Gemini version available ♊︎

Links 24/1/2021: Nouveau X.Org Driver Release and GhostBSD 21.01.20

Posted in News Roundup at 1:31 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.10.10
        I'm announcing the release of the 5.10.10 kernel.
        All users of the 5.10 kernel series must upgrade.
        The updated 5.10.y git tree can be found at:
        	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y
        and can be browsed at the normal kernel.org git web browser:
        greg k-h
      • Linux 5.4.92
      • Linux 4.19.170
      • Linux 4.14.217
      • Linux 4.9.253
      • Linux 4.4.253
      • You can presently operate Linux on Apple M1 machines

        The Creators from security startup, Corellium have disclosed that they governed to bring Linux operating on Apple’s Arm founded M1 appliances natively.

        As Linux, and Windows, were already available on Apple Silicon owing to virtualization, this is the very initial example of those non macOS operating systems (O.S) operating on the hardware.

        The CTO of Corellium, Chris Wade stated earlier on Twitter that Linux is presently entirely available on the Mac mini M1. Booting it from USB an entire Ubuntu desktop computer (rpi), whereas trading the images of Ubuntu’s Raspberry Pi ARMv8 desktop computer picture booting on Apple M1 machine.

      • Apple M1 Macs can now run the full version of Linux [Ed: Maybe plagiarist site]

        A new Linux port allows Apple’s Mac M1s to run Ubuntu for the first time. Corellium, a security company that provides a virtualized version of iOS for security testing, has successfully ported Ubuntu to the M1 Macs and posted a tutorial for others to follow. The modified version of Ubuntu boots into the normal user interface and includes USB support.

        The Corellium team have detailed how they got Ubuntu to work, and it’s a good in-depth article if you’re interested in the details. Although some M1 components are shared with Apple’s mobile chips, non-standard chips have made it difficult to create Linux drivers to make Ubuntu work properly.

        Apple didn’t design its M1 Macs with dual boot or Boot Camp in mind. Craig Federighi, senior vice president of software engineering at Apple, previously ruled out official support for startup alternative operating systems such as Windows or Linux. Virtualization seems to be Apple’s preferred method, but that hasn’t stopped people from creating their own ports.

      • Ubuntu Linux is currently operating on M1 Macs

        For the first time, clients of Apple Silicon Macs utilizing Apple’s M1 chip, for example, the entry-level 13-inch MacBook Pro, Mac mini, and MacBook Air—would now be able to boot in to and natively run Linux.

        The vintage at play here is Ubuntu, and the port was created by Corellium, which in any case virtualizes iOS and other ARM-based OSes to empower simpler security testing. It’s important also that Apple has recently sued the organization over said iOS security testing tool. The lawsuit didn’t turn out well for Apple.

        Corellium Chief Technology Office Chris Wade declared the culmination of the cooperation on Twitter yesterday. What’s more, in a blog post on Corellium’s site, the group behind the port writes that it was created in corresponding with the group’s efforts at “creating a model of the [M1] for our security research part.”

      • Linux 5.12 To Allow Voltage/Temperature Reporting On Some ASRock Motherboards – Phoronix

        Voltage, temperature, and fan speed reporting among desktop motherboards under Linux remains one of the unfortunate areas even in 2021… Many SIO ICs remain publicly undocumented and the Linux driver support is often left up to the community and usually through reverse-engineering. Thus the mainline Linux kernel support is left to suffer especially among newer desktop motherboards.

      • [Older] F2FS With Linux 5.12 To Allow Configuring Compression Level

        While the Flash-Friendly File-System (F2FS) allows selecting between your choice of optional compression algorithms like LZO, LZ4, and Zstd — plus even specifying specific file extensions to optionally limit the transparent file-system compression to — it doesn’t allow easily specifying a compression level. That is fortunately set to change with the Linux 5.12 kernel this spring.

        Queued now into the F2FS “dev” tree ahead of the Linux 5.12 merge window is a patch that’s been floating around for some weeks to allow easily configuring the compression level. The compress_algorithm mount option is expanded to allow also specifying a level, such that the format supported is [algorithm]:[level] should you want to override any level preference like with the LZ4 and Zstd compression algorithms.

      • Graphics Stack

        • Nouveau X.Org Driver Sees First Release In Two Years

          Two years and nine patches later, xf86-video-nouveau 1.0.17 is out as the latest X.Org driver update for this open-source NVIDIA driver component.

          Like the other DDX drivers with the exception of the generic xf86-video-modesetting driver that is quite common now to those still running on X.Org with the open-source stack, xf86-video-nouveau seldom sees new activity. Since the prior v1.0.16 release two years ago there has been less than a dozen patches for it. The interesting activity happens in DRM/KMS kernel space and an increasing number of users are just relying upon xf86-video-modesetting over these hardware-specific X.Org user-space drivers.

    • Applications

      • Best mathematics packages for Linux in 2021

        Why would you want to do mathematics on Linux? Isn’t mathematics over when you leave school? No! Maths is fun. You may also have forgotten much of what you should have learned in school.

        With the packages in this roundup we’ll show which you should choose for what purpose.

        While you can use all the packages here for learning, there are two in particular that are much better at teaching, rather than giving you results for some project. You will see that you can even control a drone with the help of mathematics.

      • Essential Utilities: Flash OS Images

        Linux offers a gamut of open source small utilities that perform functions ranging from the mundane to the wonderful. In our eyes, it’s the breadth of these tools that help to make Linux a compelling operating system.

