11.11.21

Links 11/11/2021: Homage to Ken Starks, New Sparky Linux, Go Turns 12

Posted in News Roundup at 6:15 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Ken Starks Hangs Up His Spurs at Reglue

        In 2005, I placed my first Linux-powered refurbished computer with a young middle school student. She was the daughter of a single mother with four children who could barely pay the rent. A computer for her gifted child was out of the question. The young student was Haley Ann Peters and she is now a geologist.

        With that, I began a 20 year journey; placing computers into the homes of kids who couldn’t afford to purchase them. In the beginning it was The HeliOS Project, and just getting donations of equipment was a challenge to say the least. But by 2012 we had morphed into our own nonprofit with our own facility, and a pool of over 100 volunteers who made Reglue.org the success it became. Since then, Reglue.org has placed 2,237 computers into financially-disadvantaged homes of students, ranging from middle school kids to graduate students.

        I don’t want to rehash our history. Searching my name and Reglue or Helios Project will give you a full night’s reading if you wish to do so.

        I’ve been blessed to do the work I do. I’ve given two keynote addresses for LinuxFest, created a number of community computer facilities, and held classes to assist senior citizens on the finer points of using a computer. That’s not to mention personally supplying support for all the computers we’ve placed. But if I had to name one accomplishment that gave me the most satisfaction, it would be creating the Bruno Knaapen Technology Learning Center. Bruno Knaapen was an open source and Linux advocate who worked tirelessly to help people understand computer technology, and he did so free of charge. We lost Bruno to brain cancer in 2009.

    • Audiocasts/Shows

    • Kernel Space

      • Celebrating 30 years of Linux – is 2021 finally the year of the Linux desktop? [Ed: We’re not sure why some people write about it now (3 months late)]

        These two cause the most visible differences, but they are just the tip of the iceberg. Just think about Linux distributions. What are distributions: a Linux kernel and some applications integrated around it. Often even the same window manager looks different and behaves in a different way on another distribution. What is more: there can be major changes when you upgrade to the next version of the same distribution.

        Most of the Linux distributions have a one year life span and then the users are advised to upgrade. If they keep using it, they are left without security updates and bug fixes. There are distributions with longer life times, but then comes another problem: they might be difficult or impossible to install on a new computer. I had to switch from openSUSE to Fedora temporarily for a few months when I got my last two laptops. These large changes on the desktop can be avoided when someone uses a rolling distribution. They are constantly updated, which means that there are no jumps, but there are small changes all the time.

        Comparing it to Windows: you can have the same look and feel for a decade. And except for Windows 8, the main concept of the Windows desktop is the same from Windows 95 until today.

        Most users do not like choices, and changes even less. With Linux distributions and various window managers they receive an endless amount of choices and changes. I love it from day one, just as many developers. But do we wonder that Linux is running only about two percent of desktops?

      • Extent-tree-v2: Global Roots and Block Group Root

        I’m working on a large set of on-disk format changes to address some of the more painful parts of Btrfs’s design. There’s a lot of discrete changes here, but they’ll all go under the single umbrella of “extent-tree-v2.” We’ve spent a few months going back and forth on different approaches, and have finally settled on a final set of changes. The global roots and block group root patches have been completed and submitted, but there’s a lot more change coming.

      • On-Disk Format Changes Ahead To Improve “Painful” Parts Of Btrfs Design – Phoronix

        Prominent Btrfs file-system developer Josef Bacik is working through a big set of patches that will result in on-disk format changes to Btrfs but address some of “the more painful parts” to the file-system’s design.

        Over the next year Josef is looking to land these changes to address locking contention on global roots and the issue of block group items being spread throughout the extent tree.

        He is developing this work under the “extent-tree-v2″ label and to date is around 80 patches but is just getting started. He’s hoping in the next 6~12 months it will be something users can start migrating to in order to take advantage of these Btrfs design improvements.

      • F2FS With Linux 5.16 Will Let You Intentionally Fragment The Disk – Phoronix

        Jaegeuk Kim submitted the Flash-Friendly File-System (F2FS) updates on Wednesday for the nearly over Linux 5.16 merge window.

        The F2FS changes this cycle aren’t particularly large but include a few enhancements and a number of bug fixes along with some code cleaning. One interesting new addition is adding a mount option to intentionally fragment the on-disk layout of F2FS file-systems.

        F2FS’ “mode=” mount option has added new options to simulate file-system fragmentation after garbage collection. The “fragment:segment” option will create a new segment in a random position while “fragment:block” will scatter block allocation. New sysfs nodes are added for further tuning the behavior of the “mode=fragment:block” option. Details in this commit.

    • Applications

      • 26 Best Free Open-source Calendar Apps for Windows, Linux, and macOS

        Calendar is an app that is used on daily basis, it is a significant tool for organization, planning, daily routine tasks, appointments management, and personal improvements.

        As an example, Google Calendar is a scheduling calendar service by Google. It aids users in creating events, tasks, schedule and managing appointments, and keeping everything in sync and stored on the cloud. It also allows users to share events, attach locations, and more.

        The primary problem is: it requires an internet connection.

        In this article, we provide you with a collection of desktop calendar apps, that will help you to organize your events, deal with calendar files and keep track of your tasks and daily routines.

      • gmipay v1.2 released, with subscription support

        Good time of day, fellow spacemen.

        Version 1.2 of gmipay has been released.

        gmipay is a Gemini payment processing proxy CGI script. It allows you to sell your content (or buy others’) and have it served transparently and with no friction.

    • Instructionals/Technical

      • How to run different PHP versions on the same server – Unixcop the Unix / Linux the admins deams

        Sometimes a SysAdmin receives strange requests. For example: a couple of days ago my client need to upload a new site, this new site needs PHP7.4 while their server run with PHP7.2. I’ve installed then 7.4 but all the other VirtualHosts (at least the important ones) broke under php7.4. Initially I was thinking on some kind of containers but I’ve found something simpler. This is how to run different PHP versions on the same server.

      • How to easily transfer files between computers with croc – TechRepublic

        Usually, when I want to transfer files between computers on the same network, I’ll use the scp command. But sometimes I want something a bit simpler to use. When those instances arise, I turn to a very handy command-line tool called croc. With this easy-to-use tool, you can transfer files and folders from one system to another, without having to remember much in the way of commands.

      • How to install Rabbitmq in Rocky Linux/Centos 8

        In this guide we will explore how to install the latest release of RabbitMQ in Rocky Linux 8 server or Workstation. This will also work for RHEL 8 derivatives like Oracle linux, Alma linux and Centos 8.

        RabbitMQ is an open source message broker software that implements the Advanced Message Queuing Protocol (AMQP). RabbitMQ works by receiving messages from publishers (applications that publish them) and routes them to consumers (applications that process them).

      • How to install and Use Lynis on Fedora 35 – NextGenTips

        In this guide we are going to learn how to install and use Lynis on Fedora 35.

        Lynis is an open-source, battle-tested security tool for systems running Linux, MacOS and Unix-based operating system. It performs an extensive health scan of your system in order to support hardening and compliance testing.

        Lynis gives complete information about the current operating system, current operating system version, hardware running on the Linux machine, firmware information etc.

      • How to install Podman on Rocky Linux 8 / AlmaLinux to run Containers

        Podman is promoted as an alternative to Docker that advertises as a tool compatible with Docker Images. Also, it offers a command line that is identical to Docker and is intended to simplify the migration from Docker to Podman for both users and programs. Under the hood, however, the two container tools are very different. Podman is a daemon-less tool instead its uses runC container runtime process where Docker uses a daemon to manage all resources.

        Developed by Redhat this container tool was originally planned as a debugging tool for the CRI-O container engine, which is specialized in Kubernetes, in order to simplify certain tasks for application developers and administrators of Kubernetes clusters. Since then, however, Podman has grown into a comprehensive tool for container management. Developers can easily install it from major software sources in Linux distributions such as Fedora, Arch Linux, and openSUSE Tumbleweed.

      • How to Install and Set Up Telegram on Linux

        Telegram is a popular instant messaging platform that lets you send messages, make VoIP calls, and share files, both on mobile devices and on your desktop.

        If you frequently use Telegram for all of your communications—and only have it on your phone—you might want to install it on your desktop, too, to respond to calls and messages while you’re at your desk.

        In case you’re running Linux, though, installing Telegram can be a little complicated—just like installing other software. So to simplify things, here’s a guide to help you install Telegram on your Linux machine.

      • How to Install HAProxy on Debian 11

        HAProxy is a free, open-source, and reliable solution for high availability and load balancing. It distributes the load across the multiple application servers and to simplify the request processing tasks. It can be installed on all major Linux operating systems. It is popular due to its efficiency, reliability, and low memory and CPU footprint.

        In this post, we will explain how to install HAProxy on a Debian 11 system.

      • How to Create a Self-Signed Certificate in Linux

        Creating a self-signed SSL certificate in Linux is quite easy and can be done in just a few clicks. You can use a self-signed certificate to secure the connection between your web server and a visitor’s browser. Linux makes it really easy for you to generate a certificate and sign it using a private key.

        Here’s how you can create your own SSL certificates right from your Linux terminal.

      • How To Install and Enable EPEL Repository on Rocky Linux/Centos 8

        In this guide, we will learn how to install and enable EPEL repository on Rocky Linux/Centos 8. This guide will also work for RHEL 8 and its derivatives like Alma Linux, Oracle Linux, Scientific Linux, etc.

        EPEL is a repository that provides extra packages for Enterprise Linux. The EPEL repository is an additional package repository that provides easy access to install packages for commonly used software. This repo was created because Fedora contributors wanted to use Fedora packages they maintain on RHEL and other compatible distributions. The EPEL group creates, maintains and manages a high-quality set of additional packages. These packages may be software not included in the core repository, or sometimes updates which haven’t been provided yet.

      • How To Install Blender on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Blender on Ubuntu 20.04 LTS. For those of you who didn’t know, Blender 3D is a professional open-source 3D graphics and animation software. It has a rich feature set like animations, visual effects, 3D modeling, and motion graphics. This provides outstanding outcomes and is used in professional filmmaking.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Blender 3D Creation Software on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Convert PNG Images to WebP on Linux (With Commands) – Linux Nightly

        The WebP image format is great at compressing photos to incredibly small file sizes. This makes it an ideal format for images on websites, just as its name would imply. Outside of web hosting, the PNG image format is much more popular and better suited to archiving.

        In this tutorial, you’ll see how to convert WebP images to PNG with Linux commands. You’ll also see how to convert images into WebP, in case you plan to upload photos somewhere and want the smaller file size for your web visitors.

      • Install Security Patches or Updates Automatically on Rocky or AlmaLinux 8

        Keeping your operating systems up to date with the latest software and security patches is one of the easiest methods to improve security. As a result, deploying updates regularly is a vital aspect of keeping systems secure. However, many users don’t know about the updates, and their system gets old as compared to the latest security patches. So in this blog, we will explain the method to install security patches or updates automatically on Rocky or AlmaLinux.

      • How to install and use Podman in Rocky Linux/Centos 8 – Citizix

        Podman is a container engine that’s compatible with the OCI Containers specification. It is part of RedHat Linux, but can also be installed on other distributions. As it’s OCI-compliant, Podman can be used as a drop-in replacement for the better-known Docker runtime. Most Docker commands can be directly translated to Podman commands. Podman implements almost all the Docker CLI commands (apart from the ones related to Docker Swarm).

        Podman complements Buildah and Skopeo by offering an experience similar to the Docker command line: allowing users to run standalone (non-orchestrated) containers. And Podman doesn’t require a daemon to run containers and pods, so we can easily say goodbye to big fat daemons. There are no daemons in the background doing stuff, and this means that Podman can be integrated into system services through systemd.

      • How to package open source applications as RPMs | Enable Sysadmin

        Recently, I wrote about packaging your own software with Red Hat Package Manager (RPM). Another common scenario is that you find a piece of software you want to use, but there is no RPM for it. This article shows you how to create RPMs for third-party applications.

      • Installing openSUSE Tumbleweed on the Enclustra Mars MA3 – KaratekHD Blog

        As part of my school internship at TEM Messtechnik I got the oppertunity to work on the Enclustra Mars MA3, a FPGA SoC with two ARMv7 cores. This post describes the process of getting Linux (more precisely, openSUSE Tumbleweed) to work on this SoC.

      • The Perfect Server – CentOS 8 with Apache, Postfix, Dovecot, Pure-FTPD, BIND and ISPConfig 3.2

        This tutorial shows the installation of ISPConfig 3.2 on a CentOS 8 (64Bit) server. ISPConfig is a web hosting control panel that allows you to configure the following services through a web browser: Apache web server, PHP, Postfix mail server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, Mailman, and many more.

      • How To Install Debian 11 Bullseye – OSTechNix

        Debian 11, codenamed bullseye, is the latest long-term support release (LTS) that is released after a development period of over two years. Debian 11 comes with the kernel version 5.10 LTS. Over 70% of the packages in Debian repositories are updated to newer versions compared to its previous version buster. To know more about the Debian 11 features you can take a look at the release notes. This step by step guide walks you through the steps to download the latest Debian edition, and create Debian 11 bootable medium and finally how to install Debian 11 bullseye with screenshots.

      • Three different ways to duplicate installed packages in multiple machines in Linux – blackMORE Ops

        So you’ve installed your Linux server and installed all packages you need. Now you’re about to setup another server with similar packages. One thing you can do is to save the install commands from the first one and the run it on the second machine. How about when you’ve done it over few weeks time and forgot some details but need to have another server up and running quickly.

    • Games

      • Godot Engine – Godot Engine receives $100,000 donation from OP Games

        We are happy to announce that the gaming platform OP Games is donating USD 100,000 to the Godot project. These funds will be used to further the general development of the engine.

        As mentioned in their announcement, OP Games is also similarly supporting the open source game development tools Blender and Phaser, and the source available Defold engine.
        OP Games is also actively looking for game developers interested in their platform, see this contact form for details.

      • OPGames donates $300k to open source including Godot Engine and Blender | GamingOnLinux

        OPGames, a company that (as they describe) helps “turn games into investable assets through NFTs” has donated a bunch of monies to a few great open source projects.

        In their announcement they mentioned $300k has gone to Phaser, Defold, Godot, and Blender. In the announcement OPGames CTO and co-founder Paul Gadi said “We are truly honored to be able to support open-source with the funds raised by our Arcadians community! Open-source game engines are the perfect example of a public good: they are free for anyone to use and safeguards developers from platform lock-in. We hope that this donation will inspire others to support more open-source projects, as they will be foundational in how we break free from the attention economy”.

      • The Game Of Life Moves Pretty Fast, If You Don’t Use Stop Motion You Might Miss It | Hackaday

        Munged Ferris Bueller quotes aside, Conway’s Game of Life is the classic cellular automata that we all reach for. The usual approach is to just iterate over every cell in the grid, computing the next state into a new grid buffer. [K155LA3] set out to turn that on its head by implementing Game Of Life in the hardware of an FPGA.

        [K155LA3]’s version uses Chisel, a new HDL from the Berkley and RISCV communities. Under the hood, Chisel is Scala with some custom libraries that know how to map Scala concepts onto hardware. In broad strokes, Verilog and VHDL are focused on expressing hardware and then added abstraction on top of that over the year. Chisel and other newer HDL languages focus on expressing high-level general-purpose elements that get mapped onto hardware. FPGAs already map complex circuits and hardware onto LUTs and other slices, so what’s another layer of abstraction?

      • The Raw Data of the Q2 2021 Linux Gamers Survey – Boiling Steam

        While there are still a few articles coming up, today we are releasing the raw data for everyone to explore and use. Note that this is not the full dataset, but this represents most of it. 94% of respondents actually agreed to have their data shared.

      • Total War: WARHAMMER III gets more new footage | GamingOnLinux

        Now that we know when Total War: WARHAMMER III will release, Creative Assembly has been putting out some more info about it and there’s some fresh gameplay videos too. It’s still a little while away for release on February 17, with Linux as close as possible to that from Feral Interactibe.

      • Escape Simulator sees over 600 rooms made by players | GamingOnLinux

        Pine Studio has seen quite a success with player interaction with their new game Escape Simulator, with 500 player created rooms in just over two weeks after release and right now it has well over 600.

        The game’s team lead, Tomislav Podhraški said: “We couldn’t believe what the community was creating with our game. Discovering ingenious ways to outsmart the system and break game physics, simulating iconic pop-culture scenes, and inventing tonnes of narrative surprises. We were completely blown away.”

      • Europa Universalis IV: Origins is out along with a big free update | GamingOnLinux

        Europa Universalis IV: Origins is a new “Immersion Pack” available now as a paid DLC for Paradox’s popular historical strategy game and the 1.32 Songhai free update is also live.

        From the trading ports on the eastern coast to the gold mines of Mali, early modern Africa was a continent of rich kingdoms and cultural variety. Now, Europa Universalis IV: Origins brings this history to vivid life with new missions, events and regional flavour.

      • The Khronos Group officially announces the Dynamic Rendering extension for Vulkan

        Recently with the Vulkan 1.2.197 specification update, a new extension popped up that has plenty of developers happy with Dynamic Rendering and now The Khronos Group has formally announced it with a more detailed explanation. This is of course aimed at developers, not most of us normal consumers but we still thought it interesting to highlight to bring more attention to it.

        The Vulkan API is vitally important for Linux gaming, since it can provide much greater performance than OpenGL. It’s used in the DXVK and VKD3D-Proton projects, which translate Direct 3D to Vulkan for use with Steam Play Proton, and it’s the reason we see the performance level with it that we do when running Windows games.

      • Epic Chef: A Cooking Quest of Epic Proportions – Boiling Steam

        Do you enjoy cooking? It’s practically in my family blood. In Epic Chef — developed by Infinigon Games and published by Team17 — you’re playing a game and basically doing the same thing, except it’s a lot less realistic.

        The game starts with Zest, the main protagonist of the game and the character that you use, who gets thrown overboard from a ship and into the land of Concordia. Apparently Zest was trying to do the pirates of the ship a favor, but they seemed to take it the wrong way and forcefully eject him out of their ship.

        Zest has no money, but after talking to some of the people in the town and getting the necessary documents, he is eventually given some land, and a haunted house (the Villa grounds). Well, semi-haunted anyway. That’s why the mortgage is free. The people of Concordia, particularly Private Speck, the guardkeeper of the house, try to convice Zest not to reside there, but Zest has no other options.

    • Distributions

      • Top 5 Best Linux Distros for Beginners That Make You Love Linux

        Linux has always been helpful and dedicated to maintaining servers, systems, local machines, and old systems. If you’re a newbie to Linux, there is a chance that you might get confused about which distribution, which desktop environment you should choose for your system. Well, you can always try out distributions and choose the right one for you. But that process would be a bit time-consuming and tough to find the best Linux distro for beginners.

        Finding the best Linux distro for beginners would really help and save time for getting started with Linux. There were times when only people with programming and system admins used to use Linux, but now it has changed. Linux welcomes all types of users, from students to developers and professionals to beginners.

      • 10 Best Linux Distros for Privacy and Security for 2022

        It is always a concern of users to surf the internet in privacy. However, surfing on the usual operating systems can’t provide the security you want. There’s no need to worry, Linux is among the most private operating systems available. So in this blog, we will list the best Linux Distros for Privacy.

        The below list is completely based on the user reviews, features, security, privacy, and accessibility of these Linux distros.

      • SUSE/OpenSUSE

        • KDE Gear, GNOME Update in Tumbleweed

          Tumbleweed pulled back from the frequency of snapshots released last week, but still had a good amount of releases this week.

          After continuous daily releases from Oct. 27 to Nov. 2, openSUSE Tumbleweed put together another three consecutive snapshots.

          Just four packages arrived in snapshot 20211105 snapshot. The first of the 41.1 GNOME packages arrived in the snapshot. gnome-chess and gnome-remote-desktop. The latter had some adjustments for frame PipeWire data. There was some clean up with the network configuration package wicked in the 0.6.67 version along with changes in the dbus configuration. The aws-cli 1.21.6 package had multiple API changes and relaxed a version dependency for python-docutils.

      • IBM/Red Hat/Fedora

        • Best practices for building images that pass Red Hat Container Certification

          Building unique images for various container orchestrators can be a maintenance and testing headache. A better idea is to build a single image that takes full advantage of the vendor support and security built into Red Hat OpenShift, and that also runs well in Kubernetes.

          A universal application image (UAI) is an image that uses Red Hat Universal Base Image (UBI) from Red Hat Enterprise Linux as its foundation. The UAI also includes the application being deployed, adds extra elements that make it more secure and scalable in Kubernetes and OpenShift, and can pass Red Hat Container Certification.

          This article introduces you to nine best practices you should incorporate into your Dockerfile when building a UAI. Each section in this article explains a practice, shows you how to implement the practice, and includes Red Hat certification requirements related to the topic.

        • What is AI/ML and why does it matter to your business?

          AI/ML—short for artificial intelligence (AI) and machine learning (ML)—represents an important evolution in computer science and data processing that is quickly transforming a vast array of industries.

          As businesses and other organizations undergo digital transformation, they’re faced with a growing tsunami of data that is at once incredibly valuable and increasingly burdensome to collect, process and analyze. New tools and methodologies are needed to manage the vast quantity of data being collected, to mine it for insights and to act on those insights when they’re discovered.

        • High performance computing 101

          The data is in—massive amounts of it, and high computing power can help enterprises make some sense out of it. For a technology that has gone through ebbs and flows in popularity, high performance computing (HPC) may be expanding to use cases beyond those found in scientific research as more industries can tap into valuable insights gained from artificial intelligence, machine learning, and other emerging technologies.

          So, what does this mean to your organization? If you’re increasingly facing the need to translate large amounts of consumer data to track trends or calculate thousands of financial transactions a day to support business growth, is HPC something you should be considering?

        • Top 5 resources to learn about the IBM and Cloudera partnership

          Six months, four blogs, three videos, two conference presentations, and one amazing partnership — that is how I would describe the IBM and Cloudera partnership so far. This blog post highlights some of the best developer-focused resources to help you leverage your data to build AI-enabled applications.

          Earlier this year, IBM and Cloudera announced that they would partner together to create a new joint offering: Cloudera Data Platform for IBM Cloud Pak for Data, bringing together two leading data platforms. The benefits of using boths platforms are outlined in the various product pages and focused on security, scalability, and, of course, combining the best technologies for data and AI.

          Soon after, a few of us on the IBM Developer and Hybrid Cloud Build Team were tasked with testing the products, building PoCs for customers, and creating assets to be consumed by external audiences.

          Below are our top five resources for learning about the IBM and Cloudera partnership. Before we get into it, I would like to give a shout-out to the folks that made it possible: Tim Robinson, Brett Coffmann, Dave Fowler, Marc Chisinevski, and Erik Beebe. Let’s get started!

        • CentOS project moves to development using GitLab

          The CentOS Project announced the launch of a collaborative development service based on the GitLab platform. The decision to use GitLab as the primary hosting platform for CentOS and Fedora projects was made last year. It is noteworthy that the infrastructure was raised not on its own servers, but on the basis of the gitlab.com service, in which the gitlab.com/CentOS section is provided for projects related to CentOS.

          At the moment, work is underway to integrate the section with the user base of the CentOS project, which will allow developers to connect to the Gitlab service using existing accounts. Separately, it is noted that git.centos.org based on the Pagure platform will continue to be considered as a place to host the source code of packages ported from RHEL, as well as as the basis for the formation of the CentOS Stream 8 branch. But the CentOS Stream 9 branch is already developing on the basis of a new repository in GitLab and is distinguished by the ability to connect to the development of contributors from the community. Other projects hosted on git.centos.org remain in place for now and are not forced to migrate.

        • Simplify Kafka authentication with Node.js

          Apache Kafka is a publish-subscribe messaging system that is commonly used to build loosely coupled applications. These types of applications are often referred to as reactive applications.

          Our team maintains a reactive example that shows the use of Kafka in a simple application. If you’ve looked at these types of applications, you know that although the components are decoupled, they need access to a shared Kafka instance. Access to this shared instance must be protected. This means that each component needs a set of security credentials that it can use to connect to the Kafka instance.

          As a Node.js developer, how can you safely share and use those credentials without a lot of work? Read on to find out.

          Note: You can learn more about using Node.js in reactive applications in the article Building reactive systems with Node.js.

        • Contribute at the Fedora Linux 36 Test Week for Kernel 5.15

          The kernel team is working on final integration for kernel 5.15. This version was just recently released, and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week from Sunday, November 14, 2021 through Sunday, November 21, 2021. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

        • Fedora Silverlight: not only for your grandma

          I have migrated my grandparents to Fedora Silverlight, previously they used CentOS. I was impressed how everything worked well and I like where Fedora is going overall. Less pre-installed software, I am hoping for more packages to be dropped – Evolution backend, on-line accounts, Maps and others. Overall, it works great.

      • Debian Family

        • Sparky 6.1

          There is a next point release of Sparky 6 – 6.1 “Po Tolo” of the stable line ready to go. Sparky 6 is based on and fully compatible with Debian 11 “Bullseye”.

          Changes:
          – system upgraded from Debian & Sparky stable repos as of November 9, 2021
          – Linux kernel 5.10.70 (PC)
          – Linux kernel 5.10.63-v7+ (ARMHF)
          – Firefox 78.14.0esr
          – Thunderbird 78.14.0
          – VLC 3.0.16
          – LibreOffice 7.0.4
          – LXQt 0.16.0
          – Xfce 4.16
          – Openbox 3.6.1-9
          – KDE Plasma 5.20.5
          – small improvements

        • SparkyLinux 6.1 Released with Updated Packages and Improvements

          The SparkyLinux team has announced the release of SparkyLinux 6.1, latest stable update in project’s 6.x series.

          SparkyLinux is a desktop-oriented Linux distro created on the top of the Debian operating system. It is lightweight, fast, and simple Linux distro, suitable to run on old computers without any problems. It’s aims to be easy on system resources and can breathe new life into aging computers.

          SparkyLinux includes a full-fledged operating system with LXQt, Xfce, and KDE desktop environments and minimal images for MinimalGUI and MinimalCLI which enables to install the system with a minimal set of applications, and then choose your own applications via Sparky Advanced Installer.
          Today the SparkyLinux development team announced the release of SparkyLinux 6.1 rolling operating system. So let’s see what’s new.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Google removes restrictions on students only from Summer of Code

        Google has announced the annual Google Summer of Code 2022 (GSoC) event aimed at encouraging newbies to work on open source projects. The event is being held for the seventeenth time, but it differs from previous programs in the removal of restrictions on the participation of only undergraduate and graduate students. From now on, any adult who has turned 18 years old can become a GSoC participant, but with the condition that he has not previously made a significant contribution to the development of projects outside the GSoC event and has not participated in the GSoC more than two times. It is understood that the event will now be able to help beginners who want to change their field of activity or are engaged in self-education.

      • Family Management does it need an app? If yes, Try Mea-Familia

        The software package is released under an unusual license: EUPL-1.2 or European Union Public License version 1.2.

      • Events

        • The Linux Foundation Announces Keynote Speakers for Open Source Summit Japan + Automotive Linux Summit 2021 [Ed: Linux Foundation has given Microsoft (Audrey Lee) a greenwashing keynote in an event about “Linux”; they keep doing it… Zemlin et al are monetising the devaluation by misuse of the valuable Linux brand — a brand that some companies would pay a lot of money to hijack and destroy]

          The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the keynote speakers for Open Source Summit Japan + Automotive Linux Summit 2021, taking place virtually December 14-15. One registration pass includes access to both events. The keynote speakers can be viewed here and the full schedule can be viewed here.

      • Web Browsers

        • Spying Browsers

          • Windows 11 blocks Edge browser competitors from opening links

            Something changed between Windows 11 builds 22483 and 22494 (both Windows Insider Preview builds.) The build changelog makes a few mentions of changes to the protocol and file associations/default apps system. However, it omitted the headline news: You can no longer bypass Microsoft Edge using apps like EdgeDeflector.

            [...]

            Before discussing the changes in the latest Windows builds, I’d like to refresh your memory on Microsoft’s earlier escapades with antitrust regulators. I’m not a lawyer, but some case law is common knowledge in the tech field. I’m, of course, thinking of United States versus Microsoft (2001) and Microsoft versus European Commission (2009). In both cases, regulators found that Microsoft was abusing its market-leading operating system to unfairly promote its Internet Explorer (now called Edge) browser; disadvantaging competing web browsers.

            While the US decided not to take action against Microsoft on this point, the EU didn’t hold back. Microsoft agreed to hide shortcuts to Internet Explorer and show customers in the EU the infamous browser ballot screen. The dialog listed Internet Explorer among competitors and asked them to choose what browser they wanted to one-click install.

          • Firefox’s Private Browsing mode upleveled for you

            There are plenty of reasons why you might want to keep something you are doing on the web to yourself. You might be looking for a ring for your soon-to-be fiance, looking up what those mysterious skin rashes could be, or reading a salacious celebrity gossip blog. That’s where Private Browsing mode comes in handy. This year, we upleveled and added new advanced features to our Private Browsing mode. Before we share more about these new features we wanted to share some of the misconceptions about Private Browsing.

            One of the top common myths about Private Browsing (in any major web browser) is that it makes you anonymous on the Internet. The Private Browsing mode on Chrome, Safari, Edge and Firefox are primarily designed to keep your activity private from other users on the same computer, but websites and Internet service providers can still gather information about your visit, even if you are not signed in. To learn more about other Common Myths, visit our site. You should know though, that Firefox offers something that other browsers don’t, which is advanced privacy protections. Read on to learn more about our unique tracking protections.

          • Mozilla submits comments to the California Privacy Protection Agency – Open Policy & Advocacy

            This week, Mozilla submitted comments in response to the California Privacy Protection Agency’s Invitation for Preliminary Comments on Proposed Rulemaking Under the California Privacy Rights Act (CPRA).

            Mozilla has long been a supporter of data privacy laws that empower people, including the trailblazing California privacy laws, California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). We welcome the opportunity to offer feedback as California considers how to best evolve its privacy protections, and we support the progress made thus far, particularly as federal efforts languish — but there’s more to do.

      • SaaS/Back End/Databases

        • PostgreSQL 14.1, 13.5, 12.9, 11.14, 10.19, and 9.6.24 Released!

          The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 14.1, 13.5, 12.9, 11.14, 10.19, and 9.6.24. This release closes two security vulnerabilities and fixes over 40 bugs reported over the last three months.

          Additionally, this is the final release of PostgreSQL 9.6. If you are running PostgreSQL 9.6 in a production environment, we suggest that you make plans to upgrade.

      • Education

        • ITFlow: an Open-source system for MSPs and IT departments

          ITFlow is a software package to help manage IT departments, IT service companies, computer shops, computer maintenance shops, and MSPs (Managed Service Providers).

          It is the open-source self-hosted equivalent and alternative to the popular IT management system “ITGlue”.

          ITFlow is a web-based self-hosted IT-asset management system that users can download, install and configure on a local or a remote system.

      • Programming/Development

        • How Learning Linux Will Improve Your Software Testing

          One of the skills mentioned in the tester profile is the knowledge of Linux commands. It is important since being an open-source OS, Linux offers more possibilities for both developers and testers in terms of immersing deep into the development environment and being restricted close to nothing, due to its plethora of tools and perspectives to learn.

          When having a solid command of Linux commands ( no pun intended) one might engage in performing backend testing ( e.g. fetching and verifying logs), getting involved with real-time projects, testing in Domains like Telecom, Big Data.

        • Twelve Years of Go

          Today we celebrate the twelfth birthday of the Go open source release. We have had an eventful year and have a lot to look forward to next year.

          The most visible change here on the blog is our new home on go.dev, part of consolidating all our Go web sites into a single, coherent site. Another part of that consolidation was replacing godoc.org with pkg.go.dev.

          In February, the Go 1.16 release added macOS ARM64 support, added a file system interface and embedded files, and enabled modules by default, along with the usual assortment of improvements and optimizations.

          In August, the Go 1.17 release added Windows ARM64 support, made TLS cipher suite decisions easier and more secure, introduced pruned module graphs to make modules even more efficient in large projects, and added new, more readable build constraint syntax. Under the hood, Go 1.17 also switched to a register-based calling convention for Go functions on x86-64, improving performance in CPU-bound applications by 5–15%.

          Over the course of the year, we published many new tutorials, a guide to databases in Go, a guide to developing modules, and a Go modules reference. One highlight is the new tutorial “Developing a RESTful API with Go and Gin”, which is also available in interactive form using Google Cloud Shell.

          We’ve been busy on the IDE side, enabling gopls by default in VS Code Go and delivering countless improvements to both gopls and VS Code Go, including a powerful debugging experience powered by Delve.

        • Twelve Years of Go (The Go blog)

          On November 10, the Go programming language community celebrated the 12th anniversary of its release as open-source software.

        • Arm Cortex-A710 Support Merged Into GCC 12 Compiler – Phoronix

          Announced back in May was the Cortex-A710 as the first-generation Armv9 “big” core and successor to the Cortex-A78. The initial Cortex-A710 support is now present in the GCC 12 code compiler.

          Last month Armv9 and Cortex-A710 support began landing in the GNU Toolchain, first up with Binutils. This week the GNU Compiler Collection then introduced the -march=armv9-a targeting support and now the Cortex-A710 support has been merged.

        • Live Debugging Techniques for the Linux Kernel, Part 3 of 3
        • Qt Creator 6 RC released

          We are happy to announce the release of Qt Creator 6 RC!

        • ClusterFuzzLite: Continuous fuzzing for all

          In recent years, continuous fuzzing has become an essential part of the software development lifecycle. By feeding unexpected or random data into a program, fuzzing catches bugs that would otherwise slip through the most thorough manual checks and provides coverage that would take staggering human effort to replicate. NIST’s guidelines for software verification, recently released in response to the White House Executive Order on Improving the Nation’s Cybersecurity, specify fuzzing among the minimum standard requirements for code verification.

          Today, we are excited to announce ClusterFuzzLite, a continuous fuzzing solution that runs as part of CI/CD workflows to find vulnerabilities faster than ever before. With just a few lines of code, GitHub users can integrate ClusterFuzzLite into their workflow and fuzz pull requests to catch bugs before they are committed, enhancing the overall security of the software supply chain.

        • Google Rolls Out ClusterFuzzLite For Easy-To-Use, Continuous Fuzzing – Phoronix

          As part of Google’s effort around fuzzing for improving open-source security, the company today announced ClusterFuzzLite as their new, easy-to-use solution for fuzzing open and closed-source projects with ease as part of the CI/CD process.

  • Leftovers

    • Hardware

      • Scientific Honesty And Quantum Computing’s Latest Theoretical Hurdle | Hackaday

        uantum computers are really in their infancy. If you created a few logic gates with tubes back in the 1930s, it would be difficult to predict all the ways we would use computers today. However, you could probably guess where at least some of the problems would lie in the future. One of the things we are pretty sure will limit quantum computer development is error correction.

        As far as we know, every quantum qubit we’ve come up with so far is very fragile and prone to random errors. That’s why every practical design today incorporates some sort of QEC — quantum error correction. Of course, error correction isn’t news. We use it all the time on unreliable storage media or communication channels and high-reliability memory. The problem is, you can’t directly clone a qubit (a quantum bit), so it is hard to use traditional error correction techniques with qubits.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

        • Security

          • Hijacking smart luggage

            When is a vulnerability not a vulnerability? I’m not sure this counts as a vuln per-se, but some easily-fixed and simple manufacturer mistakes result in trivial hijack of…. yes… your smart luggage.

            The Airwheel SR5 is the first smart luggage that we’ve seen. It can automatically follow the owner through an airport, avoiding obstacles along the way.

            [...]

            The owner wears a watch-style BLE device that the luggage will ‘home in’ on. As the wearer walks off, the luggage pays attention and follows.

            The luggage has four ultrasonic sensors for obstacle avoidance. In practice, we found the luggage would often take random turns in to walls and crash. This may be a result of RF signal interference or reflections. Hard to say without spending a lot of time on it. It also got ‘lost’ quite a bit, meaning the owner had to return to the luggage to get it to start following again.

            Anyway, there is no security for the pairing process for the luggage to the wristband. No particular issue there, as it’s highly unlikely someone else would be trying to pair their luggage at the same time as you in the same location.

          • Securing your digital life, part one: The basics | Ars Technica

            I spend most of my time these days investigating the uglier side of digital life—examining the techniques, tools, and practices of cyber criminals to help people better defend against them. It’s not entirely different from my days at Ars Technica, but it has given me a greater appreciation for just how hard it is for normal folks to stay “safe” digitally.

            Even those who consider themselves well educated about cyber crime and security threats—and who do everything they’ve been taught to do—can (and do!) still end up as victims. The truth is that, with enough time, resources, and skill, everything can be hacked.

            The key to protecting your digital life is to make it as expensive and impractical as possible for someone bent on mischief to steal the things most important to your safety, financial security, and privacy. If attackers find it too difficult or expensive to get your stuff, there’s a good chance they’ll simply move on to an easier target. For that reason, it’s important to assess the ways that vital information can be stolen or leaked—and understand the limits to protecting that information.

          • Security updates for Thursday

            Security updates have been issued by Debian (icinga2, libxstream-java, ruby-kaminari, and salt), Fedora (awscli, cacti, cacti-spine, python-boto3, python-botocore, radeontop, and rust), Mageia (firefox, libesmtp, libzapojit, sssd, and thunderbird), openSUSE (samba and samba and ldb), SUSE (firefox, pcre, qemu, samba, and samba and ldb), and Ubuntu (firejail, linux-bluefield, linux-gke-5.4, linux-oracle, linux-oracle-5.4, linux-oem-5.10, linux-oem-5.14, and python-py).

          • BIOS Updates Begin Appearing For New Intel Privilege Escalation Vulnerabilities – Phoronix

            OEMs have begun releasing updated BIOS/firmware revisions to address new security vulnerabilities disclosed this week by Intel. Most pressing are potential security vulnerabilities within the BIOS reference code used by various Intel CPUs that could lead to privilege escalation by local users and ranked a “high” impact severity.

            INTEL-SA-00562 was made public on Tuesday around security vulnerabilities in the BIOS reference code for processors ranging from 3rd Gen Xeon Scalable to 11th Gen Core to Celeron and Pentium processors… Rather broad exposure across Intel CPU product lines for recent generations and going back to at least the likes of the 7th Gen Core processors.

            The vulnerabilities in the BIOS reference code could lead to privilege escalation of local users and carries a CVSS base score of “high” at 8.2 for both CVEs. CVE-2021-0157 is tracking insufficient control flow management in this BIOS firmware and CVE-2021-0158 is for improper input validation by the BIOS firmware.

          • VMware Releases Security Advisory

            VMware has released a security advisory to address a privilege escalation vulnerability in vCenter Server and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system.

          • Apple Releases Security Update for iCloud for Windows 13 | CISA

            Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system.

          • What Happens If Time Gets Hacked
          • BusyBox flaws highlight need for consistent IoT updates | CSO Online

            Security researchers have found and reported 14 vulnerabilities in the BusyBox userspace tool that’s used in millions of embedded devices running Linux-based firmware. While the flaws don’t have high criticality, some of them do have the potential to result in remote code execution (RCE).

            BusyBox is a software utilities suite that its creators describe as the Swiss army knife of embedded Linux. It contains implementations of the most common Linux command-line tools, together with a shell and a DHCP client and server, all packaged as a single binary. BusyBox has become a de facto standard in the embedded Linux userspace, its standalone binary having support for over 300 common Linux commands.

    • Monopolies

      • Trademarks

        • Facebook In Legal Trouble For Stealing Meta Name – Invidious

          Recently Facebook decided to pull a google and create Meta a parent company to continue invading everybodies privacy while pretending like Facebook no longer does so and there’s been some controversy about the name with one so called company claiming that there name was stolen.

Mozilla Firefox in the Windows Store is an Unnecessary Distraction

Posted in Deception, Free/Libre Software, Microsoft at 4:05 pm by Guest Editorial Team

Guest post by Ryan, reprinted with permission from the original

Today, Mozilla is spamming for Microsoft Windows Vista SP 11 on their blog.

Oh good, the Vista SP 11 store. Hooray!

The OS that can’t get a file manager with 8 buttons to work right!

Microsoft “allows” browsers using Gecko or Chromium (but apparently still excludes Goanna and Webkit?), and this gains you nothing because applications are still not audited by Microsoft for safety (for whatever that’s worth….Solyndra, the Exchange Server Hack of March 2021, etc, etc.), and updates are still a mess that’s handled (or not) per-program.

It’s like a GNU/Linux repository, except with restrictions and DRM, and just generally not worth a bag of beans… 🙂

You’re literally no better off with the Windows Store than going to ftp.mozilla.org and grabbing the EXE file.

In fact, I’m quite certain Microsoft probably does other nasty things that Firefox itself doesn’t do. That’s how Stores work, like Play and Apple.

Those stores even add tracking libraries and “telemetry” to hook into “apps” and pilfer your data quietly, on top of whatever the developer put in.

One reason why GNU/Linux distros don’t include wine-gecko (which is how it simulates Internet Explorer for programs that embed HTML) is because it requires non-Free software to build Gecko or Firefox for Windows.

In fact, that’s one reason why the FSF no longer makes a GNU IceCat for Windows.

If you can’t even build something without proprietary software, is it Free Software?

It took OpenIndiana (the fork of OpenSolaris) so long to get away from Sun’s compiler that it stalled out development everywhere else in the tree. They may otherwise have implemented something useful, like USB 3 support.

I’d say that Windows 11 Store Firefox is an unhelpful distraction at the very least, even if it appears to do no harm.

Even if it did no other harm but advertise a malicious operating system whose quality is very obviously not good, what value does it add?

Additionally, Mozilla spent years taking no action while fake Firefox apps that charged naive users money polluted Microsoft’s crummy software store.

If you look at the Windows store now, I’m told you still have to look through 44 of these fake apps before you get to Firefox.

Microsoft now has another heavily restricted SKU of Windows that tries to compete with the Chromebook in education. Good luck. Every single one of these things is e-waste, and they’ll quietly take a write down on the whole thing, like they did with thousands of pallets of “Windows Phones”.

One of the ways these laptops will mistreat school children? If the school imposes Microsoft Edge on them, they won’t be allowed to install Firefox, even if Firefox _is_ in the Windows Store.

Richard Stallman compared teaching kids to use Windows and proprietary software with allowing tobacco companies to bring in cartons of cigarettes to teach kids how to smoke. Schools should be teaching kids how to make the world better, not being bought off by the Bill Gates Foundation to dump Windows in there to “get people hooked” so they can “collect later”. (Which was what he said he wanted to do with China…)

While Mozilla is putting their browser in the Windows Store with all sorts of restrictions on use, and with none of the users being able to make modified copies and share them with others, let’s not forget that even years ago, Mozilla sent their lawyers after Debian for backporting security patches to versions of Firefox that Mozilla didn’t want to support anymore. New versions of Firefox are hard to support if you want to ship a stable operating system.

Mozilla has recently gotten so aggressive that Firefox 91+ break if you’re not using the newest release of Mesa3d on GNU/Linux. Something that few distributions will have.

They want total control over everything. SeaMonkey’s Wiki complains that Mozilla “doesn’t accept patches” from outside anymore.

Mozilla is never going to object to Microsoft. They take dirty money from Microsoft and Google and say nothing.

Do you know what this company is? What they really do with your data?

As an aside, what does Mozilla even mean with statements like this?

“Previously if you were on Windows, you had to download Firefox from the internet and go through a process from Microsoft.”

Downloading it from the Windows Store brings it in from an Internet server, and it’s obviously a “process from Microsoft”. Maybe they meant, through the store it won’t set off their piece of crap “antivirus” program, Microsoft “Pretender”. It warns people about open source software, and frequently removes it without asking.

Anyway, the attitude at Mozilla is getting worse by the minute. They’ve dropped all pretenses about being open source, they pitch Microsoft, they take dirty money, they fire hundreds of people who actually do things while keeping a $3+ million a year CEO, they make it difficult for LTS distributions to use native packaging to even carry Firefox ESR, and they even add spyware (“Firefox Suggest”).

So, the Windows Store is a minor nit after all this. Who keeps track anymore? When Microsoft approached Novell with their “special patents deal” in 2006 I thought that was pretty rotten.

We’ve lost Firefox through a similar process of corrupt leadership at Mozilla and Microsoft moles throughout the organization.

It’s time to start thinking about alternatives. LibreWolf also pushed 94 as a Flatpak the other day, and they incorporated a few fixes for eyesores that I pointed out. Cleaning up this mess that Mozilla leaves is going to be a tough hill for them to climb.

I don’t know where it will all land after Mozilla files bankruptcy when Google and Microsoft have no further use for them and Mitchell Baker’s bank account is full.

Bonus: Firefox carries two interventions for Microsoft websites that break themselves deliberately in Firefox.

Microsoft Loves Open Source. Which must explain why Microsoft 365 demands to be the default mail handler in Firefox every time you click on a link and Microsoft added extra code to Office for the Web to make Firefox appear broken if you load an Excel spreadsheet.

Many sites break nowadays if they think you’re running anything but Chrome. When I complained about this to Mozilla due to Facebook doing it with Messenger Live Video for three years, they declared that I was a spammer and hid my comments about Mozilla not caring about the user giving up and moving to a different browser, or else they would have silenced Facebook and made it work again with a UA hack.

It seems to be almost random what Mozilla will bother to fix, per about:compat. Humorously, the US Centers for Disease Control website no longer works properly in Firefox.

Hell, even Vivaldi and Brave, which are Chromium browsers, had to give up on saying they were Vivaldi and Brave. Now every site meant for Chrome works fine. They make exceptions for their search engines.

I am so done with anything that is even remotely based on Firefox at this point. It’s more trouble than it’s worth and they’re just cloning Chrome APIs and ignoring sites that maliciously wound their Gecko layout engine, including their friends at Microsoft.

It’s clear that they also don’t give a damn about problems they make for stable GNU/Linux distros, since Debian 11 was released two months ago and Firefox has already declared it obsolete.

Halloween Documents in Gemini Space

Posted in GNU/Linux, Microsoft at 12:09 pm by Dr. Roy Schestowitz

Microsoft hates Linux

Techrights Now (as of This Week) Has Over 38,000 Pages in the Gemini Capsule

Posted in Free/Libre Software at 11:52 am by Dr. Roy Schestowitz

Video download link | md5sum 99a9f68d73269480b55f5bb1969dd206

Summary: Techrights will soon have 32,000 blog posts (we’re at 31,953 right now), but over in Gemini Space — sometimes abbreviated or known as Geminispace — we already have 38,000+ pages, all easily accessible over the gemini:// protocol, which gained a lot of traction over the course of the past year

AS we mentioned last night, there’s this new page from Balázs Botond where Gemini space statistics are shown as graphs (further suggestions have just been made). We too did a lot of work related to statistics this week, basically enabling comparison of things (as a function of time) without infringing people’s privacy.

The video above shows all the graphs and demonstrates some of the changes we’ve implemented.

Lagrange Gemini ClientIn spite of the artificial limitations (intentionally strict constraints), Gemini is evolving. There’s this ongoing discussion about “Writeable Gemini” — with further debate — being facilitated by Lagrange, a GUI client for Gemini [1, 2, 3]. This is a timely reminder that in Gemini Protocol you can submit rather long input, which means you can even edit pages over the Gemini client! Like a Wiki or a chatroom

“A lot of Gemini capsules are still ‘islands’, i.e. neither known about nor indexed.”Some people are still eager to ‘extend’ Gemini Protocol (example from this morning) in ways which barely justify the extra complexity. As I point out in the video above, Solderpunk is just about finalising the specs (maybe a standard soon, even though formalisation does not matter too much).

A lot of Gemini capsules are still ‘islands’, i.e. neither known about nor indexed. But that will hopefully change over time and given this past year’s growth it’s not unthinkable or unreasonable to predict hundreds of thousands of Gemini capsules within the next 5 years. It’s all about inertia, momentum, based on growing public awareness.

Gemini capsules at 1,735
Gemini capsules at 1,735 today (based on Lupa)

Links 11/11/2021: Mesa 21.3 RC5 Release

Posted in News Roundup at 8:29 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • BSD Now 428: Cult of BSD

        OpenBSD Part 1: How it all started, Explaining top(1) on FreeBSD, Measuring power efficiency of a CPU frequency scheduler on OpenBSD, CultBSD, a whole lot of BSD bits, and more.

      • The Linux Link Tech Show Episode 930

        3d printing, joel gets callled out, what tech gifts

      • You had ONE JOB, Linus! | Reacting to the Daily Driver Challenge – Invidious

        LinusTechTips, if you’re not aware, is one of the most popular tech YouTube channels out there… yet somehow, Linus has never daily-driven Linux. Never even tried to! With the advent of the Steam Deck, though, Linus has come around to the idea of “Linux Gaming” and challenged his friend Luke to use Linux on their home rigs. Somehow Linus had a pretty rough go of it but ultimately they were (mostly) able to complete the first task of their challenge.

    • Kernel Space

      • Adding package information to ELF objects

        While it is often relatively straightforward to determine what package provided a binary that is misbehaving—crashing for instance—on Fedora and other Linux distributions, there are situations where it may be harder to do so. A feature recently proposed for Fedora 36—currently scheduled for the end of April 2022—would embed information into the binaries themselves to show where they came from. It is part of a multi-distribution effort to standardize how this information is stored in the binaries (and the libraries they use) to assist crash-reporting and other tools.

        On October 25, Fedora program manager Ben Cotton posted the proposal to the Fedora devel mailing list; it is also available on the wiki. The basic idea is that each ELF object that gets created for an RPM package will get a .note.package ELF section added to it. That section will contain a JSON-formatted description of exactly which RPM it was distributed with. So those binaries will contain information that can tie them directly to the package, even in the absence of RPM metadata on the system.

        The facility would be used by the systemd-coredump utility to log package versions when crashes occur. For regular Fedora systems, which normally have the RPM metadata available, there is no large advantage. But for other situations where Fedora-created binaries might be run—and crash—this mechanism would allow administrators and tools to recognize where exactly the binary came from.

      • Some 5.15 development statistics

        The 5.15 kernel was released on October 31, with the code name appropriately changed to “Trick or Treat”. By that time, 12,377 non-merge changesets had been merged into the mainline, adding a net total of 332,000 lines of code. Read on for a look at where the contributions to the 5.15 kernel came from.

      • Linux 5.16 Introducing Ability For A Driver To Probe Hardware While Powered Off – Phoronix

        Last week saw the main set of ACPI and power management changes for Linux 5.16 while merged on Wednesday were a secondary set of updates. Notable on the ACPI side are some changes in preparing for allowing Linux drivers to “probe” hardware while being powered off.

        This Intel-contributed change to the Linux kernel is about allowing certain devices to be probed by a kernel module without changing their power states / being powered up. It’s a bit of a corner case with normally not being able to properly probe the hardware and load the driver without the component being initialized and ensuring it can successfully light up and work. This won’t magically work for all drivers/hardware but depends upon necessary ACPI support being advertised.

      • Graphics Stack

        • [Mesa-dev] [ANNOUNCE] mesa 21.3.0-rc5
          Hello everyone,
          
          The fifth release candidate is now available, containing about equal
          amounts of Zink, AMD, and Intel fixes.
          
          Once again, this could have been the final release of 21.3.0, but there
          are blocking issues on Intel's side still left, so we're having another
          round of release candidate.
          Hopefully this will be the last one, but we'll see.
          
          Please test it and report any issue here:
          
          https://gitlab.freedesktop.org/mesa/mesa/-/issues/new
          
          Issues that should block the release of 21.3.0 should be added to the
          corresponding milestone:
          
          https://gitlab.freedesktop.org/mesa/mesa/-/milestones/27
          
          Cheers,
            Eric
          
        • Mesa 21.3-rc5 Released With Numerous Intel / AMD / Zink Fixes – Phoronix

          The Mesa 21.3 development cycle continues dragging on due to blocker bugs affecting the Intel code, so instead it’s another week with a new release candidate.

          Mesa 21.3-rc5 is out with a random assortment of mostly fixes to Intel, AMD Radeon, and Zink OpenGL-on-Vulkan driver code. The blocker bugs holding up the release include Piglit test failures and dEQP failures on Intel graphics hardware. It’s possible other blocker bugs may come up, but traditionally they tend to be Intel-oriented simply due to Intel having better and more robust test coverage of Mesa on their hardware. Hopefully the few blocker bugs will get resolved in the next week or so to allow Mesa 21.3.0 to roll-out.

    • Applications

      • 7 Linux commands to use just for fun

        The Linux command line can be the home of power users and sysadmins. However, Linux is more than just a lot of hard work. Linux was developed by fun-loving people who created an array of comical commands. Try playing around with these yourself when you want a smile.

        Be sure to consult the man pages of all these commands to explore all the possibilities and iterations. What are your favorite silly commands, and do they have real-world uses as well? Share your favorites in the comments

    • Instructionals/Technical

      • How to Manage SSH Keys for Linux Machines

        SSH keys grant users access to critical systems such as cloud and on-premise servers and network devices. Typically, these are systems that should only be accessed by authorized users, and no one else. Proper management of these keys is therefore essential to ensure that the SSH keys are in the right hands and used in accordance with the best security practices.

      • The Hive (Security Incident Response Platform) – Unixcop the Unix / Linux the admins deams

        This page is a step by step installation and configuration guide to get an TheHive 4 instance up and running. This guide is illustrated with examples for Debian packages based systems and for installation from binary packages.

      • Setup X-pack Security on Elasticsearch and Kibana – Unixcop the Unix / Linux the admins deams

        X-Pack is an Elastic Stack extension that provides security, alerting, monitoring, reporting, machine learning, and many other capabilities. By default, when you install Elasticsearch, X-Pack is installed.

        The growing popularity of Elasticsearch has made both Elasticsearch and Kibana targets for hackers and ransomware, so it is important never to leave your Elasticsearch cluster unprotected.

        From Elasticsearch Version 6.8 and onwards, X Pack Basic License (free) includes security in the standard Elasticsearch version, while prior to that it was a paid for feature.

      • What are ephemeral certificates?

        This article is a short followup to my last article about cosign. I received many questions for my last article. The most common one was:

        “But wait! If the certificates are only valid for 30 minutes, how are my users supposed to validate my artifacts?”

        This is very common misconception and to be honest: I ran into the same trap at first. The terms “ephemeral” or “short-lived” do not refer to the signature validation. Instead, these terms refer to the certificate generation itself. The goal of short-lived certificates is to elimate the possible risks of private key leaks. Just imagine, we have a traditional long-lived certificate and a private key stored on one of our servers. If one attacker manages to steal this certificate and private key, maybe even years after the signature creation, the attacker will be able to craft a valid signature for their own malware with this certificate and key. With a short-lived certificate this would not be possible, because even if the attacker has access to both (private key and certificate) the attacker will not be able to craft a valid signature for the artifact, because the certificate has expired. The users are still able to validate the originally signed artifact, because the signature of this artifact has been created in the valid time frame of the certificate.

      • Ncat Linux command

        Hello friends. Knowing the Linux terminal and its commands is a basic task of any sysadmin or DevOps. Therefore it is always good from time to time to know new commands and their utilities. This will allow us to have new functions that can solve a problem at any time. So, in this post, you will learn about the ncat command.

      • How To Increase Disk Storage Size In VirtualBox Or VMware

        VirtualBox makes it simple to create virtual machines. When you create a virtual machine in VirtualBox or VMware, you must specify the size of the storage that will be used to install the operating system. I frequently allot a disc size that I later need to increase. In this article, we’ll learn to increase the Disk storage size of any Virtual machine in VirtualBox and VMware.

      • How get the best performance from the Nginx Server – Unixcop the Unix / Linux the admins deams

        You can tune almost any setting, but this post concentrates on the few settings for which tuning benefits the most users. There are settings that we recommend you change only if you have a deep understanding of NGINX and Linux. So, you will know How get the best performance from the Nginx Server

        HI Guys !, In this post we basically see the NGINX tuning using it’s configuration file which is situated at /etc/nginx/nginx.conf

        NGINX is well known as a high‑performance load balancer, cache, and web server, powering over 40% of the busiest websites in the world. For most use cases, default NGINX and Linux settings work well, but achieving optimal performance sometimes requires a bit of tuning. This blog post discusses some of the NGINX and Linux settings to consider when tuning a system.

      • How to Upgrade to AlmaLinux 8.5 – LinuxCapable

        AlmaLinux 8.5 is finally here and is codenamed Arctic Sphynx. The new version of the incoming AlmaLinux 8.5 is filled with many improvements such as Nginx 1.20, Node.js 16, Ruby 3.0, PHP 7.4.19, and many more new module streams and enhancements. Also included are an enhanced Cockpit web console and support for the recently released OpenJDK 17.

        Currently, this is in beta status and should not be installed or upgraded on production servers/systems or critical working environments. However, if you are game enough to try the new release, it is worth checking out.

        In the following tutorial, you will get a step-by-step walkthrough of how to upgrade an existing AlmaLinux 8.0 system to 8.5.

    • Games

      • ‘SteamWorld Dig 2′ GOG, Steam Free Download: Get Game Now Before 24-Hour Time Limit! | iTech Post

        Swedish game developer Thunderful Games has announced on Twitter that “SteamWorld Dig 2″ is now available to download for free and players will be able to keep it permanently. Unfortunately, only PC users will benefit from the said free download.

      • Forza Horizon 5 on Linux? There’s a Good Chance That You Can Play it Already – It’s FOSS News

        Forza Horizon 5 is a new racing video game developed by Playground Games and published by Xbox Game Studios.

        Before its official launch, it already had ~1 million players via the premium edition, which enabled early access to the game.

        While the game is breathtaking with its visuals and optimization for older hardware, it is yet another Windows-only game.

      • Shadow Tactics: Blades of the Shogun – Aiko’s Choice releases in December | GamingOnLinux

        Shadow Tactics: Blades of the Shogun – Aiko’s Choice from Mimimi Games is going to be releasing in December and they have a new trailer ready.

        This is the standalone addon that takes place after the original Shadow Tactics. Set in Japan around the Edo period, you take control of kunoichi adept Aiko and her deadly assassin friends to hunt down the ghosts of her past. The new trailer goes over the story so far up to the point where the story of Aiko’s Choice will set off. So keep in mind it’s probably a bit spoilery if you’ve not played the original game.

      • Valve’s hotly anticipated Steam Deck handheld gets delayed until 2022

        If you’re worried about losing your pre-existing reservation, don’t sweat it. Valve claims that existing reservation holders will keep their place in line. As for the timeframe of those reservation dates, that information will be coming shortly.

      • Valve Steam Deck delay ruins Christmas for countless Linux gaming nerds

        Do you hear that horrible sound? That’s the combined screams and howls of countless Linux gaming nerds learning the devastating news — the release of the Steam Deck video game console has been pushed to next year. In other words, anyone hoping to get the console under the Christmas tree this year will be left disappointed.

        If you aren’t familiar, the Steam Deck is a portable PC/gaming console hybrid that runs the Arch Linux-based “SteamOS” operating system which uses KDE Plasma. Similar to a Nintendo Switch Lite in design (but much bigger, heavier, and more powerful) it lets you play PC games in the palm of your hand. You can check out the specifications here.

        “The launch of Steam Deck will be delayed by two months. We’re sorry about this — we did our best to work around the global supply chain issues, but due to material shortages, components aren’t reaching our manufacturing facilities in time for us to meet our initial launch dates,” says Valve.

      • Supply chain shortages push Steam Deck out to February 2022

        Valve has said in a blog post that the first shipments of Steam Deck are now set to begin in February next year.

        “The launch of Steam Deck will be delayed by two months. We’re sorry about this — we did our best to work around the global supply chain issues, but due to material shortages, components aren’t reaching our manufacturing facilities in time for us to meet our initial launch dates,” the company said.

        Valve said customers would keep their place in the reservation queue, but the window will shift back two months.

        Announced in July, the Steam Deck is a portable, handheld PC that uses AMD silicon to run SteamOS 3.0, a new version of its OS based on Arch Linux, with KDE Plasma used for desktop mode. The Linux system will use its Proton compatibility layer to run games designed for Windows.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • Ole Aamot: Record Live Multiple-Location Audio immediately in GNOME Gingerblue 2.0.1

          GNOME Gingerblue 2.0.1 is available and builds/runs on GNOME 41 systems such as Fedora Core 35.

          It supports immediate, live audio recording in compressed Xiph.org Ogg Vorbis encoded audio files stored in the private $HOME/Music/ directory from the microphone/input line on a computer or remote audio cards through USB connection through PipeWire (www.pipewire.org) with GStreamer (gstreamer.freedesktop.org) on Fedora Core 34 (getfedora.org) as well as XSPF 1.0 playlist stored in the private $HOME/Music/GNOME.xspf playlist of the previous, latest recording.

          See the GNOME Gingerblue project (www.gingerblue.org) for screenshots, Fedora Core 35 x86_64 RPM package and GNU autoconf installation package (https://download.gnome.org/sources/gingerblue/2.0/gingerblue-2.0.1.tar.xz) for GNOME 41 systems and https://gitlab.gnome.org/ole/gingerblue.git for the GPLv3 source code in my GNOME Git repository.

    • Distributions

      • IBM/Red Hat/Fedora

        • Fedora considers removing NIS support

          For all of you youngsters out there, the Internet has always been omnipresent, computers are something you carry in your pocket, the Unix wars are about as relevant as the War of 1812, and the term “NIS” doesn’t ring a bell. But, for a certain class of Unix old-timer, NIS has a distinct place in history — and, perhaps, in still-deployed systems. So the suggestion that Fedora might drop support for NIS has proved to be a bit of a wakeup call for some.

          NIS (“Network Information Service”) was initially born in the depths of Sun Microsystems as “Yellow Pages”. It came about in those heady times when Unix workstations were beginning to pop up in offices — and were being connected to just-installed 10Mb/s Ethernet networks via a (suitably named for the Halloween season) vampire tap. Having a network made it possible to copy around various administrative files like /etc/passwd and create an early sort of single-sign-on regime on the local network. We were all quite proud of ourselves for setting such things up.

          As the number of systems grew, though, all of that copying became a little cumbersome and machines easily went out of sync. Yellow Pages was Sun’s way of automating this work within a simple, centralized service. Getting a network running with it was a quick process, and adding new clients was even faster. There were occasional problems, of course, leading to the system being renamed “Yellow Plague” by some users, but as a whole, it worked quite well. That is for a value of “quite well” that discounts its total lack of access control, encryption, or defenses against malicious hosts masquerading as servers, but that was a more innocent age.

          Sun eventually ran into trademark problems with the Yellow Pages name; being a Unix company, Sun had a deep understanding of the folly of getting into legal battles with telecommunications companies, so it wisely changed the name to NIS. The later NIS+ release added some security and reliability features but looked similar in many ways. Eventually, though, Sun lost interest in NIS (and just about everything else) and the system fell from its nearly dominant position in Unix shops into obscurity. It would be surprising indeed to see a new deployment adopt it now.

        • Red Hat Extends Foundation for Multicloud Transformation and Hybrid Innovation with Latest Version of Red Hat Enterprise Linux

          Red Hat, Inc., the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 8.5, the latest version of the world’s leading enterprise Linux platform. Red Hat Enterprise Linux offers a common, open operating system that extends across clouds, traditional datacenter operations and out to the edge. The platform enables IT teams to lean on existing skills while they use new and expanded capabilities to build the transformative applications and services required by their business, regardless of where these workloads may ultimately live.

        • Distribution Release: Red Hat Enterprise Linux 8.5
        • Red Hat Enterprise Linux 8.5 Officially Released, This Is What’s New

          Coming more than five months after Red Hat Enterprise Linux 8.4, Red Hat Enterprise Linux 8.5 is the fifth maintenance update to Red Hat Enterprise Linux 8 and brings various new features to RHEL’s web console, such as live kernel patching without using the command line tooling and enhanced performance metrics to help you identify and prevent performance issues.

        • Red Hat Enterprise Linux 8.5 Update Available to Download – itsfoss.net

          Red Hat Enterprise Linux 8.5 Update Available to Download, Red Hat has announced the availability of Red Hat Enterprise Linux (RHEL) 8.5, the lates update of the company’s commercial, enterprise-class Linux distribution with bundled customer support: “Red Hat Enterprise Linux (RHEL) 8.5 is now generally available. It brings new features and improvements to help streamline deployments, optimize performance and help mitigate risk in your environments.

        • How leaders can help teams fight fatigue: 7 practical tips

          We’ve all realized by now that burnout has played a major role in workplaces in 2021: The pandemic has been unrelenting. Burnout rose by almost 9 percent between April and July 2021, according to the Glint Employee Well-Being Report, a 12 percent increase from the prior July. In large part, this is due to the “always-on” work culture that many companies reinforced in 2020.

          While this topic has certainly been explored thoroughly, many leaders remain hungry for next-level advice with regard to preventing, recognizing, and dealing with burnout.

          Additionally, more employers are now taking responsibility for their role in helping individuals manage burnout – and trying fresh approaches. Maybe you gave advice at the start of the pandemic that rang true, or, possibly, turned out to be bad? What would you as a leader change about the advice you previously gave and what would you keep the same? Did you ask specific questions to assess burnout on an individual or team basis? Did you go beyond encouraging people to take PTO to ensure it was being taken? What was the outside-of-the-box solution that worked for your team?

      • Debian Family

        • Debian’s which hunt

          This long-present tool is often used at the command line to locate the binary for a program; scripts also use it for similar purposes, or to determine whether a given program is available at all. For many users, which has long been baked into muscle memory and is used reflexively at need.

          For all that, which is not a standardized component on Unix-like systems; POSIX does not acknowledge its existence. For that reason, among others, there are a number of implementations of which, each differing in its own special ways. Many distributions ship the GNU version of which, for example, with its characteristic long list of options. FreeBSD has its own version. Some shells also implement which as a built-in command. Debian ships yet another version, in the form of the aforementioned one-page shell script; it is part of the debianutils package.

          In August 2020, Erik Gustafsson noted that the FreeBSD version of which supports a -s flag that suppresses the printed output and sets the exit status based on the existence of the queried program. He thought that feature would be useful in Debian, and helpfully provided a patch adding that feature. Thus began the discussion of the value of which and whether Debian’s version should gain more features; at one point Clint Adams, the co-maintainer of debianutils, opined that which should be removed from that package.

          Fast-forward to one year later, and Boyuan Yang observed that the which command in the Debian unstable distribution now prints a deprecation warning saying that which is going away. This resulted in a fair amount of consternation (and requests for a reversion of the change) for a number of reasons, starting with the fact that many users simply expect to have which available to them. It turns out that a number of build scripts for Debian packages use which as well; as an extra annoyance, the printed deprecation warning breaks the build process for some packages. The amount of pressure applied to Adams to restore which began to increase.

      • Canonical/Ubuntu Family

        • XBrowserSync, A Free Bookmark Sync for Ubuntu Users

          Do you work with multiple Ubuntu computers? You might want to unify or sync all your browsers’ bookmarks into one, when you bookmarked something in one, all other browsers got the same and vice versa. You can do that freely and safely with XBrowserSync, a Firefox addon, with a secure service behind. To use XBrowserSync, follow the procedures below.

          XBrowserSync is a free software Firefox web browser addon, licensed under GNU GPL, as well as a bookmark synchronization service. It is available for Firefox and Chrome. Its official website is located at https://www.xbrowsersync.org.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • WebFileSys: A Web-based file Manager for your docs, photos, and videos

        WebFileSys is a web-based system that aims to aid users to manage their files, events, photos, videos, calendars, file sharing, GPS tracking, and more.

        The system is created by Frank Hoehnel a software developer from Germany who released it as an open-source project.

        WebFileSys has been around since early 2000s, it is still getting updates ever since.

        [...]

        WebFileSys is released under GNU General Public License v3.0.

      • Web Browsers

        • Mozilla

          • SFS loading precautions in initrd

            A user may manually place SFS files under /mnt/wkg/sfs and may also delete them. If the firefox*.sfs file is deleted, for whatever reason, it means that if it was loaded in a container, that container is no longer valid.
            Yet, the “firefox” icon (with the lock symbol on it) was still on the desktop, and entry still in the menu. I have fixed that, invalid icons and menu entries removed.
            Same thing if an SFS is loaded on the main desktop. If the SFS no longer exists, then it can no longer be loaded at bootup, and menu entry must be removed. And, as in the case of firefox, /home/firefox will have to be deleted.

      • Programming/Development

        • Top 8 Programming Tools for Kids – LinuxLinks

          The Raspberry Pi created a lot of interest in the press for its low cost and credit-card size. The main reason for the creation of the Raspberry Pi was to see it used by kids all across the globe to learn programming. Computer classes in the UK have been constrained by the national curriculum for ICT, with students having to limit their computing activities to learning applications such as Word and PowerPoint, and using the internet to help with their school work. However, learning how to use Microsoft Office is often of little or no interest to students. Students are motivated by interactive activities such as programming, as they like to make things to find out how they work.

          The art of programming is often perceived as being a difficult activity. This is, in part, because coding can be quite unforgiving with lots of information to remember. It is not a simple activity such as surfing the net, or formatting paragraph text.

          Fortunately, there is a growing range of software, often open source, that helps students learn how to code. Stripping away the complexity, the programming languages and associated tools featured in this article aim to create new ways of helping students create projects that appeal to younger minds.

          To provide an insight into the quality of software that is available, we have compiled a list of 8 high quality programming tools that provide an ideal introduction to programming. Hopefully, there will be something of interest here for teachers and students alike.

        • Perl/Raku

          • My Favorite (?) Warnings – Ex-Warnings

            Warning categories have proliferated since the warnings pragma was first introduced in Perl 5.6: from 50 in Perl 5.6.2 to 79 in Perl 5.35.5 (the latest as of this writing). But warnings have been removed as well as added. This post documents these — mostly for historical interest on my part.

        • Rust

    • Standards/Consortia

      • The Monstrosity Email Has Become

        Email had become a monstrosity beyond reasonable comprehension while still having inherent flaws such as plain text sending. Every email out there is sent and stored in plaintext (we can easily agree that PGP/GPG use is anecdotical) and, through HTML and inline pictures, most of them are trying to track you to know when you open the email.

        The whole ecosystem is becoming even more and more centralised with some modern mail providers not offering the ability to get your mail out of the service at all, arguing, with reason, that IMAP sucks and does not permit some features (the hipsterish Hey! or the privacy-oriented Tutanota only provide you access to your email through their own proprietary webmail). You can’t even read your mail offline by design and nobody blink an eye.

  • Leftovers

    • Beacon on the Hill or the Heart and Soul of Darkness?

      Things started looking up one Christmas, when I received a much beloved Johnny 7 multiple fuck-with plastic gun. There were woods nearby and I would frolic for hours, pretending to be horseback, in search of baddies, who often looked like my foster father, a man who watched Lawrence Welk religiously and was quick to take off his belt and chase for smallest infractions of tongue. After he caught me, and beat me, he would put me up in the attic bedroom to weep myself to sleep. A drawer next to the bed held a cache of silver dollars, which went toward my recess funds that year. Looking back, I do now see capitalism in there somewhere; certainly my boy buns were colonized by a brute force.

      Why am I telling you all this?  Well, I’m an old fart, and a sentimentalist to boot (remember how that ends for Bogie in Casablanca? Gotta watch a surplus of the syrup if you want to keep your Ideal Feminine.) and I found myself (pats himself to be sure he’s still here) listening to an old John F. Kennedy speech. No, not the fuckin’ do ‘unto your country before it has a chance to do unto you’ speech that so many libertarians feed their resentment with. Nor the men on the moon by the end of the decade  “because we can” speech. But one far more important to our time now than any of the other speeches folks wrote for him back then (I lived with a Groton family whose Head wrote speeches for JFK). This speech or, as he referred to it, “remarks,” was titled “The President and the Press,” and runs about 20 minutes long.

    • Protest Song Of The Week: ‘Rising Seas’ By Midnight Oil

      No strangers to socially conscious music, veteran Australian rock band Midnight Oil speaks out against climate change with their latest single and video “Rising Seas.”The tune was released just in time for the United Nations Climate Change Conference (COP26).Doing what the band does best, the song is an urgent plea for real change. Politicians can’t just offer lip service; they need to take concrete action, as highlighted by the lyric: “Let’s confess we did not act with serious urgency. So, open up the floodgates to the rising seas.”

    • Science

      • An Astronomer Cancels His Own Research—Because the Results Weren’t Popular

        Of course, statistical analyses of real-world human data are always subject to the possibility that systematic biases can inappropriately skew the claimed results. And I would never suggest that Kormendy’s work is beyond criticism. But the traditional scientific manner of engaging in such criticism is that other scientists present alternative proposals, and explore other data sets, to search for possible flaws in the original analysis. That is how science should be done. Those who claim in advance, without new analysis or data, that someone else’s research results are “harmful” or threatening, without challenging its accuracy, should consider another profession.

        [...]

        It is hard to know what specifically induced this kind of Maoist mea culpa. But Kormendy (or someone with authority over him) presumably was swayed by the online tempest. And an unfortunate effect will be that anyone observing how this played out will be warned off making their own inquiries in this field, for fear that they will meet the same fate. This is one reason why scientific articles should never be retracted simply because they might cause offense. Truth can hurt, but too bad.

    • Education

      • Prime minister: Remote learning effects cannot be compensated for in cash

        Tallinn has sent municipal school students in grades 4-8 to remote learning, extending the period by another two weeks from Tuesday. Kallas said the decision to send students on remote learning must take into account that it can have devastating effects on children. “That is what the [government's] scientific council has also said – children should be sent to remote learning only as the last option,” the prime minister said.

    • Hardware

      • 8″ Floppy On Your PC? | Hackaday

        We should probably have a new metric for measuring mass storage performance: bytes per pound. An old IBM tape drive from the S/360 days, for example, could hold almost 6 megabytes of data. It also weighed more than a typical refrigerator. Today, a tiny postage-stamp-sized card can hold gigabytes of data and weighs — at most — a few ounces. Somewhere in the middle is the old 8 inch floppy drive. At its peak, you could cram about 1.2 megabytes on it, but even with the drive you could lift it all in one hand. These disks and their descendants ruled the computing world for a while. [Adrian asks the question: can you use an 8″ floppy drive on a PC? The answer is in the video below.

        He didn’t do it on a lark. [Adrian] is getting ready to restore a TRS-80 Model II so he wanted to create some 8″test floppies. But how do you marry a 40-something-year-old drive to a modern computer? He had a few drives of unknown condition so there was nothing to do but try to get them working.

    • Health/Nutrition/Agriculture

      • Does Reversal of Historic Opioid Ruling in Oklahoma Spell Trouble for Climate Liability Suits?

        The Oklahoma Supreme Court on Tuesday threw out a landmark 2019 ruling that required Johnson & Johnson to pay the state nearly half a billion dollars to help address the opioid epidemic, and according to some critics, it may have paved the way for judges elsewhere to invalidate similar lawsuits as well as those seeking to hold the fossil fuel industry accountable for propelling the climate crisis.

        “Are these two outlier opinions or are they trendsetters?”

      • ‘Historic and Momentous Day’ as Judge OKs $626 Million Flint Water Crisis Settlement

        While stressing that no amount of money could fully compensate for the irreparably damaged health of thousands of Flint, Michigan residents who suffered lead poisoning due to cost-cutting measures by an unelected city manager, advocates hailed a federal judge’s final approval on Wednesday of a $626 million settlement as a crucial step toward “justice served.”

        “None of this would have been possible without the tireless advocacy from residents, who never gave up the fight.”

      • Flint water crisis: $626m settlement reached for lead poisoning victims

        Most of the money will go to the city’s children exposed to drinking poisoned water, affected adults, business owners and anyone who paid water bills.

        At least 12 people died after Flint switched its water supply to the Flint river in 2014 without treating the corrosive water to save money.

        As a result, lead in some old pipes broke off and flowed through taps.

        An outbreak of Legionnaires’ disease followed, and nearly 100,000 residents were left without safe tap water.

      • “Drinking through a lead straw” — $15B approved to fix dangerous water pipes

        No one knows exactly how many lead pipes deliver water to homes, schools and businesses throughout America — or even where they all are. The Environmental Protection Agency estimates at least 6 million lead service lines exist. Environmental groups say it’s probably many more.

        What is known is that with every pot of boiling sweet potatoes, bottle of reconstituted baby formula or sip of tap water delivered through lead pipes, millions of Americans risk ingesting lead, a powerful neurotoxin long known to cause irreversible organ and cognitive damage in children and adults.

      • Pre-existing polymerase-specific T cells expand in abortive seronegative SARS-CoV-2

        Individuals with potential exposure to SARS-CoV-2 do not necessarily develop PCR or antibody positivity, suggesting some may clear sub-clinical infection before seroconversion. T-cells can contribute to the rapid clearance of SARS-CoV-2 and other coronavirus infections1–3. We hypothesised that pre-existing memory T-cell responses, with cross-protective potential against SARS-CoV-24–11, would expand in vivo to support rapid viral control, aborting infection. We measured SARS-CoV-2-reactive T-cells, including those against the early transcribed replication transcription complex (RTC)12,13, in intensively monitored healthcare workers (HCW) remaining repeatedly negative by PCR, antibody binding, and neutralisation (seronegative HCW, SN-HCW). SN-HCW had stronger, more multispecific memory T-cells than an unexposed pre-pandemic cohort, and more frequently directed against the RTC than the structural protein-dominated responses seen post-detectable infection (matched concurrent cohort). SN-HCW with the strongest RTC-specific T-cells had an increase in IFI27, a robust early innate signature of SARS-CoV-214, suggesting abortive infection. RNA-polymerase within RTC was the largest region of high sequence conservation across human seasonal coronaviruses (HCoV) and SARS-CoV-2 clades. RNA-polymerase was preferentially targeted (amongst regions tested) by T-cells from pre-pandemic cohorts and SN-HCW. RTC epitope-specific T-cells cross-recognising HCoV variants were identified in SN-HCW. Enriched pre-existing RNA-polymerase-specific T-cells expanded in vivo to preferentially accumulate in the memory response after putative abortive compared to overt SARS-CoV-2 infection. Our data highlight RTC-specific T-cells as targets for vaccines against endemic and emerging Coronaviridae.

    • Integrity/Availability

      • The Surreal Horror of PAM

        Et voila! C’est le PAM! Turns out someone else a long time ago had the same problems and somehow got legal to sign off on making it open source! PAM is a modular system for making authentication and authorization work.

        For reference, authentication and authorization are being split up into two concepts here (like they are in a lot of the industry). We’re gonna take a page out of the white hat’s guide to security here and call these concepts authentication (who you are and how we know who you are) and authorization (can you really take all the money out of the bank account?). It is a solid 90’s solution to a 70’s problem and good god it shows.

        PAM was made in the 90’s by this little startup nobody here has heard of called Sun Microsystems. They had a problem where they had a bunch of machines to apply complicated authentication rules to (all thanks to those pesky enterprise contracts) and no way to really do it. Money won this valiant fight between engineering and sales, so we ended up with PAM.

      • Proprietary

        • [Old] The AARD Code

          Some programs and drivers in some pre-release builds of Windows 3.1 include code that tests for execution on MS-DOS and displays a disingenuous error message if Windows is run on some other type of DOS. The message tells of a “Non-fatal error” and advises the user to “contact Windows 3.1 beta support”. Some programs in the released build include the code and the error message, and even execute the code, performing the same tests, but without acting on the result to display the error message.

          The code in question has become known widely as the AARD code, named after initials that are found within. Although the AARD code dates from the start of the 1990s, it returned to controversy at the end of the 1990s due to its appearance in a suit at law between Caldera and Microsoft. Caldera was by then the owner, after Digital Research and Novell, of what had been DR DOS. It has ever since been treated as a smoking gun in analyses of anti-competitive practices by Microsoft.

          It is not my intention here to comment on the rights or wrongs that I may or may not perceive in the AARD code’s existence. However, I must declare a financial interest: in 1999 when this note was first published, I was engaged indirectly by Caldera to assist with their understanding of MS-DOS and Microsoft Windows for the suit just mentioned.

          What I do intend here is to put on the public record a few points of history.

        • [Old] The AARD Code and DR DOS

          Not until 30th May 1993 did I learn that the error message had hit DR DOS specifically. This was from Andrew Schulman, who had himself learnt only weeks before: see FTC MOVES TO FOCUS MICROSOFT ANTITRUST CASE by Wendy Goldman Rohm from the Chicago Tribune on 10th May 1993. There then came quickly Andrew’s article Examining the Windows AARD Detection Code in Dr. Dobb’s Journal, September 1993, and repeated discussion in Undocumented DOS, Second Edition, ISBN 0-201-63287-X, co-authored by Andrew for Addison-Wesley in 1994. By the late 1990s, the AARD code had no small role in a court case, Caldera, Inc. v. Microsoft Corp., 72 F. Supp.2d.1295 (D. Utah 1999), which Caldera, who was by then the owner of DR DOS after Digital Research and Novell, brought against Microsoft “for damages and injunctive relief under the antitrust laws of the United States, and for damages in tort”.

          The AARD code has ever since been for many some sort of pin-up for anti-competitive practices by Microsoft.

        • Pseudo-Open Source

        • Security

          • SMS About Bank Fraud as a Pretext for Voice Phishing

            Most of us have probably heard the term “smishing” — which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.

          • Dependency Combobulator: Open source toolkit to combat dependency confusion attacks

            Dependency confusion compromises the open source software ecosystem by tricking end-users, developers and automation-systems into installing a malicious dependency instead of the correct one they intended to install, resulting in the compromise of their software.

          • 8 dangerous vulnerabilities fixed in Samba

            Published corrective releases package Samba 4.15.2, 4.14.10 and 4.13.14 with the elimination of 8 vulnerabilities, most of which can lead to a complete compromise of the Active Directory domain. It is noteworthy that one of the problems were corrected in 2016, and five – from 2020, though one correction led to the inability to run winbindd in the presence settings “allow trusted domains = no” (the developers intend to promptly publish another update to fix). The release of package updates in distributions can be tracked on the pages: Debian , Ubuntu , RHEL , SUSE , Fedora , Arch ,FreeBSD .

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Trojan Source: tricks (no treats) with Unicode

              A new security vulnerability that was disclosed on November 1 has some interesting properties. “Trojan Source”, as it has been dubbed, is effectively an attack on human perceptions, especially as they are filtered through the tools used for source-code review. While the specifics of the flaw are new, this kind of trickery is not completely novel, but Trojan Source finds another way to confuse the humans who are in the loop.

              The Trojan Source paper by Nicholas Boucher and Ross Anderson of the University of Cambridge describes the vulnerability, its impact, and the process of coordinating its disclosure in detail. In part, the flaw exploits Unicode code points that are used to switch between left-to-right and right-to-left display of bidirectional text in ways that will cause various tools to show the code in a different order than it will be processed by compilers and interpreters. That has the effect of showing code to reviewers that looks perfectly reasonable, while feeding something dangerous to language-parsing tools.

          • Privacy/Surveillance

            • Seven Years After Discovering Rogue Stingray Devices In DC, The Federal Gov’t Still Doesn’t Have Any Idea What To Do About It

              Seven years ago, wardriving security researchers discovered rogue cell tower simulators being operated near sensitive locations in Washington, DC, presumably by foreign governments.

            • Blacklisting the Merchants of Spyware

              Russian company Positive Technologies and the Singapore-based Computer Security Initiative Consultancy also made the list “based on a determination that they traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide.”

              The move had a measure of approval in Congress. “The entity listing signals that the US government is ready to take strong action to stop US exports and investors from engaging with such companies,” came the approving remarks in a joint statement from Democrat House Representatives Tom Malinowski, Anna Eshoo and Joaquin Castro.

            • Ninth Circuit: Surveillance Company Not Immune from International Lawsuit

              The court rightfully determined that, because  the NSO Group is a private company, it is not immune from the lawsuit even though it serves foreign government clients.

              Almost a year after EFF attorneys filed a brief with the Ninth Circuit in support of WhatsApp’s lawsuit against the notorious Israeli spyware company NSO Group, the court issued a ruling that the company is not immune from the lawsuit alleging NSO helped its client governments target members of civil society, including Rwandan political dissidents and a journalist critical of Saudi Arabia.

              The court rightfully determined that, because the NSO Group is a private company, it is not immune from the lawsuit even though it serves foreign government clients. The court addressed an open question in the case law. It has been clear that the Foreign Sovereign Immunities Act (FSIA) by its terms only applies to corporate entities owned by foreign governments. But there was an open question as to whether private corporations, whose clients are foreign governments, may invoke immunity based in common law, the rules described by court opinions rather than enacted by Congress. The Ninth Circuit said no. It held that Congress intended the statute to comprehensively address the foreign sovereign immunity of corporations, and thus the FSIA forecloses applications of immunity to corporations via common law.

            • Data Broker Veraset Gave Bulk Device-Level GPS Data to DC Government

              The officials accepted the offer, according to public records obtained by EFF. Over the next six months, Veraset provided the District with regular updates about the movement of hundreds of thousands of people—cell phones in hand or tucked away in backpacks or pockets—as they moved about their daily lives. The DC Office of the Chief Technology Officer (OCTO) and The Lab @ DC, a division of the Office of the City Administrator, accepted the data and uploaded it to the District’s “Data Lake,” a unified system for storing and sharing data across DC government organizations. The dataset was only authorized for uses related to COVID research, and there’s no evidence that it has been misused. But it’s unclear to what extent the policies in place bind the use or sharing of the data within the DC government.

              This is far from the only instance of data sharing between private location data brokers and government agencies. Reports at the beginning of the pandemic indicated that governments around the world began working with data brokers, and in the documents we obtained, Veraset said that it was already working with “a few different agencies.” But to our knowledge, these documents are the first to detail how Veraset shared raw, individually-identifiable GPS data with a government agency. They highlight the scope and sensitivity of highly-invasive location data widely available on the open market. They also demonstrate the risk of “COVID-washing,” in which data brokers might try to earn goodwill by giving away their hazardous product to public health officials during a health crisis.

              When asked to comment on the relationship, Sam Quinney, director of The Lab @ DC, gave the following statement:

            • German Police: Interventions more than doubled after exchange of passenger data

              The EU PNR Directive is leading to more and more interventions by the German authorities. An extension to rail, bus and ship travel is not yet off the table, but before that the Court of Justice in Luxembourg will rule on the legality of the law. Similar agreements with Canada and Japan are apparently no longer coming into being.

            • ‘We see everything’: Movie theater worker reveals how employees know when you are doing ‘the nasty’ in the theater

              Based on her orange-rimmed hat, it appears that the TikToker is an employee at a Vue theater location. The video appears to be filmed from an employee-only space, where @.no1headache sits eyeballing a screen displaying multiple views from a range of security cameras. The cameras appear to show the seating area of every theater in the cinema.

            • Project Panoptic has partnered with Amnesty International & Article 19 to launch #BanTheScan in India

              On November 10, 2021, Project Panoptic, partnering with Amnesty International and Article 19 launched the India edition of their global #BanTheScan campaign for Hyderabad. The city – one of the most surveilled cities in the world – has begun construction of an ominous ‘Command and Control Centre’ (CCC), intended to connect the state’s vast facial recognition-capable CCTV infrastructure in real time. In addition, Project Panoptic has found that Telangana state has the highest number of facial recognition technology (FRT) projects in India.

              “Hyderabad is on the brink of becoming a total surveillance city. It is almost impossible to walk down the street without risking exposure to facial recognition” said Matt Mahmoudi, Amnesty International’s AI and Big Data researcher. “In addition to CCTV, we are concerned that law enforcement’s practice of using tablets to stop, search and photograph civilians without charge could be used for facial recognition.”

              “Facial recognition technology can track who you are, where you go, what you do, and who you know. It threatens human rights including the right to privacy, and puts some of the most vulnerable in society at risk. The construction of the CCC has chilling consequences for the right to freedom of expression and assembly.” said Quinn McKew, Executive Director at ARTICLE 19.

    • Defence/Aggression

      • ‘The World Is Waiting’: Biden Urged to Reverse Trump Landmine Policy, Join Global Treaty

        As a benchmark report on worldwide landmine casualties showed a 21% increase in deaths and injuries in 2020, one of the paper’s editors on Wednesday renewed calls for the Biden administration to reverse a Trump-era policy allowing the U.S. to use anti-personnel mines and join 164 nations in adopting the historic Mine Ban Treaty.

        “To help prevent further landmine casualties, the United States should join the Mine Ban Treaty without delay.”

      • The US is Set to Make Nuclear War More Likely

        What this means, as explained in a new article in Popular Mechanics, is that the world’s most costly weapons program (at $1.7 trillion), a fifth-generation fighter, supposedly “invisible”  to radar (that actually cannot fight and is not invisible to advanced radars), now has a new mission to justify its existence and continued production:  dropping dial-able “tactical” nuclear weapons that can be as small as 0.3 kilotons or up to 50 kilotons in explosive power.

        Now 0.3 kilotons is “just” the equivalent of 300 tons of dynamite, which supposedly makes them “useable,” meaning not holocaust-causing (that is assuming that some country backing the targeted country doesn’t decide to respond in kind and we go up the escalation ladder quickly to ever bigger bombs. Meanwhile,  \ dialed up to its maximum 50-kiloton power each F35A bomb would be significantly more than twice as powerful as the nuclear bomb that leveled Nagasaki.

      • Reining in the Pentagon: Can It Really be Done?

        After all, in its consideration of the bill that authorizes such budget levels for next year, the Democratic-controlled House of Representatives recently voted to add $25 billion to the already staggering $750 billion the Biden administration requested for the Pentagon and related work on nuclear weapons at the Department of Energy. By any measure, that’s an astonishing figure, given that the request itself was already far higher than spending at the peaks of the Korean and Vietnam Wars or President Ronald Reagan’s military buildup of the 1980s.

        In any reasonable world, such a military budget should be considered both unaffordable and deeply unsuitable when it comes to addressing the true threats to this country’s “defense,” including cyberattacks, pandemics, and the devastationalready being wrought by climate change. Worst of all, providing a blank check to the military-industrial-congressional complex ensures the continued production of troubled weapon systems like Lockheed Martin’s exorbitantly expensive F-35 Joint Strike Fighter, which is typically behind schedule, far above projected costs, and still not considered effective in combat.

      • Belarus migrants: What routes do they use to reach Minsk?

        A recent BBC investigation found that a network of travel firms and smugglers, often using social media, are able to organise flights and visas for Belarus as part of a package deal.

      • How Britain Aids Saudi Massacres in Yemen, with Phil Miller
      • Ilhan Omar Is Working to Stop ‘Unacceptable’ $650 Million Weapons Sale to Saudi Arabia

        Congresswoman Ilhan Omar said Wednesday that she is working on legislation to stop a $650 million missile sale to Saudi Arabia that the U.S. State Department announced last week.

        Criticism of the weapons sale has mounted since the State Department notified Congress that it approved the deal, with anti-war activists and other progressives accusing the Biden administration of breaking promises and exacerbating the Saudi-led war in Yemen.

    • Transparency/Investigative Reporting

      • Digital Transparency: A Right to Information Report for October 2021

        Since our last report for the month of September, IFF has filed 49 RTI requests. Here, we give you an overview of the requests filed and an analysis of the responses we have received from the different public authorities. This report highlights why demanding transparency and accountability from government authorities is one of the key elements in our fight to protect digital rights.

      • IFF files a Writ Petition against MHA’s refusal to provide information on electronic surveillance orders issued under the IT Act

        We filed six RTI applications in December 2018 seeking information about Electronic Surveillance orders passed under Section 69 of the IT Act. The information was, at first, denied on the grounds of national security. Thereafter, on appeal, when the matter was remanded back, the information was denied on the new ground that records pertaining to the information sought were destroyed as per ‘extant’ provisions (without providing the provision). When we, further, appealed against this order in August 2021 before the Chief Information Commissioner (‘CIC’), we did not get any date for hearing which we understand is due to the huge case pendency and unfilled vacancies in the CIC, owing to which the matters are only being listed after two years of filing. Three years have passed since the filing of the RTI applications, and we apprehend that the information sought is being continuously destroyed during the pendency of the RTI proceedings. Therefore, we have approached the Delhi High Court to expedite the process and to seek information on Electronic Surveillance, which impacts the fundamental rights of all citizens of the country.

    • Environment

      • Campaigners Rip New COP26 Draft as a ‘Polite Request’ for Climate Action Amid Existential Crisis

        A new COP26 draft decision text unveiled Wednesday was roundly panned by climate campaigners as badly inadequate to the task of slashing global greenhouse gas emissions, which are pushing the planet toward a catastrophic 2.4°C of warming by the end of the century.

        “Negotiators shouldn’t even think about leaving this city until they’ve agreed to a deal that meets the moment.”

      • A Political Campaign Tool Adapted to Recruit Enviro Activists

        Local volunteer environmental groups, of all sizes from both the east and west coasts, developed a way to persuade their inactive members to become active volunteers.  The approach is a variation of the method political organizers use in most state and federal political campaigns to generate crowds at rallies, recruit teams to knock on doors and staff phone banks. Wilderness activists, who were also experienced political campaign managers, developed the procedure for environmental campaigns. In political campaigns, organizers recruit volunteers from lists of the party’s most motivated registered voters, but local environmental groups recruit them from their own membership lists.

        The secret is hidden in every organization’s membership list

      • “Nice” Isn’t Going to Save the Planet

        The reality is that climate activists spent decades politely asking for the world’s leaders to please act on this thing that is going to kill millions. They held respectful dialogue in respectable forums. They produced charts and came up with a plethora of acceptable solutions that, had they been enacted on a reasonable timescale, would not have posed a dramatic threat to the status quo. Over and over again, they met bad faith actors in good faith. And in response they were lied to, and saw little meaningful action. Is political corruption civil? Is it polite for a senator to risk dooming the planet before sailing off on the yacht he bought with the half a million dollars he earns every year from the fossil fuel industry?

      • “Nice” Isn’t Going to Save the Planet

        This column is part of Covering Climate Now, a global journalism collaboration cofounded by Columbia Journalism Review and The Nation to strengthen coverage of the climate story.

      • ‘We’re Several Days Late and Many Dollars Short in Getting Ahead of Climate Catastrophe’

        Janine Jackson interviewed Michael K. Dorsey about the climate summit for the November 5, 2021, episode of CounterSpin. This is a lightly edited transcript.

      • “A Process of Violence”: Indian Author Amitav Ghosh on How Colonialism Fueled the Climate Crisis

        As talks at the Glasgow U.N. climate summit accelerate, we look at how the roots of the climate crisis date back to Western colonialism with award-winning Indian author Amitav Ghosh, who examines the violent exploitation of human life and the natural environment in his new book, “The Nutmeg’s Curse: Parables for a Planet in Crisis.” Ghosh speaks about the political significance of fossil fuels in global politics, saying that “if fossil fuels were to be completely substituted at scale, what you would have is the complete inversion of the world’s geopolitical order.” Ghosh’s previous books include “The Great Derangement: Climate Change and the Unthinkable” and the novel “Gun Island.”

      • COP26 Paralysis: Climate Shame

        It is now sold as a luxury to see Antarctica, where passengers can walk offshore “on the sea ice to watch penguin chicks hatch, see the arrival of seal pups and humpback whales”, on cruises probably affordable because of offshore tax havens.

        The “Antarctica in Depth” Scenic Eclipse cruise starts from earlybird $19,701, and the Antarctica, South Georgia and Falkland Island earlybird $28,855. The “truly all-inclusive” provides each guest with private butler service, “immersive dining” and “private dégustation”, “separate sleep zone”, indulgent 5,920 sq ft Senses Spa, Scandinavian inspired outdoor vitality pools, and more.

      • The Global Climate Wall: Wealthy Nations Prioritize Militarizing Borders Over Climate Action

        The world’s richest countries have responded by militarizing their borders and treating the humanitarian crisis as a security issue. NATO Secretary General Jens Stoltenberg attended this year’s U.N. climate summit, marking the first time a top alliance leader came to the climate talks since they began. On Tuesday, U.S. House Speaker Nancy Pelosi at COP26 raised the issue of security during a press conference. “The richest countries are building a climate wall against the consequences of climate change rather than dealing with the causes and rather than providing the money that would enable people to stay,” says Nick Buxton, with the Transnational Institute and co-author of their new report, “Global Climate Wall: How the world’s wealthiest nations prioritise borders over climate action.” We also speak with Santra Denis, executive director of the Miami Workers Center, about the focus of the It Takes Roots grassroots delegation at COP26. She says that in order to protect frontline communities and workers, the U.S. should focus on investing in low-carbon and adaptation industries instead of border control.

      • This Will Set Africa on Fire: Nnimmo Bassey of Nigeria Blasts Progress of Talks at U.N. Climate Summit

        Today a draft agreement at COP26 was released, calling on nations to accelerate the phasing out of coal and fossil fuel subsidies and make pledges to cut emissions by the end of 2022. The draft also urges wealthy nations to “urgently scale-up” financial support for developing countries to help them adapt to the climate crisis. This comes as a new report by the group Climate Action Tracker estimates world temperatures are on track to rise by 2.4 degrees Celsius above preindustrial levels based on current pledges to cut emissions — far higher than the 1.5 degree goal set in the 2015 Paris Agreement. To discuss the latest developments at COP26, we speak with Nigerian environmental activist and poet Nnimmo Bassey. “There’s no force behind what’s being proposed,” says Bassey, who adds that the current trajectory of negotiations will have devastating effects on Africa. “That means setting the continent on fire. It is just sacrificing the continent.” Bassey also discusses the role of China in Africa and the impact of the climate crisis on the continent. He has attended climate summits for years but says this may be his last one.

      • As Average Temperatures Rise, Workers Will Finally Get Protection From Extreme Heat

        When Maria Pineda, who goes by Letty, arrived in Florida from El Salvador in 1994, she wasn’t documented and didn’t speak the language, so she didn’t have many employment options. She started working in agriculture, harvesting ferns to be sold to florists. She was paid by the piece, not by the hour. She needed the money. “No trabajas, no comes,” she said: You don’t work, you don’t eat. She made just enough to cover rent and her necessities.

      • Opinion | Beware the ‘Climate-Stupid Agriculture’ of Bill Gates and His Allies

        As world leaders wrap up the UN Climate Summit in Glasgow, new scientific research shows that there is still a great deal of magical thinking about the contribution of fertilizer to global warming.

      • Opinion | Who Is the World’s Greatest Climate Champion? (Hint: Not the United States)

        This story is part of Covering Climate Now, a global journalism collaboration strengthening coverage of the climate story.

      • Chinese Fossil Fuel Investments in Africa

        Many African governments seek Chinese assistance through the Belt and Road Initiative (BRI) to bridge the continent’s infrastructure gap, while China in turn seeks access to a number of key strategic resources, including fossil fuels, minerals, and also access largely untapped markets. In addition to being rich in natural resources, some African countries attract Chinese interest because of relatively cheap labor, poor governance, and lax environmental standards. In 2017, McKinsey reported that more than 10,000 Chinese companies are likely operating throughout Africa.

        The amount of money involved is staggering. According to a 2021 report from the Shanghai University of International Business and Economics, China has since 2000 invested a total of $47 billion throughout Africa (in 52 out of 54 countries), with new investments adding up to $2.96 billion in 2020 (an increase of over $200 million from the previous year). The vast majority of Chinese investment—87 percent—has been concentrated in four sectors: energy, transport, metals, and real estate. China’s Export-Import Bank provides much of the financing for infrastructure projects in Africa, but a number of commercial banks have also established branches throughout the continent.

      • Climate Coalition Demands Biden Halt ‘Outrageous’ Offshore Drilling Auction—Largest in US History

        As the Biden administration prepares to auction off more than 80 million acres in the Gulf of Mexico for fossil fuel extraction, over 250 advocacy groups published an open letter on Wednesday imploring U.S. President Joe Biden to cancel the sale and fulfill his promises of bold climate action.

        “Aside from breaking a campaign promise to ban new oil and gas leasing on public lands and waters, the Biden administration also violated federal law in deciding to open more of the Gulf to offshore drilling.”

      • Opinion | For Rich Countries to Honor Their Climate Debt, We Must Better Tax Multinationals

        For once, most of the debtors are not in Africa, but in the North. I am not talking money, but about climate debt, as natural disasters are multiplying and the fight against climate change has become an existential issue. Since industrialized countries have used the available atmospheric space to develop and get rich by exploiting fossil fuels, the United Nations Climate Change Conference (COP26)—that is coming to end in Glasgow right now—must be an opportunity to recognize this climate debt to Africa, and to developing countries in general, and to honor it.

      • Petition From 14 Youth Leaders Says UN Must ‘Declare a Systemwide Climate Emergency’

        A group of 14 youth climate leaders including Swedish activist Greta Thunberg filed a legal petition on Wednesday imploring the United Nations to “declare a systemwide climate emergency,” a push that came amid growing anger over the milquetoast pledges emerging from the COP26 summit.

        “The United Nations connects the entire world together, and we need global action on the climate crisis.”

      • In COP26 Speech, Climate Justice Leader Vows Global Movement ‘Will Change History’

        Declaring that “it is ordinary people who change history,” climate and social justice campaigner Asad Rehman on Wednesday gave a brief but searing indictment of rich nations that are “deliberately sacrificing the poor for profit.”

        Rehman, executive director of anti-poverty group War on Want and a spokesperson for the climate justice COP26 Coalition, delivered the remarks at a high-level segment of the United Nations Climate Change Conference underway in Glasgow, Scotland.

      • ‘A Welcome Step Forward’: Climate Groups Cautiously Greet New US-China Pledge

        Campaigners at global advocacy groups on Wednesday welcomed a surprise joint statement from the U.S. and Chinese governments about “enhancing climate action in the 2020s” while also calling on both countries to actually deliver on their promises.

        “It’s always welcome news when the world’s two biggest emitters cooperate on climate change.”

      • Energy

        • Climate Denial Campaigner Attempts to Discredit COP26 With False Diesel Power Claims

          The head of policy at the UK’s principal climate science denial group has been criticised for spreading false rumours about the use of diesel-powered generators at COP26, with environmental experts branding his viral tweet “desperate”.

          Harry Wilkinson, one of several climate science deniers at the Glasgow summit, suggested that the conference was relying on polluting diesel generators in an effort to highlight the supposed hypocrisy of the event.

        • [Cryptocurrency] criminals are blackmailing Instagram users into swindling friends

          The technique is chronicled in a report by Motherboard. There are a few variations, but it essentially boils down to three steps. First, a malefactor gets ahold of an Instagram user’s account information, either via sending a phishing link with a fake login page or by finding a reused password from one of the near-constant security breaches already available. Then the thief contacts the account holder and forces them to record a video of themselves, recommending their followers invest money with “a friend.” The video claims that you can quickly triple your investment via Bitcoin or other get-rich-quick schemes. The criminal promises to return control of the account to its rightful owner upon completion. The victim posts the coerced video with a payment link, their followers are swindled out of huge sums of money via cryptocurrency or purchases or simple money transfers, and the criminal disappears — generally without returning the Instagram account.

        • Hostage-Style Bitcoin Scam Videos Are Spreading Across Instagram

          The news follows Motherboard reporting last week on how a scammer forced one victim to film a video with the promise of getting their money back after sending the fraudster Bitcoin. After filming the video, however, the scammer broke into the victim’s Instagram account and sent the video to their friends and posted it from their profile to try and scam others. After we published the story, more Instagram users got in touch with Motherboard saying they’ve been [cracked] and forced to shoot similar videos, indicating the issue appears to be more widespread on the social network with victims describing personal, professional, reputational, and financial damage. Multiple victims also complained about the troublesome Instagram account recovery process and the lack of direct communication from the company.

      • Wildlife/Nature

    • Finance

      • Predators With Badges

        Undeniably, the blowback from COVID-19 lockdowns and mandates continues to reverberate around the country, impacting the nation’s struggling workplaces, choking the economy and justifying all manner of authoritarian tyrannies being inflicted on the populace by state and federal governments.

        Yet while it is easy to be distracted by political theater, distressed by the COVID-19 pandemic, and divided over authoritarian lockdowns and mandates, there are still darker forces afoot that cannot—should not—must not be ignored.

      • The Latest Version Of Congress’s Anti-Algorithm Bill Is Based On Two Separate Debunked Myths & A Misunderstanding Of How Things Work

        It’s kind of crazy how many regulatory proposals we see appear to be based on myths and moral panics. The latest, just introduced is the House version of the Filter Bubble Transparency Act, which is the companion bill to the Senate bill of the same name. Both bills are “bipartisan,” which makes it worse, not better. The Senate version was introduced by Senator John Thune, and co-sponsored by a bevy of anti-tech grandstanding Senators: Richard Blumenthal, Jerry Moran, Marsha Blackburn, Brian Schatz, and Mark Warner. The House version was introduced by Ken Buck, and co-sponsored by David Cicilline, Lori Trahan, and Burgess Owens.

      • CBO’s Exclusion of IRS Boost Could Help Right-Wing Dems Tank Biden Agenda

        The Build Back Better Act includes increased funding for Internal Revenue Service enforcement, which the Biden administration has taken into account when saying that the legislation will raise enough money to fully offset spending, but the Congressional Budget Office is expected to omit the projected boost in tax collection from its forthcoming estimate of the fiscal impact of the 10-year, $1.75 trillion social infrastructure and climate package.

        The exclusion could be significant because the more transformative part of President Joe Biden’s legislative agenda has been put in jeopardy by five right-wing House Democrats who last week made their support for the Build Back Better (BBB) Act contingent on receiving fiscal information from the CBO that matches existing estimates provided by the White House.

      • GOP Billionaire to Hold Fundraiser for ‘Great American’ Joe Manchin

        “When billionaires take over our elections, we get a country that bends to their will.”

      • What’s Really Driving Inflation? Corporate Power

        If markets were competitive, companies would seek to keep their prices down in order to maintain customer loyalty and demand. When the prices of their supplies rose, they’d cut their profits before they raised prices to their customers, for fear that otherwise a competitor would grab those customers away.  

      • Green Jobs Shouldn’t Leave Black and Brown Workers Behind

        The climate crisis is here—the historic wildfires that swept the West and New York City’s deadly flooding are just some of the weather disasters that hit nearly one in three Americans over the summer. Though the federal government finally seems on the verge of partially confronting climate change through Congress’s infrastructure and reconciliation bills, these solutions are incomplete.

      • News Alert: Dads Have a Role to Play in the Paid-Leave Fight, Too

        There is a perception that paid parental leave is a “women’s” issue. We see that perception from Republicans when they ridicule Transportation Secretary Pete Buttigieg for taking time off to welcome his new babies, but we also see it from Democrats when they scramble to put paid leave back into their spending bill (which never should have been taken out in the first place) only after advocates go ballistic and their party gets curb-stomped by white women in Virginia. The conventional wisdom is that paid parental leave (which is still simply called “maternity leave” by people who take pride in not learning new words) is primarily a social benefit to women.

    • AstroTurf/Lobbying/Politics

      • Give Capital What It Wants…or Else

        Two seemingly separate news stories are darkly and intimately related to each other in ways that you will not see intelligently discussed on “Meet the Press” or “Washington Week.”

        The first story is the fascist ogre Donald Trump continuing to run free and menace the nation even after having been impeached twice during a white-supremacist presidency that included:

      • Who Is Really Surprised the Democrats Got Their Ass Kicked?

        The Democrats took the U.S. Presidency, Senate, and House in 2020 (with HUGE support for the National AFL-CIO) largely promising to move forward an expansive, progressive, pro-Union agenda. They, as a Party, claimed to support the PRO Act, livable wages, paid family medical leave, free public college, student loan forgiveness, protection of voting rights, tax increases on the rich (not working people), and major environmental action. And, now, a year later, what have we achieved? The answer, beyond the temporary child tax credit, is VERY LITTLE.

        And here, lets be honest…The PRO Act (which is a transformational pro-Labor bill that seeks to right the power imbalance between workers and bosses) is DEAD. Comprehensive voting rights looks dead. The 6 trillion social spending bill has been eviscerated down to under two trillion and now amounts to a universal pre-K bill (with a few good but limited other priorities tucked in), and even this modest bill’s fate still seems in question. And, while the infrastructure bill (also greatly reduced from its original scope) will likely pass (eventually), in isolation, it’s far too little too late. And, if this infrastructure bill is all that passes, it will be impossible to argue that the first year of Democratic Party rule has been anything other than an abject failure and disappointment for Unions, working-class people, progressives, and those National AFL-CIO officers who put all our eggs in the basket of the Democratic Party.

      • Opinion | Putting India Walton’s Campaign for Mayor of Buffalo in Context

        India Walton—the progressive, working class, 39-year-old, Black mother-of-four who stunned Buffalo’s Democratic establishment with her June 2021 upset win in the Mayoral Primary Election—appears to have lost her bid to become the city’s Chief Executive. As of this writing, she’s received 41% of the General Election vote, with unnamed write-in candidates (but, presumably, Primary loser and 16-year-incumbent, Byron Brown) winning the remaining 59% of ballots cast. 

      • GOP Strategy: Tell Bigger and Crazier Lies to energize voter turnout

        Many moderate democrats were also on board with placing the blame on the W-word. “What went wrong is just stupid wokeness,” said political strategist James Carvell.

        But progressives weren’t so sure wokeness was to blame. Rep. Alexandria Ocasio-Cortez suggested the results show the limits of trying to run a super moderate campaign that does not “excite, speak to or energize a progressive base.”

      • ‘Tip of the Iceberg’: Report Warns Michigan GOP Ploy Could Shutter 20% of Polling Places

        If successful, a Republican-backed petition initiative in Michigan could result in the closure of one in five polling locations across the crucial battleground state, potentially creating harmful new barriers to ballot access and disenfranchising voters.

        That’s according to a report published Wednesday by the local advocacy group Progress Michigan, which warned that the election law changes proposed by the Secure MI Vote initiative would “make it harder for Michiganders to vote and make the job of administering elections more difficult for local clerks.”

      • Succession’s Repetition Compulsion

        HBO’s Succession is a show about four siblings trying to decide whether or not to kill their dad. Justly celebrated for its savvy casting, evocative score, clever writing, luxurious (if claustrophobic) set design, and crafty (if rarely beautiful) cinematography, Succession—which returned for a third season this fall—has nonetheless been fueled primarily by this perpetual oedipal edging: Will they? Won’t they? Can they?

      • Destroy Filibuster to Lift Up ‘Your Limp Democracy’: Spoof Ad Demands End to Electile Dysfunction
      • Opinion | Democrats Must Evolve Their Voter Communications Strategy

        “I got a call from Bill Clinton!” my grandmother informed me one day many years ago, thrilled that the president of the United States had taken time out of his busy schedule to call her. But he hadn’t. Instead, it was her first encounter with an exciting new technology—robocalls—which were used to remind voters to get out and cast a ballot. Wow, did she kvell about this experience and tell all her friends to go vote for her friend Bill. 

      • Opinion | Found in Translation: New York Times Says Democrats Shouldn’t Challenge Oligarchy

        A few days after the Nov. 2 election, the New York Times published a vehement editorial calling for the Democratic Party to adopt “moderate” positions and avoid seeking “progressive policies at the expense of bipartisan ideas.” It was a statement by the Times editorial board, which the newspaper describes as “a group of opinion journalists whose views are informed by expertise, research, debate and certain longstanding values.”

      • Here’s How the Democrats Can Win Back Rural Voters

        No matter how much you try to dress it up, last week’s election results make it clear that Democrats have a rural problem. The failure to even seriously contest—let alone win—statehouses and congressional seats over so much of the electoral map leaves the party perpetually behind. Our party has relied on suburban moms and black women to save the day repeatedly. They have capes—don’t get me wrong—but they also need a coalition of voters to step up to save democracy alongside them.

      • Howie was on The Public Press on 11/9/21.

        Today I am joined by lifelong activist and 2020 presidential candidate from the Green Party, Howie Hawkins, to discuss important topics from ways we can go about strengthening our democracy and its relevance towards passing a pro-worker agenda, to Biden and the Democrats failing the working people of this country in favor of serving their wealthy donors. Additionally, any comments made from our audience during the livestream may be considered in the program’s conversation.

      • Former top officials warn democracy in ‘jeopardy’ without Congressional action on election security

        A bipartisan group of almost 100 former national security officials is urging Congress to take steps to secure elections ahead of next year, warning that without action, the nation’s democratic institutions are in “severe jeopardy.”

        “We write to express our alarm at ongoing efforts to destabilize and subvert our elections, both through active disinformation campaigns and the related efforts to inject partisan interference into our professionally administered election process,” the officials wrote in an open letter published Tuesday. “We believe these efforts are profoundly damaging to our national security, including by making our elections more vulnerable to foreign interference and possible manipulation.”

        “We call on Congress to confront these threats and safeguard our democratic process as we look ahead to the 2022 elections and beyond,” they wrote.

      • Civil liability – adapting liability rules to the digital age and artificial intelligence

        Section I of this consultation concerns the Product Liability Directive. Since 1985, this Directive has provided a harmonised system for compensating consumers who suffer damage from defective products. The Directive applies to all movable products regardless of the technology they use, and therefore also applies to AI-driven products.

        However, the evaluation found that it was difficult to apply the Directive to products in the digital and circular economy because of its outdated concepts. It also found that it was difficult for consumers to get compensation, especially when it comes to proving that complex products were defective and caused the damage.

        Section II of this consultation specifically concerns AI. The Commission’s objective is to encourage the development and roll-out of safe AI systems and build trust amongst potential users. In order to address risks to safety and fundamental rights, the Commission has proposed harmonised rules for the development, placing on the market and use of certain AI systems (AI Act) and further changes to safety legislation (e.g. proposal for a Machinery Products Regulation). As a next step, the Product Liability Directive and national liability rules may also need to be adapted. In the second part of this consultation, the problems linked to certain types of AI – which make it difficult to identify the potentially liable person, to prove that person’s fault or to prove the defect of a product and the causal link with the damage – are explored further.

    • Misinformation/Disinformation

      • Cyber agency beefing up disinformation, misinformation team

        Easterly noted that earlier this week she had a meeting with “six of the nation’s experts” in the disinformation and misinformation space. She stressed her concerns around this being a top threat for CISA, which is charged with securing critical infrastructure, to confront.

        “One could argue we’re in the business of critical infrastructure, and the most critical infrastructure is our cognitive infrastructure, so building that resilience to misinformation and disinformation, I think, is incredibly important,” Easterly said.

    • Censorship/Free Speech

      • Content Moderation Case Study: Electric Truck Company Uses Copyright Claims To Hide Criticism (2020)

        Summary: There are many content moderation challenges that companies face, but complications arise when users or companies try to make use of copyright law as a tool to block criticism. In the US, the laws around content that allegedly infringes on a copyright holder’s rights are different than most other types of content, and that creates some interesting challenges in the content moderation space.

      • John Cleese Pulls Out of Cambridge Union Talk Over ‘Woke Rules,’ ‘Monty Python’ Hitler Impersonation

        Celebrated “Monty Python” and “A Fish Called Wanda” actor and writer John Cleese has pulled out of an upcoming talk at the Cambridge Union on Friday, citing concerns over “woke rules” and an Adolf Hitler impersonation he had famously done on the “Fawlty Towers” series decades ago.

        Cleese, who is a Cambridge alumnus, was responding to a decision by the Union, which is a debating society, to blacklist art historian Andrew Graham-Dixon. The historian had performed a mock impression of Hitler ranting, during a debate last week on art and good taste at the Union. Subsequently, Union president Keir Bradwell informed members that Graham-Dixon was banned from speaking there.

    • Freedom of Information/Freedom of the Press

      • What happens when the news desert is in your own backyard?

        Apologies for a little extra localism here at Nieman Lab dot org today. But our hometown of Cambridge, Mass., has become a noteworthy example of a phenomenon happening nationwide: the hollowing out of local news.

        Cambridge is home to the oldest weekly newspaper in the United States, the Cambridge Chronicle. It’s been the running record of the city since 1846. But that record has gotten sparser and sparser as the Chronicle’s staff has dwindled. For the past few years, there’s been only one journalist working there: editor Amy Saltzman. And now she’s gone too.

    • Civil Rights/Policing

      • Senate Democrats Call On Biden to Pardon All Federal Nonviolent Marijuana Offenders

        Blasting “over a century of failed and racist cannabis policies,” a trio of progressive U.S. senators on Tuesday urged President Joe Biden to use his executive authority to issue a blanket pardon for all nonviolent federal marijuana offenses.

        Along with laying out how “America’s cannabis policies have punished Black and Brown communities for too long,” the letter from Sens. Elizabeth Warren (D-Mass.), Ed Markey (D-Mass.), and Jeff Merkley (D-Ore.) highlights that such laws “are increasingly out of step” with public opinion.

      • Human Rights Coalition Petitions UN to Probe Discriminatory Vaccine Hoarding by Rich Nations

        A global coalition is accusing nations including the U.S. and U.K. of violating international human rights law through actions contributing to a discriminatory Covid-19 vaccine rollout and has filed an appeal at the United Nations to ensure human lives have priority over corporations’ intellectual property protections.

        “Governments must fulfill their international obligations and help prioritize people over profits by ensuring vaccine equity for all.”

      • “The Worst Prison in New York State”

        Conditions in New York City jails have reached a boiling point, prompting day-long hearings, national media attention, and renewed calls for the Rikers Island jail complex to be shuttered. The jails have seen spikes in violence, deaths, suicides, and suicide attempts, heat waves without adequate cooling, and reduced access to basic services including medical and mental health care. This story was published in partnership with New York Focus, an independent, investigative news site covering New York state and city politics. Sign up for their newsletter here.

      • Xenophobic Attitudes in France, Sweden, Germany, and Poland

        As so often in our culture, the concept of Xenophobia pre-dates those dim Germans sitting in their equally dim forests when Romans appeared. Xenophobia originates in Greek ξένος or xénos. It indicates strange, foreign, and alien and is combined with phóbos or fear.

        It is the fear and hatred of that which is perceived to be foreign and strange. Right-wing xenophobia thrives on setting the in-group against the out-group. In that, xenophobia is highly suitable when conjuring up a fear of losing national and racial identity. German Neo-Nazis will never stop engineering xenophobia because it supports the ideology of pure race found in their hallucination of an antisemitic Volksgemeinschaft.

      • It’s in the Air
      • Missouri Admits It Fucked Up In Exposing Teacher Data, Offers Apology To Teachers — But Not To Journalists It Falsely Accused Of Hacking

        As you’ll recall, last month, journalists for the St. Louis Post-Dispatch revealed that the state’s Department of Elementary and Secondary Education (DESE) website was exposing teacher and administrator social security numbers in the HTML source code. This came years after state auditors had highlighted that DESE was already collecting information it should not have been collecting. Bizarrely, DESE and Missouri governor Mike Parson, rather than thanking these journalists for helping to protect the teachers, accused them of being hackers and promising to prosecute them. After people mocked him, he doubled down on the claim and a PAC closely connected to Parson put out a bizarre add playing up the evil “hacking” by the “fake news” media, along with ridiculous talk about “decoding the HTML source code.”

      • Senators Call for Federal Investigation Into Liberty University’s Handling of Sexual Assaults. School Promises Independent Probe.

        Citing possible violations of federal law, three senators, including the two from Virginia, are pressing the U.S. Department of Education to investigate Liberty University’s handling of sexual assault claims.

        Liberty’s board also voted Friday to open an “independent and comprehensive review” of the school office tasked with handling discrimination and abuse.

      • Remembering Elliot Harmon, 1981-2021
      • Uber discriminates against people with disabilities, new DOJ lawsuit alleges

        According to the Justice Department, Uber instituted a wait time fee in a number of cities starting in April 2016, eventually expanding the policy nationwide. Passengers would incur the fee two minutes after their Uber car arrives at their pickup location and were charged until the car begins its trip. Passengers with disabilities, such as those who use a wheelchair or a walker, often need more time to get into the car than passengers without disabilities.

      • Uber sued by Justice Department for overcharging disabled people

        It is not the first time that Uber has found itself in hot water over disability issues.

      • Wolt’s couriers are employees, rules authority; Wolt to defy ruling

        Wolt said the ruling was expected, announcing its intent to appeal against it. It pointed out that more than 70 per cent of its couriers value the freedom of entrepreneurship over the security of a formal employment relationship, estimating that it would only be able to have slightly over 2,000 of its almost 5,000 couriers on its payroll if employment contracts were required to perform the work.

      • DoorDash shares surge on news it is buying Finnish food-delivery company Wolt in $8 billion deal

        During the company’s third-quarter earnings call Tuesday, DoorDash Chief Executive Tony Xu said Wolt, which has more than 4,000 employees, has built “a remarkable business” that has become a leading local commerce-delivery platform across 23 countries, 22 of which would be new to DoorDash. Wolt delivers from restaurants and 14 other categories, including grocery.

      • DoorDash to charge up growth with $8 billion deal for Europe’s Wolt

        Nearly two-thirds of Wolt’s gross order value, a metric totaling value of all orders and subscription fees, brings in positive contribution profit, DoorDash said, adding it would not share further details.

    • Internet Policy/Net Neutrality

      • Infrastructure Bill Is Great For Broadband, But Still Ignores The Real Problem (Monopolies & Corruption)

        After months of intense wrangling, the Biden administration’s infrastructure bill has finally made it through Congress, delivering a massive injection of much-needed funds to an absurdly overlooked part of the economy. You might recall the broadband component of the bill saw its overall price tag cut from $100 billion to $65 billion. There were several other changes made at the request of the telecom lobby, such as a slower speed definition standard and the elimination of language to help community broadband. But it’s still the biggest U.S. broadband investment on record, and filled with a lot of great things.

    • Digital Restrictions (DRM)

      • Apple Faces Yet More ‘Right To Repair’ Backlash Over iPhone 13 Screen

        Apple has never looked too kindly upon users actually repairing their own devices. The company’s ham-fisted efforts to shut down, sue, or otherwise imperil third-party repair shops are legendary. As are the company’s efforts to force recycling shops to shred Apple products (so they can’t be refurbished and re-used), and Apple’s often comical attacks on “right to repair” legislation, a push that only sprung up after companies like Apple, Microsoft, Sony, John Deere, and others created a grass-roots counter-movement via their attempts to monopolize repair.

    • Monopolies

      • [Old] CONSOLIDATED STATEMENT OF FACTS IN SUPPORT OF ITS RESPONSES TO MOTIONS FOR SUMMARY JUDGMENT BY MICROSOFT CORPORATION

        “Bill Gates ordered to all application business units to include checking routines of operating environments and if it is Microsoft DOS, nothing will happen. But if it is non MS-DOS (such as DR-DOS), application will display messages saying that ‘This application has been developed and tested for Microsoft MS-DOS. Since you use different environment, this application may not work correctly . . .’ ”

      • Patents

        • $2,000 for Jeffrey M. Gross entity Onscreen Dynamics prior art

          On October 4, 2021, Unified Patents added a new PATROLL contest, with a $2,000 cash prize, seeking prior art on at least claim 1 of U.S. Patent 9,645,663. The patent is owned by Onscreen Dynamics LLC, a Jeffrey M. Gross entity. The ’663 patent relates to an electronic device with a touchscreen display comprising of an active touchscreen region and a virtual bezel area. The patent has been asserted against Tesla, BMW, Mercedes, Volvo, Pioneer, Partner Tech, Getac Technology, EMBROSS, Sharp, AsusTek, Samsung, and LG.

        • Software Patents

          • B# On Demand patent held invalid

            On November 10, 2021, the Patent Trial and Appeal Board (PTAB) issued a final written decision in Unified Patents, LLC v. B# On Demand, LLC holding all challenged claims of U.S. Patent 9,553,880 invalid. Owned and asserted by B# On Demand, LLC, an NPE, the ’880 patent discloses a system that transmits a catalog of electronic files to a requesting user, sets up customer accounts, processes payments from customers to establish file access authorizations, and enables transmission of user-selected files to customers. It had been asserted against Spotify.

      • Trademarks

        • Basmati rice’s EU trade mark application raises questions about Brexit and oppositions on the basis of UK law

          A few weeks back, this Kat wrote an article about a case which relied on the UK law of passing off in a UK trade mark infringement claim. This time, we have a look at a case which relied on UK passing off to oppose an EU trade mark application under Article 8(4) EUTMR. With the case revolving around basmati rice, and a bit of Brexit to sweeten the deal, let’s see what happened.

          [..]

          The relevant UK provision (section 5(4) of the Trade Mark Act 1994) provides that a trade mark shall not be registered where its use can be prevented by virtue of any law (in particular, the law of passing off) that protects a non-registered trade mark or other sign used in the course of trade. The applicant relied upon the ‘extended’ form of passing off (referred to in Chocosuisse Union des fabricants suisses de chocolat & Ors v Cadbury Ltd. [1999] EWCA Civ 856), which enables several traders to have rights over a sign which has acquired a reputation on the market (and whereby – as per the UK law of passing off – such notional use by another has constituted a misrepresentation, and damage was caused).

          The BoA had previously found that, whilst there was reputation giving rise to goodwill, a likelihood of misrepresentation could not be established on the basis of the contested goods and use of the mark applied for could not cause direct loss to the applicant as it was not likely to cause a direct loss of sales.

      • Copyrights

        • Gasp! YouTube Shutters Account For Person Committing DMCA Takedown Fraud!

          It should come as no surprise to regular Techdirt readers that the DMCA takedown process is not only wide open to fraud and abuse, but that those avenues are regularly used in real life for just those purposes. Takedowns to silence criticism, takedowns to try to steal traffic from others, or takedowns or monetization claims just to get some paltry amounts of streaming revenue: the point is that this shit happens all the time. What absolutely does not happen with any frequency is the folks behind these bogus actions getting punished in any way for their behavior.

        • Criminal Copyright Complaint Filed Against BitTorrent Seedbox Provider

          Three seedbox providers have announced that they will block their users from sharing on at least three named trackers. While one appears to have decided to act voluntarily, TorrentFreak is informed that a company operating under two brands is now being investigated for criminal copyright infringement.

        • The Pirate Bay Story Will Be Turned Into a TV Series

          The Pirate Bay’s turbulent history will be turned into a six-part TV drama. The Swedish production is scheduled to start filming next year and will be aired by public broadcaster SVT. The makers will base their story on input from various insiders but the site’s founders are not part of the crew. Instead, Pirate Bay co-founder Peter Sunde informs us that he’s working on his own film project about the site.

Mozilla Allows Facebook to Sabotage Messenger Live Video in Firefox for Three Years, Then Takes a Swipe at Me for Calling Them Out

Posted in Free/Libre Software at 3:11 am by Guest Editorial Team

Guest post by Ryan, reprinted with permission from the original

Today in Firefox sucks…

Years ago, I filed a bug that asked them to do a web compatibility intervention (just lie about the user agent) because Facebook deliberately crippled Firefox so that you couldn’t use Facebook Messenger video and voice calling, even though it was fully compatible, and then stuck out a “Get Chrome” banner for three years.

Literally the only thing you had to do to make it work again was install User Agent Switcher, and then give it a recent Chrome user agent, and tell it to use that UA override for all Facebook domains.

Mozilla let the bug go unanswered for so long that Facebook eventually fixed it themselves two years later. THREE YEARS of allowing Facebook to openly sabotage Firefox and RECOMMEND THEIR COMPETITOR!

Then when I made a comment about this on the bug report, about how it was unbelievable that they just ignore problems like this on major websites, and let their competitor get free advertising, “Dennis Schubert” came in and hid it and made a passive-aggressive remark about me being “unhelpful”.

Get that? A user was concerned about a problem with Firefox, and then Mozilla dismisses them, rudely, and says that they don’t care if the product works or not.

Okay, I won’t bother trying to use your crummy browser as anything other than a backup again, much less file a bug report.

It’s falling apart anyway (currently, the latest ESR can’t even build due to an unsatisfiable requirement on Debian 11, for no damned good reason), and it’s obvious nobody at Mozilla cares.

When you allow people to break your software and link to Google Chrome’s download site (so that people give up and use the even bigger NSA backdoor into their digital life), that’s why you lost 50 million users in your last three years. And unless you’re just stupid, you’d know that. Enjoy the paychecks all the way to the bankruptcy filing.

Bonus: I talked to Nathan Lineback of ToastyTech (who has been an avid promoter of Firefox over the years). Here’s what he said in his reply email.


I wrote:

Hi, I noticed your rants about Microsoft Edge spewing ads all over the Windows desktop.

IE Channel Band rides again. Windows 10/11 really are awful.

I’m glad I switched to Debian.

The problem? Firefox has become so rarely used these days that they’re milking their few remaining users by shoving in all sorts of ads. I grit my teeth over the web DRM nonsense, even though it made Firefox proprietary software and….well, meant DRM had won and the open web had officially lost.

But when I opened up Firefox 93 (from the Flatpak provided by Mozilla) and there was this Suggest adware/spyware/keylogger, all sorts of sponsored bookmark ads, and “sponsored story” crap from “Pocket”, I knew that it was finally over. 

I’ve been using GNOME Web and Vivaldi more often because I simply cannot stand the thought of opening Firefox and I don’t know who at Mozilla thought that it was okay to do this. 

Even Vivaldi has one place where you click to make the Widevine DRM go away, and other than some default bookmarks to delete and changing the search engine to startpage, it leaves me alone after that. 

The Sync feature even remembers I didn’t want their bookmarks and clears them for me in new installs. Firefox has a GUI setting for the DRM and like half a dozen about:config things to make it stop yelling about turning it on, and then you have to go through the entire gauntlet to turn off the ad and spyware. No thanks. Perhaps it’s time to say that Firefox was supposed to destroy them, and instead it became them.

Nathan Lineback replied:

Yea, I’ve been inches away from nuking my “firefox is good” pages.

I’ve been sticking with a “New Moon” port for Windows XP, but lots of
sites are breaking things for no good reason.

I remember when one of the advantages was that Firefox was available for
almost every OS out there. Crap like DRM and all of this compiling
scripts to assembly makes porting that much harder.

It really hurts because I used to actively promote Firefox. I’ve still
got a bunch of stickers and stuff that the Mozilla folks sent me because
I participated in their SpreadFirefox event for Firefox 3.

I get so tired of not having control over technology I use. And even
more tired of the attitude that I should just put up with it all like
some kind of cow.

Anyway, thanks for visiting my site.

— Sent from Microsoft Windows 95

IRC Proceedings: Wednesday, November 10, 2021

Posted in IRC Logs at 2:37 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now


IPFS Mirrors

CID Description Object type
 QmXKNWscqDeKX9Tmd62jUGXQSMFbZaTTH3tZQpvSTwWCJT IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmVVPMiA8xgzE6Mgw53xigFx144n7dTRTqp69aaeCtory1 IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmRhZBrc2jtMdSmGX3nFVd36VvSkXJnax8vgiuwCYUdDnR IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmQ45RGfQ7yHRfDh1VSdcg9LqKgNFcyLffSoVHz4bpNPVb IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmQcEPSsYfD8fGM5W8LE8MzX12k3uhyqVonRjHopvYWJoj IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmWXKoqdzTaMhZdEbD5a12QijaRNSLfp95YtgcHij5qHmd IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmSsKcTxjBFcJsF8PePcr7xaanZ7DQSzMDs183NhE8KJYC IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmYPJjWfgY6o2GcUFr9Yi8oPJBGDrM1YqUk9XhtefiQmxj IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmSuWrcnwPk5e1gVWiJbTq7uxUkNn8DzRVm659JmGTFR5W

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts