07.20.21

Gemini version available ♊︎

Links 21/7/2021: WordPress 5.8, Wine 6.13, and VirtualBox 6.1.24

Posted in News Roundup at 6:20 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Microsoft has its own Linux distribution. [Ed: They are missing the point of it and overlooking the fact that Microsoft continues to attack Linux from a number of fronts]

        The days when Microsoft CEO, the shy and retiring Steve Ballmer, called Linux cancer on the software industry, are really dead and buried – Vole now has its own Linux distribution which it is even telling people about.

    • Audiocasts/Shows

      • The Killer Feature Of Tiling Window Managers Isn’t Tiling

        I often get people telling me that they don’t see the point of using a tiling window manager. I think part of the problem is the name “tiling window manager”.

      • Using Linux at work – KDE Edition

        This is an update on the Linux at work series I started a while ago! At the time, I was using elementary OS on a Huawei matebook 13, to work as a Product Owner. Since then, remote work became a lot more prevalent, and I also changed distros, and laptops, so let’s see how I’m making Linux and KDE work as my primary OS, on my laptop, and desktop!

    • Kernel Space

      • Linux 5.12 Kernel Reaches End of Life, Upgrade to Linux Kernel 5.13 Now

        Released about three months ago, Linux kernel 5.12 introduced lots of goodies, including support for Playstation 5 DualSense and Nintendo 64 game controllers, eMMC inline encryption support, support for the Lenovo IdeaPad platform profile and the Lenovo ThinkPad X1 Tablet Gen 2, as well as a new memory-debugging tool called KFENCE.

        It also introduced initial support for zoned block devices to the Btrfs file system, LTO in Clang support, AMDGPU Freesync HDMI support, and many other cool features, but it’s now marked as EOL (End of Life) on the kernel.org website, which means that it will no longer receive support upstream and that you must upgrade to a newer or LTS kernel as soon as possible.

      • Linux 5.13.4
        I'm announcing the release of the 5.13.4 kernel.
        
        All users of the 5.13 kernel series must upgrade.
        
        The updated 5.13.y git tree can be found at:
        	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.13.y
        and can be browsed at the normal kernel.org git web browser:
        
        https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
        
        thanks,
        
        greg k-h
        
      • Linux 5.12.19
      • Linux 5.10.52
      • Linux 5.4.134
      • Linux 4.19.198
      • Linux 4.14.240
      • Linux 4.9.276
      • Linux 4.4.276
      • Graphics Stack

        • AMD Posts Linux Graphics Driver Patches For “Cyan Skillfish”

          AMD posted a new patch series bringing up a new graphics processor, Cyan Skillfish.

          As usual, this is a Linux-focused codename for a yet-to-be-launched product with their naming convention of an X11 color name paired with a fish species.

          While yet to be launched, Cyan Skillfish isn’t as exciting as some of the recent RDNA2 or CDNA GPUs. Cyan Skillfish is the support for a Navi (1x) graphics processor in a forthcoming APU.

        • Reverse-engineering the Mali G78

          After a month of reverse-engineering, we’re excited to release documentation on the Valhall instruction set, available as a PDF. The findings are summarized in an XML architecture description for machine consumption. In tandem with the documentation, we’ve developed a Valhall assembler and disassembler as a reverse-engineering aid.

          Valhall is the fourth Arm® Mali™ architecture and the fifth Mali instruction set. It is implemented in the Arm® Mali™-G78, the most recently released Mali hardware, and Valhall will continue to be implemented in Mali products yet to come.

        • Arm Mali “Valhall” Reverse-Engineering Started

          The Panfrost open-source Linux graphics driver stack has matured nicely for Arm Mali Midgard and Bifrost generations but for the past two years now there has been Valhall as the latest-generation Arm Mali microarchitecture. There is now work underway on reverse-engineering Valhall for ultimately wiring up with open-source graphics driver support.

          Panfrost lead developer Alyssa Rosenzweig commented today that reverse-engineering work has begun for Valhall with a focus on the Mali G78 in particular. This reverse engineering has been going on for just about one month but there is already some instruction set documentation made as well as an XML-based representation.

        • NVIDIA Brings Its RTX Tech To Linux On Arm

          When NVIDIA sets out to acquire a company, it doesn’t seem to waste any time to start producing custom product with the new IP access. After the company announced its plans to acquire Arm last fall, the company announced a full-fledged Arm-based supercomputer called Grace this past spring. Arm in the enterprise seemed likely, but did you expect to see the label “RTX” tied in with it, as well?

          At the ongoing Game Developers Conference, NVIDIA announced that it’s bringing RTX to Arm on Linux, which should result in a number of different types of devices adopting it. With the help of two tech demos, the company utilized MediaTek’s Kompanio 120 (eight-core with 1-3-4 config) and gave it a GeForce RTX 3060 to work with. With one demo, the fast-paced Wolfenstein: Youngblood was shown-off, utilizing both ray tracing and DLSS. You can check it running in real-time in the video below:

    • Applications

      • HandBrake 1.4.0

        HandBrake is an open-source, GPL-licensed, multiplatform, multithreaded video transcoder, available for MacOS X, Linux and Windows. Handbrake can process most common multimedia files and any DVD or BluRay sources that do not contain any kind of copy protection.

      • VirtualBox 6.1.24 Released with Support for Linux 5.13 and Ubuntu Specific Kernels

        VirtualBox 6.1.24 comes almost three months after version 6.1.22 to introduce support for the latest and greatest Linux 5.13 kernel series, for both hosts and guests. As you can imagine, this means that you can now run GNU/Linux distributions powered by Linux kernel 5.13 on virtual machines or install VirtualBox on a distro running Linux 5.13.

        For the first time, VirtualBox introduces support for kernels that are specific to a certain GNU/Linux distribution. In this release, there’s support for Ubuntu specific kernels, as well as kernels that are specific to the SUSE Linux Enterprise Server and Desktop (SLES/SLED) 15 SP3 (Service Pack 3) operating systems.

      • The best email client for Linux, Windows and macOS isn’t Outlook

        I rely on email. In fact, it’s my primary method of communication with the outside world. While most people are busy on Slack and other chat platforms, I still prefer email. Why? For one thing, I retain a digital trail of my communication. I can search through email threads to follow conversations with a single person (or multiple persons) with ease. Another reason is that I’ve been using email since the late ’90s, so it’s a very comfortable and familiar format.

        Does that mean I ignore chat and other types of communication platforms? Not at all. But for my primary method of communication with clients, editors and publishers, it’s email all the way. It’s easy, fast and always there. I don’t have to worry about whether or not a recipient is online; they’ll get the communication one way or another.

        But there is a slight problem. Which email client to use? There are quite a large number of apps available on every platform, and not every app is available for every operating system. You have Apple Mail for macOS, Outlook for Windows and macOS, Evolution for Linux, and a host of other possibilities. And for the longest time, everyone just assumed Microsoft Outlook was the single best email client on the planet.

        For anyone who’s had to troubleshoot Outlook problems, you know just how bad that client can get when it’s in a fussy mood. I’ve experienced Outlook problems so bad, the only way to solve the problem was a complete reinstall of the OS. Granted, that situation was not normal, but it is very indicative of what can go wrong with that particular email client. And although Apple Mail is a very good email application, its macOS-only limitation is problematic. I will go so far as to say if Apple Mail was available for Linux, macOS and Windows, it would probably wind up at the very top of this list.

    • Instructionals/Technical

      • How to Create Rust Virtual Environment Using Conda on Linux

        Conda is an open-source package management system and environment management system for installing multiple versions of software packages and their dependencies. It is mainly developed for Python and not tied to any specific programming language. Conda allows you to install many programming languages in multiple different environments.

        In this post, we will show you how to create Rust virtual environments using Conda in Linux.

      • How to Install the Latest HPLIP Driver in Ubuntu 20.04 [Fix Dependency Issue] | UbuntuHandbook

        Need the most recent HPLIP to get your HP printer or scanner working in Ubuntu? Here’s how to install guide as well as workaround to fix the python-pyqt5 dependency issue.

        HPLIP is an open-source Linux drivers for HP’s inkjet and laser printers. The project is initiated and led by HP Inc. While the package in Ubuntu repositories is always old, you can install the official binary to get new devices support.

        However, the most recent releases refuse to install in my Ubuntu 20.04 due to python-pyqt5 dependency issue. If you’re facing with the similar issue, then this tutorial may help!

      • Linux Essentials – Automatically mounting storage volumes with /etc/fstab

        In a previous video we went over the basics of storage, and in this episode of Linux Essentials, I’ll show you how to automatically mount storage volumes when you boot your server.

      • Automatically bring up a SocketCAN interface on boot

        Working with Controller Area Network (CAN) on your Linux PC? Through the SocketCAN kernel modules, Linux supports CAN quite well. It can be a bit tricky though, to get your USB-to-CAN adapter configured and up-and-running. This tutorial not only explains how to bring up your SocketCAN network interface, it also shows you how to configure your Linux system to automatically bring up your SocketCAN network interface, each time you plug it in or boot up your Linux system.

      • How to Build a Package from Source in Linux – Make Tech Easier

        Besides its open-source nature, customizability is one of the other reasons many users love Linux: you can modify and configure almost every file to meet your specific needs and style. This includes the ability to rebuild a package from source.

        The ability to rebuild a package from the source can be beneficial to any Linux power user because it allows you to change packages, enable or disable a feature, or even apply custom modifications.

    • Wine or Emulation

      • Wine 6.13
        The Wine development release 6.13 is now available.
        
        What's new in this release (see below for details):
          - Proper scrollbar theming.
          - More work towards WinSock PE conversion.
          - Preparation work for the GDI syscall interface.
          - Some progress on the IPHLPAPI PE conversion.
          - Various bug fixes.
        
        The source is available from the following locations:
        
        https://dl.winehq.org/wine/source/6.x/wine-6.13.tar.xz
        
        
        http://mirrors.ibiblio.org/wine/source/6.x/wine-6.13.tar.xz
        
        Binary packages for various distributions will be available from:
        
        https://www.winehq.org/download
        
        You will find documentation on https://www.winehq.org/documentation
        
        You can also get the current source directly from the git
        repository. Check https://www.winehq.org/git for details.
        
        Wine is available thanks to the work of many people. See the file
        AUTHORS in the distribution for the complete list.
        
      • Wine 6.13 Released With Proper Scrollbar Theming, More PE Conversion

        The Wine project usually puts out new open-source development releases reliably every other week, but as is sometimes the case during the summer months, last Friday’s was missed due to summer holidays. That update — Wine 6.13 — has now shipped today.

        Alexandre Julliard just issued the belated Wine 6.13 release. Among the changes this time around are now having proper scrollbar theming for Windows applications running in Wine, preparation work for the GDI system call interface, and more PE conversion work. There still is work going on the WinSock portable executable conversion and now on the IPHLPAPI PE conversion too.

    • Games

      • Ubisoft are keeping an eye on the Steam Deck, will release on it if it’s big enough

        Today during the Ubisoft conference call where they discussed first-quarter 2021-2022 sales, Steam Deck got mentioned.

        It’s an interesting one, since Ubisoft has pretty much left Steam behind in favour of other stores like the Epic Games Store. The Epic store doesn’t support Linux, and Epic currently have no intention to do so. So unless people are expected to manually load up Windows to replace SteamOS, companies like Ubisoft would need to bring their games back to Steam to give users a good experience.

        During the conference call that we listened to today, a question was asked about the Steam Deck from one investor.

      • Space station building and management sim Starmancer confirmed for GOG

        The release of the fantastic space station building and management game Starmancer is getting ever closer, and now a GOG released has been confirmed today. It’s been a while since the Kickstarter in 2018, which showed a hugely promising idea.

        Starmancer follows long after some sort of catastrophe on Earth with the remains of humanity having their brains uploaded into special memory banks. You’re responsible for building up a sustainable station to enable supporting human life, which you end up growing in special pods to have a consciousness downloaded into.

        “Starmancer offers gameplay with consequences, a living sandbox environment, crafting, and managing the daily lives of colonists. Create a utopian society where everyone is well fed, happy, and safe. Or go rogue and figure out how many times a colonist can eat wheat before they go crazy. The choice is yours!”

      • DXVK-NVAPI 0.4 Released For Improving NVIDIA Integration Atop DXVK

        DXVK-NVAPI 0.4 is out today for improving the implementation of this NVIDIA driver public API interface (NVAPI) within DXVK for running Windows Direct3D games on Linux. DXVK-NVAPI 0.4 updates against the latest public NVAPI header files, now makes use of the NVIDIA Management Library (NVML) for querying various attributes on Linux, changes around log level options, and adds an optional test suite for helping to verify the NVAPI support.

      • The Nvidia Arm race has just put Microsoft, AMD, and Intel on notice

        Nvidia is paving the way for entirely GeForce-powered notebooks, potentially shoving Microsoft, Intel, and AMD aside in its quest for high-performance gaming laptops. The green team has now proven the power of both ray tracing and DLSS running in a Linux distro, on ARM-based silicon, with RTX graphics cards plumbed into them.

        And that should scare the crap out of everyone involved in the traditional Microsoft/x86 PC gaming monopoly.

        So yeah, it sure looks like GDC 2021 is kicking off with a bang, as Nvidia has today shown Wolfenstein: Youngblood running with ray traced reflections enabled, and DLSS in operation, on a system using an eight-core MediaTek CPU and an Nvidia RTX 3060 GPU.

      • Nvidia’s ARM-Powered Linux RTX Demo Is a Warning Shot to x86, Microsoft
      • The Steam Deck Might Not Play All Games in Your Library

        As of now, the Steam Deck might play all of the games in the Steam Library, though the developers at Valve are working hard to make everything work.

        The Steam Deck is a portable gaming console. Its biggest selling point is its hardware specs capable of running even the most demanding PC games. So, if you’re the type of person who wants to play games on the go, this thing is ideal for you.

        That said, while there are many games to choose from, you might not get them running on this device.

      • Steam Deck SSD Replacement Possible on All Models

        Valve’s upcoming handheld Steam Deck will allow its users to replace and upgrade its internal SSD with their own, although the company strongly recommends against it.

        The news was first brought to light by Valve’s head Game Newell himself by responding to a redditor’s inquiry about the system’s SSD. The Steam Deck’s website was later updated (spotted via VGC) to state that all models “use socketed 2230 m.2 modules (not intended for end-user replacement).”

      • Gadgets Weekly: Valve Steam Deck, Asus Chromebooks and more

        Out of the blue, Valve Corp on Thursday unveiled the company’s first-ever hand-held gaming console Steam Deck, which competes directly with the popular Nintendo Switch series.

        The new Steam Deck sports wide 7.0-inch HD+ (1,280x800p) LCD panel with a 16:10 aspect ratio. It supports up to 60Hz display refresh rate, and offers close to 400 nits of peak brightness.

        Yes, the screen is touch-sensitive and also comes with an ambient light sensor, stereo speakers and a dual microphone array.

        Inside, it houses AMD’s custom APU, optimized for handheld gaming. The APU’s power ranges from 4W to 15W, which promises to deliver more than enough performance to run the latest AAA games very efficiently.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

      • GNOME Desktop/GTK

        • How Calls became a part of GNOME

          Since Purism’s philosophy and GNOME’s principles are closely aligned it is not far fetched to call them a match made in heaven.

          As you probably know the software stack in use on the Librem 5 is built upon GNOME technologies and has been designed by parts the GNOME Design Team.

          This is why we’re happy to officially announce that Calls will become a part of the GNOME project. Having a dialer application available shows that mobile is an important use case for GNOME.
          Furthermore this shows that we take upstreaming our development efforts and making them available to the wider community very seriously.

          The old repository has been archived and the new repository where development takes place can be found here while the packaging for PureOS can be found here.

          By moving to GNOME infrastructure we hope to generate more community interest around Calls.

    • Distributions

      • IBM/Red Hat/Fedora

      • Debian Family

        • Debian GNU/Linux 10 “Buster” Users Get New Linux Kernel Security Update, 4 Flaws Patched

          The new Linux kernel security update comes about three months after the previous kernel update and it’s here to address a total of four security vulnerabilities discovered by various security researchers in the upstream Linux 4.19 kernel series used by the Debian GNU/Linux 10 “Buster” operating system.

          The four security flaws patched in this kernel update are CVE-2020-36311, a vulnerability discovered in the KVM subsystem for AMD CPUs that could allow an attacker to cause a denial of service (soft lockup) by triggering the destruction of a large Secure Encrypted Virtualization (SEV) virtual machine.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Firefox May Have Lost Up to 12% Of Its Users So Far In 2021

            Firefox is the default web browser installed on most Linux distributions. It is a well-known browser by Mozilla that respects user privacy by design, and currently remains the only major web browser pushing for open web standards and community interest rather than giant corporations like Google, Microsoft or Apple.

            The existence of Firefox is important for the open source community. Both to prevent the monopoly of these corporations on the web and also to ensure a free and open source web browser (and engine!) remains accessible for end-users.

            However, Firefox has been recently struggling on many different fronts and on a number of issues and topics. We have covered a story in October, 2020 where Mozilla’s CEO was found to be getting a large $2.4M annual salary, while 25% of Mozilla’s workforce was let go because of financial issues at Mozilla. And yet, Mozilla is promoting initiatives to fight political ads, misinformation and “promote diversity” rather than fixing its own problems.

          • Spring Cleaning MDN: Part 1 [Ed: Mozilla is dead. And it is outsourcing to Microsoft proprietary software now.. Stick a form it it. Mozilla is a walking dead.]

            Most notably MDN now manages its content from a repository on GitHub. Prior to this, the content was stored in a database and edited by logging in to the site and modifying content via an in-page (WYSIWYG) editor, aka ‘The Wiki’. Since the big move, we have determined that MDN accounts are no longer functional for our users. If you want to edit or contribute content, you need to sign in to GitHub, not MDN.

      • SaaS/Back End/Databases

        • SQLite Extraction of Oracle Tables Tools, Methods and Pitfalls

          The SQLite database is a wildly successful and ubiquitous software package that is mostly unknown to the larger IT community. Designed and coded by Dr. Richard Hipp, the third major revision of SQLite serves many users in market segments with critical requirements for software quality, which SQLite has met with compliance to the DO-178B avionics standard. In addition to a strong presence in aerospace and automotive, most major operating system vendors (including Oracle, Microsoft, Apple, Google, and RedHat) include SQLite as a core OS component.

          There are a few eccentricities that may trip up users from other RDBMS environments. SQLite is known as a “flexibly-typed” database, unlike Oracle which rigidly enforces columnar datatypes; character values can be inserted into SQLite columns that are declared integer without error (although check constraints can strengthen SQLite type rigidity, if desired). While many concurrent processes are allowed to read from a SQLite database, only one process is allowed write privilege at any time (applications requiring concurrent writers should tread carefully with SQLite). There is no network interface, and all connections are made through a filesystem; SQLite does not implement a client-server model. There is no “point in time recovery,” and backup operations are basically an Oracle 7-style ALTER DATAFILE BEGIN BACKUP that makes a transaction-consistent copy of the whole database. GRANT and REVOKE are not implemented in SQLite, which uses filesystem permissions for all access control. There are no background processes, and newly-connecting clients may find themselves delayed and responsible for transaction recovery, statistics collection, or other administrative functions that are quietly performed in the background in this “zero-administration database.” Some history and architecture of SQLite can be found in audio and video records of Dr. Hipp’s discussions.

          Despite these eccentricities, SQLite is likely a superior format for data exchange as opposed to CSV, XML, or even JSON, as indexes can be included, enabling recipients to perform high-speed queries in SQL92 without any preprocessing, licensing, or activation. SQLite’s conservative coding style and commentary is intended to benefit “future programmers who are not yet born,” and the on-disk database format has further been defined as a long-term storage standard by the Library of the U.S. Congress.

      • CMS

        • WordPress 5.8 Tatum

          Introducing 5.8 “Tatum”, our latest and greatest release now available for download or update in your dashboard. Named in honor of Art Tatum, the legendary Jazz pianist. His formidable technique and willingness to push boundaries inspired musicians and changed what people thought could be done.

          So fire up your music service of choice and enjoy Tatum’s famous recordings of ‘Tea for Two’, ‘Tiger Rag’, ‘Begin the Beguine’, and ‘Night and Day’ as you read about what the latest WordPress version brings to you.

      • FSF

        • Freedom moving forward: An overview of the FSF’s history

          Our thirty-fifth birthday as an organization has given us the opportunity to think about the Free Software Foundation’s (FSF) development over the years. More than thirty-five years of history is hard to bring together in a few sentences, so much so that even staff at the FSF sometimes have to do serious research into the exact dates that milestones occurred. This being the case, we realized it was high time to create an overview listing key points in the history of the FSF and GNU.

          Today we launched the FSF history timeline page which shows a clear overview of milestones for the organization, like when the GPLv3 was published, or when the first LibrePlanet conference took place.

        • Licensing/Legal

          • Our lawsuit against ChessBase

            The Stockfish project strongly believes in free and open-source software and data. Collaboration is what made this engine the strongest chess engine in the world. We license our software using the GNU General Public License, Version 3 (GPL) with the intent to guarantee all chess enthusiasts the freedom to use, share and change all versions of the program.

            Unfortunately, not everybody shares this vision of openness. We have come to realize that ChessBase concealed from their customers Stockfish as the true origin of key parts of their products (see also earlier blog posts by us and the joint Lichess, Leela Chess Zero, and Stockfish teams). Indeed, few customers know they obtained a modified version of Stockfish when they paid for Fat Fritz 2 or Houdini 6 – both Stockfish derivatives – and they thus have good reason to be upset. ChessBase repeatedly violated central obligations of the GPL, which ensures that the user of the software is informed of their rights. These rights are explicit in the license and include access to the corresponding sources, and the right to reproduce, modify and distribute GPLed programs royalty-free.

          • Stockfish sues ChessBase

            The Stockfish project, which distributes a chess engine under GPLv3, has announced the filing of a GPL-enforcement lawsuit against ChessBase, which has been (and evidently still is) distributing proprietary versions of the Stockfish code.

          • Are you compliant with open-source license obligations?

            A short answer is no. Your piece of software will not be open-source if it doesn’t have an open-source license. Under copyright law, such software is copyrighted by default, with all the restrictions that this implies.

            If you want anyone to use your code freely, you should ensure certain liberties commonly called “the four freedoms“. They say that OS software may be used, studied, modified, and distributed freely, as long as the license is respected.

            For the first three, there are no conditions of any kind; you are free to use, study, and modify the code for any purpose. If you move beyond that and decide to distribute your modified version (or the original), this is when open-source license compliance starts.

            Missing license texts are the number one cause of license infringement cases, which, as we’ve seen above, can lead to the loss of ownership rights and enforcement actions such as an interim injunction.

      • Programming/Development

        • Python

          • The data worker’s guide to psiphiorrhea

            A dataset I recently audited had a record for a marine specimen observed at latitude 6.47457312, longitude -52.5741239, depth 103.8799973 metres. I’ve changed the coordinates (but not their number of decimal places) to protect the data owner’s privacy.

            While those coordinates aren’t as impressive as the
            -33.8903169365705 151.198409720645
            I blogged about in 2019 for a huge building in Sydney, Australia, they still specify the specimen’s underwater location ±0.55 millimetres in latitude. And the depth measurement is ±0.00005 millimetres.

            I suspect that the marine recorder might be afflicted with psiphiorrhea. I concocted this word (pronounced siff-ee-oh-REE-uh) from Greek roots meaning “digit or numeral” and “flux”. In the same way that someone who talks far too much is exhibiting logorrhea, or excessive word-iness, someone who uses far too many digits in their numbers is exhibiting psiphiorrhea, or excessive digit-iness.

  • Leftovers

    • Science

      • Not only is Hubble back online after outage, it’s already taking photos of the cosmos • The Register

        The Hubble Space Telescope is back in action doing what it does best – capturing stunning images of the universe – after more than 50 NASA engineers worked hundreds of hours to get the instrument working again.

        After activating redundant components within the orbiting observatory on Friday to clear a hardware glitch, the telescope has been able to use its sensors again. NASA released two photos of oddball galaxies Hubble snapped over the weekend: one depicting two galaxies intersecting each other, and the other showing a large spiral galaxy with three arms.

    • Integrity/Availability

      • Proprietary

        • China says Microsoft hacking accusations fabricated by US and allies [Ed: Well, it is the fault of Microsoft that holes exist]
        • US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach
        • Security

          • Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)

            A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been unearthed by researchers.

          • New Linux kernel bug lets you get root on most modern distros
          • Nasty Linux systemd security bug revealed

            Qualsys has found an ugly Linux systemd security hole that can enable any unprivileged user to crash a Linux system. The patch is available, and you should deploy it as soon as possible.

          • How IBM i Fits Into a Zero-Trust Security Framework [Ed: Authored by IBM shill funded by IBM]

            One of the hot new trends in cybersecurity these days is the zero-trust security model. Instead of implicitly trusting network traffic behind the firewall, zero-trust demands that traffic have explicit permission to be there. But how does that model work with the strange beast known as IBM i? IT Jungle recently sat down with PJ Kirner, the CTO and co-founder of zero-trust software provider Illumio, to find out.

            Illumio is an eight-year-old venture-backed startup based in Sunnyvale, California, that is working in the field of zero-trust security. It develops an offering, called Illumio Core, that allows companies to begin implementing the zero-trust security model in their own data centers.

            It’s a fairly radical shift in philosophy, Kirner says. “There’s a mentality change from ‘I trust everything’ to . . . ‘I need a policy enforcement point of some sort everywhere, not just in the one place at the boundary of two things,’” he says.

            When fully built out, an IT estate with an active zero-trust security model will resemble a party where only invited guests are allowed in. Building from a whitelist, or “allow list,” is starkly different than starting with a blacklist, or an “exclude list,” Kirner says. “If you start by saying just these two things are not allowed to talk, well, that’s a whole bunch of implicit trust around everything else,” he says.

            Illumio, which recently added support for IBM i systems, begins every zero-trust security engagement by making a map of network traffic behind the firewall. Illumio develops software that does this mapping, which can be quite illuminating in its own right.

          • New Windows 10 vulnerability allows anyone to get admin privileges
          • The virus rears its ugly head….

            There is a virus going around. We thought we were winning the battle against it, but powerful forces and events have allowed it to raise its ugly head and cause unforeseen additional hardship.
            People thought that it was not so bad, they did not listen to reason and take the precautionary measures necessary to protect themselves. In letting down their guard they were unprepared and unprotected.
            After months of machines being turned off, software licenses (with their expiration dates never “dormant”) are up for renewal.
            Many companies, educational institutions and public buildings (like libraries) are turning on their Wintel PCs for the first time in over a year and finding that they need to renew their licenses, not only for what is called an operating system on their computer, but also for many of the closed source, proprietary add-on software packages that owners purchased in a wild attempt to make their hardware somewhat useful.

            [...]

            This variant is called “Windows 11”, and the creator of it seems to be unable to tell you how much havoc it will create for you. Does it run on your otherwise great hardware? You have a decent processor, a lot of RAM, and you bought it just two or three years ago….but it might not run Windows 11.

          • UK.gov’s Huawei watchdog says firm made ‘no overall improvement’ on firmware security but won’t say why

            Huawei has made “no overall improvement” in software engineering processes for its UK telecoms equipment’s firmware, its GCHQ overseers have warned.

            The Huawei Cyber Security Evaluation Cell (HCSEC) oversight board’s annual report for 2020 was noticeably less critical than in previous years – but still says Huawei is dragging its feet in key areas.

          • Northern Train’s ticketing system out to lunch as ransomware attack shuts down servers

            Publicly owned rail operator Northern Trains has an excuse somewhat more technical than “leaves on the line” for its latest service disruption: a ransomware attack that has left its self-service ticketing booths out for the count.

            “Last week we experienced technical difficulties with our self-service ticket machines, which meant all have had to be taken offline,” a spokesperson for Northern Trains confirmed to the The Register.

          • Fortinet’s security appliances hit by remote code execution vulnerability

            Security appliance slinger Fortinet has warned of a critical vulnerability in its products that can be exploited to allow unauthenticated attackers full control over the target system – providing a particular daemon is enabled.

            The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company’s FortiGate security appliance family. Should a particular daemon be enabled, the company admitted, a remote attacker can gain full control.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Romanian Linux Cryptojacking Cybercriminals Spotted [Ed: This is classic FUD as it's not a Linux issue but a weak password issue]

              Since at least 2020, an active threat organization based in Romania has been running a cryptojacking operation against Linux-based machines using the Golang-based SSH brute force, according to The Hacker News. The campaign’s objective is to infect Linux systems with Monero mining applications.

          • Privacy/Surveillance

            • India IT minister denies illegal use of NSO Pegasus spyware

              Indian IT Minister Ashwini Vaishnaw has denied the nation illegally used the NSO Group’s Pegasus spyware, but hasn’t denied that India used it.

              The existence of Pegasus is not news. But over the weekend, Amnesty International, French outfit Forbidden Stories and a dozen publications around the world alleged the software has been widely misused to target media, dissidents, and other individuals, and that NSO Group’s assertions its products are only used in the cause of national security are insincere at best.

    • Environment

      • Wildlife/Nature

        • Thousands of penguins crowding near Ukrainian polar station

          Ukrainian polar explorers recorded large waddles of penguins near the Antarctic station “Academician Vernadsky”.
          “This July, our polar explorers recorded extremely large winter waddles of penguins: hundreds and thousands of individuals have a rest on different islands within a radius of 20 km from the station, and hundreds of penguins that eat can be observed in the water at the same time. These are mostly sub-Antarctic penguins (Gentoo) or Adélie penguins,” the National Antarctic Scientific Center of Ukraine posted on Facebook.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 18/9/2021: LibreOffice 8.0 Plans and Microsoftcosm Uses WSL to Badmouth 'Linux'

    Links for the day



  2. Links 18/9/2021: GIMP 2.10.28 Released and Azure Remains Back Doored

    Links for the day



  3. IRC Proceedings: Friday, September 17, 2021

    IRC logs for Friday, September 17, 2021



  4. Links 17/9/2021: Ubuntu 18.04.6 LTS, Manjaro 21.1.3, “2021 is the Year of Linux on the Desktop”

    Links for the day



  5. Links 17/9/2021: WSL Considered Harmful

    Links for the day



  6. [Meme] Microsoft Loves Linux Bug/Back Doors

    Microsoft is just cementing its status as little but an NSA stooge



  7. Lagrange Makes It Easier for Anybody to Use Gemini and Even Edit Pages (With GUI)

    Gemini protocol and/or Gemini space are easy for anyone to get started with or fully involved in (writing and creating, not just reading); today we take a look at the new version of Lagrange (it was first introduced here back in March and covered again in April), which I installed earlier today because it contains a lot of improvements, including the installation process (now it’s just a click-to-run AppImage)



  8. IBM is Imploding But It Uses Microsoft-Type Methods to Hide the Demise (Splits, Buybacks, and Rebranding Stunts)

    A combination of brain drain (exodus) and layoffs (a lack of budget combined with inability to retain talent or attract the necessary staff with sufficiently competitive salaries) dooms IBM; but the media won't be mentioning it, partly because a lot of it is still directly sponsored by IBM



  9. IRC Proceedings: Thursday, September 16, 2021

    IRC logs for Thursday, September 16, 2021



  10. [Meme] 70 Days of Non-Compliance

    António Campinos would rather fall on his sword than correct the errors or work to undo the damage caused by Team Battistelli, which is still at the EPO



  11. EPO “Board 28” Meeting: Imaginary Dialogue Between EPO President Campinos and the Chair of the Administrative Council, Josef Kratochvíl

    The EPO‘s chaotic state, which persists after Benoît Battistelli‘s departure, is a state of lawlessness and cover-up



  12. Links 16/9/2021: Linux Mint Has New Web Site, LibreOffice 7.2.1, KDE Plasma 5.23 Beta, and Sailfish OS Verla

    Links for the day



  13. If Git Can be Done Over the Command Line and E-mail, It Can Also be Done Over Gemini (Instead of Bloated Web Browsers)

    In order to keep Git lean and mean whilst at the same time enabling mouse (mousing and clicking) navigation we encourage people everywhere to explore gemini://



  14. Techrights Examines a Wide Array/Range of Gemini Clients/Browsers

    After spending many months examining an array of different types of software for Gemini (including but not limited to clients/browsers) we take stock of what exists, what's supported (it varies a bit), and which one might be suitable for use by geeks and non-geeks



  15. Links 16/9/2021: KStars 3.5.5 and Chafa 1.8

    Links for the day



  16. Trusting Microsoft With Security is a Clown Show

    A quick and spontaneous video about this morning's post regarding a major new revelation that reaffirms a longstanding trend; Microsoft conflates national security (back doors) with security



  17. IRC Proceedings: Wednesday, September 15, 2021

    IRC logs for Wednesday, September 15, 2021



  18. Microsoft Azure and Back/Bug Doors in GNU/Linux: Fool Me Once (Shame on You) / Fool Me Twice (Shame on Me)

    "Fool me once, shame on you; fool me twice, shame on me," goes the old saying...



  19. Deleted Post: “LibreOffice is Becoming Dominated by a Bunch of Corporates, and Has no Place for the Enthusiastic Amateur.”

    Chris Sherlock, an insider of LibreOffice, cautions about the direction of this very important and widely used project



  20. Links 16/9/2021: Unifont 14.0.01, LibreOffice on ODF 1.3, Mozilla Pushing Ads (Sponsored 'Firefox Suggest'), and Microsoft Pushes Proprietary Direct3D via Mesa

    Links for the day



  21. Links 15/9/2021: Another Azure Catastrophe and Darktable 3.6.1

    Links for the day



  22. Open Invention Network (OIN) Recognises a Risk Posed to Cryptocurrencies (Danger From Software Patents), But OIN Still Proposes the Wrong Solutions

    Square is joining OIN, but it's another example of banking/financial institutions choosing to coexist with software patents instead of putting an end to them



  23. IRC Proceedings: Tuesday, September 14, 2021

    IRC logs for Tuesday, September 14, 2021



  24. (Super)Free Software As a Right – The Manifesto

    "Software text has long been recognized as “speech”, and is covered under the very same copyright laws as conventional printed matter."



  25. Links 15/9/2021: Java 17 / JDK 17 Released and ExpressVPN Sold

    Links for the day



  26. Latest Public Talk (Over BigBlueButton) by Richard Stallman is Now Online

    This video has been released; it starts with an old talk and then proceeds to a new discussion (14 minutes from the start)



  27. Richard Stallman Is Not Surrendering His Free Speech

    The homepage of Dr. Stallman looked like this on Saturday, 20 years since the September 11 attacks in the US, noting that “[t]oday we commemorate the September 11 attacks, which killed President Allende of Chile and installed Pinochet’s murderous military dictatorship. More than 3,000 dissidents were killed or “disappeared” by the Pinochet regime. The USA operated a destabilization campaign in Chile, and the September 11, 1973, attacks were part of that campaign.”



  28. Twitter -- Like Google's YouTube -- is 'Hiding' Tweets From People Who Follow You

    So-called 'entertainment' platforms disguised as 'social' aren't the future of media; they need to be rejected



  29. How to Track the Development or Construction of the Techrights Web Site and Gemini Capsule

    Following some busy publication schedule (heavy lifting for weeks) we're stopping a bit or slowing down for the purpose of site (or capsule) 'construction'; here's a status update



  30. Links 14/9/2021: Libinput 1.19, Kali Linux 2021.3, and ExTiX Deepin 21.9

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts