Bonum Certa Men Certa

Links 9/6/2021: GRUB 2.06, New GeckoLinux



  • GNU/Linux

    • Audiocasts/Shows

      • Pipewire: Linux Audio Still Needs A Lot Of Work

        I've been using Pipewire for a few months and since my initial video I've noticed more and more problems showing up and I felt like I needed to do a follow up video, I am starting to get really concerned with distros that are starting to ship it as a default.

    • Instructionals/Technical

      • Getting Started With Swap Files on Linux

        A swap file in Linux is a file on your hard disk that the Linux kernel uses to store variable data of the applications running on your computer. A process known as swapping is responsible for transferring the data to a swap file when the Random Access Memory (RAM) doesn't suffice.

        Imagine you are running a memory-intensive application and the system starts using 100% of the RAM, the Linux operating system will use a swap file to avoid your RAM from filling up and rendering your system non-responsive or worse: crashing.

      • Analyzing cases for and against setting swap space on cloud instances | Enable Sysadmin

        If you want to start an argument with a Linux user, ask about swap memory. Some praise it as a cushion or as a safety net while others disparage it as a crutch and a destroyer of system performance.

      • How to Install and Configure Zabbix on Ubuntu/Debian

        System administrators often use monitoring tools such as Zabbix to keep an eye on servers, virtual machines, devices connected to their network, and more. Zabbix is a great tool that provides a graphical interface to control and manage these services efficiently.

        But the installation process of Zabbix on Linux is quite long and confusing. This article will demonstrate how to easily install Zabbix and its prerequisites on a system running Ubuntu or Debian.

      • How To Install Neos CMS on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install Neos CMS on Ubuntu 20.04 LTS. For those of you who didn’t know, Neos is a modern free and open-source content management system that can be used to build and manage websites easily. It is based on its own PHP framework that allows you to build a perfectly customized experience. Neos CMS has many valuable features that appeal to both content editors and developers, such as inline editing, full Unicode support, complete internationalization, and built-in SEO.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Neos open source content application platform on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to Install Blender 2.93 LTS via Another PPA in Ubuntu 20.04, 21.04 | UbuntuHandbook

        The free and open-source 3D modeling software Blender 2.93 was announced as LTS (Long Term Support) release.

        Blender 2.93 is the last major milestone of the 2.x series. And the next Blender 3.0 is under development now.

        “Blender 2.93 brings 22 new nodes to the Geometry Nodes editor, mesh primitives support, adds the much anticipated Line Art modifier to automatically generate grease pencil lines around objects, a new and faster fill tool, and many Eevee renderer improvements.”

      • How to Install and Configure Zabbix on Ubuntu/Debian

        System administrators often use monitoring tools such as Zabbix to keep an eye on servers, virtual machines, devices connected to their network, and more. Zabbix is a great tool that provides a graphical interface to control and manage these services efficiently.

        But the installation process of Zabbix on Linux is quite long and confusing. This article will demonstrate how to easily install Zabbix and its prerequisites on a system running Ubuntu or Debian.

      • How to Change the Default Shell on Linux With chsh

        A shell is a program that acts as the outermost layer of an operating system through which you interact with its various programs and services. Most Linux distros use bash as their default shell. However, you're free to choose another shell for your system if you want.

        Besides bash, Linux also supports other shell programs, such as ksh, zsh, csh, and fish. Each of these shells has some unique characteristic that sets them apart from bash and the other shells.

        Let's dive in to learn more about shell and how to change your default Linux shell.

    • Games

      • Incredible top-down-shooter Brigador gets a huge free enhancement

        Brigador: Up-Armored Edition, a beautiful cyberpunk top-down shooter with awesome city-wide destruction has a big free upgrade out now for all players. Stellar Jockeys / Gausswerks have clearly been busy while building the next game with Brigador Killers.

        Soaked in glorious neon with big tanks and stomping mechs, Brigador is a serious treat for the eyes. Probably is one of my favourite top-down shooters. The Blood Anniversary Update is certainly something too coming with the addition of blood for fleshy enemies, some big weapons now leave nice craters, special pilots from two other indie games (Cruelty Squad and Starsector) have been added, four new optional missions in the campaign, "wildcard" enemies might spawn during Freelance skirmishes, 11 new vehicles, new lore and the list goes on.

      • How to install Starcraft 2 on Ubuntu Linux

        In this Linux guide you will learn how to install Starcraft 2 on Ubuntu Linux. The Starcraft 2 game has been released free of charge for anyone with registered Battle.net account. Before you proceed with the installation make sure that you have correctly installed an appropriate VGA driver whether it is for your NVIDIA or Radeon graphic card.

