10.01.21
Posted in News Roundup at 4:48 pm by Dr. Roy Schestowitz
Contents
-
-
Desktop/Laptop
-
System76 is introducing its first high-end Linux-based customizable laptop dubbed the Oryx Pro. This model packs powerful components in a relatively slim case (238-265 mm profile) and offers the signature open source firmware with GPLv3 license code that grants users total control over the iGPU, GPU, keyboard, cooling system and battery.
The Oryx Pro is powered by the Intel Core i7-11800H 8-core / 16-thread processor with integrated 32 EU UHD Xe graphics, which can be coupled with up to 64 GB of DDR4-3200 RAM plus up to 4 TB of NVMe PCIe 4.0 SSD storage via two M.2 slots. Users can opt for a15.6-inch or 17.3-inch display with FHD resolution, 144 Hz refresh rate and matte coating. There is also a choice between the Nvidia RTX 3070 and 3080 dGPUs. System76 mentions that these are the Max-Q versions, but does not specify the exact wattage, unfortunately. Nevertheless, there is a MUX switch, so the dGPU can be exploited to its full capacity. As far as the operating system is concerned, users can choose among the proprietary Pop!_OS 21.04 or 20.04 versions and the Ubuntu 20.04 LTS. Accessories include an external DVD-RW drive, mechanical switches for the keyboard (shipping in November), plus carrying bags for each size.
-
PipeWire from the start was designed around handling the needs of both audio and video streams on Linux. While PipeWire is already in use for screencasting/recording under Wayland and working with Flatpak’ed applications, recently much of PipeWire’s focus has been on addressing the use-cases of JACK and PulseAudio on the sound side. Now that the audio support is in quite good shape, Red Hat engineers are back to focusing on improvements to the video support.
As part of bolstering the Linux multimedia stack, Red Hat is going to be working on a fresh round of video feature work to PipeWire led by its founder Wim Taymans. In particular, the area they will be focusing on is improving the video capture support on Linux.
-
PipeWire has already made great strides forward in terms of improving the audio handling situation on Linux, but one of the original goals was to also bring along the video side of the house. In fact in the first few releases of Fedora Workstation where we shipped PipeWire we solely enabled it as a tool to handle screen sharing for Wayland and Flatpaks. So with PipeWire having stabilized a lot for audio now we feel the time has come to go back to the video side of PipeWire and work to improve the state-of-art for video capture handling under Linux. Wim Taymans did a presentation to our team inside Red Hat on the 30th of September talking about the current state of the world and where we need to go to move forward. I thought the information and ideas in his presentation deserved wider distribution so this blog post is building on that presentation to share it more widely and also hopefully rally the community to support us in this endeavour.
-
Audiocasts/Shows
-
In this video, I’m going to take a look at the recently released Q4OS 4.6, codenamed “Gemini.” Q4OS is a fast and friendly, desktop oriented operating system based on Debian 11 Testing. Q4OS now uses the Plasma desktop as its default.
-
It’s time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we’re doing. We’d love to hear from you.
-
Hackaday editors Elliot Williams and Mike Szczys peruse the great hardware hacks of the past week. There’s a robot walker platform that wirelessly offloads motor control planning to a computer. We take a look at automating your fishing boat with a trolling motor upgrade, building the Hoover dam in your back yard, and playing Holst’s Planets on an army of Arduini. Make sure you stick around until the end as we stroll through distant memories of Gopher, and peek inside the parking garages of the sea.
-
Kernel Space
-
At first glance, Rust’s concurrency philosophy resembles that of Sequent’s DYNIX and DYNIX/ptx in the 1980s and early 1990s: “Lock data, not code” (see Jack Inman’s classic USENIX’85 paper “Implementing Loosely Coupled Functions on Tightly Coupled Engines”, sadly invisible to search engines). Of course, Sequent lacked Rust’s automatic checking, and Sequent’s software engineers made much less disciplined use of ownership than Rust fans recommend. Nevertheless, this resemblance has resulted in some comparisons of Rust with the DEC Alpha, which had a similar concurrency model.
Interestingly enough, DYNIX and early versions of DYNIX/ptx used compile-time-allocated arrays for almost all of its data structures. You want your kernel to support up to N tasks? Very well, build your kernel to have its array of N task structures. This worked surprisingly well, perhaps because the important concurrent applications of that time had very predictable resource requirements, including numbers of tasks. Nevertheless, as you might expect, this did become quite the configuration nightmare. So why were arrays used in the first place?
To the best of my knowledge, the earliest published complete articulation of the reason appeared in Gamsa et al.’s landmark paper “Tornado: Maximizing Locality and Concurrency in a Shared Memory Multiprocessor Operating System”. The key point is that you cannot protect a dynamically allocated object with a lock located within that object. The DYNIX arrays avoided deallocation (or, alternatively, provided a straightforward implementation of type-safe memory), thus allowing these objects to be protected with internal locks. Avoiding the need for global locks or reference counters was an important key to the performance and scalability prized by Sequent’s customers.
-
LKMM is not the most complex memory model out there, but neither is it the simplest. In addition, it is in some ways more strict than the C/C++ memory models, which means that strict adherence to coding guidelines is required in order to prevent compiler optimizations from breaking Linux-kernel code. Many of these optimizations are not localized, but are instead scattered hither and yon throughout the compilers, including throughout the compiler backends. The optimizations in the backends are a special challenge to Rust, which seems to take the approach of layering safety on top of (or perhaps within) the compiler frontend. Later posts in this series will look at several pragmatic options available to Rust Linux-kernel code.
There is one piece of good news: Compilers are forbidden from introducing data races into code, at least not into code that is free of undefined behavior.
With all of that out of the way, let’s look at Rust’s options for dealing with Linux-kernel atomics and barriers and locks.
-
Applications
-
Users who have recently migrated from Windows to Linux often wonder if they can run Windows apps and programs on their new system. The answer to this affects a user’s perspective of Linux in general, since operating systems should be easy to use and at the same time, welcoming to the idea of running different file formats.
A straightforward answer to the question is—Yes. You can run EXE files and other Windows programs on Linux, and it’s not as complicated as it sounds.
By the end, you’ll have a brief understanding of executable files, along with different ways to run said programs on Linux.
-
-
Instructionals/Technical
-
In this tutorial, we will show you how to install Apache Maven on Debian 11. For those of you who didn’t know, Apache Maven is a software project management and comprehension tool. Based on the concept of a project object model, Maven can manage a project’s build, reporting, and documentation from a central piece of information.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Apache Maven on a Debian 11 (Bullseye).
-
Pip is a popular package management tool for Python. It allows the Python developers to install and manage additional Python libraries in their applications. This is a similar application to nvm for Node.js and composer for PHP. Pip stands for Preferred Installer Program.
Rather than a package management utility, Pip can create a completely isolated environment for the Python application. In this tutorial, you will learn about the installation of Pip on the Debian 11 Linux system.
-
The Samba file-sharing server of the SMB, in short, is an open-source file-sharing server specially designed for Linux systems. It allows sharing files among client PCs from a hosted server. It’s not a conventional FTP server type server, and it does not require hosted files for the client users. You can use the Samba file-sharing server on Linux to access the Windows files over a network. Samba can be used for both personal and business usage. In Samba, users get both read and write permission for file accessing. They can change, revise, edit files over the server, and the changes go live immediately. In a word, using the Samba for sharing files with clients with access permission is hassle-free and strong in Linux.
-
This tutorial explains how to quickly voice and video call with friends and family using XMPP and Matrix telecommunication services. This tutorial’s aimed for people who want easy calls without technical knowledge especially school teachers and computing beginners. Thus, we will use Movim and Schildi via web browser so we can call everywhere both on desktop and mobile. Let’s do it.
-
For those doing copy & paste actions frequently in Ubuntu Linux, GPaste remembers the clipboard history and allows to find them easily via few click.
The clipboard is the place to store the text, image, file path and all the stuff that you last copied (or cut). The content in clipboard will be overwritten once you do another copy & paste action. So, when you trying to find out what you’ve copied earlier, a clipboard manager will be helpful.
-
Deployment is one of the most crucial and conclusive stages of software development. A proper deployment strategy is vital in delivering the best experience to your users while utilizing your services efficiently. However, this process also brings its own set of challenges with it.
Node.js, the open-source JavaScript runtime, is a popular choice for building the backend infrastructure of your application by allowing you to run JavaScript outside web browsers. But what if your Node.js application crashes in production? Find out how you can avoid such scenarios in this article.
-
Nginx is an open-source and high-performance web server that can be used to speed up content and application delivery. Nginx enhances security, improves scalability, and also can be used as a high availability load balancer. It can be used as a reverse proxy and one of the most important uses of Nginx is content caching. One of the best approaches is to use Nginx as content caching. In this article, we will discuss Nginx FastCGI content caching for better performance of websites.
-
If hiding the top bar and side panel isn’t enough, and you want everything removed from your Ubuntu desktop, then you’d probably also like to get rid of those pesky icons on its surface. Read on to learn how you can hide desktop icons in Ubuntu.
-
Wine or Emulation
-
PC gaming, for me, is sort of a hit or miss thing.
Even though Wine (If you’re feeling cheeky, the “Linux Subsystem for Windows”) and, for that matter, Steam with Proton, a Wine fork optimized for gaming, have advanced a lot.
I use laptops, and the only way to get a GPU upgrade with a laptop is to buy a new laptop.
(Well, external GPUs are becoming more of a thing, but I’m not really sure where the GNU/Linux support stands on that, and if it would mean a proprietary driver, no thanks anyway.)
Anyway, even up to a couple of years ago, controllers under Wine were dicey and even getting an XBOX 360 controller to be recognized involved terrible hacks involving a userspace driver, blacklisting a kernel module (xpad), and then installing an XBOX 360 controller emulator program for Windows in Wine so you could map the output of the actual hardware to an emulated version of the controller, which would send it along to video games.
What a pain in the ass! I mean, not as much of one as installing a GNU/Linux distribution in the 90s with winmodems and having to tell X your modelines, under pains and penalties of potentially frying your computer monitor. (How uncivilized!). Modern GNU/Linux should be no more difficult than a small tweak here, a tweak there, and you’re done. At it’s very worst, no problem is likely to come up that would be worse than something that could come up under Windows.
-
Games
-
While we’re busy working on both the upcoming Godot 4.0 and 3.4 releases (with a dev snapshot for 3.4 beta 5 available now), we still cherry-pick important bug fixes to the 3.3 branch regularly for maintenance releases (see our release policy).
Godot 3.3.3 was released a month ago, and a handful of important fixes have been queued in the 3.3 branch since then. Most notably, users of the GDScript LSP in Visual Studio Code have been experiencing crashes in 3.3.3, which are fixed in this new Godot 3.3.4.
Note: Version numbers can be confusing with three branches worked on in parallel – this release is 3.3.4, i.e. a maintenance update to the 3.3 branch. This is not the upcoming 3.4 feature release.
Godot 3.3.4, like all future 3.3.x releases, focuses purely on bug fixes, and aims to preserve compatibility. It is a recommended upgrade for all Godot 3.3 users.
-
It’s that time again! From now until October 7 you get to try out various new demos on Steam, watch developer livestreams and much more.
This is another wonderful chance to test out various games before they see a full release. For the games included in the event, they are supposed to be releasing somewhere between October 7, 2021 and May 1, 2022 so even if you find something you like it might be a while before you get to see the full complete thing.
-
-
Arch Family
-
That’s right Arch Linux fans, Arch Linux 2021.10.01 is up for grabs as I am writing this and it comes with Linux kernel 5.14 by default. The ISO image includes Linux 5.14.8 as default kernel since the recently released Linux 5.14.9 kernel is still in the Testing repos.
Linux kernel 5.14 is the latest kernel branch available for GNU/Linux distributions, bringing new features like a much-enhanced AMDGPU graphics driver for AMD GPU users, much-improved EXT4 and F2FS filesystems, the core scheduling functionality to better protect your computers against some of those Spectre vulnerabilities, as well as some goodies for ARM 64-bit (AArch64) and RISC-V users.
-
Debian Family
-
Barely a month and a half have passed since its previous launch and is here Deepin 20.2.4 , a smaller version than the Chinese distribution takes advantage of to introduce a new feature, as well as a maintenance update to use.
If you are already using Deepin 20 and keep your system updated, you don’t have to do anything else, because you are up to date, but if you want to install the distribution from scratch, Deepin 20.2.4 is the recommended one at the moment. Although the truth is that we would have to go back a little earlier, to the launch of Deepin 20.2 , the latest regular version until what seems like a conscious change in development and releases.
In summary, Deepin 20.2 was followed by Deepin 20.2.1 only with corrections, and since then the versions that have followed have been dedicated to applying patches, but also new features of relative importance, but one by one. Thus, Deepin 20.2.2 introduced a new application store with support for Android applications; Deepin 20.2.3 did the same with integrating OCR support to extract text from images …
… And Deepin 20.2.4 launches what its developers have called an ” effective global search “, a new search function with which “quickly find the information you want”, they have in the official announcement . And what does this effective global search consist of? In what you imagine.
-
Canonical/Ubuntu Family
-
Back in July, we shared with you that Linux Mint 20.3 would be released around Christmas. Unfortunately, that was pretty much all we knew about the upcoming version of the Ubuntu-based operating system. Thankfully, today, the developers give us some more details.
Not only do we now know the name of Linux Mint 20.3, but the moniker of the upcoming Linux Mint Debian Edition (LMDE) 5 too. Following Mint’s tradition of only using female names, the former will be named “Una,” while the latter shall be called “Elsie.”
-
Clem Lefebvre, head of the Linux Mint project, has announced that the next version of Linux Mint, version 20.3, will be available by Christmas in three flavours – Cinnamon, MATE and Xfce. The new update is codenamed Una which is just one letter away from the codename of the current version, Uma. Accompanying today’s news, the project updated its website so that it looks modern and is easier to use.
In its announcement, the Mint team said the upcoming version will have improved themes, for example, the titlebars of applications will be made larger allowing for larger buttons and making them easier to grab and move around. Further, they have been given rounder corners so they look more pleasant.
-
The new website is now fully ready and live on https://www.linuxmint.com. It looks minty, it works on all devices and it looks modern. It also does a better job than before at welcoming newcomers, explaining what Linux Mint is, why people love it and how to install it.
It took longer than expected but the job is done and we’re glad we took the time to finally do it. I’d like to thank all the people who sent us feedback and who helped us with it.
The website no longer shows ads and this blog announcement is no longer showing the community sponsors. These were tough decisions to take because they immediately reduce our income but they also make Linux Mint look more serious and professional. We’re hopeful they’ll help us grow in the long term and we’ll generate enough to not worry about it.
We received a lot of positive feedback since the website went live so we know you really like it! I know we can’t please everybody and taste is subjective but for most people this is a very welcome change. Personally I remember how amazing the previous website looked when it was made in 2009, but what looked amazing then just simply looks outdated now. Although I grew attached to it since it represented part of our identity during these many years, getting the opportunity to redesign it during this development cycle was a relief and I’m very happy with the result. We are a modern operating system. We use Linux because it’s better, not because it’s free or because it’s old or because it didn’t embrace controversial design changes. We use it because it’s fast, because it works, because it does what we want. It was important for our website to not only convey these ideas but to look modern as well.
-
The little quadruped was designed by MangDans in collaboration with Stanford Pupper.
-
-
The company says it’s still finalizing the Debian 10 GNU/Linux software that will be pre-installed on the Pocket P.C., but that the work is “ongoing and progressing rapidly.”
But part of the point of this handheld is to be an open platform, so you may also be able to install other operating systems – Popcorn Computer’s parent company Source Parts recently announced it’s working to port postmarketOS to work on the device as well. The team also released the hardware design files for the Pocket P.C last year, which means that anyone who’d prefer to build their own device (or customize the design) can do that rather than buying one.
-
Mobile Systems/Mobile Applications
-
-
Web Browsers
-
Mozilla
-
This time, we have Red Hat hiring for HDR support on Linux, Firefox making more controversial decisions, and support for Linux from the major anti cheat providers, among a LOT of other linux gaming news.
-
Last year the European Commission published the Digital Services Act (DSA) proposal, a draft law that seeks to set a new standard for platform accountability. We welcomed the draft law when it was published, and since then we have been working to ensure it is strengthened and elaborated as it proceeds through the mark-up stage. Today we’re confirming our support for a new initiative that focuses on improving the DSA with respect to gender-based online harm, an objective that aligns with our policy vision and the Mozilla Manifesto addendum.
An overarching focus of our efforts to improve the DSA have focused on the draft law’s risk assessment and auditing provisions. In order to structurally improve the health of the internet ecosystem, we need laws that compel platforms to meaningfully assess and mitigate the systemic risks stemming from the design and operation of their services. While the draft DSA is a good start, it falls short when it comes to specifying the types of systemic risks that platforms need to address.
-
MDN Web Docs at Write the Docs Prague 2021 [Ed: Mozilla does not mention the awful tragedy of outsourcing to to proprietary software of Microsoft, an attack on the Web itself]
The MDN Web Docs team is pleased to sponsor Write the Docs Prague 2021, which is being held remotely this year. We’re excited to join hundreds of documentarians to learn more about collaborating with writers, developers, and readers to make better documentation. We plan to take part in all that the conference has to offer, including the Writing Day, Job Fair, and the virtual hallway track.
-
A password is like a key to your house. In the online world, your password keeps your house of personal information safe, so a super strong password is like having a superhero in a fight of good vs. evil. In recognition of Cybersecurity Awareness month, we revisited our “Princesses make terrible passwords for Disney+ and every other account,” and took a look to see how fortified superhero passwords are in the fight against hackers and breaches. According to haveibeenpwned.com, take a look at the how many times these superhero passwords have showed up in breached datasets….
