out

          right now. It is 7:40p. So we will lose power in just a bit

          here. My wife is tucking my daughter in and we will bring

          her upstairs to sleep with us when we go to sleep (so that

          we know she is under blankets and warm enough).

        • Capsule of the day - 2023-01-23

          If some offensive capsules are listed here automatically, please alert me so I can manually remove them.

      • Technical

        • Programming


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024