        For beginners to Linux the range of distributions can be daunting. Should I investigate Ubuntu, Arch Linux, openSUSE, elementaryOS, or even try Solus? A good way to experiment with Linux distributions and find the one that best fits your needs is to create a bootable SD card or USB drive flashed with the Linux distros. The tools featured in this article make this process simple and safe. They are all easy to use with a simple interface, and hard drive friendly.

      • Openstack RDO && KVM Hypervisor: Setting up Connection pooling on TomCat 9.041 Java Web Server

        Overall application file layout . This Howto follows only official guidelines and might be a bit more straight forward then original . That is a way I was able to get JNDI up and running on 9.0.41 release .

      • Sylvain Beucler: Android Emulator Rebuild

        Android Rebuilds provides freely-licensed builds of Android development tools from a Mountain View-based company.

        The Emulator package moved to a separate component and build system.

    • Instructionals/Technical

      • GNU Linux – how to mount single disk failed RAID1
      • How to create a Linux EC2 instance step by step on Amazon AWS

        Amazon EC2 (Amazon Elastic Compute Cloud) is a part of AWS product offerings, where users can rent virtual servers in the AWS public cloud. You pay for rented compute resources (CPU, memory, hard drive) at per-second granularity on a “pay-as-you-go” basis. For those of you who have just started with Amazon EC2, this tutorial covers a step-by-step procedure to create a Linux instance on AWS EC2 platform.

      • What’s with cp –reflink: failed to clone: Invalid argument?

        Most modern copy-on-write file systems, such as Btrfs and XFS, support file cloning. (OpenZFS being the notable exception.) However, the tools that support this space-saving innovation can be difficult to use. Here’s an example situation detailing how the simple copy (cp) command on Linux can make it hard to understand what’s going on.

        As an example, here’s a quick command set that will create a file and a directory, disable copy-on-write on the directory, and then attempt to clone the file into the directory. It uses commands from gnu-coreutils and e2fsprogs packages, and assumes you’re working on a file cloning-capable file system.

      • Set Up SSH Two-Factor Authentication (2FA) on CentOS/RHEL Server

        This tutorial will show you how to set up SSH two-factor authentication on CentOS/RHEL server using the well-known Google Authenticator. It will greatly improve the security of SSH service on your CentOS/RHEL server.

      • How to Install PHP 8.0 & PECL Extensions in Ubuntu 20.04, 18.04, 16.04 | UbuntuHandbook

        Want to install PHP 8.0 as well as many PECL extensions in your Ubuntu Server? Well there’s a well trusted PPA that contains the packages for all current Ubuntu releases.

        Ondřej Surý, a Debian Developer who maintains the official PHP packages in Debian, is maintaining an Ubuntu PPA that contains the latest PHP 5.6, PHP 7.0, PHP 7.1, PHP 7.2, PHP 7.3, PHP 7.4, and PHP 8.0 packages as well as PECL extensions for all current Ubuntu releases.

      • Install and Configure Prometheus Monitoring on Kubernetes

        We are going to deploy Prometheus to monitor Kubernetes nodes and more.

      • Command to install Vmware tools on Ubuntu using terminal

        Vmware workstation Player is one of the best available virtualization platforms to run various Linux, Android, and Windows virtual machines. However, to adapt the host display and increase the performance of installed guest os or VMs it needs a set of tools called VMware Tools to install on Linux, Windows, and other supported OS.

        VMware tools let us enable guests to host or vice versa content copy-paste (clipboard), drag and drop facility to transfer folders and files, and let the guest os to adapt the resolution of the host display.

        Although we can install VMware Tools using the graphical options of VMware workstation player, however, on Linux this becomes a lot easier and straightforward with the help of a command-line terminal.

    • Games

      • Gaming Like It’s 1925: Last Week To Join The Public Domain Game Jam!

        Sign up for the Public Domain Game Jam on itch.io »

      • ujoy(4) added to -current

        With the following commit, Thomas Frohwein (thfr@) added a joystick/gamecontroller driver to -current: [...]

      • The First Online Conference Is Happening Today For The Godot Game Engine – Phoronix

        For those interested in Godot as the premiere open-source 2D/3D game engine or just looking for some interesting technical talks to enjoy this weekend, the first GodotCon Online is today.

        GodotCon 2021 is the open-source game engine’s first entirely online conference for developers, users, and other contributors to this promising open-source project. The YouTube-based event has been running from 8:45 UTC today until 16:00 UTC, but fear not if you missed out as you can already go back and listen to the prior talks in the stream. The recordings will remain available for those wanting to enjoy it in the days ahead. All of the content is free of charge.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Saw Many Fixes + Improvements On Top Of Shipping Plasma 5.21 Beta

          In addition to shipping the Plasma 5.21 beta this week, KDE developers were very active in not only working out fixes for next month’s Plasma 5.21 desktop but also other improvements to KDE applications.

        • KDE Plasma 5.21 Beta Launched – Checkout Features & UI Improvements

          The KDE Team has released KDE Plasma 5.2.1 Beta version for testing, and it looks awesome. Plasma 5.21 will absolutely fine but kindly understand that this very release is a beta release & will have bugs in it. Yet lots of Design improvements, themes and bug fixes are done in this beta version.


          There is also a new dark theme which is actually a mix of dark & light theme. This Breeze Twilight theme will be available from the global theme settings.

          System Setting with more Accessibility & features

          Settings will have a separate page for Firewall and Get a graphical view to set your firewall rules using UFW & Firewalld. It is easier to navigate in Settings menu because of the updated UI.

        • KDE Goals – a year lost, a year gained

          The year 2020 was difficult in many ways, but it also was important for me: I joined KDE e.V. as a consultant in the role of Project Coordinator.

          One of the main focuses of mine was supporting the KDE Goals initiative, which resulted in creating a formalized process.

          As you might know (or read in the process), the KDE Goals are to be replaced roughly every two years.

          This timebox was selected to balance keeping the Goals fresh, and letting the Goal Champions have enough time to work on the topics with the community.

      • GNOME Desktop/GTK

        • The State of GNOME 40′s Threaded Input

          One of many improvements we have been looking forward to with GNOME 40 is Mutter now having a separate input thread with its native back-end for Wayland.

          That allows more of the input work to happen in a separate CPU thread. The code was merged back in November and has seen improvements ahead of the GNOME 40 debut in March. This week on the GNOME Shell and Mutter blog was a post looking at the current state of this work.

        • The 10 Best GNOME Based Linux Distributions To Check Out in 2021

          If you have ever used Linux, then there is no chance that you didn’t hear about GNOME. GNOME is one of the best user-friendly and open source desktop environments based on Linux. It started its journey in 1997 by Miguel de Icaza and Federico Mena. But it is still popular among Linux lovers for its features. As a result, a bunch of distributions uses GNOME as their default desktop environment. Among them, Fedora, Ubuntu, Arch Linux are known as the best GNOME based Linux distribution. Moreover, this magnificent desktop environment comes with many features. For instance, a better web experience, GNOME map, application grid, and many more.

        • GNOME 40′s Mutter Adds Atomic Mode-Setting Support

          Adding to the list of big ticket changes for GNOME 40 is Mutter now supporting atomic mode-setting.

          The popular mainline DRM/KMS drivers for years have generally supported atomic mode-setting while finally with Mutter 40 the bits are coming into place for GNOME. Atomic mode-setting is much cleaner than the older legacy mode-setting path, principally allows for testing of modes prior to applying, can reduce flickering in some instances, and also tends to be faster.

    • Distributions

      • MX Linux is Now Available for Raspberry Pi [Download and Install Guide]

        The lightweight and popular Linux distribution – MX Linux extended its reach. And MX Linux is now available for Raspberry Pi devices as a Beta image (Fluxbox-RaspberryPi Respin “Ragout” ) which you can try out on your devices right now. Here’s how.

      • Good News! You Can Start Using MX Linux on Raspberry Pi [In Beta]

        Popular Debian-based MX Linux could soon be installed on Raspberry Pi. The beta version of this community edition is available now.

      • 7 Linux Distros to Look Forward in 2021

        Here is a list of most anticipated Linux distributions you should keep an eye on in the year 2021.

      • Reviews

        • Easy OS 2.4.1 review

          Puppy Linux is a veteran distro. Well actually, it isn’t so much a distro these days as a treatment that you can give to existing Linux distros.

          Anyway, whatever it is, it was originally created back in 2003 by Barry Kauler with the goals of being lightweight yet complete. It’s under new stewardship now, but still holds true to those ideals.

          EasyOS has, for the last three years, been Kauler’s pet project in which he takes Puppy Linux and introduces his own take on containers. We’re going to look at the recently released version based on Debian Buster.

      • BSD

        • GhostBSD 21.01.20 release note

          This new release is to fix a bug found in the installer related to the hostname not behind set up properly on the new system installation. I am sorry if some of you had a problem cause I the missing hostname.


          Recommended system requirements for the new iso

          - 64-bit processor
          - 4GB+ of RAM
          - 15 GB of free hard drive space
          - Network card

        • Routing and Firewalling VLANS with FreeBSD

          When first experimenting, it is important to start with something simple. It can sometimes be far too easy to model very complex setups and then have to spend a lot of time debugging to understand what is not configured correctly.

          These example networks offer both an introduction on how to set up VNET jails with VLANs and show some of the power of their use. A production network built from this would want to give each jail its own file system, this step was skipped to make it easier to follow along.

          The BSD Router project has an example VLAN and VNET multi-tennant set up on their website that includes multiple different virtual machine frameworks. This example is well worth study and this article has hopefully provided the background to help you understand how this network is set up.

        • [Old] FreeBSD On A Raspberry Pi 4 With 4GB Of RAM

          This is the story of how I managed to get FreeBSD running on a Raspberry Pi 4 with 4GB of RAM, though I think the setup story is pretty similar for those with 2GB and 8GB.1

          I also managed to get Rust built from source, (kind of) which is nice because the default Rust installer doesn’t seem to work for FreeBSD running on a Raspberry Pi.

          If there’s anything awry with these steps, please contact me so I can fix it.

      • IBM/Red Hat/Fedora

        • The Surprising Power of Business Experimentation

          We’ve long associated innovation breakthroughs with science and technology coming out of R&D labs, e.g., the transistor, penicillin, DNA sequencing, TCP/IP protocols, and so on. Such major lab-based breakthroughs are at one end of the innovation spectrum. At the other end are market-facing innovations, whose purpose is to create appealing and intuitive user experiences, new business models, and compelling market-based strategies.

          Lab-based innovations were generally born when scientists, mathematicians or engineers developed new theories, technologies, algorithms or programs in an R&D lab. Over time, often years, the innovations found their way to the marketplace. Since technology and markets advanced at a relatively slow pace, there was little pressure to reduce the transition times from lab to market. This was the prevailing innovation model through most of the 20th century.

          It all started to change in the 1980s as the rate and pace of technology advances significantly accelerated. The hand-offs and elapsed times to take an innovation from lab to market were no longer competitive, especially with products based on fast changing digital technologies. Start-up companies significantly shortened the time-to-market for new products and services, putting huge pressure on companies still operating under the old rules.

          These competitive pressures, were further exacerbated by the explosive growth of the Internet in the 1990s, as I personally learned when becoming general manager of the newly established IBM Internet Division in December of 1995. A lot was starting to happen around the Internet, but it was not clear where things were heading, and in particular what the implications would be to the world of business. With the Internet, there was no one technology or product you could work on in the labs that would make you a success in the marketplace. This time around, the strategy itself had to come from the marketplace, not the labs.

    • Devices/Embedded

  • Free, Libre, and Open Source Software

    • Web Browsers

      • Mozilla

        • SeaMonkey on Pi4 no longer freezes

          Ans now SM is behaving nicely, no appreciable freezing. I am testing version 2.6.1, and playing around on youtube.com do get a segmentation fault sometimes. I can live with that, better than freezing. Running SM

          One other thing: The SM cache is in /root/.mozilla, not happy with this, as always trying to reduce writes to the drive. So have changed it to /tmp. SM creates a folder named /tmp/Cache2. In EasyOS, /tmp is a tmpfs, in RAM. The downside of this is the cache will be lost at shutdown. Probably an upside is a possible security benefit.

        • Cameron Kaiser: TenFourFox FPR30 SPR1 available

          With the Quad G5 now back in working order after the Floodgap Power Supply Kablooey of 2020, TenFourFox Feature Parity Release “30.1″ (SPR 1) is now available for testing (downloads, hashes, release notes).

    • Programming/Development

      • How to test PHP code using PHPUnit – Anto ./ Online

        PHPUnit automatically executable tests that verify your application’s behavior. Thus – you can ensure that your changes don’t break existing functionality. This post will show you how to test your PHP code using PHPUnit.

      • Latency Numbers Every Team Should Know

        We design systems around the size of delays that are expected. You may have seen the popular table “latency numbers every programmer should know” which lists some delays that are significant in technology systems we build.

        Teams are systems too. Delays in operations that teams need to perform regularly are significant to their effectiveness. We should know what they are.

        Ssh to a server on the other side of the world and you will feel frustration; delay in the feedback loop from keypress to that character displayed on the screen.

        Here’s some important feedback loops for a team, with feasible delays. I’d consider these delays tolerable by a team doing their best work (in contexts I’ve worked in). Some teams can do better, lots do worse.


        In recent times you may have experienced the challenge of having conversations over video links with significant delays. This is even harder when the delay is variable. It’s hard to avoid talking over each other.

        Similarly, it’s pretty bad if we know it’s going to take all day to deploy a change to production. But it’s so worse if we think we can do it in 10 minutes, when it actually ends up taking all day. Flaky deployment checks, environment problems, change conflicts create unpredictable delays.

        It’s hard to get anything done when we don’t know what to expect. Like trying to hold a video conversation with someone on a train that’s passing through the occasional tunnel.

      • How I programmed a virtual gift exchange

        Every year, my wife’s book club has a book exchange during the holidays. Due to the need to maintain physical distance in 2020, I created an online gift exchange for them to use during a book club videoconference. Apparently, the virtual book exchange worked out (at least, I received kind compliments from the book club members), so I decided to share this simple little hack.

      • Dirk Eddelbuettel: prrd 0.0.4: More tweaks

        The key idea of prrd is simple, and described in some more detail on its webpage and its GitHub repo. Reverse dependency checks are an important part of package development that is easily done in a (serial) loop. But these checks are also generally embarassingly parallel as there is no or little interdependency between them (besides maybe shared build depedencies). See the (dated) screenshot (running six parallel workers, arranged in split byobu session).

        This release brings several smaller tweaks and improvements to the summary report that had accumulated in my use since the last release last April. We also updated the CI runners as one does these days.

      • Perl/Raku

        • vrurg: A New Release Of Cro::RPC::JSON

          I don’t usually announce regular releases of my modules. But not this time. I start this new year with the new v0.1 branch of Cro::RPC::JSON. Version 0.1.1 is currently available on CPAN (will likely be replaced with fez as soon as it is ready). The release is a result of so extensive changes in the module that I had to bump its :api version to 2.

        • gfldex: Anonymous slurpers

          I have a script where I’m only interested in the last two lines of its output.

  • Leftovers

    • Back When
    • Opinion | New Auto Safety Report Demands Biden Strengthen Federal Programs Now

      It is time for the Biden people  to end the soporific record of their predecessors, including that of those from the Obama/Biden Administration

    • He Had a Hammer: Henry Aaron Presente

      When you write for a living, you invariably pen obituaries in advance so they are ready to be published as soon as the death knell of the famous is sounded. I could never do that with Henry “Hank” Aaron. Even at 86, he seemed so precious that I was in no position to even imagine a world without him. He seemed too important to die, like a monument that people would form a human chain to protect against the hordes determined to tear him down. Aaron was living testimony not only to greatness with a bat but to this country’s racism. His willingness to testify to this reality made him the foe of the darkest corners of this country, from chat rooms to the White House.

    • Science

      • Hyderabad’s city lights killing astronomy, enthusiasts, scientists complain

        Light pollution is a menace in the city of Hyderabad which is killing the joy of looking up to the night sky, astronomy enthusiasts and scientists have complained. Praveen Suryavanshi, an amateur astronomer and educator said that just to witness a full dark sky, one now will have to travel as far as at least a 100 kms away from the city.

    • Education

    • Hardware

      • Intel avoids outsourcing embrace, investigates hack of results

        The lack of a strong embrace of outsourcing from new CEO Pat Gelsinger drove shares down 4.7% after hours. Shares rose 6.5% during regular trade, when the results were released ahead of the close. The company said it was investigating “non-authorized” access to some of the results, with the Financial Times quoting its chief financial officer as saying the microchip maker had been [cracked].

      • I have seen the laptop of the future | Stop at Zona-M

        I am not talking of that specific model, of course. I am talking of what a computer like that makes possible.

        That thing measures 61 x 61 x 43 millimeters. It weights 127 grams. It may be the core of an entirely new kind of “laptop”, that is portable computer.

      • DevEBox STM32H7 Development Boards are made for Factory Automation

        STMicro has always provided complete software support for its core modules in the past. No different for the STM32H7 MCU series that comes with complete support of Arm Cortex-M architecture. Irrespective of the board (should have STM32H7 series core module), you can use the STM32CubeH7 embedded software package, which comes with many examples for this MCU series.

        More details about the getting started guide, (in general for STM32H7 MCUs) can be found on STMicroelectronics’ website. There are also “user manuals” specific to the boards taken from the Banggood link below for STM32H750VBT6 (158MB) and STM32H743VIT6 (164MB).

    • Health/Nutrition

      • Opinion | The Scale of Loss: 400,000 Dead

        These losses will haunt us for centuries to come

      • “We’ve Let the Worst Happen”: Reflecting on 400,000 Dead

        In May of last year, ProPublica health care reporter Caroline Chen reflected on the first 100,000 lives lost to COVID-19 and posed an important question: “How do we stop the next 100,000?” Eight months later, with 300,000 additional American lives lost and the chaotic distribution of the vaccine underway, Chen shares her thoughts on where we are and what happens next.

        In your 100,000 lives lost piece, you wrote about questions we needed to ask at that moment: “How do we prevent the next 100,000 deaths from happening? How do we better protect our most vulnerable in the coming months? Even while we mourn, how can we take action, so we do not repeat this horror all over again?” It’s been almost eight months since then. What are the biggest questions we need to be asking now?

      • [Old] The Netherlands is transforming old ashtrays into bike charging stations

        There are few less appealing items in the universe than the ashtray. It’s literally a container for soot, carcinogens, and the occasional whiff of menthol. But in train stations across the Netherlands, the lanky, six-foot smoke poles are something of an architectural icon. So even as 300 of the poles were removed from stations last October when public smoking at railways became illegal, railroad owner ProRail has securely stored the poles, wanting them preserved for a new purpose.

        So what could that purpose be? Charging e-bikes.

      • When healthcare is reduced to a single number | Stop at Zona-M

        I had a “telehealth” doctor’s visit the other day. I was prescribed a scheduled medication without extensive questioning or documentation.

        Why? The prescribing physician had been given a score for me, generated by a proprietary algorithm, indicating that I was at low risk for abuse and addiction.

        The doctors employing this system have access to neither the algorithm nor the patient data it employs. All I could think was, black patients are probably being denied life-saving medication because some rudimentary algorithm flagged them for abuse potential, on the basis of their income or the neighborhood they live in.

        Life or death decisions are being placed into the hands of proprietary algorithms let loose on the public, and there is no opening of the black box or opting out.

    • Integrity/Availability

      • Proprietary

        • SonicWall hardware VPNs hit by worst-case 0-zero-day-exploit attacks

          “…have information about hacking of a well-known firewall vendor and other security products by this they are silent and do not release press releases for their clients who are under attack due to several 0 days in particular very large companies are vulnerable technology companies,” BleepingComputer was told via email.

        • Cyber Firm SonicWall Says It Was Victim of ‘Sophisticated’ Hack

          The Silicon Valley-based company said in a statement that the two products compromised provide users with remote access to internal resources.

          The attackers exploited so-called “zero days” — a newly discovered software flaw — on certain SonicWall remote access products, the company said in a statement.

        • Former manager of Microsoft Taiwan investigated for fraud

          A former manager at the Taiwanese branch of software giant Microsoft was questioned Friday (Jan. 22) about an alleged fraud scam directed against the company.

          In 2016 and 2017, Chang Ming-fang (張銘芳) allegedly colluded with managers of other companies to forge orders to obtain discounts and products at lower prices, UDN reported.

        • School laptops sent by government arrive loaded with malware [iophk: Windows TCO]

          A number of the devices were found to be infected with a “self-propagating network worm”, according to the forum, and they also appeared to be contacting Russian servers, one teacher wrote. The Windows-based laptops were specifically infected with Gamarue.1, a worm Microsoft identified in 2012.

        • Ransomware provides the perfect cover

          Look at any list of security challenges that CISOs are most concerned about and you’ll consistently find ransomware on them. It’s no wonder: ransomware attacks cripple organizations due to the costs of downtime, recovery, regulatory penalties, and lost revenue. Unfortunately, cybercriminals have added an extra sting to these attacks: they are using ransomware as a smokescreen to divert security teams from other clandestine activities behind the scenes.

          Attackers are using the noise of ransomware to their advantage as it provides the perfect cover to distract attention so they can take aim at their real target: exfiltrating IP [sic], research, and other valuable data from the corporate network.

        • Global ransom DDoS extortionists are retargeting companies

          According to Radware, companies that received this letter also received threats in August and September 2020. Security researchers’ analysis of this new wave of ransom letters suggested that the same threat actors from the middle of 2020 are behind these malicious communications.

          When the DDoS extortion campaign started in August of 2020, a single Bitcoin was worth approximately $10,000. It’s now worth roughly $30,000. The attackers cited this in the latest round of ransom letters, and it represents the impact the rising price of Bitcoin is having on the threat landscape.

          A few hours after receiving the message, organizations were hit by DDoS attacks that exceeded 200 Gbps and lasted over nine hours without slowdown or interruption. A maximum attack size of 237 Gbps was reached with a total duration of nearly 10 hours, the alert warned.

        • Boeing 737 MAX is a reminder of the REAL problem with software | Stop at Zona-M

          And that problem almost never is software.

        • Security

          • diffoscope 165 released

            The diffoscope maintainers are pleased to announce the release of diffoscope version 165. This version includes the following changes:

            [ Dimitrios Apostolou ]
            * Introduce the --no-acl and --no-xattr arguments [later collapsed to
              --extended-filesystem-attributes] to improve performance.
            * Avoid calling the external stat command.
            [ Chris Lamb ]
            * Collapse --acl and --xattr into --extended-filesystem-attributes to cover
              all of these extended attributes, defaulting the new option to false (ie.
              to not check these very expensive external calls).
            [ Mattia Rizzolo ]
            * Override several lintian warnings regarding prebuilt binaries in the
            * source.
            * Add a pytest.ini file to explicitly use Junit's xunit2 format.
            * Ignore the Python DeprecationWarning message regarding the `imp` module
              deprecation as it comes from a third-party library.
            * debian/rules: filter the content of the d/*.substvars files

          • Privacy/Surveillance

            • An EU parliament website for COVID testing allegedly broke the EU’s privacy laws

              The website was set up to help MEPs schedule COVID tests, and while it didn’t handle any health information itself, sending data to the US for processing would still be illegal. According to the complaint, the testing website made over 150 requests to third parties, including Google and Stripe. Under EU law, data can only be transferred to the US if “an adequate level of protection for the personal data [can] be ensured,” and noyb argues that the companies “clearly fall under relevant US surveillance laws that allow [targeting of] EU citizens.”

            • Confidentiality

    • Defence/Aggression

      • What Our Forever Wars Will Look Like Under Biden

        Hard as it is to believe in this time of record pandemic deaths, insurrection, and an unprecedented encore impeachment, Joe Biden is now officially at the helm of the US war machine. He is, in other words, the fourth president to oversee America’s unending and unsuccessful post-9/11 military campaigns. In terms of active US combat, that’s only happened once before, in the Philippines, America’s second-longest (if often forgotten) overseas combat campaign.

      • Alexei Navalny: ‘More than 3,000 detained’ in protests across Russia

        Tens of thousands of people defied a heavy police presence to join some of the largest rallies against President Vladimir Putin in years.

        In Moscow, riot police were seen beating and dragging away protesters.

        Mr Navalny, President Putin’s most high-profile critic, called for protests after his arrest last Sunday.

      • Tensions running high after gun incident near House floor

        Lawmaker tensions are running high this week after a Republican lawmaker nearly brought a gun onto the House floor, further stoking concerns about Capitol security and whether members of Congress need protection from one another.

        The renewed anxiety just two weeks after the deadly Jan. 6 attack was sparked by Rep. Andy Harris (R-Md.) when he set off a newly installed metal detector off the House floor with a concealed gun, despite a longtime ban on firearms in the chamber.

        The incident followed numerous reports of other Republicans, accustomed to bypassing metal detectors in the Capitol, chafing at the new security measures. Some Democrats are now openly expressing that they don’t feel safe around certain colleagues.

      • Ugandan Airstrikes in Somalia Kill 189 Al-Shabab Fighters

        AMISOM has been in Somalia for more than 10 years, keeping the peace and supporting Somalia’s government to fend off attacks from al-Shabab militants. The group aims to topple the government and impose its own harsh interpretation of Islamic Sharia law.

        The group controlled large swaths of south-central Somalia until 2011, when it was driven out of Mogadishu by African Union troops.

      • My Name Is Selma

        Selma van de Perre was seventeen when World War Two began. Until then, being Jewish in the Netherlands had been of no consequence. But by 1941 this simple fact had become a matter of life or death. Several times, Selma avoided being rounded up by the Nazis. Then, in an act of defiance, she joined the Resistance movement, using the pseudonym Margareta van der Kuit. For two years ‘Marga’ risked it all. Using a fake ID, and passing as Aryan she travelled around the country delivering newsletters, sharing information, keeping up morale – doing, as she later explained, what ‘had to be done’.

    • AstroTurf/Lobbying/Politics

      • Opinion | ‘Return to Normalcy’

        Let us rise to Biden’s call and dare to dream big

      • Independence Is the Progressive Solution to US Colonialism in Puerto Rico
      • Opinion | QAnon and America’s Political Moment

        It will not be enough to simply to call out groups such as QAnon and demand that they shut up or be silenced

      • Biden’s Immigration Declarations Open Up New Political Terrain for Organizers
      • John Dean: Insurrectionist Senators are Co-Conspirators and Should Not Sit in Judgment of Trump

        AOC: “Sen. Hawley is trying to wiggle out of inciting a riot that killed 5″

      • President Biden’s Tech To-do List

        President Joe Biden is inheriting tricky tech questions including how to rein in powerful digital superstars, what to do about Chinese technology and how to bring more Americans online.

        Here’s a glimpse at opportunities and challenges in technology policy for the new Biden administration: [...]

      • Hey President Biden, Thanks but I Don’t Want “Unity” : You can keep your calls for “togetherness.” I only want equity and accountability.

        If it’s the same “unity” prominent members of the Republican party are now calling for in the wake of what many considered to be the worst attack on the U.S. federal government since 9/11, keep it. That type of “unity” is not about ending a deep-seated divide or quashing the rise of misinformation that mothered it. It’s about allowing men like Senator Lindsey Graham, Senator Ted Cruz (who today wore a mask emblazoned with the words “Come and take it”), and others who felt empowered to subvert a fair and free election to sidestep the consequences of their actions.

      • Facebook purges left-wing pages and individuals

        On Friday, Facebook carried out a purge of left-wing, antiwar and progressive pages and accounts, including leading members of the Socialist Equality Party. Facebook gave no explanation why the accounts were disabled or even a public acknowledgement that the deletions had occurred.

        At least a half dozen leading members of the Socialist Equality Party had their Facebook accounts permanently disabled. This included the public account of Genevieve Leigh, the national secretary of the International Youth and Students for Social Equality, and the personal account of Niles Niemuth, the US managing editor of the World Socialist Web Site. In 2016, Niemuth was the Socialist Equality Party’s candidate for US Vice President.

        Facebook also disabled the London Bus Drivers Rank-and-File Committee Facebook page, which was set up with the support of the Socialist Equality Party (UK) to organize opposition among bus drivers. This follows a widely discussed call for a walkout by bus drivers to demand elementary protections against the COVID-19 pandemic.

        None of the individuals whose accounts were disabled had violated Facebook’s policies. Upon attempting to appeal the deletion of their account, they received an error message stating, “We cannot review the decision to disable your account.”

    • Civil Rights/Policing

      • New Toolkit Tallies Up Victories and Summarizes Strategies to Defund the Police
      • Cori Bush and Ayanna Pressley Lead Call for Biden to Oppose Death Penalty
      • Why Supporting Families Who Have Abortions Later in Pregnancy Is My Life’s Work
      • The Religious Transformation of French Schools

        Once again, Mila has found herself without a high school. On a social network, she accidentally gave the name of her new military school. Its management promptly excluded her for being a potential threat to the students’ security. “Devastated by so much cowardice”, Mila’s father wrote. “Even the army cannot protect her and allow her to continue her education, what can we do, us, her parents? This observation is for us a horror film”.

        Even the French army cannot protect her? “She is 17 years old and now lives like the staff of Charlie Hebdo, in a bunker; it is unbearable!” Mila’s lawyer, Richard Malka, said.

      • [Old] Modern slavery statement

        This statement provides some background to our organisation and our supply chains. It also sets out the work that we have undertaken during the financial year ended 30 September 2020 to ensure that slavery and human trafficking are not taking place either in our organisation or within our supply chains.

      • Capitol Police questioned anew after Guard forced to garages

        The National Guard said it originally moved troops out of the Capitol Rotunda and other spaces to garages at the behest of the Capitol Police. The Guardsmen were allowed back inside late Thursday after reports were widely shared of the conditions in the garages, with few bathrooms and little covering from the cold.

        Capitol Police Interim Chief Yogananda Pittman issued a statement Friday saying her agency “did not instruct the National Guard to vacate the Capitol Building facilities.”

        But two Capitol Police officers who spoke on condition of anonymity contradicted her statement, saying they were told department higher-ups had ordered the Guardsmen out. It was unclear why. The two officers spoke on condition of anonymity because they were not authorized by the department to speak.

    • Monopolies

      • Opinion | Beware Corporate ‘Democracy Washing’: Twitter, Trump, and the Danger of Privatizing the Fight Against Fascism

        Twitter canceling Trump’s account shows that real political power in the United States shifted from government to corporations.

      • Patents

        • IPO Webinar on Videoconferencing at the EPO [Ed: The lobby of IPO is promoting and celebrating illegal practices, which go against the law but help enrich the patent profiteers]

          The Intellectual Property Owners Association (IPO) will offer a one-hour webinar entitled “Videoconferencing at the EPO” on January 27, 2021 from 11:00 am to 12:00 pm (ET). Mike Jennings of AA Thornton, James Pickford of Procter & Gamble, and Gwilym Roberts of Kilburn & Strode will provide an overview of how videoconferencing is being relied on increasingly for formal hearings at the European Patent Office — for examination, oppositions and appeals — and how this provides an option for applicants/proprietors and opponents to participate or observe from their home countries. The panel will summarize the changes to EPO rules and procedures (including December 2020 updates), share their tips and experiences, and also discuss EPO management’s plans to promote videoconference examiner consultations, which have been an effective tool for U.S. attorneys working with the USPTO.

      • Copyrights

        • Google threatens to withdraw search engine in Australia

          Google has threatened to stop making its search engine available in Australia if the federal government’s proposed mandatory media bargaining code becomes law in its current form.

          Managing director Mel Silva on Friday told a senate inquiry that the landmark code “remains unworkable”, despite government attempts to placate the web giant in a December revision.

          Google had previously warned that the code could lead to a “dramatically worse” online experience and the possible end to free services, but until now had not flagged stopping Google Search entirely.

        • MPA Seeks Network Engineer to Help Expose Online Pirates

          The Motion Picture Association (MPA) is hoping to recruit a network engineer to assist in its war against online piracy. Among other things, the Hollywood group is looking for a candidate with knowledge of VPNs, reverse proxies, Whois privacy services, and Internet registries such as RIPE and ARIN. Part of the job description is to find suitable targets for civil and criminal lawsuits.

        • Anti-Piracy Group: Copyright Trolling is a “Stain On The Fight Against Illegal Content”

          After a Danish law firm and one of its partners were charged with fraud for their part in a copyright-trolling scheme against alleged BitTorrent pirates, local anti-piracy group Rights Alliance has criticized the settlement model. Describing it as a “stain” on the fight against illegal content, the group says that site-blocking is a better option. Unfortunately, copyright troll schemes undermine that too.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Links 21/03/2023: Trisquel GNU/Linux 11.0 LTS

    Links for the day

  2. Back Doors Proponent Microsoft Infiltrates Panels That Write the Security Regulations, Press Fails to Point Out the Obvious

    Cult tactics and classic entryism serve Microsoft again, stacking the panels and basically writing policy (CISA). As an associate explained it, citing this new example, Stanford “neglects to point out the obvious fact that Microsoft is writing its own regulations.”

  3. IRC Proceedings: Monday, March 20, 2023

    IRC logs for Monday, March 20, 2023

  4. Links 20/03/2023: Curl 8.0.0/1 and CloudStack LTS

    Links for the day

  5. Standard Life (Phoenix Group Holdings): Three Weeks to Merely Start Investigating Pension Fraud (and Only After Repeated Reminders From the Fraud's Victims)

    As the phonecall above hopefully shows (or further elucidates), Standard Life leaves customers in a Kafkaesque situation, bouncing them from one person to another person without actually progressing on a fraud investigation

  6. Standard Life Paper Mills in Edinburgh

    Standard Life is issuing official-looking financial papers for companies that then use that paperwork to embezzle staff

  7. Pension Fraud Investigation Not a High Priority in Standard Life (Phoenix Group Holdings)

    The 'Open Source' company where I worked for nearly 12 years embezzled its staff; despite knowing that employees were subjected to fraud in Standard Life's name, it doesn't seem like Standard Life has bothered to investigate (it has been a fortnight already; no progress is reported by management at Standard Life)

  8. Links 20/03/2023: Tails 5.11 and EasyOS 5.1.1

    Links for the day

  9. Links 20/03/2023: Amazon Linux 2023 and Linux Kernel 6.3 RC3

    Links for the day

  10. IRC Proceedings: Sunday, March 19, 2023

    IRC logs for Sunday, March 19, 2023

  11. An Update on Sirius 'Open Source' Pensiongate: It's Looking Worse Than Ever

    It's starting to look more and more like pension providers in the UK, including some very major and large ones, are aiding criminals who steal money from their workers under the guise of "pensions"

  12. Services and Users TRApped in Telescreen-Running Apps

    TRApp, term that lends its name to this article, is short for "Telescreen-Running App". It sounds just like "trap". Any similarity is not purely coincidental.

  13. Links 19/03/2023: Release of Libreboot 20230319 and NATO Expanding

    Links for the day

  14. Great Things Brewing

    We've been very busy behind the scenes this past week; we expect some good publications ahead

  15. Links 19/03/2023: LLVM 16.0.0 and EasyOS Kirkstone 5.1 Releases

    Links for the day

  16. IRC Proceedings: Saturday, March 18, 2023

    IRC logs for Saturday, March 18, 2023

  17. Links 18/03/2023: Many HowTos, Several New Releases

    Links for the day

  18. Links 18/03/2023: Tor Browser 12.0.4 and Politics

    Links for the day

  19. Links 18/03/2023: Docker is Deleting Free Software Organisations

    Links for the day

  20. IRC Proceedings: Friday, March 17, 2023

    IRC logs for Friday, March 17, 2023

  21. New Talk: Richard Stallman Explains His Problem With Rust (Trademark Restrictions), Openwashing (Including Linux Kernel), Machine Learning, and the JavaScript Trap

    Richard Stallman's talk is now available above (skip to 18:20 to get to the talk; the volume was improved over time, corrected at the sender's end)

  22. Links 17/03/2023: CentOS Newsletter and News About 'Mr. UNIX' Ken Thompson Hopping on GNU/Linux

    Links for the day

  23. The European Patent Office's Central Staff Committee Explains the Situation at the EPO to the 'Yes Men' of António Campinos (Who is Stacking All the Panels)

    The EPO’s management is lying to staff (even right to their faces!) and it is actively obstructing attempts to step back into compliance with the law; elected staff representatives have produced detailed documents that explain the nature of some of the problems they’re facing

  24. Links 17/03/2023: Linux 6.2.7 and LibreSSL 3.7.1 Released

    Links for the day

  25. GNU/Linux in Honduras: 10% Market Share? (Updated)

    As per the latest statistics

  26. Links 17/03/2023: Update on John Deere’s Ongoing GPL Violations and PyTorch 2.0

    Links for the day

  27. IRC Proceedings: Thursday, March 16, 2023

    IRC logs for Thursday, March 16, 2023

  28. RMS: A Tour of Malicious Software, With a Typical Cell Phone as Example

    Tonight in Europe or this afternoon in America Richard M. Stallman (RMS), who turned 70 yesterday, gives a talk

  29. Skyfall for Sirius 'Open Source': A Second Pension Provider Starts to Investigate Serious (Sirius) Abuses

    Further to yesterday's update on Sirius ‘Open Source’ and its “Pensiongate” we can gladly report some progress following escalation to management; this is about tech and “Open Source” employees facing abuse at work, even subjected to crimes

  30. NOW: Pensions Lying, Obstructing and Gaslighting Clients After Months of Lies, Delays, and Cover-up (Amid Pension Fraud)

    The “Pensiongate” of Sirius ‘Open Source’ (the company which embezzled/robbed many workers for years) helps reveal the awful state of British pension providers, which are in effect enabling the embezzlement to carry on while lying to their clients

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts