Bonum Certa Men Certa

Links 26/01/2023: LibreOffice 7.4.5 and Ubuntu Pro Offers



  • GNU/Linux

    • Make Use OfThe 9 Best Career Options After Learning Linux

      There is a reason why many people use Linux but in different capacities. From using Linux distros as individual users to developers writing apps for Linux users, there is a different purpose associated with Linux.

      When working on Linux, you can pursue various career options and avenues. Each stream will open opportunities, allowing you to make the most out of your newly derived skills.

      You can pursue a few options after getting familiar with Linux and its related technologies. Here are a few top professions you can choose after learning Linux.

    • Desktop/Laptop

    • Audiocasts/Shows

    • Kernel Space

      • Linux Foundation's Site/BlogLinux Foundation Newsletter: January 2023 [Ed: Notice how "Linux" Foundation says absolutely nothing about Linux itself. It barely funds Linux, either. This newsletter is made with proprietary software, published in proprietary site.]
      • Paul E. McKenneyWhat Does It Mean To Be An RCU Implementation?: paulmck — LiveJournal

        A correspondent closed out 2022 by sending me an off-list email asking whether or not a pair of Rust crates (rcu_clean and left_right) were really implementations of read-copy update (RCU). At first glance, this is a pair of simple yes/no questions that one should be able to answer off the cuff.

      • LWNMcKenney: What Does It Mean To Be An RCU Implementation? [LWN.net]

        Paul McKenney looks at a couple of Rust crates in an attempt to determine whether they actually implement the read-copy-update algorithm; in the process, he gives an overview of the numerous RCU variants in the kernel.

      • LWNSix years with the 4.9 kernel [LWN.net]

        The release of the 4.9.337 stable kernel update on January 7 marked the end of an era: after just over six years of maintenance, the 4.9.x series will receive no more updates. This kernel saw a lot of change after Linus Torvalds made the "final" release and left the building; it's time for a look at the "stable" portion of this kernel's life to see what can be learned.

        The development cycle that led up to the 4.9 release saw the addition of 16,214 non-merge changesets contributed by 1,719 developers (a record at the time) working for (at least) 228 companies. In the six years between 4.9 and 4.9.337, instead, it gained 23,391 non-merge changesets from 4,037 developers working for at least 503 companies. The 4.9.337 release contains 114,000 more lines of code than 4.9 did. Rather than being the end of a kernel's development life, the final release from Torvalds is really just the beginning of a new and longer phase — at least, for long-term-support kernels.

      • LWNSupport for Intel's LASS

        Speculative-execution vulnerabilities come about when the CPU, while executing speculatively, is able to access memory that would otherwise be denied to it. Most of these vulnerabilities would go away if the CPU were always constrained by the established memory protections. An obvious way to fix these problems would be to make CPUs behave that way, but doing that without destroying performance is not an easy task. So, instead, Intel has developed a feature called "linear address-space separation" (LASS) to paper over parts of the problem; Yian Chen has posted a patch set adding support for this feature.

        Speculative execution happens when the CPU is unable to complete an instruction because it needs data that is not resident in the CPU's caches. Rather than just wait for that data to be fetched from RAM, the CPU will make a guess as to its value and continue running in the speculative mode. If the guess turns out to be correct — which happens surprisingly often — the CPU will have avoided a stall and will be ahead of the game; otherwise, the work that was done speculatively is thrown out and the computation restarts.

        This technique is crucial for getting reasonable performance out of current CPUs, but it turns out to have a security cost: speculative execution is allowed to access data that would be denied to code running normally. A CPU will be able to speculatively read data, despite permissions denying that access in the page tables, without generating a fault. That data is never made available to the running process, but accessing it can create state changes (such as loading data into the cache) that can be detected by a hostile program and used to exfiltrate data that should not be readable. In response, kernel developers have adopted a number of techniques, including address-space isolation and preemptive cache clearing, to block these attacks, but those mitigations can have a substantial performance cost.

    • Applications

      • LinuxiacOpenVPN 2.6.0 Release Prepared, Brings Remote Entries Support

        OpenVPN is a popular open-source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections. The software is notable for its flexibility and is considered one of the most secure VPN protocols currently available, widely used by individuals and organizations to protect their online privacy and data.

        The OpenVPN 2.5.x series, with an initial release in October 2020, received an update in November 2022 with the v2.5.8. Today, the first release of the new OpenVPN 2.6 series is available for download, so let’s look at what’s new.

      • Linux Links8 Excellent Console Linux File Managers (Updated 2023)

        Console based applications are light on system resources (very useful on low specified machines), can be faster and more efficient than their graphical counterparts, they do not stop working when X is restarted, and are perfect for scripting purposes. When designed well, console applications offer a surprisingly improvement in productivity. The applications are leaner, faster, easier to maintain, and remove the need to have installed a whole raft of libraries.

        The whole is greater than the sum of its parts is a very famous quote from Aristotle, a Greek philosopher and scientist. This quote is particularly pertinent to Linux. In my view, one of Linux’s biggest strengths is its synergy. The usefulness of Linux doesn’t derive only from the huge raft of open source (command line) utilities. Instead, it’s the synergy generated by using them together, sometimes in conjunction with larger applications.

      • How to speed up your next build with Firebuild? | Obsessed with reality

        Firebuild intercepts all processes started by the command to cache their outputs. Next time when the command or any of its descendant commands is executed with the same parameters, inputs and environment, the outputs are replayed (the command is shortcut) from the cache instead of running the command again.

        This is similar to how ccache and other compiler-specific caches work, but firebuild can shortcut any deterministic command, not only a specific list of compilers. Since the inputs of each command is determined at run time firebuild does not need a maintained complete dependency graph in the source like Bazel. It can work with any build system that does not implement its own caching mechanism.

        Determinism of commands is detected at run-time by preloading libfirebuild.so and interposing standard library calls and syscalls. If the command and all its descendants’ inputs are available when the command starts and all outputs can be calculated from the inputs then the command can be shortcut, otherwise it will be executed again. The interception comes with a 5-10% overhead, but rebuilds can be 5-20 times, or even faster depending on the changes between the builds.

      • Top 8 Free Apps for New Linux Users - CryptoMode

        Linux is a Unix-like kernel that powers one of the most popular operating systems in the world. GNU/Linux distributions are undoubtedly the favorite choice for beginners who want to step into the Linux ecosystem.

        As a result, knowing which applications to use for the best experience is crucial, given the numerous free Linux distributions available. This article lists the 10 most prominent Linux apps beginners can install.

    • Instructionals/Technical

      • NextGenTipsThe Top Docker Commands you must know – NextGenTips

        Docker is a set of platform-as-a-service products that uses OS-level virtualization to deliver software in packages called containers. Containers are usually isolated from one another and bundled with their own software libraries and configuration files, they can communicate with each other through well-defined channels.

      • HowTo ForgeHow to Install KeeWeb Password Manager on Ubuntu 22.04

        KeeWeb is an open-source and cross-platform password manager compatible with KeePass.

      • HowTo ForgeHow to Install Fathom Privacy-Focused Website Analytics on Debian 11

        Fathom is privacy-focused web analytics that delivers clean and concise data about your websites.

      • HowTo ForgeHow to Install Cerb Collaboration and Email Automation on Ubuntu 22.04

        Cerb is a free, open-source, fast, and flexible platform for business collaboration and automation.

      • H2S MediaEnable PipeWire for Audio and Bluetooth in Ubuntu 22.04 or 20.04

        We can use the commands given in this tutorial to configure our Ubuntu 22.04 or 20.04 to use PipeWire as an Audio server instead of the default PulseAudio.

        PipeWire in Linux is a multimedia framework for Linux to handle audio and video streams with the help of API. The framework’s API can be used across various types of devices such as webcams, microphones, and audio/video playback devices. It can also handle low-latency audio and video streams, hence the users can use it for real-time apps. For example while gaming and video conferencing. To enhance security, PipeWire offers fine-grained access controls for devices. It was developed by Wim Taymans at Red Hat.

      • DebugPointHow to Find Python Version [Tutorial]



        It's essential to know the Python version installed in your system. Because your application or development project deployment, dependencies depends on it. Not to mention, minor Python releases frequently happen with feature updates and security fixes. Hence it's important for you to know which version is currently installed in your server or local setup.

        There are many ways you can find it. You can either find it via command or run a program to find it out.

    • WINE or Emulation

      • ScummVMScummVM: Let me take you to the time warp!

        ScummVM has made huge strides in Macromedia Director support. Many Director 3 games are now fully completable, and several Director 4 games are also now playable. 18 new games are officially supported, and we could use your help testing them. We also welcome reports of any other Director games which are fully playable or completable. To test these new games, please use the latest daily build of ScummVM.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • UbuntubuzzA Complete Guide to Kubuntu Default Apps and Their Purposes

          This is a full list of all Kubuntu default applications (or list of Kubuntu components) with their explanations for first time users. Kubuntu is the official variant of Ubuntu with KDE as the technology of the desktop environment and default applications. This list is sorted alphabetically with app names taken from menu for example Ark, Dolphin and VLC Media Player. You can learn your Kubuntu computer a lot here as you see every app name, its purpose, short guide to use, and some pictures of them. This guide is based on version 22.04 also known as Jammy Jellyfish which can represents all modern Kubuntu versions. As a note, we compared many of the apps with Microsoft Windows or MacOS default apps to increase clarity. We wish you like it!

      • GNOME Desktop/GTK

  • Distributions and Operating Systems

    • OMG! LinuxNew Website Makes Nix Less Intimidating to Learn - OMG! Linux

      Fancy dipping your toes in the world of Nix, but don’t know where or how to start? Well, you’re gonna dig the Zero to Nix website.

      This new resource sets out to deliver an “unofficial, opinionated, gentle introduction to Nix” than that offered by existing Nix documentation and online guides — which it describes as “difficult for bringers to navigate”.

      Follow the guided steps on the Zero to Nix website to install Nix on your existing Linux distro using the Nix Installer rather than the official Nix installation script more commonly recommended.

      Now, I’ll level with you here: my knowledge of Nix is a little scant.

      I know the basics: Nix is package manager; it can be used alongside apt or dnf, etc (or replace them entirely); it has a TON of packages available through it (more than Arch, in fact); and it boasts a bunch of buzz-wordy features like immutability, app isolation, and roll back.

    • Reviews

      • 9to5LinuxFirst Look at blendOS: A Blend of Arch Linux, Fedora Linux, and Ubuntu

        While still in development, blendOS is here to offer you “a seamless blend of all Linux distributions,” as its creator wants to call it. blendOS is based on Arch Linux and GNOME on Wayland, but it lets you use apps from other popular distributions, such as Fedora Linux or Ubuntu.

        This is possible because you can use the native package managers from Arch Linux (pacman – included by default), Fedora Linux (dnf), and Ubuntu (apt), which are included as containers using Distrobox/Podman. However, the DNF and APT package managers aren’t included in the live ISO image, nor blendOS’s own blend package manager.

    • New Releases

      • 4MLinux Blog4MLinux Releases: TheSSS 41.1 released.

        This is a minor release based on the 4MLinux Server 41.1, meaning that the components of the LAMP server are now: Linux 6.0.18, Apache 2.4.54, MariaDB 10.6.11, and PHP (both 5.6.40 and 7.4.33).

        You can update your TheSSS by executing the "zk update" command (fully automatic process).

      • 23.01 Istredd - January 2023 ISO refresh | MaboxLinux

        2023 01 January ISO refresh is ready for download. Built from Manjaro stable branch as of 26.01.23.

        Available with latest LTS kernel – 5.15 or slightly older one 5.4 LTS.

        The release includes several improvements, notable of which are: a modern config for Picom and a quick menu for configuring Tint2 panels.

      • Released Peropesis 2.0: Make, SQLite, nano, Screen

        A new 2.0 release of Peropesis Linux OS released. In the new edition, part of the old software was updated and several new packages was installed. The tool Make, which controls the automatic installation of software from the source code, was installed. Database management system SQLite, command-line based editor nano and terminal emulator/multiplexer Screen were also installed.

      • OPNsense 23.1 released

        For more than 8 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

        23.1, nicknamed "Quintessential Quail", features Unbound DNS statistics with a blocklist rewrite in Python, improved WAN SLAAC operability, firewall alias BGP ASN type support, PHP 8.1, assorted FreeBSD networking updates, MVC/API pages for packet capture/virtual IPs/IPsec connection management, IPsec configuration file migration to swanctl.conf, new sslh plugin, ddclient custom backend support (including Azure), WireGuard kernel module plugin variant as the new default plus much more.

        Download links, an installation guide[1] and the checksums for the images can be found below as well.

    • BSD

      • FreeBSDFreeBSD Status Report Fourth Quarter 2022

        The New Year has started and here is the last status report of 2022, including 34 reports. You will also notice that for the first time a new category has been introduced: the Cloud category. As FreeBSD keeps up to date with the latest technologies in IT, projects dealing with the cloud make steady improvements, and thus it has been judged that they deserve their own category in the status reports.

        The new category is not the only change about status reports. Indeed, the status team is revisiting its own workflow to become more efficient. If you are a report submitter, please ensure to read carefully the report authored by the status team as well as the next Call for Reports emails to keep up with the most recent changes.

        Have a nice read.

      • The BSD Now PodcastBSD Now 491: Catch the Spammers

        Dragonfly BSD 6.4 is out, Running OpenZFS – Choosing Between FreeBSD and Linux, OpenBSD Mastery: Filesystems ebook leaks, catching 71% spam, crazy unix shell prompts, Linux Binary Compatibility: Ubuntu on FreeBSD, Reproducible Builds Summit Venice 2022, and more

    • SUSE/OpenSUSE

      • OpenSUSEFirefox, Apache, LibreOffice update in Tumbleweed

        This week in openSUSE Tumbleweed there was a change from a 2048 bit RSA to a 4096 bit RSA key and four snapshots were released so far.

        The larger bit key was a security recommendation and can be found in /usr/lib/rpm/gnupg/keys. The key can be viewed with rpm -qi and the key name. More info about the topic can be found on the Facotry email thread.

      • Request Page Redesign - Facilitating the Review Process - Open Build Service

        Collaboration is the heart of the OBS project. Therefore, we have been working on the request page redesign for a while, the page where most of the collaboration happens. This time, we have focused on improving the handling of requests with multiple actions, facilitating the review process by enhancing the code changes and helping out with decision-making, among others.

    • Red Hat, Fedora

      • Enterprisers ProjectIT leadership: Seven spectrums of choice for CIOs in 2023 | The Enterprisers Project

        Three years ago, the pandemic disrupted where and how people worked, forever changing the traditional workplace. Today, leaders are grappling with questions about how to move forward – when to return to the office, what work looks like today, and how to prepare for the future.

        These questions and more are addressed in the new book Office Shock. It discusses why it’s necessary to use future-back thinking to anticipate directions of change, identifies spectrums of choices to guide decision making, and explores how to plan for more sustainable ways of working.

      • Enterprisers Project3 tips to land an IT role without a tech background | The Enterprisers Project

        By 2025, nearly 70 percent of employees will be expected to use data at some level in their jobs, compared to 40 percent in 2018. That expectation, combined with the ongoing shortage of skilled tech talent, will force organizations to start considering nontraditional candidates – including those who might lack formal education or a degree but are eager to learn and grow.

        As the Chief Operating Officer of a company with a mission to empower the world through data literacy, I’ve witnessed firsthand the exceptional talent individuals from all backgrounds bring to the workplace. Rather than looking at formal education as an indicator of success, focusing on candidates’ aptitude, willingness to learn, and data literacy skills will help lay a foundation for the future of the IT workforce.

      • Red Hat3 new improvements to the RHEL download experience | Red Hat Developer

        In today's age of hyperscalers and hybrid cloud environments, developers like you need to obtain the appropriate Red Hat Enterprise Linux (RHEL) image based on the desired deployment destination. Developers want choices for their download experience. We are excited to introduce three new options that improve the traditional experience of downloading a RHEL ISO image.

      • LWNFedora's tempest in a stack frame [LWN.net]

        It is rare to see an extensive and unhappy discussion over the selection of compiler options used to build a distribution, but it does happen. A case in point is the debate over whether Fedora should be built with frame pointers or not. It comes down to a tradeoff between a performance loss on current systems and hopes for gains that exceed that loss in the future — and some disagreements over how these decisions should be made within the Fedora community.

        A stack frame contains information relevant to a function call in a running program; this includes the return address, local variables, and saved registers. A frame pointer is a CPU register pointing to the base of the current stack frame; it can be useful for properly clearing the stack frame when returning from a function. Compilers, though, are well aware of the space they allocate on the stack and do not actually need a frame pointer to manage stack frames properly. It is, thus, common to build programs without the use of frame pointers.

        Other code, though, lacks insights into the compiler's internal state and may struggle to interpret a stack's contents properly. As a result, code built without frame pointers can be harder to profile or to obtain useful crash dumps from. Both debugging and performance-optimization work are made much easier if frame pointers are present.

      • LWNChanging Fedora's shutdown timeouts [LWN.net]

        On today's Fedora systems, a reboot cycle—for a kernel update, say—is normally a fairly quick affair, but that is not always true. The system will wait for services to shut down cleanly and will wait for up to two minutes before killing a service and moving on. A recent proposal to change the default timeout to 15 seconds, while still allowing some services to require more time, ran into more opposition than was perhaps anticipated. Not everyone was comfortable shortening the timeout period, though the decision has now been made to reduce it, but not as far as was proposed.

    • Debian Family

      • Vision, Mission and Strategy - Matt Brown

        This is part one of a two-part post, covering high-level thoughts around my motivations and vision. Part two (to be published tomorrow) contains my specific goals for 2023.

        A new year is upon us! My plan was to be 6 months into the journey of starting a business by this point.

        I made some very tentative progress towards that goal in 2022, registering a company and starting some consulting work, but on the whole I’ve found it much harder than expected to gather the necessary energy to begin that journey in earnest.

    • Canonical/Ubuntu Family

      • 9to5LinuxCanonical Announces General Availability of Ubuntu Pro, Free for Up to 5 PCs

        First released in a beta version in October 2022 with free subscriptions for personal and small-scale commercial use on up to 5 machines, Ubuntu Pro is only available for Ubuntu LTS (Long-Term Support) releases, starting with Ubuntu 16.04, and promises up to 10 years of security updates, as well as access to exclusive tools.

        The Ubuntu Pro subscription promises patches for critical CVEs in less than 24 hours and expands the optional technical support to an additional 23,000 open-source packages and toolchains beyond the main operating system, not just for Ubuntu’s main software repository.

      • InfoWorldUbuntu Pro security subscriptions for Linux now available | InfoWorld

        Canonical’s Ubuntu Pro, a Linux security maintenance subscription service covering thousands of applications and toolchains in the open-source ecosystem, is generally available as of January 26.

        Released in beta in October, Ubuntu Pro helps users of Linux desktops and servers get CVE (common vulnerabilities and exposures) patches, harden their systems at scale, and stay compliant with standards such as FedRAMP, HIPPA, PCI-DSS. Ubuntu Pro covers an additional 23,000 packages beyond the main OS, providing protection against critical, high, and selected medium CVEs for applications and toolchains ranging from Ansible and Apache Tomcat to Node.js, Puppet, PowerDNS, Redis, Rust, and WordPress.

      • UbuntuHow Ubuntu Pro delivers enhanced security and manageability for Linux Desktop users | Ubuntu

        At the end of last year Canonical announced that Ubuntu Pro, our expanded security maintenance and compliance subscription, is now available for data centers and desktops as a public beta. This week, Ubuntu Pro entered general availability, giving Ubuntu users access to extra hardening and security patching.

        If you’re a developer using Ansible, Apache Tomcat, Apache Zookeeper, Docker, Nagios, Node.js, phpMyAdmin, Puppet or Python 2, you’ll want to read on. The subscription expands security coverage for critical, high and medium Common Vulnerabilities and Exposures (CVEs) to these and thousands of other applications and toolchains in Ubuntu’s repositories

        Ubuntu Pro Desktop replaces Ubuntu Advantage Desktop to provide a comprehensive single subscription for enterprise users. It is available free for up to five machines, extending to 50 for official Ubuntu community members.

      • UbuntuUbuntu Pro enters general availability | Ubuntu

        Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available. Ubuntu Pro, released in beta in October last year, helps teams get timely CVE patches, harden their systems at scale and remain compliant with regimes such as FedRAMP, HIPAA and PCI-DSS.

        The subscription expands Canonical’s ten-year security coverage and optional technical support to an additional 23,000 packages beyond the main operating system. It is ideal for organisations looking to improve their security posture, not just for the Main repository of Ubuntu, but for thousands of open-source packages and toolchains.

      • Help Net SecurityUbuntu Pro: Comprehensive subscription for open-source software security - Help Net Security

        Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available. Ubuntu Pro helps teams get timely CVE patches, harden their systems at scale and remain compliant with regimes such as FedRAMP, HIPAA and PCI-DSS.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Events

      • Minidebconf Tamilnadu 2023, Tinnitus, Cooking, Books and Series. - Experiences in the community

        First up is Minidebconf Tamilnadu 2023 that would be held on 28-29 January 2023. You can find rest of the details here. I do hope we get to see/hear some good stuff from the Minidebconf. Best of luck to all those who are applying.

