Summary: “This is the same thing that Microsoft has in Windows,” Stallman told me, “so Microsoft can also impose software changes. Any malicious feature that’s not in the program today could be remotely installed tomorrow.”
I think in practice one of the issues is many of the browsers these days have actually got some surveillance built in and one of the usual excuses these days is security, so they try to prevent phishing scams and things like such that are absolute; I think since Internet Explorer version 7 and Google Chrome and other browsers by default they will track the users and leave a trail, or at least provide the corporate maker of the browser, with a list with pages you visit, so the other releases…
“…Google can forcibly impose software changes and the user can’t say no.”Richard Stallman: Those are non-Free programs. Internet Explorer is non-Free and Google Chrome is non-Free. Not only that, Google Chrome has a universal back door, which is another way of saying auto-update; basically it means that Google can forcibly impose software changes and the user can’t say no. This is the same thing that Microsoft has in Windows, so Microsoft can also impose software changes. Any malicious feature that’s not in the program today could be remotely installed tomorrow. So, once a program has a universal back door, you must consider it not merely malware but universal malware. █
There are 273 comics right now which is a lot, so I’ve added a very simple search using list.js. Here’s what it looks like.
It searches based on the title and also a few keywords I manually added, which is why “authoritative nameservers” matches the search “dns”.
I wrote a small custom search function that only matches starting at the beginning of the word, so that the search “tar” doesn’t give you “start”. It feels pretty good to use.
If you want to read the pages from the Bite Size Linux sequel I mentioned that I started writing 2 years ago and never finished, you can search for “linux2”.
[...]
But I felt a bit worried about making all the comics more easily available online because – what if I put them online and then nobody wants to buy the zines anymore?
I decided this week not to worry about that and just do it because I’m really excited about being able to easily link any comic that I want.
The zine business is going really well in general so I think it’s a lot nicer to operate with a spirit of abundance instead of a spirit of scarcity.
On this episode of This Week in Linux, we’re going to check out the latest release of the namesake of this show, the Linux Kernel with Linux 5.12 being released. This episode is just stacked with Distro news with the release of Fedora Linux 34, the Release Candidate of openSUSE Leap 15.3, elementary OS 6 Beta has been released, and we’ll check out version 21 of Calculate Linux. That’s not all for Distro news, I did say it was stacked . . . we also got some Enterprise Distros to discuss with Red Hat Enterprise Linux 8.4 aka RHEL then we’ll check out the CentOS alternatives with AlmaLinux 8.4 Beta & Rocky Linux 8.3 RC. We’ve got some cool mobile hardware news this week with updates from Pine64 about the PinePhone Keyboard Addon and the PineTime SmartWatch. There’s just so much good news this week but there’s also a new Linux Backdoor Malware that was found being named RotaJakiro so we’ll talk about that. All that and much more on Your Weekly Source for Linux GNews!
Linus Torvalds gave a long new email interview to Jeremy Andrews, founding partner/CEO of Tag1 (a global technology consulting firm and the second all-time leading contributor to Drupal). Torvalds discusses everything from the creation of Git, licenses, Apple’s ARM64 chips, and Rust drivers, to his own Fedora-based home work environment — and how proud he is of the pathname lookup in Linux’s virtual filesystem. (“Nothing else out there comes even close.”)
Since the publishing of the provisional Vulkan Video specification last month, the only driver on Linux to have exposed any early Vulkan Video support is NVIDIA’s Vulkan beta Linux driver. But it would appear that Intel’s open-source developers are working at least towards eventually handling this video acceleration API.
Given how well Intel has been maintaining their open-source “ANV” Mesa Vulkan driver for Linux systems, it shouldn’t come as much of a surprise that they would likely be supporting Vulkan Video too. While they don’t yet have any public implementation to showcase, a new Vulkan extension proposal this week seems to indicate they are working in that direction.
While PipeWire continues garnering interest this year for improving Linux sound in user-space, the kernel’s sound drivers continue to be improved upon as well and tacking on support for new devices.
On Friday the Linux 5.13 sound updates were sent out and subsequently merged to mainline. For this next kernel version there is the introduction of a VirtIO Sound driver that complies with the new VirtIO sound device specification that is part of this I/O virtualization standard. The VirtIO sound is intended for use-cases where audio is needed but device pass-through or emulation is not available or preferred.
In this tutorial, we will show you how to install Centrifugo on Ubuntu 20.04 LTS. For those of you who didn’t know, Centrifugo is a scalable real-time messaging server in a language-agnostic way. It can use as a free alternative to pusher.com services. Centrifugo supports WebSocket and SockJS. Websocket or SockJS connections from application clients (from web browsers or other environments like iOS/Android apps). When you need to deliver an event to your clients in real-time you publish it to Centrifugo API and Centrifugo then broadcasts the event to all connected clients interested in this event (i.e. clients subscribed to the event channel). In other words – this is a user-facing PUB/SUB server.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Centrifugo on an Ubuntu 20.04 (Focal Fossa) server. You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
In this article, you will learn 5 common uses of mv command in Linux. The mv command is not only used for moving files but also for renaming files. However there’s more that you can do with this utility command.
This is quick guide howto remove unwanted UEFI entries on Linux using efibootmgr.
Sometimes just efibootmgr commands are enough to remove UEFI entries, but some UEFIs need EFI System partition modifications or all UEFI entries are regenerated on reboot.
For those curious about the Steam on Linux gaming marketshare always as we begin a new month, Valve published their April 2021 figures overnight.
In March the Steam on Linux gaming marketshare was 0.85%… Pretty much since Steam Play came out for running Windows games on Linux, the marketshare grew and has consistently held in the 0.8~0.9% range. It’s flirted with 1% but hasn’t been above that threshold in years since Steam on Linux first came out and had around a 2% marketshare albeit with a smaller overall Steam customer base at that time.
Another week down, plenty of items missed that we couldn’t fit in. Here’s your Sunday Section going over a few random bits of news. Grab a coffee and enjoy.
How about some Linux distribution news?
siduction, the distribution based on Debian unstable/sid wrote a blog post to announce the death of Axel Beu. Someone who not many will know but Beu was important to siduction, as their major sponsor that made the project actually sustainable. As a result, they now need to take outside donations so they’ve setup a spot on Open Collective – one for the EU and the US. R.I.P Axel Beu.
Solus, the home-grown distribution with its own Budgie desktop environment has a new development blog post up, which highlights that they’ve now: released Budgie 10.5.3 with plenty of bug fixes, introduced support for the GNOME 40 stack, lots of quality of life changes have also been made along with upgrades to KDE Framework 5.81.0 and Plasma 5.21.4 as well.
Few years ago, i was quite lucky to get 3 free games from Ubisoft Holiday Bundle, Assasin Creed IV: Black Flag, World in Conflict: Complete Edition, and Watch Dogs. I played Assasin Creed IV for a while under Windows in my spare time, but later on, i rarely login to my Windows machine (it’s only available on my laptop, not in my other machines), so it’s kinda abandoned.
The arrival of Steam under Linux does give some inspiration, but it also comes with it’s own problems. In order to install/use Steam you need to have 32 bit libraries installed. This can be achieved in Slackware by using multilib provided by Eric Hameleers, but you must be really careful when using Slackware-Current since changes in -current can break your multilib. It’s not officially supported by Slackware, so you must rely on community to help your issues if you encountered them. Many people have been using this approach and it worked just fine for them. I didn’t install multilib on my machines because i’m not really a hard core gamers. I just play games on my spare time and it’s not my highest priority.
If you are a gaming and Linux enthusiast, you have probably been pondering for a long time about how to play professional games in a Linux environment. No wonder earlier gaming was a daydream on Linux distributions. But with the development of Steam, you can now smoothly play games on Linux. Steam had become available for Linux in 2013; since then, the popularity graph of Steam has been increasing. Even if you are not a gamer, you would not mind giving Steam a shot to check how it works on Linux.
Well, how smooth and good Steam is on Linux? Can it utilize the GPU cores as Widows or Mac can? Do games buffer on Steam? If you are a newbie in Steam, a lot of questions are playing around your head. All the answers are about to end, only if you stay with the post till the end.
The lives we led before we arrived where we are now sometimes feel like a distant land full of memories we can’t quite recall. And sometimes we have lived experiences that we’ll just never forget. Many times those experiences teach us and help us appreciate where we are today. We may even wish for those days as we recount our past lives.
What did you do before tech? Tell us in the comments.
I did janitorial work in the university cafeteria after it closed every day, and I got extra pay cleaning it up after live gigs held there (which happened about 4 times a year). We started to clean up for the following morning after the venue was vacated about 4 am, and had to get it cleaned and set up for opening the following morning at 7 am. That was fun. I worked summers in a livestock mart in the West of Ireland, running the office, keeping the account books, minding the cash that came through. I also had stints as a barman, lecturer, and TA at a local university while I was a post-grad, and once spent a few days stocking a ship with boxes of frozen fish in a Dutch port. —Dave Neary
I was a musician in the Marine Corps, but being a bassoonist in the Corps means that you’re mostly playing bass drum. After burning out, I changed to data comms for my second enlistment. —Waldo
Developers of the Debian Linux distribution have re-elected Jonathan Carter as the leader of the free operating system project.
Jonathan Carter is a South African based in Cape Town who works part-time for the African Institute for Mathematical Sciences, where he does system administration work on the institutional network that it uses in its centers across Africa. He has served as the Debian Project Lead since April 2020 and was re-elected for another year.
Carter had only one opponent, Sruthi Chandran. She contested the elections in 2020 as well, but was unsuccessful that year too. Carter received 421 votes while Chandran was backed by 312 developers. The project has more than 1000 developers spread all over the globe.
I’ve got my Raspberry Pi 4 upgraded to 21.04. So far I am liking what I am encountering. Since this is a production machine I am not willing to shift it to testing Impish Indri.
We published information about Allwinner D1 SBC and processor a few weeks ago. The news was pretty interesting as it’s the first RISC-V processor from the company, and one of the first affordable RISC-V SBC.
But all we had at the time was hardware information from a leak, or rather from China-only Allwinner developer website. But now the company has added more information to its open-source development website with the release of documentation, now only in Chinese, as well as the Allwinner D1 Tina SDK.
The law doesn’t yet cover smartphones and tablets that she says are getting harder to fix. One problem is keeping older devices updated with new software.
But she hopes that some repair requirements for such devices will be introduced by 2023.
There is a vulnerability about Command Injection in RDoc which is bundled in Ruby. It is recommended that all Ruby users update RDoc to the latest version that fixes this issue.
[...]
RDoc used to call Kernel#open to open a local file. If a Ruby project has a file whose name starts with | and ends with tags, the command following the pipe character is executed. A malicious Ruby project could exploit it to run an arbitrary command execution against a user who attempts to run rdoc command.
In the 90th I was a student and the pager for me was something like a Star Trek Communicator, a piece of the cutting edge technology. It is fun to remember it because now I know that technologically the paging protocol is very straightforward. From the encoding perspective, the pager is not so different from the wireless doorbells that are selling now for 5$ in Aliexpress.
[...]
Bits are encoded with a frequency shift keying (FSK) modulation using 9 kHz bandwidth and 1200 bits per second speed, all this message is transmitting in about 0.5s.
Looks simple, and it really is. I will skip the details, those who are interested can read the protocol specification. It is even easy to draw all these bits with pen and paper — these protocols were simple in the past, I think nobody can do it with modern GSM or WiFi. In POCSAG messages there is no authentication, no security keys — all messages to all paging company customers are available on-air “as is”, and by the way, can be easily decoded with PC software like PDW.
How customers are receiving their messages? Every pager has its own unique ID, called CAP — Channel Access Protocol or RIC — Receiver Identification Code. All pagers from the paging provider are listening to the same frequency, let’s say, 164 MHz. If the message code is equal to the pager code, the pager saves the message and makes the loud “beep”. That’s it. It’s a one-way communication, there is no confirmation sending back, the pager has only the receiver and no transmitter at all. The logic and hardware are extremely simple, and because of that, the pager can work for more than a month from a single AAA battery. Interestingly, pagers are still in use in some countries even now — in the hospitals or emergency services, where it is important to have a portable and lightweight device with long battery life.
A team of University of Virginia School of Engineering computer science researchers has uncovered a line of attack that breaks all Spectre defenses, meaning that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced. The team reported its discovery to international chip makers in April and will present the new challenge at a worldwide computing architecture conference in June.
The researchers, led by Ashish Venkat, William Wulf Career Enhancement Assistant Professor of Computer Science at UVA Engineering, found a whole new way for hackers to exploit something called a “micro-op cache,” which speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process. Micro-op caches have been built into Intel computers manufactured since 2011.
Because all current Spectre defenses protect the processor in a later stage of speculative execution, they are useless in the face of Venkat’s team’s new attacks. Two variants of the attacks the team discovered can steal speculatively accessed information from Intel and AMD processors.
“Intel’s suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute,” Venkat said. “But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.”
“In the past, I have been a little more reserved with how aggressive I have gone after these people, but the longer this pandemic went on, and the more and more misinformation we started seeing as health care workers on social media, the less I started caring about my tone and coming across a certain way,” Sparks said.
This has earned her a massive following on TikTok. Her account has more than 467,000 followers and her videos rack in hundreds of thousands — and sometimes millions — of views.
Sparks said she is not only looking for the removal of health care misinformation on the platform, but she also wants accountability.
Riding on the success of its iPhone 12 series, Apple captured 42 per cent market share (by value) in the global smartphone market that posted a record $113 billion in sales for the first time in the first quarter (January-March) this year, according to a new report.
After a controversial blog post in which CEO Jason Fried outlined Basecamp’s new philosophy that prohibited, among other things, “societal and political discussions” on internal forums, company co-founder David Heinemeier Hansson said the company would offer generous severance packages to anyone who disagreed with the new stance. On Friday, it appears a large number of Basecamp employees are taking Hansson up on his offer: according to The Verge contributing editor Casey Newton’s sources, roughly a third of the company’s 57 employees accepted buyouts today. As of Friday afternoon, 18 people had tweeted they were planning to leave.
Going back about a half-decade has been the Landlock Linux Security Module (LSM) as a means of allowing even unprivileged processes to create “powerful security” sandboxes. After a number of rounds of reviews and revisions over the year, Landlock has finally been mainlined for Linux 5.13!
The Landlock LSM pull request was submitted earlier in the week and wasn’t acted upon right away leaving us to wonder if it would be another cycle where it’s left out… But on Saturday night Linus Torvalds went ahead and merged it.
FLoC (Federated Learning of Cohorts) is a new technology that aims to solve the privacy concerns associated with cookies. Unlike the old way of using 3rd party cookies to build an advertising ID, FLoC uses data from your searches to place you into a predefined group (called a cohort) of people interested in similar topics as you.
Advertisers can then serve the same ads to the group of people that are most likely to purchase their product. Because FLoC is built into Chrome, it can collect much more data than third-party cookies. For the average consumer, this should be a huge concern.
In simple terms, if cookies were bad, then FLoC is down-right evil.
In the dying months of his administration, President Donald Trump removed from the United States terrorist list a little-known paramilitary organization called ETIM, an acronym that stands for either the East Turkestan Independence Movement or the East Turkestan Islamic Movement, depending on whom one asks. The group is also sometimes known as the [East] Turkestan Islamic Party (TIP or ETIP).
A decisive US public opinion shift must also not be ignored, as it is empowering voices within the Democratic Party to speak out more freely without jeopardizing their political careers.
The decision to charge Nearman follows a monthslong investigation by state police that began Dec. 21. As lawmakers met in a special legislative session to take up COVID-19 relief that day, surveillance footage showed Nearman exiting the locked Capitol building into a throng of protesters who were trying to get inside the statehouse. In doing so, he appeared to purposefully grant entrance to far right groups demanding an end to ongoing restrictions related to COVID-19.
President Joe Biden — he’d probably be just as happy with his nickname Amtrak Joe — celebrated the national rail system’s 50th anniversary Friday by urging huge funding increases as part of a $2.3 trillion US infrastructure makeover.
Dubbed the passenger rail system’s best customer, Biden became famous for daily commutes between Washington and his Delaware home during the 36 years he was a senator.
The strength of the progressive movement nationwide has pushed this administration further than what many of us expected. But we cannot accept these moves as enough—they are only the beginning.
Well-known American YouTuber Hailey Jane Richards (莫彩曦) has been granted an Employment Gold Card by the Taiwanese government for her promotion of Taiwan through online videos and foreign media.
In a released statement on Tuesday (Feb. 16), the National Immigration Agency (NIA) announced that it has approved Richards’ application for an Employment Gold Card (就業金卡) filed last year. It said the 23-year-old San Francisco native has helped spread a positive image of Taiwan and increased the country’s visibility on the global stage.
There are, however, two modest constraints on meaning we can observe: the notions that cancel culture is something new, and that it comes exclusively from the left. The reality is exactly the opposite. For as long as culture has been changing, conservatives have tried to stop it by suppressing or demonizing anything that challenges their worldview. Not all conservatives, of course, and not in all ways. But this has been a central thrust of conservative thought, not just in the modern political era, when the terms “liberal” and “conservative” emerged, but as far back as ancient Greece, as Eric Alfred Havelock showed in “The Liberal Temper in Greek Politics.”
What happened? The answer is a form of nationalist backlash that is increasingly common. Soon after Ms Zhao won the Golden Globe, internet-users dug up comments she had made in 2013, saying China is “a place where there are lies everywhere”. Censors pounced, removing any mention of her from the Chinese internet.
Nationalist [astroturfers] have long been intolerant of speech they deem critical of China. The government is now endorsing these attacks, perhaps for fear of looking weak if it doesn’t. It has intervened to cancel the distribution of “Nomadland” in China.
Ms Zhao is not the first to be dealt with in this way. In June last year Hao Haidong, a Chinese footballer who is the country’s top scorer and now lives abroad, said that the Communist Party’s rule “has caused horrific atrocities against humanity”. Chinese websites swiftly deleted his name.
A leading indigenous activist in Brazil said she has been summoned to appear before police after being accused of “slandering” the government of far-right president Jair Bolsonaro.
Other Bolsonaro critics have been interrogated by police in recent months, part of what one newspaper called an “intimidation campaign” by the government.
“I was summoned by the Federal Police in connection with an investigation into the Maraca series,” Sonia Guajajara, the coordinator of the Association of Brazil’s Indigenous Peoples (APIB), said Friday on Twitter.
Since the new leader, Muhyiddin Yassin, was sworn in on March 1, 2020, press freedom has come under attack, with the government relying on pre-existing laws, and a new “anti-fake news” decree targeting journalists, media experts say.
These measures introduced during the pandemic, along with cases of journalists being questioned or raided by police over their coverage, led to an 18-point decline for Malaysia on the annual World Press Freedom Index. Released by media watchdog Reporters Without Borders (RSF), the index ranked Malaysia 119 out of 180 countries, with 1 being the most free.
Jackie Thomas pulled up to her child care center, Damion’s Place, picked up the mail and stretched out beside a baby on a giraffe-printed playmat. She opened a letter from state regulators who had sent over a motion in their case to shut her down. In the chaos of the past year, they’d found Jackie’s center in Overland Park, Kansas, out of compliance in small ways, like having a trash can without a lid, and larger ones, like being understaffed. A hearing was scheduled for Feb. 17, three weeks away.
As Jackie held the letter, a teacher delivered more bad news: She was planning to leave for nursing school, adding herself to the long list of staff Jackie had lost. Jackie ran a separate day care in her home, just across the border in Lee’s Summit, Missouri, but she relied on employees to operate Damion’s Place. If she didn’t hire new teachers fast, she’d be down to only one who was approved by the state: her 71-year-old mom, Bonnie, who’d stepped in to help.
Philadelphia public broadcaster WHYY (4/24/21) was one of the few outlets to report on an April 24 rally seeking the release from prison of Mumia Abu-Jamal. The story included important information on Abu-Jamal, who is serving a life sentence for the 1981 killing of Philadelphia police officer Daniel Faulkner.
Apple will head to federal court in California on Monday to defend itself in an antitrust trial with Epic Games, a case that is expected to be closely watched in Washington as lawmakers and regulators crack down on the market power of Silicon Valley giants.
Epic Games is suing Apple over claims of anti-competitive behavior. The dispute stems from Apple’s decision in August to kick Epic’s popular Fortnite game out of its app store after the developer set up its own payment system in an attempt to avoid the 30 percent commission fees charged by Apple.
The trial comes amid a backdrop of federal and state-led antitrust lawsuits against tech giants, including Facebook and Google, and as Congress weighs steps to revamp antitrust laws after a House Judiciary panel released a blockbuster report alleging Apple and other companies stifled competition.
Apple Inc.’s App Store had operating margins of almost 78% in fiscal year 2019, according to testimony from an Epic Games Inc. expert witness based on documents obtained from the iPhone maker.
The figure comes from Ned Barnes, a financial and economics researcher, who said he obtained documents “prepared by Apple’s Corporate Financial Planning and Analysis group and produced from the files of Apple CEO Tim Cook.”
It’s antisuit time again. The related case law is evolving in ever shorter intervals, and I’ll give a talk about that topic on May 19 in a European Commission (specifically, DG GROW) webinar, entitled Enforcement of Standard-Essential Patents — current bottlenecks and possible solutions. I’ll be one of the three panelists on antisuit injunctions, and I’m looking forward to providing an overview of extraterritorial issues in standard-essential patent (SEP) litigation and their interdependencies. I’ll talk a
Then they came for the activists