06.30.21

Gemini version available ♊︎

Links 30/6/2021: Microsoft Doing Linux Releases, Linux Foundation Does In-Person Events

Posted in News Roundup at 3:05 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Google brings Chrome OS Linux support to Intel 6th Gen ‘Skylake’ processors

        Linux support for Chrome OS makes every Chromebook a much more useful tool, and now, the feature is finally headed to older Chromebooks powered by Intel 6th Gen processors, otherwise known as the “Skylake” generation.

        Google first launched support for Linux in Chrome OS in 2018 but only on select models and chip configurations. The list of supported models has grown considerably in the time since, but older Chromebooks using Intel 6th Gen processors have lacked support for Linux.

        As spotted by Android Police, Google has unceremoniously announced on the Chromium bug tracker that “All work to enable this has been completed.” That’s roughly 18 months after that thread was opened up by Samsung Chromebook Pro and Asus Chromebook Flip owners who were irked by their fairly expensive machines lacking support for the feature.

    • Server

      • Top 10 Best Linux Server Distributions in 2021

        As you can see, each Linux distribution is unique and is customized and optimized for a certain task.

        If you want to go with a thriving community, then going with Ubuntu is the best option. On the other hand, ArchLinux and SlackwareOS are preferred by experienced users. Fedora and OpenSUSE are famous for their latest and cutting-edge features. While the RHEL and SUSE are the paid commercialized distributions used by the big companies like Google, Amazon, and other Fortune 500.

        So the decision of choosing the right Linux server just comes down to two things, i.e., personal preference and the task at hand.

      • 85% of Enterprises Have Yet to Cross the Chasm to Full Kubernetes and Cloud Native Adoption, According to Industry Global Survey from Canonical

        Despite high adoption rates of cloud native technologies in recent years, enterprises have yet to cross the chasm to full adoption, but they’re quickly moving in that direction, according to initial results of a first-of-its kind survey released today by Canonical, the publishers of Ubuntu.

        The Kubernetes and Cloud Native Operations Report, which is still open for participation, has surveyed 1,200 global IT professionals so far on more than 40 topics about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications.

    • Kernel Space

      • Linux 5.12.14 [Ed: The infiltration continues; now Linux releases are announced by a Microsoft employee (Linux is "cancer"), salaried by Microsoft. They hijacked Git, now Linux.]
        I'm announcing the release of the 5.12.14 kernel.
        
        All users of the 5.12 kernel series must upgrade.
        
        The updated 5.12.y git tree can be found at:
                git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.12.y
        and can be browsed at the normal kernel.org git web browser:
        
        https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
        
        Thanks,
        Sasha
        
      • Linux 5.10.47
      • Linux 5.4.129
      • Linux 4.19.196
      • Linux 4.14.238
      • Linux 4.9.274
      • Linux 4.4.274
      • The Big Set Of Networking Changes For Linux 5.14 – Phoronix

        Given the dominance of Linux-based devices from embedded/mobile (Android) through data centers and Linux powering all sorts of equipment, the networking subsystem updates for new Linux kernel merge windows continues to be very lively with new hardware support and never-ending improvements and new features.

      • Intel P-State Driver Ready To Take On Alder Lake Hybrid Processors – Phoronix

        Headlining the power management updates for the Linux 5.14 merge window is the Intel P-State CPU frequency scaling driver now being adapted to handle hybrid processors.

        As noted last month, P-State has begun preparations for Alder Lake with this driver needing to be reworked to deal with the concept of Intel CPUs having a mix of energy efficient and high performance CPU cores. In particular, Intel 12th Gen “Alder Lake” processors to feature a mix of Golden Cove cores for performance and Gracemont cores when needing energy efficiency.

      • Intel Media Driver 2021Q2 Focuses On Gen12 Enhancements – Phoronix

        In preparing to close out the second quarter, the Intel Media Driver 2021Q2 was released today as the company’s open-source stack for supporting GPU-accelerated video encode/decode on Linux.

        The open-source Intel Media Driver is their modern VA-API implementation for offering video acceleration on Broadwell through all current generation Gen12 / Xe Graphics hardware for video encode/decode and processing.

