Testimonies, Letters, Writings, and More About Richard Stallman

Posted in Deception, Free/Libre Software, FSF, FUD at 11:02 pm by Guest Editorial Team

Published on April 27, 2021. Reproduced with permission.

As we keep working on this website, we are getting feedback from readers who send us their own writings and testimonies, or point us to writings by other people. We are grateful to all of them for their contributions. We can’t publish all of the materials, but here are some.

Professional Interaction with Richard Stallman #professional

by Andy Farnell – March 2021

Attackers of Prof. Richard Stallman, founder of the Free Software Foundation and GNU project, accuse him of “unprofessionalism.” My experience has been different. I recently had reason to speak with Richard Stallman while researching a new book, as I needed to interview an authority on the subject of “Software Freedom.” Of course, this is my personal experience over a short time. Some people say that he is difficult to get along with, but here’s why I feel any labelling of Stallman as “unprofessional” is undeserved.

As I hit send on an email to Richard Stallman, a person famed for “being weird,” I sighed with resignation at the fact it would likely go unanswered. Five seconds later a reply appeared. Obviously it was an automated response, including some boilerplate addressed to any NSA agents enjoying our conversation. Weird, yes! Check one! But in good humour. Were I an NSA worker it would cause no offence and make me smile. His email was polite, concise, informative and sensible. It explained Richard’s workflow for processing mail and when I might expect a reply.

Now, some might say that a “professional” would delegate their public interface. Having dealt with many prominent people I know it sometimes takes weeks and many attempts just to get through to an agent or handler, let alone win a personal audience. Often when trying to interview other writers or public figures one encounters a fortress of aloof discouragement—just go away, I am way too busy for you. Those who have a great deal to say, often take such pains to hide themselves and make sure nobody gets to speak back. As I see it, Stallman shares with the legendary Noam Chomsky, in being approachable by anyone, whether a professional reporter, student, blogger, or critic.

So, within a few days I received a thoughtful and detailed reply from Richard himself, who suggested we talk, and some choices of technology for a meeting. We found a mutually agreeable solution, being Jit.si, over which Richard devoted hours to helping me with my questions. I had expected a great fuss about encryption, and to find myself awake past midnight recompiling a kernel or fighting with encryption keys in order to talk to Stallman who would be nit-picky, weird and patronising about my weak security practices. That didn’t happen. It’s a character strength of Stallman I have heard others praise, that while ideologically rigid, he is absolutely pragmatic.

Before we were scheduled to talk, Stallman took the initiative to reach out and remind me we had a meeting, pre-emptively suggesting we test the link, and that I should record the meeting on my side as a reference, thus saving me the awkwardness of asking permission. Professional? Certainly well organised and mindful of the needs of others.

Then came the actual meeting. I get to talk to a lot of smart people, but rarely do they engage like Richard Stallman. He listens. Being into communication theory I pay attention to styles of interaction. In several hours of online connection Richard Stallman never once spoke over me, showing extraordinarily adept use of timing and tone for voice communication with latency while clearly thinking about each question. He ended each session by asking if I needed a follow up session and whether the recording had been successful.

At this point, Richard had no idea who I “really was.” He remarked that he was helping a student publish an article on software freedom in higher education—but he had no time to devote to editing the students prose. I took this as a subtle invitation to quid pro quo, and so I offered to edit the article. That lead to a long, productive and very interesting interaction that inspired an article for the Times Higher Education.

My experience of Stallman seemed the very model of consummate professionalism—exemplary use of technology and language, far, far better manners than I expect from many corporate encounters. Contrary to commentators who paint him as socially clumsy, I found his rather charming way of advancing agendas and connecting people for mutual benefit quite skilful.

The word “unprofessional” has been co-opted as an accusation in modern witch-hunts. It is very hurtful to call another person unprofessional, partly because the concept is so poorly defined, and gets conflated with “bad character.” Often the accusation is levelled at someone who is indeed acting at the absolute height of professionalism, following
the true spirit of their profession, but standing against the status quo. Whistle-blowers or those advocating for organisational change toward better ethics come to mind as obvious victims. We must stop abusing the word “unprofessional” as a vague smear against anyone whose opinions we dislike.

A Letter to the FSF #letter1-fsf

Date: Apr 6, 2021, 14:12
From: [Email address redacted]
To: info@fsf.org
Subject: In support of RMS

Dear FSF,

I support Richard’s return to the FSF, and hope that he will continue providing momentum to the Free Software Movement in all ways possible, especially through the FSF and GNU.

I am a doctoral student of condensed matter physics at Savitribai Phule Pune University, Pune, India, and a regular user of free software for almost a decade now. I would like to express my gratitude to Richard’s initiative for software freedom, which has directly and indirectly enabled my research in more ways than one.

Pradeep Thakur
Pune, India.

Richard Stallman: It’s Not Wise to Trust Your Files to Any Company… You Lose Legal Rights If You Do That (Updated)

Posted in Free/Libre Software at 10:53 pm by Dr. Roy Schestowitz

Summary: Dr. Richard Stallman, the Free Software Foundation’s founder, talks about storage in so-called “clouds” (I made an error by referring to ownCloud as “myCloud”; around then NextCloud was becoming a thing, as staff defected)

Direct download as Ogg

Update: Transcript added below.


(intro music)

Roy: What do you think about online storage services such as DropBox and Google Drive and all sorts of services that are either hosted by another company or hosted by yourself using proprietary software?

RMS: Well, those are two totally different issues but DropBox is, I think it is possible to use DropBox just to save files on


without running non-Free Software but the files are completely an open book to DropBox. So I’m pretty sure the NSA gets to see them too somehow. And I think it’s not wise to trust your files to any company unless they have been thoroughly encrypted with Free Software on your own computer first. And in addition it shouldn’t be encrypted file


by file because the NSA might still learn something from that. If you want to have the same legal rights that you have keeping the files yourself in your home, then you must not entrust them to a company. You lose legal rights if you do that.

Roy: What is your take on MyCloud?

RMS: I don’t know what it is. I don’t like the word “cloud” because it’s a nebulous term that confuses. And it’s used for


various different things and gives people the idea, the impression, that those things are all similar. But I don’t know what “my cloud” is.

Roy: In very short, basically a bunch of former SuSe employees created the software, Free Software, that you can host on your own server, possibly at home, and then store files on it and make it available to more users on the network.

RMS: Well, maybe this is ok. Did you say it’s Free Software?


Roy: Yes.

RMS: Well, then I don’t see anything wrong with it, at least not at this level. I mean there might be some details one can criticize but I don’t know those details. So maybe it’s good.

Roy: What do you make of the fact that it’s becoming increasingly hard to listen and to tune into all sorts of videos and multimedia on the web anonymously and services seem to be eager to get a person’s identity.

RMS: Well I have never done that,


you see. The videos tend to be distributed in patented formats which I’ve always urged people not to distribute in.

Richard Stallman: Am I Doctor Stallman?

Posted in Deception, Free/Libre Software, GNU/Linux at 10:39 pm by Dr. Roy Schestowitz

Published 6 days ago, see licence at the bottom.

After receiving 15 doctorates honoris causa — doctorates “for honor”, though typically people use the misleading translation “honorary” — I thought I had a clear idea of how they are given. The ceremonies were serious, even solemn, and if others were receiving doctorates honoris causa in the same ceremony, they were people whose achievements impressed me.

So I was shocked to read an article which describes this as a sleazy marketing scheme, and claims that recipients of these degrees are not supposed to call themselves “Doctor.”

The article says that universities hand out “honorary doctorates” readily to donors who have essentially bought them, and to performing artists so that they will entertain the students at graduation.

The article is not error-free. For instance, it calls me an “open-source software pioneer,” which misrepresents my views and my work. However, what it reports about universities seems to be correct, in the US; a friend told me he had seen that pattern himself.

But my experience is totally different. I am not an entertainer, except for a few minutes when I don the robe and halo of Saint iGNUcius, and that is comic relief for a long, serious talk. I never donated money to the universities that gave me doctorates, nor could they expect me to. What’s more, I never saw such people receive degrees along with me. The other recipients, when there were others, were likewise being honored for their work, not as a quid-pro-quo.

Why this difference? My doctorates come from universities in other countries, not in the US. I conjecture that buy-a-doctorate and sing-for-your-doctorate are found in the US only. (How sad for the US!)

On all the occasions when I received a doctorate, nobody said to me that I should not use the title of Doctor. Indeed, an academic told me that universities would extend to me certain minor privileges, treating that doctorate like any other. So I began identifying myself as Dr. Stallman.

Of course, I do that in formal situations, in connection with talks, interviews and publications, not in ordinary conversation. Though I do occasionally tell people that they don’t need to call me Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Dr. Stallman.

Nonetheless, on reading that Florida Atlantic University explicitly says that recipients of doctorates honoris causa are not permitted the title of Doctor, I began to wonder about the policies of the universities which had given me degrees, so I asked people at some of those universities about their policies.

The replies were quite disparate. One said, like Florida Atlantic, that it was not permitted. Another said I should write “Dr.(h.c.).” Another said it had no objection. So it seems that I am entitled to call myself Dr. Stallman.

Why do I do that? The personal reason is that these doctorates recognize decades of work for an important cause, and I am proud of them.

The reason that is beyond personal is so that people who know little or nothing of my career may decide, based on the title of “Doctor”, to pay a little attention to that work and that cause, which is the free software movement. That may help us defeat the totalitarian control that today’s digital technology is designed to impose.

Copyright 2021 Richard Stallman Released under Creative Commons Noderivatives 3.0 license

Links 28/4/2021: Ubuntu 21.10 is “Impish Indri”, OpenSUSE Leap 15.3 RC

Posted in News Roundup at 6:43 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Why Linux is Better for The Office

        When working in an office, you naturally need a sharing operating system for each and every computer to allow for the quickest installation of files. While many people are currently trending towards Windows, which has marketed itself as the premier suite for offices as opposed to Apple, which is more for creatives, your best bet is actually investing in Linux products instead. This guide will explain exactly why, with five key reasons as to how Linux is much better for office use. Read on now in order to learn all about it.

        Best Security Around

        If you are looking for security, especially after hearing about the awful hacks of Microsoft that occurred this year, then it might make sense for you to shift your operating system to Linux instead. This is because it is a highly configurable system, meaning that you can switch your security parameters around in order to work for your business. Additionally, it is simply not being targeted by hackers as much, meaning that once you install it, you can sleep better at night.

        Open Source

        Linux, unlike its counterparts, runs on open source software, which makes the operating system the number one choice for programmers as this means that they can change the way that Linux operates according to their own personal preferences. This means that when you have Linux in your office, you don’t have to worry about whether or not a certain process can succeed, as there will be a way to change it in the backend, something not possible with closed-source software.

      • Entroware reveal their refreshed Apollo with 11th Gen Intel and Iris Xe Graphics | GamingOnLinux

        Looking for your next Ubuntu powered ultrabook? We might have what you’re looking for with the new Entroware Apollo.

        Not a name we hear too often from but Entroware are a dedicated Linux hardware vendor based in the UK, who also ship to the Republic of Ireland, France, Germany, Italy and Spain. So if other hardware vendors have proven too expensive on shipping – here’s another choice. Entroware claims it’s “built from top to bottom using the best components available, for a richer, faster Ubuntu experience. Now shipping with NVMe PCIe SSD storage as standard”.

    • Server

      • 9 network commands every Linux admin should know

        If you’re considering adding Linux to your data center, or your company is looking at promoting you to become their first (or next) Linux admin, you probably understand there are lots of commands to learn. In fact, during your early days of Linux admin, it’ll seem like all you do is learn new commands.

        But you don’t have to approach the task without having first learned a few commands that will carry you through the beginning steps and into your intermediate period of Linux admin. So why not concentrate on a particular area that you will be dealing with pretty consistently—the network? Chances are good your Linux systems will be used for one or more network services, so you’ll need to have at least a basic understanding of the more useful network tools.

    • Kernel Space

      • Linux 5.13 Introducing Misc Cgroup Controller – Phoronix

        The Linux 5.13 development kernel is introducing a new “misc” cgroup controller. The misc cgroup controller is to be used for resources that are controlled by simply counting / limiting the number of resource instances in a scalar manner.

        This cgroup controller can be used for purposes like tracking/limiting the number of enclaves on the system based upon hardware constraints, The initial user of this misc cgroup controller is for address space IDs used for virtual machine memory encryption.

      • Linux 5.13 Lands Support For Randomizing Stack Offsets Per Syscall – Phoronix

        One of the new security features in Linux 5.13 is the ability to randomize kernel stack offsets at each system call. This optional feature is now mainlined.

        Randomizing the kernel stack offset per-system-call is intended to make it more challenging for rogue actors to carry out stack-based attacks on the Linux kernel. This has been in the works for over two years and was inspired by PaX’s “RANDKSTACK” feature but the actual implementation has taken a different approach. Simply put though this randomizing of the kernel stack at each system call is to fend off exploits relying on kernel stack determinism.

      • Linux is Turning 30 Years Old & Printk Is Still Being Refined – Phoronix

        The printk() function dates all the way back to the original Linux kernel release and even with Linux turning thirty years old this week, work on printk is not over.

        Back during Linux 5.10 last year a long overdue revamp of printk() began to land and now with Linux 5.13 more of that work is crossing the finish line. In 5.10 the ring-buffer became fully lock-less but still relying on a log buffer lock.

      • Linux kernel vulnerability exposes stack memory, causes data leaks | ZDNet

        Disclosed by Cisco Talos researchers on Tuesday, the bug is described as an information disclosure vulnerability “that could allow an attacker to view Kernel stack memory.”

        The kernel is a key component of the open source Linux operating system. The vulnerability, tracked as CVE-2020-28588, was found in the proc/pid/syscall functionality of 32-bit ARM devices running the OS.

      • An Interview With Linus Torvalds: Linux and Git

        Thirty years ago, Linus Torvalds was a 21 year old student at the University of Helsinki when he first released the Linux Kernel. His announcement started, “I’m doing a (free) operating system (just a hobby, won’t be big and professional…)”. Three decades later, the top 500 supercomputers are all running Linux, as are over 70% of all smartphones. Linux is clearly both big and professional.

        For three decades, Linus Torvalds has led Linux Kernel development, inspiring countless other developers and open source projects. In 2005, Linus also created Git to help manage the kernel development process, and it has since become the most popular version control system, trusted by countless open source and proprietary projects.