      • Visit us in Brno for Linux App Summit 2023! - Felipe Borges

        We are excited to bring Linux App Summit 2023 to Brno, Czech Republic, from April 21st to 23rd!

        This is a conference for the Desktop Linux community, GNOME, and KDE folk to discuss the future of our app ecosystem.

        Brno is where me and a few other GNOMies live, and it is a tech hub in central Europe with lots of tech companies, open source communities, and universities. Brno hosted GUACEC in 2013, Akademy in 2014, and the LibreOffice Conference in 2016

      • FSFEFSFE local groups celebrate ‘I Love Free Software Day’ - FSFE

        On the 14th of February the FSFE community meets up in diverse cities around Europe to celebrate ‘I Love Free Software Day’. Join our events in Germany, Netherlands, Italy, Greece, Switzerland and Spain.

    • Web Browsers/Web Servers

    • Productivity Software/LibreOffice/Calligra

      • The Document Foundation releases LibreOffice 7.4.5 Community

        The Document Foundation announces the release of LibreOffice 7.4.5 Community, a maintenance release which solves a crash affecting a large number of users. The new release is immediately available from https://www.libreoffice.org/download/ for Windows (Intel and ARM processors), macOS (Apple and Intel processors), and Linux.

        All LibreOffice users are invited to update their installation to LibreOffice 7.4.5, as the older versions have reached the end of life and are not maintained.

      • 9to5LinuxLibreOffice 7.4.5 Released to Fix Crash Affecting a Large Number of Users

        The Document Foundation released today LibreOffice 7.4.5 as a hotfix update to the latest stable LibreOffice 7.4 open-source office suite series to address a critical issue affecting many users on all supported platforms.

        LibreOffice 7.4.5 is here only two weeks after LibreOffice 7.4.4 to fix a crash that occurred when clicking on the header or footer button after scrolling in the LibreOffice Writer component. The issue was discovered in the LibreOffice 7.4.4 release and affected a very large number of users.

    • Programming/Development

      • Dirk EddelbuettelDirk Eddelbuettel: RcppTOML 0.2.1 on CRAN: Small Build Fix for Some Arches

        TOML is a file format that is most suitable for configurations, as it is meant to be edited by humans but read by computers. It emphasizes strong readability for humans while at the same time supporting strong typing as well as immediate and clear error reports. On small typos you get parse errors, rather than silently corrupted garbage. Much preferable to any and all of XML, JSON or YAML – though sadly these may be too ubiquitous now. TOML is frequently being used with the projects such as the Hugo static blog compiler, or the Cargo system of Crates (aka “packages”) for the Rust language.

      • The Register UKLatest Flutter release improves performance and web builds ● The Register

        Flutter developers gathered on Wednesday in Nairobi, Kenya, and at stream-fed screens elsewhere in the world to learn about the alpha release of Dart 3 and Flutter 3.7, the next iteration of Google's open source Dart-based UI toolkit.

        The occasion is Flutter Forward, a developer event, and Tim Sneath, who heads product management for Dart and Flutter, spoke with The Register earlier this week about the changes coming to the Dart/Flutter ecosystem that bring meaningful performance improvements and expanded capabilities.

      • Python

        • LWNA survey of the Python packaging landscape [LWN.net]

          Over the past several months, there have been wide-ranging discussions in the Python community about difficulties users have with installing packages for the language. There is a bewildering array of options for package-installation tools and Python distributions focused on particular use cases (e.g. scientific computing); many of those options do not interoperate well—or at all—so they step on each others' toes. The discussions have focused on where solutions might be found to make it easier on users, but lots of history and entrenched use cases need to be overcome in order to get there—or even to make progress in that direction.

          In order to follow along on these lengthy discussions, though, an overview of Python's packaging situation and the challenges it presents may be helpful. Linux users typically start by installing whichever Python version is supplied by their distribution, then installing various other Python packages and applications that come from their distribution's repositories. That works fine so long as the versions of all of those pieces are sufficient for the needs of the user. Eventually, though, users may encounter some package they want to use that is not provided by their distribution, so they need to install it from somewhere else.

        • VideoHow to get the last element of a list in Python? #coding #programming #python - Invidious
        • VideoStrip white space in Python like this? #programming #coding #python - Invidious
      • Rust

        • Rust BlogAnnouncing Rust 1.67.0 | Rust Blog

          The Rust team is happy to announce a new version of Rust, 1.67.0. Rust is a programming language empowering everyone to build reliable and efficient software.

  • Leftovers

    • Science

      • IBM Old TimerIs AI (Finally) Coming of Age?

        Artificial intelligence first came to light in the mid-1950s as a promising new academic discipline. AI became one of the most exciting areas in computer sciences over the next two decades. But, after years of unfulfilled promises and hype, a couple of so called AI winters of reduced interest and funding set in that nearly killed the field. AI was successfully reborn in the 1990s with a new statistical paradigm based on analyzing large amounts of data with powerful computers and sophisticated algorithms. Now, six decades after the field was founded, AI seems to be finally coming of age.

        “2021 saw the globalization and industrialization of AI intensify, while the ethical and regulatory issues of these technologies multiplied,” said the 2022 AI Index report on the progress of AI, which was released in March of 2022 by Stanford’s Institute for Human-Centered Artificial Intelligence (HAI). “2021 was the year that AI went from an emerging technology to a mature technology - we’re no longer dealing with a speculative part of scientific research, but instead something that has real-world impact, both positive and negative,” wrote Jack Clark, co-chair of the AI Index. Multiple factors led to his conclusion, in particular the advent of foundation models like OpenAI’s GPT-3 and Google’s BERT.

    • Hardware

      • CNX SoftwareIntel Processor N95 Alder Lake-N CPU shows up in entry-level mini PC with 2.5GbE, dual HDMI [Ed: You pay twice as much for Windows version]

        We’ve started to see Intel Alder Lake-N processors in mini PCs such MSI Cubi ADL N and Morefine M9 based on announced SKUs, but the Intel Processor N95 processor, which Intel has yet to unveil, is now found in a mini PC sold for various Aliexpress sellers starting at $187 for a barebone system and going up to $384 for a model with 32GB RAM and a 1TB SSD preloaded with an activation version of Windows 10 or Windows 11.

      • CNX SoftwareLILYGO T-QT Pro 0.85-inch WiFi IoT display adds support for battery charging - CNX Software

        LILYGO T-QT Pro is an ESP32-S3 WiFi and BLE IoT board with a 0.85-inch color display, 4MB flash, 2MB PSRAM, a USB-C port, a few GPIOs, and support for LiPo battery with charging.

        It is an upgrade to the ESP32-S3-based LILYGO T-QT V1.1 board that also supports LiPo battery power but lacks a charging circuit, so you had to remove the battery and charge it manually each time. The T-QT Pro adds a charging circuit and switches from an ESP32-S3 with an 8MB flash design to one using ESP32-S3FN4R2 with 4MB flash and 2MB PSRAM.

      • CubicleNateModern SRAM Memory Replacement for the Commodore 64 - CubicleNate’s Techpad

        The first computer “love” is the Commodore 64 and I get real excited about new developments and uses of modern tech to allow the 40 year old computer to persist. it’s really quite amazing what is now an obscure, old, 8-bit machine has what is arguably a more flourishing existence than it ever has.

      • CNX SoftwareESP32 OpenMQTTGateway smart plug acts as an BLE MQTT gateway and a power meter - CNX Software

        The Theengs Plug ESP32 smart plug runs OpenMQTTGateway firmware to serve as a BLE MQTT gateway and power meter compatible with Home Assistant, Homebridge, OpenHAB, DomoticZ, FHEM, Jeedom, NodeRed, AWS, and any MQTT-compatible IoT or Smart Home system.

        While the Matter standard should improve interoperability between Smart Home frameworks over time, there are still millions of devices already produced that are not Matter compatible, and the Theengs Plug aims to at least partially address this issue by helping users reduce the number of hubs required and have only one that supports different ecosystems.

    • Security

      • Help Net SecurityHow businesses can bolster their cybersecurity defenses with open source [Ed: Canonical is relaying Microsoft FUD and FOSS-hostile propaganda]
      • BeyondTrust adds privilege management capabilities to Linux [Ed: BeyondTrust is proprietary and Microsoft booster]
      • LWNSecurity updates for Thursday [LWN.net]

        Security updates have been issued by Debian (git), Fedora (libXpm and redis), Oracle (bind, firefox, grub2, java-1.8.0-openjdk, java-11-openjdk, kernel, libtasn1, libXpm, and sssd), Red Hat (thunderbird), SUSE (freeradius-server, kernel, libzypp-plugin-appdata, python-certifi, and xen), and Ubuntu (bind9, krb5, linux-raspi, linux-raspi-5.4, and privoxy).

      • CISACISA Releases Eight Industrial Control Systems Advisories | CISA

        CISA released eight Industrial Control Systems (ICS) advisories on January 26, 2023.These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

      • USCERTCISA Has Added One Known Exploited Vulnerability to Catalog [Ed: This is 100% about Microsoft .NET]

        CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

      • WiredThe Unrelenting Menace of the LockBit Ransomware Gang | WIRED UK [Ed: Windows TCO]

        High-profile ransomware attacks have become a fact of life in recent years, and it’s not unusual to hear about major monthly attacks perpetrated by Russia-based gangs and their affiliates. But since late 2019, one group has been steadily making a name for itself on a multi-year rampage that has impacted hundreds of organizations around the world. The LockBit ransomware gang may not be the most wildly unhinged of these criminal groups, but its callous persistence, effectiveness, and professionalism make it sinister in its own way.

      • Privacy/Surveillance

        • QtEV Charging is Boring ... [Ed: Qt markets ad-pushing from within native application; this is a worrying trend]

          The demand for charging options is growing along with the adoption of electric cars (EVs). The market for EV chargers is expanding, and more people are wanting to transition to electric. This presents a big opportunity for EV charger manufacturers. We'll examine more closely at the impending rise of electric charging in this blog post, as well as what it means for EV charger producers.

          [...]

          So, you’ve arrived at the charger, plugged it in, it’s charging - now what?

    • Defence/Aggression

      • Bruce SchneierOn Alec Baldwin’s Shooting - Schneier on Security

        Why was an actual gun used on the set? And why were actual bullets used on the set? Why wasn’t it a fake gun: plastic, or metal without a working barrel? Why does it have to fire blanks? Why can’t everyone just pretend, and let someone add the bang and the muzzle flash in post-production?

    • AstroTurf/Lobbying/Politics

      • Joe BrockmeierHow have your social media habits changed since the Twitter takeover? : Dissociated Press

        It’s been a few months now since the Twitter Takeover, and Musk’s gutting of the Twitter workforce and various antics. I haven’t deleted my account, but I set it to private and set up shop on Mastodon in mid-November. Curious about what others have done and how your habits have changed (if at all). In the before-times, I’d check Twitter frequently and post and reply quite a few times per day. While a lot of folks I know set up Mastodon / ActivityPub identities, there doesn’t seem to be quite so much activity these days.

        Some folks I follow still seem to be active on Twitter, but it seems like a lot of the “microblogging” activity has just stopped altogether. This might just be the circles I travel in, but I’m wondering if the impact will be a lot like Google Reader and RSS.

    • Censorship/Free Speech

      • NBCMusk's Twitter faces questions over Modi documentary censorship

        Elon Musk is facing allegations of being complicit with state censorship after Twitter appeared to take sides with India’s government in a turbulent free speech fight over a documentary critical of the country’s prime minister.

        The fight revolves around a new documentary from the BBC that focuses on Indian Prime Minister Narendra Modi, delving into accusations that the politician allowed religious-based violence against Muslims. India is majority Hindu with a Muslim minority.

        Modi’s government said it has ordered social media platforms including Twitter to censor posts about the documentary, which it calls “hostile propaganda and anti-India garbage,” and Twitter appears to have complied by blocking certain tweets from being seen within India, according to screenshots of notices posted this week by Twitter users.

      • The Washington PostIndia's BJP government tries to suppress BBC documentary on Modi - The Washington Post
      • Media NamaIndia’s new online "fact-checking" policy: Here's why you should worry

        The latest of India’s platform governance reforms includes a proposal to outlaw hosting information online that’s been ‘fact-checked’ to be ‘fake’ by Indian government agencies. Experts we spoke to raised concerns that this attempt to combat fake information online rides roughshod over free speech rights, and basic principles of transparent and accountable governance.

        “To empower any one authority in a democracy to decide what is ‘fake’ is hugely problematic,” warned Namrata Maheshwari, Asia Pacific Policy Counsel at Access Now speaking to MediaNama.

    • Civil Rights/Policing

      • Internet Freedom FoundationDefending the digital republic: Join IFF’s Board of Trustees at this pivotal moment for digital rights in India

        The Internet Freedom Foundation (IFF) is an impact-focused Indian digital rights organization. Its mission as a fearless advocate for every Indian has become critical given the vast scope of digitisation that provides opportunities but also concentrates power. IFF occupies a unique position to advance constitutional rights within a shared, collective vision for a free and open internet that is funded by thousands of Indians. We are, for the first time, seeking to expand our board and invite passionate and committed individuals who are excited about the chance this offers to shape the future of the Indian internet in an increasingly digital world.

        In its Resolution dated 10 June 2022, IFF’s Board of Trustees resolved to induct two trustees, having a maximum term limit of six years. These commitments were made in view of IFF’s role as a public-centered organization and a historical underrepresentation of communities and identities. We encourage applications from diverse backgrounds of caste, economic ability, religion, gender and sexual orientation. Trustees enjoy the same rights and responsibilities on voting and determining the organizational path of IFF as Founder Trustees. Trustees are not provided any remuneration for their service in conjunction with tax regulations and IFF’s status as a charitable trust.

        The role of the board is to support IFF’s mission. It oversees the governance of IFF, particularly its financial management. The Board also provides direction on devising strategic plans, determines organizational policies, and participates in resource mobilization. Additionally, the Board advises the Executive Director on goal-setting and reviews progress at regular intervals.

    • Internet Policy/Net Neutrality

      • Public KnowledgeNew Public Knowledge Paper Proposes Public Interest Framework To Create a Better Wireless Future - Public Knowledge

        New paper proposes adopting a model rooted in core public interest principles to help guide us toward a wireless future that serves all Americans.

      • Public KnowledgeBack to the Spectrum Future: How a Public Interest Framework Can Create a Wireless Future that Benefits Us All - Public Knowledge

        If you’re at all interested in spectrum policy, “Back to the Spectrum Future: The 20th Anniversary of the Spectrum Policy Task Force” is for you. Twenty years ago, Federal Communications Commission Chairman Michael Powell created the Spectrum Policy Task Force (SPTF) to develop a spectrum policy playbook to provide consumers and innovators with access to interference-free spectrum when they need it. In this white paper, I reframe the SPTF’s recommendations for the future and identify key issues that hindered the SPFT’s success—all while using the “Back to the Future” films as an allegory for the future of spectrum policy. To paraphrase Doc Brown, the way I see it, if you’re gonna write a white paper on spectrum policy, why not do it with some style?

        Spectrum policy plays a critical role in shaping the future of our society. Just like Doc Brown’s invention of the flux capacitor transformed what was possible in time, wireless innovations today can transform our society and the future ahead. But, the future of the wireless world is not yet written. The spectrum policies we enact today will directly impact what our future looks like. This is both an opportunity and a warning. Do we want to live in a society where everyone has access to reliable and affordable telecommunications services? Or do we want to live in a digitally divided society where only a privileged few benefit from new technologies?

      • Public KnowledgePublic Knowledge Commends FCC Action To Collect Consumer Stories on Digital Discrimination - Public Knowledge

        Yesterday, the Federal Communications Commission’s Task Force to Prevent Digital Discrimination announced that it is now offering consumers the ability to share their stories on acquiring broadband internet access as part of an effort to learn more about how consumers are experiencing digital discrimination first-hand. The announcement follows the agency’s approval of a Notice of Proposed Rulemaking to promote equal access to broadband in every community.

    • Monopolies

      • PoliticoMicrosoft set to face EU antitrust probe over video calls - POLITICO

        European Union antitrust enforcers are planning to open an antitrust probe into Microsoft over its video and messaging service Teams, four people familiar with the matter told POLITICO.

        An investigation based on a 2020 complaint from Slack would see Microsoft face formal EU scrutiny again, more than a decade after it ended a long-running antitrust dispute over how it misused its position as a powerful software supplier to push new products and services. Officials are focusing on allegations that Microsoft unfairly ties Microsoft Teams and other software with its widely-used Office suite.

        The European Commission plans to escalate the probe quickly and is preparing a statement of objections laying out competition problems with the company's behavior, two people said. In recent weeks it sent requests to rivals and customers over what evidence it plans to use, they said. Such 'access to file' requests are often a prelude to sending objections after a formal investigation has been launched.

      • CCIAProposed Legislation Could Create Higher Barriers to Entry for Startups - Disruptive Competition Project

        It’s no secret that companies of all sizes benefit from free and low-cost digital services like Slack, AWS and GitHub- but what role do affordable communication tools, cloud services and code repositories play in the U.S. startup ecosystem? A new study by the CCIA Research Center and Engine investigates the degree to which startups use free and low-cost digital tools and services and finds that not only do all surveyed and sampled startups use at least three of the tools examined, but most young companies heavily rely on and even attribute their success to the accessibility and affordability of digital tools like Google Suite, Zoom and Azure.

        Widespread reliance on enterprise services to build businesses is nothing new, but its exponential growth and evolution has empowered U.S. startups to bring innovation to industries at an astounding rate. Investments in innovation by leading U.S. digital service providers have produced advancements in the infrastructure to build companies. Those same providers offer free and low-cost infrastructure services to startups, reducing the cost of starting a company to below $5,000, down from $5 million in 2000. Reduced barriers to entry enable countless entrepreneurs across the U.S. from a diverse set of backgrounds to focus their limited resources on bringing innovative ideas to fruition

  • Gemini* and Gopher

    • Personal

      • 🔤SpellBinding: UDEHMTB Wordo: MEMES
      • Rewarding Cycle

        Back in 1995, when my parents established a restaurant, we set up a slot machine. It lasted a year or so, and we ended up removing it because even though there was some profit, it was somehow sickening and attracting the kind of patrons we didn't want for our place. I remember vividly how these machines worked on people to make them addicted. It was all about the fast rewarding cycle that encourages us to keep playing repeatedly.

        The lottery is different because the reward cycle is longer. You buy a ticket and wait from one to just a few days. While you wait, your brain engages with the possible outcome; even if you know the possibility is minimal, there's some pleasure in the thought until you check the results.

      • The Alcoholic Art of War

        Greenland is an autonomous part of Denmark. Canada is an autonomous part of... Canada, I guess.

        These two countries (Denmark and Canada) have just settled a dispute of the ownership of a piece of land in the strait between Greenland and Canada. This dispute has been ongoing for 49 years, and the island in question has been stuck in a frozen state of war (yes, pun intended). Both countries have made advances and claimed the land, only to lose it to the other country soon after.

        The casualties have been numerous. Observers have described the field of battle as "a sea of slightly tattered flags and notices" as both countries have practised the age old tradition of planting their flag and leaving a taunting note for their enemies every time they've claimed the land. Again and again and again.

      • Tale of a divorced swinger

        Once upon a time, there was a divorced woman named Sarah. She had been married for many years, but after her divorce, she found herself feeling lost and alone. One day, a friend suggested she try out a swingers club as a way to meet new people, and possibly find some excitement in her life.

        Sarah was hesitant at first, but she decided to give it a try. She went to the club and was immediately struck by the energy and excitement in the room. She saw couples and singles of all ages, all there for the same reason: to explore their sexuality and have a good time.

      • Family, toki pona, Playdate, Bitsy, and the Clarinet

        This was supposed to be as small "on my mind" bullet list, but it quickly grew to a larger post. Enjoy!

    • Technical

      • Tailscale on the DevTerm R-01

        Recently I assembled a ClockworkPi DevTerm R-01[1], a cyberdeck-like terminal with a RISC-V[2] compute module. While the retro-future design of the DevTerm really appealed to me, and I've also been wanting to work with RISC-V for a while to learn a new architecture making the R-01 a perfect esoteric project platform.

      • Team Wiki With Obsidian

        A couple other developers on my team at work and I were talking about potentially overhauling our developer wiki. The current one has gotten pretty out of date over time. It's also a little cumbersome and nobody really enjoys using it.

      • Science

        • Brief Review Earth Knoll

          "A Brief History of Earth" by Andrew Knoll is a good summary; notable points include that Portuguese Man o' War are in one sense a colony, that Earth sent a hey! oxygen! signal out to the universe recently, and has a particular reflective signature due to visible radiation getting absorbed by the green stuff. And that land critters are a fairly new thing, 10% of Earth's history. Also interesting is the repeated emphasis on the interactions between the physical and biological processes.

      • Emacs

        • Getting around in Elpher

          Elpher is one of my favorite Emacs packages, up there with long-time favorites like Org, Magit, and Helm (yes I still use Helm, sorry). It does almost everything I could want in a smolnet client. I want to use this post to dig into the 'almost' and how I've attempted to reduce workflow friction in my Elpher browsing experience.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024