Desktop/Laptop

• Exclusive: IGEL’s Linux OS Pact With HP Is A ‘Secure End Point Game-Changer’

  IGEL has inked a blockbuster pact with $57 billion PC behemoth HP Inc. that in one fell swoop puts IGEL’s secure endpoint Linux operating system into the hands of tens of thousands of HP resellers worldwide.

  HP is now preinstalling the IGEL OS on its top-selling thin client devices, with an eye towards moving it to HP’s mobile thin clients in the future, said IGEL.

  IGEL said the pact means HP partners can now get the IGEL OS through HP distributors around the world as an HP SKU on HP t430, t540 and t640 thin clients.

  “This marries the best Linux software for cloud workspaces with the industry’s leading hardware,” said IGEL CEO Jed Ayres in an exclusive interview with CRN. “This is a defining moment in our quest to be the standard operating system for cloud-delivered desktops with our secure Linux-based IGEL OS. This is recognition that we are first and foremost a software company that is setting the pace for what is a once-in-a-generation architectural change as the industry moves to cloud workspaces.”

Server

• CIS-Harden your Ubuntu in Google Cloud | Ubuntu

  CIS Benchmarks are best practices for the secure configuration of a target system. The Center for Internet Security, Inc. (CIS®) is the authority backing CIS Benchmarks. Ubuntu Pro is entitled to be CIS compliant and packaged with CIS toolings from Canonical.

• InAccel: Benefit from Enterprise FPGA acceleration on Kubernetes using SUSE Rancher

• SUSE Rancher and Dell Container Storage Modules (CSM) | SUSE Communities

  Extend enterprise storage capabilities to SUSE Rancher, RKE2, RKE and K3S Kubernetes for cloud-native stateful applications with Dell Container Storage Modules (CSM). Dell CSMs enable simple and consistent integration and automation experiences. It reduces management complexity so developers can independently consume enterprise storage with ease and automate daily operations such as provisioning, snapshotting, replication, observability, authorization and, resiliency. The CSI Drivers by Dell EMC implement an interface between CSI (CSI spec v1.3) enabled Container Orchestrator (CO) and Dell EMC Storage Arrays (Dell PowerStore, PowerScale, PowerFlex, PowerMax and Unity). It is a plug-in that is installed into Kubernetes to provide persistent storage using Dell storage system.

• Kubernetes Community Elects Four Members to Its Steering Committee

  The Cloud Native Computing Foundation’s Kubernetes project announced the election of four members to the Kubernetes Steering Committee which oversees the governance of the Kubernetes project. The announcement was made in a blog by Kaslin Fields, a CNCF ambassador and a developer advocate at Google.

  Kubernetes is considered to be the de facto standard for managing containers, and is widely used in enterprise cloud native infrastructures.

• Non-root Containers And Devices

  The user/group ID related security settings in Pod’s securityContext trigger a problem when users want to deploy containers that use accelerator devices (via Kubernetes Device Plugins) on Linux. In this blog post I talk about the problem and describe the work done so far to address it. It’s not meant to be a long story about getting the k/k issue fixed.

  Instead, this post aims to raise awareness of the issue and to highlight important device use-cases too. This is needed as Kubernetes works on new related features such as support for user namespaces.

Audiocasts/Shows

• Kubuntu 21.10 Quick overview #Shorts – Invidious

  A Quick overview of Kubuntu 21.10

• Xmonad Needs Your Support – Invidious

  Xmonad recently had its biggest release in years! And with the big release, the Xmonad team have put all a call to the community asking for your help. They are asking for artwork contributions via a logo contest (with a cash prize for the winner), and they are asking for GitHub sponsorships to help fund future development.

• PopOS Working On A New Rust Desktop Environment!! – Invidious

  Until now PopOS has been using Gnome as their desktop environment with heavy modifications but that may change at some point in the future as they’re reportedly working on a new DE written in Rust

• Enterprise Linux Security Episode 7 – ELevate – Invidious

  Remaining on legacy Linux distributions can lead to additional security risks as time goes on, and migrating to a newer and better supported distribution can be a very difficult endeavor for most administrators. In this episode, Jay and Joao are joined by Jack from AlmaLinux, and we talk about ELevate – a tool that can be used to migrate from a distribution in the Enterprise Linux family to another Enterprise Linux distribution.

Kernel Space

• Xen With Linux 5.16 Will Allow For Faster Booting Of Guests – Phoronix

  Xen para-virtualized guests booting on the Linux 5.16 kernel should see noticeably quicker boot times.

  Sent out today were the Xen patches for Linux 5.16. Besides having some code lcean-ups, para-virtualized interrupt masking made simpler, Xen “pciback” driver support for Arm, and other smaller enhancements, there is also work to speed-up guest booting. In particular, the booting up of Xen PV (para-virtualized) guests should be much quicker with Linux 5.16 and beyond.

• More Of Intel’s CXL Enablement Code Arrives For Linux 5.16 – Phoronix

  Intel’s open-source Linux engineers continue to be quite busy bringing up CXL interconnect support within the mainline kernel. For the in-development Linux 5.16 is another batch of code landing.

• Linux kernel 5.10.78 compiled

  Ha ha, that was a short-lived release! EasyOS version 3.1.9 was announced yesterday, and pulled down after being online only a few hours:

  https://bkhome.org/news/202111/easyos-version-319-released.html

  The issue was awful behaviour of Firefox on my Acer Aspire 1 laptop. Perhaps it is a GPU-related problem.
  I have decided not to try and jump over two big puddles. Instead, will jump over just one big puddle, which is the move to pulseaudio. This is bound to have issues. The addition of an extra browser, Firefox or Chrome, in the build, can wait until later.

• Linux 5.16 Has Early Preparations For Supporting FGKASLR – Phoronix

  Being worked on for more than a year by Intel and other kernel developers has been FGKASLR to enhance kernel security. While the Linux kernel has long supported Address Space Layout Randomization (ASLR) to make memory addresses less predictable, FGKASLR ups the security much more by placing that randomization at the function level. It’s looking like FGKASLR could be mainlined soon.

  FGKASLR isn’t being picked up for Linux 5.16 but there is preparation work landing in this kernel so hopefully the feature isn’t too far out. Finer Grained Kernel Address Space Layout Randomization (or sometimes referred to as Function Granular KASLR) allows for function reordering on top of the base address randomization of ASLR.

  FGKASLR ups the security against kernel attacks requiring known memory locations within the kernel but can cause minor (~1%) performance penalties. Since being first announced in 2020, FGKASLR has been undergoing several rounds of review.

• Linux 5.16 to bring mainline support to Raspberry Pi 4 Compute Module – and the nifty devices built around it

  While folks straddling the worlds of both Windows and Linux will appreciate the shiny NTFS support in version 5.15 of the open-source kernel, Arm device users may find more to appreciate in the following release.

  Linux kernel 5.16 will include mainline support for the Raspberry Pi 4 Compute Module, as well as the Apple M1 chip’s PCI Express controller as Linux inches its way towards a full Linux desktop on M1 Macs.

  This means it should be possible to run a mainline 5.16 kernel on a Raspberry Pi 4 Compute Module without any extra build steps or patches.

  The Raspberry Pi 4 Compute Module is targeted more at system integrators than end-users. Even tinier than the credit-card sized Pi 4, the Compute Modules are designed to plug into larger IO boards, enabling the Pi to power specialist gadgets. The Raspberry Pi Foundation naturally offers one of these boards, and third parties are free to design and flog their own.

• AMD

  • AMD EPYC 7003 Series Performance Across Autumn 2021 Linux Distributions

    These five Linux distributions were benchmarked on the same EPYC server comprised of two AMD EPYC 75F3 processors for a combined 64 cores / 128 threads, an ASRockRack ROME2D16-2T motherboard, 16 x 8GB DDR4-3200 memory, and a 1TB WD_BLACK SN850 NVMe solid-state drive.

    The five Linux distributions under test was Alma Linux 8.4 (RHEL 8.4 alternative), CentOS Stream for tracking the latest upstream work ahead of RHEL 9, Clear Linux 35150 for Intel’s latest optimized Linux distribution, Fedora Server 35, and then Ubuntu 21.10. Each of the five Linux distributions were cleanly installed on this server and benchmarking them in their out-of-the-box / default configuration for seeing how these latest Linux distributions compete on the current-generation AMD server platform.

Nvidia

• Nvidia unveils high-end Jetson AGX Orin plus an Omniverse platform for AR/VR

  The Jetson AGX Orin achieves the 6x power boost within a 15W to 50W consumption range, compared to 30W for the AGX Xavier. (Presumably, the benchmark was running at 50W.) RAM and eMMC storage capacity have doubled to 32GB and 64GB, respectively.

  The Jetson AGX Orin is designed for advanced robotics and AI edge applications for manufacturing, logistics, retail, service, agriculture, smart city, healthcare, and life science. Software support remains the same, including Ubuntu Linux, Jetpack, CUDA-X, and most of the other Nvidia AI platforms such as the recently updated TensorRT 8.0 for Nvidia GPUs.

• NVIDIA Jetson AGX Orin 12-core Cortex-A78E module delivers up to 200 TOPS

• NVIDIA Introduces OptiX 7.4 With Better Performance

• NVIDIA Announces Jetson AGX Orin With Ampere GPU + 12 x Arm Cortex-A78AE

Applications

• LXD 4.20 Containers Released, Provides Ability for Live Migration

  LXD 4.20 users will be happy to see in this release the initial implementation of live migration and core scheduling support.

  LXD is a next generation system container manager. The simplest way to define LXD is to say it’s an extension of LXC.

  Technically LXD is a REST API that connects to libxlc, the LXC software library. As you know, LXC, short for “Linux containers”, is a solution for virtualizing software at the operating system level within the Linux kernel.

Instructionals/Technical

• Linux Mint’s Sticky Note App Looks Great Now! Here’s how to get it in Ubuntu | UbuntuHandbook

  For those looking for Google Keep or Windows Sticky Notes style desktop noting app, Linux Mint’s “sticky” is a good choice for Ubuntu Linux.

  Linux Mint maintains some great apps. Sticky is one of them that sticks an electronic version of Post-it Note on your desktop. It’s GTK3 app written in Python3 and works on most desktop environments.

  With it, you may create as many notes as possible on desktop. And, it allows to set different color palette for each note: Blue, Green, Magenta, Orange, Purple, Red, Teal, and Yellow.

• Getting Started with Docker: Portainer CE – LinuxLinks

  There are some great tools that make Docker easier to use.

  One of our favourites is Portainer. It’s a lightweight and easy to use management UI that lets us easily manage our different Docker environments. Its simple graphical interface is accessed with a web browser. The community edition is free and open source software. Portainer works with Docker, Docker Swarm and Kubernetes. It can be deployed in the cloud on prem or at the edge.

  Portainer supports a wide range of features for managing the Docker containers, such as managing the creation and deletion of Swarm services, user authentication, authorizations, connecting, executing commands in the console of running containers, and viewing containers’ logs.

  Portainer consists of a single container that can run on any cluster.

• exa: A Modern Replacement for the ls Command

  I bet you have used the ls command in Linux. It’s one of the first command you use while learning Linux commands.

  The simple ls command is quite handy for listing directory content. I never really though any command could replace it until I discovered exa.

• How To Install KeePass on Linux Mint 20 – idroot

  In this tutorial, we will show you how to install KeePass on Linux Mint 20. For those of you who didn’t know, KeePass is an open-source cross-platform password manager filled with multiple amazing features. It lets you save as many passwords as you wish hence freeing you from the hassle of memorizing and recalling your passwords every time you wish to access an account. If you are using LastPass, Bitwarden, AnyPAssword, and many others, then importing passwords from them is also possible in KeePass. The KeePass password manager can also be used very efficiently with the Windows, macOS, iOS, or even Android operating systems.

  This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of a KeePass password manager on a Linux Mint 20 (Ulyana).

• How to install VMware Workstation on Ubuntu 20.04 – Unixcop the Unix / Linux the admins deams

  VMware Workstation Pro (known as VMware Workstation until release of VMware Workstation 12 in 2015) is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.

  It enables users to set up virtual machines (VMs) on a single physical machine and use them simultaneously along with the host machine. Each virtual machine can execute its own operating system.

  In this tutorial, we will illustrate how to install VMware Workstation on Ubuntu systems.

• Linux Essentials – nano (command-line text editor) – Invidious

  When you’re working with Linux servers, you may or may not always have access to a GUI, which is why it’s important to learn at least one command-line text editor. In this video, we’ll explore the core fundamentals of nano. nano is a text editor that’s among the easiest to learn.

• Sequence – making PatternDB creation for syslog-ng easier – Blog – syslog-ng Community – syslog-ng Community

  We are well into the 21st century, but most of the log messages still arrive in an unstructured format. For well over a decade, syslog-ng had a solution to turn unstructured messages into name-value pairs, called PatternDB. However, creating a pattern database for PatternDB from scratch is a source of major pain. Or rather, it was: sequence-rtg – a fork of the sequence log analyzer – provides a new hope! It can easily create ready-to-use patterns for your most frequent log messages.

  Sequence-rtg is still in beta phase, and therefore is a bit rough around the edges. However, once you deal with the initial struggles of creating the database, it works just fine. Especially if you have lots of log messages. My experience was that the more log messages and larger batch sizes I had, the better quality patterns were generated.

Games

• Pokemon Time Capsule | Hackaday

  The precious Pokemon we spent hours capturing in the early nineties remain trapped, not just by pokeballs, but within a cartridge ravaged by time. Generally, Pokemon games before the GameBoy Advance era had SRAM and a small coin cell to save state as NVRAM (Non-volatile random access memory) was more expensive. These coin cells last 10-15 years, and many of the Pokemon games came out 20 years ago. [9943246367] decided to ditch the battery and swap the SRAM for a proper NVRAM on a Pokemon Yellow cartridge, 23 years later.

Desktop Environments/WMs

• Felt Qt (might delete later)*: Two non-Gtk Linux desktops have put out new versions

  There are loads of Linux desktops to choose from, but the majority use some version of GNOME’s Gtk. Only a handful favour the Qt toolkit, and two of them just released new versions.

  Release 14.0.11 of the Trinity Desktop Environment (TDE) just appeared. TDE was forked from KDE 3 by a team who didn’t care for KDE 4′s focus on widgets.

  They may have had a point; Linux supremo Linus Torvalds was sceptical about them as well.

  KDE adopted widgets when they were trendy, soon after Windows Vista, but Microsoft dumped them again after Windows 7. TDE is admittedly one of the more niche options, but it’s good to see signs of life.

• K Desktop Environment/KDE SC/Qt

  • KDE Plasma 5.23.3 Further Improves the Wayland Session, Ports Plasma 5.24’s Focus Ring Feature

    Coming two weeks after KDE Plasma 5.23.2, the KDE Plasma 5.23.3 point release is here to further improve the Plasma Wayland session by making the Mozilla Firefox web browser more responsive to files that are being dragged and dropped, fix the panel’s auto-hide animation, address a Plasma crash that occurred when turning an external display off and back on again, as well as to fix a Plasma hang that occurred when hovering the Digital Clock applet to view the tooltip.

  • KDE Plasma 5.23.3, Bugfix Release for November

    Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.23.3.

    Plasma 5.23 was released in October 2021 with many feature refinements and new modules to complete the desktop experience.

    This release adds two weeks’ worth of new translations and fixes from KDE’s contributors. The bugfixes are typically small but important and include…

  • Fixing Adaptive Transparency PART 2/2: THE FIX – Kockatoo Tube

  • OpenUK Awards 2021, COP26 and KDE – Jonathan Esk-Riddell’s Diary

    The OpenUk awards reconise and celebrate the best in open tech in the UK over the last year. We have a bunch of awards this year and the shortlists are up. I’ve clerked the judges into tracking down the gossip on all the shortlisted nominees and we do have final winners which will be announced at the ceremony on Thursday evening.

    The ceremony is at COP26 in Glasgow, Scotland. This is the UN conference to try to get international agreement on mitigating the worst affects of the climate crisis. We’ll be one of the last events there.

    I’ll be making announcement about KDE’s sustainability effort in front of the politicians and tech audience which I’m very excited about.

    You can sign up to watch the day event on sustainability in tech. The evening award ceremony will have its video published shortly after the event.

Distributions

• IBM/Red Hat/Fedora

  • Red Hat collaborates with NVIDIA to deliver record-breaking STAC-A2 Market Risk benchmark

    We are happy to announce a record-breaking performance with NVIDIA in the STAC-A2 benchmark, affirming Red Hat OpenShift’s ability to run compute heavy, high performance workloads. The Securities Technology Analysis Center (STAC®) facilitates a large group of financial firms and technology vendors that produces benchmark standards which enable high-value technology research and testing software for multiple financial applications.

    Red Hat and NVIDIA collaborated to create this latest STAC-A2 entrant, and STAC performed an independent, third-party audit. These are the first public STAC-A2 results using Red Hat OpenShift. Compared to all other publicly reported results to-date, this solution based on Red Hat OpenShift and NVIDIA DGX A100 set several new records for performance metrics and energy efficiency…

  • Improving the performance and space efficiency of SELinux

    Performance is important when it comes to security features such as SELinux. While the performance impact of typical workloads has been long known to be small for most workloads (see for example the SELinux benchmarks of Fedora 31 by Phoronix), certain specific operations are slower than they could be.

    In addition, there are also memory and disk space usage issues, which can lead to unnecessarily large virtual machine images or minimum memory requirements.

    In this post, I will present some of these gaps that I found and fixed upstream. Together, these improvements:

  • Biometric authentication with WebAuthn and SSO

    Providing users with secure, convenient authentication that doesn’t rely solely on passwords is a challenge for many application developers and administrators. Passwords can be compromised through leaks, or cracked by malicious intruders, and strong passwords may be too complex for users to remember.

    WebAuthn support in version 7.5 of Red Hat’s single sign-on technology (SSO) makes it possible to use biometric data for user authentication. With WebAuthn, users can authenticate using a fingerprint scanner or face recognition, features available in most modern smartphones and laptops.

    This article shows you how to configure Red Hat’s SSO to use WebAuthn for biometric user authentication. Our example is based on a JavaScript application built using the React framework, along with the Google WebAuthn emulator.

  • Automating JDK Flight Recorder in containers

    This article is part of a series of hands-on guides to using Cryostat 2.0, or JDK Flight Recorder for containers. This article introduces Cryostat’s new API for automated rules. We’ll walk through two use cases highlighting the API’s compact but powerful rule definitions. You’ll see how to use rule definitions to specify a match expression for one or more target Java applications, and how to configure the type of flight recording you want to start on these targets.

    Once you’ve created a rule, Cryostat immediately matches it against all existing discovered targets and starts your flight recording. Cryostat will also apply the rule to newly discovered targets that match its definition. You can create multiple rules to match different subsets of targets or to layer different recording options for your needs.

    The automated rules API is brand new in Cryostat 2.0, and we haven’t yet developed the user interface (UI) for it. For now, we’ll use curl to interact with the Cryostat HTTP API directly.

  • 4 realities IT leaders should know about remote developers now

    The pandemic brought a lot of change in the way teams interact with each other. Along with many workers being forced into home office setups came new challenges – with communication, remote workstation access, and cybersecurity (now of heightened importance). Hopefully, by now your organization has figured out a way to support remote work. But this isn’t temporary; a more distributed and remote-capable workforce is where things are headed.

    As IT leaders think about remote and hybrid models of work for teams, and adopt tools for virtual meetings and file sharing, it’s vital to consider the individual needs of a valuable team role – the developer. Here are a four factors to consider:

  • 3 essential soft skills IT pros need

    IT continues to be one of the fastest-growing employment sectors. However, as remote work environments become increasingly common and technology becomes further intertwined with other business functions, the role of the IT professional is evolving.

    As today’s IT professionals engage with more colleagues throughout the business, their skills must extend well beyond technical expertise. Over 40 percent of respondents to a recent study by West Monroe admitted encountering IT professionals who struggle with collaboration, hampering productivity. As a result, hiring managers are looking for IT prospects with comprehensive soft skills to add greater value to their business.

  • What is a technical marketing manager?

    First off, from one organization to the next, there will be different names for these roles and different alignments of responsibilities. Red Hat is a unique company with a unique culture, so this may not represent how technical marketing works in your organization.

    My work revolves around three roles: product marketer (PMM), technical marketing manager (TMM), and product manager (PM).

    Product managers work as a lead for their product or feature. They help write features with engineering, cast vision for their roadmap, and work with marketing to build a story that ties the market problem together with the component designed to fix it.

    Product marketers help define the message: Why would an organization care about the feature we are building? What business problems do we need to address? I’ll leave a more in-depth overview of these roles to others, but in short, that is their purview.

• Debian Family

  • Raspberry Pi OS: Now running on Debian ‘bullseye’ Linux

    Debian 11, dubbed ‘bullseye’ and the successor to ‘buster’, arrived in August and now the makers of the Raspberry Pi have finally updated Raspberry Pi (RPi) OS to this version.

    The move to Debian 11 for Raspberry Pi OS took a little longer than expected and doesn’t bring a huge amount of changes from the Debian side. However, there are several changes that come from the RPi side.

  • Raspberry Pi OS hits the bullseye

    The latest Raspberry Pi OS release switches to Debian 11 “bullseye” and offers the GTK+3 UI toolkit and the “mutter” window manager, which requires 2GB RAM. Meanwhile, the upcoming Linux 5.16 will include mainline support for the RPi CM4.

    Raspberry Pi announced the release of a new version of Raspberry Pi OS (formerly Raspbian), which advances to the Debian 11 “bullseye” release. Debian 11.0 was released in August as a major upgrade from the two-year old Debian buster.

  • Debian 11 Based Raspberry Pi OS 2021-10-30 Update Available to Download – itsfoss.net

    Debian 11 Based Raspberry Pi OS 2021-10-30 Update Available to Download, Raspberry Pi OS is a Debian-based distribution custom-built for Raspberry Pi computers. The development team have published a new version of Raspberry Pi OS which carries the code name “Bullseye”.

    The new version is based on Debian 11 and upgrades a number of desktop components. “All of the desktop components and applications are now using version 3 of the GTK+ user interface toolkit. GTK+ is a layer of software that applications can use to draw standard user interface components (known as ‘widgets’) such as buttons, menus and the like, so that all applications have a consistent look and feel. Up until now, most of the desktop has used version 2 of the GTK+ toolkit, but increasing numbers of Debian applications are using GTK+3, so to try and keep things consistent, we’ve upgraded all our software and the desktop itself to the newer version. GTK+3 has been around for several years now, and people have occasionally asked why we didn’t move to it before now. The simple answer is that many things are much easier to do with GTK+2 than with GTK+3, particularly when it comes to customising the appearance of widgets – GTK+3 has removed several useful features which we relied upon. It has ended up being necessary to find work-arounds to a lot of these – hopefully no one will notice them and everything will still work as before!” Additional details can be found in the project’s release announcement.

  • Bullseye – the new version of Raspberry Pi OS

    Every two years, Debian Linux, on which Raspberry Pi OS is based, gets a major version upgrade. Debian ‘buster’ has been the basis of Raspberry Pi OS since its release in 2019, and Debian ‘bullseye’ was released in August. (As some of you may know, Debian name their versions after characters in Disney/Pixar’s Toy Story films – Bullseye was Woody’s horse in Toy Story 2.)

• Canonical/Ubuntu Family

  • Developers can now launch Linux instances on Apple M1 | TechRadar

    Canonical, the power behind the development of Ubuntu, has launched the latest version of Multipass that will now let M1 Macbook users run Ubuntu virtual machines (VMs), with minimal fuss.

    Multipass is a lightweight VM manager for Linux, Windows and macOS, which helps developers spin up a fresh Linux environment with a single command.

    According to Canonical, with the support for M1 MacBooks, Multipass will help get developers running Linux faster than any other option on the market.

  • Canonical Transforms Linux on Mac

    On the heels of Apple’s announcement of a new line of game-changing M1 MacBooks, Canonical is bringing fast and easy Linux to the M1 platform. Multipass, the quickest way to run Linux cross-platform, received an update last week allowing M1 users to run Ubuntu VMs with minimal set-up. Multipass can download and launch a virtual machine image with one command, and developers on M1 can now get running on Linux in as little as 20 seconds.

  • Ubuntu’s publisher brings Linux support to M1 Macs with ‘Multipass’

    Canonical, Ubuntu’s publisher, announced today “the quickest way” to run Linux cross-platforms on M1 Macs. With Multipass, users can launch a virtual machine image with one command and have Linux running on an M1 Mac in as little as 20 seconds.

    Although Canonical claims to be the first platform to transform the M1 Mac on a Linux computer, the folks over at Linux Kernel have been improving its platform monthly to offer the best experience possible on the Mac. Last month, the creators of the project said Linux is now “usable as a basic desktop.”

  • Apple Silicon version of Canonical’s Multipass is here • The Register

  • Going Ubuntu on an M1 Mac with Multipass: Thanks VM, it’s Linux on the desktop

    An Apple Silicon version of Canonical’s Multipass has arrived, adding another way of firing up Linux on an M1-powered Mac.

    Although getting a full desktop on an M1 Mac is tricky at present (although not too far off) firing up a virtual machine on the platform allows developers to code against the operating system from the comfort of their new gizmos.

    We first looked at Multipass in 2019, and found it a handy tool in Windows 10 for when a full-fat Hyper-V session was overkill and Windows System for Linux failed to cut the mustard. While the evolution of WSL into a lightweight VM-based Linux platform might have somewhat cut the need for Multipass on Windows, the arrival of the M1 chip has opened up another front. Hence Multipass on the M1 Mac.

Devices/Embedded

• PinePhone Pro: Linux smartphone will be shipped from December

  With the PinePhone Pro, Pine64 brings a revised version of its Linux smartphone onto the market. The new Pro model stands out from the previous PinePhone with its more powerful hardware. The provider delivers the PinePhone Pro with Manjaro Linux and KDE Plasma Mobile, but users should also be able to install other mobile operating systems. Developers can pre-order the device for $ 400 (excluding shipping and customs).

  Pine64 announcesthat the devices are to be delivered in December. The so-called “Explorer Edition”, which is produced in larger numbers, is expected to reach buyers in early 2022. The company plans to open pre-orders to anyone interested in November.

  Pine64 installs a six-core SoC from Rockchip that has been adapted for the PinePhone and clocks at 1.5 GHz. The board has 4 GB of LPDDR4 main memory and 128 GB of eMMC flash memory. The 6-inch IPS panel has a resolution of 1440 × 720 pixels. The IMX258 camera sensor from Sony on the back of the smartphone delivers 13 megapixels, the selfie camera 5 megapixels. The battery has a capacity of 3000 mAh.

• XPI-S905X3/S905X2 4K SBC with 2GB RAM sold for $35 and up

  Geniatech has added two more single board computers to its XPI family with Raspberry Pi form factor. The Geniatech XPI-S905X2 and XPI-S905X3 boards are powered by respectively Amlogic S905X2 and S905X3/S905X4 quad-core processors, ship with 2GB RAM, and sell for $35 and up depending on the choice of processor and the presence of a wireless module.

  The company promotes each Raspberry Pi 3 lookalike as a “4K Single Board ARM PC” because of the 4K video playback capabilities or the Amlogic processors. Those boards provide an update to the earlier Amlogic S905X based XPI-S905X, and join Rockchip and NXP models.

• Open Hardware/Modding

  • Flip-Dot Oscilloscope Is Flippin’ Awesome | Hackaday

    Oscilloscope displays have come a long way since the round phosphor-coated CRTs that adorned laboratories of old. Most modern scopes ship with huge, high-definition touch screens that, while beautiful, certainly lack a bit of the character that classic scopes brought to the bench. It’s a good thing that hackers like [bitluni] are around to help remedy this. His contribution takes the form of what may be both the world’s coolest and least useful oscilloscope: one with a flip-dot display.

  • This MP3 player is controlled with a twirl of your finger and wave of your hand | Arduino Blog

    The classic MP3 player was a truly innovative device for its time, however with the advent of modern smartphones and other do-it-all gadgets, they have largely fallen by the wayside. In order to add a new twist, Norbert Zare decided to implement an MP3 player that not only responds to user inputs by moving the volume knob and tilting some notes to signal the next track, but can also be controlled simply by waving a finger in front of it.

    Gesture control was achieved using the PAJ7620U2 sensor, which can quickly detect movements within a 3D space and output its findings over the I2C bus to a host microcontroller. Zare set up his Arduino Uno’s program to continually check for a new gesture, and based on the one being read, perform a certain action. For example, making a clockwise circle with a single finger will increase the volume, turn the servo attached to the volume knob, and change the text on the attached LCD to match. Other functions include skipping tracks and resuming/pausing.

  • Arduino Cloud gets mobile dashboards and Facebook login

    You’ve now got a way to optimize your Arduino Cloud dashboards for small screens, and Facebook login for the smartphone apps and your account. It’s been a busy few weeks! Only yesterday we rolled out LoRaWAN connectivity in Arduino Cloud using The Things Stack. Now we’ve even more great features to tell you about, so let’s jump right into them.

• Mobile Systems/Mobile Applications

  • Android 12 to roll-out on these devices: Here’s when your phone may get the update | Business Insider India

  • 4 apps that will help you get these Android 12 features your smartphone right now | Gadgets Now

  • Vivo Y15s With 5,000mAh Battery, Android 11 Go Edition Launched: Price, Specifications | Technology News

  • Nokia Mobile updating Nokia 7.2 to Android 11 now. Update size & changelog – Nokiapoweruser

  • Compare Your Pets To Famous Artworks Using An Android Phone

  • Best Google Pixel 6 cases: how to keep your new Android phone safe | TechRadar

  • Google app readying a Search chat head on Android – 9to5Google

  • Android Users, Stay Away From Twitter Blue

  • Twitter Blue arrives in the US, leaves a lot for Android users to desire

Free, Libre, and Open Source Software

• 20 Open-source Low-code platforms for 2021/ 2022

  Low-code is a software development trending topic, in summary, it is an approach that speeds up the software products cycle with minimal hand-coding as it automates the repeated process and code.

  Some may argue that Low-code developments platforms aim to help non-professional or citizen developers to build apps quickly; however, many enterprises are using Low-code because of its productivity.

  Low-code development is a RAD “Rapid Application Development” approach, but with more organized was, as it streamlines the software production and automates all steps.

• Restyaboard: Open-source self-hosted project management system for teams

  If you are an avid user of Trello, then likely, you searched for an open-source alternative. Trello is a feature-rich web-based project management system for teams.

  Although it is free to use, it is not open-source or even self-hosted.

  Here, we offer you an alternative, that matches almost all Trello features and more, Restyaboard.

• Grocy: An Open-source ERP for Grocery stores

  We often see general-purpose open-source ERP solutions, but on a rare occasion, we witness a customized specific one like Grocy.

• Web Browsers

  • Top 9 lightweight web browsers for Linux

    Open source web browsers have come a long way since the introduction of Firefox, Chrome, and Chromium. Current web browsers are advanced to manage graphics, videos, apps, and many more. However, this makes web browsers consume a lot of hardware resources like RAM and storage space. On the other hand, mainstream browsers like Firefox and Chromium work quite well on systems with modern hardware resources.

    However, Linux operating systems running on old PC or laptops require light browsers to work fast and seamlessly. That is one of the reasons why most of the Linux OS like Ubuntu, Fedora, Centos, Linux Mint come with Firefox Mozilla as the default browser. However, Firefox might still not be as lightweight as we would like.

  • Mozilla

    • Tor Browser 11.0 Comes Based on Firefox ESR 91

      Tor Browser 11 is now the new stable version available to all those Internet users who seek to avoid, that their web communications are easy to track.

      Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor Browser is a web browser that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

    • Audio fix at bootup

      EasyOS runs fine, except as I reported yesterday, Firefox behaves very badly, with window going blank, freezing, hanging the entire desktop. So, for now, have built Easy 3.1.9.2, with only SeaMonkey. Now, about that sound problem…

    • Firefox: the first major browser to be available in the Windows Store [Ed: Mozilla associates Firefox with the monopoly of Microsoft… and that DRM store. I think they do a fine job tarnishing what’s left of the brand.]

      As of today, Firefox desktop is the first major browser to become available in the Windows Store for Windows 10 and Windows 11 users. Previously, if you were on Windows and wanted to use Firefox, you had to download it from the internet and go through a clunky process from Microsoft. Now that Microsoft has changed its Store policies, choosing Firefox as your desktop browser is even more seamless – and it comes with all the latest Firefox features.

• SaaS/Back End/Databases

  • Pgpool-II 4.3 beta1 is now released.

    Pgpool Global Development Group is pleased to announce the availability of Pgpool-II 4.3 beta1. This is not intended to be used in production but is close to the release version. So users are encouraged to test it out.

• FSF

  • Join us for the International Day Against DRM (IDAD) 2021 community planning meeting

    Each year, the Free Software Foundation (FSF) stages the International Day Against DRM (IDAD), and this year, we want to work with the community more closely than ever before and bridge the gap between anti-DRM activists, those involved with the software freedom movement, and everyday individuals. Together, we’ll stand up against DRM on December 10th.

    As one of the most memorable parts of last year’s Day Against DRM was our informal advocacy strategy session held over BigBlueButton, we want to begin our public planning of the event with a similar meeting. We’re inviting you to collaborate with us in the preparation for this year’s IDAD, sharing suggestions and anti-DRM activism methods, as well as organizing online satellite events.

  • Faulty DRM breaks dozens of games on Intel’s Alder Lake CPUs

    Longtime Ars readers probably remember some of the many cases in which overly onerous DRM prevented game owners from playing their legitimate purchases. We’re seeing that situation play out again today, this time thanks to how some DRM systems interact with the unique features of Intel’s 12th-generation “Alder Lake” CPUs.

    Intel’s Alder Lake big.little CPU design, tested: It’s a barn burner
    We’ve already covered how Alder Lake’s hybrid “big.little” design splits the CPU’s workload into high-powered “performance” (P) cores and low-powered “efficiency” (E) cores. But after hinting at the potential issue in a developer FAQ last month, Intel is now confirming that some games contain DRM that Intel says “may incorrectly recognize 12th Generation Intel Core Processors efficient-cores (E-cores) as another system.” That issue can lead to games that “may crash during launch or gameplay or unexpectedly shut down,” Intel says.

    PC Mag’s Chris Stobing explained that the issue arises from the DRM middleware treating the two different types of cores as two distinct systems. “Once it detects that some portion of the load has been split between the P- and E-cores, it sees the new cores as a new license holder (a separate system) and force-quits the game to prevent what it believes is two PCs trying to play one game on the same key,” he said.

  • GNU Projects

    • ncurses 6.3

       Announcing ncurses 6.3
      
      Overview
      
         The  ncurses  (new  curses)  library  is  a free software emulation of
         curses  in  System  V  Release  4.0 (SVr4), and more. It uses terminfo
         format,  supports  pads  and  color  and multiple highlights and forms
         characters and function-key mapping, and has all the other SVr4-curses
         enhancements  over  BSD curses. SVr4 curses became the basis of X/Open
         Curses.
      
         In  mid-June  1995,  the  maintainer of 4.4BSD curses declared that he
         considered  4.4BSD curses obsolete, and encouraged the keepers of unix
         releases such as BSD/OS, FreeBSD and NetBSD to switch over to ncurses.
      
         Since 1995, ncurses has been ported to many systems:
           * It is used in almost every system based on the Linux kernel (aside
             from some embedded applications).
           * It  is  used  as the system curses library on OpenBSD, FreeBSD and
             MacOS.
           * It  is used in environments such as Cygwin and MinGW. The first of
             these was EMX on OS/2 Warp.
           * It is used (though usually not as the system curses) on all of the
             vendor  unix  systems,  e.g.,  AIX,  HP-UX,  IRIX64, SCO, Solaris,
             Tru64.
           * It should work readily on any ANSI/POSIX-conforming unix.
      
         The distribution includes the library and support utilities, including
           * captoinfo, a termcap conversion tool
           * clear, utility for clearing the screen
           * infocmp, the terminfo decompiler
           * tabs, set tabs on a terminal
           * tic, the terminfo compiler
           * toe, list (table of) terminfo entries
           * tput,  utility  for  retrieving  terminal  capabilities  in  shell
             scripts
           * tset, to initialize the terminal
      
         Full manual pages are provided for the library and tools.
      
         The ncurses distribution is available at ncurses' homepage:
      
           ftp://ftp.invisible-island.net/ncurses/ or
           https://invisible-mirror.net/archives/ncurses/ .
      
         It is also available via anonymous FTP at the GNU distribution site
      
           ftp://ftp.gnu.org/gnu/ncurses/ .
      

    • Ncurses 6.3 Released With Experimental Windows Terminal Driver

      A new version of the Ncurses text-based user interface library is now available and most notable is a new but experimental driver for supporting the Windows Terminal.

      Ncurses 6.3 ships with an experimental driver for handling the Windows Terminal for enjoying Ncurses TUIs under that terminal.

  • Licensing/Legal

    • SFC Files GPL Enforcement Suit Against Vizio Advancing Novel Legal Theories

      Software Freedom Conservancy filed a lawsuit in late October 2021 against Vizio, claiming violation of the GPL and LGPL with respect to its SmartCast TVs. The complaint is here. The complaint is styled first as a claim of breach of contract, and then a claim for declaratory relief.

      Lawsuits to enforce GPL are still quite rare, and among them, this one is radically different in its legal structure from those that have come before. In fact, it conflicts with much of the conventional wisdom about enforcement of licenses like GPL, even principles previously enunciated by the Software Freedom Law Center and the Free Software Foundation–who have had their disagreements with Software Freedom Conservancy in the past.

• Programming/Development

  • Benjamin Mako Hill: The Hidden Costs of Requiring Accounts

    This question has been a source of disagreement among people who start or manage online communities for decades. Requiring accounts makes some sense since users contributing without accounts are a common source of vandalism, harassment, and low quality content. In theory, creating an account can deter these kinds of attacks while still making it pretty quick and easy for newcomers to join. Also, an account requirement seems unlikely to affect contributors who already have accounts and are typically the source of most valuable contributions. Creating accounts might even help community members build deeper relationships and commitments to the group in ways that lead them to stick around longer and contribute more.

  • Nibble Stew: Typesetting a whole book part III, the analog edition

    In earlier editions (part 1, part 2) we looked at typesetting a full book to a PDF file. This is fun and all, but until you actually hold a physical copy in your hands you don’t really know how good the end result is. Puddings, eatings and all that.

    So I decided to examine how would you go about printing and binding an entire book. For text I used P. G. Wodehouse’s The Inimitable Jeeves. It has roughly 220 pages which is a good amount for perfect binding. Typesetting it in LibreOffice only took a few hours. To make things even simpler I used only one font, the Palatino lookalike P052 that comes packaged with Ghostscript. As the Jeeves stories take place in the 1920s something like Century would have been more period accurate but we’ll have to work with what we got.

    The only printer I had access to was an A4 laser printer that could only print on one side of the page. Thus to keep things as simple as possible the page size became A5, which is easy to obtain by folding A4 paper in half. None of the printer dialogs seemed to do the imposition I needed (single page saddle fold, basically) so I had to convert the A5 originals to A4 printable sheets with a custom Python script (using PyPDF2)

  • GCC 12 Lands Support For -march=armv9-a – Phoronix

    After announcing ARMv9 earlier this year and the likes of the Cortex-X2, the open-source code compilers has been preparing for this evolutionary advancement over ARMv8.

    LLVM/Clang has been working on Armv9-A enablement and the GNU toolchain from Binutils to the GNU Compiler Collection have also been preparing their new code. As of today GCC 12 hit the stage of being able to target -march=armv9-a as of this commit. Using “-march=armv9-a” is used for targeting the ARMv9-A ISA and enabling the new instructions available. Tuning is currently based on the existing ARMv8 Cortex-A53. This is an important step for supporting the next-gen Arm architecture.

  • mrcal 2.0: triangulation and stereo

    mrcal is my big toolkit for geometric computer vision: making models (camera calibration) and using models (mapping, ranging, etc).

    Since the release of mrcal 1.0 back in February I’ve been busy using the tools in the field, fixing things and improving things. Today I’m happy to finally be able to announce the release of mrcal 2.0.

    A big part of this release is maintenance and cleanup that resulted from me heavily using the tools over the course of this past year, and improving whatever was bugging me. The most notable result of that effort, is that splined models are no longer “experimental”. They work well and they’re awesome. Go try them.

    And there’re a number of new features, most notably nice dense stereo support and nice sparse triangulation support (with uncertainty propagation!) These are awesome. Go try them.

  • Joachim Breitner: How to audit an Internet Computer canister

    I was recently called upon by Origyn to audit the source code of some of their Internet Computer canisters (“canisters” are services or smart contracts on the Internet Computer), which were written in the Motoko programming language. Both the application model of the Internet Computer as well as Motoko bring with them their own particular pitfalls and possible sources for bugs. So given that I was involved in the creation of both, they reached out to me.

    In the course of that audit work I collected a list of things to watch out for, and general advice around them. Origyn generously allowed me to share that list here, in the hope that it will be helpful to the wider community.

  • Ruby

    • Ruby 3.1.0 Preview 1 Released

      Ruby 3.1 merges YJIT, a new in-process JIT compiler developed by Shopify.

      Since Ruby 2.6 introduced MJIT in 2018, its performance greatly improved, and finally we achieved Ruby3x3 last year. But even though Optcarrot has shown impressive speedups, the JIT hasn’t benefited real world business applications.

      Recently Shopify contributed many Ruby improvements to speed up their Rails application. YJIT is an important contribution, and aims to improve the performance of Rails applications.

      Though MJIT is a method-based JIT compiler and uses an external C compiler, YJIT uses Basic Block Versioning and includes JIT compiler inside it. With Lazy Basic Block Versioning (LBBV) it first compiles the beginning of a method, and incrementally compiles the rest when the type of arguments and variables are dynamically determined. See YJIT: a basic block versioning JIT compiler for CRuby for a detailed introduction.

      With this technology, YJIT achieves both fast warmup time and performance improvements on most real-world software, up to 22% on railsbench, 39% on liquid-render.

      YJIT is still an experimental feature, and as such, it is disabled by default. If you want to use this, specify the –yjit command-line option to enable YJIT. It is also limited to macOS & Linux on x86-64 platforms for now.

    • Jakub Kadlčík: Rebuilding the entire RubyGems in Copr

      From the 166 699 Gems hosted on RubyGems.org, 98 816 of them were successfully built in Copr for Fedora Rawhide. That makes a 59.3% success rate. For the rest of them, it is important to distinguish in what build phase they failed. Out of 67 883 failures, 62 717 of them happened while converting their Gemfile into spec and only 5 166 when building the actual RPM packages. It means that if a Gem can be properly converted to a spec file, there is a 95% probability for it to be successfully built into RPM.

  • Python

    • How to package your Python code | Opensource.com

      You’ve spent weeks perfecting your code. You’ve tested it and sent it to some close developer friends for quality assurance. You’ve posted all the source code on your personal Git server, and you’ve received helpful bug reports from a few brave early adopters. And now you’re ready to make your Python code available to the world.

  • Shell/Bash/Zsh/Ksh

    • A quick cross-file comparison with AWK

      I really like AWK. It allows me to do simple, effective, ad hoc processing of data files, as this post will demonstrate. If AWK was a football club I’d be an ardent supporter: “Carn the mighty AWK!”

How to Prepare for Power Outages | WIRED

I LIVE IN the Philadelphia area, and that puts me in the direct line of fire for two major water-type attacks. We get the remnants of hurricanes in the summertime and what’s known as nor’easters in the winter. (For those not from the Northeast, that’s a cyclone of cold frozen hatred that hovers up our coast.) Sure, they each bring their own brand of natural strife, but they also make us vulnerable to every geek’s nightmare: the dreaded power outage. And since my place fully runs on electricity (no gas or oil), I’ve had to develop a playbook for those dark times.

Whether it’s feet of snow or downed power lines, we need our electricity. Having been a Cub Scout as a lad, I am thankfully well prepared, but I realize that there are probably many people out there that aren’t. This guide is for you to bookmark forever.

This $0 Filament Drybox Needs Nearly No Parts | Hackaday

[Spacefan]’s solution uses a filament roll’s own packing materials and a single 3D-printed part to create a sealed environment for a single roll. The roll lives inside a plastic bag (potentially the same one it was sealed in) and filament exits through a small hole and 3D-printed fitting that also uses a bit of spare PTFE tubing. The box doubles as a convenient container for it all. It doesn’t have as much to offer as this other DIY drybox solution, but sure is simple.

[...]

While we appreciate the idea, this design is sure to put a lot of friction on the spool itself. It will be a lot of extra work to pull filament off the spool, which needs to turn inside a bag, inside a box, and that extra work will be done by the 3D printer’s extruder, a part that should ideally be working as little as possible. The re-use of materials is a great idea, but it does look to us like the idea could use some improvement.

Development Of Magnetic Locking Idea Shows Great Progress | Hackaday

No matter how its done, with whatever level of fakery, magnetic levitation just looks cool. We don’t know about you, but merely walking past the tackiest gadget shop, the displays of levitating and rotating objects always catches our eye. Superconductors aside, these devices are pretty much all operating in the same way; an object with a permanent rare-earth magnet is held in a stable position between a pair of electromagnets one above and one below, with some control electronics to adjust the field strength and close the loop.

But, there may be another way, albeit a rather special case, where a magnet can not only be levitated, but locked in place using a rotating magnetic field. The video shows a demonstration of how the mass of a magnet can be used to phase lock it against a rotating field. In essence, the magnet will want to rotate to align with the rotating magnetic field, but its mass will mean there is a time delay for the force to act and rotation to occur, which will lag the rotating magnetic field, and if it is phased just so, the rotation will be cancelled and the magnet will be locked in a stable position. Essentially the inertia of the magnet can be leveraged to counteract magnet’s tendency to rapidly rotate to find a stable position in the field.

Science

• NASA’s New Moon Missions Are Happening Really Soon | Hackaday

  NASA first landed a human on the moon back in 1969, and last achieved the feat in December 1972. In the intervening years, there have been few other missions to Earth’s primary natural satellite. A smattering of uncrewed craft have crashed into the surface, while a mere handful of missions have achieved a soft landing, with none successful from 1976 to 2013.

  However, NASA aims to resume missions to the lunar surface, albeit in an uncrewed capacity at this stage. And you won’t have to wait very long, either. The world’s premier space agency aims to once again fly to the Moon beginning in February 2022.

Hardware

• Teardown: Analog Radionic Analyzer | Hackaday

  Have you ever looked up a recipe online, and before you got to the ingredients, you had to scroll through somebody’s meandering life story? You just want to know how many cans of tomato paste to buy, but instead you’re reading about cozy winter nights at grandma’s house? Well, that’s where you are right now, friend. Except instead of wanting to know what goes in a lasagna, you just want to see the inside of some weirdo alternative medicine gadget. I get it, and wouldn’t blame you for skipping ahead, but I would be remiss to start this month’s teardown without a bit of explanation as to how it came into my possession.

  So if you’ll indulge me for a moment, I’ll tell you a story about an exceptionally generous patron, and the incredible wealth of sham medical hokum that they have bestowed upon the Hackaday community…

• European server sales sink to 4-year low: Cloud, software-defined and chip shortage blamed

• Not Your Average Nixie Tube Clock | Hackaday

  When it comes to Nixie clocks, we all pretty much know what to expect: a bunch of Nixies with some RGB LEDs underneath, a wooden case of some sort, and maybe some brass gears or fittings for that authentic steampunk look. It’s not that we don’t appreciate these builds, but the convergent designs can be a little much sometimes. Thankfully, this 60-tube Nixie clock bears that mold, and in a big way.

  The key to [limpkin]’s design is the IN-9 Nixie, which is the long, skinny tube that used to show up as linear indicators; think bar graph displays on bench multimeters or the VU meters on mixing boards. [limpkin] realized that 60 on the tubes could be arranged radially to represent hours or minutes, and potentially so much more. The length of the segment that lights up in the IN-9 is controlled by the current through the tube, so [limpkin] designed a simple driver for each segment that takes a PWM signal as its input. The job of a 60-channel, 14-bit PWM controller fell to an FPGA. An ESP8266 — all the rage five years ago when he started the project — took care of timekeeping and control, as well as driving a more traditional clock display of four 7-segment LEDs in the center of the clock face.

• Visualizing Audio With An LCD VU Meter | Hackaday

  We all love seeing data represented in pretty ways — whether it’s necessary or not. Take VU meters for example. They’re a super useful tool for audio editors to balance signals, but they also look really cool, even if you’re only listening to music. Who didn’t use a Winamp skin with a built-in VU meter back in the day? Even after the demise of everyone’s favorite media player, we still see these great graphs popping up all over the place.

  Most recently, we’ve seen VU meters circle back around to have a bit of a retro vibe in this awesome Arduino-controlled LCD VU meter built by [mircemk]. Based on the KTAudio VU Meter project, it features an ultra-wide LCD, audio input, and volume knob, all tidily wrapped up in a case whose color scheme that can only conjure images of the famed Altair 8800, or an old Tektronix oscilloscope. The LCD itself is fairly responsive — but you can judge for yourself in the video below. The signature fading that so commonly accompanies screen refreshes on LCDs such as this one really adds to the retro effect.

Integrity/Availability

• Proprietary

  • Microsoft OneDrive will no longer be compatible with millions of Windows PCs

    Millions of Windows users could lose access to their online cloud storage within weeks as Microsoft looks to encourage upgrading to the latest software.

    The tech giant has warned that the OneDrive app will stop syncing with Windows 7, 8 and 8.1 on March 1, 2022, meaning users only have a few weeks to upgrade to a newer version or possibly lose access to their files.

  • Security

    • Security Researchers Reveal Activity Targeting ManageEngine ADSelfService Plus

      On September 16, CISA released a joint alert on exploitation of a vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus. On November 8, security researchers from Palo Alto Networks and Microsoft Threat Intelligence Center (MSTIC) released separate reports on targeted attacks against ManageEngine ADSelfService Plus.

    • Time based username enumeration | Pen Test Partners

      Back in the day, it used to be easy to enumerate email addresses from forgotten password forms. Differences in the response made it easy to check if accounts existed.

      After that, you could brute force the password if there weren’t lockouts in place, or if there were, you could lockout a lot of user accounts. Password stuffing from breach data has made compromise easier, though it’s still useful to enumerate accounts in more targeted attacks from time to time.

      I was reminded of blind SQL injection, where differences in response time can reveal whether an injected statement was successful or not. This got me thinking about using similar techniques to enumerate usernames

    • Google’s Pixel 6 fingerprint reader is rubbish because of ‘enhanced security algorithms’

    • Multiple BusyBox Security Bugs Threaten Embedded Linux Devices | Threatpost

      Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.

      Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux applications, all of which allow for denial of service (DoS) and 10 that also enable remote code execution (RCE), they said.

      One of the flaws also could allow devices to leak info, according to researchers from JFrog Security and Claroty Research, in a report shared with Threatpost on Tuesday.

    • Unboxing BusyBox – 14 new vulnerabilities uncovered by Claroty and JFrog | MarketScreener

      Embedded devices with limited memory and storage resources are likely to leverage a tool such as BusyBox, which is marketed as the Swiss Army Knife of embedded Linux. BusyBox is a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find a full-fledged shell, a DHCP client/server, and small utilities such as cp, ls, grep, and others. You’re likely to find many OT and IoT devices running BusyBox, including popular programmable logic controllers (PLCs), human-machine interfaces (HMIs), and remote terminal units (RTUs)-many of which now run on Linux.

    • Security updates for Tuesday

      Security updates have been issued by Arch Linux (firefox, grafana, jenkins, opera, and thunderbird), Debian (botan1.10 and ckeditor), openSUSE (chromium, kernel, qemu, and rubygem-activerecord-5_1), SUSE (qemu and rubygem-activerecord-5_1), and Ubuntu (docker.io, kernel, linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oem-5.13, linux-oracle, linux-oracle-5.11, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon).

    • Privacy/Surveillance

      • Double win! Court rejects NSO’s attempts to silence victims and derail surveillance lawsuit

        On Monday, the United States Court of Appeals for the Ninth Circuit allowed WhatsApp’s lawsuit against Israeli spyware firm NSO Group to advance, and rejected NSO Group’s attempt to block briefs filed by civil society. In its ruling, a three-judge panel of an appeals court in San Francisco, California, affirmed a lower court’s decision to deny NSO Group’s motion to dismiss the lawsuit. Additionally, judges accepted the brief submitted by Access Now on behalf of eight civil society organizations, despite NSO Group’s objections claiming it introduced “disputed facts,” as well as another brief by three law professors.

        “We commend the Court for denying NSO Group’s attempts to silence its victims and derail WhatsApp’s lawsuit, which rightly puts the spyware peddler in the hot seat for enabling its government clients to violate human rights with impunity,” said Natalia Krapiva, Tech Legal Counsel at Access Now. “Now that the case proceeds into the discovery stage, it would be hard for NSO to hide its abuses behind the shroud of secrecy.”

        [...]

        Front Line Defenders also recently announced it had uncovered the hacking (confirmed by the Citizen Lab and Amnesty International) of six Palestinian human rights defenders’ devices with NSO Group’s Pegasus spyware, as part of a broader assault on Palestinian civil society. Three of the targeted human rights defenders come from prominent Palestinian civil society groups that Israeli authorities have designated as “terrorist organizations,” leading Access Now and civil society to raise serious questions about whether Israeli authorities were involved in the Pegasus targeting.

Environment

• COP26 and Climate Hypocrisy with Charlie Robinson

  In this episode, Whitney is joined by Charlie Robinson to talk about some of the key takeaways from the COP26 climate conference not being covered by the media and how many COP26 attendees engage in obvious hypocrisy when it comes to the policies they publicly promote and their personal actions.

Censorship/Free Speech

• IFF questions Tripura Police’s notice to Twitter

  On November 3, 2021, in connection with a case registered under the stringent Unlawful Activities Prevention Act, 1967, the West Agartala Police issued a notice to Twitter Inc under Section 91 of the Code of Criminal Procedure. By way of the notice, the Police directed Twitter Inc. to block 68 Twitter pages/accounts and sought information related to them, including personal information such as browsing details and user registration details. We wrote to the Police pointing out that the notice dated November 3, 2021, is vague and that the Police is not empowered to direct blocking of pages/accounts on Twitter. We have sought immediate withdrawal of the notice.

Monopolies

• Copyrights

  • Aspirated Aspirations: Alfred Leach’s *The Letter H* (1880) – The Public Domain Review

    In *The Letter H*, Alfred Leach passionately defends the aspirated aitch in words like “herb”.

Desktop/Laptop

• Why I Wrote the Linux Cookbook, Second Edition

  Once upon a time, way back in 2003, I had an idea. “Hey,” I said to myself, “I should write a Linux book. It will be for Linux users, rather than coders. It will cover the basic tasks that Linux users want to know about.”

  I was so enchanted by this idea that I reviewed the notes I had collected during my Linux adventures and started writing an outline. I pitched it to O’Reilly Media, and wonder of wonders, they said yes. The writing process was long and horrible, because I had no idea how to write a book, but my editors were patient and amazing.

Audiocasts/Shows

• Destination Linux 251: Why We Became Linux Enthusiasts

  This week’s episode of Destination Linux, we are going to discuss what made us Linux Enthusiasts! Then we’re going to discuss some good news with Firefox’s latest release . . . it seems that the have been listening to DL. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

• Late Night Linux – Episode 150

  A new cheap Pi and a new version of Raspberry Pi OS, Firefox gets pretty new colours, a management shakeup at GitHub, Red Hat’s new dev hiring policy, KDE Korner, and more. With guest host Jim Salter from 2.5 Admins.

• Too bad Microsoft killed off Paint – Invidious

Kernel Space

• Graphics Stack

  • XWayland 21.1.3 rolls out supporting NVIDIA 495.44 with the GBM API

    Another big tick in the box for switching over to Wayland from Xorg, with the release of XWayland 21.1.3. In the release announcement it was noted that it has no changes over the previous release candidate build.

    With this release of XWayland, it brings in support for the latest NVIDIA 495.44 stable driver, released back in October where NVIDIA finally added support for the GBM API.

Applications

• 16 Best Compression Tools in Linux

  Compressing and decompressing files is a day-to-day activity of the system administrator and normal Linux users. Compression not only saves disk space but reduces data transmission and bandwidth.

  Most of the time, it is really hard to find a compression tool that really meets your requirements. You can find all the best compression tools in almost all Linux distributions. Performance of compression tools is measured based on compression ratio, compression speed, and decompression speed.

Instructionals/Technical

• ZFS Woes, or how ZFS Saved Me From Data Corruption

  I’ve been using ZFS for years on my Linux storage server. Recently I upgraded from Alpine 3.12 to 3.14, which included a ZFS 0.8 to ZFS 2.0 update. Not soon after, I started getting random file corruption issues. I didn’t see any SMART errors on the drives, but still assumed that my hard drive could be going bad. My storage had outgrown my previous backup drive anyway, so I purchased an additional drive. When I attempted to sync snapshots to the new device, I started to see I/O errors and kernel panics. I took a long journey through ZFS bug reports, attempted to switch to Btrfs and even migrated my storage to a different computer. In the end, ZFS saved me from what could have been disastrous amounts of data corruption due to faulty hardware.

• Two different worldviews of version control systems

  I’ve come to think that there are two broad ways of viewing the world that are used by most common version control systems. Although the end result can be the same, these worldviews lead to different places and can give people different attitudes, and I happen to think that one is a better representation of reality than the other.

• Years since 1900 + seven bits = breakage in 2028

  Last November, I put up a list of a bunch of “magic numbers” including some years in which time/date stuff is likely to break. There’s 2036 for the NTP era rollover, 2038 for time_t requiring 32 bits in January *and* another GPS week rollover in November.

  It turns out we have another one coming up far sooner, too: 2028!

• How to rsync files between two remotes?

  When syncing with a remote host, rsync invokes ssh to spawn a remote rsync –server process. It interacts with it through its standard input and output. The idea is to recreate the same setup using SSH tunnels and socat, a versatile tool to establish bidirectional data transfers.

• SSH through a proxy

  Networks are partitioned, and this is a Good Thing. Sometimes it’s possible to overcome some of the restrictions, which is good to know (it’s at least good to know the limits of the fences that are in place, anyway).

  In this case, we’re assuming that all traffic to the outside is allowed through a web proxy, with the clear intent to allow… web traffic only.

  Now Alice wants to connect with her laptop in the inside network to her server in the outside network, using SSH. Which is, as we saw, forbidden because all ports are forbidden for direct access.

  In this case, Alice can try to convince the proxy to let her through with a little effort and some help from a few programs.

  The gist of this technique is to make the SSH client “proxy aware” by means of a helper program, by means of the ProxyCommand option. Let’s see some examples.

• The yearly backup restore test

  In my calendar there is a yearly recurring item named ‘backup restore test’. This is an article on my backup scheme and the yearly restore test, covering all aspects, such as data validation, backup scheme, time and cost involved. I started doing personal restore tests each year around 2012, when I did them for my first job. At work back then, the restore test was monthly, for my own backups I decided that yearly was okay enough, since the backup scheme, software and provider do not change. I’m using Azure cold storage for my (locally encrypted) personal backups, since it’s both cheap and supported by my local NAS.

  Have you done your backup restore test recently?

• Exploring fff part 2 – get_ls_colors

  In part 1 I took a first look at fff, “a simple file manager written in Bash”, focusing on the main function, and learned a lot. In this part I take a look at the first function called from main, and that is get_ls_colors. I’m continuing to use the same commit reference as last time, i.e. the state of fff here.

• How to Install GNOME Shell Extensions Easily and Quickly

  In this article I will demonstrate you how to easily install GNOME extensions directly from your browser.

  GNOME Shell is one of the most widely used desktop environment for Linux. Probably the most standout aspect of GNOME is that it looks nothing like anything you have experienced before.

  Going one step further, GNOME has various extensions that offer additional customization options. Once installed, they will help you add extra functionality to your GNOME Shell desktop and help modify existing features.

• How to force Apache to use HTTPS – Unixcop the Unix / Linux the admins deams

  Hi guys ! In this tutorial, we will show, how to forcefully redirect apache HTTP to HTTPS

  If you are a website owner or system administrator, chances are that you’re dealing with Apache on a regular basis. One of the most common tasks you’ll likely perform is redirecting the HTTP traffic to the secured (HTTPS) version of your website.

  Unlike HTTP, where requests and responses are sent and returned in plaintext, HTTPS uses TLS/SSL to encrypt the communication between the client and the server.

• How to increase the requests timeout on Nginx – Unixcop the Unix / Linux the admins deams

  Hello, friends. Nginx is one of the most used web servers in the world along with Apache. So it is possible to find a lot of tricks on the internet to help us with that. In this post, I will show you a very convenient and useful one like increasing the timeout of the requests on Nginx. This will allow you more flexibility when configuring Nginx and adapting it to the needs of the various applications or websites you have.

• How the Kubernetes ReplicationController works | Opensource.com

  Have you ever wondered what is responsible for supervising and managing just the exact number of pods running inside the Kubernetes cluster? Kubernetes can do this in multiple ways, but one common approach is using ReplicationController (rc). A ReplicationController is responsible for managing the pod lifecycle and ensuring that the specified number of pods required are running at any given time. On the other hand, it is not responsible for the advanced cluster capabilities like performing auto-scaling, readiness and liveliness probes, and other advanced replication capabilities. Other components within the Kubernetes cluster better perform those capabilities.

• How to Install Linux Kernel 5.15 on Debian 11 Bullseye – LinuxCapable

  Linux kernel 5.15 is out with many new features, support, and security. The Linux 5.15 kernel release further improves the support for AMD CPUs and GPUs, Intel’s 12th Gen CPUs, and brings new features like NTFS3, KSMBD (CIFS/SMB3), and further Apple M1 support, amongst many other changes and additions.

  In the following tutorial, you will learn how to install the latest 5.15 Linux Kernel on Debian 11 Bullseye using the Debian Experimental repository with APT pinning. In time, unstable (sid) and testing (bookworm) will receive the 5.15 kernel, much like the previous 5.14 did as well.

  The tutorial will be updated to reflect the changes when this change of repositories occurs.

• How to Install and Configure FreeIPA on Rocky Linux/Centos 8 – Citizix

  In this guide, you will learn how to install and configure FreeIPA server on Rocky Linux/Centos 8. This guide also works on RHEL 8 and other derivatives like Oracle Linux and Alma Linux.

  FreeIPA is a centralized authentication, authorization, and account information system. FreeIPA stands for Free Identity, Policy, Audit and it is an open-source identity management solution based on an LDAP directory and Kerberos with optional components such as DNS server, certification authority, and more. It can manage a domain with users, computers, policies, and trust relationships. It is similar to Microsoft Active Directory.

  FreeIPA can also set up a forest-to-forest trust with existing Active Directory forests and even live in a DNS zone below a zone managed by Active Directory, as long as they do not overlap. It consists of a web interface and command-line administration tools.

• How to change forgotten Linux password – Invidious

  This goes over resetting ANY Linux password and two methods of doing so.

• How to create and configure VirtualHost to the OpenLiteSpeed server – Unixcop the Unix / Linux the admins deams

  In the previous article, we have seen how to install openlitespeed server on ubuntu. In this tutorial, we will see how to add VirtualHost to the server.

• How to find the CPU information in HP-UX

  Finding hardware information on HPUX is always easy when you use the right commands.

  In this guide, we will show you how to check the CPU details of the server such as sockets, cores and logical processors.

  The following commands are not limited to show only CPU information and shows most of the hardware information about the HP-UX server.

• How to install Nginx on Fedora 35 – NextGenTips

  In this tutorial i will show you how to install Nginx on Fedora 35.

  Nginx is a fast and lightweight web, http load balancer, reverse proxy and http cache server. Its scalability and efficiency makes Nginx both suitable for small and high traffic servers. It can also function as a proxy server for email IMAP,POP3 and SMTP.

  Nginx has proved to be ideal web server for many web task because it can handle a high volume of connections. Nginx is frequently placed between clients and a second server to serve as an SSL/TLS terminator or web accelerator. Dynamic sites build with languages like PHP, node.js deploy Nginx as content cache and reverse proxy to reduce load on application servers and make the most effective use of the underlying hardware.

• How to install an open-source kanban board in your data center in minutes – TechRepublic

  If you’ve read my take on kanban boards, you might be at a place where you’re anxious to start making use of this amazingly efficient task management tool. If you want to deploy a kanban solution to your data center, you have options … lots of them. Some of those options are even open-source. And that’s what I want to look at today, an open-source kanban solution that you can deploy to your data center and have your teams using in no time.

Games

• Early Access arrives soon for the fantasy competitive card battler Dragon Evo | GamingOnLinux

  After having a few early releases available on the web and itch.io, Dragon Evo is entering the next stage of its life as a free to play competitive card battler on Steam and itch.io in Early Access.

  “Dragon Evo is a unique tactical card game blending a touch of RTS with the thrill of RPGs and the best of deck building games. With our favourite elements from role playing, strategy and deck building / card games, it’s a game like no other – a truly unique experience spanning across genres.”

• Fallout 4 apparently uses Windows Media Audio, and this creates issues with Wine. – BaronHK’s Rants

  Windows Media Audio….

  The proprietary competitor to Ogg Vorbis and MP3 from 20 years ago that you figured you’d never hear about again, apparently actually is used in some Windows games.

  At least Fallout 4.

  When I tried to get it working in Wine 6.19, it would crash with assertion failed and mention something about FAudio (which, itself, apparently reimplements some DirectX audio APIs), but specifically that it couldn’t play back WMA audio.

  It would make it through the launcher and then crash as soon as it got to the main menu.

  It seems that it generally runs okay in the “Glorious Eggroll” version of Wine 6.16 as provided in a Lutris package. I made a Wine prefix for it, and everything works.

  I noticed that in the Wine 6.21 news that they made some changes to FAudio in relation to some video games, including Skyrim SE, another Bethesda title, which uses the same engine as Fallout 4.

  So I ran the game in Wine 6.21. The performance is a little better, but there is no music or “radio” on the PIP Boy.

  This seemed like the missing GStreamer MP3 codec problem that occurs in Fallout 3, New Vegas, and TES: Oblivion, except I know I have codecs for WMA installed. They should be part of “gstreamer1.0-libav”, which is now using ffmpeg, which I know has a WMA codec.

• ChimeraOS 27 is out with touch-screen improvements for the AYA NEO | GamingOnLinux

  ChimeraOS (previously called GamerOS) is a Linux distribution aimed at full-screen devices and console styled couch-gaming, much in the same way that SteamOS is.

  In the years since Valve stopped updating SteamOS 2, ChimeraOS has plugged a rather nice gap for such devices and the developer continues to make improvements. ChimeraOS 27 just rolled out with the usual assortment of main software tech upgrades including Linux 5.14.15, Mesa 21.2.4, NVIDIA 495.44, RetroArch 1.9.11 and more.

• GOG’s Made in Poland sale has lots of goodies going cheap again | GamingOnLinux

  Celebrating Polish creativity in gaming, GOG’s Made in Poland sale is live and it’s yet another chance to save lots of pennies on some great games.

• Minigalaxy, a simple and open source GOG client for Linux version 1.1 is out

  After many months a fresh release of the rather good Minigalaxy is out. It’s a free and open source client for GOG, helping you manage your game library from the DRM-free store. Yet again, the community building what a company won’t for Linux, since GOG still have no clear plan for Galaxy on Linux officially.

  Minigalaxy version 1.1 is the biggest yet, including numerous needed enhancements to make it go from good to great.

Desktop Environments/WMs

• System76 creating their own desktop environment written in Rust

  Do we need another desktop environment? There’s already KDE Plasma, GNOME Shell, Xfce, MATE, Cinnamon and the list goes on for a while. System76 at least seem to think another is needed, one they control.

  The news tip comes courtesy of System76 engineer Michael Murphy, who mentioned on Reddit their plans for it to be “its own desktop” and that it won’t be based on GNOME like their most recent attempt with Cosmic but instead “it is its own thing written in Rust”.

Distributions

• My three-month-long elementary OS 6 upgrade adventure in three parts. (Part 1: Catts)

  I feel elementary OS would be far more usable in general – not to mention more familiar for folks just coming over from macOS or Windows – if we were to replace the default task switcher with Catts.

  [...]

  To cut a long story short, Catts was brought into elementary OS as the default Window Switcher last week and should be in November’s operating system updates.

• SUSE/OpenSUSE

  • Project seeks Candidates for openSUSE Board Election

    The openSUSE Project is seeking nominations and applications for openSUSE Board candidacy. The projecct also looks to gain more members leading up to the elections.

    A notice was sent by the election committee informing project members of the timeline for the election process.

    There are two seats open for this election cycle. The call for nominations and applications will continue until Monday, Nov. 22. If you would like to nominate a member from the openSUSE community or declare yourself as a candidate, please send an email to the election committee at election-officials@opensuse.org.

• Debian Family

  • Bullseye! Debian-based Raspberry Pi OS scores an update with ‘less closed-source proprietary code’

    It’s been a while, but the Raspberry Pi OS has had a major version bump, taking this flavour of Linux for the diminutive computer to Debian Bullseye.

    Debian Bullseye debuted in August, and the Raspberry Pi team admitted that getting its eponymous operating system updated had “taken a bit longer than we’d hoped”.

    Bullseye will be supported for five years, and makes use of version 5.10 of the Linux kernel. It came just over two years since the last major Debian release, Buster. As well as the changes under the hood, the Raspberry Pi OS incarnation has a number of tweaks in support of the computer’s hardware and the OS’s desktop environment.

  • Time to update your Raspberry Pi with the new OS based on Debian ‘bullseye’

    It’s that time! The Raspberry Pi OS (formerly known as Raspbian) has done a major upgrade moving the package base from Debian buster to Debian bullseye.

    A long time coming, since bullseye was released back in August. Supported for at least five years, this brings with it tons of major upgrades to all the internals. Not only that though, the RPi team also updated their desktop (based on LXDE) with a number of extra tweaks to make it look and feel better.

    While it’s been around for years now, this release has only just done the jump from GKT+2 to GTK+3. This is the toolkit used for actually drawing the interface giving you buttons, menus and everything else in the form of widgets. In the announcement post the team grumbled a bit that GTK+3 took a while to move to, as it’s more difficult to use and it “removed several useful features which we relied upon” but they’ve found workarounds for a few bits they wanted.

    This release also moved their window manager from Openbox to Mutter which comes with visual effects, rounded corners, shaded borders, window animations and more. In other words, it’s all a bit more modern looking and feeling. On top of that it also makes it easier for them to support Wayland in future too although they’re still “quite a long way” from switching to Wayland. A drawback though, is that the OS now needs at least 2GB RAM.

• Canonical/Ubuntu Family

  • Canonical Releases New Ubuntu Linux Kernel Security Updates to Fix 13 Vulnerabilities

    Available for Ubuntu 21.10 (Impish Indri), Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), and the Ubuntu 16.04 and 14.04 ESM (Extended Security Maintenance) release, the new security updates address CVE-2021-3759, a vulnerability that could allow a local attacker to cause a denial of service (memory exhaustion). This flaw is affecting all supported Ubuntu releases.

  • Canonical Makes It Easier to Run Ubuntu VMs on Apple M1 Macs with Multipass

    The company behind Ubuntu have updated Multipass to verison 1.8, a release that introduces support for setting up and running Ubuntu virtual machines on Apple M1 MacBook devices with minimal effort.

    In fact, Multipass promises to offer Apple M1 MacBook developers interesting in developing apps for the Linux/Ubuntu desktop the fastest way to run Linux cross-platform, running a Ubuntu VM in as little as 20 seconds.

Devices/Embedded

• ClonerAlliance UHD Pro Video Capture Box Unboxing & Review

  Today, we’re going to be taking a look at the ClonerAlliance UHD Pro video capture box which was sent to me by the team at ClonerAlliance to review and share with you.

  I often get asked on my Raspberry Pi tutorial videos why I’ve used the full desktop version of Raspberry Pi OS when the project is intended to be run without a monitor or external display connected once it has been set up. There’s actually quite a simple answer. I use a screen recording utility, typically SimpleScreenRecorder, running in the background to capture the screen contents for the tutorial.

• Open Hardware/Modding

  • Openpower Summit 2021

    When talking about POWER I’m sometimes accused that I’m beating a dead horse. As you can see from just a small selection of talks at the OpenPOWER Summit 2021, the community around POWER is quite lively. Curriculum, new instructions and various new hardware are under development. If all goes well, POWER will be a lot more accessible to users and developers hopefully already next year!

  • Original Apple Built by Jobs and Wozniak to be Auctioned

    What makes it even rarer is the fact it is encased in koa wood — a richly patinated wood native to Hawaii. Only a handful of the original 200 were made in this way.

    Apple-1s were mostly sold as component parts by Jobs and Wozniak. One computer shop that took delivery of around 50 units decided to encase some of them in wood, the auction house said

    “This is kind of the holy grail for vintage electronics and computer tech collectors,” Apple-1 expert Corey Cohen told the Los Angeles Times. “That really makes it exciting for a lot of people.”

• Mobile Systems/Mobile Applications

  • Android 12 beta 5 At a Glance widget settings broken issue escalated

  • When is Android 12 coming to Realme phones?

  • Google’s working on a Privacy Guide feature for Chrome on Android

  • How to Stop Chrome From Sharing Your Motion Data on Android

  • Samsung Galaxy Watch4 buyer’s guide: How to choose the right Android smartwatch

  • Android top tricks: Five ways to use your smartphone smartly

  • Pixels don’t run ‘stock Android’ and Google needs to give its software skin a public name

  • Pixels don’t run ‘stock Android’ and Google needs to give its software skin a public name

  • How to Change Notification Sounds for Each App on Your Android Phone

  • Android Users have been urged to obliterate the Chrome browser promptly amid the concerns of the personal data for being acquired and misused / Digital Information World

  • ALERT: AbstractEmu malware completely takes over your Android devices, NCC warns Nigerians | TheCable

  • Reduce Telco Headaches With Cloud-Based Android TV Device Management – TechNative

  • Oppo Android 12 (ColorOS 12) update tracker: Eligible devices, release…

  • The Samsung Galaxy S20 gets a taste of Android 12 with first One UI 4 beta

  • Tasker lets you force resize Android 12′s AOD clock – 9to5Google

  • You told us: Here’s who makes the best-looking Android phones

  • (Updated) The Most Exciting Games You can Pre-Register for on Android Right Now – Droid Gamers

  • Best Android app deals of the day: Mars Power Industries, more – 9to5Toys

  • The best tycoon games for Android – Android Authority

  • Google Pixel Buds A-Series True Wireless Earphones Review: Built for Android | NDTV Gadgets 360

  • Tasker can help you change the size of Android 12′s AOD clock

  • Google apps with Android 12 animated splash screens – 9to5Google

  • Samsung One UI 4.0 (Android 12) update tracker: Eligible devices & more

  • ZTE Blade L9 Entry-Level Smartphone With Android 11 Go Edition Launched: Price, Specifications | Technology News

  • vivo Y15s launched with Helio P35 and Android 11 (Go edition) – GSMArena.com news

  • How to buy Google’s remote design as a replacement for any Android TV

  • Google Chrome is getting a new Privacy Guide on Android

Free, Libre, and Open Source Software

• Web Browsers

  • Mozilla

    • Tor Browser 11 Anonymous Web Browser Released with New Look and Feel

      More than a year in the works, Tor Browser 11 web browser is finally here, ready to be used by those who want to protect their privacy by staying anonymous online while surfing the World Wide Web.

      Based on the Mozilla Firefox 91 ESR (Extended Support Release) web browser series and the Tor 0.4.6.8 open-source and free software for enabling anonymous communications, Tor Browser 11 introduces a brand-new look borrowed from Firefox 91.

    • Tor Browser 11.0

      Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody from watching your Internet connection and learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

      The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

    • New Release: Tor Browser 11.0

      Tor Browser 11.0 is now available from the Tor Browser download page and our distribution directory. This is the first stable release based on Firefox ESR 91, and includes an important update to Tor 0.4.6.8.

• SaaS/Back End/Databases

  • Lesser Known PostgreSQL Features

    Office is not unique in this sense. Most of us are not aware of all the features in tools we use on a daily basis, especially if it’s big and extensive like PostgreSQL. With PostgreSQL 14 released just a few weeks ago, what a better opportunity to shed a light on some lesser known features that already exist in PostgreSQL, but you may not know.

• Education

  • Tales of Grace Hopper

    Communications of the ACM, November 2021, Vol. 64 No. 11, Page 7 10.1145/3485446

    My career started when I joined Kodak in the U.K. in 1959, where I was taught to program by Conway Berners-Lee, father of Sir Tim Berners-Lee, the WWW inventor. At that time, we only knew of about 300 stored program computers in the world, although there were probably 300 more in ‘secret’ places like the military or government.

  • Grace Hopper, Minicomputers, and Megabytes: It’s a Fun Career

    After a dinner in 1973, she asked if we would like to see the new computer Univac had loaned her. She dived into her handbag and brought out an object the size of a cigarette packet. We all stared, amazed, as she opened the box and picked up an even smaller object. Grace proceeded to tell us the impossibly small computer had a 64-kilobyte COBOL complier. We wanted to see it in action, so someone brought over a teletype with a printer, and from the side of the device Grace pulled out a fine cable the width of a human hair and a transformer with an adaptor for the fine cable to plug into as the power supply.

    The group watched as Grace ran a simple COBOL program. We didn’t know it then, but we had just witnessed an early silicon chip-based computer. In Grace’s opinion, the mainframe was dead and would be replaced by ‘multitudes of minicomputers’ that would be linked by telephone lines, all working together. It was quite possible she had seen a demonstration of the U.S. Department of Defense’s ARPANET, the precursor of the Internet.

• FSF

  • GNU Projects

    • New Libreboot release soon: ETA November 15th, 2021

      Rapid progress is being made on the next release of Libreboot. The overall goal of this upcoming release is stability; development was intentionally frozen after the Libreboot 20210522 testing release, to allow time for people to submit lots of bug reports. Sure enough, people submitted reports.

      I’ve been fixing bugs and polishing up what’s there, ready for another release. You can already build Libreboot from the latest Git repository, and it’s known to be stable on all currently supported laptops. Desktops still require a bit more polishing and tweaking.

• Openness/Sharing/Collaboration

  • Open Access/Content

    • Don’t fear losing Elsevier access, California negotiator tells UK

      UK universities should not fear being cut off from Elsevier journals if the stand-off over a new deal with the publisher continues into next year, according to the University of California’s lead negotiator.

      They were well placed to cope with not having access for an extended period, said Jeff MacKie-Mason, who co-chaired California’s task force when it walked away from negotiations with the Dutch publishing giant in 2019, leading to nearly two years without direct access to Elsevier content until an open access deal was struck in March 2021.

      “If UK universities prepare, as we did, they should be able to sustain as long, or longer, a subscription stand-off,” Professor MacKie-Mason told Times Higher Education.

• Programming/Development

  • Perl/Raku

    • Perl Weekly: Issue #537 – 2021-11-08 – How do you spend your free time?

      So how do you spend your free time? Do you write more code? Do you try to explain what you wrote, how you wrote and why? Or do you spend your time on some other activities? I, for examples started to read a lot more than I did in the recent years. And sure, I’ll even share my recommendations with you. (See below.)

A New Understanding of Nature is Long Overdue

Life is not a competition, however many times we are told that it is. That notion is an agreement that needs to be reexamined and discarded. Use defines value in a way that does a disservice to the reality that nature in all its manifestations exists for its own purposes, regardless of the infinite number and/or intensity of human desires.

“The more successful we become in science and technology, the more diabolical are the uses to which we put our inventions and discoveries.” C.J. Jung, Letters Vol. II, p. 81 (1975)

Killing Website Comment Sections Wasn’t The Brilliant Move Many Newsroom Leaders Assumed

So for years we pointed out how the trend of news websites killing off their comment section (usually because they were too cheap or lazy to creatively manage them) was counterproductive. One, it killed off a lot of local, community value and engagement created within your own properties. Two, it outsourced anything vaguely resembling functional conversation with your community — and a lot of additional impressions and engagement — to Facebook. Despite the downsides everybody ran with the idea that comment sections were utterly irredeemable and unnecessary.

Omar El Akkad’s Odyssey of Hope

The opening line of Omar El Akkad’s new novel, What Strange Paradise, flashes an image from the year 2015 before the mind’s eye. It is an image that brings the plight of migrant refugees—escaping their untenable present in the face of war back home and in search of a stable and better future far away—to center stage. “The child lies on the shore,” writes El Akkad, taking the reader back to the Greek island of Kos, where memories of a drowned 3-year-old Kurdish Syrian boy, Alan Kurdi, lie buried, only to come alive again when we learn of a similar tragedy .

Science

• South Korean KSLV-2 Nuri Rocket Almost Orbits | Hackaday

  There was a bit of excitement recently at the Naro Space Center on Outer Naro Island, just off the southern coast of the Korea Peninsula. The domestically developed South Korean Nuri rocket departed on its inaugural flight from launch pad LB-2 at 5pm in the afternoon on Thursday, 21 Oct. The previous launch in the KSLV-2 program from this facility was in 2018, when a single-stage Test Launch Vehicle was successfully flown and proved out the basic vehicle and its KRE-075 engines.

  This final version of the three-stage Nuri rocket, formally known as Korean Space Launch Vehicle-II (KSLV-2), is 47.2 m long and 3.5 m in diameter. The first stage is powered by a cluster of four KRE-075 sea-level engines having 3 MN of thrust. The second stage is a single KRE-075 vacuum engine with 788 kN thrust, and the final stage is a KRE-007 vacuum engine with 69 kN thrust (all these engines are fueled by Jet-A / LOX). In this maiden flight, the first two stages performed as expected, but something went wrong when the third stage shut off prematurely and failed to gain enough velocity to put the 1400 kg dummy satellite into orbit.

Health/Nutrition/Agriculture

• Ted Cruz, Other Conservatives Criticize Big Bird for Getting Vaccinated

• Same as it ever was: Antivaxxers target Orthodox Jews with COVID-19 misinformation

  Let’s rewind to what now seems like ancient history, April 2019. It’s hard to believe that that was not even three years ago, but since the pandemic hit that time seems like an entirely different world. I realize that it seems almost quaint now in the age of the COVID-19 pandemic, but back then the biggest concern with respect to infectious disease and vaccines was that measles was making a resurgence in multiple areas in the US. The reasons boiled down to the usual reasons for measles outbreaks: pockets of low vaccine uptake, fueled by vaccine hesitancy, which was fueled by antivaccine misinformation promoted by antivaxxers. Some of this misinformation was targeted at insular religious groups, like some communities of ultra-orthodox Jews, which led to my writing a post about how the situation was more complex than that.

• Mother Nature, Inc.

  According to the NYSE PR Dept. they’ll IPO nature: “To preserve and restore the natural assets that ultimately underpin the ability for there to be life on Earth.” What? Really?

  And, according to NYSE COO Michael Blaugrund: “Our hope is that owning a natural asset company is going to be a way that an increasingly broad range of investors have the ability to invest in something that’s intrinsically valuable, but, up to this point, was really excluded from the financial markets.”

Integrity/Availability

• npm install is curl | bash

  npm (and yarn) will execute arbitrary code when you install a package via install scripts. A valid use-case is to build native code on installation, or do some other environment-specific setup, though these scripts have also been used to show ads and, of course, as an attack vector. In fact, install scripts were the most popular route for malware as of 20192.

  Installing a single malicious package is enough to get reasonably pwned. The risk is mitigated by npm’s moderation of the registry — they’re quick to remove malware once discovered. This works pretty well, though I worry about the day someone uses this to publish a self-replicating worm.

  This attack vector isn’t unique to npm. Other package managers like pip and RubyGems allow for the same thing. As developers, we’re not as cautious when installing packages from these registries as when we use curl | bash, though we should be3.

• New DDoS attack vectors may spell trouble in future: Kaspersky

  Researchers at the Universities of Maryland and Colorado Boulder were credited with the TCP development, while the second was credited to security firm NexusGuard and named Black Storm.

  The TCP attack targets devices between a client and a server: firewalls, load balancers, network address translators, and deep packet inspection tools, many of which could interfere with a TCP connection.

• Proprietary

  • Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer [iophk: Windows TCO]

    Both Godzilla and NGLite were developed with Chinese instructions and are publicly available for download on GitHub. We believe threat actors deployed these tools in combination as a form of redundancy to maintain access to high-interest networks. Godzilla is a functionality-rich webshell that parses inbound HTTP POST requests, decrypts the data with a secret key, executes decrypted content to carry out additional functionality and returns the result via a HTTP response. This allows attackers to keep code likely to be flagged as malicious off the target system until they are ready to dynamically execute it.

  • [Crackers] breach nine global organizations in ongoing espionage campaign [iophk: Windows TCO]

    A [cracking] group with potential ties to China has breached nine global organizations as part of an ongoing espionage effort mostly targeting the defense sector, findings made public Sunday revealed.

    According to a report from cybersecurity company Palo Alto Networks, the [crackers] targeted at least 370 organizations running potentially vulnerable Zoho servers in the U.S. alone, successfully compromising at least one, as part of a wider global campaign.

  • International coalition arrests [crackers] linked to thousands of ransomware attacks [iophk: Windows TCO]

    Europol on Monday announced the arrests, which took place Thursday, saying that the two individuals arrested are alleged to be behind more than 5,000 cyberattacks and are accused of having gained more than half a million Euros in ransomware payments made by victims.

    The arrests were the latest in a string of operations pursued by a coalition of international partners against REvil, with Europol saying Monday that three other individuals associated with REvil, along with two others associated with a linked cyber crime group, have been arrested since February.

  • REvil Ransom Arrest, $6M Seizure, and $10M Reward

    The U.S. Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the U.S. Department of State is now offering up to $10 million for the name or location any key REvil leaders, and up to $5 million for information on REvil affiliates.

  • DOJ charges 2 men allegedly behind REvil ransomware attacks [iophk: Windows TCO]

    Yaroslav Vasinskyi, a Ukrainian national arrested last month in Poland, and Yevgeniy Polyanin, a Russian national who remains at large, face charges of fraud, conspiracy and money laundering. Vasinskyi was charged in connection with his alleged role in carrying out the devastating July 4 ransomware attack against the software firm Kaseya, which in turn affected hundreds of companies within the U.S.

  • 77% Indian organisations faced downtime due to cyber risk during festive season [iophk: Windows TCO]

    New Delhi, During peak festive season in the last 18 months 77 per cent of organisations in India experienced downtime due to cybersecurity risk, while 81 per cent of global organisations experienced increased cyber threats during Covid-19, a new report revealed on Tuesday.

    According to McAfee Enterprise and FireEye’s report titled ‘Cybercrime in a Pandemic World: The Impact of Covid-19′, the top three most threatening cyber risks that were detected are malware attacks (47 per cent), data breaches (43 per cent), ransomware and cloud jacking (33 per cent each), over 30 per cent of the IT professionals also experienced vulnerabilities in their ‘Internet of Things’ devices.

  • SolarWinds investors sue company over supply chain attacks [iophk: Windows TCO]

    The attacks came to light in December 2020 when American cyber security firm FireEye announced that it had identified a global campaign to compromise public and private sector bodies through corruption of software supply chains.

    FireEye is now known as Mandiant, taking on the name of a company that it acquired some years ago after selling its network, email and cloud security products, as well as the FireEye name, in June this year.

  • McAfee Corp to be taken private in $14-billion deal

    The investor group will acquire all outstanding shares of McAfee common stock for $26 per share in an all-cash deal that values McAfee at about $12 billion on an equity basis.

  • Security

    • Privacy/Surveillance

      • Transparency Activists Dump 1.8 Terabytes Of Police Helicopter Surveillance Footage

        Let’s just get right into this and let Distributed Denial of Secrets (DDoS) harvest some accolades and encouragement to continue to deploy its particular brand of intrusive transparency on historically secretive entities.

      • Israeli Malware Merchants NSO Group, Candiru Added To Commerce Department Export Blacklist

        A couple of Israeli spyware purveyors have finally gotten themselves disinvited from the good graces of the federal government of the United States. The Commerce Department’s Bureau of Industry and Security has amended its export regulations to hand NSO Group and the more mysterious Candiru a “presumption of denial,” meaning they’ll have to prove they’re trustworthy again before US entities will be able to do business with them.

      • Social media: time to turn around the weapons

        In her investigative journalism work, Maria exposed the manipulation of social media platforms by savvy actors for the purpose of undermining democracies, harassing opponents, spreading misinformation, and faking the popularity of political actors. She is primarily known for her criticism of Facebook, which she has dubbed “the murderer of democracy”.

      • ‘Organized State Terrorism’: Palestinians Condemn New Israeli Surveillance Revelations

        Activists from Palestinian groups recently designated “terrorist organizations” by Israel’s government expressed outrage and resolve Monday following revelations that their phones were hacked with Pegasus spyware, and amid the exposure of a sweeping facial recognition surveillance campaign in the West Bank by Israeli occupation forces.

        “It’s part of a systematic attack on human rights defenders and the values of democracy and freedom.”

      • Confidentiality

        • XMPP: The ‘Admin-in-the-middle’ or just ‘biased scaremongering’?

          The article XMPP: Admin-in-the-middle shows the perspective of an XMPP server administrator. While some people continuously praise XMPP as the “privacy-friendly alternative” to other messengers, we think users should be aware of its downsides: A server-side party (e.g., administrators, attackers, law enforcement) can transparently modify, log, and monitor nearly everything when users communicate via XMPP. We neither say XMPP is the worst communication protocol nor its downsides don’t apply to some other protocols.

        • Robinhood says a [cracker] who tried to extort the company got access to data for 7 million customers

          Trading platform Robinhood said Monday that personal information for more than 7 million customers was accessed during a data breach on November 3rd. The company said in a news release that it does not appear that Social Security numbers, bank account numbers, or debit card numbers were exposed, and no customers have had “financial loss” due to the incident.

Defence/Aggression

• US Army cyber operations team visiting Lithuania

  As part of the Lithuanian visit, the PAARNG cyber security team visited the Regional Cyber Defence Centre (RCDC) which started operating last summer.

• Lithuania’s ministry calls for state of emergency over migrants on Polish border

  The conference was organised following reports that hundreds of irregular migrants in Belarus are moving toward the Polish border. Lithuania’s border guard chief previously said that Lithuania was getting ready to react to any developments on its own border with Belarus.

  “We are following what is happening on the border between Poland and Belarus and, obviously, we can expect similar incursions and attacks. So our institutions are on maximum alert, our officers and military forces are regrouping,” Bilotaitė told reporters.

• Lithuania calls for state of emergency over migrants on Polish border

  EU officials, including Estonians, hold the Minsk regime responsible for facilitating and enabling irregular migration, calling it “hybrid aggression” against the European Union.

  Hundreds of migrants are moving towards the Polish-Belarusian border in the Kuznica region on Monday, LRT reported.

  Minister of Interior: “This is no longer a hybrid attack”

• Poland blames Belarus as migrants try to force their way across border

  The European Union, to which Poland and Lithuania both belong, accuses Minsk of encouraging migrants from the Middle East and Africa to cross into the EU via Belarus, as a form of hybrid warfare in revenge for Western sanctions on President Alexander Lukashenko’s government over human rights abuses.

  Poland said it had withstood the first attempts on Monday by the migrants to force their way across the border.

• Poland blocks migrants at Belarus border, warns of ‘armed’ escalation

  NATO on Monday also hit out at Minsk, accusing the government there of using the migrants as political pawns, while the European Union called for fresh sanctions against Belarus.

  Brussels says Belarusian President Alexander Lukashenko has encouraged the migrant flow in retaliation for existing EU sanctions imposed over its dismal human rights record.

• Belarus migrants: Poland fears armed border escalation

  EU and Nato members Poland, Lithuania and Latvia have all seen a surge in the number of people trying to enter their countries illegally from Belarus in recent months. Many of them have come from the Middle East and Asia.

  Government spokesman Piotr Muller said up to 4,000 migrants had gathered near Poland’s eastern border and told reporters that at some point they expected “an escalation… which will be of an armed nature”.

• Rebels are closing in on Ethiopia’s capital. Its collapse could bring regional chaos

  Amnesty International says Eritrean soldiers slaughtered hundreds of unarmed civilians in the northern Tigrayan city of Axum, “opening fire in the streets and conducting house-to-house raids in a massacre that may amount to a crime against humanity.”

  NPR has independently verified reports of sexual violence in Tigray, speaking with witnesses and victims, including one woman in the rebel capital of Mekele who was held captive for about a month by government forces. The woman told NPR that she was chained up for nine days and gang-raped by Eritrean soldiers.

• Sydney man convicted of terrorism offences fighting to be freed on bail

  A jury found him guilty of penning a book titled “Provisions on the Rules of Jihad” which referred to targeting foreign nationals, promoted assassination including within Australia and was published on a website supported by al-Qaeda.

  The 110-page book was described as a “practical guide to achieving martyrdom”.

• Suicide bombers remain central to Taliban strategy

  Sami Yousafzai, a veteran journalist who has reported on the Taliban since its emergence in the 1990s, says by praising suicide bombers, the Taliban is alienating both the Afghans it hopes to rule and the international community it needs to fend off an economic and humanitarian crisis, the report said.

  “Instead of trying to unite Afghans with a narrative of peace after claiming to have won the war, they want to bask in what they view as their glory and celebrate tactics such as suicide bombings that killed and maimed many Afghan civilians,” he says.

• Hamtramck City Council will be all Muslim, likely first in US, in January

  Seeking a fifth four-year term, Hamtramck Mayor Karen Majewski lost Tuesday to challenger Ghalib, a health care worker who won with 68.5% of the vote, while Majewski received 31.5%. Four years ago, Majewski defeated Hassan, 61% to 38%. In 2017, Majewski got the support of some Yemeni Americans to win, but this time, the community came out for Ghalib, an immigrant from Yemen.

  The mayor in Hamtramck has always been Polish-American Catholic since it became incorporated as a city 100 years ago. But today, the city is only 6.8% Polish, according to 2019 census data.

• Cyprus charges six with terror for alleged plot to kill five Israelis

  While the Israeli government said the attack was linked to “Iranian terror,” Cypriot officials have previously rejected the idea of Tehran’s involvement.

Transparency/Investigative Reporting

• Police Watchdog Calls for Full Access to Body Cam Footage. The NYPD Says No.

  The New York Police Department is undermining investigations into police abuse by refusing to give full access to body-worn camera footage, according to a new report by a city watchdog agency.

  The NYPD began rolling out body-worn cameras to officers in 2017, nearly four years after a federal judge found that the department’s stop-and-frisk tactics were unconstitutional and ordered the NYPD to begin piloting the use of body cams.

Environment

• This is what the world looks like if we pass the crucial 1.5-degree climate threshold

  Still, even at 1.5 degree Celsius of warming, scientists warn that storms, heat waves and droughts will be more extreme. And they caution that 1.5 degrees Celsius of warming isn’t a tipping point. For every tenth of a degree the planet gets hotter, the impacts get worse. But on the flip side, every tenth of a degree that’s prevented can be crucial in limiting the extent of future damage.

• Global Elites Can’t and Won’t Ever Stop Climate Change

  At COP26, we are being told that the answer to this problem is to trust “market-based solutions.” The conference has even given Amazon billionaire Jeff Bezos a platform to talk about what his vanity space travel expeditions taught him about climate change. Clearly, for those of us interested in preventing this crisis, few answers will be found in Glasgow.

  The real fight against climate change will come from below, grassroots organizing that forces change to the polluting system which benefits the world’s most powerful interests. But here we have a problem: whether it is Extinction Rebellion, Insulate Britain, or Green New Deal Rising, climate movements are using a mobilization strategy which aims to maximize disruption which then increases media coverage and thus public awareness of the issues.

  This is a strategy for a problem we are not facing. The problem that exists, the barrier to change, is not a lack of knowledge or concern on the population’s part, but a deficit of power. The Left’s strategy must reflect this, or we risk frenetic campaigning activity that ultimately changes little.

• Opinion | Urgently Needed: A Global Green New Deal From Below

  Solving global warming is humanity’s greatest challenge. It can be done, but it is exceedingly difficult as it requires a fundamental restructuring of the world economy.

• Greta Thunberg Condemns UN Climate Summit as a “Greenwash Festival”

• World’s Biggest PR Firm Urged to Stop Enabling ‘Ecosystem Destruction’

  A group of over 100 climate justice advocates and creators on Monday publicly called on the world’s largest public relations firm—Edelman—to drop ExxonMobil and other fossil fuel companies as clients.

  “Advertising for fossil fuel companies obstructs urgently needed government action on climate change and impedes climate justice solutions.”

• ‘The Future of Fashion Looks Bleak Unless We Step Up’: Industry Targeted at COP26

  While welcoming the global fashion industry’s new climate commitments unveiled Monday as part of the United Nations summit in Glasgow, Scotland, campaigners urged bolder action that more adequately addresses issues with the full clothing supply chain.

  “In a time when the climate crisis is accelerating to unprecedented levels, we need the real economy to lead on climate action.”

• The Greenwashing of COP26: Fossil Fuel Lobbyists Make Up Biggest Delegation at U.N. Climate Summit

  The Glasgow U.N. climate summit is inundated with fossil fuel lobbyists, according to a recent report published by Global Witness that found “if the fossil fuel lobby were a country delegation at COP, it would be the largest with 503 delegates — two dozen more than the largest country delegation.” We speak with Louis Wilson, senior adviser at Global Witness, and Andrea Ixchíu, a Maya K’iche’ leader, journalist and human rights defender based in Guatemala, about the vast presence of the fossil fuel industry at COP26 and the subsequent greenwashing taking place. “We don’t allow tobacco lobbyists into health conferences, so it begs the question why fossil fuel lobbyists are being allowed into the most important climate conference in a generation,” says Wilson.

• “COP26 Is a Failure”: Greta Thunberg Condemns U.N. Climate Summit as a “Greenwash Festival”

  Eighteen-year-old Swedish climate activist Greta Thunberg called COP26 a “failure” when she addressed the Fridays for Future rally in Glasgow, which drew around 25,000 demonstrators. Her address comes after Thunberg dismissed climate leaders a month prior to the U.N. climate summit for political inaction. “The COP has turned into a PR event where leaders are giving beautiful speeches and announcing fancy commitments and targets, while behind the curtains the governments of the Global North countries are still refusing to take any drastic climate action,” said Thunberg on Friday. “This is not a conference. This is now a Global North greenwash festival.”

• First Draft of COP26 Decision Text Slammed as ‘Love Letter’ to Fossil Fuel Industry

  As a new analysis revealed Monday that fossil fuel industry lobbyists have a larger presence at the COP26 than any country, global campaigners criticized the first draft of the final decision text for the United Nations climate summit for failing to even mention phasing out coal, gas, and oil.

  “What the hell have they been doing? We are out of time. Glasgow must mean a total and immediate fossil fuel phase-out.”

• If Build Back Better Fails, AOC Warns, ‘We May Have Just Locked in US Emissions’

  Rep. Alexandria Ocasio-Cortez of New York warned Sunday that if congressional Democrats ultimately fail to approve the Build Back Better Act after passing a limited—and deeply flawed—bipartisan infrastructure bill, the U.S. will be at risk of throwing away its “biggest chance to combat climate change.”

  The New York Democrat characterized the Build Back Better (BBB) reconciliation package—a roughly $1.8 trillion bill containing a range of climate and safety-net investments—and the $550 billion infrastructure measure (BIF) as “interlocking policy” rather than two separate pieces of legislation, stressing that the potential benefits of the latter will only be realized if the former becomes law.

• ‘Must-Read’ Analysis Reveals Massive Global Gap Between Declared and Actual Emissions

  A major new investigation from the Washington Post has found “a giant gap” between the greenhouse gas emissions nations are reporting to the United Nations and what their planet-heating emissions actually are.  

  Published Sunday, the investigation is being heralded as “a must-read story” based on “amazing” and “incredibly helpful” reporting.

• How the Wealthiest Countries Schemed to Avoid Economic Commitments at COP26

  The dinner was the modern-day equivalent of “let them eat cake,” the phrase (inaccurately) attributed to the epitome of frivolous luxury by the ruling class (and the last queen of France before the French Revolution), Marie Antoinette. The leaders of the G20 nations, who had gathered under the banner of “People, Planet, Prosperity,” appear to have disproportionately focused on the third rung of their agenda and limited its scope to the prosperity of elites like them. On the three critical issues of climate change, global corporate taxation, and COVID-19 vaccines, the world’s wealthiest nations looked out for themselves at the expense of the rest of the world.

  In contrast to the United Nations General Assembly, which represents all the world’s nations, the G20 is a self-selected private club of the top tier of global wealth, only one step below the even-more-exclusive G7 club. Its members are mostly economic powerhouses, with a handful of exceptions of developing nations such as India, China, South Africa, Mexico, and Argentina.

• “We Are Not Responsible”: Youth Climate Activists Rally in Glasgow to Demand World Leaders Act Now

  More than 100,000 people took to the streets of Glasgow this weekend in a pair of climate rallies outside the U.N. climate summit. The first protest was organized by Fridays for Future, an international movement of students which grew out of Greta Thunberg’s climate strike outside the Swedish parliament in 2018. We hear from climate activists Evelyn Acham, Mikaela Loach, Raki Ap, Helena Gualinga and Jon Bonifacio. In her address, Loach slammed the leaders of rich nations at COP26: “[They] steal our sacred words and use them to defend and uphold the oppressive systems of capitalism and white supremacy.” Gualina also spoke about the increasing violence against environmental defenders: “Behind every murder that happens in the Amazon, every killing that happens to a land defender, there is a company behind that, there is a government behind that, there is a name behind that.”

• Frontline Climate Activists Vanessa Nakate and Kathy Jetn̄il-Kijiner Urge Global Action in Glasgow

  Saturday’s massive climate rally outside of the U.N. climate summit in Glasgow was led by Indigenous frontline activists. We hear from Kathy Jetn̄il-Kijiner, a poet and climate change activist from the Marshall Islands, and Ugandan climate activist Vanessa Nakate. “We did nothing to contribute to this crisis, and we should not have to pay the consequences,” said Jetn̄il-Kijiner. “We will survive climate change. We refuse to leave. We refuse to go anywhere. And our sovereignty is not up for debate.”

• Activists at COP26 Honor 1,000+ Environmental Defenders Killed Since Paris Accord — 1 in 3 Indigenous

  Activists held a memorial in Glasgow for those unable to attend this year’s U.N. climate summit: 1,005 land and environmental defenders who have been murdered since the 2015 Paris Agreement. One in three of those defenders killed was an Indigenous person. This comes as 2020 was the most dangerous year on record for environmental and land defenders. We speak with Andrea Ixchíu, a Maya K’iche’ leader, journalist and human rights defender based in Guatemala. Ixchíu says that the Guatemalan government, influenced by transnational corporate interests, has launched an assault on Indigenous land defenders: “They [Indigenous leaders] are not allowed to be in their communities defending their land and their territory because of the militizariation.” Speaking on COP26, Ixchíu says, “We do not just want to be observers,” and “If you want to create more solutions to the climate crisis, it’s really important to give land back to Indigenous communities.” We’re also joined by Global Witness senior adviser Louis Wilson, who helped organize the memorial and discusses the cases of murdered South African activist Fikile Ntshangase, who was a leading force in the fight against the Tendele coal mine before she was killed last October, and Óscar Eyraud Adams, a Mexican water activist killed last September as he fought for the water rights of the Indigenous peoples impacted by the excessive use of aquifers by large beer and wine companies.

• Cash-Strapped Tribes Struggle With Moral Dilemmas of Entering Carbon Markets

• Energy

  • “We’re Here to Call for Climate Justice,” Say the Glasgow Protesters

    This column is part of Covering Climate Now, a global journalism collaboration cofounded by Columbia Journalism Review and The Nation to strengthen coverage of the climate story. The author is CCNow’s co-founder and executive director.

  • Polluters Urged to ‘Pay Up’ for Climate Damage as Economic Devastation Awaits World’s Poorest

    “The fact rich countries have consistently blocked efforts to set up a loss and damage fund to deal with this injustice is shameful.”

  • Opinion | A Rooftop Solar Revolution Would Truly Be a New Morning in America

    Electric vehicle (EV) sales are booming in Oregon: we’ve gone from around 300 sold a decade ago to over 12,000 sold in our tiny state last year.  And EV owners are saving a ton of money on their daily commutes—as much as half the cost of gasoline—by just plugging into their homes every night to recharge.

  • Climate Emergency

  • Fossil Fuel Lobbyists Have Larger Presence at COP26 Than Any Single Country: Report

    A coalition of watchdog groups estimated Monday that fossil fuel industry representatives have a larger presence at COP26 than officials from any single country, a finding that further intensified environmentalists’ concerns about the legitimacy of the high-stakes climate summit.

    “If we’re serious about raising ambition, then fossil fuel lobbyists should be shut out of the talks and out of our national capitals.”

  • Governments Are Sending Oil Executives to COP26 Despite Climate Pledges. Here’s a Look at the Fossil Fuel Influence in Glasgow

    Several top oil-producing countries stacked their delegations to the COP26 climate summit in Glasgow with oil and gas industry executives and officials from their oil ministries. In some cases, oil personnel represented significant portions of their overall country delegation, according to a DeSmog analysis.

    The UK organizers of the COP26 climate conference very publicly declined to offer international oil companies any slots in the conference or any formal role in the event, and oil companies without credible climate programs were also barred from sponsoring events at the high-stakes international talks currently underway.

  • Electric cars expected to outsell diesel ones in the UK next year

    More electric cars are expected to be sold in the UK than diesel models next year, in what experts say will be a “watershed moment”.

    Fully electric battery cars have already outsold diesel cars for several months this year, but 2022 is now projected to be the first time it happens across a year.

    A total of 260,000 electric cars are expected to be sold in 2022 versus 221,000 diesel models, according to figures published yesterday by the Society of Motor Manufacturers and Traders (SMMT), the UK automotive trade body. The figures do not include hybrid models.

  • Why the electric car era is a threat to Uber and Lyft

    Why it matters: The two companies don’t own and operate EV fleets or a charging infrastructure, and they rely on contract drivers who operate vehicles of their own choice.

    That business model could prove antiquated in the Electric Age, as new companies entering the fray are choosing to manage their own fleets from a central hub and count their drivers as employees.

  • Guyana is a poor country that was a green champion. Then Exxon discovered oil

    But now Guyana is trading in its green halo in exchange for something far more profitable: oil revenue.

    Companies had long suspected there was oil off Guyana’s shores — the country is located right next to oil-rich Venezuela — but no one ever found any.

    Then Exxon decided to take a gamble and look in deeper waters. The discovery the company announced in 2015 was extraordinary: One Exxon executive compared it to a “fairy tale.” Since then, even more oil has been found in Guyana’s waters.

    Guyana is determined to develop this oil as fast as it can.

  • [Cryptocurrency] Is Cool. Now Get on the Yacht.

    Growth like that screams bubble, of course, and many [cryptocurrency] enthusiasts will admit that the NFT market is in one. The hype around big, expensive NFTs — like Beeple’s $69 million sale earlier this year — has flooded the market with scammers and opportunists who are trying to make a quick buck. And while it’s entirely possible that NFTs will play some role in the future of art, it’s hard to argue with a straight face that a picture of a rock should sell for $1.3 million, or that a New York Times column’s fair-market value is more than $500,000. (Although, trust me, I have tried.)

• Wildlife/Nature

  • Human Rights Depend on a Thriving Natural World

  • Rancher Vandalism on the Dixie National Forest

    What I saw is essentially legalized vandalism. For example, if I were to tear down a Forest Service sign, I could be fined or perhaps even arrested, but you can easily replace a sign. This ecological damage is much more severe and long-lasting, yet the Forest Service does nothing to preclude it.

    Incredibly, the “range cons” who are supposed to monitor and manage the livestock grazing here can somehow look at themselves in the mirror in the morning and still accept taxpayer-supported salaries while allowing this vandalism to occur.

  • Conservation Groups Unite to Protect Threatened Species in Colorado

    Today, Defenders of Wildlife, The Wilderness Society, the San Luis Valley Ecosystem Council, San Juan Citizens Alliance, WildEarth Guardians and the Western Environmental Law Center filed two lawsuits against the United States Forest Service over its newly revised land management plan for the Rio Grande National Forest. Over the past six years, conservation groups provided science-based recommendations and concrete solutions for protecting species and their diverse habitats in the Forest.  But in the face of these needed steps, the Forest Service’s plan slashes protections for the threatened Canada lynx and the endangered Uncompahgre fritillary butterfly in violation of the Endangered Species Act, National Environmental Policy Act and the Forest Service’s own regulations.

    The lawsuit filed by Defenders of Wildlife challenges the rollback of critical protections for lynx habitat in the Rio Grande National Forest. The Canada lynx relies heavily on the Rio Grande National Forest in the Southern Rocky Mountains, which contains more than half the locations in Colorado where lynx are consistently found. But the population is in dire straits, and federal scientists predict that the lynx may disappear from Colorado altogether within a matter of decades. The Forest Service’s new plan has now opened the extremely important lynx habitat in the forest to logging, one of the biggest threats to the cat.

• Overpopulation

  • In Urgent Appeal, UN Hunger Agency Warns Millions of People Facing Starvation

    Warning that more than 45 million people around the globe—but most acutely in Afghanistan, Africa, and the Middle East—are in imminent danger of starvation, the head of the United Nations World Food Program on Monday urgently appealed to political leaders, the superrich, and people in the Global North for help.

    “When there’s $400 trillion worth of wealth on the Earth today, shame on us that we let any child die of hunger.”

  • Young climate activists warn their elders: Stop destroying the planet

    The effects will be most profound for the young in poorer countries. In Africa, where the population is growing at twice the rate as in South Asia or Latin America, and is expected to double by 2050, the number of youths being born into a warming climate is booming. Almost half of the populations of many African countries, including Niger, Mali, Uganda and Congo, are younger than 15. Those youths are already living through the crisis. Cyclones have torn through the south; desert locusts have endangered the food supply in the east; the Nile’s water supply is unsteady.

Finance

• Can the Global Corporate Tax Clip Corporate Power?

  In addition, each country would be entitled to share in the revenue generated by the tax, which should raise a total of $150 billion. The increase in funds will allow developing countries to better pay for the effects of the covid pandemic, although the deal will not take effect until 2023.

  The Historical Context of State’s Trying to Control Capital 

• The US Was Not Prepared for a Pandemic: Why Free Market Capitalism and Government Deregulation may be to Blame

  As a medical anthropologist who has spent the past 20 years studying how the Chinese government reacts to infectious disease, my research can provide insight into how countries, including the U.S., can better prepare for disease outbreaks.

  Researchers agree that a good response starts with a strong public health system. But this is something that has been sidelined by the United States’ neoliberal system, which places more value on free markets and deregulation than public welfare.

• The Pandora Papers Are Back in the Spotlight in Ecuador

  A scathing report

  A draft copy of the report, which circulated this morning — and was confirmed by various sources — is alarming for the president. Although the Commission does not have prosecutorial capabilities, its conclusions will likely result in further inquiries by the nation’s prosecutor (an investigation is already in its preliminary stages). The first part of the report establishes the role of capital flight and tax evasion in the Ecuadorian economy. It highlights the extensive web of offshore entities by the president and the Ecuadorian elite, and reveals conflicts of interest between public office and billionaire politicians.

• Opinion | The Rich Already Have Paid Leave. Why Would They Deny It to the Poor?

• Elon Musk Twitter Stunt Offers ‘Best Argument Imaginable’ for Billionaire Tax, Critics Say

  Mega-billionaire Elon Musk’s latest stunt—a Twitter poll asking whether he should sell 10% of his Tesla stock—was accompanied by a candid admission of what progressives have long seen as a fundamental flaw of the U.S. tax system: For the super-rich, paying income taxes is effectively optional.

  After promising to abide by the results of his poll—which attracted more than 3.5 million votes and closed with 57.9% endorsing the sell-off—Musk noted that he does “not take a cash salary or bonuses from anywhere.”

• Opinion | When Are We Going to Talk About the Outrageous Cost of NOT Passing the Build Back Better Act?

  When President Biden first unveiled the Build Back Better agenda, it appeared that this country was on the path to a new war on poverty. In April, he told Congress that “trickle-down economics have never worked” and that it was time to build the economy “from the bottom-up.” This came after the first reconciliation bill of the pandemic included the child tax credit that — combined with an expanded Supplemental Nutrition Assistance Program and unemployment benefits, stimulus checks, and other emergency programs — reduced the poverty rate from 13.9% in 2018 to 7.7% in 2021. (Without such actions, it was estimated that the poverty rate might have risen to 23.1%.) All eyes are now on the future of this Build Back Better plan, whether it will pass and whether it will include paid sick leave, reduced prescription drug prices, expanded child tax credits, expanded earned income tax credits for those without children, universal pre-K, climate resilience and green jobs, and other important domestic policy investments.

• Economy Adds 531,000 Jobs in October; Unemployment Falls to 4.6 Percent

  The economy added 531,000 jobs in October, as the unemployment rate fell to 4.6 percent, a level not reached following the Great Recession until February 2017. The jobs numbers for the prior two months were also revised upward by 235,000 to bring the three-month average to 442,000.

  It’s also worth noting that private sector employment grew even more rapidly, adding 604,000 jobs. The hours-worked index, which only measures private sector employment, has risen by 1.2 percent in the last three months, which would translate into 498,000 private sector jobs per month if there were no change in hours. Many employers who are unable to hire are likely increasing the hours for the workforce they have.

• The Law Bytes Podcast, Episode 107: Addison Cameron-Huff on the State of Crypto and Blockchain Regulation in Canada

  CBC News, Toronto Stock Exchange Launches World’s First Bitcoin ETF

• ‘Kentucky Needs a New Deal’: Charles Booker Outlines Plan to Defeat Rand Paul, Abolish Poverty

  In a stirring speech on Saturday, Charles Booker, a former Kentucky state representative and now a Democratic U.S. Senate candidate running to unseat Republican incumbent Rand Paul, shed light on the persistence of poverty in the Bluegrass State and made the case for why “Kentucky needs a New Deal” to curb runaway inequality and create a society that works for the many, not just the wealthy few.

  “We’ve been getting screwed. We’ve been getting robbed. We have been receiving a bad deal.”

AstroTurf/Lobbying/Politics

• How Democrat Progressives Got Out-Maneuvered by Their Corporate Wing

  Ever since the two the bills—Infrastructure and Reconciliation— were first raised together last March 2021, progressives in the Democrat Party have been steadily driven into making concession after concession, reducing their proposals in a vain attempt to get the party’s corporate wing (represented in Senate by Manchin & Sinema and in the House by Cuellar and friends) to agree to some reduced cost Reconciliation bill. From an original bill with $3.5 trillion in social safety net and climate investments in the Reconciliation bill, progressives pared down their proposals to $1.75 trillion.

  At each step the corporate wing of the party—represented by its point persons Manchin and Sinema—refused to counter the progressives’ offers.  In fact, each time the progressives cut their proposals it only hardened the corporate wing’s opposition, encouraging them to refuse to make any counter proposals.

• Elizabeth Warren Unveils Bill to Make Former Lawmakers Close Campaign Accounts

• Josh Hawley: The War On Men (?) Is Driving Them To Porn And Video Games (Things Many Men Like?)

  If ever there were the walking, talking embodiment of hypocrisy in modern American politics, surely Josh Hawley would be a viable avatar for such a creature. There are few better at saying one thing and doing another than he. He’s a free speech advocate… who thinks social media sites should be sued for their choices on speech on their platforms. Josh Hawley loves to talk about how much he’s been canceled… despite being a sitting US Senator and being given pages in massive newspapers in order to say all of that. Josh Hawley hates discriminating against folks over their politics… except when it’s against the folks who’s politics he doesn’t like. And, finally, Hawley is a “constitutional lawyer” who, by some measure, participated in an unconstitutional attempt to overthrow an election.

• This Is the End of the American Century

  On February 17, 1941, less than 10 months before the Japanese struck Pearl Harbor and the United States found itself in a global war, Henry Luce, in an editorial in Life magazine (which he founded along with Time and Fortune), declared the years to come “the American Century.” He then urged this country’s leaders to “exert upon the world the full impact of our influence, for such purposes as we see fit.”

• Virginia Votes For Its Governor, Chooses a Milder Face Of Trumpism

  With Republican Glenn Youngkin’s win, this pattern has held in 11 of Virginia’s past 12 elections for governor. The exception was McAuliffe’s narrow win in 2013, a year after Barack Obama was re-elected as president. This time, McAuliffe was unable to overturn this pattern for a second time.

  Youngkin is the first Republican to win statewide in Virginia since 2009. He prevailed by running what amounted to a “smoke and mirrors” campaign, aided by the fact that not having been in any kind of political office before, McAuliffe could not focus his campaign on Youngkin’s political history— obviously, the novice politician had none.

• Nicaragua Celebrates Democracy: an Election Day Report

  On the fight down to Nicaragua a few days ago to be one of 225 international official election accompaniers from 27 countries, the expat Nicaraguan woman sitting next to me was hostile to the current Sandinista government. She said there will be an election but no vote, because only one person is on the ballot. At the polling station in the colonial city of Leon this election morning, November 7, candidates from six political parties standing for president were in fact on the ballot: PLC, FSLN, CCN, ALN, APRE, and PLI.

  Some of these parties included elements that tried in 2018 to violently overthrow the Nicaraguan government in a US-instigated regime change endeavor. All the perpetrators had been granted amnesty, despite such heinous acts as rape, torture, and even burning people alive, not to mention destruction of billions of dollars worth of public property.

• The Facebook Team that Tried to Swing Nicaragua’s Election is Full of U.S. Spies

  Less than a week before Nicaragua’s presidential election, social media giant Facebook deleted the accounts of hundreds of the country’s top news outlets, journalists and activists, all of whom supported the ruling left-wing Sandinista government, a top Washington target for regime change.

• Opinion | The FTC Created Facebook—It Has the Power to Take it Down

  Facebook is facing a political and regulatory siege on every conceivable front. The Federal Trade Commission (FTC) and 46 states are challenging the company’s acquisitions of Instagram and WhatsApp—with divestiture being the sought-after remedy. The company’s global head of safety testified to Congress in September to explain the company’s recent efforts to attract more children to its digital properties. Merely a week later, whistleblower Frances Haugen proved to be a far more compelling witness and revealed the true extent of Facebook’s knowledge of the harmful effects its products have on children and its fervent desire to collect data and extend its active user base to this “valuable but untapped audience.” All these events also take place against a backdrop of the most significant congressional antitrust investigation in decades, five proposed antitrust bills in the House of Representatives seeking to deconcentrate the technology sector, and other repugnant acts the company has committed over the past decade. News scandals detailing Facebook’s actions appear as an almost daily occurrence.

• Corporations Donated $164,000 to Anti-Voting Rights Senators Despite Pledges

• Trump Threatened to Leave GOP Until They Reminded Him They Funded His Lawsuits

• Indivisible Announces First 2022 Endorsements to Boost Power of Democrats’ Left Flank

  Indivisible on Monday launched a national endorsement program “dedicated to protecting and expanding the number of progressives in public office,” and began by formally backing seven candidates for the U.S. House of Representatives, including three current members.

  “So much is at stake and these are the candidates who will help deliver real progressive change.”

• ‘Our Democracy Faces an Existential Threat’: Progressives Warn of GOP Attack on 2022 Elections

  Citing “unprecedented and coordinated” Republican efforts to undermine public trust in the U.S. electoral system, nearly 60 advocacy groups warned Monday of the need defend democracy ahead of the 2022 midterm elections—including by passing the Freedom to Vote Act.

  “We have already seen tragic consequences in the form of a violent insurrection at the Capitol on January 6.”

Misinformation/Disinformation

• New Survey Shows Covid-19 Misinformation Has Spread as Quickly as the Virus

Censorship/Free Speech

• Report Details How Bans on Teaching About Racism Are Chilling Free Speech

Freedom of Information/Freedom of the Press

• Modi’s India Is “One of the Most Dangerous Countries for Journalists”

  Journalist Siddique Kappan has been in prison since October 2020. He has been charged under India’s sedition law and the draconian Unlawful Activities (Prevention) Act (UAPA) for trying to report on the Hathras gang rape and murder case. In Hathras, a 19-year-old Dalit woman was gang-raped by upper-caste Thakur men and later died in the hospital. She was hurriedly cremated by the Uttar Pradesh Police in the middle of the night without the consent or the presence of her family. The gruesome violence and the police complicity in protecting the perpetrators made headlines in India. Kappan and three others—two student activists, Atikur Rahman and Masood Ahmed, and their driver, Aalam—were arrested. After his arrest, Kappan was tortured by the police and denied medication for diabetes.

• Whistleblowing Matters: Why the Julian Assange Extradition Case is Critical for Press Freedoms Around the World – The Project Censored Show

  Kevin Gosztola is the managing editor of the news web site shadowproof.com. He has covered the Julian Assange legal proceedings in the UK from the beginning, as well as other major press-freedom and whistleblower cases.

• Russia expels Dutch newspaper correspondent Tom Vennink

  On November 1, the Russian Ministry of Internal Affairs gave Vennink, Moscow correspondent for Dutch daily newspaper de Volkskrant, written notice that his residence permit and visa were revoked with immediate effect citing “administrative violations,” gave him three days to leave the country, and barred him from re-entering Russia until January 2025, according to his employer, a report by Reuters, and Vennink, who communicated with CPJ via email. Vennink said he left Russia on November 3.

Civil Rights/Policing

• Fifth Circuit Says Man Can’t Sue Federal Agencies For Allegedly Targeting Him After He Refused To Be An FBI Informant

  The secrecy surrounding all things national security-related continues to thwart lawsuits alleging rights violations. The Fifth Circuit Court of Appeals has just dumped a complaint brought by Abdulaziz Ghedi, a naturalized American citizen who takes frequent trips to Somalia, the country he was born in. According to Ghedi’s complaint, rejecting the advances of one federal agency has subjected him to continuous hassling by a number of other federal agencies.

• Social Workers Can No Longer Remain Silent on Oppression of Palestinians

• Ocasio-Cortez Slams Right-Wing Democrats for Watering Down Build Back Better Act

• The Myth of Redemptive Violence

  This happened on Oct. 21, in Santa Fe, New Mexico, on the set of the movie Rust. Despite the enormity of coverage the incident has gotten, I remain bewitched with incredulity over one unanswered question. Baldwin, the star of the movie, a Western, and one of its producers, was practicing his gun draw, using a prop gun he’d been given — except the gun wasn’t a prop. It was real. And it was loaded.

  My question, of course, is: Why?

• Democrats’ Failure to Effectively Champion Voting Rights May Cost Them in 2022

• What Can We Learn From the NYU Graduate Union’s Historic Strike?

  When Arundhati Velamur was in the fourth year of her education PhD program at New York University, she often had conversations with her colleagues about how their department seemed to only hire external candidates for faculty positions. “It was something we kept talking about, and a lot of us were wondering how we could bring this issue up to our department,” said Velamur, who went to the Steinhardt School of Culture, Education, and Human Development. “So we went to the graduate student union and asked how they could help us.” This story was produced for Student Nation, a program of the Nation Fund for Independent Journalism, which is dedicated to highlighting the best of student journalism. For more Student Nation, check out our archive or learn more about the program here. StudentNation is made possible through generous funding from The Puffin Foundation. If you’re a student and you have an article idea, please send pitches and questions to [email protected].

• Institute For Justice Survey Shows How Philadelphia’s Forfeiture Program Preyed On Poor Minorities

  The Institute for Justice managed to kill off most of Philadelphia’s severely abused civil forfeiture program in 2018. Litigation resulted in a consent decree that banned law enforcement from seizing cash amounts less than $250 and seizures of less than $1,000 were forbidden unless accompanied by criminal charges or if the seizure was to be used as evidence in a trial.

• “Corporate Democrat Goes Down to Defeat in Virginia”…

  Before Terry McAuliffe became the Democrat whose repeat gubernatorial ambitions were thwarted by angry parents, he was the savvy pol who successfully lured Amazon to Virginia.

• The Border Industrial Complex

  And now a Border Patrol agent was screaming at them. “Get back!” the agent yelled after forcing Garcia out of his truck. They were standing in the secondary inspection area at a Border Patrol checkpoint near the small town of Three Points, just outside the reservation, about 40 miles north of the U.S.-Mexico border.

  Nearby stood a group of armed employees of G4S, a transnational company with headquarters in the UK. They wore gray uniforms and black boots. One of them tossed the apple he was eating to the ground, Garcia told me afterward*, as they advanced behind the green-uniformed Border Patrol agent. What sparked the border agent’s anger, and led the battalion of G4S agents to advance, was that Garcia had said, “We don’t consent to a search.”

• Congress Tries To Ram The Ill-informed INFORM Bill Into The Must-pass NDAA

  Congress is at it again, trying to legislate without bothering to understand the problems they are ostensibly trying to fix. This time it’s with the INFORM Consumers Act, S.B. 936, which, instead of debating further, some of its sponsors are trying to ram through as an amendment to the must-pass NDAA. Which itself is a clue that there’s something wrong with this bill, because if the only way to become law is to avoid further scrutiny, then that’s exactly when such scrutiny is needed.

• Opinion | Why Minneapolis Rejected a Major Police Overhaul—And What Comes Next

  Voters in Minneapolis rejected a measure that would have transformed the city’s policing 18 months after the killing of George Floyd thrust the city into the forefront of the police reform debate.

• Opinion | The FBI Spied on Orange County Muslims and Then Attempted to Get Away With It

  Sh. Fazaga: “Generally speaking, when a person converts to Islam, they really are taken into the community as new members. So the tendency is that people will embrace them, literally embrace them. You get lots and lots of hugs when people come in … the assumption here is that people have made a lot of sacrifices and potentially they have lost their social support system. So the community tries to compensate for that.”

• Victim Carried Out By Cops, Dropped on Head

  The video shows a security guard, a police officer and another person carrying a woman on a stretcher to an elevated ledge … in an attempt to bring her down onto a street where go-carts were waiting to take victims to a medical tent on the premises.

• ‘People Are Dying’: Witnesses Describe the Horror of Astroworld Tragedy in Houston

  “Their calm response bugged me out a little. I tried again, telling them, ‘I’m not trying to be an asshole, but there’s people in there who are probably dying,’” he recalled. “I was basically told to fuck off. Just no urgency at all.”

• Couple in Iran sentenced to death for adultery

  The Islamic Republic of Iran sentenced an Iranian man and woman to death for adultery after a father-in-law urged the judiciary to execute his son-in-law.

  According to reports in the Persian language US government news organizations Voice of America and Radio Farda, Iran’s regime imposed the death penalty on a 27-year-old married man and his 33-year-old female lover named Sareh. The married man’s wife sought to withdraw the complaint against her husband in a last-ditch effort to spare his life, but her father overruled her attempt and demanded the death penalty.

• Abu Dhabi allows non-Muslim civil marriage under new law

  Non-Muslims will be allowed to marry, divorce and get joint child custody under civil law in Abu Dhabi according to a new decree issued on Sunday by its ruler, state news agency WAM said.

• French Jew tortured in Turkish jail while his tormentors shouted “Allah Akbar” – He should be forced to convert to Islam

  According to his lawyers, he was abused during his detention because of his Jewish religion and his homosexuality. “I was attacked by a prisoner who had come to the cell two days earlier. He poured a kettle of hot water on my body, my face and shouted Allah akbar. Obviously someone had told him I was Jewish or gay,” he recounted. Today “I feel much better than when I was imprisoned. I am relieved and happy to be with my loved ones, my family and my friends,” he said. I still don’t quite understand that. It’s like a soft landing.

• Yemeni model jailed for indecency by rebel authorities

  Ms Hammadi, who has a Yemeni father and an Ethiopian mother, has worked as a model for several years and acted in two Yemeni TV series. She sometimes appeared in photographs posted online without a headscarf, defying strict societal norms in the conservative Muslim country.

Digital Restrictions (DRM)

• Denuvo-Protected Games Rendered Unplayable After Domain Expires

  Last evening the web was alive with angry players who couldn’t play their games due to an unexpected error. While the situation is still not completely clear, it appears that someone allowed a domain used by Denuvo’s anti-piracy technology to expire, meaning that players of some big games couldn’t enjoy what they had paid for.

Monopolies

• Indian body seeks details of Amazon deal with Indian retailer

  India’s second biggest retail outlet, Future Retail, has been asked to submit details of a deal with Amazon to the Enforcement Directorate, an Indian law enforcement agency.

• EXCLUSIVE Indian agency seeks documents from Future on disputed Amazon deal

  That transaction has been put on hold by an arbitrator and Indian courts after Amazon argued Future had violated its contracts with the U.S. company by entering into the sale. Future denies that, and says Amazon is illegally exerting control over the Indian firm’s business decisions.

  In a confidential notice dated Oct. 28, the Enforcement Directorate agency asked a Future unit to submit all correspondence including emails between Amazon and the Indian group in respect of the investment the U.S. firm made in Future two years ago. Reuters has reviewed a copy of the notice.

• Patents

  • Software Patents

    • IP protection for software in Europe [Ed: EPO became so utterly corrupt that litigation firms say software patents are just fine and they call them "IP" (which is meaningless junk and a lie)]

      Computer programs can be protected by European patents, provided that they have a technical character (ie, they produce a technical effect) and they involve an inventive step. In this interview, Samuel Denis, European patent attorney, discusses the patentability of software and provides some advice to applicants on how to get their applications in the best possible shape.

• Copyrights

  • He Scored the First Platinum Hit. 45 Years Later, His Family Is Fighting for Every Penny

    According to a source familiar with the matter, Bryant’s questioning also came at a time when Sony was already in the process of evaluating how “to do right by its legacy artists.” “When Fonda Bryant came to [Sony] concerned that [her father’s account] was still unrecouped, her timing was right,” says the source, who asked not to be identified. “If it had been 10 years ago, or even seven years ago, [Sony] may not have done the same thing.” (Sony declined to comment for this story.)

    In June, nine months after its decision on the Taylor account, Sony Music shocked the industry when it declared that it “will no longer apply existing unrecouped balances to artists.” The financial structure of the record industry has long been centered around the idea of an “advance”: An artist receives a substantial payment upfront, and then is essentially in debt to their record label until their recordings earn enough money to pay back the advance.

  • Research Center: Limiting Anonymity Helps to Expose Terrorists (and Pirates)

    The International Center for Law and Economics believes that cloud hosting providers and related services should do more to deter illegal activity. Responding to an inquiry from the U.S. Department of Commerce, the research center further notes that anonymous online activity through proxy servers, VPN’s, the Onion network (Tor), and even 8chan, can complicate law enforcement.

  • Creating a Campaign to Increase Open Access to Research on Climate Science and Biodiversity: A joint initiative of Creative Commons, EIFL and SPARC

    Open Science No Text. By: Greg Emmerich. CC BY-SA 3.0