      • Linux 5.14 Ready With Light Sensor + Human Presence Detection For Newer AMD Laptops

        The HID subsystem updates for Linux 5.14 continue improving consumer device support from newer AMD Ryzen laptops to multi-touch improvements.

        As covered recently, AMD posted their first big set of updates to the AMD-SFH Linux driver for “next-gen” support, their first sizable update since the Sensor Fusion Hub driver was mainlined at the end of 2020 for hooking up the sensor functionality on these laptops. That new support amounts to bringing up now previous generation Renoir (Ryzen 4000 series) laptop coverage and recently launched Cezanne (Ryzen 5000) series support.

      • Radeon Pro Software for Enterprise 21.Q2 for Linux Driver Released – Phoronix

        AMD has issued their Radeon Pro Software for Enterprise 21.Q2 for Linux driver update as their quarterly packaged driver update intended for use with Radeon Pro graphics cards and former FirePro line-up.

        The Radeon Pro Software for Enterprise 21.Q2 for Linux packaged driver with its Open and PRO components is officially offered for RHEL/CentOS 8.3, RHEL/CentOS 7.9, Ubuntu 20.04.2, Ubuntu 18.04.5, and SUSE Linux Enterprise 15 SP2. Worth noting here is there is not yet support for RHEL/CentOS 8.4 or SLED/SLES 15 SP3. Last week AMD did release Radeon Software for Linux 21.20 that does include RHEL/CentOS 8.4 and SUSE Linux Enterprise 15 SP3 support but this “Radeon Pro” driver update doesn’t have those changes.

      • Graphics Stack

        • NVIDIA 470 EOL Drivers For Kepler Still Obliterating Open-Source Alternative – Phoronix

          With the recent NVIDIA 470 series Linux driver beta this R470 branch is the point at which NVIDIA is ending its GeForce 600/700 series “Kepler” support. The 470 driver series will be maintained as a long-lived driver that will continue to see security updates and Linux kernel / X.Org Server compatibility updates for another three years. If this end-of-life status has you thinking about trying out the open-source “Nouveau” Linux driver with Kepler, here are some current benchmarks.

        • Linux Prepares For AMD Servers With Aldebaran GPU Nodes Sporting HBM2 – Phoronix

          The latest public code patches on the mailing list today are preparing for newer AMD heterogeneous servers that will have Aldebaran GPU nodes connected via xGMI links to the CPU(s) and the GPU dies in turn having HBM2 memory.

          These new heterogeneous AMD system details were revealed today as part of a set of patches prepping the AMD64 EDAC (Error Detection And Correction) kernel driver code for non-CPU nodes. The AMD64 EDAC driver is for traditionally dealing with and correcting system DRAM ECC errors while now being extended to GPU node memory accessible from the CPUs via the xGMI high-speed interconnect.

        • XWayland 21.1.2 Nears With NVIDIA Hardware Acceleration – Phoronix

          Michel Dänzer of Red Hat is preparing the release of XWayland 21.1.2 as the newest update to this standalone XWayland package separate from a whole X.Org Server release for running X11 clients within a Wayland environment.

          The standalone XWayland releases were started given the lack of momentum for new X.Org Server releases but XWayland code within there continuing to see a fair amount of code churn. These standalone releases were started by Red Hat with a focus on meeting Fedora’s needs but Ubuntu and other distributions have also gotten onboard with this notion of separate releases.

    • Applications

      • Is remmina useful for your daily work?

        Remmina is a Remote Desktop Client that supports numerous protocols allowing you to connect to many remote systems. This full featured client program allows you to set up a shared folder, select the screen size and type of connection being used. There are many more options that give you the ability to customize your connection to fit your individual needs. In this article we will utilize Remote Desktop Protocol (RDP) to demonstrate its capabilities.