      • GameMode GNOME Shell Extension Finally Supports the GNOME 40 Desktop

        If you’re an avid Linux gamer like me, you should know that the GameMode GNOME Shell extension developed by Christian Kellner has just been updated today to work on the GNOME 40 desktop environment series.

        When installed, the GameMode GNOME Shell extension adds an icon on the system tray area of GNOME’s top menu bar to show you when the GameMode daemon is active or not. Of course, for it to work, your distribution needs to ship with Feral Interactive’s GameMode daemon.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • How to Upgrade to KDE Plasma 5.22 from 5.21

          The KDE team announced the stable release of KDE Plasma 5.22 with new features, improvements, and bug fixes. Here, in this quick guide, we give you the steps to upgrade to KDE Plasma 5.22 from 5.21.

        • KDE Plasma 5.22 Released

          KDE Plasma 5.22 is now available, bringing "hugely improved" Wayland support, better performance for gaming, adaptive panel transparency for the panel and widgets, and more.

    • Distributions

      • Manjaro Cutefish Edition is a community spin with a macOS-like design for this Linux distro

        Cutefish is a new(ish) desktop environment for GNU/Linux distributions that includes Apple-inspired design elements including a dock, icons, and color theme. While the developers seem to have plans to release an operating system called CutefishOS that’s based on Arch Linux soon, the easiest way to take the software for a spin at the moment is with the new Manjaro Cutefish Edition.

        This community spin of Manjaro Linux comes with the Cutefish application dock, file manager, calculator, status bar, full-screen application launcher, and other packages pre-installed. And it’s a pretty nice take on the desktop environment… although it’s also a bit familiar looking.

      • How to choose the right Linux distribution

        Selecting the right Linux distribution out of the gate could make the difference between enjoying a long, productive life with the operating system or a short-term experience filled with frustration.

        But for many, the hundreds of options can be overwhelming. Of course, all of those varied choices, are (at the same time) one of the many reasons Linux is such a great operating system. You can have a desktop operating system that perfectly fits your needs and style.

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • kde plasma desktop updated to 5.22.0

          KDE Plasma desktop packages have been updated from 5.21.5 to 5.22.0. It is recommended that you reboot after the update completes so the new libraries can load. Release notes for this awesome desktop from the KDE developers can be found here.

      • SUSE/OpenSUSE

        • GeckoLinux STATIC and NEXT 153.210608 released

          GeckoLinux is pleased to announce the 153.210608 update to its full range of STATIC and NEXT editions. These updated editions are now based on the new openSUSE Leap 15.3 release, which in turn is built from SUSE Linux Enterprise (SLE) packages. The Linux kernel is still at version 5.3.18, but additional backports are included for better compatibility with newer hardware. GeckoLinux in turn continues to refine its package selection and unique configuration to provide a simple, clean system that works out of the box. For this GeckoLinux STATIC release, the Calamares installer is now at version 3.2.36, and has been configured to use the Btrfs filesystem with LZO transparent compression by default for the guided partitioning options, although of course all other modern Linux filesystems are also available with the custom partitioning option. When Btrfs is used, the Snapper system is now pre-configured for automatic timeline and administration snapshots, which can be easily managed via the YaST Filesystem Snapshots module. Additionally, zRAM swap is enabled out of the box, and the EarlyOOM daemon is also enabled to help prevent unrecoverable system freezes in low memory situations. NTP for automatic network time updates is now configured out of the box for all editions. Attention has also been given to using the appropriate input driver (libinput or Synaptics) for each desktop environment, and other minor tweaks and improvements are included in several editions. A variety of GeckoLinux STATIC ISO spins are available with polished desktop environments to suit every need and preference...

      • IBM/Red Hat/Fedora

        • VzLinux: Another CentOS clone that could easily power your data center

          Make no mistake, VzLinux didn't just appear from the shadows to ride on the coattails of the failure that is now CentOS. VzLinux has actually been around for over 20 years, serving as the base operating system for OpenVz, and various Virtuozzo commercial products, a company that specializes in virtualization products, and was divested from Parallels in 2016.

          Although VzLinux has been around for some time, the 8th release of the enterprise-ready Linux distribution should sound quite familiar. VzLinux is a free, 1:1 binary compatible fork of Red Hat Enterprise Linux 8. Just like Rocky Linux, AlmaLinux and so many others.

        • New open source agriculture project, Stack Overflow survey, and celebrate open source maintainers [Ed: Openwashing and boosting of Microsoft events in a site called Open Source dot com]
        • Automating the heck out of your ops: Reclaim Your Time by using Cloud Pak for Watson AIOps – IBM Developer

          It has become a common practice for developers to own more operational aspects of their product’s lifecycle in what is commonly known as DevOps. This brings with it several challenges especially in context for developers who may only be responsible for ops on a rotating or part-time basis.

