Bonum Certa Men Certa

Links 19/08/2023: Openwashing Backlash and More Preloaded GNU/Linux



  • GNU/Linux

    • Desktop/Laptop

      • GamingOnLinuxStar Labs reveal their new StarLite, a Surface-like Linux tablet

        In the market for a new laptop or perhaps a Microsoft Surface-like tablet style system? Well, Star Labs have turned their StarLite laptop into a tablet. I have to admit, I love the form factor on this giving you the best of both worlds. You get a sweet fully Linux supported tablet, and you can hook it up to a magnetic keyboard to get a full laptop experience too.

      • CNX Software StarLite Mk V 2-in-1 Linux hybrid laptop features Processor N200 processor
        Just last month, Star Labs introduced the Byte Mk II Intel Processor N200-based mini PC with a choice of Linux distributions that include Ubuntu 22.04, Linux Mint, Manjaro, Zorin OS, and others, as well as Coreboot support.

        The company has now introduced another Linux hardware platform powered by the Processor N200 Alder-Lake-N CPU with the StarLite Mk V 2-in-1 hybrid laptop with a 12.6-inch tablet and a detachable keyboard available in six different layouts.

      • LinuxiacStarLite 5 Is a Linux Tablet Powered by Intel Alder Lake N200

        Star Labs stands out as a visionary company with an unwavering focus on Linux-powered solutions. Guided by a passion for open-source principles, the company empowers users to embrace customization, security, and performance through its diverse lineup of devices.

        As the demand for versatile and Linux-powered tablets continues to rise, the StarLite 5 steps onto the stage with a bold statement of intent.

        Combining the flexibility and customization options of the Linux operating system with the sheer horsepower of the Intel N200 CPU, the StarLite 5 tablet promises an experience that caters to both casual users and tech enthusiasts alike.

      • LiliputingStarLite Mk V is a Linux tablet with Intel N200, 16GB RAM and a keyboard cover
    • Server

      • Containerizing Legacy Apps Speeds Cloud Migration [Ed: "Clown Migration" should not be the goal; outsourcing cargo cult (letting few companies and usually one country control the world's computing)]

        Many cloud platform providers are collaborating with customers to transition applications from data centers using containerization.

    • Kernel Space

      • Video CardzAMD started working on Ryzen 8000 APUs GPU drivers for Linux

        As reported by Phoronix, AMD has begun deployment of the next-gen GPU architecture which is now officially called GFX 11.5. This architecture is likely to be the initial indication of the forthcoming RDNA 3.5 (or Navi 3.5) GPU series, which is scheduled to commence next year.

    • Graphics Stack

      • GamingOnLinuxRecent NVIDIA drivers are causing issues for Proton

        Have you been seeing some problems with the NVIDIA 535 driver series when trying to run Steam games on Linux with Proton? Well, you're not alone but investigations are under way. Here's what's happening.

    • Applications

      • DebugPointFile Shredder: Safeguard Your Data with Secure Deletion on Linux

        When you delete any file from any operating system (Linux, Windows, etc.), the story isn't as simple as it seems. The operating system doesn't immediately delete the data; instead, it marks the space on your hard drive as available and removes the file from the directory structure.

        This means that, until overwritten, the actual data remains on your disk. This leaves room for potential security breaches, as determined actors could recover seemingly deleted files and gain access to sensitive information.

        Well, you need to take advantage of software such as "File Shredder", which manually replaces the 1s and 0s on your disk to completely remove the data forever.

      • GamingOnLinuxOBS Studio 30.0 Beta 1 released supporting Intel QSV on Linux

        The free and open source video recording and livestreaming app OBS Studio is readying up another release, with OBS Studio 30.0 Beta 1 now available for testing.

      • Make Use OfThe 5 Best Linux Tools for Directory Bursting

        In the reconnaissance stage of every web application pentest, it is essential to find possible directories on the application. These directories might hold significant information and findings that would help you greatly to find vulnerabilities in the application and improve its security.

        Luckily, there are tools on the internet that make directory brute-forcing easier, automated, and faster. Here are five directory-bursting tools on Linux to enumerate hidden directories on a web application.

      • Fedora MagazineTransFLAC: Convert FLAC to lossy formats

        FLAC, or Free Lossless Audio Codec, is a lossless audio compression format that preserves all the original audio data. This means that FLAC files can be decoded to an identical copy of the original audio file, without any loss in quality. However, lossless compression typically results in larger file sizes than lossy compression, which is why a method to convert FLAC to lossy formats is desirable. This is where TransFLAC can help.

        FLAC is a popular format for archiving digital audio files, as well as for storing music collections on home computers. It is also becoming increasingly common for music streaming services to offer FLAC as an option for high-quality audio.

        For portable devices, where storage space is limited, lossy audio formats such as MP3, AAC, and OGG Vorbis are often used. These formats can achieve much smaller file sizes than lossless formats, while still providing good sound quality.

    • Instructionals/Technical

      • Make Use OfHow to Monitor Network Usage for Processes on Linux

        Internet access is essential, but you may wonder which Linux processes use your connection the most on your computer. Fortunately, with some common Linux utilities, monitoring which processes use your bandwidth is easy. Here are some of them:

      • Terence EdenMy Underkill Home Network

        There's an absolutely delightfully bonkers post doing the rounds called "My Overkill Home Network" - which is a look into what happens when a computer geek goes feral and stuffs as many Internet connected thingamajigs in a living space. We're talking professional grade, rack mounted, doubly redundant, over-specced, equipment. Overkill is underselling it.

        I wondered how my home network looked in comparison. A few years ago I was complaining that routers which limit users to 128 WiFi devices weren't suitable for the average family. I'm not quite at that many IP addresses - but I'm closing in.

        So, here's my attempt to map my network - with a splash of colour to explain the different protocols at play.

      • OSTechNixZypper Command Examples: A Beginner’s Guide to the SUSE Linux Package Manager

        Zypper is a powerful command-line package manager for SUSE and openSUSE Linux. It can be used to install, update, remove, and manage packages on your system. Zypper also provides features for managing repositories, resolving dependencies, and checking for security updates. This detailed guide presents a curated list of 16 useful Zypper Linux command examples for efficient package management in SUSE Linux operating system.

      • Linux HandbookSchedule a Shutdown in Linux Command Line

        Got to shut down the Linux system but have to wait for a process to finish?

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Nate GrahamThis week in KDE: Double-click by default

          This was a week of huge changes and improvements, starting with our headliner! Yes it’s true, by default in Plasma 6, you’ll single-click to select files and folders, and double-click to open them. The patches have now landed, done by me. This remains user-configurable, of course.

          But there’s a whole lot more to talk about as well! This is gonna be a big one…

  • Distributions and Operating Systems

    • ROS Industrial10th Meeting of the ROS-Industrial Consortium Americas highlights reaffirming of the mission

      On May 25 in Detroit the ROS-Industrial Consortium Americas (RICA) held the 10th iteration of the annual meeting, where Consortium members can get together, learn from each other, assess the state of the ROS-Industrial open-source project and provide feedback and engage in guided discussions, all with the intent of providing a two way interaction to understand the state and happenings relative to ROS-I and to provide their needs and areas for improvement.

    • Fedora Family / IBM

      • Red Hat Official3 ways the oc command helps you take command of the cloud

        “The cloud” is an evocative name, but to anyone used to bare metal servers or desktop workstations, it is a painful reminder of the intangibility of a strange new computing environment. The cloud isn't a singular thing you can pick up and take back to your workshop; there's no hard drive or even a real CPU, at least not in the sense that you can pry open to upgrade or troubleshoot.

        If that sounds familiar, you might want to try the oc command, which provides a simple and singular interface from your workstation to your cluster. Here are three ways the oc command helps you take control of your cloud-based computer, whether you're running Red Hat OpenShift Service on AWS (ROSA) or Red Hat OpenShift Local.

      • What’s New and Next in Private Automation Hub

        Private automation hub is on its way to being the content management system for the Ansible Automation Platform through enhancing software supply chain security, organizing & synchronizing content, task management, and more. Check out what's new and next.

      • Red Hat OfficialBetter securing the frontlines: Leveraging Ansible Automation Platform and AIDE for DoD file integrity

        A lot of system administrators within the Department of Defense already use the Advanced Intrusion Detection Environment (AIDE). This is mainly because of a Security Technical Implementation Guide (STIG) that states that a file integrity checker must be configured to verify extended file attributes. There are a lot of features to AIDE, and the combination of using AIDE with Red Hat Ansible Automation Platform gives you the ability to automate important corrections to your system configuration.

      • Red Hat Official10 Linux commands for Red Hat OpenShift Service on AWS users

        Red Hat Enterprise Linux and Red Hat OpenShift provide users and admins with a friendly graphical UI for easier cloud management. But even with a clear UI, if you're running applications in the cloud, there's a good chance Red Hat OpenShift Service on AWS (ROSA) users can benefit from knowing some essential Linux commands.

        Running a command in a terminal is fast and direct. It lets you communicate exactly what you want to happen, in one succinct sentence. There are hundreds of commands on a typical Linux system though, so here are 10 of the most important commands ROSA users need to know.

      • Red Hat OfficialKPMG improves outcomes for state citizen services through a modern systems integration platform

        KPMG built the KPMG Resource Integration Suite (KRIS) Connected Platform for the State of Tennessee Department of Human Services (TDHS) to help serve citizens most in need—and to do that fast. KRIS connects siloed monolithic legacy information systems that support citizen support services such as Supplemental Nutrition Assistance (SNAP), Temporary Assistance for Needy Family (TANF), and Low-Income Home Energy Assistance (LIHEAP). These services were previously fragmented and only accessible via individual offices.

        The citizen services provided by TDHS were fragmented, and citizens had to visit different websites to access each individual service. TDHS wanted to give its residents faster access to its services in one place, and make them more comprehensive. It also decided to make new engagement channels available to residents including virtual, online, and remote services.

      • Red Hat OfficialWhy choose Red Hat OpenShift Service on AWS?

        You know you need to move to the cloud, but do you know why you need to move to the cloud?€ 

        You might (rightly) feel some skepticism about moving to a new platform just because it's grabbed the attention of the tech world, and it doesn't help that there are so many platforms to choose from. You should question a move to the cloud. That's not only the sensible thing to do, it's the responsible thing to do.€ 

    • Canonical/Ubuntu Family

      • Behind Ubuntu Budgie Infrastructure

        Making and maintaining a distribution, be it an independent distro or a flavor of a bigger one, such as Ubuntu Budgie, requires a good infrastructure setup to make sure that everything is reliable and functioning like a well oiled machine.

        In case of a Ubuntu Budgie, we made sure to make a setup that is both easy to use and sturdy. The first step, the most visible part is this website that you are currently reading this post on. The website itself is powered by a WordPress installation. There were a lot of discussions on what to use for our website among the team, ranging from custom CMS, static HTML, Grav and other CMS (Content Management System).

        Most of the posts are written in Markdown that is then converted to HTML when publishing a post. Some of you may be wondering why Markdown as choice, doesn’t WordPress use WYSIWYG (What you see is what you get) editor? While this is true, markdown allows us to be lean and write from anywhere and at any time and just get text ready for publishing. There is no need to login and start writing from a browser. We can write a post from a code editor and then copy/paste. Other parts of the website however are managed using WYSIWYG editor, such as Downloads page, About us, etc.

    • Devices/Embedded

      • TouchOSC Is Now Available Cross-Platform For Android, Linux - Selector



        After a major next-generation update, TouchOSC now works cross-platform with Android, Linux, Raspberry Pi devices and Wacom tablets.

        Once exclusively for Apple iOS, version 1.2.2 of the OSC-based controller app works with “all major operating systems and architecture, and the full feature set is available across all versions,” according to their website.

      • ArduinoJames Bruton builds a real Zelda Stabilizer Zonai Device

        The central gimmick of the new€ Legend of Zelda: Tears of the Kingdom€ game is the construction system, which is a lot of fun. You can fuse simple objects to build structures, but you can also add Zonai Devices to increase their functionality.

      • Linux GizmosBootlin offers Embedded Linux course for BeaglePlay

        Bootlin recently released free and paid resources for the open-source BeaglePlay development board which was launched this year. The course goes over various Embedded Linux topics and targets hobbyists and professionals.

      • AdafruitBootlin offers open source embedded Linux training on BeaglePlay

        Bootlin is an engineering company specialized in embedded Linux. BeagleBoard.org is a US-based non-profit organization releasing open source Linux-enabled open source single board computer (SBC) designs, including BeaglePlay, a quad-core low-power Linux SBC optimized for long-range network connections and simple sensor additions with mikroBUS, QWIIC/STEMMA-QT and Grove connectors.

    • Open Hardware/Modding

      • Andrew HutchingsAmiga 4000 Restoration x2: Part 7

        I last left the motherboard with one more repair to make. In the background, some new parts have been 3D printing, whilst others have been cleaned and retrobrighted. Let’s continue!

      • HacksterZhou Xu's Blackberry Pi Is a ZX Spectrum-Themed Raspberry Pi-Powered 3D-Printed Linux Handheld

        As a result, the Blackberry Pi is driven by a first-generation Raspberry Pi Zero W, a low-power single-board computer nevertheless powerful enough to run a desktop Linux environment, connected to a Gearbest 320×240 color LCD. Beneath the display is a Solder Party BBQ20KBD, which converts old BlackBerry keyboards and trackpads for use with other devices — over USB, Qwiic/STEMMA QT, and PMOD connectors.

  • Free, Libre, and Open Source Software

    • SaaS/Back End/Databases

    • Programming/Development

      • A summer of catching up

        The feeling of this summer is one of catching up. Last summer was intense due to changes in the family followed by decease and death, leaving with me as a full time single parent. To my great joy, I’ve met someone who is special to me, so this summer has been about getting our families to work as one. It has been fun, but also very intense.

        This means that my focus on engagements that I used to do has been very focused on deadlines and what must be done, rather than what I take pleasure in doing. That means economic reporting for foss-north and such. I pushed hard to make foss-north possible this year, and am very happy that it did. However, I’m still catching up in the post event activities.

      • Andrew HealeyPorting Boolrule To Rust

        Building this port was harder than I predicted. I had to learn a parsing library, work out how the lesser-used operators of boolrule work, and look into how Python evaluates tuple comparisons. For example, assert (1, print) < (2, None) is valid, non-erroring, Python code. The the tuples stop being compared after the first index – it's True.

      • RlangExploring Data Distribution with Box Plots in R

        Are you ready to dive into the world of data visualization in R? One powerful tool at your disposal is the box plot, also known as a box-and-whisker plot. This versatile chart can help you understand the distribution of your data and identify potential outliers. In this blog post, we’ll walk you through the process of creating box plots using R’s ggplot2 package, using the airquality dataset as an example. Whether you’re a beginner or an experienced R programmer, you’ll find something valuable here.

      • Russ CoxC and C++ Prioritize Performance over Correctness

        The original ANSI C standard, C89, introduced the concept of “undefined behavior,” which was used both to describe the effect of outright bugs like accessing memory in a freed object and also to capture the fact that existing implementations differed about handling certain aspects of the language, including use of uninitialized values, signed integer overflow, and null pointer handling.

  • Leftovers

    • Science

      • The Register UKA closer look at Harvard and Google's HPC heart research project

        Google is working with Harvard University on a medical research program using public cloud resources rather than a supercomputer to run very large scale simulations..

        The research in question involves simulations for a novel approach to unclogging arteries in tackling heart disease. The complexity of the simulations and the amount of data they requires tons of compute. So much, in fact, that only a few supercomputers in the world would be suitable.

        Getting access to these supers for large-scale research can be difficult, but the program will highlight how cloud resources can be used instead.