      • Linux 5.11.17
        I'm announcing the release of the 5.11.17 kernel.
        All users of the 5.11 kernel series must upgrade.
        The updated 5.11.y git tree can be found at:
        	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.11.y
        and can be browsed at the normal kernel.org git web browser:
        greg k-h
      • Linux 5.10.33
      • Linux 5.4.115
      • Linux 4.19.189
      • Linux 4.14.232
      • Linux 4.9.268
      • Linux 4.4.268
    • Applications

      • Zellij Is A New Terminal Multiplexer Written In Rust

        Zellij is a new terminal workspace and multiplexer (like tmux and screen) written in Rust, available for macOS and Linux. Among its most important features are a layout system, and plugins written in any language that compiles to WebAssembly.

        While the tool is ready for everyday use, it’s still important to mention that right now it has the beta status, so you might encounter an occasional crash. It also misses quite a few features for now (read on for details).

        Unlike other terminal multiplexers, like tmux or screen, Zellij comes with a user-friendly UI out of the box, showing a status bar at the bottom of the screen with the available keyboard shortcuts and tips for using this tool. The status bar (as well as the tab bar) is implemented as a plugin, and it can easily be disabled when you get accustomed to its keyboard shortcuts.

      • Finit v4.0 Released, A Simple SysV And Systemd Replacement

        Finit is a simple alternative to SysV init and systemd. Version 4.0 was finally released and comes with significant changes.

        Finit (Fast Init) is a small SysV init and systemd replacement with process supervision similar to that of daemontools and runit. Its focus is on small and embedded GNU/Linux systems, although it is fully functional on standard server and desktop installations.

        Finit is fast because it starts services in parallel. It then supervises and automatically restarts them if they fail. This can be extended upon with custom callbacks for all services, hooks into the boot process, or plugins to extend the functionality and adapt Finit to your needs.

        But Finit is not only fast, it’s arguably one of the easiest to get started with. A complete system can be booted with one simple configuration file.

    • Instructionals/Technical

      • How to install Lubuntu 21.04

        In this video, I am going to show how to install Lubuntu 21.04.

      • How to Install Pleroma Social Network Platform on Ubuntu 20.04

        Pleroma is an open-source federated social networking platform, compatible with Mastodon and other ActivityPub platforms. It is a part of the Fediverse, a federated network of instances that can communicate using a common protocol. One single account on one instance can talk to the entire Fediverse network.

        This guide will show you how to create your own Pleroma instance by installing it on an Ubuntu 20.04 based server.

      • What is Cert-Manager and how to setup Cert-Manager for SSL certificates in Kubernetes Cluster on AWS using Helm

        Cert-Manager is a controller used for certificate management. A Cert-Manager can help to issue certificates from different issuers like Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, or self-signed. Cert-Manager validates certificates, ensures they are up to date, and renews before expiry. Cert-Manager is made up of several components as mentioned below.

      • How to prevent CUPS omitting the bottom of the CUPS Printer test page | Fitzcarraldo’s Blog

        This is something that has been bugging me for years but I never bothered to look into it until now. When I set up a printer using CUPS Administration and then print a test page, for some printers the bottom of the test page image is cut off, as shown in the scanned image below. Also, the left side of the test page image is too close to the left side of the sheet of paper. This happens when I use the Gutenprint printer drivers, although I do not know if that is a coincidence. The CUPS printer test page (A4 paper) shown below is from a Canon PIXMA MP510 printer using the Gutenprint v5.3.3 driver for that model.

      • How to install GNOME (GUI) on CentOS – LinuxTechLab

        When we install any CentOS version, we do have the option to install GUI along with the operating system as well. But many times, we might not install the GUI as we do not have a need for the GUI & installing those packages for GUI will only result in an increase in CentOS installation size.

        But what do we do if need to GUI for CentOS afterward? Do we need to reinstall CentOS ? or can we just install some packages for GUI?

        The answer to that is, Yes we can install GNOME (GUI) on CentOS. In this tutorial, we will learn how to install Gnome of CentOS 7 installations. Gnome provides a nice GUI for us to manage our servers graphically.

      • MongoDB Replica Set with Master-Slave Replication and Automated Failover

        A replica set is a group of MongoDB database nodes used for defining database clusters with master-slave replication and automated failover. A replica set contains a single primary node, multiple secondary nodes, and an arbiter node. The primary node receives all write operations while other nodes apply operations from the primary so that all nodes have the same data set.

        If your primary node breaks due to hardware failure or system-related issues, the replica set members autonomously select a new primary node, and your application functioning without manual intervention.

        In this post, we will explain how to set up a MongoDB replica set with three nodes. We will also show you how to create an environment, configure authentication between multiple database nodes and finally configure the replication between all nodes.

      • Write a bash/shell script to Finding and deleting duplicate files or directories – Linux Concept

        At one point, we had already talked about checking to see if strings inside of a file were unique and if we could sort them, but we haven’t yet performed a similar operation on files. However, before diving in, let’s make some assumptions about what constitutes a duplicate file for the purpose of this recipe: a duplicate file is one that may have a different name, but the same contents as another.

      • WordPress News – Getting Started with the Figma WordPress Design Library – WordPress.org

        As the name suggests, the WordPress Design Library is a library of WordPress design assets, enabling anyone to quickly create design prototypes for WordPress UI in Figma.

        These tools are useful for designers when creating new UI and for anyone looking to contribute ideas, enhancements, or even solutions to bug reports. Sometimes pictures really do speak a thousand words.

        In this post, we’ll talk about some key features of Figma before diving into a practical example that demonstrates some of the WordPress Design Library utilities.

      • How-to Get [Query] AWS EC2 Instance Metadata

        In this tutorial we will learn how to get EC2 Instance Metadata from an AWS EC2 instance. We will get the metadata using ec2-metadata and ec2 metadata. This is not typo. The tools name is really similar but one of them using dash on its name.

      • IUS Repository On CentOS 7 : How To Enable

        In this tutorial we’ll learn how to enable IUS repository on CentOS 7. IUS stands for Inline with Upstream Stable.

        IUS will update RPM packages once new versions released by upstream developers. IUS will also not replace stock RPM packages or pacakges that shipped with distribution. The goal of IUS project is to provide high quality RPM packages for Red Hat Enterprise Linux (RHEL) and CentOS.

      • How to Discover, From Inside a Bash Script, the Path the Script Is In

        When you develop complex Bash scripts and start putting various scripts into a folder, where one script interacts with another by, for example, starting it, it quickly becomes necessary to ensure we know the path the script was started from, so we can start the other scripts with a fully qualified pathname. This is important because the first script may have been started from outside the script’s directory. We could have also done so by using a relative path, so even – somehow – reading the command that started the current script will not work.

      • How To Install Linux Kernel 5.12 In Ubuntu / Linux Mint | Tips On UNIX

        Linus Torvalds announced the Linux Kernel 5.12 after few weeks in development and available for general usage with new features, improvements, and better hardware support.

        As per Linus Torvalds for Kernel 5.12

        Thanks to everybody who made last week very calm indeed, which just makes me feel much happier about the final 5.12 release.

        This tutorial will be helpful for beginners to install kernel 5.12 in Ubuntu 20.04 LTS, Ubuntu 20.10, Ubuntu 18.04 LTS, and LinuxMint 20.1

      • How to Upgrade to Fedora 34 from Fedora 33 – Fedora Version Update – Putorius

        Now that Fedora 34 is released with all of it’s new goodies we will show you how to upgrade your system. This guide will show you how to upgrade your Fedora 33 (or earlier) system to the latest and greatest. We will be upgrading Fedora using the DNF package manager. Let’s get started.

      • How to install Netdata on Linux such as Ubuntu 20.04 Server to monitor – Linux Shout

        Netdata is a free web-based real-time monitoring solution available to install on Linux servers to monitor their performance and resource consumption locally or remotely. It is very easy to set up, the latest version can be installed with just a command on all popular Linux systems including Ubuntu 20.04/18.04, CentOS 7/8, RHEL, OpenSUSE, Debian, Linux Mint and more…

      • How To Set A Cron Job In TrueNAS (the easy way)

        In this article we are going to create a new cron job in TrueNAS using the web interface.

        What is a “Cron Job”? It’s a time-based job scheduler in Unix-like computer operating systems. Users who set up and maintain software environments use cron to schedule jobs (commands or shell scripts) to run periodically at fixed times, dates, or intervals.

        So to create our first job we need to open the web panel go to your TruNAS IP address for example and you will see the login dashboard (after you login…

      • How to Install Apache Tomcat 9 with Nginx Proxy on Debian 10

        Tomcat is a free, open-source and lightweight application server used to deploy Java-based applications. It can be used as a standalone server or combined with other servers like Apache and Nginx. It provides the extended functionality to interact with Java Servlets and also implements several technical specifications of the Java platform. Currently, Tomcat is one of the most widely used application servers for Java.

      • How to Create a diff of two files and patching – Linux Concept

        Tomcat is a free, open-source and lightweight application server used to deploy Java-based applications. It can be used as a standalone server or combined with other servers like Apache and Nginx. It provides the extended functionality to interact with Java Servlets and also implements several technical specifications of the Java platform. Currently, Tomcat is one of the most widely used application servers for Java.

      • How To Install NetBeans on Manjaro 21 – idroot

        In this tutorial, we will show you how to install NetBeans on Manjaro 21. For those of you who didn’t know, NetBeans is a popular, open-source IDE written in Java. This is a cross-platform software and can run on any OS. NetBeans has become a part of the Apache project and gained much popularity. NetBeans also allows third-party developers to enhance its functionality such as supports other languages like PHP, C/C++, and HTML5.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the NetBeans on a Manjaro 21 (Ornara).

      • Delete a user account from Ubuntu Desktop or Server – Linux Concept

        If you no longer need a user account, it is good idea to delete that account.

      • Creating symbolic links in Linux – Linux Concept

        If you ever heard that explanation, it is only partially correct, and they are present on a most modern OS. There are two kinds of symbolic links when thinking in terms of files: hard and soft:

      • Creating a user account on Ubuntu desktop or server – Linux Concept

        Suppose you have already installed the Ubuntu desktop or server. In that case, it means you have already created a default user on your system, even on the cloud also Ubuntu is installed with preconfigured default user account.
        You can do all administrative tasks using this user, but sometimes you need to create another user for your team member or something else.
        Here, In this ttorial, I’ll show you how to create a new user on Ubuntu Desktop or Server system.

      • Creating a group on Ubuntu Desktop or Server – Linux Concept

        Group is a way to organize and administer user accounts in Linux. Groups are used to collectively assign rights and permissions to multiple user accounts.

      • Write Linux bash/shell script to Crawl filesystem directories and printing a tree – Linux Concept

        We need an overview of the directory or system’s file structure to view all files in a single place to examine those files.

        Here, we will write a bash script to travel directory recursively and check all files and directories to print them in a tree structure on screen.

        We will use a recursive function and print tree to write a bash script to Crawling filesystem directories and printing a tree structure of files.

      • Searching for files by name and/or extension in Linux Operating System

        When we have many files available for viewing, sometimes we need to find a file among many without using the GUI searching tools or provide a better set of granular filters to reduce returned results.

      • Managing file permissions in Linux Operating System – Linux Concept

        We have created users and groups. In this recipe, you will work with default file permissions for users and groups, as well as see how to modify those permissions.

      • My Top 10 Linux Commands I Use Every Day ( In 2021 )

        This article will describe the 10 Linux commands I use in daily life. They are nothing special nor complicated. I have learned that the most simple things in life bring you the best joy so lets start with the least used of the ten commands.

    • Games

      • Trine 4, Hotline Miami 2 and Floor Kids for Stadia Pro in May and more updates

        The next set of games coming to Stadia Pro has been announced with Trine 4, Hotline Miami 2 and Floor Kids plus April 30 is your last chance to grab some of them.

        Stadia’s team has confirmed that SteamWorld Heist, El Hijo, Lara Croft and the Guardian of Light, and Enter the Gungeon will be leaving Stadia Pro so April 30 is the last you have to claim them. After that you keep them as long as your Stadia Pro sub keeps up, everyone else will need to buy them in the Stadia store.

      • Comedy point & click adventure Lucy Dreaming is up on Kickstarter, do try out the demo

        Ready for another great pixel-art comedy point and click adventure? Lucy Dreaming, inspired by LucasArts classics is super promising and it’s now up on Kickstarter.

        You follow Lucy who has been having a recurring nightmare, as you try to unlock the secrets of controlling your dreams as you travel between worlds. With a heavy 90s gaming influence it, Tall Story Games are channelling their love for British comedy classics like Blackadder and Monty Python.


        The demo is something of a prequel to the full game, so it won’t have any spoilers.

      • Sweet pixel-art survival game Little Martian got a huge demo upgrade

        Love your exploration and survival games? Little Martian is back with another huge demo upgrade not long after the release of a Linux build.

        A game of exploration, resource gathering, crafting, base building and survival all blended together. You start off crash-landed on a previously explored planet, with a ship and robot pal both in ruins. Your ultimate goal is to acquire the resources need to repair your ship and escape. One of the challenges on the planet is the lack of oxygen, so you need to constantly refresh your supply.

    • Distributions

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • brave browser updated to 1.23.73

          The new Chrome based Brave browser automatically blocks ads and trackers, making it faster and safer than your current browser.

        • google chrome updated to 90.0.4430.93

          The Google Chrome browser takes a sandboxing-based approach to Web security. Each open website runs as its own process, which helps prevent malicious code on one page from affecting others (or the computer operating system at large).

      • SUSE/OpenSUSE

        • openSUSE Leap 15.3 Enters Release Candidate Phase

          The openSUSE Project and its community, contributors and release engineers have entered the Release Candidate phase for the upcoming openSUSE Leap 15.3 version today after a snapshot was released, which transitions the release to a new phase.

          The RC signals the package freeze for software that will make it into the distribution, which is used on server, workstation, desktop and for virtualization and container use.

          openSUSE Leap offers a clear advantage for servers by providing at least 18 months of updates for each release. There is a projection as of April 2021 that Leap 15 will extend to Leap 15.5. Leap Major Release (15.x) extends maintenance and support until a successor. At present, a successor has not been declared; Leap 15’s lifecycle fully aligns with SUSE Linux Enterprise and uses the source code and Leap is built with the exact same binary packages..

          Desktop environments for the release include KDE’s Long-Term-Support version of Plasma 5.18, GNOME 3.34 and Xfce 4.16. Packages for artificial Intelligence and Machine Learning are available for data scientists who use the release. A list of some of the packages in openSUSE Leap 15.3 can be found on the Wiki.

        • openSUSE Leap 15.3 RC Available For Testing – Phoronix

          The release candidate phase has begun for openSUSE’s upcoming Leap 15.3 Linux distribution release.

          OpenSUSE Leap 15.3 RC is available beginning today and marks the package freeze for this next community Linux distribution update that now is effectively identical to SUSE Enterprise Linux. openSUSE Leap is built from the same sources and same binary packages as SUSE Linux Enterprise.

      • Slackware Family

        • Venerable Linux distro Slackware comes back to life

          Being first doesn’t guarantee success in the technology industry. Remember the Netscape browser? Still, it can have its advantages, such as a different or unique approach to things.

          Such is the case with Slackware Linux. Slackware was the first formalized Linux distro, released in 1993, just two years after Linus Torvalds posted the Linux kernel. It was overtaken and overshadowed by Red Hat, SuSe, and Ubuntu, but it never went away. Now it’s coming out of the shadows with an upgrade.

          Slackware creator Patrick Volkerding recently posted a beta version of Slackware 15, the first update to the distro since version 14.2 in 2016. If you think that’s ancient, you should see their website.


          Slackware 15 supports 32-bit and 64-bit x86 plus ARM architectures. It supports GNOME, KDE, and Xfce as desktop options and has Linux Kernel 5.10.x stable (LTS) and is available with Kernel 5.11 option as testing package.

      • IBM/Red Hat/Fedora

        • Linux in the Car Gets Major Boost With New Red Hat Announcement – autoevolution

          Based on Red Hat Enterprise Linux, the new project launches in collaboration with exida, which will be in charge of delivering safety certifications.

          The operating system will receive continuous updates throughout its lifecycle, and Red Hat promises an upgraded platform ready for modern vehicles and covering all electronic systems within cars.

        • Cloud made easy

          Businesses across industries are embracing a hybrid cloud approach more than ever as they seek to digitally transform in the post-pandemic world. In fact, 64% of companies surveyed in an IBM Institute for Business Value study say they shifted to more cloud-based business activities during the pandemic. For developers who are charged with rapidly innovating and building applications that enable digital transformation, open source container platforms can help reduce vendor lock-in and make it easier for teams to move applications from one environment to another.

          But the reality for developers is that the most common architectures used today are riddled with complexities. This requires them to learn how to configure and manage new concepts, taking time that could otherwise be spent on coding applications.

        • Red Hat’s Fedora Project Unveils the Latest Version of Fedora Linux 34

          The fully open-source Fedora operating system’s new version is now out, Red Hat reported. As a part of Red Hat’s community-driven open-source collaboration Fedora Project, the latest version offers a foundation for new use cases, further augments overall user experience and provides additional support for automated system recovery.

        • Introducing the Fedora i3 Spin

          Fedora 34 features the brand new i3 Spin created by the Fedora i3 S.I.G. This new spin features the popular i3wm tiling window manager. This will appeal to both novices and advanced users who prefer not to use a mouse, touchpad, or other pointing device to interact with their environment. The Fedora i3 spin offers a complete experience with a minimalistic user interface and a lightweight environment. It is intended for the power user, as well as others.


          The Fedora i3 S.I.G work is based on the design goals for the project. These goals determine what we decide to include and how we tune or customize the contents of the Fedora i3 Spin.

          The following is a list of the packages included. Others may be added from the Fedora Linux repository as required. Keep in mind that this is a minimalist spin.

        • Recapping day one of Red Hat Summit Virtual Experience 2021

          The first day of the Red Hat Summit Virtual Experience is all wrapped up, and we couldn’t be happier with the turnout or the sessions. From the general session to Summit news to fun and games, it was a packed day.

          Actually, it was several packed days if you count the schedules for all regions. We like to think we have exciting news this year, but asking attendees to get up before dawn or stay up after midnight is a little much. To help everyone stay well-rested we hosted schedules for North America & LATAM, EMEA and APAC to try to provide workable schedules for Summit attendees all over the globe.

      • Canonical/Ubuntu Family

        • Ubuntu 21.10 “Impish Indri” Is Slated for Release on October 14th, 2021

          Following the Ubuntu 21.04 (Hirsute Hippo) release, there will be Ubuntu 21.10, which has been dubbed by Canonical as the “Impish Indri”. They also published the release schedule, suggesting that the development on Ubuntu 21.10 will kick off on Thursday, April 29th, 2021, with the toolchain upload.

          Of course, the development will be based on the current release, in this case Ubuntu 21.04, and the release schedule also suggests that the Beta version will arrive for public testing on September 23rd, while the final release is slated for October 14th, 2021.

        • Ubuntu 21.10 “Impish Indri” Development Begins

          Following last week’s release of Ubuntu 21.04 “Hirsute Hippo”, the Ubuntu 21.10 “Impish Indri” cycle has now begun.

          Ubuntu 21.10 is codenamed the Impish Indri. An Indri is a type of lemur and also known as the babakoto.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Seeking a new browser

        Well, it finally happened. After months of warning messages, the latest update to Pale Moon browser is incompatible with NoScript. So I think I need to switch browsers.

        NoScript is (was) a very powerful browser extension that blocks Javascript by default, advises what sites (including third-party sites) are attempting to run Javascript on your computer, and lets you selectively permit them. All with an easy user interface. I default to blocking Javascript, and permitting it only for sites that I trust (a whitelist). This is, first, a privacy and security measure. Second, there are many websites that have toxic or incompetent Javascript, which may not be hostile but can paralyze my computer. And third, this lets me bypass some access restrictions.

      • Google, IBM and Microsoft shared psychotic episode with bipolar Molly de Blanc

        de Blanc’s statement is an amazing revelation. She comments on the interaction of her bipolar and open source. In open source today, it is hard to separate the technology from the egos.

        Back in his youth, one of Britain’s royal princes would threaten to have fellow schoolchildren locked in the tower of London. Molly de Blanc’s open letter to the FSF appears to have similar grandiose delusions when she writes We are calling for the removal of the entire Board of the Free Software Foundation… It is time for RMS to step back from the free software, tech ethics, digital rights, and tech communities, for he cannot provide the leadership we need.. She is talking about locking RMS in the tower. Molly is not a developer, she never wrote one line of code. She was employed to work for the developers and now she is giving us orders. Imagine the same thing in an airline: the wife of the pilot shouting orders at the cabin crew. Molly de Blanc was girlfriend of the Debian Project Leader, Chris Lamb. Thanks to her illness, she is now acting like she is the Queen of England.

        As the medical experts tell us, this is all part of Molly’s condition so we are going to give her the benefit of the doubt. We forgive her. We ask everybody to forgive her and focus on those around her.


        McGovern is not alone, the list published elsewhere shows thousands of employees of Google, IBM, Red Hat, Microsoft and even MIT came along for the ride too. Elana Hashman, the second highest in that ranking of cyberbullies, is a Red Hat / IBM employee.

      • Web Browsers

        • Mozilla

          • Nirbheek Chauhan: GStreamer has grown a WebRTC implementation

            In other news, GStreamer is now almost buzzword-compliant! The next blog post on our list: blockchains and smart contracts in GStreamer.

            Late last year, we at Centricular announced a new implementation of WebRTC in GStreamer. Today we’re happy to announce that after community review, that work has been merged into GStreamer itself! The plugin is called webrtcbin, and the library is, naturally, called gstwebrtc.

            The implementation has all the basic features, is transparently compatible with other WebRTC stacks (particularly in browsers), and has been well-tested with both Firefox and Chrome.

            Some of the more advanced features such as FEC are already a work in progress, and others will be too—if you want them to be! Hop onto IRC on #gstreamer @ Freenode.net or join the mailing list.

          • Will Kahn-Greene: Socorro Overview: 2021, presentation

            Socorro became part of the Data Org part of Mozilla back in August 2020. I had intended to give this presentation in October 2020 after I had given one on Tecken, but then the team I was on got re-orged and I never got around to redoing the presentation for a different group.

          • Mozilla Performance Blog: Performance Sheriff Newsletter (March 2021)

            In March there were 288 alerts generated, resulting in 28 regression bugs being filed on average 4 days after the regressing change landed.

            Welcome to the March 2021 edition of the performance sheriffing newsletter. Here you’ll find the usual summary of our sheriffing efficiency metrics, followed by some analysis on the data footprint of our performance metrics. If you’re interested (and if you have access) you can view the full dashboard.

          • Growing the Bytecode Alliance

            Today, Mozilla joins Fastly, Intel, and Microsoft in announcing the incorporation and expansion of the Bytecode Alliance, a cross-industry partnership to advance a vision for fast, secure, and simplified software development based on WebAssembly.

            Building software today means grappling with a set of vexing trade-offs. If you want to build something big, it’s not realistic to build each component from scratch. But relying on a complex supply chain of components from other parties allows a defect anywhere in that chain to compromise the security and stability of the entire program. Tools like containers can provide some degree of isolation, but they add substantial overhead and are impractical to use at per-supplier granularity. And all of these dynamics entrench the advantages of big companies with the resources to carefully manage and audit their supply chains.

            Mozilla helped create WebAssembly to allow the Web to grow beyond JavaScript and run more kinds of software at faster speeds. But as it matured, it became clear that WebAssembly’s technical properties — particularly memory isolation — also had the potential to transform software development beyond the browser by resolving the tension described above. Several other organizations shared this view, and we came together to launch the Bytecode Alliance as an informal industry partnership in late 2019. As part of this launch, we articulated our shared vision and called for others to join us in bringing it to life.

      • FSF

        • FSF board frequently asked questions (FAQ)

          As the Free Software Foundation (FSF) board sets about the work of strengthening the Foundation’s governance structure, here are answers to some frequently asked questions about this initiative. This document will be updated as needed, as this project moves forward in the weeks ahead.

        • GNU Projects

          • GNU Dico DICT Dictionary Server 2.11 Is Released

            The DICT network protocol (dict://) was conceived in the 1990s when the Internet was relatively new and the “world wide web” was in it’s infancy. The idea was simple: Let’s create a protocol that allows clients to ask servers for a word and get a pure text response explaining what that word is all about.

            Sergey Poznyakoff begun creating the GNU Dico for the DICT protocol in September, 1998. The first public release was made available on November 3rd, 2001.

            The world decided that the more advanced and feature-rich Hypertext Transfer Protocol (http://) was a better idea and it become the dominant standard for dictionaries as well as everything else.

            There are those who refuse to accept the all-compassing Hypertext Transfer Protocol paradigm. Some have invented their own alternative called Gemini, a purely text-based protocol with TLS support and a really simple markup language. Others, like Sergey Poznyakoff, keep on maintaining server software for the good old DICT protocol.

            Sergey Poznyakoff has just announced a new releases of the GNU Dico dictionary server and the GNU Collaborative International Dictionary of English (GCIDE). The GCIDE dictionary is based on Webster’s Revised Unabridged Dictionary with additions from WordNet. It is maintained by the GNU Project (mostly Sergey Poznyakoff) who adds corrections and add-ons to it. GCIDE 0.53 is, in the release-notes, described as one that…

Links 28/4/2021: Red Hat Summit Fluff, Microsoft Shares Down on Results, GNU Guile 3.0.6 is Out

Posted in News Roundup at 5:58 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • HP EliteDesk 800 G2 Mini Desktop PC – Hardware Acceleration in Firefox – Week 4

        This is a weekly blog looking at the HP EliteDesk 800 G2 Mini Desktop PC running Linux.

        This week’s blog looks at configuring the HP EliteDesk 800 G2 to use hardware acceleration when watching videos in Firefox. Hardware video acceleration lets the GPU decode/encode video, offloading the CPU and saving power. Linux distributions, by default, don’t enable hardware acceleration because it can cause issues on specific hardware.

        This machine was made available by Bargain Hardware. Bargain Hardware retails refurbished servers, workstations, PCs, and laptops to consumers and businesses worldwide. All systems are completely customisable on their website along with a vast offering of clean-pulled, tested components and enterprise replacement parts. They supply machines with a choice of Linux distros: Ubuntu, Debian, and Fedora.

    • Linux Magazine

    • Applications

      • 5 Linux Command Line Based Tools for Downloading Files and Browsing Websites

        Linux command-line, the most adventurous and fascinating part of GNU/Linux is a very cool and powerful tool. A command-line itself is very productive and the availability of various inbuilt and third-party command-line applications makes Linux robust and powerful. The Linux Shell supports a variety of web applications of various kinds be it torrent downloader, dedicated downloader, or internet surfing.

        Here we are presenting 5 great command line Internet tools, which are very useful and prove to be very handy in downloading files in Linux.

    • Instructionals/Technical

      • Use Libreoffice Calc to make 3D models

        Today I will share with you a simple python script turning a 2D picture defined by numbers and colors in a spreadsheet into a 3D model in OpenSCAD.

      • Signal Is Wrecking Your Images and Videos

        Today I sent a picture I’d taken of Tutu with my Sony A7R4 camera via Signal. I’d loaded the raw in Lightroom, done some of the usual silly traditional photographery things one does to portraits in post-production, and exported it using one of my export presets, which limits the long edge resolution to a maximum of 4000 pixels and the overall total file size to a maximum of 25MB (along with slapping my email address on the bottom corner because we still haven’t figured out how to reliably attach metadata to bitmaps across multiple generations/edits). I think in 2021, 25MB or so is probably the upper “reasonable” limit of file size for passing around a single compressed image. In this case, the exported JPEG file was only 3.9MB, quite a bit below that.

        Signal took that 4000×2667 JPEG image comprising precisely 3,916,886 bytes, encrypted it, and transmitted it to my friend. She received a different 4000×2667 JPEG image comprising 784,524 bytes: 80% smaller.

        Signal threw away 80% of the data in my already-compressed image. (The original image, not the export, was 9504×6336 and 67,358,106 bytes.) I had already compressed it once by eliminating 94% of the data from when it came out of my camera.

      • Here’s What ‘All Things Considered’ Sounds Like — In Blackbird Song

        And listening to that song, she perceived an inflection somewhat like human speech.

        RAISANEN: I think it kind of had a sort of sentence structure in its song.

        KELLY: As a signal-processing geek, she thought, why not write some computer code to transform speech into birdsong?

      • The question of how to do non-annoying multi-factor authentication for SSH

        Suppose, hypothetically, that you have access to a general multi-factor authentication (MFA) system such as Duo (with the choice of MFA system not being under your control), and that you would like to use this for secure SSH logins to your collection of (Ubuntu) servers. This is generally easy by itself, with pretty much any MFA system having a PAM module that adds a second factor challenge to your regular SSH authentication. Unfortunately the result of a straightforward MFA integration with SSH logins is going to be quite annoying for some people to use, because every time they log in to any machine they will have to pass an MFA challenge as well as their regular login authentication. If you only log in to a few machines every so often, this is okay. If you’re frequently logging in and out of multiple machines, you’re going to be irritated.

      • How To Install DirectAdmin on AlmaLinux 8 – idroot

        In this tutorial, we will show you how to install DirectAdmin on AlmaLinux 8. For those of you who didn’t know, DirectAdmin is an alternative control panel to cPanel/WHM, providing a graphical interface and automation tools to simplify server and account management. Features include E-mail, FTP, DNS and web management, Statistics, Apache configuration, User and reseller management, and more.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the DirectAdmin on an AlmaLinux 8. You can follow the same instructions for RHEL and CentOS system.

      • How to Upgrade Ubuntu 20.04 / 20.10 to Ubuntu 21.04

        On April 22, 2021, Canonical released Ubuntu 21.04, codenamed ‘Hirsuite Hippo’. Ubuntu 21.04 ships with new features targeted at developers and innovators. These include Flutter application development SDK and Microsoft SQL Server for Ubuntu. Additionally, The latest release includes native Active Directory integration and Wayland graphics by default.

        Ubuntu 20.04 (Focal Fossa) is an LTS release and will continue receiving support until April 2025. On the other hand, Ubuntu 20.10 (Groovy Gorilla) is a non-LTS release and reaches EOL (End of Life) in July 2021. Ubuntu 21.04 is also a non-LTS release and will enjoy support for only 9 months from the date of release.

        In this tutorial, we show you how to upgrade Ubuntu 20.04 and Ubuntu 20.10 to Ubuntu 21.04 (Hirsuite Hippo).

      • How to install vim editor on Debian 10

        Vim is a short form of Vi IMproved. It is an open-source and free tool with a command-line interface and a Graphical User Interface. This article will show you how to install vim editor on Debian version 10 using the terminal.

        To get started, you need to open up a terminal with root privileges and update your repositories. Run the following command.

      • Scheduling a Task on Linux Using Crontab

        Cron helps us to run tasks automatically in the background in defined intervals. Cron is e.g. used to automatically create backups every night to sync files e.g. once an hour or to start updates or download files at specific intervals. This tutorial will show you how to set up and edit cronjobs using the crontab command and the GUI tool Gnome Schedule.

      • Check Dependencies of a Package in Ubuntu 20.04 and Debian 10

        We know that most of the packages we install on our Linux operating system cannot work properly without other prerequisite packages installed. Such prerequisite packages are called dependencies. Sometimes you want to find out the dependencies of a particular package. So today I will show you three ways to check and list the dependencies of a package in Debian 10 and Ubuntu 20.04.

      • How to create your first Quarkus application | Opensource.com

        Programming languages and frameworks continuously evolve to help developers who want to develop and deploy applications with even faster speeds, better performance, and lower footprint. Engineers push themselves to develop the “next big thing” to satisfy developers’ demands for faster deployments.

        Quarkus is the latest addition to the Java world and considered the rising star for Kubernetes-native Java. It came into the picture in 2019 to optimize Java and commonly used open source frameworks for cloud-native environments. With the Quarkus framework, you can easily go serverless with Java. This article explains why this open source framework is grabbing lots of attention these days and how to create your first Quarkus app.

      • How to automate Podman installation and deployment using Ansible | Enable Sysadmin

        Ansible is an open source IT automation engine used to automate application organization, framework computerization, cloud provisioning, and numerous IT administration tasks. Ansible improves the adaptability, consistency, and dependability of the IT climate.

        Podman is an open source containerization platform that packages all the dependencies for building, shipping, and running applications as Podman containers. Using container virtualization technology ensures that an application works seamlessly in any environment. Podman CLI can implement almost all the commands from the Docker CLI.

      • How to Install Latest LibreOffice in Ubuntu Desktop

        LibreOffice is the most powerful, free, and open-source office productivity software suite, which is used by millions of users across the world due to its clean and easy-to-use interface with feature-packed tools that assist you to unleash your creativity and increase your productiveness.

        LibreOffice suite includes various applications and is available in over 100 languages and dialects which makes it the most adaptable office suite on the market. It includes programs for Writer (word processing), Calc (creating and editing spreadsheets), Impress (presentations, slideshows, diagrams, and drawings), Draw (vector graphics and flowcharts), Base (working with databases), and Math (composing mathematical formulae).

      • 5 ways to process JSON data in Ansible | Opensource.com

        If the data is unstructured, you must do some custom regex magic to retrieve key performance indicators (KPIs) relevant for specific scenarios. If the data is structured, you can leverage a wide array of options to make parsing it simpler and more consistent. Structured data conforms to a data model, which allows access to each data field separately. The data for these models is exchanged as key/value pairs and encoded using different formats. JSON, which is widely used in Ansible, is one of them.

        There are many resources available in Ansible to work with JSON data, and this article presents five of them. While all these resources are used together in sequence in the examples, it is probably sufficient to use just one or two in most real-life scenarios.

      • Optimize MySQL Performance with Mysqltuner

        This short tutorial describes the steps to optimize the performance of a MySQL database with the mysqltuner script. This tool can be used for MySQL and MariaDB.

      • Share files between Linux and Windows computers | Opensource.com

        If you work with different operating systems, it’s handy to be able to share files between them. This article explains how to set up file access between Linux (Fedora 33) and Windows 10 using Samba and mount.cifs.

        Samba is the Linux implementation of the SMB/CIFS protocol, allowing direct access to shared folders and printers over a network. Mount.cifs is part of the Samba suite and allows you to mount the CIFS filesystem under Linux.

      • Junichi Uekawa: Swapping caps and control in X11.
    • Games

      • Galago Pro: The Lightweight Powerhouse from System76

        The Galago Pro — initially released in 2017 — is a lightweight laptop that can comfortably sit inside your backpack while traveling, yet still is able to do fairly serious gaming with a GTX 1650 graphics card. My particular model is the 5th generation, with Intel’s Tiger Lake processor, a GTX 1650 graphics card, and a 14″, 1080p display.


        The Galago Pro ships with System76’s open-source firmware. As for OS support, customers can either use Pop!_OS or Ubuntu.

        The closest laptop I can compare this with is the Dell XPS 13. The XPS is currently priced at $1,399 with 512 GB NMVe, 16 GB RAM, and a i7-1185G7. The Galago Pro comes to $1,174 with 500 GB NMVe, the same amount of RAM, and a i5-1135G7. While performance may not be as well, you’re saving over $200 with the Galago Pro, plus the screen is slightly larger, as well as having the benefit of open-source firmware and hybrid graphics, the latter of which I will get into later on.

      • Seems like game store GOG is doing well overall in their new figures with revenue up 114%

        Taking a leaf out of Steam’s book here perhaps on sharing a little more, GOG have for the first time ever, given an overview of how the store is doing and it’s looking good.

        What they’ve shown is for the year ending 2020 and compares against the previous year.


        Hopefully they will eventually port over GOG Galaxy to Linux, as it’s the big missing piece of the pie for Linux users although plenty still purchase their Linux games from GOG (and we can see that as a GOG partner).

      • Portal Stories: Mel lands Vulkan support with DXVK in the latest stable update

        After a short Beta period that saw a few issues, the team behind Portal Stories: Mel have now release the latest stable build which includes Vulkan support for Linux.

      • VKD3D-Proton 2.3.1 rolls out along with a quick-fix to Proton Experimental

        Valve contractors and CodeWeavers continue tweaking VKD3D-Proton for Direct3D 12 over Vulkan with another fresh update out now, and a small update to add it into Proton Experimental.

        Note: if you wish to learn more about Steam Play, Proton and more do check out our dedicated area.

    • Distributions

      • My First Week with Haiku

        But I had often heard about Haiku: The experimental successor to BeOS, an operating system that tech-guy-and-tv-host Leo Laporte used to show off on ZDTV in the 90s. Why, it could run TWO movies at once! And this was when even running one movie without a spectacular crash was an exceptional achievement for any computer! Even Windows 95 couldn’t do that! That blew my pre-teen mind.

        I was stunned to see Haiku install and boot faster than any *Nix or Windows systems could dream of. Pleasantly, it was also Posix compliant, too, meaning if I needed a quick fix for something then the command line was there waiting to help me out. It was ready to get things done.

      • BSD

        • Gemini Capsule in a FreeBSD Jail

          With the recent release of FreeBSD 13, I wanted to test it out on a spare RaspberryPi 3 that was part of my old Kubernetes cluster.

          In particular, FreeBSD Jails have always interested me, although I’ve never used them in practice. Over the years I’ve managed operating system virtualization through Solaris Zones and Docker containers, and Jails seem like and good middle ground between the two – easier to manage than zones and closer to the OS than Docker.

          I also want to run my own Gemini capsule locally to use some of the features that my other hosted capsules don’t have (like SCGI/CGI) and setting up a capsule in a Jail is a good way to learn both at the same time.

        • FreeBSD 13 on a 12 year old laptop

          My old (2009) HP laptop now runs FreeBSD 13.0-RELEASE.

          I didn’t do an upgrade, but I did a fresh install. The reason for this was that I now wanted to encrypt the hard disk. The previous install was on an unencrypted ZFS file system.

          I did choose again for ZFS, but this time encrypted.

      • IBM/Red Hat/Fedora

        • Fedora 34 Desktop Flavors Bring Latest Upgrades. What’s New and Download Details.

          Fedora 34 desktop spins are here. With the release of the core Fedora 34 operating system, the official desktop flavors are also available for download. We take a look at what’s new in this guide while giving you a sneak peek of the major desktops.

        • Fedora Magazine: How to rebase to Fedora 34 on Silverblue

          Silverblue is an operating system for your desktop built on Fedora. It’s excellent for daily use, development, and container-based workflows. It offers numerous advantages such as being able to roll back in case of any problems. If you want to update to Fedora 34 on your Silverblue system, this article tells you how. It not only shows you what to do, but also how to revert things if something unforeseen happens.

        • With new capabilities to the platform Red Hat rides the edge computing wave

          Red Hat, open source solutions provider, introduced new capabilities and enhancements to the world’s leading enterprise Linux platform, furthering Red Hat Enterprise Linux as a powerful foundation for the open hybrid cloud, from the datacenter to the edge. Generally available in the coming weeks, Red Hat Enterprise Linux 8.4 refines the platform’s role as a lightweight, production grade operating system for edge deployments, adding new Linux container, deployment and management capabilities scaled for the needs of edge computing.

          According to “The State of Enterprise Open Source” from Red Hat, 72% of IT leaders surveyed expect open source to drive adoption of edge computing over the next two years. The Linux Foundation’s “2021 State of the Edge” predicts that by 2025, Internet-of-Things (IoT) or edge-related devices will produce roughly 90 zettabytes of data. To Red Hat, this indicates that the importance of edge computing as a footprint of the open hybrid cloud will only grow in the years to come, making preparations for the rigors of edge computing a crucial need for CIOs and IT leaders.

        • Red Hat Powers the Next Wave of Edge Computing with Latest Version of the World’s Leading Enterprise Linux Platform
        • How to explain OKRs ( Objectives and Key Results) in plain English

          If you’re going to explain an acronym, you’d best start by spelling out the initial letters. In this case, we’re talking about “Objectives and Key Results,” commonly abbreviated as OKRs. They’ve become a popular form of setting performance goals and measuring progress towards those goals, notes Red Hat technology evangelist Gordon Haff .

          “They’re generally attributed to Andy Grove when he was CEO of Intel in the 1980s, but later spread to a variety of other companies, primarily through the venture capitalist community,” Haff says. Today, they’re common in most IT groups and many line-of-business groups – putting the emphasis on individual and team performance outcomes, versus output.

      • Debian Family

        • Tails Devs Need Your Help to Test the New Tor Connection Wizard

          With Tails 4.18 out the door last week, it’s time for the Tails devs to focus on the next release, Tails 4.19, which will ship with a brand-new Tor Connection wizard that completely changes the way Tails connects to the Tor network.

          Currently, Tails connects to the Tor network automatically, but with the new Tor Connection wizard you’ll be able to choose to connect to the Tor network automatically, configure a Tor bridge, or connect to the Tor network using a safer way when you need to be completely unnoticed to those monitoring your Internet traffic.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • [Old] Malware is not only about viruses – companies preinstall it all the time

        The companies that sell malware are skilled at spinning the malfunctionalities as services to the consumer but they could offer most of these services with freedom and anonymity if they wanted to.

        It is fashionable to recognise the viciousness of today’s computing only to declare resistance unthinkable. Many claim that no one could resist gratification for mere freedom and privacy. But it’s not as hard as they say. We can resist: [...]

      • FSF

        • GNU Projects

          • GCC 11.1 Is Released

            GCC 11.1 has made std=gnu++17 the default C++ language and DWARF 5 the default debugging format for targets that produce DWARF debugging information. There is also very experimental C++23 support, C2X enhancements and a whole lot more.


            The biggest change since GCC 10 is that -std=gnu++17, instead of -std=gnu++14, is now the default C++ language. That’s just one of many changes to the GNU Compiler Collection’s C++ compiler. This release adds several new C++20 features like array size deduction in new-expressions and pseudo-destructors end object lifetimes. The C++ Standards Support in GCC has an overview of what parts of the C++20 standard, published in 2020 as the name implies, are implemented in GCC 11.1.

            GCC 11.1 introduces two new warnings that are enabled if C++20 is used: -Wdeprecated-enum-enum-conversion and -Wdeprecated-enum-float-conversion. First first warns about deprecated arithmetic conversions on operands of enumeration types, and the latter warns about deprecated arithmetic conversions on operands where one is of enumeration type and the other is of a floating-point type.

            GCC 11.1 also adds some initial support for the upcoming C++23 standard. That standard is still a draft, so it is way to early to actually use any of the C++23 features.

          • GNU Guile 3.0.6 released

            We are pleased to announce the release of GNU Guile 3.0.6. This release improves source-location information for compiled code, removes the dependency on libltdl, fixes some important bugs, adds an optional bundled “mini-gmp” library, as well as the usual set of minor optimizations and bug fixes. For full details, see the NEWS entry. See the release note for signatures, download links, and all the rest. Happy hacking!

      • Programming/Development

        • [Old] How to safely open-source internal software – Some best practices

          On this post we’ll be focusing on a few essentials that should be done before making your project open-source:

          Scan your repository for secrets

          Replace internal names and emails with public ones

          Write your contribution guidelines (CONTRIBUTING.md)

          Write a bug report template and a pull request template

          Choose your License (LICENSE.md)

          Write your security policy (SECURITY.md)

          Write your project’s introduction (README.md)

    • Standards/Consortia

      • [Old] Has UML died without anyone noticing?

        A few years later, maybe around 2015-ish, I realised that I had pretty much stopped using UML, and so had the rest of my peers and nearly every Fortune 500 customer I have consulted for recently. What happened?

        I know. It was a death by a 1000 cuts. And no, UML wasn’t killed by the business community because of its complexity or rigour. Au contraire, business folks loved the ability to communicate clearly and unambiguously by using a handful of new symbols of conventions. It was the IT folks who brought UML to the table (as I did back in the day) and took it away in a puff of smoke.

        But it wasn’t UML that got killed, per se. In fairness, UML was just collateral damage. The massacre was in the entire requirements engineering field encompassing business analysis and design. Agile was the assassin and user stories were her deadly, poisonous arrow heads (pun intended).

      • Senators ramp up efforts to create standards for self-driving cars

        Sens. Gary Peters (D-Mich.) and John Thune (R-S.D.) on Tuesday strongly argued for the need to advance legislation around autonomous vehicles in order to decrease traffic fatalities and increase the mobility of the elderly and those with disabilities.

  • Leftovers

    • Exit
    • Americans Minds are Artificially Intelligent

      It is tempting to think that free-will exists. Unfortunately, it does not, particularly in America (tip of the hat to Baruch Spinoza writing in his Ethics). Taste in music (rap, rock, pop, etc.), fashion and food; political orientation whether left, right or center; what sports team to support, or vehicle to drive, or television series to watch is all supplied by media/corporations to American brains that are as malleable as silly putty.  The mind easily succumbs to the totalitarian machinations of the American domestic/global capitalist network as its marketers, advertisers, and politicians/ideologues pound content into the brain via television news, hand-held computers/telephones, the world wide web, social media, and legacy media. Alberto J. L. Carrillo Canan believes that “the dominant technological forms determine the way we conceive reality, human life and mind.”

      How does one account for a meaningful life in American society? What would be contained in a meaningful life’s ledger? How do you determine if you are free and not programmed? Two days of administered freedom at the end of the workweek? A new car? A two-week vacation at the beach? A mammoth flat screen television? A new iPhone? A new season of a television series on Netflix? A college degree? A mortgage on the house?  A yearly bonus for productivity? The ability to vote for only two candidates for the President of the United States? An opinion you really believe is yours?

    • Why The New York Times Is Retiring the Term ‘Op-Ed’

      That important mission remains the same. But it’s time to change the name. The reason is simple: In the digital world, in which millions of Times readers absorb the paper’s journalism online, there is no geographical “Op-Ed,” just as there is no geographical “Ed” for Op-Ed to be opposite to. It is a relic of an older age and an older print newspaper design.

      So now, at age 50, the designation will be retired. Editorials will still be called editorials, but the articles written by outside writers will be known as “Guest Essays,” a title that will appear prominently above the headline.

    • Science

      • We were promised Strong AI, but instead we got metadata analysis

        Google never publish what they have inferred about a web page with their clever AI techniques. Even webmasters are only given access to a very small portion of the data about their own sites to allow them to debug issues. The whole system is stunningly opaque.

        The best argument for metadata is that it’s open and there for anyone to read. Anyone who wants to can easily write a parser for the OpenGraph tags. They don’t need gads of AI models or cloud computing or whatever to understand something simple about a web page.

        It’s important, though, that the metadata sits on or near the thing itself, and that if it doesn’t, that there isn’t a requirement for lots of interaction or co-operation to get it. Having to plead for access to or pay for metadata usually ends up empowering monopolies or creating needless data middlemen (who drone on and on about how “data is the new oil”). At best it creates little barriers to getting started. Finance in particular is riddled with this problem.

      • When AIs Start Hacking

        As I discuss in my report, while hacks can be used by attackers to exploit systems, they can also be used by defenders to patch and secure systems. So in the long run, AI hackers will favor the defense because our software, tax code, financial systems, and so on can be patched before they’re deployed. Of course, the transition period is dangerous because of all the legacy rules that will be hacked. There, our solution has to be resilience.

        We need to build resilient governing structures that can quickly and effectively respond to the hacks. It won’t do any good if it takes years to update the tax code, or if a legislative hack becomes so entrenched that it can’t be patched for political reasons. This is a hard problem of modern governance. It also isn’t a substantially different problem than building governing structures that can operate at the speed and complexity of the information age.

        What I’ve been describing is the interplay between human and computer systems, and the risks inherent when the computers start doing the part of humans. This, too, is a more general problem than AI hackers. It’s also one that technologists and futurists are writing about. And while it’s easy to let technology lead us into the future, we’re much better off if we as a society decide what technology’s role in our future should be.

      • The Coming AI Hackers

        Artificial intelligence—AI—is an information technology. It consists of software. It runs on computers. And it is already deeply embedded into our social fabric, both in ways we understand and in ways we don’t. It will hack our society to a degree and effect unlike anything that’s come before. I mean this in two very different ways. One, AI systems will be used to hack us. And two, AI systems will themselves become hackers: finding vulnerabilities in all sorts of social, economic, and political systems, and then exploiting them at an unprecedented speed, scale, and scope. It’s not just a difference in degree; it’s a difference in kind. We risk a future of AI systems hacking other AI systems, with humans being little more than collateral damage.

        This isn’t hyperbole. Okay, maybe it’s a bit of hyperbole, but none of this requires far-future science-fiction technology. I’m not postulating any “singularity,” where the AI-learning feedback loop becomes so fast that it outstrips human understanding. I’m not assuming intelligent androids like Data (Star Trek), R2-D2 (Star Wars), or Marvin the Paranoid Android (The Hitchhiker’s Guide to the Galaxy). My scenarios don’t require evil intent on the part of anyone. We don’t need malicious AI systems like Skynet (Terminator) or the Agents (Matrix). Some of the hacks I will discuss don’t even require major research breakthroughs. They’ll improve as AI techniques get more sophisticated, but we can see hints of them in operation today. This hacking will come naturally, as AIs become more advanced at learning, understanding, and problem-solving.

        In this essay, I will talk about the implications of AI hackers. First, I will generalize “hacking” to include economic, social, and political systems—and also our brains. Next, I will describe how AI systems will be used to hack us. Then, I will explain how AIs will hack the economic, social, and political systems that comprise society. Finally, I will discuss the implications of a world of AI hackers, and point towards possible defenses. It’s not all as bleak as it might sound.

    • Education

    • Health/Nutrition

      • The Future of Water in the American Southwest

        The Southwestern states, in particular, have faced frequent and ongoing droughts over the past two decades, and traditional water supplies are failing. As groundwater supplies in the region have depleted substantially, rainfall has decreased and the costs of importing water have risen substantially.

        The region looks to the Colorado River as its plumbing system, which currently provides drinking water to 1 in 10 Americans—all while irrigating nearly 5.5 million acres of land. But it’s also being stretched to its limits: Population growth and expansive development are increasing agricultural demands. Meanwhile, the pressure to ensure that there is sufficient water left in the environment to support ecosystems has accelerated. According to a study by the U.S. Department of the Interior Bureau of Reclamation, the demands on the Colorado River are expected to exceed supply by 2040.

      • ‘Like science fiction,’ Seattle startup sends laser-equipped robots to zap weeds on farmland

        Seattle-based Carbon Robotics this week revealed the latest iteration of its nine-foot-long robot designed to weed fields of row crops, replacing human labor or herbicides. With 12 cameras and eight lasers, the machine zaps the unwanted plants at up to 5 miles per hour.

    • Integrity/Availability

      • Proprietary

        • Post Office scandal: What the Horizon saga is all about

          Between 2000 and 2014, the Post Office prosecuted 736 sub-postmasters and sub-postmistresses – an average of one a week – based on information from a recently installed computer system called Horizon.

          Some went to prison following convictions for false accounting and theft, many were financially ruined and have described being shunned by their communities. Some have since died.

          After 20 years, campaigners won a legal battle to have their cases reconsidered, after claiming that the computer system was flawed.

        • Don’t Share Your $HOME with Untrusted Guests

          On all Unix-based operating systems of which MacOS is an instance, a write access to the user’s home folder is essentially a “game over” from the attacker’s perspective. While classic operating systems have long accepted the fact and routinely ensure privilege separation where it’s due, hypervisors have to factor in their Host OS design specifics in new and unprecedented ways.

        • Apple’s AppTrackingTransparency is Upending Mobile Phone Tracking

          In short, AppTrackingTransparency (or ATT) means that apps are now required to ask you permission if they want to track you and your activity across other apps. The kind of consent interface that ATT offers is not new, and it’s similar for other permissions that mobile users will be accustomed to (e.g., when an app requests access to your microphone, camera, or location). It’s normal for apps to be required to request the user’s permission for access to specific device functions or data, and third-party tracking should be no different. You can mark your ATT preferences app by app, or set it overall for all apps. 

          Much of ATT revolves around your iPhone’s IDFA, or “ID for advertisers.” This 16-byte string of numbers and letters is like a license plate for your iPhone. (Google has the same kind of identifier for Android, called the Android Ad ID; these identifiers are referred to collectively as “ad IDs”). Previously, you could opt out of IDFA’s always-on surveillance deep in the settings of your iPhone; now, ATT means that IDFA settings are more visible, opt-in, and per app. 

          The main feature of ATT is the technical control on IDFA, but the framework will regulate other kinds of tracking, too: if an app does not have your permission to “track” you, it is also not allowed to use identifiers like your phone number, for example, to do so. Presumably, this policy-level feature will depend on Apple’s app store review process to be effective.

        • Anatomy of Cobalt Strike’s DLL Stager

          During my free time I enjoy analyzing samples NVISO spots in-the-wild, and hence further dissected the Cobalt Strike DLL payload. This blog post will cover the payload’s anatomy, design choices and highlight ways to reduce both log footprint and time-to-shellcode.

        • Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

          Earlier this year, the FBI in partnership with the Dutch National High Technical Crimes Unit (NHTCU), German Federal Criminal Police Office (BKA) and other international law enforcement agencies brought down what Europol rereferred to as the world’s most dangerous malware: Emotet. This strain of malware dates back as far as 2014 and it became a gateway into infected machines for other strains of malware ranging from banking trojans to credential stealers to ransomware. Emotet was extremely destructive and wreaked havoc across the globe before eventually being brought to a halt in February.

        • Law enforcement delivers final blow to Emotet

          But over the weekend authorities sent a specially crafted file to infected devices that is meant to make it so Emotet is no longer run automatically on infected machines. The action is intended to make it so Emotet’s persistence mechanism is removed and disrupt any existing infections, according to security researchers at Malwarebytes.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Submitting known buggy Linux patches ‘ethical, noble and brave’

                A developer known as Giacomo Tesio has backed the actions of students and staff from the University of Minnesota, who sent known buggy patches to the stable Linux kernel maintainer Greg Kroah-Hartman, writing that the act was “not just ethical, but noble and brave”.

                “All the livor and drama that followed your research proves that the Linux Foundation failed to learn the lessons of Heartbleed,” Tesio said in a post to the kernel mailing list.

                He was referring to a 2014 vulnerability in OpenSSL, a cryptographic library that enables SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption. The flaw would have allowed attackers to monitor all information that flows between a user and a Web service, and could even decrypt past traffic collected. The bug was discovered by three researchers from security firm Codenomicon and Neel Mehta, a security researcher at Google.

                Tesio said what the students — Qiushi Wu and Aditya Pakki — and their instructor — Kangjie Lu — had done was a valuable discovery “for all of us”.

        • Security

          • Privacy/Surveillance

            • UK Child Welfare Agency’s Anti-Encryption ‘Research’ Ignored Everything It Didn’t Want To Hear

              In late March, the UK’s National Society for the Prevention of Cruelty to Children (NSPCC) started injecting its anti-encryption views into the major papers via some press releases and statements claiming encryption was the “biggest threat to children online.” It also claimed its stance was supported by a soon-to-be-released report, which had gathered opinions and analysis from a number of stakeholders.

            • As the battle to set 6G standards begins, UK spy agency warns China seeks to “control the global operating system”

              Although the Politico piece is a little over-excited about the still vague possibilities opened up by the technology, it is spot-on when it comes to pinpointing the underlying political forces driving the growing interest in 6G. It quotes the US Senator Mark Warner, a Democrat who chairs the Senate Intelligence Committee, as saying: “5G was the wake up call, the holy crap moment. China is setting the standards for the future.” That’s something that China is quite open about. In an article on the China Daily site – effectively, the in-house news organisation of the Chinese government – Yang Xiaowei, deputy head of the Cyberspace Administration of China, said of his country’s 6G research: “More efforts will also be made to fully release the vitality of data through speeding up the building of systems and standards to accommodate data flow, cross-border data transmission and data security protection.”

            • EU unveils proposals for wide-ranging AI regulation with a global reach, and facial recognition systems flagged up as “high risk”

              At the heart of the new proposals lies a risk-based approach. AI systems considered a “clear threat” to safety, livelihoods and people’s rights, will be banned. These include AI systems that “manipulate human behaviour to circumvent users’ free will”, and “systems that allow ‘social scoring’ by governments”, of the kind pioneered in China. So-called “high-risk” AI systems will be subject to a variety of obligations before they can be put on the market, including risk assessment, high quality datasets, logging of activity, detailed documentation, human oversight and a high level of robustness, security, and accuracy. Systems considered high risk are those in critical infrastructure; educational applications that may determine access; employment applications such as software that sorts through job applications; private and public services such as credit scoring; law enforcement; border control; and administration of justice and democratic processes. Of particular interest to readers of this blog will be the following comment in the Questions and Answers document:

            • YouTube Ad Revenue Tops $6B in First Quarter

              The Google-owned video platform brought in more than $6 billion in advertising revenue in the first quarter of 2021, according to the quarterly earnings report of parent company Alphabet.

              That is up from $4 billion in the same quarter of last year, a 50 percent year-over-year growth rate. YouTube first revealed its advertising revenue a year ago, and since then saw its fortunes wobble somewhat amid the pandemic advertising drawdown. Now, however, the video site is seeing turbocharged growth return.

              YouTube is also increasingly playing hardball in distribution negotiations involving its flagship app and its YouTube TV live TV service. This week a dispute with Roku was revealed publicly.

            • China’s domestic surveillance programmes benefit foreign spies

              China’s suspicion contains an irony, however. Removing Western devices from Chinese networks will not keep China secure from its adversaries, because the Chinese government itself insists upon weakening the security of those networks and devices for its own purposes. Though America tends to hyperventilate about Chinese intrusion, it is China whose digital security is more precarious.

              This is because of the Chinese government’s insistence on being able to monitor and control the information that flows through the country’s digital networks. For instance, all messages sent on WeChat, China’s most widely used messaging application, must pass through central servers as plain text, unencrypted, so that the company can filter and censor them according to the government’s requirements. This makes those servers a ripe target for any foreign agents who want to spy on Chinese citizens, who between them have more than a billion WeChat accounts.

            • A complete Facebook data breach & privacy leak timeline (2005 to 2021)

              Social media titan Facebook entered our lives in the year 2004 and has become a part of our daily lives ever since. Launched by Mark Zuckerberg, Facebook was initially made available to just Harvard and later expanded to include students of other US universities. In 2006, the social media platform decided to open itself to the public, and the rest is history. However, this blog is not about celebrating Facebook’s success as a platform but to give you a timeline of Facebook data breaches that have made data of millions of its users vulnerable to hackers.

              Not many people know that Facebook faced its first vulnerability in 2005 when MIT researchers developed a script that could download publicly posted information of over 70,000 users. Since then, it has frequently found itself became a victim of such data breaches. Despite what they say in response to the data breaches they face, it has failed to provide privacy assurance to its users, time and again. If you want to know how many data breaches Facebook had or want a Facebook privacy leak and fail history, you’ve come to the right place.

              Here’s a Facebook data breach timeline and privacy fails.

            • Canada’s Proposed Privacy Law Reforms Are Not Enough

              In an effort to update Canada’s federal commercial privacy legislation, the Canadian government has introduced new consumer privacy protection legislation. Bill C-11: Digital Charter Implementation Act, 2020, and in particular the Consumer Privacy Protection Act (CPPA) that is part of the larger piece of legislation, would significantly reshape Canada’s federal commercial privacy requirements. The legislation has been designed to advance consumer interests, as opposed to being based upon human rights principles, and would transform the nature of consent by expanding the range of situations where consent isn’t required to obtain, use, or disclose personal information. More positively, if passed as drafted the legislation would better empower the Privacy Commissioner and create a tribunal which would be responsible for enforcing the Commissioner’s decisions, and could assign monetary penalties where appropriate. Entirely absent from the legislation, however, is a requirement that organizations truly behave more transparently. Nor does the legislation meaningfully enhance the current limited rules which enable individuals to access and correct their personal information that is held by organizations. The proposed legislation also fails to satisfactorily ensure that whistleblowers who come to the Privacy Commissioner would be adequately protected from retribution.

            • British Music Industry Resoundingly Supports COVID Passports — With a Few Caveats

              UK Music backed the idea of COVID-19 vaccine passports (as well as other “status certification measures”) in an open letter to Prime Minister Boris Johnson, leader of the opposition Keir Starmer, and several additional MPs. For reference, the 13-year-old organization in January stated that “the combination of vaccines and rapid testing gives hope that we will be in a position to hold large-scale events by the middle of this year.”

              After reiterating that the live-entertainment space stands to benefit from the rollback of lockdown measures and large-gathering bans – “a continuation of restrictions threatens additional financial pressures on the sector” – the British music industry representative’s recently published message addresses the possibility that vaccine passports could expedite the timetable associated with said rollback.

            • Spotify Is Getting Directly Integrated Into Facebook — Starting Next Week

              Facebook CEO Mark Zuckerberg revealed his platform’s fast-approaching integration of Spotify during a recent interview with journalist Casey Newton. The lengthy discussion centered largely on the social media company’s planned expansion into audio, which Zuckerberg believes is “going to be a first-class medium.”

              Worth mentioning on this front is that the 36-year-old Facebook head also unveiled the ongoing development of Soundbites, a short-form audio project. (Moreover, Facebook detailed Soundbites as well as its support for podcasts in a formal release, but this announcement message doesn’t mention the Spotify integration.) Spotify late last month acquired Locker Room, a prominent Clubhouse competitor, and outlined plans to begin hosting “real-time discussions, debates, ask me anything (AMA) sessions, and more.”

    • Defence/Aggression

      • Why the Embargo Against Cuba?

        Don’t count it. Squeezing the life out of the Cuban people as a way to get regime change has become such a normalized way of life for the United States that it is unlikely that this cruel and brutal policy will be ended anytime soon.

        Back in the day, the embargo was justified as part of the Cold War against “godless communism” and, specifically, the international communist conspiracy that was supposedly based in Moscow, Russia and that supposedly threatened to envelope the United States and the rest of the world. (Yes, that Russia, the one we are being called upon, once again, to treat as our official enemy.) The Pentagon and the CIA steadfastly maintained that the “national security” of the United States was gravely threatened by a communist outpost only 90 miles away from American shores.

      • Almost Everything Biden Said About Ending the Afghanistan War Was a Lie

        U.S. military leaders and generals gave a much more accurate assessment of the war’s future in the days following Biden’s speech. Former CIA officer and counterterrorism expert Marc Polymeropoulos explained to the Times, “What we are really talking about are how to collect intelligence and then act against terrorist targets without any infrastructure or personnel in the country other than essentially the embassy in Kabul.” In other words, the U.S. wants to wage a remotely run war against Afghanistan, as it has done in other nations like Yemen, Syria, and Somalia.

        Defense Secretary Lloyd Austin added his two cents, underscoring the U.S.’s ability to wage war without troops on the ground, saying, “There’s probably not a space on the globe that the United States and its allies can’t reach.” Marine Corps Gen. Kenneth McKenzie Jr. echoed this sentiment in ominous terms on April 20 at a House Armed Services Committee hearing, saying, “if we’re going to strike something [in Afghanistan], we’re going to strike it in concert with the law of armed conflict and the American way of war.”

      • Opinion | America Hacks Itself: The Cold War Has Already Turned Hot—on the Internet

        Waiting for the cyber-apocalypse.

      • How US government fronts shape media coverage of Myanmar upheaval, propagandize for Western intervention
      • World police: Washington seeks to imprison foreign businesspeople for violating illegal US sanctions
      • The Successful Campaign to Block Matthew Rojansky’s Appointment Is Ominous for Biden’s Russia Policy

        When a new administration comes to Washington, the flowery rhetoric and springtime promises are often less revealing than who is put where to run the place. That’s why many of Washington’s most scurrilous campaigns are backstage fights over potential appointments. And that’s why the successful campaign to block the appointment of Matthew Rojansky as Russia director on the National Security Council is not only a sad reflection of the poisonous state of the debate on Russian policy today, but also an ominous sign for Biden’s foreign policy going forward.

      • Moscow judge ‘limits’ what Navalny’s Anti-Corruption Foundation can legally do, pending extremism ruling

        Ahead of a ruling in the extremism case brought by prosecutors against Alexey Navalny’s anti-corruption organizations, the Moscow City Court has approved preliminary restrictions on what these civic groups can do. 

      • Team Navalny’s final days Russia’s justice system hasn’t yet banned the opposition movement, technically speaking, but just try telling that to activists on the ground

        Alexey Navalny’s Anti-Corruption Foundation achieved its greatest visibility ever earlier this year when the group released a documentary film describing a vast “palace” and winery empire reportedly controlled by Vladimir Putin. Just before the video was published on YouTube (where it now has more than 116 million views), Navalny himself hijacked the global narrative about Russia by returning to Moscow and becoming one of the world’s best-known political prisoners. Following a series of mass protests organized without official permits by Navalny’s political and anti-corruption groups, the Russian authorities initiated legal proceedings that will likely obliterate this opposition movement’s capacity for coordinated activism. Meduza summarizes how this process unfolded over the past week.

      • Russian police visit homes of journalists who covered the Navalny solidarity rallies

        Police came to the home of Dozhd correspondent Alexey Korostelev on the morning of Tuesday, April 27, to press administrative charges against him for alleged involvement in an unauthorized rally on April 21.

      • DHS extends REAL-ID airport enforcement “deadline” again

        The Department of Homeland Security has once again postponed its self-proclaimed “deadline” for enforcement of the REAL-ID Act at airports, this time from October 1, 2021, to May 3, 2023.

        The latest postponement proves, once again, that the dates of the DHS threats to begin “enforcing” the REAL-ID Act at airports are as changeable as the dates in any of the threats made by extortionists or kidnappers. Today’s DHS press release is more like a ransom note than a legal notice: “If you get an ID we deem acceptable, we might not harass you as much when you fly, and we might allow you to exercise your right to travel.”

        It remains unclear what enforcement of the REAL-ID Act at airports might mean. No law requires air travelers to have any ID, and the REAL-ID Act doesn’t change that.  The Transportation Security Administration recently posted a video showing how you can fly without ID.  But today’s DHS press release implies that the DHS is contemplating denying passage through TSA checkpoints at airports to travelers who don’t have, don’t carry, or don’t chose to show ID credentials that the DHS and TSA deem “compliant” or “acceptable”:

      • Ivy League Secret Exposed: Classes Used Bones of Black Children Killed in 1985 MOVE Police Bombing

        Outrage is growing in Philadelphia after explosive revelations that the University of Pennsylvania and Princeton University have been in possession of remains thought to belong to two children who were among 11 people killed in the 1985 police bombing of the Philadelphia home of the radical, Black liberation and anti-police-brutality group MOVE. We show an excerpt of a training video — now removed from the internet — by an anthropologist at the University of Pennsylvania and Princeton University who has been using the bones of at least one of the young bombing victims for the past 36 years — without the knowledge or consent of the families — and get response from a MOVE family member. “It makes you wonder: What else do they have?” says Mike Africa Jr., a second-generation MOVE member who grew up with the children whose remains have now been located. “What else are they covering up? What else are they lying about?”

      • “A Warrant Is Not a License to Kill”: Rev. William Barber Condemns Police “Execution” of Andrew Brown

        Hundreds of demonstrators have taken to the streets of Elizabeth City, North Carolina, to protest the police killing of Andrew Brown Jr., a 42-year-old Black father shot dead in his car on April 21. On Monday, authorities allowed Brown’s family and attorney to watch a 20-second video clip of the shooting. The family says it shows Brown was shot in the back of the head while his hands were on the steering wheel of a car, calling it an “execution.” Seven sheriff’s deputies have already been placed on paid administrative leave; two other deputies have resigned, and another retired over the past week. But supporters say authorities must provide greater accountability and release the full footage of the shooting. “They waited 120 hours to get 20 seconds,” says Rev. William Barber, co-chair of the Poor People’s Campaign and president of Repairers of the Breach. “That is absolutely ridiculous.” Barber notes police killed Brown Jr. on the same day Virginia cops shot Isaiah Brown after he called 911, the day after Derek Chauvin was convicted of murdering George Floyd on the same day a Columbus police officer killed 16-year-old Ma’Khia Bryant.

      • Lee Camp: The CIA Has Been Taking Over for Decades

        December 22, 1963 — exactly one month after President John F. Kennedy had been assassinated, former President Harry S. Truman published an op-ed in the Washington Post that most people, especially our perfumed ruling elite, wanted to ignore.

      • Opinion | Birth Of A Nation
      • Focusing Purely on Injustices in China and Russia with a Cold War Mindset Damages Human Rights Everywhere
      • The Armenian Genocide Continues

        Not only has Turkey repeatedly denied culpability for the Armenian Genocide; it appears intent on reigniting it, most recently by helping Azerbaijan wage war on Armenia in the context of the Nagorno-Karabakh dispute, which again erupted in late 2020.

      • Facebook Stopped Employees From Reading An Internal Report About Its Role In The Insurrection. You Can Read It Here.

        Last Thursday, BuzzFeed News revealed that an internal Facebook report concluded that the company had failed to prevent the “Stop the Steal” movement from using its platform to subvert the election, encourage violence, and help incite the Jan. 6 attempted coup on the US Capitol.

        Titled “Stop the Steal and Patriot Party: The Growth and Mitigation of an Adversarial Harmful Movement,” the report is one of the most important analyses of how the insurrectionist effort to overturn a free and fair US presidential election spread across the world’s largest social network — and how Facebook missed critical warning signs. The report examines how the company was caught flat-footed as the Stop the Steal Facebook group supercharged a movement to undermine democracy, and concludes the company was unprepared to stop people from spreading hate and incitement to violence on its platform.

        The report’s authors, who were part of an internal task force studying harmful networks, published the document to Facebook’s internal message board last month, making it broadly available to company employees. But after BuzzFeed News revealed the report’s existence last week, many employees were restricted from accessing it.

    • Transparency/Investigative Reporting

      • Right-wing media pushes bogus story about Kamala Harris’ book being given to immigrant kids

        The New York Post, a conservative tabloid owned by Rupert Murdoch, published an entirely bogus story — which eventually made its way into the White House briefing room — claiming that Vice President Kamala Harris’ children’s book “Superheroes Are Everywhere” was being passed out to migrant children who had recently arrived in the U.S. On Tuesday, the Post deleted the two stories making the false claim from its site, only to publish corrected versions hours later to place the articles back online with a brief editor’s note.

    • Environment

      • Cool homes and hot water are there on the cheap

        Would you like cool homes and hot water without paying to power them? They’re already working in the laboratory.

      • Energy

      • Wildlife/Nature

        • Idaho’s Wolf Slaughter Bill Stampedes Toward a Vote

          If passed into law, 1211 would allow an unlimited number of wolf tags per hunter, no restrictions on methods of take, establishment of year-round trapping seasons on private lands, and allowing the state Wolf Depredation Control Board to hire independent contractors to kill wolves. The bill would allow wolves to be killed using any method available for other wild canids–including aerial gunning and, potentially, deadly poisons. And it allows wolf tags to be used for hunting, trapping, or snaring in any unit when seasons are open at the time of take. This proposed legislation comes on the heels of newly expanded wolf hunting and trapping seasons for much of Idaho adopted by the Idaho Fish and Game Commission in February.

          The use of wolves as a political pawn is an affront to science-based management of wildlife, and only proves that state management of wolves and other predators without federal oversight is a recipe for extinction. Idaho’s wolf population was removed from Endangered Species Act protection by legislative rider in 2011, and wolves were removed from Endangered Species Act protection nationwide just last year. There is no valid justification in all of wildlife management for this kind of radical reduction of a native species, so far below the natural carrying capacity of the environment.

    • Finance

    • AstroTurf/Lobbying/Politics

      • The Most Righteous Thing Joe Biden Has Done as President

        I have waited my entire life for an American president to speak a full measure of truth about the Armenian genocide.

      • Biden’s Recovery: How’s the Hopey-Changey Thing Working Our for You?

        We are going to get the GDP growth data for the first quarter this week and it is almost certain to be very strong, quite likely over 7.0 percent. This is great news in terms of recovering from the pandemic recession and getting people back to work, but we know that all the inflation hawks will be yelling that we will soon be back in the 1970s, with inflation spiraling ever higher. For this reason, it’s worth trying to dissect the data to see if it can give evidence that bears on this question.

        Productivity Growth

      • How to Stop Republicans from Stealing Elections

        The stakes could not be higher. Simply put, it’s democracy or authoritarianism.

      • [Old] Analyzing how hackers breached the Indian government – play by play

        This is another attack executed by the white hat hacking group Sakura Samurai however what makes this breach in particular so interesting is the multiple state-owned organizations that were affected. In total, 26 different government departments and organizations were compromised. This post aims to provide a play-by-play breakdown of exactly how the attack unfolded, review the methodology the attackers implemented and the tools that were used throughout.

      • The thermocline of truth

        Webster observed that, generally speaking, those at the bottom of an organisation have a fairly accurate view of what’s going on. They’re close to the detail; they know whether their area of the project is on-track, and can infer from that the state of the wider project.

        Those at the top, though, have no such first-hand knowledge. They rely on the bubbling-up of information from below, in the form of dashboards and status reports. But, Webster noticed, those status reports tend to produce a comically optimistic view of the state of the project. Individual contributors presented a rosy picture of what they were working on to their line managers; middle managers gave good news to their bosses; and senior managers, keen to stay on the promotion track and perhaps hopeful that other parts of the project would fail before theirs, massage the truth yet again.

        The result is that there is a thermocline within the organisation: not of temperature, but of truth. There is a clear line in the org chart, below which the truth of the project’s disastrous state is known, but above which everything looks rosy.

    • Misinformation/Disinformation

      • China [Astroturfers] Circulate Fake Taiwan Presidential Office Memo on Social Media

        Images of falsified a Taiwan Presidential Office memo circulated widely online this month, angering the island’s democratic government by claiming that Taiwan had agreed to receive the nuclear wastewater from Fukushima, Japan.

        In a world of increasingly sophisticated fakes and forgeries, the bogus Taiwan Presidential Office memo posted on Twitter announcing “the government will receive wastewater from Japan” was sloppy with fingerprints from the communist mainland, experts said.

      • Russia Accused Of Using Deepfakes To Imitate Political Rivals

        Kols claimed that he received an email from the person claiming to be Volkov requesting a video conference with him. During the meeting, they discussed Russia’s political prisoners and aggression against Crimea.

        Later, he realized that it might not have been Volkov at all after the alleged imposter attended a Ukrainian Foreign Affairs Committee meeting and became openly combative, according to Lithuanian Radio and Television. By then, though, the individual had already attended several meetings with top-level officials in the European Union.

      • Congress is way behind on algorithmic misinformation

        Congress’ slow walk was particularly notable compared with the expert panelists, who presented algorithmic disinformation as an existential threat to our system of government. “The biggest problem facing our nation is misinformation-at-scale,” Joan Donovan, research director at Harvard’s Shorenstein Center on Media, Politics and Public Policy, said Tuesday. “The cost of doing nothing is democracy’s end.”

    • Censorship/Free Speech

      • Knowing Who to Stand Up For: Heritage Minister Steven Guilbeault and the Regulation of Free Speech

        Guilbeault has made his position clear: he will not stand up to lobbyists, will not stand up for the rights of individual Canadians, and does not stand for freedom of expression. It is time for Canadians to take a stand against Bill C-10.

      • NYT host says Florida riot bill lets authorities ‘pick and choose’ on protesting

        Jane Coaston, host of The New York Times podcast “The Argument,” said Monday that Florida’s new “anti-riot bill,” which she called “incredibly vague,” allows law enforcement to “pick and choose” who is protesting properly.

        “I think that one of the challenges we’re seeing here is that this bill is allowing law enforcement to pick and choose who is protesting in the right way and who is protesting in the wrong way,” Coaston said on Hill.TV’s “Rising.”

        “It basically gives law enforcement officials the ability to say, ‘this protest, I don’t like it, so it’s unlawful assembly,’ and that means that everyone who’s arrested from the unlawful assembly that the law enforcement has just decided it was gets arrested and held for an entire evening,” she added.

      • ‘Cursing Cheerleader’ Snapchat Case Could Reshape Student Free Speech

        The school district, not satisfied with the lower-court rulings, appealed to the Supreme Court, which in January agreed to hear the case. On April 28, the Court will hear arguments in Mahanoy Area School District v. B.L. “This case may have started with a student expressing strong emotion in a seemingly trivial social media post,” said Travis Harper, a student and judicial advocacy associate with March for Our Lives, but “the question now before the Court could not be more important to the First Amendment rights of young people.”

      • Joe Rogan Says YouTube Censorship Is One of the Reasons He Went to Spotify

        It’s unclear if Rogan was threatened with YouTube demonetization or content removals prior to signing his Spotify contract. Either way, Rogan clearly sees an issue with efforts to muzzle comedians and non-conforming thought.

        After mentioning Dillion and his own motivations for vacating YouTube, Rogan alluded to broader bans against comedians, whether on YouTube or college campuses. “It’s a weird world out there man, and the world — it’s a f—king outrageous thing to say — but I think the world needs comedy, I think we do. I think it’s important for mental health, I think it’s important for mental clarity, I think it’s important to make fun of s—t.”

        Ironically, Rogan’s arrival at Spotify was hardly censorship-free.

      • China’s State Media Play Down Oscar Wins For Beijing-Born Chloe Zhao

        Official Chinese media on Monday lashed out at Chinese-born director Chloe Zhao after she landed an Oscar for best director for her movie Nomadland, while government censors deleted references to her win from social media.

      • China’s Arrest of Tibetan Writers Blocks Dissenting Views: Rights Group

        Beginning in 2008—when widespread protests against Chinese rule swept Tibetan regions—and until 2010, nearly 60 influential Tibetan poets, writers, and other literary figures and academics were arrested by Chinese police, with the whereabouts of many still unknown, Gyal said.

        “And the reason usually given for the arrests was that they had all threatened national security and stability.”

        But what these arrests really show, Gyal said, “is that Tibetans have been deprived of their freedom of academic expression, and that the Chinese authorities can arrest them at any time simply by calling them a national threat.”

    • Freedom of Information/Freedom of the Press

    • Civil Rights/Policing

      • Police violence against children sparks demand for use-of-force laws

        Policies meant to stop police killings and the use of excessive force against civilians [sic] say little about interactions with children. The lack of oversight applies in schools across the country, where more officers have been called upon to patrol the halls, as well as on the streets. No sweeping federal laws regulate the police use of force against those 17 and under, and most law enforcement agencies don’t have clear protocols.

      • Iran must end its relentless violations against the Baha’is

        Iran has shown resolute determination over its desire to rob its Baha’i population of all citizenship rights. Having just marked the year 1400 in the Iranian calendar and 178 of the Baha’i calendar (March 20), let’s take a snapshot of the situation.

        Iran’s human rights violations against Baha’is have been distinctly state-driven, multifaceted, and severe. Though the Baha’i Faith has never been included amongst the recognized religions in Iran, non-recognition and discrimination yielded a formal policy of hostility against its members with the establishment of the Islamic Republic of Iran. Over the decades that followed, no segment of the Baha’i population has remained untouched. The description of “cradle to grave persecution” falls short, as even a deceased member of the Baha’i Faith cannot rest in peace as Baha’i cemeteries have repeatedly been bulldozed and their burials disrupted.

      • Taliban tribunal gives woman 40 lashes for talking to a man on the phone

        It only took 80 seconds for two men to rain down 40 lashes on the woman huddled on her knees as a large crowd looked on. The video of the brutal sentence carried out on an Afghan woman was filmed near Herat and posted on Facebook on April 13. It is a painful reminder of the continued operation of Taliban “courts”, even though they have been banned. For our Observer, it also symbolises the failure of the Afghan government.

    • Digital Restrictions (DRM)

    • Monopolies

      • Russia’s antimonopoly agency fines Apple $12 million following complaint from Kaspersky Lab

        Russia’s Federal Antimonopoly Service (FAS) has fined Apple $12 million for abusing its dominant position in the apps market.

      • Impacts of transportation network companies on urban mobility

        The role of transportation network companies (TNCs) in the urban transport system is under intense debate. In this study, we systematically assess three aspects of the net impacts of TNCs on urban mobility in the United States—road congestion, transit ridership and private vehicle ownership—and examine how these impacts have evolved over time. Based on a set of fixed-effect panel models estimated using metropolitan statistical area level data, we find that the entrance of TNCs led to increased road congestion in terms of both intensity (by 0.9%) and duration (by 4.5%), an 8.9% decline in transit ridership and an insignificant change in vehicle ownership. Despite the ideal of providing a sustainable mobility solution by promoting large-scale car sharing, our analysis suggests that TNCs have intensified urban transport challenges since their debut in the United States.

      • How Mark Zuckerberg and Tim Cook became foes

        At a confab for tech and media moguls in Sun Valley, Idaho, in July 2019, Tim Cook of Apple and Mark Zuckerberg of Facebook sat down to repair their fraying relationship.

        For years, the CEOs had met annually at the conference, which was held by the investment bank Allen & Co., to catch up. But this time, Facebook was grappling with a data privacy scandal. Zuckerberg had been blasted by lawmakers, regulators and executives — including Cook — for letting the information of more than 50 million Facebook users be harvested by a voter-profiling firm, Cambridge Analytica, without their consent.

      • Patents

        • How to think about vaccines and patents in a pandemic

          The economic argument for [Patent] protections seems compelling enough. Innovation is costly and risky. Pharmaceutical companies invest heavily in drug development with no guarantee of success. If other firms could freely copy a newly discovered treatment, then its price would quickly fall to the marginal cost of production, leaving the innovator unable to cover the costs of development. A short-term monopoly on production granted to innovating firms is needed to make the upfront investments economically worthwhile. Patents provide this protection.

          [Patent] protections do not always work in quite this way, however. Studies routinely find little or no evidence that strengthening them boosts subsequent innovation, argue Michele Boldrin and David Levine of Washington University in St Louis; pharmaceuticals, where [patent] rights [sic] are often assumed to be essential, are no exception. Patents award rich profits to firms even though private investment accounts for only about a third of spending on American biomedical research, they estimate. Other rewards to innovation, such as financial prizes, could yield more breakthrough drugs at lower cost. Yet for now, [patent] protections are crucial to the businesses of most of the firms developing covid-19 vaccines.

        • The Fight Against Vaccine Apartheid Goes Global

          A little over a year into the pandemic, just about 27 percent of the population of the United States has been fully vaccinated. This is a feat that once seemed impossibly distant. Yet, despite some scrambling as Americans figure out exactly when and where they can be vaccinated, the Biden administration has made it clear that, within weeks, any American adult who wants a vaccine will be able to get one. Unfortunately, this is not the case in much of the world.

        • Opinion | Any Delay in Ensuring the Greatest Availability of Vaccines Worldwide Is Morally Wrong and Foolish

          Waiving intellectual property rights so developing countries could produce more vaccines would make a big difference in reaching global herd immunity.

      • Trademarks

      • Copyrights

        • Spotify CEO Daniel Ek Wants to Buy a Football Club — Maybe He Should Pay the Artists First?

          Hundreds of angry soccer fans lined up outside the club’s Emirates Stadium to protest its current owner, Stan Kroenke. Arsenal is one of six Premier League clubs that joined a newly constructed European Super League. The move was a controversial one among fans, which led it to pull out of the newly formed league.

          Following the protests, Spotify CEO Daniel Ek expressed an interest in buying the football club. Ek is estimated to be worth $4.7 billion. “As a kid growing up, I’ve cheered for @Arsenal as long as I can remember. If KSE would like to sell Arsenal, I’d be happy to throw my hat in the ring,” Ek wrote on Twitter on April 23rd.

          Following the tweet, music fans took to Twitter to publicly flog Daniel Ek for the statement.

        • Operator of Torrent Tracker DanishBits Sentenced to One Year in Prison

          One of the ringleaders behind the defunct torrent tracker DanishBits received a one-year prison sentence today, of which nine months are conditional. The 33-year-old man was arrested in Morocco last year and later extradited to Denmark, where he admitted his involvement with the site.

        • Pirates Who Illegally Streamed Jake Paul v Ben Askren Targeted in $100m Lawsuit

          Social networking service Triller has filed a $100m lawsuit against 12 ‘business entities’ and 100 John Does who it claims were involved in the illegal streaming of the Jake Paul vs Ben Askren boxing match on April 17. According to Triller, these “cyber-criminals” are responsible for diverting two million PPV buys away from the event.

For Hire: People Who Know How to Run a Site (for Employer ‘Linux’ Foundation)

Posted in GNU/Linux at 5:05 am by Dr. Roy Schestowitz

Related: Linux Foundation Newsletter is Microsoft Windows and Proprietary IIS | The Linux Foundation’s Staff Uses Windows and Microsoft. Now the Foundation Outsources the Coding and Hosting, Too (to Microsoft of Course). | Linux Foundation Apparently Celebrates Sysadmin Day With a Microsoft Windows Site!


Summary: The above has been up and published (front page) for at least 3 hours already; this is what happens when one hires charlatans and people from Microsoft, as the Linux Foundation does — people incapable of running Linux.com


Joining Gemini Space and Reading Over Encrypted Connection Without Unnecessary Clutter

Posted in Site News at 4:25 am by Dr. Roy Schestowitz

Summary: Gemini space (some spell it Geminispace) is expanding and software for browsing Gemini capsules (client/browser) has matured to the point where it’s very easy to join in, no matter what operating system one uses

WITH over 100,000 page requests from 1,100 unique addresses (gemini://gemini.techrights.org) in less than 4 weeks we’ve convinced ourselves that Gemini protocol isn’t a waste of time and isn’t a passing fad. It’s expanding. The Gemini space is still in a state of expansion. We see more articles about it, we see more articles in it, we see more people getting involved at various capacities (some compose pages, some code, some promote, and some contribute to the formulation of a future standard).

“We recognise the fact that many people are uninterested or even intimidated by Gemini because it’s new and scarcely understood.”We wrote about gemini:// yesterday and we try to write about it at least once a week (it used to be once a day, but we’ve run out of unique things to say).

We recognise the fact that many people are uninterested or even intimidated by Gemini because it’s new and scarcely understood. For this reason, we’ve decided to reproduce below a new quickstart guide from Jason McBrayer (licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License). We’ve copied it verbatim below.

What is Gemini?

Gemini is a new way of using the Internet, separate from the World Wide Web you are familiar with. Compared to the WWW, it is intended to be:

  • Simpler – Gemini pages aren’t programs that run in your browser like most modern websites are; they’re just text with a little formatting, so there are no surprises. Once you know how one Gemini page works, you know how they all work.
  • Human Scale – Gemini servers and clients aren’t written by big, monopolistic software companies the way web browsers are; the DIY ethos of Gemini means that complete applications can be written by individual developers or small groups in a reasonable amount of time. That also means that you have more choices compared to web browsers.
  • Distraction Free – Gemini pages are text-only and have simple typography. You can view images, watch video, or listen to music over Gemini, but nothing will ever autoplay, pop over what you’re reading, or jump out of the way of your mouse.
  • Privacy Protecting – Every Gemini request is independent of every other, so there’s no way to track you between sites. Every site you visit is protected by the same encryption used by banking and eCommerce sites on the WWW.

More details are in the Official Gemini FAQ. Be aware that it’s targeted at a more technical audience than this quick start page, so you might want to skip it for now and come back later. The main thing to know is that you’re going to get a much more stripped-down experience compared to the modern WWW, but that’s okay! Some of the choices made to keep Gemini simple may seem too extreme, compared to even a bare-bones web site, but there are hidden benefits that won’t be obvious at first.

How do I read pages on Gemini?

The first thing to do is to install a Gemini client. A Gemini client is like a web browser, except instead of browsing the web, it browses Geminispace. There are at least a couple of Gemini clients available for most platforms. Here, I’m going to recommend just one, that I think will feel most familiar or least surprising to new users. That doesn’t mean I think the other ones are bad. A lot of it is just personal preference, just like with web browsers. After you get used to Gemini with the client I recommend, you may want to try some others.

You may be used to doing everything in the web browser, and find it strange or uncomfortable to have to install a different program to read Gemini pages. But you’ll get used to it; the WWW tries to be everything to everyone, both a floor-wax and a toothpaste, while Gemini tries to be good at just one thing.


You have several options for a Gemini browser on Windows, but I’m going to recommend that you install Geminaut, because of its comfortable, Windows-native user interface. Download and run the latest MSI file from the website. You will get a warning that the installer isn’t signed, which is because the developer is an independent hobbyist. If you downloaded it directly from the link above, it should be safe to “run anyway”.

A screenshot of GemiNaut on Windows 10

Lagrange is another good option – it has more features and is lightweight, but the user interface isn’t native like GemiNaut’s. There is also a nightly build of Kristall.


There are several Gemini clients that can be built for MacOS, but the only one I know of that provides pre-built downloads for a released version is Lagrange. That’s okay, because Lagrange is a very good browser. The UI doesn’t use native controls, but it’s light and fast.

A screenshot of Lagrange on MacOS

Another screenshot of Lagrange on MacOS

There may also be nightly builds of Kristall, if you’re so inclined.


There is one Gemini client on the app store, called Elaho. There is another one on TestFlight called Rocketeer.

A screenshot of Elaho on iPhone


For Android, I recommend Ariane. The developer’s site has several different download options, but if you are at all unsure, you should install from Google Play.

Deedum is also a good client for Android, but its UI is not quite as simple.

A screenshot of Ariane on Android 10

A screenshot of deedum on Android 10

GNU/Linux or Unix (desktop GUI)

If you’re able to compile programs from source, you are spoiled for choice. Most Gemini clients are developed for Linux. The main GUI choices are:

If you need a binary release, you will probably need to install Lagrange. Lagrange is on FlatHub, so if your distribution supports FlatPaks, you’re in luck. There is also a nightly AppImage of Kristall, if you prefer.

A screenshot of Lagrange on Linux (sway)

A screenshot of kristall

A screenshot of castor, with quite an odd GTK theme

GNU/Linux or Unix (terminal or console)

The situation here is similar to Linux GUI clients, but there are at least two that have binary releases:

If you’re not sure which you want, go for Amfora; it has more familiar keybindings than Bombadillo.


If there’s no Gemini client for your platform, but there is a web browser, you can use a proxy. Either portal.mozz.us or proxy.vulpes.one should work for your needs.

You shouldn’t use a proxy just because you don’t want to install a Gemini client, though! You will miss out on the experience of not using the web browser.

Where do I point my Gemini client?

By now, you should have a Gemini client installed. If you’ve tried to install one, but gotten stuck, please feel free to give me an email at help@geminiquickst.art. I don’t mind! You can do this next part using one of the web portals, but it would be better if you had a real client installed.

First, open up your Gemini client, and arrange it so that you can see both the Gemini client and the web browser you’re reading this in. You should be able to follow the rest of this tutorial in Gemini. In your Gemini client, open gemini://geminiquickst.art/. You may or may not be able to click on that link from your web browser and have it open up in your Gemini client, depending on a lot of nerd stuff that you don’t have to care about now. If it doesn’t open up on click, copy and paste gemini://geminiquickst.art/ into your Gemini client. You should get a page that’s pretty much the same as this one, though the colors and fonts may be different. Scroll it down until you reach this point, then read the rest of your page in your Gemini client, rather than your web browser.

Where do I find things to read on Gemini?

Gemini is pretty new, so like the early web, there’s not as much content as you’re used to on the modern web, and too much of it is tech stuff. But there’s a lot of other stuff there too, if you’re willing to look.

Gemlogs (like blogs)

One of the main things people have been using Gemini for is blogging. And it makes sense, because blogs are mostly text, it’s easy to find updates, and the web has made a real mess of it, where it hasn’t completely abandoned it to social media.

Several of the clients recommended above have built in feed-readers for subscribing to gemlogs and staying informed about updates. If yours does, I recommend that you take advantage of that feature as you find gemlogs you want to read. It will be more flexible than depending on a feed aggregator hosted by someone else, and easier than setting up your own feed aggregator.

But to find feeds to subscribe to, you’re best off starting with an aggregator someone else is running. This is a list of well-known public aggregators in Geminispace.

  • CAPCOM is run by Solderpunk, the founder of the Gemini project. It knows about over 200 Gemini feeds, but picks 100 every month to display. It’s a good way of finding feeds to follow.
  • Spacewalk is an aggregator that follows every update to the pages it follows. This makes it a little less accurate than CAPCOM, but can follow pages that don’t announce their updates.
  • gmisub aggregates over 100 feeds using the Gemini simple feed specification.

Curated directories of interesting pages by topic

Because Geminispace is a lot smaller than the web, it’s still somewhat possible to hand-curate a list of interesting sites. You may remember how Yahoo! got its start as a curated index of links by topic.

  • Medusae.space is an index similar to the old Yahoo!. You can browse by topic, or search.
  • Gemini Discovery is a index of search engines and indices you can use to find things you’re interested in.


You can also search Gemini, just like you can search the web. However, it’s not indexed by Google or Bing or DuckDuckGo; we have our own search engines. Or rather, search engine. There have been three search engines built for Gemini, but only one is currently active: Geminispace.info.

That said, search is not as important, currently, on Gemini as it is on the WWW. Subscriptions and cross-site links are the main ways of finding new things.

How do I publish/share things on Gemini?

This part is a little harder, but people are busily working on making it easier! The first thing that you should know is that there’s no direct equivalent of the WWW’s social media sites on Gemini. Gemini doesn’t have a built-in method for posting things, so most people posting on Gemini right now are using separate tools to write their pages or posts and to upload them to a server. And that’s leaving out registering an account on the server, which is usually done manually by the site owner! But that situation is going to get better. Right now, there are a few Gemini sites where the “separate tools” for registering an account and posting pages or updates are web applications, and it’s likely that someone will make an integrated native application.

Gemini sites with WWW applications for posting

  • The Midnight Pub is a hybrid Gemini site with a “local pub” theme. Some people post regular gemlogs, some people role-play the part of patrons at the pub. It’s kind of a slow-paced social media site. Registration requires emailing the bartender to ask them for a key, but don’t be shy – they just want to make sure you’re not a spammer. People can subscribe to a feed of just your posts, or a feed of everyone at the pub.
  • Gemlog.Blue is a site that makes it easy to maintain a gemlog. You can register on the WWW side of the site, and create, edit, or delete posts through the web interface, and view them through Gemini. People can subscribe to a feed of your posts.
  • Flounder is another site with a web application for posting. It’s more general-purpose than Gemlog.Blue or the Midnight Pub. The registration page asks where you heard about Flounder, but it’s really just a low-tech anti-spam measure. Tell them this page sent you.

Gemini sites with public account signup

Shared hosting on Gemini today is pretty similar to shared hosting on the WWW in 1999, but in general more community-oriented and friendlier. If you think of these sites as being like GeoCities, but without neon backgrounds and blinking “under construction” GIFs, you won’t be too far wrong.

With these sites, you will sign up, either via the web or email, and have a space that you can access with a native graphical file transfer application such as FileZilla (Windows, MacOS, or Linux). You’ll write Gemtext documents on your own computer, then copy them to your host with Filezilla or a similar program. Some of these sites will want you to send an SSH public key, which may sound too technical, but Digital Ocean has a pretty good guide to using them with FileZilla. It’s focused on their own VPS service, but most of it should apply here, too.

One warning – if you’re on Windows and you’re not careful with how you install Filezilla, you may end up with some additional bundled software you don’t want. For Windows users, I recommend Winscp as an alternative.

  • pollux.casa offers free Gemini hosting on subdomains (like ‘yourname.pollux.casa’) that are also reachable by http. Sign-up is by email to Adële, the host, and access to your files is by SFTP or FTPS. Overall, this seems like one of the most friendly site hosting options for newcomers.
  • If you are a French speaker, you might look at Un bon café, a French Gemini hosting service that aims to be simple and use sFTP for uploading content. They also offer an email hosting service. The service is free.
  • koyu.space offers free hosting. Unlike some of the others, your site gets automatically updated from a git repository you maintain, so this one is probably not best for non-technical people, unless you have a hankering to learn git.
  • SourceHut Pages offers free Gemini hosting. Their setup is probably more complex than non-technical users will want to engage with, but it’s free, and it’s somewhat less involved than running your own Gemini server.
  • Jae’s Gemini pod offers free hosting,
    on a subdomain or your own domain. You’ll need to send the owner a SSH public key, a name for your website, and the domain name or subdomain you want to use.
  • Main Street in Nightfall City offers Gemini, Gopher, and WWW hosting at the center of downtown Nightfall City, home of the Midnight Pub. The hosting here is a little more hands-on, but more flexible. You’ll need an account name and SSH public key. The online help focuses on terminal tools, but you should be able to use FileZilla or similar to upload your pages.
  • si3t.ch offers free shared hosting. Your capsule will have its own subdirectory. Instructions are on the site.

Pubnixes and Tildes

A pubnix is a PUBlic uNIX server, a kind of shared computer for use by members of a community. They’re usually used by logging in to a terminal interface using an SSH (secure shell) client. That’s actually a very good way to dip your toes into the more technical side of Gemini (and Gopher, and WWW) hosting, but it’s understandable if it’s not for you. Many pubnixes offer Gemini hosting to their members.

These are a few pubnixes with Gemini hosting:

Self-hosting guides (here be monsters)

It’s not hard, as these things go to set up a Gemini server on a VPS (Virtual Private Server), a collocated server, or a Raspberry Pi in a shoebox under the bookshelf your router sits on. However “as these things go” covers a lot of evils. You’ll generally need to be familiar with the Unix or Linux command-line, installing software from a distribution repository, and with compiling software from source.

I do not yet have any How-To documents collected for self-hosting a Gemini server. Please let me know if you find or write one!


That’s it! Hopefully by this point you have found some things you want to read on Gemini, ideally things you’ve subscribed to that will keep you coming back. And if things have gone really well, you’ll have established a foothold of your on in Geminispace, and I’ll be reading something you’ve shared in not too long.

If any of the steps in this document were unclear or you need help for another reason, please feel free to email help@geminiquickst.art.

If you see something that’s missing (like a hosting site you want to recommend), or something wrong, please mail info@geminiquickst.art.

Thank you for reading! See you out there!

© Jason McBrayer, 2021 This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License

IBM: We Trust Microsoft, We Don’t Trust the FSF

Posted in Free/Libre Software, FSF, GNU/Linux, IBM, Microsoft, Red Hat at 2:55 am by Dr. Roy Schestowitz


IBM and C sharp

Microsoft and IBM

Summary: It’s rather revealing that the priorities at IBM are hostile towards the Free software community, with Microsoft basically coming before the FSF (which ‘merely’ provides, free of charge, the operating system that IBM sells)

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts