Bonum Certa Men Certa

Links 14/9/2021: Libinput 1.19, Kali Linux 2021.3, and ExTiX Deepin 21.9



  • GNU/Linux

    • Desktop/Laptop

      • Why Linux Is More Accessible Than Windows and macOS

        Artificial intelligence and IoT implementations in various gadgets are paving the way towards an easier tomorrow, especially for differently-abled people. Voice recognition technology has grown leaps and bounds, while facial recognition continues to make device access easier for differently-abled people.

        Linux is usually considered to be a complicated OS. On the contrary, it does not fail to cater to people’s needs with its list of technical features. Apart from special features, the advancements in the kernel and various customizations are making it a hit with the masses.

    • Audiocasts/Shows

    • Kernel Space

      • Intel Seamless Update: Intel Preparing For System Firmware Updates Without The Reboot - Phoronix

        "Intel Seamless Update" is a forthcoming feature for Intel platforms seemingly first being exposed by their new Linux kernel patches working on the functionality... Intel is working on being able to carry out system firmware upates such as UEFI updates but doing so at run-time and being able to avoid the reboot in the process.

      • Linux 5.15 update brings plenty of improvements for AMD hardware and the Steam Deck

        Linux 5.15 is out, and the new kernel is bringing a host of brand new updates for existing AMD CPUs and GPUs, even some that aren't out yet. While not the largest update, Ryzen and Radeon users will appreciate what it has to offer, and it could be especially interesting for AMD Van Gogh-powered devices like the future Valve Steam Deck.

      • Linux 5.15 Raises Its GCC Compiler Version Requirement - Phoronix

        While Linux 5.15-rc1 was released on Sunday with its many changes, landing on Monday was a late change to raise the baseline GCC version requirement for building the Linux kernel.

        The Linux kernel to now supported building on kernels as far back as GCC 4.9 while now it has been bumped to GCC 5.1. AArch64 already required at least GCC 5.1 while this bump affects all other architectures.

      • Graphics Stack

        • Zink driver for OpenGL over Vulkan adds more game support like Metro: Last Light

          Developer Mike Blumenkrantz has continued hacking away on the Zink driver, that provides OpenGL over Vulkan to ensure it works with even more games. This work is despite Blumenkrantz's previous blog post mentioning "Zink is done", clearly not quite.

          [...]

          Another one is Warhammer 40,000: Dawn of War III, the Linux port from Feral Interactive relied on ARB_bindless_texture for the OpenGL version (it also has a Vulkan port). Something not supported by many drivers and not many games end up ever using it to which Blumenkrantz mentioned "This game requires ARB_bindless_texture just to run? Is this a joke? Even fucking DOOM 2016, the final boss of OpenGL, doesn’t require bindless textures.". Thankfully, it's now also hooked up for Zink and the results speak clearly:

        • libinput 1.19.0
          libinput 1.19.0 is now available. Only three device-specific quirks since the
          RC so let's call this release done, push it out and the world becomes a
          slightly better, or at least different, place.
          
          

          Since there's nothing too noteworthy, here's the text from the RC explaining the new features.

          This release brings two new features and the corresponding API additions: hold gestures and high-resolution wheel scrolling (which changes the scroll APIs).

          Hold gestures are a new type of gestures that are triggered by holding one or more fingers on a touchpad without significant movement. They add to the existing pinch and swipe gestures and allow for the implementation of hold-to-click. Where callers implement kinetic scrolling, hold gestures can be used to stop scrolling - since the gesture is triggered on a finger(s) down after a scroll motion, that event can be used to stop scrolling. Many thanks to José Expósito for the new gestures.

          High-resolution wheel scrolling has been long in the making and the solution ends up replacing the existing pointer axis API. Three new events are available: LIBINPUT_EVENT_POINTER_SCROLL_WHEEL, LIBINPUT_EVENT_POINTER_SCROLL_FINGER, and LIBINPUT_EVENT_POINTER_SCROLL_CONTINUOUS. These events **replace** the existing LIBINPUT_EVENT_POINTER_AXIS events, i.e. if you are processing the new events simply discard the old events.

          The FINGER and CONTINUOUS events are very similar to the previous event, the WHEEL event supporst a new API: libinput_event_pointer_get_scroll_value_v120(). That function returns the value of a scroll movement in multiples or fractions of 120. For example, a high-resolution scroll event that triggers 4 events instead of just 1 per 15 degree rotation will generate 4 events with a value of 30 each.

          Many thanks to José Expósito for taking those patches and pushing them over the line so they could be merged.

          The documentation has been updated for the new APIs, please see https://wayland.freedesktop.org/libinput/doc/latest/.

          The rest of the changes is the usual mix of janitorial patches and device-specific quirks.

          As usual, the git shortlog is below.

          Clayton Craft (1): quirks: Pine64 PineBook Pro keyboard

          José Expósito (4): doc: add missing literal blocks in contributing quirks: Microsoft Surface Pro 3 Cover util: add a function to parse bool properties quirks: no button debouncing on generic emulated mouse

          Peter Hutterer (1): libinput 1.19.0

          weizhixiang (1): use ARRAY_FOR_EACH when traverse array

          git tag: 1.19.0
        • Libinput 1.19 Released With Hold Gestures & High Resolution Wheel Scrolling

          Libinput 1.19 is now available as the newest version of this Linux input handling library commonly used these days by both X.Org and Wayland desktops.

          With libinput 1.19 there are various device quirks and fixes while the headline features are hold gestures and high resolution wheel scrolling.

    • Benchmarks

      • NVIDIA RTX 30 Series Resizable BAR Support Continues Helping Performance On Linux

        While NVIDIA has been supporting Resizable BAR for a while now with their GeForce RTX 30 series graphics cards, for those exclusively using Linux it remains more of a challenge due to AIB partners generally not releasing any vBIOS updates for ReBAR support that can be easily applied under Linux. But if you do carry out an update -- such as under Windows -- the performance uplift can be worthwhile if using a game that can benefit from the support.

        A few months back we looked at the NVIDIA GeForce RTX 3080 Resizable BAR support on Linux. In this article is a current look at the Resizable BAR impact with several more RTX 30 series cards having an updated vBIOS and tested under Linux when enabling the Resizable BAR support for the system.

    • Applications

      • Bootable USB Creator Ventoy Gets A Native GUI For Linux

        Ventoy, a tool for easy bootable USB drive creation (simply copy the ISO to the USB), has been updated recently with a native GUI for Linux.

        Ventoy is available for Microsoft Windows and Linux, and it can create bootable USB drives containing Linux and Windows ISO files.

        You need to install Ventoy to a USB drive, then every time you want to create a bootable USB drive, all you have to do is copy the ISO to the USB. There's no need to format the USB drive. You can copy as many ISO files as you wish (even combined Windows and Linux ISOs), and when booting from the USB, Ventoy shows a list of available ISO files, allowing you to boot from the one you select. I don't think I'm exaggerating when I'm saying that Ventoy is probably the best bootable USB creator for both Linux and Windows.

    • Instructionals/Technical

      • How To Install OpenCV on AlmaLinux 8 - idroot

        In this tutorial, we will show you how to install OpenCV on AlmaLinux 8. For those of you who didn’t know, OpenCV (Open Source Computer Vision Library) is open-source software with bindings for C++, Python, and Java. OpenCV provides a real-time optimized Computer Vision library, tools, and hardware. It also supports model execution for Machine Learning (ML) and Artificial Intelligence (AI).

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the OpenCV on AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

      • How do I list lxc snapshots for LXD on Linux? - nixCraft

        I explained a long time ago how to take LXD instance snapshots using the lxc command. Today I will talk about how to list lxc snapshots and automatically purge those snapshots from LXD to free up disk space on Linux operating systems.

        We can create instance snapshots using the lxc snapshot command. It is also possible to make stateful snapshots where LXD attempts to checkpoint the instance’s running state, including process memory state, TCP connections, process, and more. Let us see how to list lxc snapshots for LXD and automatically expires them too.

      • Lsblk Command in Linux (List Block Devices)

        A Block device is a file referring to a device. The devices can be HDDs, SDD's, RAM Disks, etc. The block device files can be found under the directory /dev.

        In this tutorial, we learn about lsblk command in Linux to list block devices.

      • Read your comics with OpenComic on Ubuntu 20.04

        Many people like to read Japanese comics and manga and in Linux, we have an application for them. This increases, even more, the potential of our operating system. So, today in this post you will learn how to install OpenComic on Ubuntu 20.04.

        [...]

        OpenComic is an application intended for a part of the public that likes comics and manga. These applications add a lot of possibilities to our system and bring more people closer to this world of Linux. So, now that you know how to install it, it’s time to try it out.

      • How to Install and Use FFmpeg on Debian 11 - LinuxCapable

        FFmpeg is the leading free, open-source multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter, and play nearly all multimedia files that have been created on any platform. FFmpeg compiles and runs on Linux, Mac OS X, Microsoft Windows, BSD systems, and Solaris.

        In the following tutorial, you will learn how to install FFmpeg on your Debian 11 Bullseye operating system.

      • How to install DEB on RedHat/Centos & RPM on Debian/Ubuntu with Alien - Unixcop

        There are packages in repositories and GitHub that are ready to use most of the time. But sometimes packages are not available in binaries (ready to install on the go). So we have to download the source code and build it from scratch. It is not an issue if you have time but for increasing Productivity. Here is where Alien comes into place.

        Alien is really designed to convert from alien file formats to the packaging format. Of course, it can also convert from your distribution’s native format to alien formats or from one alien format to another. Be warned, that if these latter types of conversions are done. The generated packages may have incorrect dependency information. For example, this is true if you convert an rpm into a deb on a Red Hat system. Even with alien-extra installed. Dpkg will be unable to calculate library dependencies for the deb correctly. Instead, it creates, and you will get a package without any library dependencies.

        To use alien, you will need several other programs. Alien is a Perl program and requires Perl version 5.004 or more significant. If you use Slackware, make sure you get Perl 5.004, the Perl 5.003 in Slackware does not work with Alien!

        To convert packages to or from RPMs, you need the Red Hat Package Manager; get it from Red Hat’s FTP site. If your distribution (e.g., Red Hat) provides an rpm-build package. You will need it as well to generate RPMs.

      • How To Install GoAccess On Linux - Unixcop

        GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.

        It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly.

        GoAccess was designed to be a fast, terminal-based log analyzer. Its core idea is to quickly analyze and view web server statistics in real time without needing to use your browser (great if you want to do a quick analysis of your access log via SSH, or if you simply love working in the terminal).

        While the terminal output is the default output, it has the capability to generate a complete, self-contained real-time HTML report (great for analytics, monitoring and data visualization), as well as a JSON, and CSV report.

      • How to Setup Nginx as a Reverse Proxy for Apache on Debian 11

        Nginx and Apache both are free, open-source, and most popular web servers around the world. Apache is known for its power while Nginx is known for its speed. Both have some pros and cons. Nginx is useful for static content while Apache is for dynamic content. If we combine both servers then we will get a better result of each other.

        In this tutorial, I will configure Apache as a backend server and use Nginx as a reverse proxy for Apache on Debian 11.

      • How to compress a folder in Linux from the command line with tar - TechRepublic

        Jack Wallen shows you how to compress and decompress a folder from the command line.

      • Managing and monitoring swap space on Linux | Network World

        Most of us don't often think about swap space unless we run into a problem on our systems that suggests we don't have enough. Even so, viewing and gauging the adequacy of swap space on a system is not overly complicated, and knowing what's normal for your system can help you spot when something is wrong. So let's check out some commands that can help you look into your swap space. But first, let's review some fundamentals.

      • How to boot RHEL 8/7 into Emergency Mode

        This article explains how to bootup RHEL/CentOS 7 and 8 system into emergency mode through systemd emergency target unit.

        There are situations where you need to boot Red Hat 8/7 or CentOS 8/7 Linux system into emergency mode, if you are unable to complete the normal boot sequence.

      • Remove Packages Installed On Certain Date/Time In Linux - OSTechNix

        I install and test a lot of applications in my Linux VMs. Once done with the testing, I will remove the installed packages that are no longer used. Since I install many applications often, I find it bit time consuming task to manually remove packages one by one. Also I sometimes forget to uninstall the unnecessary packages. If you're anything like me, here is a simple workaround to find and remove all packages installed on a certain date and time in Linux.

      • How To Install Python 3.9 on Debian 11 - idroot

        In this tutorial, we will show you how to install Python 3.9 on Debian 11. For those of you who didn’t know, Python is a free, open-source programming language for a wide range of software projects. This programming language comes with clear syntax and good readability. Debian provides the latest stable Python 3 release. it also provides the latest stable Python 2 release, but Python 2 is unsupported by the Python Foundation since 2020-01-01 and is being removed as of Debian 11 (Bullseye).

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Python Programming Language on a Debian 11 (Bullseye).

    • Games

      • Following the footsteps on Fallout and Wasteland, ATOM RPG Trudograd is out now | GamingOnLinux

        ATOM RPG Trudograd is the standalone expansion / sequel to the original hit ATOM RPG, inspired by the likes of Fallout and Wasteland it's a top-down turn-based post-apocalyptic roleplaying game. While it is a standalone and so you don't need the first game, the developer does recommend you play it first since it is a continuation.

      • Steam Deck dev-kits are on the move Valve say, as some already have it | GamingOnLinux

        Valve has given a short update on the dev-kits for the upcoming Linux powered handheld Steam Deck, with more developers being able to get their hands on it soon.

        Writing on Steam the team said "All packaged up and ready for devs! This is one of the limited batches of Steam Deck dev-kits heading out today for partners to test their games. These engineering verification test builds allow us to connect developers with units that are functionally identical to what will ship to you.

        Since we are still in the final stages of development, the dev-kit program gives us the chance to guide game developers through the process of getting their games on Steam Deck while also continuing to gather their feedback as we prepare for the official launch at the end of the year.

      • The new work on futex2 from Collabora to improve Linux gaming and Proton has third attempt | GamingOnLinux

        It seems the ongoing saga of getting the futex2 work into the Linux Kernel, which is supposed to help Linux gaming and Steam Play Proton, has another attempt up. This is a continuation of the cut-down and more focused code that was submitted back in early August, as Collabora hope to finally get it accepted into the Kernel.

      • Single-player arena-styled FPS Cathedral 3-D arrives on Linux | GamingOnLinux

        With the latest update to the single-player arena-styled first-person shooter Cathedral 3-D has now been released officially for Linux.

        "Cathedral 3-D is a fast-paced, arcade, single-player, endless arena inspired by the early 3-D shooters of the 90s. You are the Monster, a powerful and incredibly agile beast armed with fiery breath. Your lair – a cathedral floating in the sky – hides a chest containing your heart. The humans want you dead, and they are coming in endless hordes to destroy you and your chest."

      • GameMaker Studio 2 update released to bring forth the Ubuntu Linux editor Beta | GamingOnLinux

        Back in early August we wrote about how YoYo Games were introducing the GameMaker Studio 2 editor for Linux, well as of the latest official update the Beta is actually out.

        Okay, so it was "out" before but tucked away in a forum post. As of version 2.3.4.580, it's officially noted in the changelog. Interestingly though, YoYo Games have always gone pretty hard on the "we only support Ubuntu" for their exported games and it seemed that would stick for the editor. In the release notes though, it states "that this is the only Linux distro we offer official support for in this Beta" which alludes to it possibly opening up to more. Either way, it's a big step for game development on Linux to see it more official now.

      • 1047 Games raise $100 million to continue Splitgate development | GamingOnLinux

        For the second time 1047 Games have announced a big load of cash coming their way for Splitgate, the very popular free to play first-person shooter with portals.

        Back in July they announced they had raised $10 million and now they've announced today that $100 million has now been raised.

      • The Labor of Love That Is Recovering Lost Software

        At the beginning of the home computer revolution, the humble compact cassette was far and away the most popular choice for microcomputer data storage, especially on the European continent. As a volunteer at the Museum of Computing, [Keith] was instrumental in recovering and archiving the early works of Roger Dymond, a pioneering developer of early computer software in the United Kingdom.

        In his video, [Keith] goes to great lengths detailing the impact that Roger Dymond had on the early home computing scene. After being let go from his council apprenticeship, Roger turned his attention to developing games for the ZX81, and later the ZX Spectrum. With the help of his family, he went on to run a moderately successful mail-order games publishing venture for several years. Increasing advertising costs and a crowded development scene saw Roger’s business become nonviable by 1983, but not before developing several gambling-style games and a standout Space Invaders clone.

        [...]

        ‘Games Compendium’ for the ZX81 had been completely lost to time, with the only evidence that it had ever existed coming from a 1983 advert in ‘Sinclair User’ magazine. Being written for the earlier model ZX81, the compendium would undoubtedly be of interest to software archivists and game historians.

      • RetroArch gets a Steam release bringing emulation to even more gamers | GamingOnLinux

        While it might not be the first emulator on Steam it's probably one of the biggest projects as RetroArch is not a single emulator. Instead, it provides a tidy user interface to get lots of different emulators.

        After being available in a Steam Playtest for some time, today marks the official Steam release. Right now the amount of cores (what RetroArch refers to as emulators, done via their plugin system) available are limited but it's going to expand over time with each available as a Steam DLC.

      • The universe expands with Stellaris 3.1 'Lem' out now, Stellaris free to try until Sept 20 | GamingOnLinux

        Now is the absolute best time to love space and strategy games! Paradox Interactive has today released the 3.1 Lem update for Stellaris and you can play free until September 20.

        The update is named after famous sci-fi writer StanisÅ‚aw Lem, with this update being the first from the new Custodians Team within Paradox Development Studio, who have a singular focus on the free updates. For the Lem update Paradox said in an email they partnered up with the "Polish Science Fiction Foundation to celebrate the 100th birthday of StanisÅ‚aw Lem, including in-game content directly inspired by the author’s catalog".

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • TUXEDO Computers Becomes the Newest KDE Patron

          TUXEDO Computers, a company known for selling Linux-powered computers and notebooks, now joins us as a KDE Patron!

          "Our customized Linux notebooks (for work or play) are equipped with KDE Plasma, which leads to a positive response from our customers", said Herbert Feiler, CEO TUXEDO Computers. "Furthermore, we additionally do our own development work, which could benefit KDE as upstream as well. We are happy to share our knowledge and would like to secure as well as expand KDE's development work in the long run. Feedback that we receive from customers can also flow directly into KDE's development work."

          "For KDE, reaching and serving end-users is part of our reason to exist and TUXEDO can be a great ally in this endeavour." said Aleix Pol, President of KDE e.V. "Together, we will get to expand our frontiers and create systems and tools to further serve our users. It's especially encouraging to see TUXEDO's commitment to join our development communities and collaborate towards making KDE products better for everyone."

    • Distributions

      • New Releases

      • IBM/Red Hat/Fedora

        • Improve cross-team collaboration with Camel K

          No matter how much you know about Apache Camel, Camel K is designed to help and simplify how you connect systems in Kubernetes and Red Hat OpenShift, and it comes with cloud-native Kafka integration. This article helps you discover the power and simplicity of Camel K and opportunities for using it in ways you might not have previously considered.

        • The Open RAN ecosystem: How Red Hat and partners support NTT DOCOMO to deliver the Open RAN vision

          NTT DOCOMO has published a comprehensive, "5G Open RAN Ecosystem Whitepaper" describing the Open Radio Access Network (RAN) Ecosystem - OREC project in detail. Honore LaBourdette, Vice President, Telecom Media & Entertainment Industry at Red Hat and Sadayuki Abeta, Vice President & General Manager of the Radio Access Network Development Department at NTT DOCOMO, had a joint interview with Telecom TV that explains how the OREC project can accelerate Open RAN and can help 5G intelligent RAN deployment.

          NTT DOCOMO, with the help of other ecosystem members including Red Hat, helps package the best-of-breed 5G RAN system for deploying, operating, and managing OREC environment based on requests from operators considering 5G RAN to serve diverse companies and other operators needed.

        • Advanced automation and management of Network Bound Disk Encryption with RHEL System Roles

          In the previous post, Using RHEL System Roles to automate and manage Network Bound Disk Encryption, I covered utilizing the NBDE System Roles with a simple scenario where a single Tang server was used. In this post, we’ll look at a more complex scenario where we use the NBDE System Roles to implement multiple Tang servers to provide high availability and increased security, and we’ll also cover how to utilize the System Roles to both rotate Tang keys, and back up Tang keys.

        • Introducing Red Hat Weekly News

          We also do our best to communicate what we're doing and what's important. That includes showing you how to use our products and services, informing you about important updates and sharing industry analyses to help you understand the technologies that can solve business problems today.

          To that end, we've been working on Red Hat Weekly News. We'll highlight announcements, howtos, videos, resources, podcasts and other information that can help you stay current on all things Red Hat.

        • [Older] Everybody Struggles

          Everybody struggles in life every now and then. Struggling is a part of life. It doesn’t matter what other people think or say, it all depends on people’s perspectives. That determines your personal struggle. We’re all pretty lazy when it comes down to it. If you’re struggling, it’s because you need to do more than you’re doing currently. But doing more of the wrong type of activity will only suffer you more.

          This is the third week of my Outreachy internship, when I first contributed to my project I was very nervous and didn’t even have the confidence to make it and that fact of being a beginner was making me more nervous, and after making 5-6 contributions to Improve fedora QA dashboard, I tested then covid positive, I completely shattered and lost any hope of clearing Outreachy, but fortunately, those 5-6 contributions of mine made a significant difference and gave a good impression of my development skills set and finally my struggled paid off. The contribution round proved to be fruitful for me. I gained lots of confidence and learned how to google a bit

          Then during the internship, I had my first video call meeting with my mentors. It was a pleasurable experience to meet them, other than by email or chat. I completed my task successfully with proper guidance from my mentors, but it was quite excruciating when I moved to my second task. I had to make the whole page from scratch, initially, literally, I was afraid if I could do this or not, many doubts were roaming around my head.

        • Change management: 3 outdated ideas that could hold you back

          The pandemic taught us (and the organizations we lead) that we are agile – adaptable to change, innovative, and able to make things happen quickly. The demand for legacy systems to be replaced by digital ones reached the enterprise at a breakneck pace as COVID-19 uprooted the way we live and work.

          Beyond digital transformation, the last 18 months have likely uncovered other vulnerabilities in your business model. Perhaps you need to change the way you hire to keep up in the race for qualified talent. Or maybe your company needs a culture overhaul as you transition to a hybrid work model.

          Whatever your situation, the pace of change is not slowing, so it’s important to consider how you will lead your organization through it. Here are three outdated misconceptions about change management and how to address them:

        • Hybrid work: 8 challenges and benefits leaders will face | The Enterprisers Project

          For many organizations, hybrid work is the new reality. During the pandemic, many IT leaders learned under fire how to manage their teams remotely. Yet wrangling a workforce that’s now operating in two different environments - remote and office - comes with its own nuances.

          There are clear benefits of the hybrid solution, such as extending (perhaps, for good) the reach of an organization’s potential talent pool. But there are also quickly emerging challenges, particularly since this is new territory for many IT managers and employees. Now is a good time to consider the pros and cons as technology leaders determine the best long term direction and strategies for their IT teams.

        • Can I automate myself out of a job? | Enable Sysadmin

          Engineers, sysadmins, and DevOps roles' job responsibilities include answering dozens of emails, upgrading hundreds of servers, and patching all the systems in your data center or favorite cloud.

          All of these tasks take a considerable amount of time to complete—and they are sometimes boring but always important. A slight mistake can open up a potential threat to the security of the entire system. For example, failing to apply a security patch can make a system vulnerable. And let's be honest, people make mistakes. But what if you could automate these mundane tasks, save some time, and simplify your team's tasks?

        • IBM paid Pa. $33M to settle lawsuit over jobless benefits computer project - pennlive.com
        • Red Hat to back Linux Foundation-supported open source project tackling climate change | WRAL TechWire [Ed: Linux Foundation is fronting for some of the most polluting companies on the entire planet, but it has the audacity do greenwashing for them (associating "Linux" with lies)]

          Red Hat, the world’s leading provider of open source solutions, has joined OS-Climate (OS-C), a Linux Foundation-backed open source project that intends to build the breakthrough technology and data platforms needed to more fully integrate the impacts of climate change in global financial decision-making and risk management. As part of its membership, Red Hat will provide technical acumen and resources to help OS-C build a “Data Commons” that serves as an open data ingestion, processing and management platform for members to collaborate on standardizing and improving the accuracy of corporate climate and environmental, social and governance (ESG) metrics. The resulting curated library of public and private sources can then be used to help bankers, asset owners, asset managers and regulators assess climate risk and opportunity as elements of financial decision-making.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 5 Best Free and Open Source Tox Clients

        Tox is a peer-to-peer instant-messaging and video-calling protocol that offers end-to-end encryption. The stated goal of the project is to provide secure yet easily accessible communication.

        The Tox core is a library establishing the protocol and API. User front-ends, or clients, are built on the top of the core. Anyone can create a client utilizing the core. Tox uses the cryptographic primitives present in the NaCl crypto library, via libsodium. Specifically, Tox employs Curve25519 for its key exchanges, xsalsa20 for symmetric encryption, and Poly1305 for MACs.

        Tox is licensed under the GNU General Public Licence 3.0.

      • Web Browsers

        • Chromium

          • Chrome update 93.0.4577.82 fixing 0-day vulnerabilities

            Google has formed a Chrome 93.0.4577.82 update, which fixes 11 vulnerabilities, including two issues already used by hackers exploits (0-day). The details have not yet been disclosed, it is only known that the first vulnerability (CVE-2021-30632) is caused by an error leading to an out-of-buffer write in the V8 JavaScript engine, and the second problem (CVE-2021-30633) is present in the Indexed DB API implementation and is connected with access to the memory area after its release (use-after-free).

          • Google Releases Security Updates for Chrome

            Google has released Chrome version 93.0.4577.82 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

        • Mozilla

          • The Talospace Project: Firefox 92 on POWER

            Firefox 92 is out. Alongside some solid DOM and CSS improvements, the most interesting bug fix I noticed was a patch for open alerts slowing down other tabs in the same process. In the absence of a JIT we rely heavily on Firefox's multiprocessor capabilities to make the most of our multicore beasts, and this apparently benefits (among others, but in particular) the Google sites we unfortunately have to use in these less-free times. I should note for the record that on this dual-8 Talos II (64 hardware threads) I have dom.ipc.processCount modestly increased to 12 from the default of 8 to take a little more advantage of the system when idle, which also takes down fewer tabs in the rare cases when a content process bombs out. The delay in posting this was waiting for the firefox-appmenu patches, but I decided to just build it now and add those in later. The .mozconfigs and LTO-PGO patches are unchanged from Firefox 90/91.

          • Mozilla bypasses Microsoft, makes it easier to set Firefox as default browser in Windows

            Changing the default apps such as browsers in Microsoft Windows 10 is not a straightforward process. While this means that users have to jump through extra hoops to set up, let's say, Mozilla Firefox as their default browser, it also means that vendors such as Mozilla face more competition from Microsoft's own offering, which is Edge. The bad news is that in Windows 11, this is becoming even more cumbersome for end-users and vendors as the OS requires users to change the default browser for each type of extension individually.

          • Firefox 94 will change the output for X11 to use EGL by default

            A nightly builds build that will on the Firefox 94 release to added to the change has been include a new rendering backend by default for graphical environments that use the X11 protocol. The new backend is notable for the use of the interface for displaying graphics EGL instead of GLX. The backend supports the open source Mesa 21.x OpenGL drivers and the proprietary NVIDIA 470.x drivers. AMD proprietary OpenGL drivers are not yet supported.

            "A nightly builds build that will on the #Firefox 94 release to added to the change has been include a new rendering backend by default for graphical environments that use the X11 protocol." https://www.itsfoss.net/firefox-94-will-change-the-output-for-x11-to-use-egl-by-default/

      • Programming/Development

        • A Rant on Personal Software Projects

          In contrast, a product personal project focuses on what it does and the experience as an end-user interacts with it. Maybe it has a great README, a slick user experience, or does something better than anything else out there. The point is that it is focused on the end-user that uses it rather than the person who makes it. It doesn’t particularly matter what it looks like on the inside. It could be based on COBOL and be a tangle of spaghetti internally. Clean code helps with maintenance and project longevity, but it does absolutely nothing for the product experience.

        • Paul E. Mc Kenney: Stupid RCU Tricks: Making Race Conditions More Probable

          Given that it is much more comfortable chasing down race conditions reported by rcutorture than those reported from the field, it would be good to make race conditions more probable during rcutorture runs than in production. A number of tricks are used to make this happen, including making rare events (such as CPU-hotplug operations) happen more frequently, testing the in-kernel RCU API directly from within the kernel, and so on.

          Another approach is to change timing. Back at Sequent in the 1990s, one way that this was accomplished was by plugging different-speed CPUs into the same system and then testing on that system. It was observed that for certain types of race conditions, the probability of the race occurring increased by the ratio of the CPU speeds. One such race condition is when a timed event on the slow CPU races with a workload-driven event on the fast CPU. If the fast CPU is (say) two times faster than the slow CPU, then the timed event will provide two times greater “collision cross section” than if the same workload was running on CPUs running at the same speed.

          Given that modern CPUs can easily adjust their core clock rates at runtime, it is tempting to try this same trick on present-day systems. Unfortunately, everything and its dog is adjusting CPU clock rates for various purposes, plus a number of modern CPUs are quite happy to let you set their core clock rates to a value sufficient to result in physical damage. Throwing rcutorture into this fray might be entertaining, but it is unlikely to be all that productive.

          Another approach is available on multi-socket systems, namely, making use of memory latency. The idea is for the rcutorture scripting to place one pair of a given scenario's vCPUs in the hyperthreads of a single core within one socket and to place another pair of that same scenario's vCPUs in the hyperthreads of a single core of the other socket. The theory is that the different communications latencies and bandwidths within a core on the one hand and between sockets on the other should have roughly the same effect as does varying CPU core clock rates.

        • Java

          • Oracle Java 17 delivers thousands of performance and security updates

            Oracle released Java 17, the latest version of the world’s number one programming language and development platform. Java 17 delivers thousands of performance, stability, and security updates, as well as 14 JEPs (JDK Enhancement Proposals) that further improve the Java language and platform to help developers be more productive.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • CERT NZ Releases Ransomware Protection Guide for Businesses [Ed: Deleting Microsoft Windows (click or open to execute) would be a good start]

            The New Zealand Computer Emergency Response Team (CERT NZ) has released a guide on ransomware protection for businesses. The guide includes a pair of helpful diagrams that outline different ransomware attack pathways and illustrate where relevant security controls can work to protect or stop an attack.

          • What I learned from Russian students: logging is important | Random thoughts of Peter 'CzP' Czanik

            I checked the logfiles of the servers I managed occasionally, but mostly only to check if the hard drives were showing any signs of failure. While browsing the logs for hard drive errors, I came across some suspicious login messages. Logins from previously not seen unknown IP addresses. I knew that the addresses were from campus, so I asked around. It turned out, that they belonged to the Russian students laboratory. And talking to the user it turned out, that he was unaware that his account was used also by someone else.

            The exact order of events is a kind of blurry, it was a quarter of a century ago. I started to check log messages not just for hard drive problems but also for security related events. I could see more and more logins from the Russian students laboratory. It was a kind of cat and mouse game, I was trying to keep unauthorized users out of the system.

          • Security updates for Tuesday

            Security updates have been issued by openSUSE (libaom and nextcloud), Oracle (cyrus-imapd, firefox, and thunderbird), Red Hat (kernel and kpatch-patch), Scientific Linux (firefox and thunderbird), and Ubuntu (apport).

          • Ubuntu Livepatch on-prem reduces downtime and unplanned work on enterprise environments!

            Canonical announces Ubuntu Livepatch on-prem, an enhancement to its Ubuntu Livepatch service enabling organisations to take control of their kernel livepatching policy. Designed for complex enterprise environments that follow their own patch rollout policy, Ubuntu Livepatch on-prem provides the basis for an efficient but fine-tuned continuous vulnerability management on private, hybrid, or public clouds. It provides a functional and productive experience to system administrators, or IT operations teams. The announcement represents the next phase in the Ubuntu Livepatch service targeting enterprise environments as organisations around the world adopt cybersecurity frameworks and requirements to tackle a constantly changing threat landscape.

          • Hackers develop Linux port of Cobalt Strike for new attacks | IT PRO

            The tool has been developed from scratch to avoid detection from malware scanners.

            According to a report published by cloud security firm Intezer Labs, researchers last month discovered a fully undetected ELF implementation of Cobalt Strike’s beacon. The malware used Cobalt Strike’s Command and Control (C2) protocol when communicating to its C2 server and has remote access capabilities such as uploading files, running shell commands, and writing to files.

            Cobalt Strike is a legitimate penetration testing tool used by security teams to discover vulnerabilities within their organization.

            Researchers warned that the malware is completely undetected in VirusTotal and was uploaded from Malaysia. Intezer researchers Avigayil Mechtinger, Ryan Robinson and Joakim Kennedy said that this Linux threat has been active in the wild since August, predominantly targeting telecom companies, government agencies, IT companies, financial institutions, and advisory companies around the world.

    • Finance

      • Popeyes Chicken decides to bill cram for dipping sauces. Doordash issues.

        Because I spent all day waiting on my case to be called in traffic court, I had no time to make dinner, and decided to “outsource” to Popeyes Chicken on Lewis Ave, in Waukegan, Illinois, through Doordash.

        This is the second time I’ve given Doordash a go and I was kind of disappointed with it, again. They make an estimate that your food can be to your door in 30 or 40 minutes and what usually happens is it takes more than an hour and it’s starting to get cold.

        On top of that, Popeyes claims there’s no delivery fee until later this month, as part of a promo, but then adds 10% onto the price of the food if you choose Doordash. (Wendy’s was doing this too a couple of weeks ago.)

        When I looked at my bill, I also noticed that the four dipping sauces that came with the meal, according to Popeyes, were billed at 58 cents per dipping sauce, adding $2.32 plus tax (8%) to my total.

        A minor complaint, maybe, but I was still pretty upset since most restaurants that have chicken tenders/nuggets don’t bill you separately per-sauce, especially after claiming that it was part of the meal.

        For the final total of $40, I don’t think I’ll be going to Popeyes again anytime soon.

        Before the pandemic, the chicken was at least piping hot. It was juicy. It was plump. It might just be my imagination that fast food is going downhill, but I can’t imagine that it’s hit everything except McDonalds and that this is my imagination.

    • Censorship/Free Speech

      • Russia votes: Big Tech must keep the internet open and secure during elections

        As Russia prepares for the September 17 — 19 legislative elections, and authorities tighten their grip on freedom of expression online, Access Now and the #KeepItOn coalition are demanding social media giants stand up for human rights, and resist government orders to shutdown and censor internet platforms, applications, and services.

        “We are calling on private companies to do what government officials in Russia will not — take a stand for human rights,” said Peter Micek, General Counsel at Access Now. “Facebook, Twitter, this is a message for you: put your human rights policies into action, and say no to an authoritarian regime’s attempts to silence millions of people this election. People in Russia are depending on you.”

      • Shutdown in Zambia on election day: How it affected people’s lives and wellbeing - Access Now

        Just like many governments in Africa, authorities in Zambia intentionally blocked access to social media platforms — including WhatsApp, Twitter, Instagram, and Facebook — during the country’s presidential election on August 12. The shutdown severely undermined people’s ability to communicate and receive information through the course of the election, while also impacting their lives, work, education, and relationships.

        Zambia’s election had already been tainted by political violence, with the government deploying the military to control the population and an onslaught of assassinations and arrests in the weeks leading up to the elections.

        According to data from the Open Observatory of Network Interference (OONI), the blocking of WhatsApp was confirmed through technical measurements on August 12. A Facebook spokesperson also reported that the shutdown had affected not only Facebook’s apps, but also others like Twitter. Zambians reported that they were using VPNs to gain access to the social media apps that were inaccessible. OONI’s data suggests that there was coordination among different ISPs in the implementation of social media blocks, and that they used the same censorship techniques.

    • Monopolies

      • Patents

        • Software Patents

          • Square joins the Open Invention Network | ZDNet

            The OIN, the world's largest patent non-aggression consortium, protects Linux and related open-source software and the companies behind them from patent attacks and patent trolls. The OIN recently broadened its scope from core Linux programs and adjacent open-source code by expanding its Linux System Definition to other patents such as the Android Open Source Project (AOSP) and the Extended File Allocation Table (exFAT) file system.

            That may not sound to you like a natural fit for a retail financial services and digital payments company which is best known for its ubiquitous Square Reader for smartcards, but actually, it is. Behind it is a foundation of open-source software.

            As Bob Lee, Square's former CTO, once said, "Open source is part of our DNA. As a member of the open-source community -- and a company that's benefited from many open source libraries -- we have a responsibility to pay it forward. We always have the mindset to open-source our code when we build."



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day