System76 is already taking orders for two of the three new laptops it announced on Thursday, with the third expected to be ready for prime time within a few months. These are in addition to two other new laptops the company has already released since February.
Oracle announces developer preview releases of Oracle Linux 9 Update 2 and Oracle Linux 8 Update 8 for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms.
Past a certain point, web applications outgrow a single server deployment. Companies either want to increase their availability, scalability, or both! To do this, they deploy their application across multiple servers with a load balancer in front to distribute incoming requests. Big companies may need thousands of servers running their web application to handle the load.
In this post we're going to focus on the ways that a single load balancer might distribute HTTP requests to a set of servers. We'll start from the bottom and work our way up to modern load balancing algorithms.
Service mesh products from Isovalent and Solo.io branched out this week beyond Kubernetes, but an underlying battle over the role of eBPF and the future of service mesh architectures raged on at KubeCon + CloudNativeCon Europe.
Isovalent, the commercial backers of the Cilium networking project based on the extended Berkeley Packet Filter (eBPF) Linux kernel utility, rolled out Cilium Mesh this week, a companion to the Cilium Service Mesh that links with resources outside Kubernetes. Not to be outdone, Istio service mesh platform vendor Solo.io launched Gloo Fabric, which supports multi-cloud network management for VM-based and serverless workloads in addition to containers and Kubernetes.
Logz announced this at KubeCon Europe. They're doing this by integrating its service with Aqua Trivy, the popular open-source vulnerability, and misconfiguration scanning solution. This enhancement will enable 360 platform users to promptly identify and resolve security issues in their Kubernetes environments. Trivy specifically scans for issues in open-source packages and dependencies, infrastructure as code, misconfigurations, and Common Vulnerabilities and Exposures (CVEs).
We debate if users learned their lesson from the Docker Hub drama, and the silent self-hosting winner going from strength to strength. Proxmox gets some big updates.
Oracle is pleased to announce the availability of the Unbreakable Enterprise Kernel (UEK) Release 7 Update 1(UEK R7U1) for Oracle Linux. UEK R7U1 introduces innovations in areas of container memory management, improvements to UEFI secure boot procedures, advancements in NFS, and new Artificial Intelligence (AI) and Machine Learning (ML) capabilities with Intel€® Advanced Matrix Extension (Intel€®AMX). In addition, this release includes driver updates from key collaborators including Broadcom€® Emulex€®, Intel€®, Marvellââ¢, NVIDIA€®, and Microsoft, and several important security improvements and bug fixes from the upstream community. Oracle Linux with UEK delivers reliability and performance for the most demanding workloads, including Oracle Cloud Infrastructure (OCI), Oracle Database, and Oracle Exadata, bringing the same features used by Oracle to Oracle Linux customers.
Available today, maintenance release 7.0.8 includes improvements and bug fixes for Oracle VM VirtualBox 7.0.
Oracle VM VirtualBox 7.0.6 delivers the April 2023 Critical Patch Update (CPU) to address security vulnerabilities.
An audit of KeePassXC has been on the wish list since we started this project over six years ago. Today we are happy to announce the release of an audit conducted by Zaur Molotnikov, an independent security consultant, that was completed on January 19, 2023 against KeePassXC 2.7.4. This audit was conducted free of charge to the KeePassXC Team and the findings and writeup were reviewed for correctness.
[...]
KeePassXC provides sufficient cryptographic protection (confidentiality, integrity and authenticity) to the confidential information the user is storing in the database, given that the user selects a strong authentication method, e.g. a strong passphrase and a confidential random key file, and that the user will use KeePassXC with its latest secure file format.
KeePassXC is written well and exercises defensive coding sufficiently. The memory deallocation could be improved to not to contain secrets after the database is locked though.
Those Linux users who mainly work with Linux command Line via console/terminal feels the real power of Linux. However, it may sometimes be painful to navigate inside the Linux Hierarchical file system, especially for
I posted about the brand new EasyApps yesterday:
https://bkhome.org/news/202304/easyapps-totally-rewritten.html
...that is launched via clicking on the "apps" desktop icon.
Prior to now, the "setup" desktop icon has launched Roger's PupControl. This is a remarkable app; however, I want something very simple and focused, so have written EasySetup.
This is a snapshot showing the "Hardware" category:
A very simple uncluttered UI, everything is easy to find.
It began with what seemed like a final mundane touch to my home server setup for hosting Time Machine backups: I wanted it to automatically sleep when idle and wake up again when needed. You know, sleep on idle — hasn't Windows had that built in since like Windows 98? How hard could it be to configure on a modern Ubuntu install?
To be fair, I wanted more than just sleep on idle, I also wanted wake on request — and that second bit turns out to be the hard part. There were a bunch of dead ends, but I stuck out it to find something that "just works" without the need to manually turn on the server for every backup. Join me on the full adventure further down, or cut to the chase with the setup instructions below.
The netstat command provides a tremendous amount on information on network activity. With the -s option (netstat -s), it will display summaries for various protocols such as packets received, active connections, failed connections and a lot more. While the data is extensive enough to make you dizzy, the more you get used to what the command's output looks like, the more you'll become familiar with what to expect and maybe even get better at spotting what's unusual. In this post, we're going to look at various portions of the netstat -s command's output using crafted aliases to make it easier.
[...]
To list the various types of statistics the netstat -s command provides, I ran a command like that shown below to list the protocols it displays. The grep -v "^ " portion of the command selects only lines that don't start with a blank. Since the details are all indented, this command shows just the protocols.
Looking for a Linux app to merge multiple PDFs into a single file? Luckily, Linux has several PDF-editing utilities, both command-line and GUI-based.
SSH is a globally-used protocol used to access remote servers. Here's how you can strengthen your SSH connections on Linux for maximum security.
In this Linux tip, we’re going to look at the ncdu command. It's a command that you can use to see how much disk space your directories and files are using. It will list them in size (largest first) order.
Update on what happened across the GNOME project in the week from April 14 to April 21.
KaOS, a Linux distribution known for emphasizing the KDE Plasma desktop environment, has reached a momentous milestone – celebrating ten years of existence.
The Linux world is dynamic, and few distributions can mark ten successful years of stable presence in the Linux field. KaOS is one of them, and while it doesn’t get the spotlight as often as the big names in the niche like Ubuntu, Fedora, Mint, etc., it has consistently and predictably followed a course and enjoys a loyal group of supporters.
- Tune in live for the return of the Fedora Podcast at 2100 UTC Tuesday.
Fedora Magazine's WordPress instance is reporting a critical error. The administrators have been notified to investigate.
Element Matrix services are performing maintenance on chat.fedoraproject.org. During the maintenance window the service will be affected as follows:
- Media uploads and downloads will stop working at the beginning of the maintenance period.
- Within the maintenance period, the service will be unavailable for an estimated maximum of 15 …
Hello Future Self,
Past Self here leaving you a note since I forgot to do so last time.
The Problem
When running Linux on a Lenovo, there are times where a firmware update will cause problems with the USB-C Mini Dock afterwards. In the previous 2 cases, the USB-C's RTL network will no longer show up as a seen device. External monitors plugged into the dock may also not function correctly, but it only happened once so I am not sure about that.
Diagnosis of the problem is that the system will complain of no internet connection, and commands will show something like the following (output altered): [...]
We provide you both infographics and text versions of the weekly report. If you just want to quickly look at what we did, just look at the infographic. If you are interested in more in-depth details look at the infographic.
Red Hat is excited to announce significant changes to ELN kernel RPM NVR in the kernel-ark project.€ This change will be to limited to the kernel-ark ELN RPMs and does not impact Fedora.€ If you don’t use Fedora ELN builds you can likely stop reading as this change won’t affect you.€
What is the kernel-ark project?
The kernel-ark project is an upstream kernel-based repository from which the Fedora kernel RPMs are built (contributions welcomed!).€ This project is also used by the Centos Stream and Red Hat Enterprise Linux (RHEL) maintainers to implement, test, and verify code that is destined to be used in Centos Stream and RHEL. In other words, the kernel-ark repository contains code that is enabled to build several different kernels which may contain unique code for different use cases.€ The kernel RPMs used for CentOS Stream and RHEL are commonly referred to as the ‘ELN’ (Enterprise Linux Next) RPMs.
Back in 2021, Ubuntu Desktop engineering manager Ken VanDine talked about Canonical’s investment in Flutter support for Linux. To demonstrate the versatility of the Flutter toolkit, we committed to€ redesigning the Ubuntu installer experience as part of a larger overhaul of the underlying technology behind the Ubuntu installer.€
Up until now, the Ubuntu Server and Desktop installers had two separate underlying code-bases. By unifying these experiences we reduce the maintenance overhead and enable additional Desktop functionality that Ubuntu Server already benefits from.
As part of this transition, we improved the user experience to reflect the new functionality of the installer and the values of Ubuntu Desktop. By using Flutter we benefit from the ability to rapidly iterate and polish the user experience, meaning we can continue to evolve the experience more easily over time.
Welcome to Part 4 of our “optimise your ROS snap” blog series. Make sure to check Part 3 before. This fourth part is going to explain what dynamic library caching is. We will present how to use it to optimise ROS snaps, along with the different points to be careful about. Finally, we will apply it to our gazebo snap and measure the performance impact.
Snaps are immutable. This means that every time we launch it, the snap is going to execute the exact same instructions and strategies. A Linux system is meant to evolve over time, thus, it uses mechanisms to support these evolutions and modularities. While such mechanisms bring reliability to a system, they can also slow down our processes during launch.
Dynamic library caching with ld-cache
Here we are addressing a more advanced optimisation topic. The topic of dynamic library caching for snap has been discussed and explored in the forum. We are going to summarise what it is, apply it to our ROS snap and measure the results.
It's all about Ubuntu 23.04 releases.
And also about Fedora 38.
And also about AI in the terminal.
For programmers who want to increase productivity and delivery a high-quality product in the shortest amount of time, here are the top 10 Chrome extensions web developers need to install:
Lighthouse. JSONView. Awesome Screen Recorder. EditThisCookie. Test IE. Lorem Ipsum Generator. Octotree. WindowResizer. Accessibility Insights for Web. Vimium.
Mozilla is working on a new usability feature in its open source Firefox web browser that can automate interactions with so-called Cookie banners on websites.
Most websites on the Internet display cookie banners to users. Certain regulations, like the GDPR, the General Data Protection Regulation, by the European Union, require that sites get consent for placing cookies and data on user devices.
There are numerous different cookie dialogs that users get when they visit websites. From straightforward allow or decline prompts to prompts that provide a great deal of customization or dark patterns.
Hey hey! Today's missive continues exploring the space of JavaScript and mobile application development.
By this point, I assume everyone is a capable programmer—their experience, skill, and focus will vary, but everyone is capable.[9] Therefore, I’m not interested in assessing how well someone rehearsed or memorized questions focused on algorithms or data structures, so common in technical interviews, and largely irrelevant to our day-to-day work.[10] I’m also not going to time them, supervise them so they don’t cheat, or force them to use an online tool like this is an academic exam. Engineers who have been working professionally, especially ones with strong professional networks, will simply not submit themselves to this type of interview process.
I want to treat people professionally. I want the candidate to be comfortable, to use the tools they are accustomed to, and to have the assignment be a reflection of the quality of their professional work. Consequently, the assignment is practical and modelled on the types of distributed systems and IoT problems we work on every day. Almost every candidate finds the assignment interesting and enjoyable.[11] If they don’t, this team is not the right fit. The assignment itself is not difficult, but it does involve many trade-offs that demonstrate expertise and engineering judgement.
Being a Staff+ engineer can leave you feeling overwhelmed with duties that may sometimes fall completely outside of your perceived remit. What practices can mitigate these instances?
I just finished watching “Local-first Software” by Peter Van Hardenberg and loved it!
He talks about changing the paradigm we’re currently in where a program runs in the cloud and we look at it when we’re online, to one where the program runs on the device in our hands and we send data to the cloud for “durability or accessibility”. In other words, leverage the cloud without being dependent on it.
It almost sounds like a form of resilient design (i.e. progressive enhancement) if you think about it — the cloud as an optional, layered enhancement of your application. Now that’s a paradigm shift!
So here’s to you, make - quirks and all. You may not be perfect, but you’re pretty darn close. Thank you for being the tool that I never knew I needed, and for making my life as a programmer so much easier and more enjoyable.
You’ve spent hours reading, and a seed of an idea has germinated in your mind. You fire up your favorite text editor, plant it down, and spend a couple hours letting the idea grow out. You’ve finished! You are about to publish your freshly-grown post on the web when you get that sinking feeling in your gut: something’s missing…
You scan over the post. Is anything wrong? Nope: argument is solid, formatting is A-Ok. But wait… what’s that?
Where are all the links?
No links, no game. (It is the web you are publishing to, after all.) Sighing, you stumble around with Google for a bit before giving up. Maybe some other time. If only there were a better way…
Microsoft is looking for user feedback on ads it's putting into the Windows 11 Start Menu for its products and services. If responses on Reddit is any indication, the response hasn't been great.
The software vendor has for months been playing around with putting ads – or at least in the case of the Start Menu, notifications – about its services in the operating system as well as the Bing search engine, PCs, and other products.
Security updates have been issued by Debian (golang-1.11 and libxml2), Fedora (chromium, dr_libs, frr, ruby, and runc), Oracle (java-11-openjdk and java-17-openjdk), Red Hat (emacs, httpd and mod_http2, kpatch-patch, and webkit2gtk3), SUSE (libmicrohttpd, nodejs16, ovmf, and wireshark), and Ubuntu (kauth and patchelf).
Public sector outsourcer Capita has confirmed that some confidential data was stolen from a small proportion of its server estate affected by a Black Basta ransomware attack in March 2023.
The incident caused major IT outages and significant impact to customer-facing services at many public sector bodies and some operators of critical national infrastructure (CNI) across the UK, with staff left unable to take calls from members of the public and others falling back on traditional pen and paper.
Ransomware attack on systems of payments giant causing service outages for restaurants around the world
This ten days old but hopefully better late than never: the Python Software Foundation has put out an article describing how the proposed European "cyber resilience act" threatens the free-software community.
The Python Package Index (PyPI) has, like many language-specific repositories, had ongoing problems with malicious uploads. PyPI is now launching an authentication mechanism called trusted publishers in an attempt to fight this problem.
Starting today, PyPI package maintainers can adopt a new, more secure publishing method that does not require long-lived passwords or API tokens to be shared with external systems.
The builders of the Affordable Care Act health insurance exchange system once wondered whether agents and brokers would have a role in the health insurance market.
Now, the managers of the ACA public exchange for the District of Columbia are turning to brokers to help persuade more users to protect themselves against the effects of a recent data breach.
The breach, which was discovered March 6 and announced March 8, exposed the personal information of about 56,415 exchange users, including 17 members of Congress. Data thieves posted at least two batches of data, including the Social Security numbers and email addresses of at least some users, on identity information markets.
Illuminate Education Inc. defeated a proposed class action alleging it negligently failed to protect the information of more than 3 million elementary and high school students that was exposed in a late-December 2021 data breach.
The plaintiffs failed to show that they had suffered concrete harm from the breach or were at immediate risk of future harm, a threshold requirement for standing to sue under Article III, Judge James V. Selna of the US District Court for the Central District of California said Wednesday. He dismissed the suit without prejudice.
Much of what we know about which medical entities have been affected by Clop’s attack comes from Clop itself. The threat actors started listing Fortra clients and samples of stolen data on their leak site to pressure Fortra clients to pay them to delete data and not leak more. DataBreaches noted about a dozen North American entities that either definitely had or likely had protected health information acquired by Clop. In this post, we will note those Fortra clients that have already issued notifications or disclosures concerning protected health information. In a second post, we will note entities that have not issued any public disclosures about the incident.
Campbellford Memorial Hospital says an employee has apologized for making “unauthorized” access to more than 3,500 patients records.
Global News Peterborough has obtained a copy of one of the 3,500 letters sent to patients last week outlining a privacy breach at the hospital in the Municipality of Trent Hills.
In the letter, hospital chief privacy officer Erin Keogh says a clinician “mistakenly” thought they could access health records of patients not under their care for the purposes of their own clinical education.
Popular large language models (LLMs) like OpenAI’s ChatGPT and Google’s Bard are energy intensive, requiring massive server farms to provide enough data to train the powerful programs. Cooling those same data centers also makes the AI chatbots incredibly thirsty. New research suggests training for GPT-3 alone consumed 185,000 gallons (700,000 liters) of water. An average user’s conversational exchange with ChatGPT basically amounts to dumping a large bottle of fresh water out on the ground, according to the new study. Given the chatbot’s unprecedented popularity, researchers fear all those spilled bottles could take a troubling toll on water supplies, especially amid historic droughts and looming environmental uncertainty in the US.
Researchers from the University of Colorado Riverside and the University of Texas Arlington published the AI water consumption estimates in a pre-print paper titled “Making AI Less ‘Thirsty.’” The authors found the amount of clear freshwater required to train GPT-3 is equivalent to the amount needed to fill a nuclear reactor’s cooling tower. OpenAI has not disclosed the length of time required to train GPT-3, complicating the researchers’ estimations, but Microsoft, which has struck a multi-year, multi-billion-dollar partnership with the AI startup and built supercomputers for AI training, says that its latest supercomputer, which would require an extensive cooling apparatus, contains 10,000 graphics cards and over 285,000 processor cores, giving a glimpse into the vast scale of the operation behind artificial intelligence. That huge number of gallons could produce battery cells for 320 Teslas, or, put another way, ChatGPT, which came after GPT-3, would need to “drink” a 500-milliliter water bottle in order to complete a basic exchange with a user consisting of roughly 25-50 questions.
Developing the AI systems behind tools such as ChatGPT and the image generator Dall-E costs hundreds of millions of dollars—and it’s about to get more expensive.
OpenAI, Google, and other companies building large-scale AI projects have traditionally paid nothing for much of their training data, scraping it from the web. But Stack Overflow, a popular internet forum for computer programming help, plans to begin charging large AI developers as soon as the middle of this year for access to the 50 million questions and answers on its service, CEO Prashanth Chandrasekar says. The site has more than 20 million registered users.
Stack Overflow’s decision to seek compensation from companies tapping its data, part of a broader generative AI strategy, has not been previously reported. It follows an announcement by Reddit this week that it will begin charging some AI developers to access its own content starting in June.
SVB Financial Group CEO Gregory Becker and financial chief Daniel Beck resigned this week, the collapsed lender said in a regulatory filing on Friday.
Business accounts that spend less than $1,000 monthly must subscribe to either Twitter Blue or Verified Organizations badge to continue running ads on the platform.
Twitter has informed advertisers that, starting Friday (21 April), their accounts must have a verified checkmark to continue running ads.
Advertisers that spend $1,000 per month already have a gold check or will soon and can “continue to enjoy access to advertising without interruption at this time,” the company said.
Struggling with economic and industry downturns, BuzzFeed is shutting down its news division and cutting dozens of jobs.
In an email to staff on April 20, CEO Jonah Peretti said the digital media company plans to lay off approximately 180 employees, or 15 per cent of its total workforce.
Disappointing results led to a 10% slump in Thursday’s session, the biggest one-day percentage loss for AT&T since December 2000. The stock closed at its lowest since October on Thursday.
I just don’t like what I’m seeing out there in Corporate America these days. All signs to me have my spidey sense twitching that stagnation is going to end with a huge market crash sometime later in the year.
Americans Go Deeper in Debt Using Buy Now, Pay Later Apps for Groceries and Other Routine Expenses (Sorry for using MSN News, but the source, Bloomberg, is paywalled.) Americans have gone deeper into debt, using Buy Now, Pay Later Apps to buy groceries, often at horrific interest rates.
Meta, the parent company of the social networks Facebook and Instagram, has started its second round of layoffs in Singapore. It is expected that yet another round of layoffs would come soon, perhaps in May, since Meta said in March this year that jobs would be cut in three batches. In Singapore, the first round of layoffs affected an estimated 50 people in November last year, soon after Meta announced its quest to become a more efficient company.
Entertainment giant, Walt Disney, is set for a fresh round of layoffs. Thousands of employees, including those in the entertainment division, corporate responsibilities, and staff throughout every Disney operational region are expected to be impacted by the cuts. The company is likely to inform impacted employees about the job cuts by April 24, reports said. Globally Disney is likley to downsize its workforce by 3%.
Disney announced 7,000 job cutbacks earlier in February as part of its efforts to reduce its expenses by $5.5 billion as per a report by Associated Press. Disney’s CEO Bob Iger has dubbed it as part of a “significant transformation”, AP reported.
Google’s biggest round of layoffs across its global operations has forced workers into a game of chance to keep their jobs. Amid escalating job insecurity, a labor union has been set up at the Korean unit to organize some 850 workers and speak out their concerns.
“With the ongoing job cuts within the US tech industry, employees have been concerned about their job security and decided to establish a union,” Kim Jong-sub, head of the Google Korea union, said upon its launch earlier this month.
“Our purpose is to improve employment stability, working environment and welfare overall,” he said, hinting at the possibility of cooperation with unions in other countries.
The union declined to reveal the exact number of its membership, citing “employee protection.”
Ride-sharing company Lyft is set to carry out another round of job cuts as it attempts to slash costs and restructure, it confirmed on Friday.
David Risher, a former Amazon and Microsoft executive who took over as Lyft's new chief executive this week, confirmed the layoffs in an email sent to employees on Friday.
“I am confirming that we will significantly reduce the size of the team as part of a restructuring … we need to be a faster, flatter company where everyone is closer to our riders and drivers so we can deliver on this purpose,” Mr Risher said in the email, seen by The National.
The start of the Unitary Patent system ‘is a big event with big economic consequence. Europe could reconstitute their economic relevance’ around it, says John White, Special Counsel of law firm Harness IP in the US.
Amgen Inc. v. Sandoz Inc., 2023 WL 2994166, — 4th — € € (Fed. Cir. Apr. 19, 2023)
In 2019, Amgen acquired worldwide rights to apremilast (OTEZLA) from Celgene $13.4 billion in cash, in connection with Celgene’s merger with Bristol-Myers Squibb.€ Apremilast was the only oral, non-biologic treatment for psoriasis and psoriatic arthritis, and in 2020 apremilast generated $2.2 billion for Amgen.
At the time Amgen’s acquired apremilast, Celgene was involved in Hatch-Waxman litigation with numerous generic challengers, including Sandoz. Celgene had asserted three of its 11 Orange Book-listed patents against Sandoz, and in 2020 Amgen was substituted as plaintiff.
The primary patent asserted is U. S. Patent 7,427,638, which is directed to pharmaceutical compositions comprising stereochemically pure apremilast. The original expiration date of this patent was in 2024, but the patent received a patent term extension of more than three years, resulting in an effective patent expiration date of February 16, 2028, according to the Orange Book.
Amgen markets apremilast, a phosphodiesterase-4 (“PDE4”) inhibitor, which is used for treating psoriasis and related conditions, under the brand name Otezla€® which is covered by three patents, U.S. Patents 7,427,638, 7,893,101, and 10,092,541. Sandoz submitted an Abbreviated New Drug Application (“ANDA”) seeking approval market a generic version of apremilast. Celgene, the original plaintiff, brought this Hatch-Waxman suit, asserting that Sandoz’s generic product would infringe the ’638 and ’101 patents. The Federal Circuit affirms the district court’s findings on all issues raised.
Were you to scroll down a bit to my older gemlog posts you'd find some posts about my Palm m500 PDA. You can also go to my Retro Computing section in my capsule and read some of my thoughts on PDAs or find all of my favorite Palm OS software that I mentioned above. I love PDAs and Palm OS PDAs specifically. I used my m500 pretty much daily for quite a while back in 2021. For probably 6 months or so I used it intensively as part of my daily routine. While I did kind of trail off from using it daily I never stopped using it completely. Probably on average I would grab it once or twice a week for playing a game in bed in the evening or plugging it in to the slim keyboard out on the porch to write a gemlog post or work on smolZINE.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.