    • Education

      • Chronicle Of Higher EducationScholars See Dangerous Precedent in West Virginia U.’s Plan to Cut Foreign Languages

        “It never occurred to me that at this point in my career, after having invested so much time in a university I love and of which I’m an alum, that I would have to find some other means of supporting myself,” said Di Bartolomeo, who arrived at WVU in 2005.

        Blowback to the university’s decision rippled across academe. L.J. Randolph Jr., president-elect of ACTFL, pointed out that West Virginia’s mission statement, like that of many universities, gestures at its “global” aspirations. “How can you claim that this is part of your mission,” he said, “if you don’t have a language program?”

    • Hardware

      • Broadband BreakfastNokia Claims First U.S.-Based Optical Fiber Module Manufacturer for BEAD Projects

        Requirements under the Infrastructure, Investment and Jobs Act’s BEAD program state that program recipients must source at least 55 percent of their components by cost from the United States, either manufactured, produced, or mined in the country. The requirement is part of President Joe Biden’s agenda to support the country’s manufacturing economy.

    • Health/Nutrition/Agriculture

      • Farmer grows 250,000 sunflowers to make trail

        Incredible photos show how a farmer used 250,000 sunflowers to create a massive trail in his field, bringing in visitors from as far away as Australia.

        Crawford Niven, 26, first came up with the idea for his amazing temporary pathway at his farm in Gloagburn Farm, near Perth, Scotland, three years ago.

        And now thousands of visitors flock to his estate to walk among the seven-foot-tall flowers, which they’re even allowed to pick and take home.

    • Proprietary/Artificial Intelligence (AI)

      • CoryDoctorow"Open" "AI" isn't

        Openwashing is the trick that large "AI" companies use to evade regulation and neutralizing critics, by casting themselves as forces of ethical capitalism, committed to the virtue of openness. No one should be surprised to learn that the products of the "open" wing of an industry whose products are neither "artificial," nor "intelligent," are also not "open." Every word AI huxters say is a lie; including "and," and "the."

      • CBCMicrosoft pulls article recommending Ottawa Food Bank to tourists

        The list was rife with errors. It featured a photo of the Rideau River in an entry about the Rideau Canal, and a photo of the Rideau Canal in an entry about Parc Omega near Montebello, Que. It advised tourists to enjoy the pristine grass of "Parliament Hills."

        But the Ottawa Food Bank entry earned the most mockery in technology publications and on social media. The article called the food bank one of Ottawa's "beautiful attractions," before putting it third on the list.

      • FuturismMicrosoft Deletes Bizarre AI-Generated Travel Guide That Recommended Visiting Food Bank With an "Empty Stomach"

        The embarrassing listicle was spotted by tech writer Paris Marx on Thursday. It ranked the Ottawa Food Bank smack dab in third place among the capital's must-see tourist attractions, only below The Winterlude Festival and the National War Memorial — all of which it calls "beautiful attractions" that you "cannot miss!"

      • Futurism3D Printers Go Rogue, Start Printing While Owners Are Asleep

        Bambu explained on its official blog that it "experienced an unexpected cloud outage," causing what it's calling "job jamming." After its cloud service went down, any jobs sent to Bambu's printers during this period went unconfirmed, leading to requests being sent repeatedly, even after the service resumed.

        "Simply explained, the print job sent to the printer before was trapped on the cloud and had a delayed start," Bambu wrote.

      • The Register UKWhat DARPA wants, DARPA gets: A non-hacky way to fix bugs in legacy binaries

        We know what you're thinking: Uncle Sam is reinventing decompilation. It certainly sounds like it. There are lots of decompilation and reverse-engineering tools out there for turning executable machine-level code into corresponding source code in human-readable high-level language like C or C++. That decompiled source, however, tends to be messy and hard to follow, and is typically used for figuring out how a program works and whether any bugs are exploitable.

        From what we can tell, this DARPA program seeks a highly robust, automated method of converting executable files into a high-level format developers can not only read – a highly abstract representation, or HAR, in this case – but also edit to remove flaws and add functionality, and reassemble it all back into a program that will work as expected. That's a bit of a manual, error-prone chore even for highly skilled types using today's reverse-engineering tools, which isn't what you want near code going into things like aircraft.

      • Windows TCO

    • Pseudo-Open Source

      • Openwashing

        • SSRNOpen (For Business): Big Tech, Concentrated Power, and the Political Economy of Open AI

          This paper examines ‘open’ AI in the context of recent attention to open and open source AI systems. We find that the terms ‘open’ and ‘open source’ are used in confusing and diverse ways, often constituting more aspiration or marketing than technical descriptor, and frequently blending concepts from both open source software and open science. This complicates an already complex landscape, in which there is currently no agreed on definition of ‘open’ in the context of AI, and as such the term is being applied to widely divergent offerings with little reference to a stable descriptor.

          So, what exactly is ‘open’ about ‘open’ AI, and what does ‘open’ AI enable? To better answer these questions we begin this paper by looking at the various resources required to create and deploy AI systems, alongside the components that comprise these systems. We do this with an eye to which of these can, or cannot, be made open to scrutiny, reuse, and extension. What does ‘open’ mean in practice, and what are its limits in the context of AI? We find that while a handful of maximally open AI systems exist, which offer intentional and extensive transparency, reusability, and extensibility– the resources needed to build AI from scratch, and to deploy large AI systems at scale, remain ‘closed’—available only to those with significant (almost always corporate) resources. From here, we zoom out and examine the history of open source, its cleave from free software in the mid 1990s, and the contested processes by which open source has been incorporated into, and instrumented by, large tech corporations. As a current day example of the overbroad and ill-defined use of the term by tech companies, we look at ‘open’ in the context of OpenAI the company. We trace its moves from a humanity-focused nonprofit to a for-profit partnered with Microsoft, and its shifting position on ‘open’ AI. Finally, we examine the current discourse around ‘open’ AI–looking at how the term and the (mis)understandings about what ‘open’ enables are being deployed to shape the public’s and policymakers’ understanding about AI, its capabilities, and the power of the AI industry. In particular, we examine the arguments being made for and against ‘open’ and open source AI, who’s making them, and how they are being deployed in the debate over AI regulation.

          Taken together, we find that ‘open’ AI can, in its more maximal instantiations, provide transparency, reusability, and extensibility that can enable third parties to deploy and build on top of powerful off-the-shelf AI models. These maximalist forms of ‘open’ AI can also allow some forms of auditing and oversight. But even the most open of ‘open’ AI systems do not, on their own, ensure democratic access to or meaningful competition in AI, nor does openness alone solve the problem of oversight and scrutiny. While we recognize that there is a vibrant community of earnest contributors building and contributing to ‘open’ AI efforts in the name of expanding access and insight, we also find that marketing around openness and investment in (somewhat) open AI systems is being leveraged by powerful companies to bolster their positions in the face of growing interest in AI regulation. And that some companies have moved to embrace ‘open’ AI as a mechanism to entrench dominance, using the rhetoric of ‘open’ AI to expand market power while investing in ‘open’ AI efforts in ways that allow them to set standards of development while benefiting from the free labor of open source contributors.

    • Security

      • LWNSecurity updates for Friday [LWN.net]

        Security updates have been issued by Debian (chromium, rar, and unrar-nonfree), Fedora (microcode_ctl, trafficserver, and webkitgtk), SUSE (ImageMagick, kernel, nodejs16, nodejs18, postgresql12, postgresql15, re2c, and samba), and Ubuntu (ghostscript, haproxy, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux-hwe-5.4, linux-xilinx-zynqmp, poppler, and zziplib).

      • Data BreachesListing for sale of U.S. Education Department data may not be what you expect

        Yesterday, a listing appeared on a popular hacking forum offering data for sale that were reported to be from the US Department of Education (Ed.gov).

        According to the listing, the leaked information includes: “ID, UserID, UserName, MobileNumber, LevelID, ConsumerID, Type, FeedBack, SubjectID, Subject, Replied, Token, Completed, Date, Updated, Deleted, and Origin”

        DataBreaches contacted the seller, who is known to this site from previous activities, to ask about the actual source of the data. He responded promptly via private message: “The database is from the NAEP. It’s related to the National Report Card. The database is a feedback database from students to teachers or education providers about progress or questions in general.” He added that the data had been given to him by someone else, and might be months old, but he wasn’t certain.

      • Police officer loses laptop and notebook as he drives along motorway after leaving them on roof of his car in fourth data breach by single police force



        A police officer lost his laptop and notebook as he drove along the motorway after leaving them on the roof of his car – in the fourth data breach by a single force.

        The PSNI said it is investigating after a senior officer revealed sections of the lost notebook remain outstanding.

      • Data BreachesMorris Hospital discloses breach that Royal claimed responsibility for in May; notifies 248,943

        Morris Hospital & Healthcare Centers (Morris Hospital) has issued a notification concerning a cybersecurity incident they discovered on April 4. The incident affects current and former patients of Morris Hospital and current and former employees and their dependents or beneficiaries.

        According to their explanation, their forensic investigation determined that “just prior to the incident,” data was exfiltrated to an external storage platform by an unauthorized individual or individuals. The exported files contained records with the names, addresses, dates of birth, social security numbers, medical record numbers and account numbers, and diagnostic codes of current and former healthcare patients at Morris Hospital AND the names, addresses, social security numbers, and dates of birth of current and former employees and their dependents and beneficiaries.

      • Insider-Wrongdoing in the Healthcare Sector

        In 2016, when Protenus and DataBreaches first began collaborating on collecting and analyzing data from reported breaches involving health data, we focused on what is often called the “insider threat” by breaking it down into two categories: human error or breaches due to accidents, which we called “insider-error,” and breaches due to intentional wrongdoing by employees or contractors, which we called “insider-wrongdoing.” Because we have used this categorization for the last few years, we thought this might be a good time to do a look-back and see if, using that framework, insider-wrongdoing reports appear to have increased, decreased or stayed approximately the same over the years.

      • Security WeekMalicious QR Codes Used in Phishing Attack Targeting US Energy Company [Ed: This fake novelty of "barcode" and "smart" phones was always a bad idea, a gimmick promoted by cargo cultists]

        A widespread phishing campaign utilizing malicious QR codes has hit organizations in various industries, including a major energy company in the US.

      • Security WeekCisco Patches High-Severity Vulnerabilities in Enterprise Applications [Ed: "Enterprise" means back doored?]

        Cisco has patched high-severity vulnerabilities in enterprise applications that could lead to privilege escalation, SQL injection, and denial-of-service.

      • UbuntuHow to secure your database | Ubuntu

        Cybersecurity threats are increasing in volume, complexity and impact. Yet, organisations struggle to counter these growing threats. Cyber attacks often intend to steal, damage, hijack or alter value-generating data. In this article around database security, we use the NIST framework to lay out the common controls that you can implement to secure your databases. Let’s start by discussing the potential impact of unsecured databases.

      • Privacy/Surveillance

        • The Register UKYouTube accused of aiming ads at kids after promising it wouldn't do that

          The report begins with a disclaimer that says it's not offering any legal opinion. Rather, it flags client-side identifiers – eg, those contained in cookies – that play a role in advertising. How these identifiers get used is central to the claims made by Adalytics. If YouTube is in fact setting unique identifiers that can be used to track kids online, and is doing so without parental consent, that's potentially a violation of COPPA.

        • The Register UKStalking victims sue Tile and Amazon for negligence over tracking tech

          Amazon's nationwide location-tracking program, Sidewalk, uses Bluetooth networks supported by Amazon customers who have home devices including some models of Echo, Ring Floodlight Cams, and Ring Spotlight Cams. The suit claims that "as of March 31, 2023, Amazon claims that the Sidewalk network reaches of 90 percent of the United States population."

          Amazon says on its product page that device owners all contribute a small portion of their [Internet] bandwidth, which is then pooled together to create a shared network that "benefits all Sidewalk-enabled devices in a community." Sidewalk uses "Bluetooth, the 900 MHz spectrum and other frequencies to extend coverage and provide these benefits."

        • International Business TimesThought cash was dead? Think again

          However, whilst digital payment solutions may be increasingly driving payments domestically, there is one area where cash remains king. In fact, it's an area of spending where cash not only remains dominant but where its usage and popularity haven't even peaked yet.

          That area is travel money.

          It may seem surprising, but for most people around the world, even in a digital age, their preferred form of payment when they travel is cash.

    • Defence/Aggression

      • teleSURSweden Thwarts Several Terrorist Attempts: PM Kristersson

        Justice Minister Gunnar Strommer said: "During spring, several people were arrested in Sweden and abroad suspected of having prepared attacks in Sweden."

        Strommer did not comment further on these arrests, but Swedish Television (SVT) reported that there were at least two known cases.

      • The Local SEINTERVIEW: Terror threat against Sweden is unprecedented, expert warns

        The focus on Sweden today, he said, was greater than it had been after the artist Lars Vilks caused controversy with his drawings of the Prophet Mohammed as a dog in 2007, or after 2012 and 2013 when some 300 young Swedish residents went to Syria and Iraq to join the Islamic State terror group, or in 2015 to 2016 after the terror attacks in Paris and Brussels.

      • FuturismBrands Horrified When Their Twitter Ads Appear on Nazi Posts

        In a recent report, nonprofit news watchdog Media Matters for America found that ads of mainstream brands ran next to content celebrating Hitler and the Nazi Party — which shouldn't come as a surprise, considering the fast-and-loose governing of the platform by owner Elon Musk.

    • Environment

      • Common DreamsIn Maui Visit, Biden Should Support Climate Lawsuits Against Big Oil

        “Simply connecting the deadly Maui fires and other recent disasters to climate change is not enough; it’s time for President Biden to make clear to the American people that the oil and gas industry must be held accountable for their lies and pollution that continue to fuel the climate crisis.”

      • Futurism200 Ships Are Stuck in the Panama Canal

        Daily traffic is currently capped at 32 ships, which is down from the prior average of about 36 when there's enough water for the canal — which uses more than 50 million gallons of water per day — to operate at full capacity.

      • AxiosMajor Hurricane Hilary reaches Category 3 intensity

        Hurricane Hilary rapidly strengthened into a major hurricane Thursday, and it's poised to bring an array of life-threatening hazards to California and neighboring states beginning this weekend.

        The big picture: An intensifying Hilary's peak winds had increased to 125 mph at 11pm ET. It is forecast to approach the Baja Peninsula of California on Saturday, bringing flooding rains into southern California, Nevada and Arizona from this weekend into early next week.

      • AxiosMaui emergency chief resigns with immediate effect amid Hawai'i fires response

        Maui Emergency Management Agency's top official resigned Thursday after facing criticism over the response to Hawai'i's catastrophic wildfires that have killed at least 111 people.

        Driving the news: Herman Andaya cited "health reasons" as he resigned as the agency's administrator with immediate effect, per a Maui County statement.

      • Federal News NetworkMaui’s emergency services chief resigns after facing criticism for not activating sirens during fire

        The head of the Maui Emergency Management Agency has resigned after facing criticims for not activating disaster sirens during last week’s deadly wildfires that killed at least 111 people. The County of Maui announced Thursday on Facebook that Mayor Richard Bissen accepted the resignation of Herman Andaya, who cited unspecified health reasons for leaving his post. Bissen said that “given the gravity of the crisis we are facing," a replacement will be named as soon as possible. On Wednesday, Andaya defended the decision not to sound sirens as flames raged. Andaya said officials were afraid the sirens would have prompted people to flee toward the mountains or inland, or into the flames.

      • Energy/Transportation

        • The Register UKOur AI habit is already changing the way we build datacenters

          In your typical datacenter, cold air is pulled through a rack full of compute, networking, and storage systems. At the back, the heated air is then captured and ejected by the facility's cooling infrastructure.

          This paradigm works just fine for 6-10kW racks, but starts to fall apart when you start deploying the kinds of systems used to train AI models like GPT-4. Modern GPU nodes can easily consume an entire rack's worth of power. And this is forcing datacenter operators to make some serious design changes.

        • The Drone GirlTwo passenger aircraft just flew without a pilot in the shadow of Silicon Valley

          The two flights were run by two different companies running two completely different aircraft. The first was a 4,100-pound, twin-propeller Centaur aircraft from Aurora Flight Sciences, which is a subsidiary of the Boeing Company, and can be flown as either a piloted, remotely piloted or hybrid aircraft. The second was an aircraft designed to be fully automated from Reliable Robotics.

      • Overpopulation

        • FuturismScientist Predicts Brutal "Population Correction"

          So where does that all leave the fate of humanity? Rees argues that it's "unlikely" humans will go extinct given technological advancements. But the toll could still be grim.

          "That said, rebounding negative feedbacks — climate chaos, food and other resource shortages, civil disorder, resource wars, etc. — may well eliminate prospects for an advanced worldwide civilization," he concluded.

    • Finance

      • GizmodoPentagon Launches Study on How to Start an Economy on the Moon in the Next 10 Years

        In an attempt to guide ongoing efforts in establishing a lunar infrastructure, the Defense Advanced Research Projects Agency (DARPA) kicked off a seven-month study dedicated to developing an analytical framework for scientific and commercial activity on the Moon. Through the 10-Year Lunar Architecture, or LunA-10, study, DARPA is seeking ideas for technology and infrastructure concepts that could help build a Moon-based economy within the next decade.

    • AstroTurf/Lobbying/Politics

      • Teen VogueYouTube Has Alex Winter Worried About the 2024 Election

        “The YouTube Effect” explores the right-wing radicalization enabled by the platform, and how it’s shaped our politics in its less than 20 years of existence. Anyone who’s regularly used YouTube will recognize many of the interspersed clips; you may even recognize some of its interviewees, from video essayist ContraPoints, AKA Natalie Wynn, to the children’s YouTuber (and actual child) Ryan, interviewed alongside his parents.

        Teen Vogue spoke to Winter about the site’s impact on our elections, Andrew Tate, and more.

        This interview has been lightly edited and condensed for clarity.

      • The Register UKA license to trust: Can you rely on 'open source' companies?

        Company after company has had their start in open source software, and then gone on to dump their open source licenses once they've achieved a measure of success. It's time to stop it.

        With a handful of exceptions, everyone uses open source to build their programs. It simply works better. In the last few years, though, one business after another has launched its releases on the backs of open source developers and then dumped their open source license in favor of a semi-proprietary one. It's not fair, and it's not right.

      • QuartzMeta's news ban in Canada is getting in the way of Yellowknife wildfire evacuations

        Bill C-18, or the Online News Act, which forces large social media platforms to pay Canadian news publishers for sharing their content, recently became law despite pushback from internet companies. Meta, the parent company of Facebook and Instagram, said it would pull news from its subsidiaries if the requirement became mandatory—and on Aug. 1, it did.

        As the Northwest Territories battle 236 of the 1,050 fires active in the country, sharing information directly from credible news sources like national publisher CBC, local newspaper The Yellowknifer, and digital broadcaster Cabin Radio on social media is off the table for the 20,000 Yellowknife residents hit with an evacuation order.

      • Misinformation/Disinformation/Propaganda

    • Censorship/Free Speech

      • QuartzEnvironmental activists are fleeing Elon Musk's Twitter

        A study (pdf) published in a journal called Trends in Evolution and Ecology on Aug.15 showed, that out of a sample of 380,000 environmentally oriented X users, “nearly 50% became inactive” after Musk’s acquisition. This rate, the researchers found, was “much higher than a control sample.” By April 2023, only 52.5% of sampled environmental activists on X were still active.

      • Jacobin MagazineStop Cop City Activists Are Facing 20 Years in Prison for Distributing Flyers

        Charley Tennenbaum, a Stop Cop City activist, was charged with felony intimidation for flyering about the officers who shot an organizer 57 times. After months in prison, Tennenbaum spoke to Jacobin about Georgia’s crackdown on civil liberties.

      • RFERLMoscow Court Shuts Rights Center That Honors Nobel Peace Laureate Andrei Sakharov

        The Moscow City Court has shut the Sakharov Center, a prominent human rights organization dedicated to upholding civil liberties in Russia, saying it illegally hosted events outside of the capital, released videos lacking a foreign agent label, and committed other administrative discrepancies.

      • VOA NewsHong Kong Seeks Public Help in Purging Library Books

        An invitation from Hong Kong authorities for citizens to report public library books that “endanger national security” has sent chills through the port city, analysts and some residents say. Some worry authorities are adopting tactics similar to those used in China and during the Cultural Revolution, others say the move will only further harm the city’s already tarnished image as a place that’s no longer free.

      • The Local SESweden launches inquiry into stopping Quran burnings on security grounds

        According to the "committee directive", Larsson should by July 2024 propose changes to the law which will allow that "circumstances which threaten Sweden's security can be taken into account in the process of deciding on permissions for public gatherings, and in weighing up whether to cancel or break up public gatherings".

      • RFERLIranian Officials Accuse 12 Activists Of Plotting To Hold Events For Anniversary Of Amini's Death

        At least 500 people have been killed since protests broke out following the death of Amini, an Iranian Kurdish woman who was arrested while visiting Tehran for allegedly violating the country’s hijab law.

        The protests began as a rebuke against the brutal enforcement of the mandatory head scarf legislation, but soon snowballed into one of the most sustained demonstrations against Iran’s theocracy since the 1979 Islamic Revolution.

      • RFERLIranian Professor Who Supported Protests Says He's Been Expelled

        Many Iranian university professors have faced expulsion for their support of the nationwide protests, while others have already been pushed from their jobs, including several professors at the University of Art in Tehran who were ousted earlier this month.

      • RFAPopular comedian detained, beaten and fined for YouTube videos, relative says

        Relatives of a stand-up comedian said he was detained by police in Ho Chi Minh City, beaten and then fined for videos about social issues that he posted to his popular YouTube account six years ago.

    • Freedom of Information / Freedom of the Press

      • ANF NewsSputnik journalists go on strike

        Workers at Sputnik went on strike on Thursday. The action was organized by the Turkish Journalists’ Union (TGS), after the failure to reach an agreement in the collective bargaining negotiations between the TGS and Rossiya Segodnya International News Agency (Sputnik) Turkey Bureau.

      • BIA NetSputnik Turkey journalists go on strike

        "Our country is undergoing a severe economic crisis. Our wages cannot sustain us through the middle of the month. Nevertheless, when it comes to salary increases, the Sputnik management did not provide even a single proposal throughout all our discussions. That is why we are on strike against this dismissive stance."

      • CPJRussia fails to renew Dutch and Finnish journalists’ visas and accreditation

        “Russian authorities’ opaque administrative procedures cannot hide their real agenda, which is to silence critical voices and progressively squeeze Western journalists out of the country,” said Carlos Martinez de la Serna, CPJ’s program director. “Russian authorities should renew Eva Hartog and Anna-Lena Laurén’s accreditation and visas at once and let them work freely in the country.”

    • Civil Rights/Policing

      • RFATibet’s beloved annual yogurt festival spoiled by heavy police presence

        The heavy surveillance comes as Chinese authorities are maintaining a tight grip on Tibet, restricting Tibetans’ political activities and peaceful expression of cultural and religious identity.

        Tibetans frequently complain of discrimination and human rights abuses by Chinese authorities and policies they say are aimed at eradicating their national and cultural identity.

      • NYPost10-year-old Mississippi boy arrested, jailed for peeing behind mom’s car

        She said the officer told her Quantavious could get back inside the car and that he would just give a warning, but several other cops then showed up, including a lieutenant who said the boy had to be hauled to jail.

      • NDTV10-Year-Old US Boy Arrested For Urinating Behind Mother's Car

        The mother continued, "No, him urinating in the parking lot was not right, but at the same time I handled it like a parent and for one officer to tell my baby to get back in the car like it was OK and to have the other pull up and take him to jail. Like no. I'm just speechless right now. Why would you arrest a 10-year-old kid."

      • CBCFormer RNC chief says he was forced out after holding officers to account

        "It was a concentrated effort by several to push me out the door because I was holding people accountable and that I wanted to open up the RNC and include the community into everything that we were doing," Boland said.

      • JURISTHRW: China must address increasingly common racist internet content

        HRW found that racist content against Black people has surged in recent years because it attracts traffic and generating profits. There are a few kinds of typical content perpetuating racial discrimination that are popular on the Chinese internet. These include denigrating interracial relationships, impersonating Black people, death threats and reinforcing stereotypes of Africans by portraying them as impoverished and presenting Chinese as wealthy saviors.

    • Digital Restrictions (DRM)

      • The Register UKI know what you did next summer: Microsoft to kill off Xbox 360 Store

        Gamers will still be able to access and play their already-bought games after that date. In an announcement, the software giant reassured folks it was "committed to supporting Xbox 360 gameplay for the foreseeable future — and you will still be able to play and re-download previously purchased content and connect with friends."

        This means Microsoft isn't shutting down its servers just yet. But while players won't lose access to their games on the console, the same can't be said of media purchased through the Xbox's Movies and TV app. After the July deadline, that application will cease to function, and all such content purchased through the app will remain available only on supported consoles and PC.

    • Monopolies

      • Copyrights

        • Creative CommonsUnderstanding CC Licenses and Generative AI

          You can use CC licenses to grant permission for reuse in any situation that requires permission under copyright. However, the licenses do not supersede existing limitations and exceptions; in other words, as a licensor, you cannot use the licenses to prohibit a use if it is otherwise permitted by limitations and exceptions to copyright.

          This is directly relevant to AI, given that the use of copyrighted works to train AI may be protected under existing exceptions and limitations to copyright. For instance, we believe there are strong arguments that, in most cases, using copyrighted works to train generative AI models would be fair use in the United States, and such training can be protected by the text and data mining exception in the EU. However, whether these limitations apply may depend on the particular use case.

        • Torrent FreakPirate IPTV Datacenter Defendant is a Flight Risk, Remains in Custody

          A 30-year-old Dutchman is suspected of being a key player in a multi-million euro pirate IPTV operation, which served over a million subscribers. The defendant asked to be released pending trial but is considered a flight risk, so the request was denied. Tapped conversations suggest that the man planned to restart the pirate IPTV business and flee to Morocco.

  • Gemini* and Gopher

    • Personal/Opinions

      • Emotions are difficult

        Part of the thing I've been having to learn how to do the past few months as my partner Tor has been so sick is actually, y'know, experience and show emotion.

        I'm normally the kind of person who stuffs everything down and quietly crashes into a wreck when everything is over, never particularly talking to anyone about it because I don't Want To Be a Burden.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024