-
In my last post on testing Chrome version 100, I encouraged everyone to flip on that flag and report bugs. It’s with a heavy heart that I announce that Ian Kilpatrick did so, and found a bug.
[...]
Also, if you happen to work on any of the following 1936 sites using this script, you know what to do (pick option Roman numeral 3, just to be super clear).
-
Fingerprinting is a major threat to user privacy on the Web. Fingerprinting uses existing properties of your browser like screen size, installed add-ons, etc. to create a unique or semi-unique identifier which it can use to track you around the Web. Even if individual values are not particularly unique, the combination of values can be unique (e.g., how many people are running Firefox Nightly, live in North Dakota, have an M1 Mac and a big monitor, etc.)
This post discusses a proposal by Google to address fingerprinting called the Privacy Budget. The idea behind the Privacy Budget is to estimate the amount of information revealed by each piece of fingerprinting information (called a “fingerprinting surface”, e.g., screen resolution) and then limit the total amount of that information a site can obtain about you. Once the site reaches that limit (the “budget”), further attempts to learn more about you would fail, perhaps by reporting an error or returning a generic value. This idea has been getting a fair amount of attention and has been proposed as a potential privacy mitigation in some in-development W3C specifications.
-
In the previous post, we uncovered a key challenge for dyn and async traits: the fact that, in Rust today, dyn types have to specify the values for all associated types. This post is going to dive into more background about how dyn traits work today, and in particular it will talk about where that limitation comes from.
[...]
Early on in Rust, we debated whether dyn DoTheThing ought to implement the trait DoTheThing or not. This was, indeed, the origin of the term “dyn safe” (then called “object safe”). At the time, I argued in favor of the current approach: that is, creating a binary property. Either the trait was dyn safe, in which case dyn DoTheThing implements DoTheThing, or it was not, in which case dyn DoTheThing is not a legal type. I am no longer sure that was the right call.
-
SaaS/Back End/Databases
-
The PostgreSQL team released the PostgreSQL 14 database, providing users of the widely deployed relational database with new features.
PostgreSQL, also known as “Postgres”, is an open-source, object-relational database management system. It has been around for over 30 years and advertises itself as “the most advanced open-source relational database in the world”. It is developed by a worldwide team of volunteers and it is quite popular due to its stability and advanced features.
PostgreSQL is perceived as a go-to solution for performing complicated, high-volume data operations. That’s because PostgreSQL is better at handling extraordinary database situations. Additional points that set PostgreSQL apart are the fact it is object-relational, ACID-compliant, highly concurrent, and offers NoSQL support. And the latest PostgreSQL 14 makes things even better.
-
LibreOffice on Chromebooks and Apache/OpenOffice
-
Today we are looking at how to install LibreOffice 7.2 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!
-
Welcome to the latest monthly overview of events from the Apache community. Here’s a summary of what happened in September …
-
We start this week with a good write-up by [Eugene Lim] on getting started on vulnerability hunting, and news of a problem in OpenOffice’s handling of DBase files. [Lim] decided to concentrate on a file format, and picked the venerable dbase format, .dbf. This database format was eventually used all over the place, and is still supported in Microsoft Office, Libreoffice, and OpenOffice. He put together a fuzzing approach using Peach Fuzzer, and found a handful of possible vulnerabilities in the file format, by testing a very simple file viewer that supported the format. He managed to achieve code execution in dbfview, but that wasn’t enough.
Armed with a vulnerability in one application, [Lim] turned his attention to OpenOffice. He knew exactly what he was looking for, and found vulnerable code right away. A buffer is allocated based on the specified data type, but data is copied into this buffer with a different length, also specified in the dbase file. Simple buffer overflow. Turning this into an actual RCE exploit took a bit of doing, but is possible. The disclosure didn’t include a full PoC, but will likely be reverse engineered shortly.
Normally we’d wrap by telling you to go get the update, but OpenOffice doesn’t have a stable release with this fix in it. There is a release candidate that does contain the fix, but every stable install of OpenOffice in the world is currently vulnerable to this RCE. The vulnerability report was sent way back on May 4th, over 90 days before full disclosure. And what about LibreOffice, the fork of OpenOffice? Surely it is also vulnerable? Nope. LibreOffice fixed this in routine code maintenance back in 2014. The truth of the matter is that when the two projects forked, the programmers who really understood the codebase went to LibreOffice, and OpenOffice has had a severe programmer shortage ever since. I’ve said it before: Use LibreOffice, OpenOffice is known to be unsafe.
-
Venturing out into the wilderness of vulnerability research can be a daunting task. Coming from a background in primarily web and application security, I had to shift my hacking mindset towards memory corruption vulnerabilities and local attack vectors. This two-part series will share how I got started in vulnerability research by discovering and exploiting code execution zero-days in office applications used by hundreds of millions of people. I will outline my approach to getting started in vulnerability research including dumb fuzzing, coverage-guided fuzzing, reverse engineering, and source code review. I will also discuss some management aspects of vulnerability research such as CVE assignment and responsible disclosure.
-
FSF
-
The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a motivated and organized Boston-based individual to be our full-time outreach and communications coordinator.
Reporting to the executive director, the outreach and communications coordinator works closely with our campaigns, licensing, technical, and operations teams to plan, write, edit, publish, and promote high-quality, effective materials, both digital and printed. These materials are a critical part of advancing the FSF’s work in support of the GNU Project, free software adoption, copyleft licensing, and freedom on the Internet; and against Digital Restrictions Management (DRM), software patents, and proprietary software. Nearly every publication from the FSF goes through this public-facing position, tying together our work across various constituencies.
-
Programming/Development
-
This document contains the release notes for the LLVM Compiler Infrastructure, release 14.0.0. Here we describe the status of LLVM, including major improvements from the previous release, improvements in various subprojects of LLVM, and some of the current users of the code. All LLVM releases may be downloaded from the LLVM releases web site.
For more information about LLVM, including information about the latest release, please check out the main LLVM web site. If you have questions or comments, the LLVM Developer’s Mailing List is a good place to send them.
Note that if you are reading this file from a Git checkout or the main LLVM web page, this document applies to the next release, not the current one. To see the release notes for a specific release, please see the releases page.
-
LLVM 13.0 was tagged overnight as the latest half-year update to this widely-used, very powerful open-source compiler stack.
LLVM 13.0 is now available with many features that accumulated over the course of the summer. Some of the LLVM 13 highlights include:
- Flang as the Fortran front-end is now included in the official LLVM binary packages.
-
Well, here it is: a shoe-in for the new world’s largest NERF gun. (Video, embedded below.) The Guinness people haven’t shown up yet to award [Michael Pick], but at 12.5 feet, this baby is over twice as long as the current record holder, which belongs to former NASA mechanical engineer Mark Rober and his now-puny six-foot six-shooter.
We have to wonder if it is technically bigger than the six-shooter, because they seem to be roughly the same scale, except that [Michael] chose a much bigger model to start from. The main body is made from wood, and there are a ton of 3D-printed details that make it look fantastically accurate. The whole thing weighs over 200 pounds and takes at least two people to move it around. We especially love the DIY darts that [Michael] came up with, which are made from a PVC tube inside a section of pool noodle, topped off with a 3D printed piece for that distinctive orange cap.
-
Looking for something with a bit more style than the traditional kitchen timer, [Martin Jonasson] decided to take the last couple of months to design and build his own take on the idea using a rotary encoder, 16×9 LED matrix, and a Teensy 2.0 microcontroller. Were there better things he could have spent that time on? Possibly. But you probably wouldn’t have been reading it about it here, so we won’t trouble ourselves with such thoughts.
-
The Internet of Things (IoT) ecosystem is expanding at a rapid rate, with the number of devices growing every year. The increase in physical hardware being manufactured multiplies the amount of software needed to perform various functions on new platforms. There are a range of IoT use cases, including voice-controlling the lights in your home, monitoring air pollution, or the parking feature of a self-driving car. With various entities publishing specialised software for all these use cases (and many more), it can often be time-consuming to compare possible solutions. For somebody interested in working on an IoT project but unsure where to start, it can be difficult to discover the software you need. An IoT marketplace, as a centralised platform for IoT applications, can help to solve these issues.
[...]
Often, using an IoT marketplace allows you to easily choose and install the software you want in one place. Thus, you don’t need to research the software you want to install, then navigate to the company page that owns that software, to search for individual download pages to then install the software you want in a non-standard way. Was the software pre-packaged and available for click-to-install? Would you need to extract the contents of the downloaded folder and run the installer in the terminal? This time-consuming process can all be optimised by using an IoT marketplace like the Snap Store.
-
XML files are a perfect choice for storing the settings of your wxWidgets cross-platform application. Confused about how to use the wxWidgets classes to read and write XML files? No worries. In this hands-on tutorial, you’ll learn how to read and write XML files with wxWidgets, using the classes wxXmlDocument, wxXmlNode and wxXmlAttribute. We’ll expand a previously presented wxWidgets template application, such that it stores its application window dimensions in an XML file.
-
This post is a refresher about some features of the qml binary that is installed along with the Qt SDK, which should help to explain why we now prefer to use it, rather than older tools like qmlscene and qmlviewer.
-
Red Hat Pushing Microsoft Proprietary Software
-
At this year’s Data Platform Virtual Summit (DPS) 2021, I was honored to present “Monitoring SQL Server on Linux performance with Performance Co-Pilot and Grafana.” In this post I’ll cover some of the topics I touched on during my talk and include some suggestions for DBAs who might be new to Linux.
-
Java
-
Red Hat Developer has published Quarkus for Spring Developers, a comprehensive, 149-page e-book introducing Quarkus to Java developers, with a focus on helping people familiar with Spring make the transition. This includes the Spring Framework and Spring Boot, and any other modules within the Spring ecosystem.
While Java continues to be one of the most widely used programming languages for building applications, Java developers often struggle to make their applications smaller and faster to meet modern computing requirements.
Quarkus is designed to help.
-
-
I got a 2003 Chevy Impala from mom a couple of years ago for free because it needed all kinds of work.
One thing that every car owner should know how to do themselves is change their engine and cabin air filters, because it’s not that hard and over the years they will plug up and could cause the systems they protect to malfunction or work less than ideally.
But shops charge $70 and up for a cabin air filter job sometimes and $40 and up for an engine air filter. Since these should be replaced so often, the jobs can get really expensive. Not changing the cabin air filter can result in a dysfunctional HVAC system or damage to it’s components, weird smells, restricted air flow, and has some impact on gas mileage as the engine has to runthis system. Then it’s even more expensive.
-
Hardware
-
You’ve finally decided to take the plunge and build a board with surface-mount parts. After carefully dispensing the solder paste with a syringe, it’s time to place the parts. You take up your trusty tweezers and reach to grab a SOIC-14 logic IC—only there’s not a great way to grab it. The IC is too long to grab one way and has leads obstructing the other. You work around the leads, drop the IC into place, and then pick up an 0402 resistor. You gently set the resistor into your perfectly dispensed solder paste, pull the tweezers away, and the resistor has stuck to your slightly magnetic tweezers. [Robin Reiter] realized that hobbyists and small manufacturers needed a better way to assemble their surface-mount designs, so he’s building the Pixel Pump Pick & Place, an open-source vacuum assembly tool.
-
Integrity/Availability
-
Proprietary
-
Security
-
Security updates have been issued by Debian (curl, krb5, openssl1.0, and taglib), Fedora (cifs-utils), SUSE (libqt5-qtbase and rubygem-activerecord-4_2), and Ubuntu (linux-raspi, linux-raspi-5.4 and linux-raspi2).
-
Access to heart monitors disabled by the attack allegedly kept staff from spotting blood & oxygen deprivation that led to the baby’s death.
A U.S. hospital paralyzed by ransomware in 2019 will be defending itself in court in November over the death of a newborn, allegedly caused by the cyberattack.
As the Wall Street Journal reported on Thursday, the baby’s mother, Teiranni Kidd, gave birth to her daughter, Nicko Silar, on July 16, 2019, without knowing that the hospital was entering its eighth day of clawing its way back from the attack.
-
When Teiranni Kidd walked into Springhill Medical Center on July 16, 2019, to have her baby, she had no idea the Alabama hospital was deep in the midst of a ransomware attack.
-
What will be interesting to see is whether the courts rule that the hospital was negligent in its security, contributing to the success of the ransomware and by extension the death of the infant.
-
Privacy/Surveillance
-
What brand is your home? Do you live in a Google, Apple, or Amazon house? Because in a modern “smart home” you may choose only one, and that choice locks you into dependence on only that vendor and its approved partners for any future appliances and home gadgets. Your “AI” voice assistant may talk to you, but it won’t talk to its competitors.
[...]
With the current trajectory, the smart home will become much like your phone–under a single vendor’s control, not yours. They will get to choose which appliances integrate, which services they use for your voice queries, and what happens to your personal data. If they do something you don’t like, it will be even harder (and more expensive) to switch to a competitor than it already is with a phone or laptop.
Fortunately it’s not too late to change the current situation. If there is any hope for a smart home where you hold the keys, it must start with open standards for how devices communicate. Only then is there a space where truly open alternatives to Big Tech smart home gadgets can exist for the average consumer outside of do-it-yourself electronics projects.
There is an effort underway with the industry organization Matter to create such standards but like with other industry standards membership and compliance is voluntary. Consumers should pressure existing smart home companies to comply with open standards and vote with their wallet. For our part, we will continue our work to build alternatives that don’t lock you in, based on our Social Purpose commitment to protect people’s privacy, security and freedom.
-
WordPress gives me a list of where people link to my blog from, and today I noticed some company called PhishLabs. Including directly through from their main site and from a “threatintel” subdomain.
It appears to be owned by Gartner, and claims that they do “digital brand and reputation management”, but I’m unable to determine exactly what they mean by this.
I’ve had a WordPress blog before and I know that as soon as you start criticizing big corporations, they have these firms they hire to monitor blogs, figure out if what you’re saying is a “threat” to their brand, and from there….I don’t know what they want exactly.
-
Monopolies
-
Patents
-
Enough is enough. While I have previously agreed, and may in the future agree, with ACT | The App(le) Association on some patent policy questions, its pro-Apple advocacy in the App Store antitrust context–which I already mentioned in May–gets worse by the month. Judges, policy makers, and journalists should see that lobbying scheme for what it is.
Three months ago, New York-based attorney David Cohen wrote a blog post entitled “On Deceptive Apps and Practices: Unmasking the ACT App(le) Association.” Mr. Cohen was rightfully astonished when he saw ACT claiming to speak on small businesses’ behalf at a Federal Trade Commission (FTC) hearing. I trust he will not attempt to assert any copyright against me for borrowing the term “App(le) Association” from him, and I appreciate that he quoted me in the aforementioned post.
[...]
In other words, Apple was using its mouthpiece named ACT to tell the media that Apple should continue with its stranglehold on app developers large and small. In reality, there’s not a single app developer out there who truly thinks Apple’s death grip is a good thing–and if any make public declarations to the contrary (which are few and far between), it’s because they expect (which doesn’t necessarily mean they’ve been promised) Apple to reciprocate that favor in some form or another.
If ACT respected not only itself but also, more generally, human intelligence, it would have realized that when the New York Times exposes an apparent lack of credibility and legitimacy, it’s over. I mean, seriously, the NYT paragraph I quoted above should have given them and their other backers pause. Apple stops at nothing to defend its iOS app distribution monopoly, but other companies should be profoundly concerned that this App Store propaganda effort also discredits ACT’s work on other issues, such as SEPs, regardless of whether those positions may be correct.
-
The ACT App Association should really be called the ACT Apple Association. It was founded in 1998 by Microsoft as a lobbying arm utilizing smaller player’ as a front to support its defense against antitrust charges on both sides of the Atlantic. Over the years, it remained a vehicle for Big Tech interests. Although hard to find (and strategically placed off the members’ page), if you scroll all the way down this page you see the ACT App(le) association’s main sponsors are Apple, Microsoft, Intel, Verizon, and AT&T (other recent sponsors have included Facebook, Oracle, and eBay).
I have written about this “hide behind a supposed app association” charade last year. Since then, we’ve seen real app developers fight for their lives in the Epic Games vs. Apple litigation. However, the ACT App Association filed an amicus brief in support of… Apple (!), and its blog similarly takes Apple’s side. So why is an “app association” opposed to app developers’ interests?
[...]
I hope the FTC understands why the association’s small app developers supposedly support Apple in the Epic v. Apple litigation, why these app developers supposedly care so strongly about standards essential patents (although app developers are never required to take SEP licenses), or how these app developers have the resources to support a 22-employee trade association. The answer is easy. It’s because the ACT App(le) Association represents Apple, Microsoft, Intel, Verizon and AT&T – not app developers.
Also misleading is the Association’s claim at last week’s hearing to represent “thousands of small business software application development companies…located across every state in America.” The Association’s membership page lists thirty entities. Ten of these are European entities surprisingly listed without websites. The remaining ones include a venture capital company, a marketing company, a design company, and at least one entity that appears to be out of business. It is unclear how the remaining dozen or so entities amount to “thousands of small [app developers] … located across every state in America.”
Permalink
Send this to a friend
Posted in News Roundup at 11:26 am by Dr. Roy Schestowitz
Contents
-
-
Audiocasts/Shows
-
Kernel Space
-
After experiencing both SWupdate and Mender in the past we recently got the opportunity to work with another update framework for embedded systems called RAUC.
This time the choice of RAUC as system upgrade framework was mainly motivated by the Phytec IMX6 board ecosystem which is based on both Barebox and Yocto Project.
Indeed RAUC and Barebox are both developed by Pengutronix and both are designed to provide a complete and homogeneous solution that will be introduced in this post.
-
There has been much discussion of using the Rust language in the Linux kernel (for example, here, here, and here) and 2021 LInux Plumbers Conference had a number of sessions on this topic, as did Maintainers Summit. At least two of these sessions mentioned the question of how Rust is to handle the Linux-kernel memory model (LKMM), and I volunteered to write this blog series on this topic.
This series focuses mostly on use cases and opportunities, rather than on any non-trivial solutions. Please note that I am not in any way attempting to dictate or limit Rust’s level of ambition. I am instead noting the memory-model consequences of a few potential levels of ambition, ranging from “portions of a few drivers”, “a few drivers”, “some core code” and up to and including “the entire kernel”. Greater levels of ambition will require greater willingness to accommodate a wider variety of LKMM requirements.
-
Benchmarks
-
Given this week’s release of Fedora 35 Beta I have begun my benchmarking to look at how this next installment of Fedora Linux is shaping up given that it tends to be at the forefront of open-source innovations given Red Hat’s investments. For our initial F35 benchmarking is looking at the Fedora Server 35 Beta performance compared to Fedora 35 on a dual Intel Xeon Platinum 8380 server.
This initial testing is quite straight-forward and from the same Intel Xeon Platinum 8380 “Ice Lake” reference platform, Fedora 34, Fedora 34 with all stable release updates, and Fedora 35 Beta were carried out for seeing how this H2’2021 Linux distribution release update is looking. The stable release of Fedora 35 is currently expected for the end of October.
-
Applications
-
Video editing is the process of editing motion video footage. In the new age of personal video, video editing is becoming a central function of the desktop, with the popularity of video editing software ever increasing.
Any self-respecting operating system that has ambitions on becoming the dominant force on the desktop therefore needs to have a good selection of video editing software. Video sharing websites such as YouTube are now enormously popular with hundreds of thousands of new videos uploaded every day.
-
Inkscape, the most used and loved tool of Fedora’s Design Team is not just a program for doing nice vector graphics. With vector graphics (in our case SVG) a lot more can be done. Many programs can import this format. Also, Inkscape can do a lot more than just graphics. The last article of this series showed how to design embroidery with Inkscape and the extension Ink/Stitch. This time, several extensions for Inkscape will be examined. All are helpful for working with so called Stroke or Hershey Fonts.
Inkscape version 0.91+ includes an extension called Hershey Text – Extensions > Text > Hershey Text. This extension brings a small set of Stroke Fonts or Hershey Fonts. If you try testing all of the extensions Inkscape comes with, you might get to this one and ask yourself, “What is it for? It just renders text?”
-
Instructionals/Technical
-
GitLab is a free and open-source DevOps platform that allows teams to iterate faster and innovate together. It is a web-based tool developed by GitLab Inc. It is very similar to GitHub and provides a Git repository manager providing wiki, issue-tracking, and continuous integration and deployment. GitLab community edition is available absolutely free for development and production environment.
In this tutorial, I will show you how to install GitLab with Nginx and Let’s Encrypt SSL on Debian 11.
-
VirtualBox is a free and open-source hypervisor for x86 and x86-64 virtualization, which the Oracle Corporation develops. The software targets users wishing to create virtual environments for servers and desktops that allow users and administrations to run multiple guest operating systems on a single computer for either testing methods or production use. VirtualBox may be installed on Windows, macOS, Linux, Solaris, and OpenSolaris.
In the following tutorial, you will learn how to install VirtualBox on your Pop!_OS 20.04 desktop, along with creating a new Virtual Machine from scratch.
-
Tor, also known as The Onion Router, is open-source, free software that enables anonymous communication when using online services such as web surfing. The Tor network directs the Internet traffic through an accessible worldwide volunteer overlay network with over six thousand relays and continues to grow. Many users want to find more ways to keep their information and activities anonymous or at least as private as possible, which has led to Tor Browser growing quite popular in recent years as it conceals a user’s location and usage from anyone conducting network surveillance or traffic analysis.
The Tor network is intended to protect the personal privacy of users and their freedom and ability from conducting communication without having their activities monitored, and data were taken without their consent and used to sum it up.
In the following tutorial, you will learn how to install the latest Tor Browser on Pop!_OS 20.04.
-
When installing Linux Mint, the user account that was created during the initial setup has sudo rights. However, there may be a need to add additional sudo users or to remove the access. This is a straightforward process with a few commands.
In the following tutorial, you will learn to add a user to the sudoers group on any current Linux Mint system.
-
In this tutorial, we will show you how to install Telnet on Ubuntu 20.04 LTS. For those of you who didn’t know, Telnet is a protocol that allows you to connect to remote computers (called hosts) over a TCP/IP network using a client-server protocol to establish a connection. Telnet listens to all the requests by the user usually on TCP port 23, but you can change it accordingly.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Telnet on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
-
The seemingly insignificant #! characters at the beginning of a shell script has a major significance on how your script will be executed.
-
While I tend to think about the nodes in OpenStack term, the people that physically move the servers around are more familiar with their IPMI address. We have several nodes that are not responding to IPMI requests. Some have been put into the manageable state, some are in error.
-
If an OpenStack server (Ironic or Nova) has an error, it shows up in a nested field. That field is hard to read in its normal layout, due to JSON formatting. Using jq to strip the formatting helps a bunch
-
My team is running a small OpenStack cluster with reposnsibility for providing bare metal nodes via Ironic. Currently, we have a handful of nodes that are not usable. They show up as “Cleaning failed.” I’m learning how to debug this process.
-
Games
-
Developer 2Awesome Studio has released Aeon Drive, a cyberpunk themed platformer with a speedrunning theme.
Aeon Drive stars Jackelyne, a space ranger desperate to get home. Voiced by actress Kira Buckland, who is best known for the voice of 2B in Nier: Automata, Reimi Sugimoto in JoJo’s Bizarre Adventure: Diamond Is Unbreakable, Trucy Wright in the Ace Attorney series, and Hiyoko Saionji in the Danganronpa series (and a lot more). Armed with a power sword and teleportation dagger, Jackelyne must dash through the neon-infused metropolis of Neo Barcelona, using time and space-bending abilities to find all the drive cores to fix her ship – and save the city from doom.
-
While today will see the Steam Next Fest arrive, Valve have more plans as the digital Tabletop Fest returns to Steam between October 21 – 25 and this time around it’s all about the RPGs.
Kicking off at 10 AM PST / 5 PM UTC it will see a big sale with hundreds of titles discounted, so you might want to start filling up your wishlist. There will also be around 18 hours of streaming from developers, which is being done in partnership with Auroch Digital. Starting off with Robert Kurvitz, lead writer and designer on Disco Elysium.
-
-
The Arduinos take input from switches and control knobs, but also run 7-segment displays and analog dials driven by servos. The panels were all laser-cut using MDF or perspex and backlit using LEDs.
-
I consider Half-Life: Alyx played in VR to be one of the greatest gaming experiences I’ve ever had but for a lot of people it’s just not possible and so the No VR Mod is in progress.
For whatever reason some cannot use VR be it due to price, physical ability and more. But if you still want to be able to experience the story first-hand you’re currently a bit stuck. There are a few hacky mods floating around to enable mouse/keyboard support but they’re all really quite rough. The No VR Mod looks like a different breed though, with smooth movement and it all just looks good.
-
XIGNCODE3 is another popular anti-cheat like Easy Anti-Cheat and BattlEye that currently causes issues for Linux and it’s going to hopefully see support (thanks Reddit) for Linux and the Steam Deck by launch.
-
Valve published new versions of Proton and Proton Experimental last night.
With the latest Proton Experimental update as of yesterday, NVIDIA’s Deep Learning Super Sampling (DLSS) is now working for Direct3D 12 games when setting the “PROTON_ENABLE_NVAPI=1″ environment variable and using a supported NVIDIA graphics card on a new enough driver. Proton was previously working for DLSS Vulkan titles while now DLSS for D3D12 games should be working with the above met conditions.
-
Two big bits of news for Steam Play Proton today with two new versions getting released so let’s take a look and see exactly what’s new for the Windows compatibility layer.
Firstly, NVIDIA announced back in August that DLSS would come to Proton in September for DirectX 11 / 12. Well, their date was a bit off there it seems but Valve / CodeWeavers managed to pull in DLSS support for at least DirectX 12 in Proton Experimental as of September 30. To enable it you need to set PROTON_ENABLE_NVAPI=1 as a launch option for games. Additionally this release also fixes crashes in Project Wingman, Satisfactory and other Unreal Engine 4 games using the Vulkan renderer.
-
Desktop Environments/WMs
-
While we skipped August because of the summer holidays, the month of September 2021 brought some great releases, starting with the awesome Thunar file manager, which received not one but two maintenance updates, up to version 4.16.10.
While Thunar 4.16.9 introduced support for using the move action when dragging files of different users, the ability to open the correct folder when middle-clicking in tree-view, fixes a issue where a folder was missing in history when it was opened in a new tab, and disabled automatic queueing of file transfers, Thunar 4.16.10 only addressed a regression that could crash the file manager when using the clipboard.
-
K Desktop Environment/KDE SC/Qt
-
Calamares is an independent Linux-distro-installer. It was recently added to FreeBSD ports as well, although you won’t be able to use it as an installer yet. The Calamares project is KDE-adjacent – but independent – so it participates ins some things that KDE projects do not. One of those things is Hacktoberfest.
-
Travel is slowly returning, and that shows in many improvements of KDE Itinerary being driven by real-world testing and feedback again in the past two month since the last summary.
-
-
Linux refers to the kernel on which distributions are built. You can think of it as the core to all systems that are running on Linux.
Linux distributions are the download links featured above – such as Ubuntu, Fedora, Manjaro, etc. These are collections of software and configurations that have been packaged with the Linux kernel. A team of developers is responsible for each distro, and attaches their own branding or moniker (i.e. “Linux Mint) to it. Typically, the devs will release free updates and support for the distro they’ve created.
Another term you’ll hear often is GNU, or GNU/Linux. The GNU project is responsible for a massive amount of the free software you’ll find availalble across all Linux distributions.
While the Linux kernel provides an operating system with its core functionality, the GNU software, as well as software from other developers, allows us to interact with the operating system and do things. Since GNU and Linux are both so integral to Linux distributions, the term GNU/Linux is exceedingly common.
Both the Linux kernel and GNU software are free. That’s why so many Linux distributions exist in the first place. Anyone is free to take these components, bundle them together, add their own spin to the package, and then release the finished product as a separate operating system (Linux distro). This is very different than systems like Microsoft Windows, where the code for the OS and its applications are locked tightly behind a closed source and copyright laws.
-
SUSE/OpenSUSE
-
GNOME 41 has reached openSUSE Factory staging and KDE’s Plasma 5.23 is nearing a release in an openSUSE Tumbleweed snapshot as it progresses through staging.
openSUSE’s rolling release turned out four snapshots this week and updated software packages like Mesa, curl, catfish, PipeWire, Perl and more.
The 20210928 snapshot improved the transferring of data via an update of curl 7.79.1, which made it work with OpenSSH 8.7; the command line tool and library also adjusted a setup to not change connection data upon repeat invokes. An update of inkscape 1.1.1 fixed a crash and improved the startup time of the graphics editor application. Two other packages updated in the snapshot were yast2-network 4.4.26 and yast2-nfs-client 4.4.1; the latter had an update that supports systemd mount options in fstab.
-
Dear Tumbleweed users and hackers,
After the massive update in the last week due to a full rebuild caused by glibc 2.34, this week seems ‘somewhat’ quieter. Or at least from a Release manager PoV less involvement hungry. Yet, we managed to release 5 snapshots during this week (0923, 0924, 0926, 0927, and 0928).
-
IBM/Red Hat/Fedora
-
Garbage collecting with podman system prune. Tells me it freed 20GB when it seems to have freed 4GB. Wondering where that discrepancy comes from.
-
Application programming interfaces (APIs) are like fuel for digital transformation, enabling companies to develop applications and microservices quickly. DataTrucker.IO is a new, free and open source (Apache 2.0) no-code/less-code API backend that decreases the time required to build APIs.
-
As Red Hat OpenShift continues to evolve and improve, our efforts to promote developer success ramp up as well. The OpenShift developer dashboard provides sample applications that are just a few clicks away from deployment. These samples are spread across a wide range of software development interests and stacks, so you’ll probably find one of interest to you.
For OpenShift 4.8, four new samples have been added, while four others have been updated. A total of 14 samples are at hand for the new or curious developer. We’ll review all the samples in this article.
-
“Welcome to the family.” That’s how it should feel right from the start when new people join the team at any company.
Of course, relating a workplace to a home is an ambitious promise. To live up to it, you need to ensure that your people experience a safe place where they can be who they are with no fear of being punished or humiliated for sharing their ideas, raising concerns, or making mistakes.
-
We’re excited that Call for Code will be participating in Hacktoberfest again this year. Now in its eighth year, Hacktoberfest is a global online festival meant to drive contribution to and involvement in open source projects.
Both Call for Code and Hacktoberfest encourage contributions from people of all backgrounds and skill levels. Call for Code is of course a great opportunity for experienced open source contributors to get involved in projects that address social and humanitarian issues, but if you’re brand new to open source projects, we’ve got you covered there as well. Our “Call for Code: Introduction to Open Source” online course is available at no cost and introduces you to key concepts, tools, and processes that you need to start contributing to any open source project. Start learning, and earn a badge by completing this course.
-
Canonical/Ubuntu Family
-
Linux Mint 20.3 will be dubbed “Una” and will be the third major update to the Linux Mint 20 series based on the Ubuntu 20.04 LTS (Focal Fossa) operating system series, which, of course, will be supported with software updates and security patches until 2025.
Most probably, Linux Mint 20.3 “Una” will be derived from the recently launched Ubuntu 20.04.3 LTS point release, but, like with Linux Mint 20.2 “Uma”, Linux Mint 20.1 “Ulyssa”, and Linux Mint 20 “Ulyana”, it will stick to the long-term supported Linux 5.4 LTS kernel series rather than using the newer Linux kernel 5.`11.
-
Powered by a Raspberry Pi 4B microprocessor, Mini Pupper uses Ubuntu and ROS to run its FSN (Full Self-Navigation) System. It also supports SLAM (Simultaneous Localization and Mapping), which allows it to map its surroundings and learn in real-time from objects around it using Lidar or a camera sensor.
-
-
The Pocket P.C. (aka Popcorn Computer) is a handheld Linux computer based on Allwinner A64 with 2GB RAM, 32GB storage, a 4.95-inch Full HD display, and a QWERTY keyboard that was introduced in 2019, and reminds me of PocketCHIP from a few years also with an Allwinner processor, a display, a keyboard, and a battery.
The initial plan was to start shipping the device by May 2020, and there are been delays for reasons we’ll explain below, but the good news is that Source Parts has just announced the developer units had been shipped.
-
Open Hardware/Modding
-
UDOO is known for its x86 boards that embed an Arduino compatible MCU, but the UDOO KEY is different, as it does without an Intel or AMD processor, and instead, combines Raspberry Pi RP2040 microcontroller with Espressif ESP32 WiFi & Bluetooth WiSoC.
As we noted in the past combining Raspberry Pi Pico/RP2040 with ESP32 does not make a lot of sense in most cases, but here’s the UDOO KEY will be offered for just $4 for the first units, so they’ll basically throw the ESP32, an IMU sensor, and a microphone for free since it’s the same price as one Raspberry Pi Pico, before eventually selling the device for $20.
-
Teaching children concepts in science, technology, engineering, and mathematics is extremely important as the world is becoming even more dependent on people with those skills. To help achieve this goal, Leyla Tawfik, Serena Cangiano and the Ethafa team came up with a series of interactive learning solutions that they call “STEAMMIANS.” Each one targets a particular subset within the field of electronics and their first, “Eolim,” is focused on guiding kids ages 9-11 on how to use certain kinds of sensors to perform various actions.
-
Mobile Systems/Mobile Applications
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
The Fairphone 4 from the Dutch manufacturer Fairphone BV was officially presented yesterday. Like its predecessors, it is a mid-range device whose concept is characterized by fair conditions in production and the use of raw materials that are as clean as possible. The modular structure stands for longevity and easy repairability. For the first time, the manufacturer is offering a generous guarantee period of five years, which is unusual in the industry.
-
Google Drive is a popular cloud storage service that works great for the most part.
However, it may not be the most private option out there. So, to take total control of your data, the best way is to spin up a Nextcloud instance and store your essential data while getting access to other collaboration tools.
While that sounds good to hear, not everyone can put the effort to create and maintain their instance. This is where ecloud comes in—built by the same team behind /e/ OS, the de-googled Android operating system.
-
Now we’ve got ourselve a handy script for cross compiling, I think it’s time to introduce other means of cross compiliing and why I not using existing methods.
Pmbootstrap is a script to build packages for postmarketOS. It supports cross compiling and various other options, it also handles dependencies for you. And you can use apline ports build files directly without hacking it as we did on part two for ArchLinux. Most important, it’s available as pip package. Meaning you can use it to build packages for postmarketOS even if you’re not on Apline Linux! PinePhone is well supported by PostmarketOS and Plasma Mobile developers also work closely with PostmarketOS developers. If you have postmarketOS installed on your pinephone or any Android phones postmarketOS supports (there are over 1000 devices postmarketOS supports), do try pmbootstrap.
-
-
Web Browsers
-
Mozilla
-
KaiOS is based on the code of Mozilla’s Firefox OS and the third major version has just been released. The success of KaiOS shows how much Mozilla had backed the wrong horse with Firefox OS. Kai OS Technologies from Hong Kong did not concentrate the development of the operating system on smartphones or TV sets, but on the promising category of feature phones.
-
It’s been long time from my last update about Firefox news on Linux and I’ve finally got some time to sum up what we’ve been working on for last year and what’s coming. There haven’t been introduced any new exciting features (from Linux perspective) for the last year but rather a hidden but important changes.
From Linux desktop developers perspective 2021 is a year of Wayland. KDE has been shipping decent Wayland compositor which becomes default for Fedora 34. It’s actually pretty fast and gives you smooth feeling of “good old times” with X11/Gtk2/name-your-favorite environment where any graphics change was just instant without lags or slow transitions. I must mention Robert Mader who created a new Firefox Wayland SW backend for the KDE.
-
Productivity Software/LibreOffice/Calligra
-
LibreOffice’s QA community works on identifying, testing and fixing bug reports from users around the world. Gabriele Ponzo, a long-time LibreOffice contributors and part of The Document Foundation’s Membership Committee, tells us about how a bug was recently fixed in just under eight hours…
-
CMS
-
Diamantedesk is an open source web-based Ticketing, help-desk solution aims to allow you to customize for business needs.
Diamantedesk offers reliability, flexibility, scalability, and extensibility for many enterprise sectors like IT support, shipping, customer services, healthcare and more.
It is built to improve customer service and convert feedback into valuable experience
The system comes with a rich set of features and fancy look with informative dashboard filled with graphs, charts, and logs.
[...]
It is published under the Open Software License (OSL 3.0).
-
Programming/Development
-
Qt 6.2 LTS is now available not only to be the first release with long-term support of the sixth major version of the framework , but also to start laying the foundations that will allow developers to truly transition from Qt 5 by having almost achieved the parity with version 5.15, which has become the penultimate LTS.
Qt 6.2 LTS comes with many interesting news that should give it a strong boost and open the door to many projects to start the migration to the current major version of the framework . Of course, before starting to explain the news, those responsible recalled the main aspects of Qt 6, which already we summarized at the time .
What stands out the most about Qt 6.2 LTS is the inclusion of a large number of new modules to approach parity with version 5.15, which are the following: Qt Bluetooth, Qt Multimedia, Qt NFC, Qt Positioning, Qt Quick Dialogs, Qt RemoteObjects, Qt Sensors, Qt SerialBus, Qt SerialPort, Qt WebChannel, Qt WebEngine, Qt WebSockets, and Qt WebView . On this aspect, the company has said that “the API for these modules is mostly compatible with previous versions of Qt 5 and will only require minor adjustments of the user code when it is transferred to Qt 6” .’
-
-
Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 912 other packages on CRAN.
This new release brings us Armadillo 10.7.0 released this morning by Conrad. Leading up to this were three runs of reverse dependencies the first of which uncovered the need for a small PR for subview_cols support which Conrad kindly supplied.
-
PoCL is the open-source project implementing OpenCL for CPU-based execution as well as multi-device support by getting its Portable Computing Language implementation working atop NVIDIA GPUs via CUDA, AMD GPUs via HSA, and other experimental implementations through leveraging LLVM/Clang.
-
Arm engineers have begun landing their Armv9 enablement work in the GNU compiler toolchain.
Yesterday brought the initial Armv9 commits to GNU Binutils. This included adding armv9-a to -march for the GNU Assembler as well as for GAS adding the Cortex-X2, Cotex-A510, and Cortex-A710.
-
Python
-
Programming languages are one of those topics that we geeks have some very strong and often rather polarised opinions about. As new concepts in computing are dreamt up, older languages may grow new features, if viable, or get left behind when new upstarts come along and shake things up a bit. This scribe can remember his early days programming embedded systems, and the arguments that ensued when someone came along with a project that required embedded C++ or worse, Java, when we were mostly diehard C programmers. Fast forward a decade or two, and things are way more complicated. So much choice, so much opinion.
-
Java
-
Computer programming, also known as coding for short, is not about which language you use. It’s about developing programming logic and learning to think like a programmer. The language you start with should be the one that helps you the most in this endeavor. So you have to ask yourself the question: “What do you want to do as a programmer?”
For example, if you want to work on Android app development, video game development, desktop GUI applications, or just general software development, I think learning Java is an excellent option. It’s the language I chose, and it has made a whole world of programming available to me. In India, where I live, the average salary of a Java programmer is around 5.9 Lakhs per Annum (LPA) (it can be as high as 10 LPA, depending on your experience.)
Java is a vast language, though, with lots of frameworks and variants to choose from. Core Java is the term the tech industry has developed to refer to the central components of the Java language—the thing that people use to write the frameworks and has developed the cottage industry around Java. I believe that Core Java is one of the most powerful skills you can acquire because understanding the basics of Java gives you a significant advantage when learning all of the related tools built on top of it.
-
-
Integrity/Availability
-
Proprietary
-
Security
-
The diffoscope maintainers are pleased to announce the release of diffoscope version 186. This version includes the following changes:
[ Chris Lamb ]
* Don't call close_archive when garbage-collecting Archive instances unless
open_archive returned successfully. This prevents, amongst others, an
AttributeError traceback due to PGPContainer's cleanup routines assuming
that its temporary directory had been created.
(Closes: reproducible-builds/diffoscope#276)
* Ensure that the string "RPM archives" exists in the package description,
regardless of whether python3-rpm is installed or not at build time.
[ Jean-Romain Garnier ]
* Fix the LVM Macho comparator for non-x86-64 architectures.
-
The termination of the IdenTrust root certificate (DST Root CA X3) used to cross-sign the Let’s Encrypt CA root certificate resulted in problems with Let’s Encrypt certificate validation in projects using older versions of OpenSSL and GnuTLS. Problems also affected the LibreSSL library, the developers of which did not take into account past experience related to failures that occurred after the AddTrust root certificate of the Sectigo (Comodo) certification authority expired.
Recall that in releases of OpenSSL up to and including the 1.0.2 branch and in GnuTLS before release 3.6.14 , there was an error that did not allow the correct processing of cross-signed certificates, if one of the root certificates used for signing expired, even if other valid ones were saved. chains of trust (in the case of Let’s Encrypt, the aging of the IdenTrust root certificate does not allow verification, even if the system supports its own Let’s Encrypt root certificate valid until 2030). The essence of the error is that older versions of OpenSSL and GnuTLS parsed the certificate as a linear chain, while according to RFC 4158, a certificate can represent a directed distributed circular graph with several trust anchors that need to be considered.
-
Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use it to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.
It is a single page JavaScript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor.
-
Kali is a Debian based distribution aimed at penetration testing. I haven’t felt a need to use it in the past because Debian has packages for all the scanning tools I regularly use, and all the rest are free software that can be obtained separately. But I recently decided to try it.
Here’s the URL to get Kali [1]. For a VM you can get VMWare or VirtualBox images, I chose VMWare as it’s the most popular image format and also a much smaller download (2.7G vs 4G). For unknown reasons the torrent for it didn’t work (might be a problem with my torrent client). The download link for it was extremely slow in Australia, so I downloaded it to a system in Germany and then copied it from there.
[...]
Installing VMs for both these distributions was quite easy. Most of my time was spent downloading from a slow server, trying to get SCSI emulation working, working out how to convert image files, and testing different compression options. The time spent doing stuff once I knew what to do was very small.
-
Privacy/Surveillance
-
We, the undersigned civil society organizations and independent experts, call on Member States of the U.N. Human Rights Council (HRC) to take urgent action at the ongoing 48th regular session of the HRC to denounce the unfolding and unprecedented scale of human rights violations by States facilitated by the use of the NSO Group’s Pegasus spyware and provide immediate, robust support for impartial and transparent inquiries into the abuses.
We are deeply alarmed by the Pegasus Project revelations, a major investigation conducted by Forbidden Stories, and a consortium of 16 media organizations, alongside Amnesty International who was a technical partner in the investigations. The investigation was based on a leak of 50,000 phone numbers of potential targets of NSO Group surveillance technology, a list which includes journalists, activists, human rights defenders, lawyers, world leaders, and civil society actors. So far, at least 180 journalists in 20 countries were identified as potential targets of Pegasus spyware between 2016 to June 2021.
Adding to the revelations, further cases of targeted surveillance continue to unfold. The most recent victim targeted by Pegasus spyware is the Budapest-based photojournalist Dániel Németh. According to an investigation by media organization Direkt36 and forensic analysis by Citizen Lab, independently validated by Amnesty International, two of Németh’s phones were hacked by a government client of the NSO in early July 2021. Németh is not the only Hungarian journalist to be hacked using Pegasus, Amnesty International’s forensic checks confirmed that two of Direkt36 investigative journalists, András Szabó and Szabolcs Panyi, and another investigative reporter, Brigitta Csikász, were also hacked in 2019.
-
As the U.N. Human Rights Council (HRC) convenes at the ongoing 48th regular session, Access Now joins 94 civil society organizations and independent experts in urging member states to denounce abuses facilitated by spyware technologies.
The Pegasus Project revealed a long list of journalists, activists, human rights defenders, lawyers, world leaders, and civil society actors that were a target of NSO Group’s Pegasus Spyware. The U.N. HRC should mandate comprehensive measures to investigate and prevent further violations linked to the sale, export, and use of Pegasus spyware and cases of targeted surveillance.
“Member States must urgently act to address the perpetual human rights abuses by States facilitated by NSO Group’s Pegasus spyware,” said Laura O’Brien, UN Advocacy Officer at Access Now. “The clandestine surveillance industry must be held accountable.”
The recent revelations showcased the unprecedented scale of human rights violations by States facilitated by the use of Pegasus with Budapest-based photojournalist Dániel Németh being the latest victim targeted by the spyware.
-
Freedom of Information/Freedom of the Press
-
Roman Dobrokhotov, the editor-in-chief of The Insider, has responded to new criminal charges that he allegedly crossed the Russian border illegally. The criminal case “was conjured out of thin air,” he argued in an editorial published by The Insider, asserting that he was within his rights when he left the country in August, weeks after federal agents raided his home and interrogated his parents. Russian officials seized his international passport at the time, but Dobrokhotov says he maintains his general civil passport.
-
Civil Rights/Policing
-
Cybersecurity risks now affect everyone, but those risks aren’t the same everywhere. The Record spoke with Access Now’s Asia Policy Director and Senior International Counsel Raman Jit Singh Chima about how the human rights organization helps secure activists and journalists around the world. Chima, who also serves as the organization’s global security lead, shared details about risks facing human rights defenders in the Asia-Pacific region—from spyware and social media monitoring to disrupting access to certain apps or the entire Internet.
Protecting civil society from these threats must be a key part of cybersecurity policy discussions, Chima told The Record, much like we think about how we need to protect power grids and other utilities that keep society functioning.
“Understand that people who protect civil liberties, rights, and democracy are critical infrastructure and need to be talked about as such when you engage in cybersecurity conversations with national governments in this region,” he explained.
Permalink
Send this to a friend
Posted in Deception, Microsoft, Security at 10:18 am by Dr. Roy Schestowitz
Video download link | md5sum 90baecb5d2c9d010cbd33c5e9a387984
Summary: A video about the current media coverage about Azure being inherently bad when it comes to security
LAST night we republished an article from a Microsoft whistleblower who had seen from the inside how insecure Azure really is. Nothing has improved since then and days ago it made the news, highlighting a longstanding issue that Microsoft refuses to address. Microsoft’s own clients complained about it years ago.
“Nothing says it better like Microsoft’s own words. When it talks honestly.”The video above concerns this whole matter and some broader issues, knowing that Microsoft does not actually care about the security of Azure ‘tenants’ (that’s what they are; they pay rents to be controlled and even neglected by Microsoft). Nothing says it better like Microsoft’s own words. When it talks honestly. █
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
Permalink
Send this to a friend
Posted in News Roundup at 6:45 am by Dr. Roy Schestowitz
Contents
-
-
Instructionals/Technical
-
How does gemtext suck? Let me count the ways: [...]
-
Virtually every DNSDB user makes domain name to IP address queries. Often that will be quite straight forward, but today we’re going to talk about some of the times when you may run into surprises – and how you can easily deal with them.
-
I could not get agate to start correctly, it would not bind to the ipv4 port 1965. After some desultory troubleshooting I used gemserv instead.
I didn’t bother compiling gemserv to use GGI, just static content.
-
Anyway, since doing the research for the typography post, I discovered Oliver’s YouTube channel and newsletter, Pimp My Type. He’s a professional typographer, so when I learned that he offers free website typography reviews, I was on that like a tramp on chips!
-
However, some things never stick in my head, nor my fingers, and I have to google them every time. jq is one of these.
I know it’s a powerful tool, but I always end up back at Google and then copying and pasting a solution from somewhere. So I solve my problem but never learn the tool.
It’s time to fix that. In this article, I’m going to go over the basics building blocks of jq in enough depth that you will be able to understand how jq works. Of course, you still might occasionally need to head to google to find a function name or check your syntax, but at least you’ll have a firm grounding in the basics.
-
Games
-
It’s true that our version of D&D is modified beyond recognition. Which is fine since it’s an open source game.
It’s true that I’m a fan of D&D as a brand, as a shorthand, as a community, whereas I don’t touch “gamer” stuff with the proverbial ten-foot pole.
It’s not true that this is out of ignorance with other systems. “Just play Fiasco” we went from Fiasco to D&D after trying both. And, we’ve mashed in stuff from Fiasco into “our” D&D.
I had read around 200 core books until finally giving the much maligned D&D a shot. I had believed the anti-hope of haters on Usenet and TBP. “AC doesn’t make sense”, “Levels don’t make sense”, “It’s so unrealistic” etc. And I felt so dumb for looking at it last because it was exactly what I had been longing for all this time.
-
Coming about five weeks after Proton 6.3-6, the Proton 6.3-7 release is here to add support for the Life is Strange: True Colors, Quake Champions, Divinity: Original Sin 2, eFootball PES 2021, EVERSLAUGHT VR, as well as WRC (World Rally Championship) 8, 9 and 10 video games.
This means that you’ll now be able to play these games on your Linux-powered computer using the new Proton version. However, it should be noted the fact that the Quake Champions and Divinity: Original Sin 2 games will apparently brake after a game update, so you shouldn’t update them yet.
-
Desktop Environments/WMs
-
One thing I didn’t expect to work so well was having my computer screen set to greyscale mode the past few days. I’d enabled it to test the accessibility and contrast of a design I was working on and… I didn’t turn it off.
-
-
IBM/Red Hat/Fedora
-
Fedora Linux has been recognized as a “digital public good” by the Digital Public Goods Alliance (DPGA), a strategy group set up by UNICEF to promote sustainable development through open-source solutions that contribute to an equitable world.
-
-
-
SaaS/Back End/Databases
-
At YottaDB we have a network of a couple dozen machines that include all Supported platforms, ranging from Raspberry Pi Zeroes to x86_64 servers. We run the YottaDB test system across these machines most weekends, and frequently overnight as well. The normal run checks out the current master source code, builds it, and runs it on these machines against the current master test system. The source code is built and tested two ways, “DBG” builds with asserts that detect error and out-of-design conditions for us to debug, and “PRO” builds that are built the way binary distributions are delivered, and which invoke the recovery code for these error and out-of-design conditions. The tests involve extensive simulated crashes and recovery. They also randomly vary a number of parameters to test the various permutations and combinations of operating conditions.
-
FSF
-
Licensing/Legal
-
Radio has never been on the leading edge as an industry full of tech oriented companies so open source can be a solution that allows these companies to focus on what they are good at – delivering amazing content.
Isn’t that the name of the game?
Collaboration in the spirit of open-source could be an engine for much needed growth as well.
-
Programming/Development
-
I’ve been traveling this road for a while. Here’s my collection of 15 of the most common mistakes and issues people will run into when writing applications and services that use libcurl. I’ve also done recorded presentations on this topic that you can watch if you prefer that medium.
-
This post is part of a series, starting at Reflections on a decade of coding.
This is one of my favorite questions to ask people: what are some things that you used to strongly believe but have now changed your mind about?
I want to focus especially on ideas that I wasted a lot of time on, or that got in the way of success.
-
I got really bored tonight and went down some rabbit holes and turned up something from about a year ago. If you follow the latest Linux type stuff, you probably remember this, but if not, this might seem new to you. It’s just something dumb and amusing.
-
The CHERI protection model provides architectural primitives to protect computer systems from widely-exploited security vulnerabilities. CHERI revises the hardware/software architectural interface with hardware support for capabilities that can be used for fine-grained memory protection and scalable software compartmentalization. Supported by DARPA (the US Defense Advanced Research Projects agency) as well as UKRI (UK Research and Innovation) and its Digital Security by Design (DSbD) program, CHERI is the work of a large research team at the University of Cambridge, SRI International, Arm and many industrial and academic collaborators throughout the world.
-
It turns out Awk is pretty simple. It has only a couple of conventions and only a small amount of syntax. As a result, it’s straightforward to learn, and once you understand it, it will come in handy more often than you’d think.
So in this article, I will teach myself, and you, the basics of Awk. If you read through the article and maybe even try an example or two, you should have no problem writing Awk scripts by the end of it. And you probably don’t even need to install anything because Awk is everywhere.
-
-
-
with a title and a line from Leslie Jamison
Anne says, what if you are notsick or bad, what if you are Katie?
-
Records of UT administrators describe an institute that would be “dedicated to the study and teaching of individual liberty, limited government, private enterprise and free markets” and promote “intellectual diversity.” Most people, myself included, support individual liberty. The remaining phrases are highly ideological and should be in scare quotes.
Does “limited government” enhance individual liberty, or does it really mean using government power to protect concentrated wealth and limit our collective ability to create a decent society? Does “private enterprise” really mean allowing corporations to use that concentrated wealth to undermine democratic decision-making? Do those corporations champion “free markets” only as long as they can extract profit, running to the government for bailouts when they fail?
-
What is it about sex that makes talking about it with political and moral honesty so difficult? It’s so easy to fixate on its purely political aspects, relying on the simplicity of a relationship with black-and-white consequences. It’s so tempting to reduce it to the absolutely personal, just someone’s preference, beyond anyone else’s understanding or judgment. Even among feminists, the tensions between the intimacy of sex, its potential for violence, and the fact that its participants, limitations, and consequences often fall under the supervision of public authorities are perennial sources of conflict.
-
I was writing something a while ago, and had reason to quote the famous aphorism “Computers are incredibly fast, accurate, and stupid; humans are incredibly slow, inaccurate, and smart.” I’ll bet you’ve heard a variation on that quote before, and probably have seen a meme or two with it. It’s usually attributed to Einstein.
-
That so many are willing to take the word of any contrarian rather than that of peer reviewed science is astonishing. But after decades of government and corporate malfeasance and abuses, it isn’t too difficult to understand the roots for this skepticism. Indeed, government agencies and business institutions have constructed this atmosphere of distrust. Just one look at the CIA, the military, or the tobacco and fossil fuel industries and we get a litany of lies, crimes, and the obfuscation of those crimes. Indeed, most drug companies have gotten away with the many crimes they have committed, with the recent opioid scandal and the Sackler family coming to mind. But there is also a kind of collective fear and a legacy of anti-scientific credulity that is common in far-right political circles that goes beyond justified criticism of and opposition to the crimes of the powerful.
None of this is especially original. Climate change deniers have long latched on to the proclamations of a small, but loud, group of scientists who confirm their narrative. A major part of this is thanks to a well funded campaign of disinformation by the fossil fuel industry who began lying to the public about the damaging effects of burning fossil fuels decades ago. And there are dozens of think tanks in Washington whose sole purpose it to peddle corporate propaganda to politicians on the dole and a public that is already inclined to be against any scientific warning that may alter the Western lifestyle. But there is also a conspiratorial way of thinking about these things. The very real and existential issue of climate catastrophe has been linked to crackpot theories about a tyrannical “one world government.” Those who have been alienated from society often become targets for this kind of delusion. And social media amplifies it all through echo chambers of confirmation bias, connecting the alienated with one another, albeit in a very superficial manner.
-
Ross Ashcroft Michael Hudson, always great to have you back on Renegade Inc.
Michael Hudson It’s good to be back here. Thanks for having me.
-
Dark design has proven to be an incredibly effective way of encouraging web users to part with their time, money and privacy. This in turn has established “dark patterns”, or sets of practices designers know they can use to manipulate web users. They’re difficult to spot, but they’re increasingly prevalent in the websites and apps we use every day, creating products that are manipulative by design, much like the persistent, ever-present pop-ups we’re forced to close when we visit a new website.
-
Science
-
Algorithms have been used to identify cells in sectional images of tissue samples. For instance, if tissue cells appear atypical, the algorithm will spot this and determine if the cells are cancerous. DNA sequence data from tumours is now being used along with imaging data to identify cancers.
-
Health/Nutrition
-
As public health advocates fumed over efforts by right-wing congressional Democrats to water down prescription drug pricing reforms proposed in their own party’s flagship Build Back Better package, a report published Thursday by a leading progressive advocacy group revealed that Americans are paying nearly twice as much for the 20 bestselling medications as the rest of the world combined.
“Empowering Medicare to push back against inflated drug prices is the responsible and commonsense way to stand up to the industry’s greed.”—Rick Claypool,Public Citizen
-
Supporters of drug pricing reform expressed alarm Wednesday at efforts by right-wing congressional Democrats—including some of the biggest recipients of Big Pharma campaign contributions—to water down progressive-led efforts to lower the world’s highest prescription medication costs.
Mirroring key items on Big Pharma’s wishlist, corporate Democrats are taking aim at proposed drug pricing reforms in the $3.5 trillion Build Back Better budget reconciliation package. According to Politico:
-
A Scottish university in “Europe’s oil and gas capital” has voted to sell all of its fossil fuel investments over the next four years.
The University of Aberdeen, which has strong ties with the North Sea oil and gas industry, announced today that its governing body had voted to exclude fossil fuel extraction companies from its £52.7 million investment portfolio by 2025. It currently has an estimated £3.1 million invested in fossil fuels, according to campaigners.
-
For this reason, there is good cause to expect that his new book, Sickening: How Big Pharma Broke American Health Care and How We Can Repair It, would make a substantial contribution to the current debate over controlling drug prices. (Unfortunately, its publication date is not until February.) The book is indeed useful in documenting the failures of the pharmaceutical industry, but it comes up painfully short in the remedies.
The first part of the book goes over some of the major scandals of the pharmaceutical industry over the last three decades. It notes the overuse of statins, a drug designed to lower cholesterol. Abramson points out that statins are often prescribed for women, based on clinical trials showing their effectiveness for men. In spite of the lack of evidence of benefit, expensive statins have been prescribed for millions of women over the last three decades.
-
Janine Jackson interviewed Jim Naureckas about Covid and corporate media for the September 24, 2021, episode of CounterSpin. This is a lightly edited transcript.
-
-
-
-
-
Just ahead of Sen. Joe Manchin’s Thursday declaration that $1.5 trillion is his topline number for the reconciliation bill, the corporate Democrat referred to the United States’ so-called “brutal fiscal reality” on Wednesday to defend his opposition to the Democratic Party’s 10-year, $3.5 trillion package—a justification progressives criticized as baseless and a threat to Americans’ future well-being.
“While I am hopeful that common ground can be found that would result in another historic investment in our nation, I cannot—and will not—support trillions in spending or an all or nothing approach that ignores the brutal fiscal reality our nation faces,” Manchin (D-W.Va.) said Wednesday night in a statement, adding that he wants to “pass on a better America to the next generation.”
-
Sen. Joe Manchin said Thursday that securing sweeping climate legislation to safeguard the planet for future generations requires electing more progressives—unlike him—in 2022.
The corporate Democrat’s assertion came as he announced to a crowd of reporters that his topline number for the broad reconciliation bill is $1.5 trillion—a fraction of the $3.5 trillion demanded by progressive lawmakers for the 10-year Build Back Better plan that includes investments to strengthen the safety net and tackle the climate emergency.
-
Sen. Joe Manchin admitted Thursday, ahead of a scheduled House vote on the Senate-passed bipartisan infrastructure bill, that it had been corporate Democrats’ plan all along to first secure passage of their fossil fuel-friendly legislation and then undermine the party’s more ambitious reconciliation package that proposes investing up to $3.5 trillion over a decade in clean energy and the social safety net.
The conservative West Virginia Democrat told reporters Thursday that on July 28, he secured a signed agreement (pdf) from Senate Majority Leader Chuck Schumer (D-N.Y.) outlining his conditions for voting on the final reconciliation bill.
-
-
As the United States continues to record thousands of cases of Covid infection and as many as 2,000 deaths per day, many Americans are scrambling to get rapid tests for extra reassurance as they return to school, work and start to travel. But rapid tests are hard to find on stores shelves across the country—and when you finally track them down, they cost from $10 to $15 per test. As it happens, that’s because there’s a nationwide shortage of rapid tests. Meanwhile, other countries have plentiful amounts of tests—in Germany, for instance, rapid testing, along with vaccination, has become the bedrock of their plan to live with the virus. There, rapid testing is widely used and available outside of restaurants and gyms and other facilities. Why is something that could be so instrumental to managing the pandemic so hard for Americans to get their hands on?
-
Many of America’s pro athletes are union workers, albeit union workers with a decidedly distorted social position, relative to organized working-class people more broadly. They benefit greatly from collective bargaining. As is the case for all workers, unions are a pro athlete’s best friend. Just do your own investigation into what conditions and wages were like before unions—pro sports were part playground, part sweatshop.
-
The new policy builds on existing rules against COVID-19 vaccine misinformation, which have led to the removal of 130,000 videos since October. YouTube says it has taken down more than 1 million videos for violating its overall COVID-19 medical misinformation policy.
-
The company said that while accounts will be taken down, so will any posts which express unfounded concerns about vaccines or falsely state that some vaccines cause autism or cancer or something else the vaccine has never been proven to cause.
-
Integrity/Availability
-
Based on the rising player number the urge to deal with the DoS problem is larger than ever. A few months ago for example we organized a Tournament for everyone in the community to participate. Unfortunately the event was the continuous target of DoS attacks for multiple hours, with players fleeing from one server to the next, trying to find a safe refuge. These bandwidth graphs for our servers in Netherlands and Germany respectively illustrate the problem: [...]
-
Proprietary
-
A threat actor, who claims to have worked for the REvil ransomware group among others, has cast doubt on the common tendency to associate individuals from a particular country who do such work as acting for the governments of the same countries.
-
Tokarev reported the vulnerabilities to Apple between March 10 and April 29, but the last time he heard back from Apple about the three vulnerabilities was August 6, August 12, and August 25, respectively. Then the researcher said he told Apple on September 13 he would publish details of the bugs unless he heard back.
It was only after he went public with details about the unpatched bugs that Apple reached out, according to Tokarev, who shared Apple’s email with Motherboard.
-
The tension might have stayed at a low simmer were it not for a Slack channel — #remote-work-advocacy — created in September 2020 to promote a more flexible working environment. By the summer of 2021, it had reached roughly 2,800 members, with conversations growing increasingly lively. After Cook made his announcement, employees knew they had to send a message. It was a small push back against management that would lay the groundwork for months of employee organizing and perhaps change the Apple workforce forever.
-
Security
-
Privacy/Surveillance
-
Over the last few weeks, the WSJ has run a series of posts generally called “The Facebook Files,” which have exposed a variety of internal documents from Facebook that are somewhat embarrassing. I do think some of the reporting is overblown — and, in rather typical fashion regarding the big news publications and their reporting on Facebook, presents everything in the worst possible light. For example, the report on how internal research showed that Instagram made teen girls feel bad about themselves downplays that the data actually shows a significantly higher percentage of teens indicated that Instagram made them feel better:
-
Not everyone uses an ad-blocker. But most people do. And no matter how much online publications claim ad blocking is the same thing as stealing, it really isn’t. If they’re bent out of shape about it, it’s because they assault users with ads, burying content behind a wall of uncurated virtual salesmen. If it bleeds, it leads, the old saying goes, but now it refers to readers’ processing power and data allotments.
-
Facebook’s head of global safety will face off with members of the Senate Commerce consumer protection subcommittee on Thursday as part of the panel’s first in a series of hearings focused on kids’ safety. As criticism of the tech giant heats up following recent bombshell reports, the panel will convene again next week to hear testimony from a Facebook whistleblower.
-
The short of it: I have a face detection algorithm running which, when a certain individual enters the field of the Pi’s vision, triggers a servo that powers on the blower, releasing a powerful air blast.
-
An unpatched stored cross-site scripting (XSS) bug in Apple’s AirTag “Lost Mode” could open up users to a cornucopia of web-based attacks, including credential-harvesting, click-jacking, malware delivery, token theft and more.
That’s according to Bobby Rauch, an independent security researcher who said that it’s possible to use the zero-day to fully weaponize an AirTag, with the ability to attack random strangers (or specific targets) should they interact with it.
Stored XSS, also known as persistent XSS, occurs when a malicious script is injected directly into a vulnerable web application. An attack then only requires that a victim visit a compromised web page.
-
Defence/Aggression
-
In late August, 26-year-old Abul Ahmed was heading to his university in Kabul to fill out some paperwork when he got a call from a friend. “Don’t go to your house, because it’s dangerous. The Taliban are there,” Abul recalled being told. Abul said he wasn’t going to leave his family, but after the Taliban took over Kabul, he knew they couldn’t stay at home. “The Taliban broke into our compound, and they stole our car,” he told me. “They beat up my uncle and searched our stuff.”
-
-
By the time Qiu started work on Ebola, the mishandling of the SARS epidemic by China’s leadership was well-known worldwide. Officials had been fired for misbehavior. China had called upon leading scholars in the US, like W. Ian Lipkin, and Chinese scholars with significant success abroad, such as George Gao, to help reorganize its public health system, especially its disease surveillance methods. That year, a group of scientists from Guangdong, the centre of the SARS pandemic, arrived in Winnipeg to tour the Canadian Science Centre for Human and Animal Health, which includes both the NML, now managed by PHAC (Public Health Agency of Canada), and the animal diseases lab managed by the Canadian Food Inspection Agency. China was negotiating its agreement with France, which led to the construction of the BSL-4 at the Wuhan Institute of Virology.
Natalie Salat, a reporter for Legion, a magazine about Canada’s military history, came to Winnipeg to write about the facility after the visitors from China had come and gone. Their attendance was presented to her as a mark of the NML’s global importance. Salat was told that the NML had partnerships with the Department of National Defence, the University of Manitoba, the US Centers for Disease Control and Prevention, the US Bioterrorism Response Network, etc. Stefan Wagener, whom Salat identified as the centre’s scientific director for biosafety and environment, told her that everyone who worked at the lab for more than ten days had to have a rigorous security clearance. He jokingly said that if he told her anything else about the detailed security measures in place, he’d “have to kill her.”227
-
Palestinian political disunity is tied to the fact that the issue of representation in Palestinian society has always been an outcome of one party trying to dominate all others. This dates back to Palestinian politics prior to the establishment of Israel on the ruins of historic Palestine in 1948, when various Palestinian clans fought for control over the entire Palestinian body politic. Disagreements led to conflict, often violent, though, at times, it also resulted in relative harmony – for example, the establishment of the Arab Higher Committee (AHC) in 1936.
These early years of discord duplicated themselves in later phases of the Palestinian struggle. Soon after Egyptian leader, Jamal Abdel Nasser, relinquished his influential role over the Palestine Liberation Organization (PLO) following the humiliating Arab defeat in 1967, the relatively new Fatah Movement – established by Yasser Arafat and others in 1959 – took over. Since then, Fatah has mostly controlled the PLO, which was declared in Rabat, in 1974, to be the “sole legitimate representative of the Palestinian people”.
-
What it does not show, and what Pentagon leaders don’t seem to understand, is why.
Whitlock’s book reads like a synopsis of the many essays, books and cartoons I produced over 20 years, which were rejected by most newspapers and news websites because editors and producers refused to publish content that criticized the war.
-
Coleen Rowley is an attorney, peace activist and whistleblower. She’s a retired FBI Special Agent and former FBI Minneapolis Division Legal Counsel. For her exposure of the FBI’s pre-911 failures, she was named one of Time Magazine’s “Persons of the Year” in 2002. We are extremely honored that she took the time to talk to us and share her views. Her responses below are exactly as she provided.
The questions here are not philosophical or abstract. They focus on the realities of the international power struggle unfolding in real time. They directly address the role of the U.S. in the escalating tensions and its capacity to reduce them. We also probe the role of everyday citizens in affecting the relationship the U.S. now has and will have with the rest of the world community.
-
The Los Angeles Police Department has spent years compiling a “gang database.” The term “compile” is used loosely, because the LAPD decides people are gang members just because they know gang members, or are related to them, or live in the same buildings, or work near them, or pass through gang-controlled neighborhoods, or go to school with gang members, or just (as non-gang people are wont to do) wear clothes, shoes, and hats. It’s ridiculous.
-
The bad news stemming from the ill-planned and ill-managed U.S. evacuation of the Afghan capital just kept coming in. The Washington Post put it this way in blowing the whistle on the culminating disaster: “U.S. military admits ‘horrible mistake’ in Kabul drone strike that killed 10 Afghans.”
-
Outraged French President Emmanuel Macron denounced the Biden-approved agreement as blatant “Trumpism” and withdrew the French ambassador to the U.S., the first and only such termination of diplomatic relations with France in some 250 years. “Trumpism” has in recent years come to be defined as “America First” or “MAGA,” Make America Great Again, including the imposition of U.S. tariffs not only against China but against Western European nations and Canada. At the time Democrats and leading U.S. corporate think tanks, including the Council on Foreign Relations, pilloried Trump’s tariffs but the Biden administrations has largely maintained them all and indeed, expanded their scope and impact. No doubt, there are always major divisions within the U.S. ruling class – not to mention among and between their international counterparts – when their base economic interests are in conflict.
Pivot to Asia
-
In other words, because Mr. Pierre has the passport of a former colonial power that brutally exploited Vietnam and its people until it was decisively defeated at the Battle of Điện Biên Phủ in 1954, he doesn’t have the right to constructively criticize anything that is happening here in 2021.
Vietnam and presumably other countries that France colonized get an unlimited pass on any societal problem, big or small. What does that have to do with the existential problem of air and water pollution? You guessed it: absolutely nothing.
-
Minneapolis, Minn.—On a quiet Sunday afternoon, Don Samuels emerged from his home on the northern wing of this city, wearing a black hoodie with “Pratt” printed on the chest. Clinging to his iPhone, Samuels sat on the porch as he typed the final words of a message he had been writing to a woman.
-
“But even though many Malians like the emphasis on national sovereignty, they are also concerned about where it may lead,” Tounkara continued. “If private security companies and Malian troops achieve military victories, that may well strengthen anti-French sentiment. On the other hand, if Bamako cuts ties to France and to its regional allies, it risks finding itself ostracised in the anti-jihadist struggle in the Sahel, without reliable partners to support it. That would be enormously disappointing to the Malian people.”
-
The so-called Molotov cocktail was thrown onto the balcony on the first floor of the shell of the building in the street Brückenstraße at around 3:30 a.m. last Saturday. As a result, a fire broke out. The resulting damage to property cannot yet be quantified. The Police Counter-Terrorism and Counter-Extremism Centre has taken over the investigation.
-
Transparency/Investigative Reporting
-
A scientist says he believes he has found the source of mysterious interference experienced in sonar and other devices during an investigation into the wreck of the MS Estonia, which sank in 1994 with the loss of 852 lives. The scientist, a hydrographer called Peeter Ude, says the source is transmitter beacons installed on the sea-bed and close to the wreck, but who placed them there, why and when remains unclear, he says.
-
Environment
-
Some observers object, claiming that “there is no limit to growth,” or “no limit to human ingenuity,” but the lessons of the natural world tell us otherwise. Some extreme technology-obsessed billionaires imagine that we’ll colonize other planets and leave the depleted Earth behind.
I ask this question to myself virtually every day: How do we change the human trajectory, away from growth, chaos, and collapse? What path will lead us toward genuine sustainability? I suspect that our progeny — and all other species — will be far better off if we embrace our relationship with the living Earth, learn from nature itself, consciously contract, slow our economies, and allow wild, untrammeled natural habitats to expand.
-
This story originally appeared in The Guardian and is republished here as part of Covering Climate Now, a global journalism collaboration cofounded by The Nation and Columbia Journalism Review to strengthen climate coverage.
-
Climate justice campaigners plan to descend on Washington, D.C. in October to protest outside the White House for a week straight, calling on President Joe Biden to declare a climate emergency and end all new fossil fuel projects.
The Build Back Fossil Free coalition announced the People Vs. Fossil Fuels: Biden’s Test demonstrations, to be held October 11-15, in a statement Thursday. The week of action will come just before COP 26, a United Nations climate summit scheduled to begin in Scotland at the end of next month.
-
Proposals to protect a third of the Earth for wildlife (or even ‘half Earth’, as suggested by some extremist conservationists) have been around for decades, but the idea has only been taken up as a serious proposition over the last couple of years. A target of 30% by 2030 has been included in a new draft action plan for 2020 to 2030 under the global Convention on Biological Diversity. A coalition of 60 governments led by France and Costa Rica is lobbying heavily for the idea.
During the World Conservation Congress just finished in Marseille, I asked the French government’s co-coordinator of this so-called ‘High Ambition Coalition’ how they foresaw the target working in practice. Key issues are not clear. Would each country have to designate 30% of its territory for conservation, or would it be a global target and, if so, how would it be determined which countries protected what, bearing in mind that biodiversity is very unevenly distributed around the planet?
-
Energy
-
A major natural gas pipeline in Pennsylvania was canceled this week in the face of a thicket of legal obstacles and intense local opposition. The cancelation may punctuate what could be the end of a decade-long pipeline building frenzy in the U.S. as federal regulators begin to heed calls from activists and local communities to increase scrutiny over unneeded pipelines crisscrossing the country.
The PennEast pipeline would have carried Marcellus shale gas from Luzerne County, Pennsylvania, across the Delaware River and to Mercer County, New Jersey. But the developers of the project canceled it on September 27, citing its inability to obtain state-level water quality permits from New Jersey. The decision came three months after the company won a case before the U.S. Supreme Court related to the corporation’s ability to seize state land using eminent domain authority.
-
The head of California’s powerful utility regulator announced to staff that she would be leaving her position at the end of the year, less than one year into a six-year term.
-
In that year, the planet will have 9.5 billion people who will consume 108 mbd of crude oil, although the diffusion of energy efficient technologies could reduce the oil demand by over 8 mbd. Despite this, oil “will continue to be the fuel with the largest share in the world energy basket.”
-
Wildlife/Nature
-
The Biden administration said Wednesday it will draft rules to govern the killing of wild birds by industry and resume enforcement actions against companies responsible for deaths that could have been prevented, a longstanding practice that ended under President Donald Trump.
The move came as North American bird numbers have plummeted drastically in recent decades. That decline was punctuated by news Wednesday that the famed ivory-billed woodpecker and 22 other species of flora and fauna have gone extinct.
-
Overpopulation
-
How important is religion and belief in the supernatural for family life, contraceptive use, fertility, and family size? Presumably many of our readers have considered the role played in high-fertility societies by the belief that “children are God’s will”. In this blog series based on a literature review1, we focus on Sub-Saharan Africa (SSA) and summarize much evidence about the importance of religion and religiosity. SSA has the highest degree of religiosity and highest fertility rate in the world. In part 1 below, we give background on scientific research into religion – an active field with intriguing theories and findings.
-
This year, Earth Overshoot Day fell on July 29th, which means humans currently use 74% more resources than what the planet can regenerate. In this episode of Good Together, Brightly’s co-founder and CEO, Laura Wittig, spoke with Sarah Baillie, the population and sustainability organizer at the Center for Biological Diversity, about how our everyday consumption plays a role and what we can do to ensure our resources are sustained.
-
Finding a long-term solution to overpopulation is bringing down the human population which our earth can support and living with decent conditions is all that’s needed. If the equilibrium doesn’t maintain it creates a misbalance on the environment and economy. It’s a fancy issue for those that don’t know the way overpopulation could be a threat to mankind and our earth evolved changes within the past few decades. Somewhere the population increasing with the speed of sunshine and somewhere it’s minimal.
Overpopulation is an alarming threat and if not taken into control, it will cause severe consequences in the future. Literacy and poverty are the two main causes that should be taken in control with the right steps to avoid the misbalance. Overpopulation is the evil root for climate change, poverty, unemployment, and conflicts. There are a million children who don’t have family their adoption is an option and home or shelter will be provided to them and collectively as humans, we have the power to make a world a better place to live in.
-
Finance
-
The progressive activists in the stands at Wednesday night’s congressional baseball game held up a series of banners, one of which said “Dems Don’t Fuck This Up,” and another that read “Our Lives Are a Game: Pass $3.5T.” A third banner declared: “Reconciliation First / Hold the Line.”
“We are going to make sure we deliver the entirety of the president’s agenda, because… 96% of Democrats in the House and Senate agree that that’s the right thing to do.” —Rep. Pramila Jayapal
-
-
The multi-trillion-dollar budget reconciliation bill moving through Congress represents an enormous opportunity to invest in unmet human and environmental needs. It’s also the best chance we have to close loopholes that help the wealthy avoid their fair share of taxes.
-
According to a White House analysis (9/23/21), the country’s 400 wealthiest families have an effective tax rate of just over 8%. At the New York Times (9/23/21), reporter Jim Tankersley was quick to cast doubt on the figure.
-
Activists continue to call on Democratic leaders to pass the $3.5 trillion Build Back Better Act, which expands the social safety net and includes measures to address the climate crisis. Progressives remain resolute in their opposition to passing a bipartisan $1 trillion infrastructure bill unless it is paired with the larger package. The Build Back Better Act represents “economic investment in the lives of poor and low-wealth people in this country,” says Reverend William Barber, co-chair of the Poor People’s Campaign. “The question here is not ‘What will it cost if we do this?’ What will it cost if we don’t do this?”
-
-
Over a dozen leading U.S. utility companies took more than a billion dollars of publicly-funded pandemic bailout money while pulling the plug on power to vulnerable households nearly a million times, according to a new report out Thursday.
“It is clear that private utilities prioritize profits and shareholder satisfaction over all else, including customer health and the climate.”—Chris Kuveke, BailoutWatch
-
In East and West Garfield Park, Chicago, we sought out residents’ archives to shed light on a neighborhood the city neglected.
-
Thus it surprises nobody to discover that when Donald Trump and the people around him learned, in mid-November of 2020, that there was absolutely no meaningful voter fraud in that month’s election, they chose, instead of acknowledging the truth, to go ahead with a plan to raise over $200 million dollars (and counting). That even today “President Trump” is sending out one or two fundraising emails a day, each one with the tiny “make this a recurring donation” box pre-checked.
Republican appointees on the US Supreme Court cracked open the door for professional grifters in 1976 when, for the first time in American history, the Court redefined politicians taking money from billionaires away from being “political corruption” and “bribery” — what such behavior had been called since the beginning of the republic — to instead say it was a mere “exercise of free speech” on the part of the morbidly rich.
-
AstroTurf/Lobbying/Politics
-
President Franklin Delano Roosevelt taught Democrats how to keep power by enacting bold programs that spoke to the pressing needs of working-class Americans. Unfortunately, the heirs to what is still referred to as “the party of FDR” have spent the better part of 75 years trying to unlearn that lesson.
-
There has been a lot of focus on moderation as carried out by platforms—the rules social media companies base their decision on what content remains online. There has however been limited attention on how actors other than social media platforms, in this case governments, seek to regulate these platforms.
-
Political observers predicted three options late Thursday as it remained unclear whether Speaker of the House Nancy Pelosi would still hold a vote on the Bipartisan Infrastructure Framework, or BIF, which has stirred a Capitol Hill fight between a small band of corporate Democrats in Congress and the rest of the party anchored by the Congressional Progressive Caucus.
As of this writing, there was no final word other than promises earlier in the day by Pelosi that a vote would come—even though fresh public comments from Sen. Joe Manchin (D-W.V.) made it clear that a chasm remains between his opposition and that of Sen. Kyrsten Sinema (D-Ariz.) and House Democrats on the $3.5 trillion Build Back Better Act that must ultimately be passed via the bicameral reconciliation process.
-
“There is an unfolding assault taking place in America today,” President Biden said in Philadelphia on July 13. “An attempt to suppress and subvert the right to vote in fair and free elections, an assault on democracy, an assault on liberty, an assault on who we are — who we are as Americans.”
All the world knows who is leading that assault: Donald Trump. Why then isn’t the President, or Democrats, or liberal and progressive opinion writers calling Trump and his high-ranking followers traitors? Not just “fascists” and “autocrats” but traitors. Aren’t the Trumpists committing treason by actively subverting constitutional democracy, the very fabric of our political system?
-
-
-
Mass opposition to Donald Trump began with immigration. His racist rhetoric and barbaric policies around immigrants and asylum-seekers are what first fueled outrage among liberals, as well as among people who were otherwise apolitical. Politicians, pundits, and rank-and-file Democratic voters alike rightfully decried Trump’s migrant policies, with some going as far as to compare the administration to the Nazi regime.
-
Video-sharing platform YouTube has deleted two German-language channels managed by Russia’s state-owned media company RT, prompting Moscow to blast the company for “censorship” and vow retaliation.
-
An important legacy of the original Conference on Security and Cooperation in Europe, held here in Helsinki in 1975, was the spirit of that meeting. The willingness of competitors and adversaries to sit at the same table, despite their disagreements. Such a spirit is in high demand today, on the global level.
We urgently need to respond to fundamental questions of war and peace, climate change and biodiversity loss, pandemics and the challenges of new technologies. We can only succeed in that together. It is a question of our common human responsibilities. What kind of a world will we leave to future generations?
Above all, these are not some distant global issues, somehow detached from our national interests. They are at the heart of our own security. And therefore, they reside at the very centre of Finland’s foreign and security policy.
-
Censorship/Free Speech
-
The case, Mahanoy Area School District v. B.L., involved a public high school student who was placed on the junior varsity cheerleading squad after failing to make varsity. Out of frustration, Brandi Levy (later identified by her full name since she is no longer a minor) shared a “snap” with her middle finger raised and text that said, among other things, “fuck cheer.” The message was posted on a Friday night from a local convenience store. The cheerleading coaches suspended Levy from the J.V. squad for a year after one of her Snapchat connections took a screen shot of the message and shared it with them.
The school justified the punishment of Levy’s off-campus speech by invoking the Supreme Court’s opinion in Tinker v. Des Moines Independent Community School District (1969), which held that students may not be punished for their on-campus speech unless the speech “materially and substantially” disrupted the school day or invaded the rights of others. The school further justified Levy’s suspension on the ground that social media posts generated off campus can easily be brought onto campus given the widespread use of cell phones and the internet. We argued that Tinker should not be used to punish off-campus speech—including social media speech.
In ruling in favor of Levy, the Supreme Court did not go as far as we had hoped. The Court held that Tinker may sometimes justify restrictions to off-campus speech: “[W]e do not believe the special characteristics that give schools additional license to regulate student speech always disappear when a school regulates speech that takes place off campus.”
-
Four months of wrangling over the program later, Professor Gage resigned after the university administration informed her that a new advisory board it was creating to oversee the course under previously ignored bylaws would be dominated by conservative figures of the donors’ choosing, including, against her strong objections, Henry A. Kissinger, the former secretary of state under President Richard M. Nixon.
Her resignation, which Yale has not yet made public, raises the question of where universities draw the line between honoring original agreements with donors and allowing them undue sway in academic affairs. It’s a question that can become turbocharged when colliding political visions, and the imperatives of fund-raising, are involved.
-
She was forbidden from participating in any type of public gathering. “They tried hard to erase me—I mean, erase my name, erase my position, erase my songs, erase my face, erase the memory of me,” she says. “But they couldn’t.”
At the peak of her career, Googoosh was forced to live in silence for 21 years. Then, in July of 2000, the government granted her permission to visit her family in Los Angeles, and she left. Her first stop was in Toronto. At the Air Canada Center Arena, 18,000 fans waited for her return with open arms.
Reminiscing about that auspicious day when she returned to the stage, Googoosh tears up. “I was speechless, and then I had fear,” she explains. “I didn’t know if I can take care of these people. But it happened.”
-
Hong Kong users have not been able to access the website from the city since Thursday without using virtual private networks. Internet service provider PCCW declined to comment. Providers HKBN and 3HK did not respond to requests for comment.
“This is a disgraceful act to erase historical memory,” the online museum said in a statement.
Police officers take away a cardboard featuring the image of Goddess of Democracy from the June 4th museum in Hong Kong on Sept. 9, 2021.Kin Cheung / AP Hong Kong police said they could not comment on individual cases, but said national security legislation states that “police may require service providers to take actions to prohibit electronic messages posted on electronic platforms that are likely to endanger national security.”
-
In a statement issued on Wednesday, the Reporters Without Borders (RSF) said that along with its Pakistani partner, the Freedom Network, it is supporting the campaign that Pakistani journalists have launched against the proposed legislation.
The draconian proposed law was unveiled in June and would create a powerful new entity called the Pakistani Media Development Authority (PMDA).
-
The judge, after going through the statements of the witnesses and their cross examination, observed that the oral and material evidence proved beyond reasonable doubt that the suspect wrote and distributed the writings attributed to her.
-
Last week, a report by the Lithuanian defence ministry’s National Cyber Security Centre (NCSC) alleged that Xiaomi’s Mi 10T 5G smartphone, which is widely sold in Europe, has a built-in ability to detect and censor terms such as “Free Tibet”, “Long live Taiwan independence” or “democracy movement”.
-
Sen. Rick Scott (R-Fla.) sent a letter to Microsoft and LinkedIn leadership on Thursday questioning why LinkedIn censored the profiles of U.S. journalists from the company’s China-based platform this week, according to a letter obtained by Axios.
Driving the news: LinkedIn — which is owned by Microsoft — notified several U.S. journalists this week, including Axios’ Bethany Allen-Ebrahimian, that their accounts will no longer be viewable in China due to “prohibited content” on their profile.
-
Freedom of Information/Freedom of the Press
-
-
-
Though District Judge Vanessa Baraitser ruled against the United States’ extradition request, she rejected the argument from the legal team for WikiLeaks founder Julian Assange that hostility within U.S. intelligence agencies “translated into improper pressure on federal prosecutors to bring charges.”
-
Civil Rights/Policing
-
On the first Monday in October, the Supreme Court, the most powerful government body controlled by conservatives, returns to work. Democrats have the White House and both chambers of Congress; Republicans, who have lost the popular vote in seven of the last eight presidential elections, are currently confined to the unelected, unaccountable branch of government.1
-
The simplest, and most appropriate response to that argument comes from comedian Doug Stanhope: “Then don’t talk to ’em.” Problem solved. But I can’t get a whole column out of that response, so let’s take apart the fake “issue” in a little more detail.
Often, the argument starts off with fake tones of sympathy. Those poor immigrants — how will they ever get jobs and “assimilate” if they don’t know “the national language?” Send them back for their own good!
-
-
-
-
-
Human rights organizations on Wednesday criticized the Biden administration over an expansion of privatized immigration detention they said represented an “inexcusable” walk-back of a campaign promise.
“When will Biden act on his promise to bring justice and fairness to the immigration system?”—Setareh Ghandehar, Detention Watch Network
-
“After living through decades of fleeing and fighting, Afghans now face a severe drought which has devastated food production, leaving millions hungry and destitute.”—Alexander Matheou, IFRC
-
Ahead of Steven Donziger’s sentencing scheduled for Friday, five United Nations human rights experts ruled that the American attorney who won a multibillion-dollar judgment against Chevron in Ecuadorian courts has been “arbitrarily” detained in the U.S. for 787 days.
“The appropriate remedy would be to release Mr. Steven Donziger immediately and accord him an enforceable right to compensation and other reparations.”—UN Experts
-
Wall-to-wall coverage of the case of Gabby Petito — a 22-year-old white woman and blogger who went missing while traveling with her fiancé Brian Laundrie and whose remains were found in a national park in Wyoming — has renewed attention on what some call “missing white woman syndrome,” the media’s inordinate focus on white female victims and the disparity in coverage for women of color. We host a roundtable discussion with Amara Cofer, host and executive producer of the podcast “Black Girl Gone”; Mary Kathryn Nagle, a citizen of the Cherokee Nation and lawyer focused on tribal sovereignty; and Melissa Jeltsen, a freelance reporter who covers violence against women. “There is an underrepresentation of Black women, of women of color in these stories,” says Cofer.
-
Listed as a UNESCO World Heritage Site since 1988, the Daintree National Park was handed back to the Eastern Kuku Yalanji people in a ceremony in the remote town of Bloomfield on Wednesday.
The 135-million-year-old tropical rainforest is famed for its rich biodiversity – from a giant clawed cassowary bird to plants that have existed since the age of the dinosaurs. But it has come under sustained pressure from climate change and industries such as logging.
In striking a new deal to manage the rainforest, Queensland said the Daintree would be returned to the traditional owners of the land.
-
The judge said that Couzens’ use of his police status to carry out the “grotesque” offences warranted the highest penalty, a rare whole-life jail term for which there is no possibility of parole.
-
To examine the extent of under-reporting, researchers compared NVSS data to three non-governmental, open-source databases on police violence: Fatal Encounters, Mapping Police Violence, and The Counted [2]. These databases collate information from news reports and public record requests. When compared, the researchers’ new estimates highlight the extent to which deaths from police violence are under-reported in the NVSS and the disproportionate effect of police violence on Black, Hispanic, and Indigenous people in the USA.
-
About 84% of police killings in the state from 1980 to 2018 were unreported or misclassified in official government reports, according to the peer-reviewed study in The Lancet, one of the world’s oldest and most renowned medical journals.
-
Domestic critics are routinely arrested and, since at least 2015, UAE authorities have ignored or denied requests for access to the country by United Nations experts, human rights researchers, and critical academics and journalists. The government’s pervasive domestic surveillance has led to extensive self-censorship by UAE residents and UAE-based institutions; and stonewalling, censorship, and possible surveillance of the news media by the government.
-
Internet Policy/Net Neutrality
-
For years cable TV has been plagued by retrans feuds and carriage disputes that routinely end with users losing access to TV programming they pay for. Basically, broadcasters will demand a rate hike in new content negotiations, the cable TV provider will balk, and then each side blames the other for failing to strike a new agreement on time like reasonable adults. That repeatedly results in content being blacked out for months, without consumers ever getting a refund. After a few months, the two sides strike a new confidential deal, your bill goes up, and nobody much cares how that impacts the end user. Rinse, wash, repeat.
-
Instead, the growing amount of information I include about the link is a quiet reaction to the unfortunate fact that over time, an increasing number of URLs will stop working. More and more I’ve come to feel that the more information I include about a URL, the better for the future, both for me and for other people. If I put in the full title and even the name the author uses, there’s a higher chance that some copy of the page can be found in search engines, even if the domain changes, the site is restructured, the form of the URLs all change, and so on.
-
The model comes with several inherent benefits over conventional approaches, the conference heard. “When a community owns [the infrastructure] they’re going to build it to the specs they need,” McKinley explained. “Private [carriers] will employ cost-cutting methods wherever they can.”
-
Monopolies
-
The search-giant’s power over mobile phones is the focus of a week-long court hearing. Google’s lawyers are arguing that the European Commission blundered by demanding changes to allegedly anti-competitive contracts with suppliers of phones running its Android operating system — the engine room for the vast majority of mobile devices in the region.
-
Patents
-
The CPTPP is largely an agreement to treat companies equally, regardless of the country they come from. Importantly, it is intended to be a ‘high quality’ agreement. So, for instance, while Article 2.4 focuses on the elimination of customs duties, China has recently demonstrated a willingness to use informal trade restrictions, such as unofficial instructions to simply not process goods coming from Australia. Such moves would certainly be against the spirit of the CPTPP.
-
Copyrights
-
Eddy Grant filed the lawsuit in New York in September 2020 after the campaign used his work in an online video. The clip features a fast train mean to represent the Trump campaign, while Joe Biden trails along in a manually operated vehicle. Twitter removed a viral copy of the video following a copyright claim from Grant.
Eddy Grant is just one of many artists who pushed back against the Trump campaign using his music. Other artists who objected to their music being featured in political campaigns include Neil Young, The Rolling Stones, Panic! at the Disco and many more.
-
Terms of the settlement weren’t disclosed
-
According to NBCUniversal, the standoff over carriage — which has become all too common in the streaming wars, particularly when it comes to regional sports programming — involved a demand for what an NBCUniversal source close to the matter described as a fair rate relating to marketplace terms. A spokesperson for YouTube, meanwhile, said that the company was negotiating for terms that it sees as fair based on industry standards and the size of its service. The spokesperson also said that NBCUniversal asked YouTube TV to bundle Peacock, which the spokesperson claimed would result in users paying twice for the same content.
-
Cloudflare has booked a partial victory in a piracy lawsuit filed by several models whose photos leaked online. The CDN provider previously offered its proxying service to the now-defunct website ‘Thothub’. The court agreed with Cloudflare that there’s no evidence for direct infringement, but the contributory copyright infringement claim remains intact.
-
An accused pirate has asked a Texas federal court to dismiss a copyright lawsuit filed by Malibu Media. The adult entertainment company, which has sued thousands of people over the years, is currently suspended by California’s Franchise Tax Board. The defense argues that, due to this suspension, the company is not allowed to maintain a lawsuit.
-
We’ve talked far too many times about how the DMCA takedown processes across internet industries as they stand are wide, wide open for abuse. From churches wielding copyright to attempt to silence critics engaging in protected speech, to lawyers using copyright to try to silence critics engaging in protected speech, to freaking political candidates abusing YouTube’s DMCA notice process to silence critics engaging in protected speech… well, you get the idea. The point is that we’ve known for a long, long time that the current method by which the country and companies currently enforce copyright law tilts so heavily towards the accuser that it’s an obvious avenue for misuse.
Permalink
Send this to a friend
Posted in Free/Libre Software, FSF at 3:19 am by Dr. Roy Schestowitz
Alex Oliva et al (including Richard Stallman) mentioning Gemini: Alexandre Oliva: The WWWorst App Store
Yesterday (by FSF): FSF announces JShelter browser add-on to combat threats from nonfree JavaScript | Keeping your freedom intact when registering or renewing as a DMCA agent
Workarounds are not solutions. Maybe another approach is, let’s get off the Web (to the extent possible). There are also benefits for the environment and that scales well for residential connections (hosting from home, self-hosting).
Gemini near 1,700 known capsules now. It’s growing fast. More of us adopt it [1, 2].
Summary: JavaScript as a concept (Web sites running code on someone else’s computer) is flawed; for more things we need to adopt and spread something like Gemini (where such a mindset is strongly and actively discouraged)
Permalink
Send this to a friend
Posted in Site News at 2:53 am by Needs Sunlight
Also available via the Gemini protocol at:
Over HTTP:
Enter the IRC channels now
IPFS Mirrors
| CID |
Description |
Object type |
Qmd9ygn4gGEK7rTg8GZft7VHcYfkMJcEnPCXzhxipKxPh7 |
IRC log for #boycottnovell
(full IRC log as HTML) |
 |
Qmf8okkFW8ybyX61qSZi9pbQFb8UdyLxdNk1P9NXrb4sB3 |
IRC log for #boycottnovell
(full IRC log as plain/ASCII text) |
 |
QmecFeoDDPtHJD7HYMkMzyCmWv9ixiB9kxFK8iaWZuWMsP |
IRC log for #boycottnovell-social
(full IRC log as HTML) |
|
QmWExioLPiQ8iVYroH7HwaL7tEni4Mpr3HTWbTH4oQFi6p |
IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text) |
|
QmZt8ZTaKy2TJeuLT7Gz3krB9FtkUAfM6Dsa7Mrhck3WKF |
IRC log for #techbytes
(full IRC log as HTML) |
|
QmUWhsMaDi7Y4zNZYmALtj7167guEnrAWbZN44Vrs7Dv1L |
IRC log for #techbytes
(full IRC log as plain/ASCII text) |
|
QmZgMVVVp4zC9XoGgC9BYobrrRYQZNkyFV5tVaZBiDF1Mo |
IRC log for #techrights
(full IRC log as HTML) |
|
QmeAFyt44V5vahpGxwEogEbJMozJ9rdU1BmE7h5aSxU6YK |
IRC log for #techrights
(full IRC log as plain/ASCII text) |
|
Bulletin for Yesterday
Local copy | CID (IPFS): QmRXKRPosZ7Bz2MggcSzikrb6U91AxeDNghC3nQk4eD4fh
Permalink
Send this to a friend
Posted in News Roundup at 2:05 am by Dr. Roy Schestowitz
Contents
-
-
Desktop/Laptop
-
Linux is an operating system used in everything from phones to cars and complex supercomputers, yet you can also use it to power your personal computer. The desktop may not be the space where you’re most likely to encounter Linux, but it’s more than worth your consideration.
Far from being merely another tool for the job, there are several big benefits that come from taking the time to try out, learn, and maybe even stick with using the Linux desktop. Here are four advantages of switching to Linux:
1. A Free Course in Digital Ethics
The free and open-source community views software differently from what you encounter on commercial operating systems. On Windows, macOS, Android, and iOS, most apps come exclusively as binaries whose code you don’t have access to. This binary, though sometimes available for free, is generally a product that you pay for.
The Linux world doesn’t focus on the binary but on the code itself. This code is a language, and the only way to know what it’s doing is to read it. If you (or other Linux users) can’t read the code, you have no way to know what it’s actually doing. You can only have the developer’s word.
Free software is based on the four freedoms. Here they are, as defined by the Free Software Foundation…
-
Audiocasts/Shows
-
A few months back I did a video about the Arch Guided Installer and at the time it was an absolute train wreck but I gave it a few months and I have to admit it’s now become an amazing piece of software.
-
Kernel Space
-
I'm announcing the release of the 5.14.9 kernel.
All users of the 5.14 kernel series must upgrade.
The updated 5.14.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.14.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
thanks,
greg k-h
-
-
-
In addition to Linux 5.15 adding a new AMD audio driver for “Van Gogh” APUs such as found in the forthcoming Steam Deck, AMD’s open-source Linux driver engineers have also been working on other audio improvements — this time on the Chromebook front.
A set of eight AMD Linux audio patches were sent out today. These audio patches of relevance to Renoir and Cezanne platforms seems to be driven by the Google Chromebook “Guybrush” board but may prove relevant to other hardware moving forward. That Guybrush Zen 3 Chromebook has been known since the end of last year when it began appearing in Chromium OS sources.
-
When I bought this laptop last year, I needed a Bluetooth mouse. Nothing fancy, nothing that would break the bank. Amazon had a “Microsoft Bluetooth Mouse” in Warehouse Deals for $9.99!
In fact, for that $10, you got a Bluetooth 5.0 LE device, no less, with battery life that goes on for months and months of constant use.
The problem I kept hitting was that it just doesn’t work very well with Windows 10. In fact, despite all of the “This works great with Windows 10!” nonsense on Amazon, from Microsoft, the facts are that it is very frustrating due to the Bluetooth stack on Windows being utter crap.
-
Intel
-
Lava will be available as open-source on GitHub under BSD-3 and LGPLv2.1 licensing.
-
Intel’s open-source Linux graphics driver engineers are evaluating possible improvements to the Linux kernel for accommodating CPU and GPU synchronized priority scheduling.
-
Applications
-
There is a new application available for Sparkers: KDiskMark
-
Let’s have a look at the list of the best hard disk cloning tools for Linux-based operating systems.
-
Instructionals/Technical
-
Snort is an open-source lightweight network Intrusion Prevention System for running a network intrusion detection system (NIDS). Snort is used to monitor the package data sent/received through a specific network interface. Network intrusion detection systems can catch threats targeting your system weakness and vulnerabilities using signature-based detection and protocol analysis technologies.
When NIDS software is installed and configured correctly, can identify different kinds of attack and suspicions things like CGI attacks, network policy violations, SMB probes, malware infections, a compromised system, stealth port scan, etc.
-
MERN stack is a combination of MongoDB, Express, React, Node. All of them are based on Javascript and the stack is used to build modern web applications. It is comprising the front-end (React), back-end (Node and Express), and database components (MongoDB).
-
Written in PHP, Magento is a popular open-source, and versatile eCommerce platform that provides businesses with an online shopping cart. It leverages various PHP frameworks such as Symfony and Laminas to enhance its functionality and usability.
Magento provides you with an Administrator’s control panel that helps you create your online shop, manage product catalog, monitor transactions and invoices, and keep track of customers’ purchase behavior among many other tasks.
-
Zoom is a popular video conferencing software available for multiple operating systems including Linux. Here we learn the simplest way to install Zoom client on Debian 11 Bullseye Linux.
Zoom as a conferencing software can be used to perform telephone and video conferences. The basic functions of Zoom can be used free of charge and registration is not absolutely necessary. Zoom is available both as a program for the computer and as an app for all Android and iOS devices.
Even if the use of Zoom is basically free of charge, not all functions of the program are available to you in the basic free version. Not only is the number of participants in a conference limited to 100 people, but also its duration. If there are more than two people, the maximum conversation limit will be up to 40 minutes.
-
Telnet is a protocol that allows you to connect to remote computers (called hosts) over a TCP/IP network using a client-server protocol to establish a connection to Transmission Control Protocol port number 23
In the following tutorial, you will learn how to install Telnet on a Debian 11 Bullseye operating system.
-
The Lounge is a web-based IRC client written in Node.js and can be installed and then accessed from any modern browser for a native-like experience without having a dedicated application installed.
-
On a Linux operating system environment, mastering how to create and restore backups is a very important skill set. It is easier for well-versed Linux user to attain their data backup goals from the terminal environment without the need for a GUI-oriented application package.
The Linux dump utility is effective in creating filesystem backups on an availed storage device. However, the filesystem supported by this backup utility disregards the likes of ReiserFS and FAT.
-
WordPress is the most dominant content management system written in PHP, combined with MySQL or MariaDB database. You can create and maintain a site without any prior knowledge in web development or coding. The first version of WordPress was created in 2003 by Matt Mullenweg and Mike Little and is now used by 70% of the known web market, according to W3Tech. WordPress comes in two versions: the free open source WordPress.org and WordPress.com, a paid service that starts at $5 per month up to $59. Using this content management system is easy and often seen as a stepping stone for making a blog or similar featured site.
In the following tutorial, you will learn how to install self-hosted WordPress using the latest Nginx, MariaDB, and PHP versions available.
-
Wine is an open-source compatibility layer that allows you to run Windows applications on Unix-like operating systems like Linux, FreeBSD, and macOS. It is an interface that translates Windows system calls into equivalent POSIX calls used by Linux and other Unix-based operating systems.
For Linux users, Wine is a savior when running Windows-based applications on UNIX systems. However, not all Windows applications will run in Wine and may have strange crashes or bugs. The Wine AppDB is a database containing a list of applications that have been tested and confirmed to work under Wine.
-
Composer is an application-level package manager for the PHP programming language similar to NPM for Node.Js or PIP for Python. Composer provides a standard format for managing all dependencies of PHP software and the required libraries by downloading all the required PHP packages of your project and managing them for you. It is used by most modern PHP frameworks such as Laravel, Drupal, Magento, and Symfony.
In the following tutorial, you will learn how to download and install composer, along with some essential how to work with composer on Debian 11 Bullseye.
-
Discord is a free voice, video, and text chat app used by tens of millions of people ages 13+ to talk and hang out with their communities and friends. Users communicate with voice calls, video calls, text messaging, media, and files in private chats or as part of communities called “servers.” Discord is available on Windows, macOS, and Linux Distros.
In the following tutorial, you will learn how to install Discord client on Debian 11 Bullseye.
-
Opera is a freeware, cross-platform web browser developed by Opera Software and operates as a Chromium-based browser. Opera offers a clean, modern web browser that is an alternative to the other major players in the Browser race. Its famous Opera Turbo mode and its renowned battery saving mode are the best amongst all known web browsers by quite a margin, along with a built-in VPN and much more.
In the following tutorial, you will learn how to install Opera Browser on Debian 11 Bullseye.
-
Python is one of the most popular high-level languages, focusing on high-level and object-oriented applications from simple scrips to complex machine learning algorithms. The Python language was created by Guido van Rossum and released in 1991, Python 2 in 2000, and Python 3 in 2008. Currently, the latest series in Python is 3.9 brings forward significant changes to language features, and how the language is developed along with a performance boost in new string functions, dictionary union operators, and more consistent and stable internal APIs.
-
Slack is one of the most popular collaboration communication platforms in the world. From it was initial launch in 2013, it has grown. It is now favored amongst development teams and corporations to integrate so many services, run groups, and meetings, amongst other things. The way Slack works is to create channels for your teams, topics, customers, or co-workers. Slack also features voice and video calls, file sharing.
In the following tutorial, you will know how to install the Slack communication platform on Debian 11 Bullseye.
-
By default, Debian does not come with Snap or Snap Store installed as this is a feature that was built by developed by Canonical as a faster and easier way to get the latest versions of software installed on Ubuntu systems, and Snap packages are installed from a central SNAP server operated by Canonical.
Given that Ubuntu is based on Debian, Snap can be installed and, for the most part, work with most packages. There are a few conflicts with specific packages, especially when Debian spits out a new release, luckily Debian stable releases are few and far between. The issue with Snaps VS APT package manager is that Snaps are self-contained, which results in an increased .snap due to having all its dependencies included. In contrast, APT is much lighter than its snap counterpart because it doesn’t need to bundle dependencies.
-
Steam is a video game cross-platform that Valve created. It was launched as a standalone software client in September 2003 as a way for Valve to provide automatic updates for their games and expanded to include games from third-party publishers and now boasts a library filled with thousands if not tens of thousands of games across all gaming consoles.
In the following tutorial, you will learn how to install Steam on your Debian 11 Bullseye desktop.
-
Linux operating systems, like most others, offer multiple users to use the same system. This requires implementing different permissions for different files and folders to ensure the privacy of operation.
The chmod command is used for changing these permissions for the files and folders.
Chmod stands for change mode, and “mode” means permissions in Linux terminologies.
In this tutorial, we’ll cover what chmod 777 means and what the command does.
-
Oh my Zsh! Give your Linux Terminal a makeover using this guide. Here, we explain how to install, use and configure several themes in Zsh.
-
tmux is an open-source terminal multiplexer for Unix-like operating systems. It allows multiple terminal sessions to be accessed simultaneously in a single window.
Tmux is useful for running more than one command-line program at the same time. It can also be used to detach processes from their controlling terminals, allowing remote sessions to remain active without being visible.
-
I recently figured out how to launch my Steam games from the shell today. This means that I can now start my games via my application launcher Rofi.
-
Nessus is a very popular vulnerability scanner used by tens of thousands of organizations across the globe. And although Nessus doesn’t prevent attacks, it does a fantastic job of checking for vulnerabilities and loopholes in your company’s infrastructure.
-
Today we are looking at how to install DeSmuME on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!
Most ROMs work, they must be extracted and in your Linux Files in your file manager.
-
Overlord provides a python-based console CLI which used to build Red Teaming infrastructure in an automated way. The user has to provide inputs by using the tool’s modules such as C2, Email Server, HTTP web delivery server, and the modules and scripts will be generated on a cloud provider of choice.
Overlord is still under development and it inspired and uses the Red-Baron Terraform found on Github.
The tool supports AWS and Digital Ocean.
-
In this tutorial, we will show you how to install Hugo on Ubuntu 20.04 LTS. For those of you who didn’t know, Hugo is an open-source static website generator designed for small projects and informative sites. It is written in the Go language, making it very secure and extremely fast. Hugo provides a great writing experience and is optimized for website viewing. Hugo supports unlimited content types, taxonomies, menus, dynamic API-driven content, and more, all without plugins. Additionally, you can output your content in multiple formats, including JSON or AMP
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Hugo static website engine on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
-
In this tutorial, we will show you how to install FFmpeg on Debian 11. For those of you who didn’t know, FFmpeg is one of the best multimedia frameworks that can be used to encode, decode, transcode, and play nearly all multimedia files that have been created on any platform. FFmpeg compiles and runs on Linux, Mac OS, Microsoft Windows, BSD systems, and many more.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the FFmpeg on a Debian 11 (Bullseye).
-
I finally figured out what will make the Intel AX210 WiFi Chipset stay connected to my router and stable, without complaining about expecting hardware encrypted frames, and “software error detected in firmware” and deauthenticating for “reason 3”, among other problems.
-
Games
-
Shared on a Chinese news website, one lucky recipient of the Steam Deck developer kit decided to show off some benchmarks although they probably weren’t supposed to.
We already knew that the Steam Deck had some pretty impressive internals, and that Valve had said it’s “the most powerful gaming handheld in the world” in their YouTube advert. However, we’ve not really seen any good numbers until now.
Something to remember is that this is a dev kit, and so tweaks are likely to be made before the consumer units go out. Not only that but plenty of developers will no doubt be tweaking their games ahead of time. There will also be multiple updates to the Steam Play Proton compatibility layer before release too for running Windows games on it.
-
Ready for more adventuring that might make you need a tissue to dry your eyes? Freebird Games are back for the third game in the To The Moon series with Impostor Factory.
Described as a “bonkers time-loop tragicomedy murder mystery thriller featuring multiple casualties and a suspicious cat” I still don’t quite get if it’s a sequel, a prequel or what. The good thing is you don’t need to know either, as it’s playable completely standalone to their previous games. This time the story is focused on a character named Quincy, who was invited to some sort of party at a suspicious secluded mansion that has a time machine in the bathroom and somewhere along the way people start dying.
-
Desktop Environments/WMs
-
K Desktop Environment/KDE SC/Qt
-
Hey, look what I just received! A tablet from GAOMON for a video review oriented GNU/Linux and Krita (soon).
-
GNOME Desktop/GTK
-
DuckDuckGo doesn’t put any of my posts on the front page of its results even when you specifically search for them.
According to Wikipedia, DuckDuckGo has an “anti-content farm” policy that was created by CEO Gabriel Weinberg, and it was designed to filter out “sources of low quality articles”.
While there’s nothing wrong with this in theory, in fact, I am quite angry that they don’t think that what I have to say should be in their results at all, even if you search specifically for me.
Techrights has a page about DuckDuckGo’s shifty practices. Also, another one updated with more nasty things they do in 2021.
GNOME Web defaults to DuckDuckGo as a way to earn search royalties, and some others do too. They pay very little, but more than Google will to some smaller projects, and so unfortunately Tor also uses it and this after the pittance of something like $40,000 in a one off donation, if memory serves correctly.
Interestingly, GNOME Web has been making the Google experience better lately. In addition to lying to it with UA hacks to make it think you use Chrome and to silence the Get Chrome spam, they’ve added a YouTube ad blocker in the version “41” release and also, the option (disabled by default) in the privacy settings to get instant search results if you use Google.
-
-
The new release, Nitrux 1.6.1, is here with Linux kernel 5.14.8 as default kernel, alongside Linux kernel 5.10.69 LTS and Linux kernel 5.4.149 LTS for users who want to use a long-term supported kernel, as well as the KDE Plasma 5.22.5 desktop environment, KDE Gear 21.08.1 and KDE Frameworks 5.86 software suites.
On top of that, it includes the recently released Inkscape 1.1.1 scalable vector graphics editor and Mozilla Firefox 92 as default web browser, which is available as a sandboxed AppImage by default.
-
I have suffered from distrohopping. Now that I have settled for the last two years, here are some tips to save your time.
-
BSD
-
This new ISO contains installer fixes, GPU auto-configuration improvement, software updates.
-
Screenshots/Screencasts
-
In this video, we are looking at Fedora 35 Beta.
-
Today we are looking at Fedora 35 Beta. It comes with Gnome 41rc, Linux kernel 5.14, and uses about 1.5-1.8GB of ram when idling.
-
IBM/Red Hat/Fedora
-
As organizations expand their footprint within cloud-native architectures, Red Hat OpenShift and Red Hat products that extend its functionality become key to scaling infrastructure to manage more workloads and applications. Red Hat now offers an extensive portfolio of training and certifications to teach the skills required for these advanced Red Hat OpenShift capabilities.
We have recently launched advanced training courses to help teams and individuals looking to increase self-sufficiency in Red Hat OpenShift administration. And we have even more that are currently in development. We’ll provide some course highlights in this post.
-
Red Hat, Inc., the world’s leading provider of open source solutions, today announced Red Hat Ansible Automation Platform 2 as the company’s new standard for hybrid cloud automation. Refined for the evolving realities of computing at hybrid cloud scale, the latest version of the platform adds self-contained automation capabilities while shifting automation more deeply into the application development lifecycle.
-
Red Hat has announced Red Hat Ansible Automation Platform 2 as the company’s new standard for hybrid cloud automation. Refined for the evolving realities of computing at hybrid cloud scale, the latest version of the platform adds self-contained automation capabilities while shifting automation more deeply into the application development lifecycle.
-
-
Open Hardware/Modding
-
The Super 8 camera, while a groundbreaking video recorder in its time, is borderline unusable now. Even if you can get film for it (and afford its often enormous price), it still only records on 8mm film which isn’t exactly the best quality of film around, not to mention that a good percentage of these cameras couldn’t even record audio. They were largely made obsolete by camcorders in the late ’80s and early ’90s, although some are still used for niche artistic purposes. If you’d rather not foot the bill for the film, though, you can still put one of these to work with the help of a Raspberry Pi.
-
The Arduino #include program was first announced as part of 2021’s Arduino Day. Since then we’ve been working with Powercoders, which runs a bootcamp to promote equality in the IT industry.
-
-
I’ve been an individual member and occasional volunteer of the OSI for a long time, but signing on in August 2020 as Interim General Manager was a jump into the deep end. Much of OSI’s past work was informed by the connections and conversations held with members and stakeholders in person, so we had to chart a different path while still grounded by the COVID-19 pandemic.
My challenge was to look for ways to continue our work during lockdown, keep the organization moving forward through a transitional year and support the board on its journey towards a visioning body that works with a staff-driven organization. Now it’s time to hand things over to our new Executive Director, Stefano Maffulli but first I’d like to recap my time spent in navigating these waters.
[...]
I’m leaving OSI but will still be active in the free and open source software community. I’m looking forward to seeing all of you at in-person events again (eventually) and at many online events like SeaGL and the CROSS Research Symposium or on upcoming video calls where we’re collaborating to build a robust, diverse, welcoming and sustainable future for open source practitioners and advocates.
As I step down from my year as the Interim General Manager, I’m proud to remain a friend and individual supporting member of the OSI.
-
Events
-
The recently completed Linux Plumbers Conference (LPC) 2021 used the Big Blue Button (BBB) project again as its audio/video online conferencing platform and Matrix for IM and chat. Why we chose BBB has been discussed previously. However this year we replaced RocketChat with Matrix to achieve federation, allowing non-registered conference attendees to join the chat. Also, based on feedback from our attendees, we endeavored to replace the BBB chat window with a Matrix one so anyone could see and participate in one contemporaneous chat stream within BBB and beyond. This enabled chat to be available before, during and after each session.
One thing that emerged from our initial disaster with Matrix on the first day is that we failed to learn from the experiences of other open source conferences (i.e. FOSDEM, which used Matrix and ran into the same problems). So, an object of this post is to document for posterity what we did and how to repeat it.
-
James Bottomley explains how the integration of Matrix and BigBlueButton was done for the just-concluded Linux Plumbers Conference.
-
The Debian Reunion Hamburg 2021 is almost over now, half the attendees have already left for Regensburg, while five remaining people are still busy here, though tonight there will be two concerts at the venue, plus some lovely food and more. Together with the day trip tomorrow (involving lots of water but hopefully not from above…) I don’t expect much more work to be done, so that I feel comfortable publishing the following statistics now, even though I expect some more work will be done while travelling back or due to renewed energy from the event! So I might update these numbers later
-
Web Browsers
-
Mozilla
-
From the start, the Glean JavaScript SDK (Glean.js) was conceptualized as a JavaScript telemetry library for diverse JavaScript environments. When we built the proof-of-concept, we tested that idea out and created a library that worked in Qt/QML apps, websites, web extensions, Node.js servers and CLIs, and Electron apps.
However, the stakes are completely different when implementing a proof-of-concept library and a library to be used in production environments. Whereas for the proof-of-concept we wanted to try out as many platforms as possible, for the actual Glean.js library we want to minimize unnecessary work and focus on perfecting the features our users will actively benefit from. That meant, up until a few weeks ago, Glean.js supported browser extensions and Qt/QML apps. Today, that means it also supports Node.js environments.
-
-
Over the last few weeks, Tyler Mandry and I have been digging hard into what it will take to implement async fn in traits. Per the new lang team initiative process, we are collecting our design thoughts in an ever-evolving website, the async fundamentals initiative. If you’re interested in the area, you should definitely poke around; you may be interested to read about the MVP that we hope to stabilize first, or the (very much WIP) evaluation doc which covers some of the challenges we are still working out. I am going to be writing a series of blog posts focusing on one particular thing that we have been talking through: the problem of dyn and async fn. This first post introduces the problem and the general goal that we are shooting for (but don’t yet know the best way to reach).
-
The truth of modern tracking is that it happens in so many different and complex ways it’s practically impossible to ensure absolute tracking protection. But that doesn’t mean we’re powerless against personal data harvesters attempting to trace our every online move. There are a bunch of browser extensions that can give you tremendous anti-tracking advantages…
-
FSF
-
The Free Software Foundation (FSF) today announced the JShelter project, an anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection. The project is supported by NLnet Foundation’s Next Generation Internet (NGI) Zero Privacy & Trust Enhancing Technologies fund. Collaborators include Libor Polčák and Bednář Martin (Brno University of Technology), Giorgio Maone (NoScript), and Ana Isabel Carvalho and Ricardo Lafuente (Manufactura Independente). The JShelter browser add-on is in development and the first release is available.
Most modern Web sites contain a growing number of programs that the user’s Web browser downloads and runs automatically as pages are loaded. While these JavaScript programs can provide functionality to a site in conjunction with native browser features, they are also a significant liability both from security and privacy perspectives. Moreover, the software is typically licensed under unethical terms by the FSF’s standards, disempowering users and hampering learning and security. With a thirty-six year history of defending software ethics, The FSF recognizes the importance and urgency of both aspects of the problem and its role in solving this significant challenge. In response, the FSF has been working on an ambitious new initiative, the JShelter browser extension. This browser add-on will limit the potential for JavaScript programs to do harmful actions by restricting default behavior and adding a layer of control. JShelter is a significant next step in the FSF’s “Free JavaScript Campaign,” providing a new tool that can be used in conjunction with another related extension, GNU LibreJS, which allows the user to identify and run only freely licensed scripts.
-
DMCA agent registration only lasts three years before it must be renewed. Use these add-ons to register and renew without the use of nonfree JavaScript.
Users shouldn’t be forced to use nonfree software when interacting with their own government. Every user has the right to control their own computing, and the government shouldn’t be forcing you to download and install proprietary software just to take advantage of its services. But when it comes to registering and renewing the status as an agent under the Digital Millennium Copyright Act (DMCA) in the United States, that’s exactly what the government expects you to do.
The U.S. Copyright Office requires a registered agent to renew their status every three years to help ensure that the agent directory stays up to date. However, the renewal can only be done online, and you are required to use nonfree software. We find this unacceptable. Fortunately, three years ago we devised a way to complete an agent’s registration circumventing the use of nonfree Javascript. Today, we confirm the process still works and it can be applied to renewal as well. We encourage everyone to learn more about these tools to access your government services in software freedom.
-
Programming/Development
-
Over the past few years, the LLVM toolchain has seen increasing development and adoption alongside the older, more established GNU toolchain. The emergence of this new two major toolchain world is bringing challenges and questions for projects that need to support both, in particular the GNU C library (glibc), which only supports GCC.
Is it worth it to fix glibc (and other projects which support only GCC) to build with LLVM? Is it better to just replace them with alternatives already supporting LLVM? Is it best to use both GCC and LLVM, each for their respective supported projects?
This post is an exploration starting from these questions but does not attempt to give any definite answers. The intent here is to not be divisive and controversial, but to raise awareness by describing parts of the current status-quo and to encourage collaboration. The obvious elephant in the room, licensing, is left out despite being a very important topic.
-
-
Vue is a popular JavaScript framework for building frontend web apps. It is proven to be a reliable, production-ready, and development environment for enterprises.
Vue framework community enriches it every day with reusable open-source components for almost everything.
In this article, we explore the open-source options to build an eCommerce personalize shopping experience with Vue.
-
Perl/Raku
-
Perl has various ways to transfer control out of the normal flow: die(), goto(), return(), next, last, and redo are among the sorts of things I mean. Not all of these are suitable for all circumstances, and Perl issues an exiting warning for unsuitable cases.
-
-
Unfortunately, modern technology has brought us a new era of Groupthinkers. I have been dealing with it for years. This mind numb phenomenon is also called, The Echo Chamber. The high tech internet based tech firms are full of it. They see this as a good thing. Evan as a virtue. How dare anyone stand up to the vast majority of our high tech monopoly!
The most obvious reason for me to oppose them is that simply put, I don’t fit in with them. I never have, nor will I ever. As a child of God, I was made to be an original.
I used to refer to myself as an idea man. I had a lot of great ideas. I still do. There are of course many challenges to being that way. One is, how does one implement this into something real? Second is, how do I present this to others in order to gain interest?
-
Science
-
Quantum computing is still very much in the experimental stages, but it’s starting to look like it could eventually be feasible and practical.
“After decades of experimental and theoretical efforts, we are now seeing the first examples of quantum computational advantage in the areas of quantum computing and quantum simulation,” said Narang. “The opportunity now exists to build and use the most powerful quantum computers and quantum simulators to enable new applications and new science, made accessible and jointly developed by the community.”
There are a variety of applications for quantum computing if the science becomes mainstream; some already known, others still to be discovered.
Weidt pointed out that “the usefulness of the applications of quantum computing scales somewhat with the number of high-quality qubits.”
“As we scale up, quantum computing is poised to radically change the way we approach problems in fields like chemistry. The vast processing power of quantum computers means we can, for example, simulate complex chemical compounds. This has implications for improved drug discovery, better batteries and cleaner fertilizers, he detailed.
-
Hardware
-
The use of aluminium in wiring is unlikely to bring a smile to the face of anyone who has had to deal with it in a 1960s, or early 1970s-era house. The causes behind the fires and other accidents were myriad, including failure to deal with the higher thermal expansion of aluminium, the electrically insulating nature of aluminium oxide, and the general brittleness of aluminium when twisted.
[...]
As the world moves to massively expand the use of electrical cars and installation of wind turbines, copper demand is predicted to outstrip current copper supply. With aluminium likely to make a big return as a result, it’s worth taking a look at modern-day aluminium-based wiring, including copper-clad aluminium and the use of carbon-based replacements.
-
Health/Nutrition
-
A river that runs through the Glastonbury Festival, the largest greenfield music festival in the world, is contaminated with illicit drugs such as cocaine and ecstasy because stoned revellers often urinate on the ground, scientists said.
Researchers from Bangor University found that concentrations of MDMA, known as ecstasy, quadrupled downstream in the Whitelake River in the week after the Glastonbury Festival when it was last held in 2019.
-
Integrity/Availability
-
Proprietary
-
Security
-
Security updates have been issued by Debian (libxstream-java, uwsgi, and weechat), Fedora (libspf2, libvirt, mingw-python3, mono-tools, python-flask-restx, and sharpziplib), Mageia (gstreamer, libgcrypt, libgd, mosquitto, php, python-pillow, qtwebengine5, and webkit2), openSUSE (postgresql12 and postgresql13), SUSE (haproxy, postgresql12, postgresql13, and rabbitmq-server), and Ubuntu (commons-io and linux-oem-5.13).
-
Environment
-
Energy
-
According to newly-released projections from the US Bureau of Reclamations, there’s a significant chance that both Lake Powell and Lake Mead — the largest hydroelectric power sources in the country — will stop working in the next few years.
Lake Powell had already dropped to about 33% of its capacity in July 2021. According to the Bureau’s new calculations, there’s a 34% chance of reaching “critically low reservoir elevations” by 2023. There’s a 25% chance it’ll happen by 2024.
Lake Powell isn’t quite as dire, with only a 12% chance of dropping to critically low capacity by 2024. That likelihood goes up by another 10% in 2025, and will likely keep going up. from there.
Permalink
Send this to a friend
Content is available under CC-BY-SA