          Some examples include: finding the needle in a haystack, navigating disjointed tools, managing time pressure, and an increasing number of services, applications, and their relationships. All of this while they are still crafting new code.

          Let’s go into more detail starting with time pressure. In 2016, a major airline had a five hour outage which cost an estimated $150M. That’s over $8,000 per second — talk about pressure! Combine this with having separate tools for your logs, metrics, tickets, chat, documentation, and more, as well as the increase in complexity in modern cloud architectures where applications consist of 100s or 1000s of microservices. This environment presents a steep hill for developers to climb.

      • Canonical/Ubuntu Family

        • Ubuntu Blog: King Abdullah University of Science and Technology taps Canonical for cloud computing overhaul

          Canonical, the publisher ofUbuntu, announced today that it is working with King Abdullah University of Science and Technology (KAUST), a postgraduate university in Thuwal, Saudi Arabia, on a major upgrade of its cloud computing infrastructure. The project makes it easier and more economical for KAUST to manage its cloud environment while ensuring the high levels of computing performance that researchers need.

          Even by the standards of most universities, KAUST’s computing requirements are intense. The institution is dedicated exclusively to scientific and technological research, with all students undertaking PhD or master’s studies. Its network must be able to support a wide variety of workloads without downtime.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open source is a community, not a brand [Ed: Nope, "Open Source" is a brand for openwashing whereas Free software is a community]

        It’s no longer a question of why should you use open source. The tables have turned and businesses are asking themselves why aren’t they using open source? But an even bigger question has been left unanswered, and that is how are they using open source? Are they staying true to the open source meaning?

        As open source has become increasingly more popular, companies have begun to adopt open source for the brand, but then try to go against the purpose of open source, according to Gordon Haff, a technology evangelist at open-source company Red Hat. “I’ve definitely been on a lot of calls where one of the first things I’ll ask business leaders is why do you want to be open source, and often the answer is: because our customers seem to like that, but we don’t want Amazon to compete with us. We don’t want someone else to compete with us. We want to be able to maintain some proprietary parts of our software,” he said.

      • The battle of open-source licenses

        Earlier this year, Elastic reignited the open-source licensing debate when it announced it would be changing its license model to better protect its open-source code. Over the last couple of years, a number of companies — including Redis Labs, MongoDB, Cockroach Labs, and Confluent — have been switching their open-source licenses to avoid what they call “the big code robbery,” where cloud providers like Amazon take their successful open-source project, adopt and profit off it as a cloud service without giving back to the community.

        “Cloud vendors do not care about monetizing FOSS projects, they are about getting more workloads running on their infrastructure — hence, to be the preferred destination for such workloads,” said CloudBees’ co-founder and chief strategy officer Sacha Labourey.

        Confluent created a new community license, and MongoDB announced its Server Side Public License (SSPL) to combat cloud providers. In January, Elastic announced it would move its Kibana and Elasticsearch open-source projects to a dual license under the Elastic License v2 and SSPL.

      • Understanding the new “open” licenses

        The Commons Clause was one of the first licenses that came out to try to combat cloud providers. It made headlines and caused an uproar in the open-source community when Redis Labs announced it was switching to the license. Under the clause, users do not have the right to sell the software, meaning third parties can not sell the software for a fee or as a product or service.

        It was drafted by Heather Meeker, a specialist in open-source software licensing and strategy, and meant to complement other licenses. Applying the Commons Clause to an open-source project means the source code is available and enables users to modify and distribute it, but it does not comply with the Open Source Initiative’s (OSI) 10 guidelines for open source.

      • Top 13 Open-Source Groupware Solutions for enterprise

        Groupware is an environment where all users can share their documents. It is a technology used for the daily task of communicating, collaborating, coordinating with others take place. You can think of it as a technology designed to be used by a group of people for sharing information.

        [...]

        We have seen in this list many good open-source Groupware Solutions that you may use in your organization. Which one of them to choose depends on what type of features or scenarios your business and teams is going to need.

        There are some other open-source Groupware Solutions too, you can search about them online to find more information.

      • Banks back Harmony as Huawei debunks Chinese state ownership rumours

        Despite international sanctions and scepticism from competitors, Huawei’s newly released Harmony operating system (OS) has been picking up steam. Three major Chinese banks recently announced that they would support and integrate the domestically-developed operating system. Meanwhile, rumours that the tech giant had donated HarmonyOS (known as HongmengOS in China) to the Ministry of Industry and Information Technology rattled Chinese social media over the weekend.

        The Bank of China, China CITIC Bank and China Guangfa Bank announced on Friday that they had access to the newly released HarmonyOS and fully supported the integration of the operating system.

        The Bank of China said that it would cooperate with Huawei to launch the Atomic Service of banknote reservations in the HarmonyOS system. This would allow consumers to make reservations by searching for the app in the Service Centre, without the need to download or install any new programmes.

      • Forked DEX On Binance Chain Tests Uniswap & Legal Limits

        Uniswap v3, or the third version, has been deployed to the Ethereum mainnet on May 5. The team behind the project stressed that "Uniswap v3 Core will launch under the Business Source License 1.1—effectively a time-delayed GPL-2.0-or-later license. The license limits use of the v3 source code in a commercial or production setting for up to two years, at which point it will convert to a GPL [General Public License] license into perpetuity."

      • Version 8 of open-source code editor Notepad++ brings Dark Mode and an ARM64 build, but bans Bing from web searches

        Version 8.0 of the popular Windows editor Notepad++ has arrived with new features including Dark Mode, a native build for ARM64, and optional new toolbar icons using the Fluent UI.

        Despite the seemingly unstoppable rise of Visual Studio Code, there is still a place for a fast and capable native code editor. Notepad++ is coded with C++ and based on the Scintilla editor component.

        Notepad++ is open source under the GPL 3 (or later) licence. It has never been the prettiest of editors, but has lots of nice features like syntax highlighting and code completion for a huge range of languages, a range of character encodings and the ability to convert between them, understanding of Unix-style line endings, ability to collapse sections of text, macro and plugin support, and more.

      • Pavit Kaur: GSoC: About my Project and Community Bonding Period

        To start writing about updates regarding my GSoC project, the first obvious thing I need to do is to explain what my project really is. So let’s get started.

        [...]

        Debian is a huge system with thousands of packages and within these packages exist inter-package dependencies. So if any package is updated, it is important to test if that package is working correctly but it is equally important to test that all the packages which are dependent on this updated package are working correctly too.

        Debci is a platform serving this purpose of automated testing for the entire Debian archive whenever a new version of the package, or of any package in its dependency chain is available. It comes with a UI that lets developers easily run tests and see their results if they pass or not.

      • Introducing the Open Source Insights Project

        Google has been working on software supply-chain security for many years, and transitive dependencies remain one of the most complex and least understood aspects. While we will be integrating this data into our Cloud and internal products in a variety of ways, we believe there is an immediate value in helping developers understand and visualize dependencies. Today, we are excited to share an exploratory visualization site: Open Source Insights, which provides an interactive view of the dependencies of open source projects.

      • Google’s Open Source Insights Visualizes Package Dependencies

        The tool “continuously scans millions of projects in the open source software ecosystem, gathering information about packages, including licensing, ownership, security issues, and other metadata” to help you make informed decisions about building and using open source software.

      • Web Browsers

        • Mozilla

          • Dennis Schubert: WebCompat Tale: CSS Flexbox and the order of things

            Have you thought about the order of things recently? Purely from a web development perspective, I mean.

            The chances are that you, just like me, usually don’t spend too much time thinking about the drawing order of elements on your site when writing HTML and CSS. And that’s generally fine because things usually just feel right.

          • 11 secret tips for Firefox that will make you an internet pro

            With Firefox, getting around the internet is fast, straight-forward and easy. Now you can go beyond the basics with these secret and not-so-secret tricks that make your internetting experience even more fun. Read on for some of our favorite Firefox features that you may not know about… yet.

            [...]

            Tab hoarders, we see you. Heck, we are you. Don’t ever let anyone shame you for having dozens (and dozens3) of open tabs, implying you don’t have it together and can’t find the right one. Instead, dazzle them with this trick. Add a % sign to your URL search to search specifically through all your open tabs, including tabs in different windows. Then you can click over to the already open tab instead of creating a duplicate, not that anyone has ever done that.

      • Productivity Software/LibreOffice/Calligra

        • Tender to implement master document fixes (#202106-02)

          The Document Foundation (TDF) is the charitable entity behind the world’s leading free/libre open source (FLOSS) office suite LibreOffice.

          We are looking for an individual or company to implement master document fixes.

          The documentation team regularly publishes guides and books. The underlying workflow requires to fix bugs and issues with the master document feature of Writer.

      • FSF

        • GNU Projects

          • GRUB 2.06 release
          • GRUB 2.06 Released With BootHole Fixes, LUKS2 Encrypted Volume Support

            It's shipping one year late but GRUB 2.06 is now officially available as the latest version of this widely-used open-source bootloader.

            GRUB 2.06 had been aiming for release in 2020 but that didn't happen and now finally mid-way through 2021 this big release has been realized. The GRUB 2.06 release candidate had been available for testing since March and now deemed good enough for stable.

      • Programming/Development

        • Implementing Private Fields for JavaScript

          When implementing a language feature for JavaScript, an implementer must make decisions about how the language in the specification maps to the implementation. Sometimes this is fairly simple, where the specification and implementation can share much of the same terminology and algorithms. Other times, pressures in the implementation make it more challenging, requiring or pressuring the implementation strategy diverge to diverge from the language specification.

          Private fields is an example of where the specification language and implementation reality diverge, at least in SpiderMonkey– the JavaScript engine which powers Firefox. To understand more, I’ll explain what private fields are, a couple of models for thinking about them, and explain why our implementation diverges from the specification language.

          [...]

          The most basic mental model one can have for private fields is what it says on the tin: fields, but private. Now, JS fields become properties on objects, so the mental model is perhaps ‘properties that can’t be accessed from outside the class’.

          However, when we encounter proxies, this mental model breaks down a bit; trying to specify the semantics for ‘hidden properties’ and proxies is challenging (what happens when a Proxy is trying to provide access control to properties, if you aren’t supposed to be able see private fields with Proxies? Can subclasses access private fields? Do private fields participate in prototype inheritance?) . In order to preserve the desired privacy properties an alternative mental model became the way the committee thinks about private fields.

        • Reasons why bugs might feel "impossible"

          Of course, bugs always happen for logical reasons, but I’ve definitely run into bugs that felt like they might be impossible for me to understand (until I figured them out!)

          I got about 400 responses, which I’ll try to summarize here. I’m not going to talk about how to deal with these various kinds of “impossible” bugs in this post, I’ll just try to classify them.

          Here are the categories I came up with for ways a bug might feel impossible to understand. Each one of them has a bunch of sub variants which are bolded below.

        • Jussi Pakkanen: An overhaul of Meson's WrapDB dependency management/package manager service

          For several years already Meson has had a web service called WrapDB for obtaining and building dependencies automatically. The basic idea is that it takes unaltered upstream tarballs, adds Meson build definitions (if needed) as a patch on top and builds the whole thing as a Meson subproject. While it has done its job and provided many packages, the UX for adding new versions has been a bit cumbersome.

          Well no more! With a lot of work from people (mostly Xavier Claessens) all of WrapDB has been overhauled to be simpler. Instead of separate repos, all wraps are now stored in a single repo, making things easier.

        • Linux Fu: Databases Are Next-Level File Systems | Hackaday

          It is funny how exotic computer technology eventually either fails or becomes commonplace. At one time, having more than one user on a computer at once was high tech, for example. Then there are things that didn’t catch on widely like vector display or content-addressable memory. The use of mass storage — especially disk drives — in computers, though has become very widespread. But at one time it was an exotic technique and wasn’t nearly as simple as it is today.

          However, I’m surprised that the filesystem as we know it hasn’t changed much over the years. Sure, compared to, say, the 1960s we have a lot better functionality. And we have lots of improvements surrounding speed, encoding, encryption, compression, and so on. But the fundamental nature of how we store and access files in computer programs is stagnant. But it doesn’t have to be. We know of better ways to organize data, but for some reason, most of us don’t use them in our programs. Turns out, though, it is reasonably simple and I’m going to show you how with a toy application that might be the start of a database for the electronic components in my lab.

          You could store a database like this in a comma-delimited file or using something like JSON. But I’m going to use a full-featured SQLite database to avoid having a heavy-weight database server and all the pain that entails. Is it going to replace the database behind the airline reservation system? No. But will it work for most of what you are likely to do? You bet.

        • Qt Learning solutions survey
        • Shell/Bash/Zsh/Ksh

          • Batch triangulation on the command line

            This post describes a purpose-built bit of code that you might find useful if you do triangulations.

            I know, nobody does triangulations anymore! Except maybe surveyors, and they have gadgets and software that do triangulations automatically. But my wife and her fellow volunteers at a local arboretum still do triangulations "by hand", and often.

        • Rust

          • Announcing Rustup 1.24.3

            The rustup working group is happy to announce the release of rustup version 1.24.3. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

        • Java

          • Snowflake targets Java and Scala devs, will soon slither after Pythonistas too

            Cloudy data-wrangling outfit Snowflake has opened itself up to Java and Scala developers.

            At the company's annual event, Summit, the firm talked up Snowpark, which will allow developers to use the abovementioned languages to manage its platform. Until now, Snowflake has focused on SQL-centric developers. Java user-defined functions will also be permitted on the platform, allowing both code and business logic to be applied to Snowflake.

            Peter O'Connor, Snowflake's veep for sales in Asia Pacific, told The Register it was recognition the company needs to be more accommodating to developers if it is to continue its growth.

  • Leftovers

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Tech network pushes open-source backbone for Covid vaccine certificates - San Francisco Business Times [Ed: Linux Foundation is openwashing mass surveillance]
              • Linux Foundation readies Global COVID Certificate Network [Ed: Digital surveillance where papers could be used instead and serve to reduce spying]
              • Gain a New Skill This Summer With 25% Off Linux Foundation Training & Certification

                Summer is here, which means it’s time for summer school! Take advantage of longer days and more downtime by gaining new open source skills to advance your career prospects. With the Open Source Jobs Report finding 93% of hiring managers are having a difficult time filling positions requiring these skills, now is the time to make your move.

              • Free Course Explores Hyperledger Besu, the Open Source, Java-Based Ethereum Client

                Hyperledger Besu is an Ethereum client designed to be enterprise-friendly for both public and private permissioned network use cases. Accepted as a Hyperledger project in 2019, Besu is the first Hyperledger DLT that can operate on a public blockchain.

                Developed under the Apache 2.0 license and written in Java, Hyperledger Besu runs on the Ethereum public network, private networks, and test networks such as Rinkeby, Ropsten, and Görli. Besu implements Proof of Work (Ethash) and Proof of Authority (IBFT 2.0 and Clique) consensus mechanisms and supports enterprise features including privacy and permissioning.

                Hyperledger Besu can be used to develop enterprise applications requiring secure, high-performance transaction processing in private networks, making it applicable to many different use cases in both the public and private sectors. It is growing rapidly in popularity and adoption, which is why Hyperledger has partnered with Linux Foundation Training & Certification to develop a new, free online training course to help more individuals get started with this exciting distributed ledger technology, Hyperledger Besu Essentials: Creating a Private Blockchain Network.

              • Participate in the 2021 Open Source Jobs Report!

                The Linux Foundation has once again partnered with edX for the next iteration of our Open Source Jobs Report. The report examines the latest trends in open source careers, which skills are in demand, what motivates open source job seekers, and how employers can attract and retain top talent. This year’s report will also examine the effects of the ongoing pandemic on the industry.

        • Security

          • Security updates for Tuesday

            Security updates have been issued by Debian (nginx), Fedora (musl), Mageia (dnsmasq, firefox, graphviz, libebml, libpano13, librsvg, libxml2, lz4, mpv, tar, and vlc), openSUSE (csync2, python-py, and snakeyaml), Oracle (qemu), Red Hat (container-tools:2.0, kernel, kpatch-patch, nettle, nginx:1.16, and rh-nginx116-nginx), Slackware (httpd and polkit), SUSE (389-ds, gstreamer-plugins-bad, shim, and snakeyaml), and Ubuntu (gnome-autoar and isc-dhcp).

          • Intel Continues Working On New ISA Extensions To Help Fight Speculation Vulnerabilities - Phoronix

            In addition to making public new security advisories this Patch Tuesday requiring updated CPU microcode, Intel also issued a press statement about their ongoing fight against speculation vulnerabilities with their processors.

            Martin Dixon, an Intel Fellow and VP of the Intel Security Architecture and Engineering Group, penned a post about their continued work against transient execution vulnerabilities and the improvements they are still working on for future Intel CPUs to provide better defenses.

          • Intel Releases New CPU Microcode Due To New Security Vulnerabilities (June 2021) - Phoronix

            Intel just issued a big set of CPU microcode updates for addressing a new set of security advisories just made public.

            Going public today are a set of three new processor vulnerabilities:

            Intel SA-00442 - With a CVSS Base Score of 8.8 "High" is a new VT-d advisory where a vulnerability with Intel Virtualization Technology for Direct I/O could lead to a privilege escalation. This is due to an incomplete cleanup whereby authenticated users with local access could exploit to enable higher privileges.

          • Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew [Ed: Microsoft Windows TCO]

            The US Department of Justice on Monday said it has recovered 63.7 Bitcoins, right now worth $2.1m and falling, of the 75 or so BTC the Colonial Pipeline operators paid the ransomware miscreants who infected the fuel provider's computers.

          • Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster

            A reverse engineer has discovered what is claimed to be "the first known malware targeting Windows containers to compromise cloud environments," a sentence to put any system administrator on edge.

            Building on work published in December of last year on reverse-engineering Windows containers, security researcher Daniel Prizmant's latest discovery – made during his day job at Palo Alto Networks' Unit 42 security arm – looks to punch holes in Kubernetes clusters, and has apparently succeeded in doing so across at least 23 known targets.

          • DoS vulns in 3 open-source MQTT message brokers could leave users literally locked out of their homes or offices
          • Australian cops, FBI created backdoored chat app, told crims it was secure – then snooped on 9,000 users' plots

            The Australian Federal Police (AFP) has revealed it was able to decrypt messages sent on a supposedly secure messaging app that was seeded into the criminal underworld and promoted as providing snoop-proof comms.

            The app was in fact secretly built by the FBI, and designed to allow law enforcement to tune into conversations between about 9,000 users scattered around Earth.

            Results in Australia alone have included over 500 warrants executed, 200-plus arrests, the seizure of AU$45m and 3.7 tonnes of drugs, and the prevention of a credible threat to murder a family of five. Over 4,000 AFP officers were involved in raids overnight, Australian time. Europol and the FBI will detail their use of the app in the coming hours.

            The existence of the app — part of Operation Ironside, which quietly began three years ago — was revealed at a press conference in Australia today, where AFP commissioner Reece Kershaw said that, during informal meetings over beers, members of the AFP and the FBI cooked up the idea of creating a backdoored app. The idea built on previous such efforts, such as the Phantom Secure platform.

          • John the Ripper password cracker review

            John the Ripper is one of the best tools that you’ll find for cracking passwords. It’s highly versatile, well supported, and free, and it should be in every security professional’s toolkit.

          • Privacy/Surveillance

            • ProtonMail Introduces a New Design for Web Users - It's FOSS News

              If you have been using ProtonMail beta version, you may have noticed the user interface improvements they have been doing for years now.

              While the old design was simple and effective, it did lack a lot of essential design choices and features.

              For the very same reason, I preferred to use the beta version. But now, you no longer need to use the beta version to get a modern user experience. With the official announcement, ProtonMail has finally deployed the modern redesign for web users.

            • Millions of Ugandans denied vital services over digital ID cards

              Millions of Ugandans struggle to access vital public services and entitlements as they lack digital identity cards, six years after they were introduced, human rights groups said on Tuesday.

              Government data shows that a quarter of Ugandan adults, or 4.5 million people, did not have a biometric identity card in 2020, with pregnant women being turned away from health centres and old people unable to claim welfare payments, they said.

              “There are significant weaknesses in the digital ID system,” said Salima Namusobya, head of the Initiative for Social and Economic Rights (ISER), one of three co-authors of Tuesday’s report, which described the IDs as a “national security tool”.

              [...]

              “On the ground, it’s very clear that it’s a military-led project,” said Christiaan van Veen, director of the Digital Welfare State and Human Rights Project at New York University, co-author of the report, which involved some 450 interviews.

              “This project was led by senior figures in Uganda’s military and when they were presenting the project in parliament they made no secret about it: this is a national security project and the national digital ID is one way of knowing where every Ugandan is.”

              NIRA will take measures to increase card issuance, from informative text messages to mobile teams that will prioritise the elderly and disabled, Kisembo said.

            • UK government bows to pressure, agrees to delay NHS Digital grabbing the data of England's GP patients

              The UK government has conducted an embarrassing climbdown by agreeing to delay the implementation of NHS Digital's controversial grab of GP patient data by two months.

              Jo Churchill, under-secretary for health and social care, told MPs today in Parliament that the date for the extraction of data from GP systems under General Practice Data for Planning and Research programme would be pushed back from 1 July to 1 September this year.

              "We have decided we will proceed with the important programme, but we will take some extra time, as we have conversed with stakeholders over the past couple of days," Churchill said.

              NHS Digital has yet to clarify until which date patients will be offered the ability to opt out of the data haul. As originally planned, they had to inform their GPs of their wish to do so by 23 June, around six weeks following the programme's announcement. The non-departmental body has yet to respond to The Register's request for more information.

            • Ring’s new limits on police access to video aren’t enough, experts say

              At the very least, Amazon seems to be listening.

              After years of criticism from civil liberties groups and privacy advocates, Amazon will no longer let police privately ask users of its Ring products such as smart doorbells to share video footage their cameras have captured. Instead, police will have to make those requests in public via Ring’s Neighbors app, where anyone—including people who don’t own any Ring products—can see them.

              Amazon is also setting some boundaries on what police can ask for in the first place. They can’t seek footage from longer than a 12-hour period or from areas that are more than a half-mile from an incident, and each request must relate to a specific active investigation. Amazon also says police can’t “intentionally” ask for information about protests or other lawful activities.

            • Hyderabad Man Bears The Brunt Of Facial Recognition Technology
    • Censorship/Free Speech

      • Chinese app binned by Beijing after asking what day it is on anniversary of Tiananmen Square massacre

        Popular Chinese shopping app Xiaohongshu has seen its software banished from app stores and its social media accounts crimped, a few hours after issuing a controversial post on June 4th that asked, “Tell me loudly, what is the date today?”

        One answer to that question is that June 4th is the anniversary of the 1989 Tiananmen Square massacre, an event Beijing prefers not to discuss — online or in the real world. Friday June 4th 2021 was also just another Friday and therefore the last day of the working week, an occasion that Xiaohongshu often marks by posing weekend-oriented questions on social media.

        Xiaohongshu's post to Weibo, China's Twitter analog, was quickly removed, but first caught the eye of government internet watchdog The Cyberspace Administration of China, which reportedly started an investigation into Xiaohongshu. According to The Wall Street Journal, Xiaohongshu denies its post was political.

    • Monopolies

      • Patents

        • Introduction of Eurasian Industrial Design Protection [Ed: European Patent Convention (EPC) is routinely violated though, just like the firm that wrote it violates many laws and got sued for it, parties alleging corruption]

          The EAPO began accepting applications for Eurasian patents on 1 January 1996, and by the end of 2020 had received over 60,000 patent applications. Of these, 3,377 were filed in 2020, the vast majority (almost 74%) via the PCT system, under which the EAPO acts as a receiving office, designated office and elected office. Around 29% of the 2020 patent applications originated in the US, and the most popular technology areas were organic chemistry, pharmaceuticals and medicines.

          Eurasian patents are unitary in nature and provide protection in all eight EAPO member states: Republic of Azerbaijan, Republic of Armenia, Republic of Belarus, Republic of Kazakhstan, Kyrgyz Republic, Russian Federation, Republic of Tajikistan and Turkmenistan.

          The Eurasian system includes substantive examination for novelty and inventive step; a post-grant opposition procedure; the ability to submit third party opinions; and the opportunity to appeal against EAPO decisions. The requirements for patentability under the EAPC “correspond to PCT Regulations, European Patent Convention (EPC) and to legislation of the world developed countries”.

        • Bardehle Pagenberg bolsters Paris office with two patent attorneys [Ed: Yet another day of puff pieces or ads disguised as 'news']
        • [Older] Patent Office Updates You Need to Know

          On May 19, 2021, the Trademark Trial and Appeal Board (TTAB) introduced additional programs for COVID-related applications. TTAB has announced a Pilot Prioritized Review Program for Appeals Related to COVID-19, which will prioritize examination and issuance of ex parte appeal decisions examined under the USPTO’s COVID-19 Prioritized Trademark Examination Program. The TTAB is also launching a Conference Pilot Program for Oppositions Against Applications Related to COVID-19, which allows a TTAB attorney or judge to participate in the parties’ mandatory settlement and discovery planning conference. More information on both programs is available here.

          On May 20, 2021, the European Patent Office (EPO) announced that it is extending its videoconference pilot program for oral proceedings before the oppositions divisions. All oral proceedings will be held remotely through January 31, 2022. More info here.

      • Trademarks

        • Retromark Volume IX: the last six months in trade marks

          This volume was due a few months ago, but then my son was born and my capacity for blogging (along with my capacity for other more basic things like sleeping and remembering to feed myself) vanished. As I emerge from nappies, crying, baby vomit and all of that baby glamour, I’ve finally found a moment to reflect on the last six (well, seven) months of trade mark disputes.

          [...]

          Tefal, the sauce pan legends, make pans with red spots in the middle which change colour when the pan heats up to show you when they are ready to cook with. I’m pretty sure I’ve owned several such pans, but I’m not sure I knew they were unique to Tefal. It appears that at least 32.5% of people will proclaim “TEFAL!” when shown the photo below, but that was not enough to save the day at the UKIPO.

          [...]

          This was the first ever case featured in Retromark and turned up again in Volume 7. In its third appearance, the Court of Appeal dismissed Bentley Motors’ appeal against the High Court’s finding that its sales of clothing had infringed the trade marks of Bentley Clothing. This is the first of two Court of Appeal judgments led by Lord Justice Arnold in this volume.

          At trial, Motors had advanced a major defence of honest concurrent use which failed (it has sold clothing since 1987), but it was unable to obtain permission to appeal this.

          There were three grounds of appeal. The first, not pressed by Motors, was whether the sign below was to be regarded as one sign or two. The trial judge held two, the Court of Appeal agreed.

      • Copyrights

        • Photographer seeks $12m in copyright damages over claims Capcom ripped off her snaps in Resident Evil 4 art

          A US designer has sued for damages of around $12m amid allegations that Japanese games developer Capcom breached copyright by using her photos in titles including the massively popular Resident Evil.

          The lawsuit [PDF] alleges that Capcom used around 80 images – originally photographed by professional scenic artist and designer Judy Juracek – in its games and without her permission.

          A number of those images are said to have been published in a book called Surfaces – along with an accompanying CD-ROM – by Juracek in 1996. In the 13-page submission filed in the US District Court of Connecticut last Friday, along with 134 pages of evidence comparing her images to those in the game [PDF], lawyers acting for Juracek highlighted two instances that they say point to copyright infringement.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day