    • Instructionals/Technical

      • How To Install Canon Printer Driver on Ubuntu – idroot

        In this tutorial, we will show you how to install Canon Printer Driver on Ubuntu. For those of you who didn’t know, Canon is one of the largest printer manufacturers in the world, unfortunate canon never includes Linux / Ubuntu driver in each product that we buy, in other words, the Printer driver only available in Windows and macOS. Canon did release some printer drivers for Linux, but the majority of Canon printer owners were out of luck.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Canon Printer Driver on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

        Install Canon Printer Driver o

      • A production guide to automating and managing SSH server configuration with RHEL system roles

        In the previous post, I covered how to get started with the sshd Red Hat Enterprise Linux (RHEL) System Role, which can help you automate and manage your SSH server configuration across your RHEL environment. This is important because having a properly configured and secured SSH server is a key component of securing a RHEL system.

        I intentionally made the first part of this series very simple by specifying the role variables directly in the playbook. This requires editing the playbook any time the variables need to be updated or changed. A better method would be to store the role variables in the inventory, which I will cover in this post.

        I also had the same SSH server configuration applied to all of my hosts in the previous post. However, in the real world, there are frequent exceptions to be made and servers with special requirements that need to deviate slightly from the usual configuration.

        Thus, in this post, I will also cover how to override settings for servers that need a slightly different configuration.

      • How to play Stellaris on Linux

        Stellaris is a strategy game developed and published by Paradox Interactive. In the game, the player explores space, manages their own empire, and establishes diplomacy with other worlds.

        Stellaris was released on Linux a while ago. However, it only works on Linux through Steam. In this guide, we’ll show you how to get it up and running

      • How to Install TeamSpeak Server on Ubuntu 18.04 & 20.04 | RoseHosting

        TeamSpeak is a cross-platform VoIP solution used for online games. It is used by gamers to communicate with teammates with high-end security.

        It can be installed on Windows, MacOS, and Linux systems. It allows you to communicate with friends via speech and text. It comes with a lot of features including – built-in privacy, unrivaled voice quality, an advanced permissions system, stunning sound, mobile connectivity, and many more.

      • How To Install Discord on AlmaLinux 8 – idroot

        In this tutorial, we will show you how to install Discord on AlmaLinux 8. For those of you who didn’t know, Discord is the easiest way to talk over voice, video, and text. Talk, chat, hang out, and stay close with your friends and communities. The service can be used both via the website without a client and for Windows, Mac, and portable platforms such as Android and iOS and even directly in the browser.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Discord on an AlmaLinux 8. You can follow the same instructions for Rocky Linux.

    • Games

      • Apogee Entertainment surprise releases Secret Agent HD, a remaster of the 90s classic

        The 1992 classic Secret Agent has been revived with a HD remaster from Apogee Entertainment and Emberheart Games that was surprise announced and released today with Secret Agent HD.

        It’s not just a simple remaster of a classic though. While it does contain all three original episodes, along with support for modern systems and resolutions it also brings with it the brand new Secret Agent Episode 4 with a new collection of missions to play through. Secret Agent HD also comes with a brand new original soundtrack, plus there’s a built in level editor and Steam Workshop support.

        “The new Apogee Entertainment is focused on helping today’s developers reach new audiences with their unbelievable talent, but we’re fans of the classics too,” said Scott Miller, Apogee founder, “The ‘90s will never die—we’ve got new missions 30 years in the making to prove it”

      • Stadia vs. Shadow Cloud Gaming: Which is better? | Android Central

        The better game streaming service to buy is Stadia because it is cheaper and available right now. Anyone can sign up for the service and access it today for free. It also runs very well if you have an internet connection better than the minimum recommendation. The service’s store does not rival Steam in terms of quantity. Still, there is a sizable catalog of games to purchase with big titles like Cyberpunk 2077, Red Dead Redemption 2, FIFA 21, or claim over a dozen games through the cheap Stadia Pro monthly subscription.

      • How to play Dead Rising 2 on Linux

        Dead Rising 2 is the 2nd in the Dead Rising franchise. The game follows Chuck Greene in third-person as he fights through hordes of zombies. In this guide, we’ll show you how to get the game working on your Linux system.

      • How to play Counter-Strike: Global Offensive on Linux

        Counter-Strike; Global Offensive is a multiplayer FPS developed by Valve and Hidden Path Entertainment. In the game, players fight against each other to dismantle and plant bombs. In this guide, we’ll show you how to play it on Linux.

      • Top-down stealth escape horror The Equinox Hunt is now on Linux | GamingOnLinux

        On the run with various horrors hunting you, The Equinox Hunt developed by EvilStar Studios from 2020 is now on Linux. Looks pretty good actually, and in a few ways it reminds me of the excellent Darkwood (although noway near as stylish) that released back in 2017.

        The idea here is that The Equinox Hunt itself is some sort of ritual, with you being the prey who has to sneak through the depths of a forest full of lurking hunters. A proper stealth game too, with you needing to constantly watch your footsteps and look out for potential hiding places.

      • How We Know We’re Alive – a free point & click mystery set in Sweden’s bible belt

        Free Game Wednesday? Yup! How about short, intriguing and incredible looking pixel-art mystery adventure with How We Know We’re Alive. Missed this one originally as it didn’t mention Linux in the announcement trailer but it seems it did release for Linux too!

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

    • Distributions

      • Deepin Linux Adds Android App Support

        Deepin, one of the most beautiful distributions, has just released their 20.2.2 update. It incorporates a variety of awesome features, most notably the Android app support—thanks to their new App store.

        Additionally, the Deepin team claims they are the first Chinese Linux distro to receive a secure boot certificate. This adds in another layer of security on top of the already existing features baked right into the Linux kernel.

        Read on for a deeper dive into these exciting new features.

      • SUSE/OpenSUSE

        • Imaging at the Edge

          Adoption of game-changing disruptive technologies in heavily regulated fields, such as healthcare, can prove slow, difficult and challenging. Learn how the use of Edge helps to overcome these challenges, transforming the world of medical imaging and providing innovative technology to healthcare professionals.

          The concept of medical imaging began in 1895 with the invention of the x-ray by a German professor of physics, Wilhelm Conrad Roentgen. Since then, the range of technologies for medical imaging has expanded and today includes ultrasound, CT (computed tomography), PET (positron emission tomography), MRI (magnetic resonance imaging), CR (computed radiography), DR (digital radiography), and mammography.

      • Canonical/Ubuntu Family

        • Pop!_OS 21.04 Released with New GNOME-based COSMIC Desktop

          Pop!_OS 21.04 brings a new, simple, and speedy desktop experience. It is based on Ubuntu 21.04 but headlined by their new and improved COSMIC Desktop environment.

          Pop!_OS as most of you well know is an Ubuntu-based Linux distribution. The distro is developed by System76, a US computer manufacturer of Linux-based laptops, desktops and servers. They have been around for 15 years, but since 2017 they have added their own distro, Pop!_OS, to further express their passion and philosophy.

          The look and feel hasn’t really changed in the new Pop!_OS 21.04. It is still their own theme, dark by default with cyan and orange highlights and their own icon theme. It looks good and modern especially combined with the custom Fira font they use.

          In terms of default applications, Pop!_OS 21.04 has the standard GNOME ones with Geary preinstalled for mail, Firefox for web browsing and LibreOffice as well.

        • COSMIC desktop environment makes its debut with release of Pop!_OS 21.04 Linux distribution

          System76 has been selling Linux computers for more than 15 years. For a long time that meant the company’s hardware came with Ubuntu pre-installed. But a few years ago System76 began offering users a choice of Ubuntu or the company’s own Ubuntu fork called Pop!_OS.

          Now System76 is taking things a step further and releasing a new desktop environment for Pop!_OS called COSMIC. First unveiled earlier this year, COSMIC is now the default user interface for the latest version of the operating system, Pop!_OS 21.04, which was released this week.

        • Linux Mint Monthly News – June 2021

          We’ll be very brief with the news this month since the stable release of Linux Mint 20.2 is just around the corner.

          We still have a few things to check and a few bug reports to go through before calling it stable but we’re getting very close.

          Following the stable release we’ll open up the upgrade path from Linux Mint 20.1 and Linux Mint 20 and we’ll port all the new packages towards LMDE 4. Some of the improvements and fixes made in Linux Mint 20.2 will also be backported towards earlier 20.x releases.

          I’d like to thank you for your feedback and for taking the time to participate in the BETA process and report these bugs to us. Many thanks also for your donations. Thanks to our sponsors and partners for their continued support.

        • System76 releases Ubuntu-based Pop!_OS 21.04 with auto-tiling COSMIC desktop

          System76 has released Pop!_OS 21.04, based on Ubuntu 21.04 but with a distinctive desktop called COSMIC.

          Pop!_OS describes itself as “an operating system for STEM and creative professionals.” It uses the GNOME desktop but customised as COSMIC – which supposedly stands for Computer Operating System Main Interface Components, but someone at System76 must like rockets and comic books.

          Pop!_OS was born when Canonical, the company behind Ubuntu, abandoned the Unity desktop. The rationale was that Canonical is focused on the enterprise, but System76 is focused on the desktop, as is Linux Mint, another popular Ubuntu derivative.

        • Ubuntu Blog: Top 10 apps for a fresh Linux install in 2021

          Are you struggling with too much lag? Is it time for a spring clean and a fresh Linux install? Ready to upgrade to Focal Fossa (LTS) or Hirsute Hippo? Whatever situation you are in, get started quickly with some of the most popular apps you need for a fresh Linux install. Here are all the commands you need so easily copy and paste to get started! (There is a full block of commands at the end that you can easily copy and paste if you’d like to install all the apps in one go).

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Events

        • EXTENDED LibreOffice Conference Call for Papers

          LibreOffice Conference Call for Papers has been extended until July 18, 2021. This is the final deadline, and no further extension will be offered. To facilitate the development of the conference schedule, proposals can only be submitted using TDF event management platform at https://events.documentfoundation.org/libocon2021/cfp.

          LibreOffice Conference 2021 will take place online from September 23 to 25, Thursday to Saturday. The Document Foundation invites all members and contributors to submit talks, lectures and workshops. Whether you are a seasoned presenter or have never spoken in public before, if you have something interesting to share about LibreOffice, ODF, the Document Liberation Project or the ODF Toolkit, we want to hear from you!

        • Call for Presentations for Qt World Summit 2021

          Qt is looking for speakers, collaborators and industry thinkers to share their expertise and thoughts with the community in the upcoming Qt World Summit Online, November 3, 2021.

        • The Linux Foundation Announces Registration is Open for Open Source Summit and More Fall Events
        • The Linux Foundation Announces Registration is Open for Open Source Summit and More Fall Events

          The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced that registration is open for many of its Fall 2021 events, for both in-person and virtual attendance. The Linux Foundation hosts the premier open source events around the world that empower technologists and other leaders to come together, share ideas, learn and collaborate to drive innovation.

      • Productivity Software/LibreOffice/Calligra

        • Interview to Hossein Nourikhah

          Which is your perception of the project, as seen from the outside world?

          I see LibreOffice project as an alternative path. The road to office productivity suites doesn’t have to end up in proprietary office applications and file formats. LibreOffice project is a way out, trying to provide freedom to the users, alongside providing user friendly, cost efficient products that are also accessible for the disabled people.
          On the other hand, LibreOffice is a complex piece of software, consisting of ~10 millions of lines of code [1], which is somehow difficult for an average programmer to get involved in its development. This is something that can be improved through various means, including better tools and documentation, and of course, more helping hands.

          [...]

          Yes, of course! I use the latest Ubuntu LTS, and I am a LibreOffice user on a daily basis. In fact, I was an enthusiastic user of an early version of OpenOffice.org from Red Hat 9.0 in 2003 [2], and I have switched to LibreOffice when it was released.
          I am a happy user, although there are glitches in text rendering for my own language (Persian/Farsi). I hope we can fix them sooner with the help of kind LibreOffice developers.

      • FSF

        • Licensing/Legal

          • Should GitHub Be Sued For Training Copilot on GPL Code?

            The technology, a bleeding-edge application of deep learning and neural networks, was trained using the public repositories published on GitHub. Training a neural network model means that you take the data (source code of these repositories in our case) and feed it to the network, so that it can learn what to do in future similar cases.

            Copilot has seen billions of lines of code, functions, classes and object definitions before, and hence, can suggest the next steps whenever enough information about the programmer’s desire are determined.

            However, this brought a large issue into debate: Many of these public repositories were licensed under the GPL license and other copyleft licenses (MIT, AGPL… etc), so is this process legal? Is it OK for GitHub to use free software source code to train its proprietary, paid and commercial service?

            Different opinions emerged in the open source community.

      • Programming/Development

        • Upgrading NextCloudPi

          So I finally got around to upgrading my NextCloudPi to version 20 with the hub and all. I really like it so far.

        • The perfect cross-platform serif and sans-serif font stacks

          Different web browsers use the same default fonts on the same operating system. However, the default fonts differ between operating systems and few fonts are available everywhere. In this article, I’ll focus on making the default fonts look and behave the same across operating systems.

          The default fonts for the generic “serif” and “sans-serif” (without serifs) fonts are metrically compatible across macOS, iOS, Windows, and Chrome OS. There are good options available for Linux too, but those are rarely set as the default fonts. Android only has one font, so you get what you get.

          Metrically compatible means that each individual character in one font has the same width as the same characters in another font. Metrical compatibility means you can substitute one font for another in a document without affecting its layout. E.g. a headline and paragraph should fill the same number of lines of text. This isn’t the same as a fixed-width font (monospace), where all the characters in the font have the same width.

        • Godot Web progress report #9: Godot Scripts JavaScript Interface

          It hasn’t been long since the last Web progress report, but it’s finally time for the blog entry you have probably been waiting for… time to talk about integrating Godot with third-party JavaScript APIs on the Web.

        • Considering the Next Critical Tech Talent Shortage

          But, COBOL expertise is just one example of a potential talent shortage. “Where should we expect to find future crises?” Loukides asks. “What other shortages might occur?” The key to understanding or predicting such shortages, he says, involves looking at critical infrastructure.

        • Code as Infrastructure

          The Next Critical Talent Shortage Won’t Be Fortran

          A few months ago, I was asked if there were any older technologies other than COBOL where we were in serious danger of running out of talent. They wanted me to talk about Fortran, but I didn’t take the bait. I don’t think there will be a critical shortage of Fortran programmers now or at any time in the future. But there’s a bigger question lurking behind Fortran and COBOL: what are the ingredients of a technology shortage? Why is running out of COBOL programmers a problem?

          The answer, I think, is fairly simple. We always hear about the millions (if not billions) of lines of COBOL code running financial and government institutions, in many cases code that was written in the 1960s or 70s and hasn’t been touched since. That means that COBOL code is infrastructure we rely on, like roads and bridges. If a bridge collapses, or an interstate highway falls into disrepair, that’s a big problem. The same is true of the software running banks.

        • Shell/Bash/Zsh/Ksh

        • Rust

          • Rakudo compiler, Release #147 (2021.06)

            On behalf of the Rakudo development team, I’m very happy to announce the June 2021 release of Rakudo #147. Rakudo is an implementation of the Raku1 language.

            The source tarball for this release is available from https://rakudo.org/files/rakudo. Pre-compiled archives will be available shortly.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • An EPYC escape: Case-study of a KVM breakout

            KVM (for Kernel-based Virtual Machine) is the de-facto standard hypervisor for Linux-based cloud environments. Outside of Azure, almost all large-scale cloud and hosting providers are running on top of KVM, turning it into one of the fundamental security boundaries in the cloud.
            In this blog post I describe a vulnerability in KVM’s AMD-specific code and discuss how this bug can be turned into a full virtual machine escape. To the best of my knowledge, this is the first public writeup of a KVM guest-to-host breakout that does not rely on bugs in user space components such as QEMU. The discussed bug was assigned CVE-2021-29657, affects kernel versions v5.10-rc1 to v5.12-rc6 and was patched at the end of March 2021. As the bug only became exploitable in v5.10 and was discovered roughly 5 months later, most real world deployments of KVM should not be affected. I still think the issue is an interesting case study in the work required to build a stable guest-to-host escape against KVM and hope that this writeup can strengthen the case that hypervisor compromises are not only theoretical issues.

            I start with a short overview of KVM’s architecture, before diving into the bug and its exploitation.

          • An EPYC escape: Case-study of a KVM breakout (Project Zero blog)

            Over at the Project Zero blog, Felix Wilhelm posted a lengthy account of a vulnerability he found in the Linux kernel’s KVM (Kernel-based virtual machine) subsystem

          • Is Open Source Ready For Biden’s Executive Order For Cybersecurity?

            The Linux Foundation has done an incredible job with many projects under its umbrella including the Software Package Data Exchange (SPDX) that helps track software bills of material. We hosted David A. Wheeler, Director of Open Source Supply Chain Security at The Linux Foundation, to talk more about the impact of this executive order on the industry and how well prepared Linux Foundation communities are to help organizations keep their software stack and our infrastructure safe.

          • Security updates for Wednesday

            Security updates have been issued by Debian (fluidsynth), Fedora (libgcrypt and tpm2-tools), Mageia (nettle, nginx, openvpn, and re2c), openSUSE (kernel, roundcubemail, and tor), Oracle (edk2, lz4, and rpm), Red Hat (389-ds:1.4, edk2, fwupd, kernel, kernel-rt, libxml2, lz4, python38:3.8 and python38-devel:3.8, rpm, ruby:2.5, ruby:2.6, and ruby:2.7), and SUSE (kernel and lua53).

          • Major Linux RPM problem uncovered

            In 1995, when Linux 1.x was the hot new Linux kernel, early Red Hat founding programmers Marc Ewing and Erik Troan created RPM. This software package management system became the default way to distribute software for Red Hat Linux-based distributions such as Red Hat Enterprise Linux (RHEL), CentOS Stream, AlmaLinux OS, and Rocky Linux. Unfortunately, hidden within its heart is a major security hole.

          • Privacy/Surveillance

            • Top Private & Secure Email Providers [2021]

              When it comes to email providers, some popular companies that come to our mind are Gmail, Microsoft Outlook, Yahoo Mail, iCloud, etc. In this article, I am going to list the top private & secure email providers in 2021.

              [...]

              The biggest reason why Gmail and similar email providers can not be trusted to protecting users’ privacy is that they can share users’ data if demanded by the Governments through the courts. So activists around the World are under continuous threat by their country’s Government.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.



  2. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...



  3. Improving Gemini by Posting IRC Logs (and Scrollback) as GemText

    Our adoption of Gemini and of GemText increases; with nearly 100,000 page requests in the first 3 days of Decembe (over gemini://) it’s clear that the growing potential of the protocol is realised, hence the rapid growth too; Gemini is great for self-hosting, which is in turn essential when publishing suppressed and controversial information (subject to censorship through blackmail and other ‘creative’ means)



  4. Links 4/12/2021: IPFire 2.27 Core Update 162 and Genode OS Framework 21.11

    Links for the day



  5. Links 4/12/2021: Gedit Plans and More

    Links for the day



  6. Links 4/12/2021: Turnip Becomes Vulkan 1.1 Conformant

    Links for the day



  7. IRC Proceedings: Friday, December 03, 2021

    IRC logs for Friday, December 03, 2021



  8. Links 4/12/2021: EndeavourOS Atlantis, Krita 5.0.0 Beta 5, Istio 1.11.5, and Wine 6.23; International Day Against DRM (IDAD) on December 10th

    Links for the day



  9. Another Gemini Milestone: 1,500 Active Capsules

    This page from Balázs Botond plots a graph, based on these statistics that now (as of minutes ago) say: “We successfully connected recently to 1500 of them.” Less than a fortnight ago more than 1,800 capsules overall were registered by Lupa, almost quadrupling in a single year



  10. [Meme] António Campinos and Socialist Posturing

    Staff of the EPO isn’t as gullible as António Campinos needs it to be



  11. António Campinos as EPO President is Considered Worse Than Benoît Battistelli (in Some Regards) After 3.5 Years in Europe's Second-Largest Institution

    The EPO's demise at the hands of people who don't understand patents and don't care what the EPO exists for is a real crisis which European media is unwilling to even speak about; today we share some internal publications and comment on them



  12. Media Coverage for Sale

    Today we're highlighting a couple of new examples (there are many other examples which can be found any day of the year) demonstrating that the World Wide Web is like a corporate spamfarm in "news" clothing



  13. Links 3/12/2021: GNU Poke 1.4 and KDDockWidgets 1.5.0

    Links for the day



  14. IRC Proceedings: Thursday, December 02, 2021

    IRC logs for Thursday, December 02, 2021



  15. Links 3/12/2021: Nitrux 1.7.1 and Xen 4.16 Released

    Links for the day



  16. Links 2/12/2021: OpenSUSE Leap 15.4 Alpha, Qt Creator 6

    Links for the day



  17. The EPO's “Gender Awareness Report”

    There’s a new document with remarks by the EPO’s staff representatives and it concerns opportunities for women at the EPO — a longstanding issue



  18. IRC Proceedings: Wednesday, December 01, 2021

    IRC logs for Wednesday, December 01, 2021



  19. EPO Staff Committee Compares the Tactics of António Campinos to Benoît Battistelli's

    The Central Staff Committee (CSC) of the EPO talks about EPO President António Campinos, arguing that “he seems to subscribe to the Manichean view, introduced by Mr Battistelli…”



  20. Prof. Thomas Jaeger in GRUR: Unified Patent Court (UPC) “Incompatible With EU Law“

    The truth remains unquestionable and the law remains unchanged; Team UPC is living in another universe, unable to accept that what it is scheming will inevitably face high-level legal challenges (shall that become necessary) and it will lose because the facts are all still the same



  21. Links 1/12/2021: LibrePlanet CFS Extended to December 15th and DB Comparer for PostgreSQL Reaches 5.0

    Links for the day



  22. EPO Cannot and Will Not Self-Regulate

    The term financialisation helps describe some of the activities of the EPO in recent years; see Wikipedia on financialisation below



  23. [Meme] Germany's Licence to Break the Law

    Remember that the young Campinos asked dad for his immunity after he had gotten drunk and crashed the car; maybe the EPO should stop giving diplomatic immunity to people, seeing what criminals (e.g. Benoît Battistelli) this attracts; the German government is destroying its image (and the EU’s) by fostering such corruption, wrongly believing that it’s worth it because of Eurozone domination for patents/litigation



  24. EPO Dislikes Science and Scientists

    The EPO's management has become like a corrupt political party with blind faith in money and monopolies (or monopoly money); it has lost sight of its original goals and at this moment it serves to exacerbate an awful pandemic, as the video above explains



  25. Links 1/12/2021: LibreOffice 7.3 Beta, Krita 5.0, Julia 1.7

    Links for the day



  26. Links 1/12/2021: NixOS 21.11 Released

    Links for the day



  27. IRC Proceedings: Tuesday, November 30, 2021

    IRC logs for Tuesday, November 30, 2021



  28. Links 1/12/2021: Tux Paint 0.9.27 and WordPress 5.9 Beta

    Links for the day



  29. [Meme] EPO Administrative Council Believing EPO-Bribed 'Media' (IAM Still Shilling and Lying for Cash)

    IAM continues to do what brings money from EPO management and Team UPC, never mind if it is being disputed by the patent examiners themselves



  30. The EPO's Mythical “Gap” Has Been Found and It's Bonuses for People Who Use Pure Fiction to Steal From Patent Examiners

    The phony president who has the audacity to claim there's a budget gap is issuing millions of euros for his enablers to enjoy; weeks ahead of the next meeting of national delegates the Central Staff Committee (CSC) tells them: "Events show that the delegations’ concerns about functional allowances have materialised. The lack of transparency and inflation of the budget envelope gives rise to the suspicion that high management is pursuing a policy of self-service at the expense of EPO staff, which is difficult to reconcile with the Office’s claimed cost-saving policy, and to the detriment of the whole Organisation."


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts