Gemini version available ♊︎

Links 15/10/2020: KWinFT 5.20, Mesa 20.2.1

Posted in News Roundup at 6:05 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Best open source gifts for 2020 [Ed: Sadly, all the links there are referral spam. Blurring the gap between journalism and shameless marketeering.]

      If you’re looking for a desktop, the single greatest Linux-powered desktop on the market is the System 76 Thelio. In fact, it might be the best desktop you can buy, period. This beast of a machine comes in three flavors: Thelio, Thelio Major, and Thelio Massive. For everyday use, go with Thelio. If your open source enthusiast is a gamer or needs more power, go with the Thelio Major. If, however, the recipient of this gift is a serious number cruncher, the Thelio Massive will power all of their tasks. Either way, you cannot go wrong with a gift of the Thelio. The Thelio has a base price of $899, the Thelio Major has a base price of $2499, and the Thelio Massive has a base price of $3199.

    • Audiocasts/Shows

      • Why Client Server Is Perfect For The Unix Philosophy – YouTube

        The client server model is incredibly popular for building Linux applications so I thought it’d be fun to explain how the model works and why it is the perfect choice if following the Unix philosophy is important to the way that you develop your software.

      • Bad Voltage 3×15: Interactive Multimedia Communications

        Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which things are not necessarily jazzed up versions of other things, we wonder what data truly is…

      • S13E30 – Whistling indoors | Ubuntu Podcast

        This week we’ve been upgrading our GPUs. We discuss our experiences using IoT devices, bring you some command line love and go over all your wonderful feedback.

        It’s Season 13 Episode 30 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

    • Kernel Space

      • Google quietly adds revolutionary VPN protocol to next Android OS

        The release of WireGuard earlier this year was one of the biggest things to happen to the VPN industry in a long time and now Google has added support for the new protocol to the next version of Android.

        WireGuard, which was created by Edge Security’s Jason A. Donenfeld, uses state-of-the-art cryptography to provide users with the highest level of privacy, security and speed. The new protocol is faster than existing VPN protocols and it also only contains just 4,000 lines of code compared to OpenVPN’s 100,000 lines of code, making it easier to review and audit.

        Just after the release of version 1.0.0 of the protocol back in March, it was added to the Linux kernel and made available in Linux 5.6 by Linus Torvalds. As Android is also based on Linux, it makes sense that Google would want to bring native WireGuard support to its mobile operating system by adding it to Android 12′s Linux Kernel 5.4 tree.

      • WireGuard VPN Added to Android 12’s Linux Kernel Code

        COVID-19 has entirely changed the way we live our lives. Many businesses are operating from home and the need for a good and secure internet connection has increased more than ever. Why “secure internet”? Because many of us don’t want our internet service provider to know what we’re doing and keep track of our activities.

        Now, after WireGuard VPN’s addition to the Linux kernel 5.6, Google has added it to Android 12’s Linux Kernel 5.4 Tree. For starters, WireGuard VPN is a next-gen VPN protocol built on modern cryptography standards to ensure internet security.

      • Intel Rewrites Old Haswell-Era Audio Driver Due To Bugs, Plus DG1 Audio For Linux 5.10

        The sound subsystem updates were submitted today for the Linux 5.10 kernel with some interesting changes and new hardware support.

      • Linux 5.10 Graphics Driver Changes From AMDGPU DC For GCN 1.0 To Continuing RDNA 2 Push

        The direct rendering manager (DRM) driver updates were sent in overnight for the ongoing Linux 5.10 merge window with a range of improvements for these graphics/display drivers and as usual the Intel and AMD Radeon driver churn is particularly heavy.

      • AMD Secure Nested Paging IOMMU For SEV-SNP Lands In Linux 5.10

        In addition to Linux 5.10 supporting SEV-ES as the “encrypted state” for AMD EPYC’s Secure Encrypted Virtualization, this kernel is also adding Secure Nested Paging (SNP) support to the AMD IOMMU driver as part of their next-generation SEV-SNP security.

        AMD SEV-SNP is an effort to further boost virtual machine isolation and appears to likely be supported with upcoming AMD EPYC 7003 “Milan” processors based on the timing of their original SEV-SNP whitepaper earlier this year and now the timing of this SNP Linux kernel support. SEV-SNP builds on the original AMD SEV and SEV-ES to offer additional hardware-based memory integrity protections for fending off hypervisor-based attacks.

      • XFS File-System With Linux 5.10 Punts Year 2038 Problem To The Year 2486

        Not only is Btrfs seeing notable improvements with the in-development Linux 5.10 kernel but the XFS file-system also has some prominent changes of its own.

      • From O_MAYEXEC to trusted_for()

        The ability to execute the contents of a file is controlled by the execute-permission bits — some of the time. If a given file contains code that can be executed by an interpreter — such as shell commands or code in a language like Perl or Python, for example — there are easy ways to run the interpreter on the file regardless of whether it has execute permission enabled or not. Mickaël Salaün has been working on tightening up the administrator’s control over execution by interpreters for some time, but has struggled to find an acceptable home for this feature. His latest attempt takes the form of a new system call named trusted_for().

        Tightly locked-down systems are generally set up to disallow the execution of any file that has not been approved by the system’s overlords. That control is nearly absolute when it comes to binary machine code, especially when security modules are used to enforce signature requirements and prevent techniques like mapping a file into some process’s address space with execute permission. Execution of code by an interpreter, though, just looks like reading a file to the kernel so, without cooperation from the interpreter itself, the kernel cannot know whether an attempt is being made to execute code contained within a given file. As a result, there is no way to apply any kernel-based policies to that type of access.

        Enabling that cooperation is the point of Salaün’s work; it is, at its core, a way for an interpreter to inform the kernel that it intends to execute the contents of a file. Back in May 2020, the first attempt tried to add an O_MAYEXEC flag to be used with the openat2() system call. If system policy does not allow a given file to be executed, an attempt to open it with O_MAYEXEC will fail.

      • Graphics Stack

        • mesa 20.2.1
          Hi list,
          I realize that this is a week late, I simply put everything in the calendar one
          week off. Doh. Anyway, mesa 20.2.1 is now available, this release looks much
          bigger than it actually is, because of all of the .pick_status commits. there's
          a bit of everything in here, all and all a nice little .1
        • Mesa 20.2.1 Released With Initial Batch Of Fixes

          Mesa 20.2 officially released at the end of September as the Q3’2020 open-source driver stack update providing open-source OpenGL/OpenCL/Vulkan support for much of the graphics hardware on the market. For those that prefer waiting for the first point release before upgrading, that milestone was reached today.

        • Mesa 20.1.10 Is Released With A Handful Of Bug-Fixes

          Mesa 20.1.10 is a small bug-fix release for GNU/Linux distributions that have not yet upgraded to Mesa 20.2.0. There’s not much to see, there’s seven for the Intel graphics drivers and two on the AMD side.

    • Applications

      • 6 Best Free and Open Source Linux Music Servers

        home computer makes an ideal appliance to store and stream music. The purpose of a music server is to deliver tracks when requested by a client. The server can deliver music to machines over a local area network as well as computers connected over the internet.

        Linux is widely recognized as an ideal operating system to serve web pages. But the server capabilities of Linux extend far beyond merely providing HTTP servers.

        There is a wide range of multimedia software available for Linux which turns your machine into a jukebox. There are even dedicated Linux distributions that turn your computer into a music server. This article identifies the best free software which enables your Linux machine to act as a music server, distributing digital tracks over a network. Such software supports popular audio formats such as FLAC, OGG Vorbis, and MP3.

      • Love Windows Calculator? You can Now Use it on Linux as Well [Ed: Oh, come on; don’t become Microsoft clowns. We already have plenty of good calculators and Microsoft’s is spyware (tracking the keypresses, reporting to Microsoft!)]

        In the first quarter of 2019, Microsoft open sourced the Windows Calculator. Being open source, it allows developers to use it in their own applications.

        I couldn’t care less for a calculator application but as some It’s FOSS readers pointed out, they like using the Windows Calculator.

      • You Can Now Install the Windows Calculator App on Linux [Ed: Of course Joey Sneddon also had to help Microsoft promote a spyware calculator]
      • Windows Calculator now does your math on Raspberry Pi, Tesla, and tons of Linux devices [Ed: Microsoft PR sites]
      • The Windows Calculator on Linux with Uno Platform | Ubuntu [Ed: Even Canonical jumps in to help Microsoft]

        The good folks in the Uno Platform community have ported the open-source Windows Calculator to Linux. And they’ve done it quicker than Microsoft could bring their browser to Linux. The calculator is published in the snapstore and can be downloaded right away. If you’re on Ubuntu or you have snapd installed just run…

      • How to install Microsoft Windows Calculator on Linux
      • bpytop might be the freaking-coolest way to monitor your Linux system | GamingOnLinux

        Okay, hear me out. You want to keep an eye on your system for things like RAM use, disk space, processor load and more…but you want something a tiny bit flashy that’s still simple enough to run in a terminal window? You need to try out bpytop.

        It’s a fully featured resource monitor with a “game inspired menu system” and it’s genuinely great, I’ve fallen just a little bit in love with it having it open on my second monitor to keep me informed of how my system is doing.

    • Instructionals/Technical

      • NTP Server and Best Practices | FOSS Linux

        NTP stands for “Network Time Protocol.” It is a protocol used by devices connected to the internet to synchronize their systems’ time to a time reference. There are various important points as to why it is important to maintain accurate time, and the working principles of NTP are elementary yet amazing.

      • How To Install Vivaldi Browser on CentOS 8 – idroot

        In this tutorial, we will show you how to install the Vivaldi Browser on CentOS 8. For those of you who didn’t know, Vivaldi is a feature-rich, next-generation web browser application based on the powerful and open-source Chromium project, from which the popular Google Chrome web browser is derived. The application is freely distributed and cross-platform, created by the former CEO of Opera Software, built using modern Web technologies like React, JavaScript, Node.js, and more.

      • How to install HelloNZB on Linux

        If you’re a Linux user in need of a good Usenet app and aren’t happy with the existing apps out there, consider checking out HelloNZB. It’s a Java-based NZB client that is relatively user-friendly and simple to use.

      • How to install Inkscape 1.0 on Deepin 20 – YouTube

        In this video, we are looking at how to install Inkscape 1.0 on Deepin 20.

      • How to Install Ubuntu Kylin 20.04 LTS on VMware Workstation – SysAdmin

        This video tutorial shows how to install Ubuntu Kylin 20.04 LTS on VMware Workstation step by step. This tutorial is also helpful to install Ubuntu Kylin 20.04 LTS on physical computer or laptop hardware.

      • How to install FL Studio 20 on a Chromebook – New Tutorial

        Today we are looking at how to install FL Studio 20 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How To Use AQEMU Virtual Machine on Ubuntu

        We are fortunate to have a good virtual machine tool AQEMU on GNU/Linux operating systems. With AQEMU on your Ubuntu computer, you can virtualize any operating systems very easily. It can replace and works similarly to the proprietary tool VirtualBox or VMWare step by step as you can see in this tutorial. Now let’s learn virtualization!

      • File Timestamps – mtime, ctime and atime in Linux

        When you are working with directory and files, you may need to know about Linux file timestamps such as change time (ctime), access time (atime), and modification time (mtime). Linux files, directories, sockets have three different timestamps – mtime, ctime and atime.

        Probably when working in Linux you have get answers to following questions:

        When was the last date of file content modified? When was the file last opened/accessed ? When the properties of the file such as ownership, permissions last changed?

      • Updating ISPConfig 3.1 to ISPConfig 3.2

        This tutorial explains how to to update an ISPConfig 3.1 server to ISPConfig 3.2. This tutorial is compatible with CentOS, Debian, and Ubuntu operating systems.

      • How To Install NVM on CentOS/RHEL 8 – TecAdmin

        NVM stands for Node Version Manager is a command-line utility for managing Node versions. Sometimes you required to deploy multiple node application with different-2 versions. Nvm will help you here.

      • 40 Useful Examples of Linux PS Command for Aspiring SysAdmins

        The ps command is a handy utility that allows us to view important process information. A process is simply a running instance of a program. Whenever we invoke a program, some processes are created. A thorough understanding of the process tree is mandatory if you want to have full control over your machine.

      • How to install RStudio Server open source on Ubuntu 20.04 LTS

        RStudio is a development IDE for R language programmers, however, if you are not on GUI and using CLI server still we can have the benefit of it by installing the Rstudio Server edition. It provides the Rstudio IDE access via a web browser interface, thus if you have some remote Linux server with powerful hardware for high-level computing then installing the Rstudio server will be a nice idea. Because in this way multiple developers can easily use this R language development platform for coding, editing, and sharing of other files with the team. Furthermore, a server environment of Rstudio will give a centralized installation of R, R packages, TeX, and other supporting libraries.

      • Linux permissions: SUID, SGID, and sticky bit

        Linux permissions are a concept that every user becomes intimately familiar with early on in their development. We need to execute scripts, modify files, and run processes in order to administer systems effectively, but what happens when we see Permission denied? Do you know why we see this message? If you know the cause of the problem, do you know how to implement the solution?

        I will give a quick explanation of the various ways to calculate permissions, and then we will focus on the special permissions within Linux. If you want an in-depth look at the chmod command, check out this article from Sudoer Shashank Hegde, Linux permissions: An introduction to chmod.

    • Games

      • Total War: THREE KINGDOMS – The Furious Wild is now available on Linux | GamingOnLinux

        After launching for Windows on September 3, porter Feral Interactive has now hooked up Total War: THREE KINGDOMS – The Furious Wild for Linux (and macOS) today.

        This is the first proper extension to the map in THREE KINGDOMS, letting you visit the jungles around Southern China and with it, the fearsome tribes of the Nanman. On top of the map expansion you get 4 new playable factions each with their own mechanics with a total of 19 new factions included. There’s also over 25 new units, new character artwork, a Nanman-specific tech tree and more. You’re also able to play it in the 190 and 194 start dates.

      • SDL2 Upstreams OS/2 Support – Phoronix

        If 2020 couldn’t get more peculiar, today the SDL2 project mainlined support for the OS/2 operating system.

        While OS/2 is no longer maintained by IBM and was never really a gaming platform for where SDL2 is most commonly used, this software library that serves as an abstraction layer for multimedia/gaming hardware components and software platforms has merged the OS/2 port.

      • How to Play PS3 Games on PC with RPCS3

        Visit RPCS3’s official site and download the emulator to your hard disk drive. RPCS3 is available for Windows and Linux.

      • Strategic simulation game Space Crew from the Bomber Crew devs is out now | GamingOnLinux

        Ready to take the action into space? Runner Duck, developer of the hit Bomber Crew have just released the sequel with Space Crew.

        Bomber Crew was something of a surprise hit for the UK-based two-person indie studio Runner Duck, when it became a top seller on Steam. This sequel moves the theatre of war from World War Two to the far flung future with players challenged to fight a conflict on an intergalactic scale. Armed with their own carefully chosen crew and fully customizable spaceship, captains must protect Earth and venture across the galaxy to stave off a new alien threat known as the Phasmids.

      • The Jackbox Party Pack 7 is out now along with a big Jackbox sale | GamingOnLinux

        Ready to make fun of your friends? The Jackbox Party Pack 7 has been released along with five amusing games. Still one of the best party games around. Well, party game…packs. Then again it should be, it would be a bit weird if a Party Pack was a bit rubbish for a party wouldn’t it.

      • Get some classic Worms games in the latest Humble Bundle, plus multiple other big sales | GamingOnLinux

        Got Worms? Well, you can get a whole lot of them in the latest Humble Bundle from the classics up to the newer stuff and some of them have Linux builds too.

      • The runner-shooter ‘Vecter’ is intense, colourful and free – out now | GamingOnLinux

        With sleek arcade-racing action, the bright and colourful Vecter has left Early Access today along with the recently launched Linux version.

        Vecter is pretty much an endless runner, and a great one too that’s seriously easy to just pick up and play when you have a few minutes to spare. Not easy though, far from it. You need some good reflexes! There’s plenty of obstacles and enemies thrown in your way. It’s fast, intense and a huge amount of fun. Race as long as possible, rise up the leaderboards and just don’t crash.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KWinFT 5.20 With Aims For Better Wayland/X11 Experience Than KDE Plasma 5.20′s KWin

          Following this week’s KDE Plasma 5.20 release, KWinFT 5.20 has been released as the fork of KWin and other select components in aiming to offer a better experience.

          KWinFT continues to be led by KDE developer Roman Gilg. KWinFT continues to work on not only providing a more robust Wayland compositor but also improved display management and other capabilities.

        • Roman Gilg: KWinFT project 5.20 released

          New versions of the KWinFT projects Wrapland, Disman, KWinFT and KDisplay are available now. They were on the day aligned with the release of Plasma 5.20 this week and offer new features and stability improvements.

          Universal display management

          The highlight this time is a completely redefined and reworked Disman that allows to control display configurations not only in a KDE Plasma session with KWinFT but also with KWin and in other Wayland sessions with wlroots-based compositors as well as any X11 session.

          You can use it with the included command-line tool dismanctl or together with the graphical frontend KDisplay. Read more about Disman’s goals and technical details in the 5.20 beta announcement.

        • Getting KDE onto commercial hardware

          At Akademy 2020, the annual KDE conference that was held virtually this year, KDE developer Nate Graham delivered a talk entitled “Visions of the Future” (YouTube video) about the possible future of KDE on commercial products. Subtitled “Plasma sold on retail hardware — lots of it”, the session concentrated on ways to make KDE applications (and the Plasma desktop) the default environment on hardware sold to the general public. The proposal includes creating an official KDE distribution with a hardware certification program and directly paying developers.

          Graham started by giving some context; the ideas to be presented were a followup on the KDE accessibility and productivity goals from 2017. One of the objectives was to get Plasma and KDE applications ready to work on all kinds of hardware. Graham thinks that this has been achieved and it is the time to move to the next step: creating an official KDE operating system. He commented: “we have to, if we want to have direct relations with hardware vendors”.

          KDE already has an official distribution called neon, he said. Neon is, however, a “halfway product”, because it showcases current KDE products on top of a distribution (Ubuntu 20.04 LTS) that may otherwise be outdated. On the other hand, it is good enough to be shipped on Slimbook laptops. A member of the audience requested an explanation of what has changed from the inception of neon, which was not called an official KDE OS at that time. Graham responded that there was a fear of harming the relationships between KDE and distributors, but agreed that a good way to go forward would be to call neon what it really is: the official KDE distribution.

          Graham continued by presenting his list of requirements for such an OS. First, it needs the latest software, including a current Linux kernel, which is necessary for hardware enablement. The applications should be newer than those found in Ubuntu; they could be installed from Flatpaks or Snaps. The last requirement was to make it possible to rebase this system onto another distribution. With such features, this system “will be more awesome”, he said.

    • Distributions

      • SUSE/OpenSUSE

        • News in openSUSE Packaging

          If you are interested in openSUSE, sooner or later you will probably learn how packages and specfiles work. But packaging is not static knowledge that you learn once and are good to go. The rules change over time, new macros are created and old ones are erased from history, new file paths are used and the old ones are forgotten. So how can one keep up with these changes?

          In this article, we will serve you with all recent news and important changes in openSUSE packaging on a silver platter. Whether you are a pro package maintainer or just a casual packager who wants to catch up, you will definitely find something you didn’t know here. We promise.

      • IBM/Red Hat/Fedora

        • Systemd 247 Merges Systemd-OOMD For Improving Low-Memory/Out-Of-Memory Handling

          Merged just minutes ago into systemd Git is the new systemd-oomd component pushed along by Facebook.

          Systemd-oomd has been developed to improve the Linux out-of-memory / memory pressure behavior and based on Facebook’s out-of-memory daemon code that’s been extended to not only work for Linux servers but also desktop systems.

        • Quantum networks: The next generation of secure computing | Enable Sysadmin

          Following my first article on quantum computers, I now explore and attempt to explain the equally fantastic and challenging world of quantum networks. With quantum computing comes quantum networks, and the best tech we have for that is fiber optics. Even though quantum computers are close to absolute magic, they still need networks to communicate, and, for the most part, we are not looking at copper. Fiber optics is the thing, but there is a strange challenge in sending out tiny little photons all on their own. And even if the future looks all quantum, you can bet there will still be loads of old tech working in parallel for years, so ensuring they all can coexist and stay safe will be one of the bigger challenges for sysadmins.

        • Red Hat Integrates Ansible And OpenShift For Cloud-Native Automation
        • Securely connect Quarkus and Red Hat Data Grid on Red Hat OpenShift – Red Hat Developer

          The release of Red Hat Data Grid 8.1 offers new features for securing applications deployed on Red Hat OpenShift. Naturally, I wanted to check them out for Quarkus. Using the Quarkus Data Grid extension made that easy to do.

          Data Grid is an in-memory, distributed, NoSQL datastore solution based on Infinispan. Since it manages your data, Data Grid should be as secure as possible. For this reason, it uses a default property realm that requires HTTPS and automatically enforces user authentication on remote endpoints. As an additional layer of security on OpenShift, Data Grid presents certificates signed by the OpenShift Service Signer. In practice, this means that Data Grid is as secure as possible out of the box, requiring encrypted connections and authentication from the first request. Data Grid generates a default set of credentials (which, of course, you can override), but unauthenticated access is denied.

          In this article, I show you how to configure a Quarkus application with Data Grid and deploy it on OpenShift.

        • Open Practice Library basics: Defining the team’s work

          In the previous article in this series, we outlined some simple open practices to start forming a team using the Open Practice Library. Now, we will describe some practices that can be used to define the team’s work.

      • Debian Family

        • Chrome OS 86 adds update button for Debian Linux container

          If you’re new to Chrome OS or perhaps just learning your way around the recently added Linux terminal, you may be unaware that Google transitioned the Linux container from Debian 9 to Debian 10 (Buster) with the release of Chrome OS 80 back in March. If you have been tinkering with Linux on Chrome OS for some time, you’ve likely already forced the updated to Debian 10 by removing the Linux container and reinstalling it.

          Devices that haven’t received the update due to the fact that they have been sitting on a shelf or whatever other reason you can think of, can now upgrade to the newer Debian 10 container with the simple push of a button. This feature will only show up if you are on Chrome OS 86 and your device is still using Debian 9 (Stretch). You will find the “upgrade” button by heading to the Linux (Beta) tab of your Chrome OS settings menu. If you have an upgrade available, you will see the message at the top of the settings.

        • Here is every new feature and improvement we found in Chrome OS 86

          Linux (Beta)

          Linux (Beta), also known as Crostini, is a feature that allows you to access a library of Linux apps on your Chromebook, such as Microsoft Visual Studio Code, Inkscape, or Steam.

      • Canonical/Ubuntu Family

        • Introducing HA MicroK8s, the ultra-reliable, minimal Kubernetes | Ubuntu

          Canonical today announced autonomous high availability (HA) clustering in MicroK8s, the lightweight Kubernetes. Already popular for IoT and developer workstations, MicroK8s now gains resilience for production workloads in cloud and server deployments.

          High availability is enabled automatically once three or more nodes are clustered, and the data store migrates automatically between nodes to maintain quorum in the event of a failure. “The autonomous HA MicroK8s delivers a zero-ops experience that is perfect for distributed micro clouds and busy administrators”, says Alex Chalkias, Product Manager at Canonical.

          Designed as a minimal conformant Kubernetes, MicroK8s installs and clusters with a single command.

        • Canonical introduces high-availability Micro-Kubernetes | ZDNet

          If you’ve been hiding under a rock — and who could blame you these days? — you may have missed how totally Kubernetes now dominates container orchestration. One way to quickly get up to speed on Kubernetes is with Canonical’s MicroK8s. This is an easy-to-run and install mini-version of Kubernetes. And now Canonical has added autonomous high availability (HA) clustering to it.


        • Canonical Announces HA MicroK8s

          MicroK8s, already popular for IoT and developer workstations, now gains resilience for production workloads in cloud and server deployments. Canonical has announced autonomous high availability (HA) clustering in MicroK8s, the lightweight Kubernetes.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Andy Wingo: on “binary security of webassembly”

            You may have seen an interesting paper cross your radar a couple months ago: Everything Old is New Again: Binary Security of WebAssembly, by Daniel Lehmann, Johannes Kinder and Michael Pradel. The paper makes some strong claims and I would like to share some thoughts on it.

            reader-response theory

            For context, I have been working on web browsers for the last 8 years or so, most recently on the JavaScript and WebAssembly engine in Firefox. My work mostly consists of implementing new features, which if you are familiar with software development translates as “writing bugs”. Almost all of those bugs are security bugs, potentially causing Firefox to go from being an agent of the user to an agent of the Mossad, or of cryptocurrency thieves, or anything else.

            Mitigating browser bug flow takes a siege mentality. Web browsers treat all web pages and their corresponding CSS, media, JavaScript, and WebAssembly as hostile. We try to reason about global security properties, and translate those properties into invariants ensured at compile-time and run-time, for example to ensure that a web page from site A can’t access cookies from site B.

          • Mozilla Performance Blog: Performance Sheriff Newsletter (September 2020)

            In September there were 153 alerts generated, resulting in 25 regression bugs being filed on average 7.75 days after the regressing change landed.

            Every time a code is pushed to autoland there is a chance that performance tests such as benchmarks and page loads will be run. The results from these tests are ingested by Perfherder (the performance oriented sibling to Treeherder). If a significant and sustained change (either a regression or an improvement) is detected in the results for any test, an alert will be generated. Performance sheriffs monitor these alerts, identify the push that caused it, and notify the patch author of the change, who then helps to determine the best course of action. This helps us to catch and prevent regressions from reaching our users, and also provides valuable feedback on our efforts to improve performance and to celebrate these wins.

            For a little over a year I have been sending a newsletter to several groups within Mozilla with various metrics related to our regression detection and sheriffing efficiency. Each month I have improved and added to the report, often in response to feedback received. Looking back, my first report from July 2019 included just 5 visualisations, whereas my most recent report from August 2020 included 23. As a result of this growth, the report has become rather dense and overwhelming, and so I’m trying something new. Instead of sending a snapshot of the report by email each month, I’m going to publish an article on our performance blog with a short summary and highlight a few of the findings. For those with access, the full dashboard will be available on Mozilla’s redash instance.

          • Fixing our broken internet

            In unusually stark terms, Mozilla is trying to rally the troops to take back the internet from the forces of evil—or at least “misinformation, corruption and greed”—that have overtaken it. In a September 30 blog post, the organization behind the Firefox web browser warned that “the internet needs our love”. While there is lots to celebrate about the internet, it is increasingly under threat from various types of bad actors, so Mozilla is starting a campaign to try to push back against those threats.

            The effort is, to a certain extent, an attempt to raise the profile of Firefox, which does generally have a better track record on respecting privacy than its competitors. That should not come as a huge surprise since the other major browsers come from companies that stand to profit from surveillance capitalism. The Mozilla Foundation, on the other hand, is a non-profit organization that is guided by a pro-privacy manifesto.


            Two other Firefox add-ons are suggested. Facebook Container is meant to make it harder for Facebook to track users across the web by making use of Firefox Multi-Account Containers. The idea is that interaction with a site is done only in a color-coded tab that doesn’t share identity information (and cookies) with other containers. Facebook Container ensures that links from Facebook pages are followed in a separate container so that Facebook cannot track the user; using Facebook “Share” buttons outside of the container will route them through the container as well.

            Unfck the Internet also recommends the RegretsReporter extension to report on YouTube videos that were recommended but turned out to be objectionable. The idea is to try to crowdsource enough information about the YouTube recommendation system to better understand it—and the AI behind it.

      • Productivity Software/LibreOffice/Calligra

        • Collabora Online moves out of The Document Foundation

          The Document Foundation (TDF) was formed in 2010 as a home for the newly created LibreOffice project; it has just celebrated its tenth anniversary. As it begins its second decade, though, TDF is showing some signs of strain. Evidence of this could be seen in the disagreement over a five-year marketing plan in July. More recently, the TDF membership committee sent an open letter to the board of directors demanding more transparency and expressing fears of conflicts of interest within the board. Now the situation has advanced with one of the TDF’s largest contributing companies announcing that it will be moving some of its work out of the foundation entirely.

          The dispute over the marketing plan has its roots in money, as is often the case. Developing a large system like LibreOffice requires the work of dozens of engineers, who need to be paid to be able to put a full-time effort into the project. Some of the companies employing those developers — Collabora in particular — think that TDF has succeeded too well; the free version of LibreOffice is solid enough that attempts to sell commercial support for it are running into a wall. The proposed marketing plan was designed to better differentiate “community-supported” LibreOffice from the professionally supported offerings from TDF member companies. This idea did not sit well with community members, who worried that LibreOffice was being pushed into a second-class citizen status.

          The tension is at its highest around LibreOffice Online, which provides for collaborative editing of documents hosted on a central server. Evidently, what revenue does exist in the LibreOffice ecosystem is mostly focused on LibreOffice Online, which is a relatively hard service to set up and maintain without having somebody dedicated to the task. TDF has encouraged potential users to go with commercial offerings by, among other things, allowing the system to suggest commercial support to users and not offering binary builds of the LibreOffice Online server. Currently, if you want to establish a LibreOffice Online instance, you must start with the source and build it from there.

        • an Online move …
      • CMS

        • Kiwi TCMS: Kiwi TCMS is partnering with Vola Software

          We are happy to announce that Kiwi TCMS is going to partner with Vola Software to provide 2 interns with opportunities for hacking open source and bootstrapping their careers!

          Vola Software is a custom software development company in one of the poorest regions of the European Union and a long-time contributor to their local ecosystem via Vratsa Software Community. They are located in Vratsa, Bulgaria.

      • Programming/Development

        • Ruby 3.0 brings new type checking and concurrency features [LWN.net]

          The first preview of Ruby version 3.0 was released on September 25. It includes better support for type checking, additional language features, and two new experimental features: a parallel execution mechanism called Ractor, and Scheduler, which provides concurrency improvements.

          According to a 2019 keynote [YouTube] by Ruby chief designer Yukihiro “Matz” Matsumoto, type checking is a major focus of Ruby 3. In his presentation, he noted that Python 3, PHP, and JavaScript have all implemented some version of the feature. In fact, Ruby already has type-checking abilities in the form of a third-party project, Sorbet. For Ruby 3.0, type checking has been promoted into the core project, implemented as a new sub-language called Ruby Signature (RBS). This mirrors the approach taken by Sorbet, which implemented a sub-language called Ruby Interface (RBI). Sorbet allows annotations to exist within Ruby scripts, something that the community wanted to avoid, according to a presentation [YouTube] (slides [PDF]) by contributor Yusuke Endoh; by keeping RBS separate from Ruby, he explained, the project doesn’t have to worry about conflicts in syntax or grammar between the two languages. In a recent blog post, the Sorbet project committed to supporting RBS in addition to its RBI format.

          In a post introducing RBS, core developer Soutaro Matsumoto provided a detailed look at the feature. Conceptually, RBS files are similar to C/C++ header files, and currently are used in static code analysis with a project called Steep. As a part of the 3.0 release, Ruby will ship with a full collection of type annotations for the standard library.

        • Zig heading toward a self-hosting compiler [LWN.net]

          The Zig programming language is a relatively recent entrant into the “systems programming” realm; it looks to interoperate with C, while adding safety features without sacrificing performance. The language has been gaining some attention of late and has announced progress toward a Zig compiler written in Zig in September. That change will allow LLVM to become an optional component, which will be a big step forward for the “maturity and stability” of Zig.

          Zig came about in 2015, when Andrew Kelley started a GitHub repository to house his work. He described the project and its goals in an introductory blog post in 2016. As he noted then, it is an ambitious project, with a goal to effectively supplant C; in part, that is done by adopting the C application binary interface (ABI) for exported functions and providing easy mechanisms to import C header files. “Interop with C is crucial. Zig embraces C like the mean older brother who you are a little afraid of but you still want to like you and be your friend.”

        • Dirk Eddelbuettel: dang 0.0.12: Two new functions

          A new release of the dang package is now on CRAN, roughly one year after the last release. The dang package regroups a few functions of mine that had no other home as for example lsos() from a StackOverflow question from 2009 (!!) is one, this overbought/oversold price band plotter from an older blog post is another. More recently added were helpers for data.table to xts conversion and a git repo root finder.

          This release adds two functions. One was mentioned just days ago in a tweet by Nathan and is a reworked version of something Colin tweeted about a few weeks ago: a little data wrangling off the kewl rtweet to find maximally spammy accounts per search topic. In other words those who include more than ‘N’ hashtags for given search term. The other is something I, if memory serves, picked up a while back on one of the lists: a base R function to identify non-ASCII characters in a file. It is a C function that is not directly exported by and hence no accessible, so we put it here (with credits, of course). I mentioned it yesterday when announcing tidyCpp as I this C function was the starting point for the new tidyCpp wrapper around some C API of R functions.

        • Jussi Pakkanen: Does C++ still deserve the bad rap it has had for so long?

          Traditionally C++ has been seen by many (and you know who you are) as just plain bad: the code is unreadably verbose, error messages are undecipherable, it’s unsafe, compilation takes forever and so on. In fact making fun of C++ is even a fun pastime for some. All of this was certainly true in the 90s and even as recent as 10 years ago. But is it still the case? What would be a good way to determine this?

        • Python

          • Explore the world of programming with Jupyter | Opensource.com

            JupyterLab is the next-generation web-based Jupyter user interface. It allows you to work with Jupyter Notebooks, as well as editors, terminals, and more, to produce interactive documents for data science, statistical modeling, data visualization, and more.

            It has native viewers for PDF, CSV, JSON, images, and more. It is also extensible to support other formats.

          • AI, ML and Python: Let’s See How far They Can Go Together | Codementor

            You might have heard these words together : AI, Machine Learning and Python. The reason behind this is that Python is one of the most suitable languages for AI and ML. Python is one of the simplest programming languages and AI and ML are the most complex technologies. This opposite combination makes them to be together.

            In simple words, I would like to make this clear that Machine learning is a really complex technology. Its algorithms are really complex and difficult to understand. And on the other hand, Python is considered to be one of the most simplest languages. Its syntax structure and coding length is really short to understand. That is why Python is considered to be the most suitable language as it can manage complex algorithms in the simplest way.

          • Python: Get Number of Elements in a List

            Getting the number of elements in a list in Python is a common operation. For example, you will need to know how many elements the list has whenever you iterate through it.

          • type() vs. isinstance()

            Python is a dynamically typed language. A variable, initially created as a string, can be later reassigned to an integer or a float.

          • Running Django on DigitalOcean’s App Platform | TestDriven.io

            DigitalOcean’s new App Platform is a Platform-as-a-Service (PaaS) offering, which (much like Heroku) allows you to deploy an application from a git repository.

            This article looks at how to deploy a Django application to DigitalOcean’s App Platform.

        • Shell/Bash/Zsh/Ksh

          • Bash For Loop on Linux – idroot

            In this tutorial, we will show you how to use bash for loop on Linux systems. For those of you who didn’t know, Loops are one of the fundamental concepts of programming languages. Loops are handy when you want to run a series of commands over and over again until a certain condition is reached. Like any other programming language, bash shell scripting also supports ‘for loops’ to perform repetitive tasks. It helps us to iterate a particular set of statements over a series of words in a string, or elements in an array.

          • What is a Bash Script? – Linux Hint

            Have you ever heard your father telling you to grab a glass of water? You have a choice to say No, but computers don’t have that choice. Computers are going to do exactly what you would tell them to do. Bash is just a shell that allows you to communicate with the computer and allow you to give instructions to it. A script is basically just a set of instructions given to the computer to execute different meaningful tasks. A script helps you automate different tasks along with the luxury to accomplish results faster than the normal procedure. Normally, in the terminal, you write a basic or advance bash command and it executes on it right away. In bash scripts, you could give multiple instructions or commands at once and the computer would execute all of them only when you would execute the script. In a nutshell, single bash command can be executed in the terminal but to execute a combination of multiple commands at once, you need to create a bash script.

  • Leftovers

    • A Woman’s Life

      Buffalo, N.Y.—In memory, my Aunt Dolor is a big woman. Big hair, big sunglasses, big jewelry, big bold colors, with geometric shapes in the 1960s and ’70s especially, when our families saw each other most. Her husband, my mother’s brother, called her Doll.

    • A Taste for Travel? Finnair to Sell Plane Food in Shops

      Finnish carrier Finnair says it will start selling business class-style airline meals in a nationwide supermarket chain in a move to both keep its catering staff employed and also to offer the airline experience to those missing flying in the COVID-19 times.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Vivaldi 3.4 Released with Configurable Context Menus

          Vivaldi web browser released new stable 3.4 version that features configurable context menus, automatic reloading pages, and Vivaldia, the real 80s arcade-style game.


          (Optional): To remove Vivaldi apt repository from you system, launch Software & Updates and navigate to Other Software tab.

        • Tracealyzer Version 4.4 with support for embedded Linux now available

          Percepio, the specialist in visual trace diagnostics for embedded and IoT software systems, has announced the immediate availability of Tracealyzer version 4.4 with new support for embedded Linux.


          Percepio CEO and founder Dr. Johan Kraft commented, “Percepio Tracealyzer is firmly established as the leading solution for visual trace diagnostics in the RTOS space. Linux is the single largest platform for embedded and IoT systems today and has an even greater need for better debugging support at system level. We are therefore thrilled to release an even better version of Tracealyzer that is now also optimised for the needs of embedded Linux developers.”

        • Tracealyzer ships with support for embedded Linux

          Version 4.4 of the Percepio Tracealyzer tool with support for embedded Linux is now shipping after an open beta programme

          After extensive public beta testing, Percepio has launched version 4.4 of its Tracealyzer development tool with support for embedded Linux alongside its real time operating systems.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Introducing the Open Governance Network Model – The Linux Foundation

                The Linux Foundation has long served as the home for many of the world’s most important open source software projects. We act as the vendor-neutral steward of the collaborative processes that developers engage in to create high quality and trustworthy code. We also work to build the developer and commercial communities around that code to sponsor each project’s members. We’ve learned that finding ways for all sorts of companies to benefit from using and contributing back to open source software development is key to the project’s sustainability.

                Over the last few years, we have also added a series of projects focused on lightweight open standards efforts — recognizing the critical complementary role that standards play in building the open technology landscape. Linux would not have been relevant if not for POSIX, nor would the Apache HTTPD server have mattered were it not for the HTTP specification. And just as with our open source software projects, commercial participants’ involvement has been critical to driving adoption and sustainability.

        • Security

          • Security updates for Thursday

            Security updates have been issued by Arch Linux (chromium), Debian (httpcomponents-client), Fedora (claws-mail), SUSE (bcm43xx-firmware, crmsh, libqt5-qtimageformats, libqt5-qtsvg, php53, php7, and rubygem-activesupport-4_2), and Ubuntu (php5, php7.0, php7.2, php7.4, python2.7, python3.4, python3.5, python3.6, and vim).

          • SUSE Releases Fixes for BleedingTooth Vulnerabilities

            Yesterday evening, Google and Intel published a new set of software vulnerabilities that affect machines running Linux Kernels that use Bluetooth.
            The set of vulnerabilities, called BleedingTooth, impact SUSE Linux Enterprise systems with enabled Bluetooth hardware.

          • Alcide and SUSE: A New Partnership in DevSecOps

            At SUSE, we are actively looking to find technology alignment with the Partners in our ecosystem that are looking to drive open source innovations. An important function of that partner community is our close collaboration with Independent Software Vendors that are looking to help power digital transformation and enable our customers to innovate and grow. These collaborative partnerships help support our joint customer in their digital journey from on-prem infrastructures towards hybrid- and multi-cloud environments.
            That’s the reason why our engagement with Alcide definitely makes sense. The cloud-native company seeks to bridge the gap between DevOps and Security by providing real-time visibility of operations, with deep analysis and control in order to manage complex Kubernetes deployments.

          • Ubuntu Studio: About Website Security

            We are aware that, as of this writing, our website is not 100% https. Our website is hosted by Canonical. There is an open ticket to get everything changed-over, but these things take time. There is nothing the Ubuntu Studio Team can do to speed this along or fix it ourselves. If you explicitly type-in https:// to your web browser, you should get the secure SSL version of our site.

          • BleedingTooth Linux Exploit Can Lead to Remote Code Execution Within Bluetooth Range

            A new Bluetooth security vulnerability has appeared, and this time Linux is under the gun. Andy Nguyen, an information security researcher, discovered the vulnerabilities. They are collectively known as BleedingTooth, which allows for zero-click remote code execution on Linux devices within Bluetooth range. The code can be executed with kernel privileges, and Intel has rated the exploit at an 8.3 on the common vulnerability scoring system (CVSS).

            According to the research page for CVE-2020-12351, BleedingTooth is a “Heap-Based Type Confusion in L2CAP.” What this means is that a malicious user can send data to the Bluetooth subsystem (BlueZ program) in Linux, after which the code for the subsystem does not check the type of payload. As a result, the injection is read into the subsystem, and it can lead to further code execution. As the research page explains, “A remote attacker in short distance knowing the victim’s bd [Bluetooth Device] address can send a malicious l2cap packet and cause denial of service or possibly arbitrary code execution with kernel privileges.” Andy Nguyen showcased this vulnerability in the video below, where he launched a calculator program on a remote machine.

    • Environment

    • AstroTurf/Lobbying/Politics

    • Civil Rights/Policing

      • Barrett Sparks Outrage With Claim That She Has No “Firm Views” on Climate Crisis

        Environmentalists were appalled — if not necessarily surprised — by Supreme Court nominee Amy Coney Barrett’s statement Tuesday that she does not “have firm views” on climate change, an ostensibly neutral comment that critics said is tantamount to denial of the science.

      • Does Trump Have Power to Pardon Himself? His Supreme Court Nominee Won’t Say.

        During her confirmation hearings on Wednesday, President Donald Trump’s Supreme Court nominee, Judge Amy Coney Barrett, refused to give her opinion on an important question that’s come up over the past four years: whether sitting presidents have the power to pardon themselves.

      • The New Humanitarian | COVID-19 stalls legal reforms for Venezuelan migrants

        Two years ago, 11 Latin American countries gathered in solidarity to coordinate a progressive response to an unprecedented regional exodus. But COVID-19 has since crippled their economies and far-reaching migration reforms have stalled, leaving the lives and livelihoods of millions of Venezuelan migrants in the balance.
        The 2018 Quito Declaration affirmed Latin America’s commitment to improving migrants’ access to regular status, health services, skills training, and the labour market. Signatories agreed to accept expired travel documents and to create an Information Card for Regional Mobility so Venezuelans could easily migrate and integrate.

        But even before the pandemic, several countries began decreasing access to regularisation, with Chile, Peru, and Ecuador all introducing new or renewed entry protocols requiring unexpired passports or visas that many Venezuelans find difficult or impossible to acquire.

        “Rather than follow-up, we’re seeing some extreme back-sliding, particularly in the last few months with the pandemic,” Geoff Ramsey, director for Venezuela at the Washington Office on Latin America (WOLA) think tank, told The New Humanitarian. “What started as a noble initiative for a comprehensive regional response has become a race to the bottom.”

        The result is that less than half of the 5.1 million Venezuelans known to have fled their homeland since 2015 have permits allowing them to reside and work legally in host countries, and the real fraction is considerably lower since many governments neglect to include migrants with no regular status in their numbers.

    • Monopolies

      • Patents

        • IP Issues with Judge Barrett

          Amy Coney Barrett: (57:01)

          So, without commenting on any particular cases, which actually I have to be completely honest and confess to, I can’t think of what particular cases you might be thinking of in the patent eligibility. But without commenting on those cases in any event, I think I would say that clarity in decision-making is always something that courts should strive for. And I know on the seventh circuit, we try and I’m trying to be attuned to in writing opinions, whether it gives good guidance to lower courts and then to also those who are trying to order their conduct in compliance with the law. So, I think clarity is certainly a virtue in this context.


          Amy Coney Barrett: (58:29)

          Most of the things you’re identifying sound to me like matters of policy. And so, those seem like matters that are best addressed by the legislature, a democratically elected body, not policy made by courts.

        • Broadest Reasonable Interpretation in Light of the Specification

          I feel really bad about this, but whenever I see a Snyders lawsuit, I cant stop thinking back to the late 1990’s when I used to eat Snyder’s mustard flavored pretzels.

          This case is not about pretzels, but rather focuses on Snyders artificial heart valve patent US6540782. Eat your heart out?

          Snyders sued St. Jude for infringement in D.Minn and St. Jude responded with a pair of inter partes review (IPR) petitions. The PTAB initiated the IPRs and eventually ruled that some of the claims were anticipated by a prior patent.

        • Software Patents

          • Open Invention Network Expands Its Open Source Patent Protection

            OIN, the largest patent non-aggression community in history, says the action helps reduce patent risk associated with core Linux and adjacent open source code. This expansion includes 520 new software components, which brings the total number of protected packages to 3,393, according to the announcement.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Links 8/12/2021: Zorin OS 16 Milestone and Calculate Linux 22 Released; Kubernetes 1.23

    Links for the day

  2. A Call for Sources and Whistleblowers From Microsoft's GitHub

    Remarks on our publications from this morning and a call for more leakers and whistleblowers, who know GitHub better than anybody else (including lots of fools who still outsource all of their hard labour to Microsoft through GitHub)

  3. [Teaser] Rape is Not a Joke

    Having just uploaded a police report, we’re starting to move the ongoing series to the next phase, which will still be — for the most part — weekly installments on Mondays (for months to come)

  4. [Teaser] Meet Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley

    Alex Graveley, a serial abuser, has been protected by Microsoft; what does that say about Microsoft and about Nat Friedman, GitHub’s CEO whom Alex considers his "best friend"? Stay tuned as we have plenty more to show

  5. IRC Proceedings: Tuesday, December 07, 2021

    IRC logs for Tuesday, December 07, 2021

  6. Links 8/12/2021: FreeBSD 12.3, EasyOS 3.1.13, and WordPress 5.9 Beta 2

    Links for the day

  7. [Meme] EU Assurances

    The EPO‘s staff cannot be blamed for losing patience as elected public representatives completely fail to do their job (with few exceptions)

  8. Clare Daly (GUE/NGL) Does What Every Public Official in Europe Should Have Done About EPO Shenanigans

    There’s another (new) push to hold the EPO accountable, seeing that the overseers clearly do not do their job and instead cover up the abuses

  9. Links 7/12/2021: Firefox 96 Beta and Fedora 37 Abandons ARMv7

    Links for the day

  10. Links 7/12/2021: Plasma Mobile Gear 21.12 and Tails 4.25

    Links for the day

  11. All IRC Logs Now Available as GemText Over Gemini Protocol

    Today we've completed the transition from plain text over gemini:// to GemText over gemini:// for IRC logs

  12. IRC Proceedings: Monday, December 06, 2021

    IRC logs for Monday, December 06, 2021

  13. [Meme] Rowing to the Bottom of the Ocean

    The EPO‘s Steve Rowan (VP1) is failing EPO staff and sort of “firing” workers during times of crisis (not at all a crisis to the EPO’s coffers)

  14. EPO Gradually Reduced to 'Fee Collection Agency' Which Eliminates Its Very Own Staff

    Mr. Redundancies and Mr. Cloud are outsourcing EPO jobs to Microsoft and Serco as if the EPO is an American corporation, providing no comfort to long-serving EPO staff

  15. Linux Foundation 2021 Annual Report Made on an Apple Mac Using Proprietary Software

    Yes, you’re reading this correctly. They still reject both “Linux” and “Open Source” (no dogfooding). This annual report is badly compressed; each page of the PDF is, on average, almost a megabyte in size (58.8 MB for a report of this scale is unreasonable and discriminates against people in countries with slow Internet connections); notice how they’re milking the brand in the first page (straight after the cover page, the 1991 ‘creation myth’, ignoring GNU); remember that this foundation is named after a trademark which is not even its own!

  16. Links 7/12/2021: OpenIndiana Hipster 2021.10 and AppStream 0.15

    Links for the day

  17. Microsoft “Defender” Pretender Attacks Random Software That Uses NSIS for installation; “Super Duper Secure Mode” for Edge is a Laugh

    Guest post by Ryan, reprinted with permission

  18. Links 6/12/2021: LibreOffice Maintenance Releases, Firefox 95 Finalised

    Links for the day

  19. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission

  20. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already

  21. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?

  22. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him

  23. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)

  24. Links 6/12/2021: HowTos and Patents

    Links for the day

  25. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021

  26. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://

  27. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day

  28. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day

  29. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large

  30. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts