11.25.21

Gemini version available ♊︎

Links 25/11/2021: LibreOffice 7.2.3 and Mesa 21.2.6 Released

Posted in News Roundup at 1:54 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Graphics Stack

        • mesa 21.2.6
          Hi List,
          
          It's a bit late, but here is mesa 21.2.6. Since 21.3.0 is now available,
          I think this will be the last 21.2 release (there should be 21.3.1 next
          week), barring any serious regressions in 21.2.6.
          
          Being that it's the night before a holiday here in the States, I'll let
          the press delve into all of the gory details of what's in here :) I'll
          see you all again as release manager next year for 22.0.
          
          Cheers,
          Dylan
          
        • Mesa 21.2.6 Released As Likely The Last Of The Series – Phoronix

          With Mesa 21.3 having released last week and its first point release due next week, Mesa 21.2.6 has been published as likely the last update to that N-1 series for these open-source OpenGL/Vulkan drivers.

          Mesa 21.2.6 ships with various Intel OpenGL/Vulkan driver fixes, a few RadeonSI fixes, continued compatibility improvements for the Zink OpenGL-on-Vulkan, a few ACO compiler back-end fixes, and other minor fixes throughout. The Zink changes are perhaps most significant and then mostly the other usual AMD and Intel fixing churn.

    • Applications

      • Wireshark 3.6 Released With Support For World of Warcraft “WOWW” Protocol, Many Others

        Wireshark as the very useful and powerful open-source packet analyzer for networking and other communication protocols is out with a shiny new release.

        Wireshark 3.6 adds support for importing captures from text files based on regular expressions, much improved RTP player support, adding of USB Link Layer reassembly, improvements to the user’s guide and documentation, support for decoding the Vector Informatik Binary Log File (BLF) file format, many protocol updates, and a lot of new protocols are now supported by Wireshark.

    • Instructionals/Technical

      • Touching Firefox on Linux | sunweaver’s NET

        More as a reminder to myself, but possibly also helpful to other people who want to use Firefox on a tablet running Debian…

        Without the below adjustment, finger gestures in Firefox running on a tablet result in image moving, text highlighting, etc. (operations related to copy+paste). Not the intuitively expected behaviour…

      • How to Install and Use Tmux (Terminal Multiplexer) in Linux System

        Tmux is one of the most used and useful terminal tools for Linux and Unix-like operating systems. Mostly system admins, server admins, and power Linux users use this wonderful terminal tool for more productivity and efficiency. The term Tmux is the shortened form of Terminal multiplexer that can handle multiple terminal tabs and windows simultaneously on the Linux system. The inbuilt system generates a serial number to monitor and look up each active Tmux window on the system. Though this fascinating tool was first released in 2007, from then the demand for this tool is now high. Installing and using the Tmux terminal tool is easy for both Linux server and desktop distributions.

      • Install WPS Office on Ubuntu 20.04/Debian 11 – kifarunix.com

        In this tutorial, you will learn how to install WPS Office on Ubuntu 20.04/Debian 11 desktop systems. WPS Office is a lightweight, feature-rich comprehensive office suite with high compatibility. Capable of handling texts in Writer, Presentation, Spreadsheet and PDF files. It serves as a handy and professional consultant to help you improve work efficiently.

        WPS can be used on Linux as perfect replace of LibreOffice and more so, saves the Linux enthusiasts of having to rely on running external Windows machines just for the purposes of working with documents only.

      • FreeAptitude – Be more productive with Bash aliases

        Aliases are one of the most interesting features provided by a Bash shell, and probably the last to be regularly adopted. Usually, they are intended as a way to create shortcuts to execute the most used commands followed by the options that are not assumed by default from the command itself. However, there is a more appealing way to write them that boost our productivity when executing either frequent or infrequent tasks.

      • Upgrade Ubuntu 20.04 To 22.04 LTS Jammy using Command or GUI

        Learn the commands that will fully Upgrade your Ubuntu 20.04 LTS Desktop or Server to Ubuntu 22.04 LTS set to launch in April 2022. However, even before that if anybody would like to upgrade to test the same, here are the steps to follow.

        Here in this tutorial, we will learn the simple command line and Graphical steps on how to upgrade to Ubuntu 22.04 from the previous LTS 20.04 version.

      • Install Kubernetes Using Minikube In CentOS Linux – OSTechNix

        Kubernetes can be installed and configured in a variety of ways, including on personal computers, physical servers, virtual machines, and as a cloud service. We will learn how to install a single node Kubernetes cluster using Minikube in CentOS Linux.

        For the purpose of this guide, we will install Minikube on CentOS 7 natively running on top of the virtual machine layer. Before installing Kubernetes, you need to have a basic understanding of Kubernetes and its architecture and containers. Please refer to our previous article attached below to know about the concepts.

      • How To Install Eclipse IDE on Debian 11 – idroot

        In this tutorial, we will show you how to install Eclipse IDE on Debian 11. For those of you who didn’t know, Eclipse is an open-source integrated development environment (IDE) that helps programmers develop software applications and software components by providing developers with tools to compile code, and many more. It supports many plugins to enhance the capabilities to use for other programming languages development environments such as PHP, C++, and JavaScript.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Eclipse on a Debian 11 (Bullseye).

      • How to install KVM server on Debian 9/10 Headless Server – nixCraft

        Kernel-based Virtual Machine (KVM) is a virtualization module for the Linux kernel that turns it into a hypervisor. How can I install KVM with bridged networking, setup guest operating system as the back-end virtualization technology for non-graphic Debain Linux 9.x/10.x server?

        You can use KVM to run multiple operating systems such as Windows, *BSD, Linux distribution using virtual machines. Each virtual machine has its private disk, graphics card, a network card and more.

      • How to install RVM- Ruby Version Manager on Ubuntu 20.04 LTS

        RVM- Ruby Version Manager is a tool meant to use the command line for installing and managing the various ruby versions easily. Here we see the commands for installation of RVM on Ubuntu 20.04 LTS Focal fossa.

      • How to stop Firefox from auto updating in Linux

        In Linux, Firefox has this bad habit of wanting to update itself when you’re not ready to perform that task. And it will not let you open a new tab or window until you allow it to apply the update. I find it very annoying. There are any number of knobs you can tune to disable this feature in about:config, but there’s no guarantee that they’ll work as expected. And if you use more than one Firefox profile, as most power users do, you’ll have to tune about:config for each profile. In this post, I’ll show you how to do it system-wide, and it’s guaranteed to work.

        With the default setting, Firefox will download and install the update in the background, and then throw up the prompt shown here when you want to open a new tab or window. That means you won’t be able to open that new tab or window until you agree to restart Firefox. And that almost always happens when I’m in the middle of doing something very important and not ready to restart Firefox.

      • How to Use lshw in Linux (With a Practical Example) – CloudSavvy IT

        What if there was a command which would let you, in an easy-to-read format, view all of the hardware in your Linux system? Welcome to lshw, the great tool often overlooked even by seasoned Linux professionals.

      • How to Set Hostname in Docker Compose

        Wondering how to set hostname in Docker Compose? I’ll show you that.

      • How to Index Your Docker Image’s Dependencies With Syft – CloudSavvy IT

        Syft is a CLI utility that generates a Software Bill of Materials (SBOM) for container images. An SBOM is a catalogue of dependencies used by your image. It gives you visibility into the “materials” that form your image’s filesystem.

        Producing an SBOM can help you identify overly complex package supply chains that put you at risk of dependency confusion attacks. Distributing an SBOM alongside your image informs users of what lies below the surface. This provides a useful starting point when tightening supply chain security.

        Syft is developed by Anchore which also offers a complete container scanning engine. The Syft CLI is capable of extracting package lists from images using popular operating systems and programming languages. Both Docker and OCI images are supported.

      • How to Mount or Symlink a Single File in a Docker Container – CloudSavvy IT

        Docker volume and bind mounts are used to bind directories on the host OS to locations in the container’s file system. While they’re commonly used to mount entire directories, you can also use them to symlink individual files.

      • How (and Why) to Run Docker Inside Docker – CloudSavvy IT

        Running Docker inside Docker lets you build images and start containers within an already containerized environment. There are two possible approaches to achieve this depending on whether you want to start child or sibling containers.

        Access to Docker from inside a Docker container is most often desirable in the context of CI and CD systems. It’s common to host the agents that run your pipeline inside a Docker container. You’ll end up using a Docker-in-Docker strategy if one of your pipeline stages then builds an image or interacts with containers.

    • Games

      • Real-time explosive tower defense arrives in Sky Fleet on December 17 | GamingOnLinux

        Build up an army and speed around the skies in your air ship in Sky Fleet, the action-based tower defense game arriving on Steam on December 17.

        You build up your squad, place down various defences and engage in fast-paced real-time shoot-outs, while speeding around various floating islands. At the same time you need to deal with resources, so it plays out quite like an RTS, as you and enemies compete for them to try and assault their stronghold.

      • Nina Aquila: Legal Eagle adds Linux support in the new update | GamingOnLinux

        Along with a major upgrade to the base game, Nina Aquila: Legal Eagle, Season One now has native Linux support. This game was originally available via itch.io and Newgrounds, where it was quite popular, with the Steam version bundling all content together.

        Update version 5 added Linux support, new animations, Steam Cloud support, improved performance for low-spec machines and various other improvements.

      • Valheim gets a new patch, plus teasers for Mistlands and Caves | GamingOnLinux

        Iron Gate are showing off more of what’s to come with the next major upgrade for Valheim, along with a small content patch. First up we have patch 0.205.5 which is out now and it includes a new armour set, along with something stirring in the swamps – oh no, it’s scary enough.

      • Godot Engine gets AMD FidelityFX Super Resolution | GamingOnLinux

        The free and open source Godot Engine recently had support for AMD FidelityFX Super Resolution merged into the code, ready for the next big release. A wonderful case of open source tech meeting together.

        What is FidelityFX Super Resolution (FSR)? Put simply: a fancy upscaler. FSR allows you to bring down the rendering resolution and have FSR boost it up to a higher resolution, giving you a clear picture. The result is that you should see better performance than simply using the native resolution – something 4K users seem quite happy about.

      • Humble puts up the Best of Sandbox bundle with some good picks | GamingOnLinux

        They might not actually be the “best” but still pretty good. The Humble Best of Sandbox Bundle is live now. This time around is a pretty interesting mix, both with games that have Linux native builds and others that work just fine with the Steam Play Proton compatibility layer.

      • Steam Play Proton 6.3-8 out with initial BattlEye support, CEG DRM and more games | GamingOnLinux

        Probably one of the more exciting releases of Proton lately, with lots of what was previously in Proton Experimental now in the main release with Proton 6.3-8 out now. Be sure to check out our full Steam Play guide if you need more info.

        A big addition is the start of support for BattlEye games. Before getting overly excited though, this is just the start of it with only Mount & Blade II: Bannerlord and ARK: Survival Evolved confirmed to be supported by Valve. This is what was previously announced, with developers only needing to get in touch with BattlEye to have it turned on.

        We also have the older CEG DRM now hooked up and working, bringing with it more classics working that relied on it.

        On top of that there’s even support for NVIDIA DLSS for games that use DirectX 11 and 12, although it still needs you to make some manual adjustments to turn it on for now which includes using this launch option PROTON_ENABLE_NVAPI=1 %command% and also setting dxgi.nvapiHack = False in a DXVK configuration file.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • This GTK App Checks Contrast Ratio Between 2 Colors in Ubuntu Linux

          Designers and website developers may sometimes need to check WCAG color contrast to make web content more accessible to people with disabilities.

          Without using an online website each time, Linux has a stylish GTK4 app “Contrast” which allows to check whether the contrast between two colors meet the WCAG requirements.

          The app has a simple user interface that displays one color as background and another as font color of the text. By clicking on the double arrow icon between two color codes, it reverses background color as text font and font color as background.

    • Distributions

      • Alpine Linux 3.15 bids a fond farewell to MIPS64 support

        The compact Linux distribution Alpine has gained the latest LTS Linux kernel with the update to version 3.15, but fans must say goodbye to support for the MIPS64 architecture.

        The release is the first in the 3.15 stable series and, as well as the 5.15 LTS Linux kernel, received a raft of updated tools and components, including the 16.13 LTS version of Node.js (version 17 is also included) and GNOME 41.

        There is also some initial support for UEFI secure boot on x86_64, but the time has come to say goodbye to the MIPS64 port.

        “The architecture is EOL,” notes the release blog. “The mips64 builder is gone. There is no way we can build any packages anymore, we can no longer fix any security issues, so it’s prudent to officially decommission mips64.”

      • New Releases

        • MX Linux has Released a New Edition for Newer Hardware – It’s FOSS News

          MX Linux 21 was officially unveiled last month while introducing a new Fluxbox edition. However, the Advanced Hardware Support (AHS) ISO was not a part of it.

          Recently, MX Linux announced the availability of MX Linux 21 AHS and a new AHS repo for existing MX Linux 21 users.

          In this article, let us explore more about it.

        • Endless OS 4.0 is a Long-Term Support Version with Usability Improvements – It’s FOSS News

          Endless OS is a Debian-based Linux distro that focuses on bundling several important applications and resources to help make the most out of your computer without needing an internet connection.

          It is primarily tailored for education and for users who do not have constant access to the internet. And, if you are connected to the internet, there are tools to help you browse the web and stay in touch with friends/family.

          And, their latest release, Endless OS 4.0, is a Long-Term Support version that comes with several improvements. Let us take a brief look at it.

        • Endless OS 4.0 is Out as a Long-Term Supported Release

          Rebuilt on the base of Debian 11 Bullseye, Endless OS 4.0 is here with improved app grid navigation, fast user switching, and many other improvements.

          The developers of Endless OS have just announced the release of Endless OS 4.0. It’s a major update and it focuses mainly on helping users to take advantage of their internet connection when they suppose to have it.

        • Endless OS 4.0.0 Release Notes | Endless OS Support Site

          What’s new in this major release of Endless OS?

      • Arch Family

      • IBM/Red Hat/Fedora

        • Five data centers, 150TB images downloaded weekly, 1m+ cores – Now, that’s a storage challenge [Ed: "Sponsored by Red Hat" it says at the bottom. The Register has become a total joke, running ads as though they're articles. This is not journalism but churnalism.]

          For the last eight years, Red Hat Ceph has been at the heart of Workday’s storage strategy, in a collaboration that has spawned upstream contributions from the Workday and Red Hat engineering teams that the entire community benefit from.

        • How we implemented an authorization cache for Envoy proxy

          This is the second article in a two-part series about an authorization cache we developed for the Envoy open source proxy as a part of Google Summer of Code 2021. The first article in the series showed the design of our cache, based on Proxy-Wasm and integrated with Red Hat 3scale API Management. In this part, we focus on the implementation aspect of the design described in the previous article (check it out if you haven’t already).

        • Build and extend containerized applications with Project Thoth

          Container technologies have created a de facto industry standard for developing, deploying, and shipping applications. Containers make it possible to provide more maintainable and self-sustaining runnable units that can be directly managed using cluster orchestrators such as Kubernetes and Red Hat OpenShift.

          This article is for developers interested in using intelligent package management to control the quality of container images and provide more robust containerized runtime environments. Our discussion is based on Project Thoth for Python, one of the world’s most popular programming languages. The ideas we present can be generalized to other language ecosystems.

        • 9 ways to show gratitude to your team

          Your company can have the most innovative tech on the block, but it won’t amount to much if you don’t have a solid team behind you that feels supported. The Great Resignation is at least somewhat reflective of people finally realizing their worth and proves how important it is for leaders to show employees how much they are appreciated.

          Showing gratitude is especially pertinent this year as many employees work from home and don’t get to experience the camaraderie of in-office relationships and support they may have previously enjoyed. Sharing your thanks with employees helps to boost morale. And gratified employees will take more pride in their work.

        • 5 automation and RPA must-reads

          When you say “automation,” some IT people picture job-stealing robots. IT leaders will need to know how to allay that worry in the months and years to come. But here’s a piece of good news: Some forward-looking IT leaders are finding automation actually has talent retention benefits, as David Egts, chief technologist, North America Public Sector, Red Hat, recently wrote.

          “Automation is an effective way to help businesses become more resilient, but it also helps retain the key talent you have and attract new talent to up-level your team,” Egts notes. How? Teams that have made progress on the automation journey are seeing benefits including an increased sense of belonging, for example:

          “Many organizations have gone from siloed automation to automation communities of practice that span these silos. Instead of tasks being manually executed or even automated in isolated pockets of an organization, an automation community of practice lets everyone share their best ideas and build on each other’s work.

          So rather than belonging to the employee, the processes belong to the community of practice with authorship attribution back to the author. Plus, the community contributors identify with the community because their contributions and spans of influence visibly and positively impact the entire organization in ways they couldn’t do as individuals,” said Egts.

        • Top 15 articles sysadmins are thankful for | Enable Sysadmin

          Enable Sysadmin has published hundreds of articles; these are the favorites sysadmins turn to month after month.

        • What are you thankful for at work?
        • Tomasz Torcz: ACME & FreeIPA – super easy

          This post will be short. Recent FreeIPA versions contain ACME server implementation, which makes TLS certificate issuance a breeze.

        • Mark J. Wielaard » Blog Archive » Valgrind 3.18.1

          3.18.1 fixes a number of bugs and adds support for glibc-2.34, and for new platforms x86/FreeBSD and amd64/FreeBSD. Debuginfo reading is faster, and Rust demangling has been improved. For PPC64, ISA 3.1 support has been completed, and some newer ARM64 and S390 instructions are also supported. See the release notes for details of changes. Note, 3.18.0 had no formal release — it was pulled at the last minute due to a packaging problem.

        • CPE Weekly Update – Week of November 22nd – 26th – Fedora Community Blog

          Purpose of this team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work. It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.). The ARC (which is a subset of the team) investigates possible initiatives that CPE might take on.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 7.2.3 Released with More Than 100 Bug Fixes, Download and Update Now

          Released in mid-August 2021, the LibreOffice 7.2 office suite series comes with many new features and improvements, such as native support for Apple M1 machines, improved interoperability with the MS Office document formats, and dozens of UI enhancements for a better user experience.

          LibreOffice 7.2.3 is here today one and a half months after the LibreOffice 7.2.2 point release to fix even more bugs and security issues. A total of 112 bug fixes and improvements to document compatibility are included in this update.

        • The Document Foundation announces LibreOffice 7.2.3 Community

          The Document Foundation announces LibreOffice 7.2.3 Community, the second minor release of the LibreOffice 7.2 family targeted at technology enthusiasts and power users, which is available for download from https://www.libreoffice.org/download/. This version includes 112 bug fixes and improvements to document compatibility.

          LibreOffice 7.2.3 Community is also available for Apple Silicon from this link: https://download.documentfoundation.org/libreoffice/stable/7.2.3/mac/aarch64/.

          For enterprise-class deployments, TDF strongly recommends the LibreOffice Enterprise family of applications from ecosystem partners, with long-term support options, professional assistance, custom features and Service Level Agreements: https://www.libreoffice.org/download/libreoffice-in-business/.

          LibreOffice Community and the LibreOffice Enterprise family of products are based on the LibreOffice Technology platform, the result of years of development efforts with the objective of providing a state of the art office suite not only for the desktop but also for mobile and the cloud.

        • Czech translation of the LibreOffice Draw Guide 7.1

          Our team has finished translating the LibreOffice Draw Guide 7.1. As usual, it was a team effort, namely: translations by Petr Kuběj, Zdeněk Crhonek, Radomír Strnad, Ludmila Chládková; text corrections by Marcela Tomešová, Martin Kasper, Eva Kmochová, Věra Dvořáková; localized pictures by Roman Toman; and technical support from Miloš Šrámek. Thanks to all of the team for their work!

      • Education

        • 10 Best Free and Open Source Linux Educational Games

          Educational games are games designed to teach people, typically children, about a certain subject or help them learn a skill as they play. Sometimes this type of software is known as games edutainment because they combine education and entertainment.

          This type of software aids the ‘normal’ learning process, either by helping the individual to absorb new information, or as a support for recalling information already learned. Educational programs, especially those for the youngest students, are often designed with the idea of ‘learn through play’. Many children are easily bored, and they are much more likely to be attentive if they find the activity or task to be enjoyable.

      • FSFE

        • Upcycling Android: Keep using your phone with Free Software

          It is the European Week for Waste Reduction, a week that is dedicated to promoting the reuse of products and materials and to helping save resources and reduce waste in everyday life. The FSFE joins in with the new initiative “Upcycling Android” – an initiative to help saving resources by reusing one of our most valuable devices of our daily life, our phones.

          Every year, manufacturers produce 1.5 billion phones worldwide – and unfortunately, probably almost as many are thrown away after what is usually a far too short hardware lifespan. The short lifespan of these phones often stems from so-called “software obsolescence”, the situation in which users are faced with the dilemma of either buying new hardware or living with outdated software. The environmental consequences of these short hardware lifespans can be dire. To help users in overcoming this problem, with Upcycling Android we enable people to upcycle Android phones with Free Software. Every time we keep using our current phone instead of buying a new one we help avoid the production of new phones and the growing disposal of e-waste.

      • Public Services/Government

        • Schleswig-Holstein dumps Vole in favour of open source

          The north-German state of Schleswig-Holstein plans to switch to open-source software, reports Mike Saunders from LibreOffice.

          By the end of 2026, Microsoft Office is to be replaced by LibreOffice on all 25,000 computers used by civil servants and employees (including teachers), and the Windows operating system is to be replaced by GNU/Linux.

          Apparently it is a done deal and already codified by the Schleswig-Holstein state parliament.

          The state’s digital minister Jan Philipp Albrecht said that part of the transition to open source is already in the works, and pointed out that 90 percent of state administration conferencing is conducted using the open source video conferencing platform Jitsi.

        • 25,000 German state computers will bid goodbye to Windows and say Hello to Linux

          The German state of Schleswig-Holstein has decided that it’s done with closed, proprietary Windows and is moving to open-source Linux/GNU by the end of the year 2026.

          The first step will be in the form of migrating around 25,000 computers to The Document Foundation’s LibreOffice from Microsoft’s Office suite of applications and then eventually moving all these devices over to Linux by dumping Windows entirely. These 25,000 computers are going to be “used by civil servants and employees (including teachers)” essentially implying that a large part of the state-run administration and the education sector will be embracing the open-source way.

      • Programming/Development

        • NVIDIA’s Open-Source Image Scaling SDK 1.0 Released – Phoronix

          Last week NVIDIA announced the Image Scaling SDK as an open-source, cross-platform GPU image upscaling implementation that with their own hardware makes use of DLSS. Following the brief exposure over the past week, NVIDIA Image Scaling SDK 1.0 has been formally christened.

          The NVIDIA Image Scaling SDK can work on the likes of Intel and AMD Radeon hardware via the SDK’s generic compute shaders that are MIT licensed. Integrating the NVIDIA Image Scaling SDK does require integration on part of the game/engine developer.

        • Tips for formatting when printing to console from C++ | Opensource.com

          When I started writing, I did it primarily for the purpose of documenting for myself. When it comes to programming, I’m incredibly forgetful, so I began to write down useful code snippets, special characteristics, and common mistakes in the programming languages I use. This article perfectly fits the original idea as it covers common use cases of formatting when printing to console from C++.

        • Rust

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • When the IoT vendor goes bust

          Over recent years, legislation has started to emerge to protect consumers from unethical behaviour from IoT vendors. Far too many smart devices didn’t charge for a subscription to the online platform that made the device ‘smart’. As a result, manufacturers had a perverse incentive to end-of-life product in order to sell you their next great smart thing.

          A good example of this was the Revolv home hub: Google’s Nest division acquired the firm behind the $300 hub. Two years later, they shut the platform down, leaving consumers with a pile of useless electronics, orphaned from the platform. Uproar ensued, resulting in the US FTC investigating. Fortunately for Revolv owners, the FTC ruled in their favour and made Google compensate hub owners.

          Sonos owners will recall a similar kerfuffle around their ‘recycle mode’ that killed the device when one traded up for a newer product, among many negative press stories around the length of product support.

          Existing and planned regulation for IoT is increasingly having manufacturers state up front how long they will support the product for. Whilst some legislation is focussed on the longevity of product security updates, others focus on length of platform support.

          This is good: it will allow consumers to make informed decisions about the smart products they buy. I, for one, don’t expect to be replacing a smart door lock after a couple of years simply because the manufacturer wanted to sell me a newer version.

        • Security

          • Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox

            A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition.

            “Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox,” the advisory reads. “Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DoS) of Oracle VM VirtualBox”

          • How the SAML Standard Provides Single Sign-On Services – CloudSavvy IT

            Single Sign-On and zero trust networks depend on securely passing identification details back and forth between users, identity providers, and service providers. SAML is the glue that lets that happen.

          • Security updates for Thursday

            Security updates have been issued by Fedora (busybox, getdata, and php), Mageia (couchdb, freerdp, openexr, postgresql, python-reportlab, and rsh), openSUSE (bind, java-1_8_0-openjdk, and kernel), SUSE (java-1_7_0-openjdk), and Ubuntu (icu).

          • What is the OSI Model – 7 Layers of OSI Model Explained

            International Organization for Standardization (ISO) developed the OSI model in 1984.

            OSI model is an acronym for Open System Interconnect.

            The OSI model is a model that allows us to categorize network communications and divide different activities of the network in seven conceptual layers.
            This model tries to explain how the data of an application passes through the device and out in the physical network using the seven conceptual steps or layers.

            In simpler words, it explains how one application performs different steps to communicate its data to another application running on a different device.

            The OSI model was created for creating a common industry standard, which could have helped inter-operability between different vendors.

            However, this model did not gain a lot of popularity. So it is used as a reference or a teaching tool today. The OSI model does not directly match the networking systems we use in reality, but it is still useful because it describes the several processes used in electronic communication.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • New Linux malware hides in cron jobs with invalid dates [Ed: This is not a "Linux" issue; it's about applications that run over the Web and have holes in them, maybe because admins do not patch them]

              Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st.

              Dubbed CronRAT, the malware is currently targeting web stores and enables attackers to steal credit card data by deploying online payment skimmers on Linux servers.

          • Privacy/Surveillance

            • SUCCESS! New German government calls for European ban on biometric mass surveillance – Reclaim Your Face

              The newly-agreed German government coalition has called for a Europe-wide ban on public facial recognition and other biometric surveillance. This echoes the core demands of the Reclaim Your Face campaign which EDRi has co-led since 2020, through which over 65 civil society groups ask the EU and their national governments to outlaw biometric data mass surveillance.

              Today, 24 November 2021, the new German government announced their highly-anticipated coalition deal, including the strongest commitments seen so far in Europe to “rule … out” “biometric recognition in public”. They further called to “reject comprehensive video surveillance and the use of biometric recording for surveillance purposes”.

              The center-left Social Democrats (SPD), the environmentalist Greens and the business-focused Free Democrats (FDP) jointly emphasised the vital importance of anonymity in public as well as online. Their statement echoes the demands of over 65 groups in the Reclaim Your Face campaign, co-led by EDRi.

    • Censorship/Free Speech

      • Dead and Alive: Affidavits filed by States and High Courts reveal 470 pending cases under the struck down S.66A

        The People’s Union of Civil Liberties (PUCL), with IFF’s legal assistance, had filed an application in the Supreme Court (SC) seeking directions to ensure that authorities do not prosecute individuals under S.66A of the Information Technology Act, 2000 (IT Act, 2000), which the SC had struck down in Shreya Singhal vs Union of India (2015). On Aug 8th, 2021, SC issued notice to all States/UTs and High Courts. 8 HCs and 6 States have replied to the application and they demonstrate the widespread non-compliance with the decision in Shreya Singhal. We await responses from other States/UTs and High Courts.

        [...]

        In March 2015, S.66A was declared unconstitutional by the Hon’ble Supreme Court in Shreya Singhal v. Union Of India as it violated the right to freedom of expression guaranteed under Article 19(1)(a) of the Constitution of India. The Court found that S. 66A was vague and could be arbitrarily interpreted to penalize even innocent speech. Significantly, the Court found that the provision was not ‘severable’ i.e., no part of the section could be saved and the provision as a whole was declared unconstitutional. This means that the provision was void ab initio i.e was deemed to never have existed on the statute books. The effect should have been that Courts ought to have dismissed all pending cases under S.66A, and authorities ought not to have instituted fresh cases under S. 66A.

        However, the story did not end there. In 2018, a study by Apar Gupta and Abhinav Sekhri highlighted that authorities continued to prosecute individuals under S.66A even after Shreya Singhal. Subsequently, in 2019, PUCL, one of the original petitioners in Shreya Singhal, approached the Supreme Court seeking directions to ensure the implementation of Shreya Singhal. In February 2019, the Supreme Court directed the Union of India to ensure compliance with its decision by making available copies of the judgment to Chief Secretaries of States/UTs across the country. The Chief Secretaries, in turn, were directed to sensitise police departments across the country.

    • Internet Policy/Net Neutrality

      • Burkina Faso must immediately end its internet shutdown

        ccess Now and the #KeepItOn coalition are demanding that the government of Burkina Faso reinstate internet access for all, and without exception.

        It has now been five days since authorities shut down the internet on November 20, citing vague “public safety” and “national defence” reasons. Today, the Kaboré government has extended the blackout until November 27.

        “The #KeepItOn coalition is outraged that the government of Burkina Faso shut down the internet,” said Felicia Anthonio, Campaigner and #KeepItOn Lead at Access Now. “Authorities made a bad decision earlier this week when they disconnected millions, but today’s 96-hour extension truly reflects their blatant contempt for human rights.”

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. [Meme] EPO: Pursuing an Eastern and Western District of Europe (for Patent Trolls and Software Patents)

    With the EPO so flagrantly lying and paying for misinformation maybe we should expect Benoît Battistelli and António Campinos to have delusions of grandeur… such as presiding over the Eastern and Western District of Europe, just like Mr. Gilstrap and Mr. Albright (political appointment by Donald Trump, ushering in “the swamp”)



  2. Gemini at 2,000: 86% of Capsules Use Self-Signed Certificate, Just Like the Techrights Web Site (WWW)

    As shown in the charts above (updated an hour ago), the relative share of ‘Linux’ Foundation (LE/LF; same thing, same office) in the capsules’ certificates has decreased over time; more and more (in terms of proportion) capsules choose to sign their own certificate/s; the concept of ‘fake security’ (centralisation and consolidation) should be rejected universally because it leaves nobody safe except plutocrats



  3. [Meme] UPC: Many Lies as Headlines, Almost Exclusively in Publishers Sponsored by EPO and Team UPC to Produce Fake News (Lobbying Through Misinformation)

    Lest we forget that EPO dictators, like Pinky and the Brainless Benoît Battistelli and António Campinos, have long littered the EPO's official Web site as well as publishers not directly connected to the EPO (but funded by it) with disinformation about the UPC



  4. EPO as the 'Ministry of Truth' of Team UPC and Special Interests

    The 'Ministry of Truth' of the patent world is turning the EPO's Web site into a propaganda mill, a misinformation farm, and a laughing stock with stock photography



  5. Microsoft 'Delighted' by Windows 11 (Vista 11) Usage, Which is Only 1% Three Months After Official Launch and Six Months After Release Online

    Microsoft boosters such as Bogdan Popa and Mark Hachman work overtime on distraction from the failure Vista 11 has been (the share of Windows continues to fall relative to other platforms)



  6. Links 27/1/2022: Preinstalled GNU/Linux (Ubuntu) and Arch Linux-Powered Steam Deck 30 Days Away

    Links for the day



  7. Don't Fall for Microsoft's Spin That Says Everything is Not Secure and Cannot be Secured

    Microsoft keeps promoting the utterly false concept that everything is not secure and there's nothing that can be done about it (hence, might as well stay with Windows, whose insecurity is even intentional)



  8. At Long Last: 2,000 Known Gemini Capsules!

    The corporate media, looking to appease its major sponsors (such as Web/advertising giants), won't tell you that Gemini Protocol is rising very rapidly; its userbase and the tools available for users are rapidly improving while more and more groups, institutions and individuals set up their own capsule (equivalent of a Web site)



  9. Links 26/1/2022: Gamebuntu 1.0, PiGear Nano, and Much More

    Links for the day



  10. IRC Proceedings: Tuesday, January 25, 2022

    IRC logs for Tuesday, January 25, 2022



  11. Links 26/1/2022: No ARM for Nvidia, End of EasyArch, and WordPress 5.9 is Out

    Links for the day



  12. Why the Unified Patent Court (UPC) is Still Just a Fantasy and the UPC's Fake News Mill Merely Discredits the Whole Patent 'Profession'

    Patents and science used to be connected; but now that the patent litigation 'sector' is hijacking patent offices (and even courts in places like Texas) it's trying to shove a Unified Patent Court (UPC) down the EU's throat under the disingenuous cover of "community" or "unity"



  13. Links 25/1/2022: Vulkan 1.3 Released, Kiwi TCMS 11.0, and antiX 19.5

    Links for the day



  14. Gemini Milestones and Growth (Almost 2,000 Known Gemini Servers Now, 39,000 Pages in Ours)

    The diaspora to Gemini Protocol or the transition to alternative 'webs' is underway; a linearly growing curve suggests that inertia/momentum is still there and we reap the benefits of early adoption of Gemini



  15. [Meme] Get Ready for Unified Patent Court (UPC) to be Taken to Court

    The Unified Patent Court (UPC) and Unitary Patent system that’s crafted to empower EPO thugs isn’t legal and isn’t constitutional either; even a thousand fake news 'articles' (deliberate misinformation or disinformation) cannot change the simple facts because CJEU isn’t “trial by media”



  16. The EPO Needs High-Calibre Examiners, Not Politicians Who Pretend to Understand Patents and Science

    Examiners are meant to obstruct fake patents or reject meritless patent applications; why is it that working conditions deteriorate for those who are intellectually equipped to do the job?



  17. Free Software is Greener

    Software Freedom is the only way to properly tackle environmental perils through reuse and recycling; the mainstream media never talks about it because it wants people to "consume" more and more products



  18. Links 25/1/2022: Git 2.35 and New openSUSE Hardware

    Links for the day



  19. IRC Proceedings: Monday, January 24, 2022

    IRC logs for Monday, January 24, 2022



  20. Links 25/1/2022: GPL Settlement With Patrick McHardy, Godot 4.0 Alpha 1, and DXVK 1.9.4 Released

    Links for the day



  21. Proprietary Software is Pollution

    "My daughter asked me about why are we throwing away some bits of technology," Dr. Andy Farnell says. "This is my attempt to put into words for "ordinary" people what I tried to explain to a 6 year old."



  22. Microsoft GitHub Exposé — Part XV — Cover-Up and Defamation

    Defamation of one’s victims might be another offence to add to the long list of offences committed by Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley; attempting to discredit the police report is a new low and can get Mr. Graveley even deeper in trouble (Microsoft protecting him only makes matters worse)



  23. [Meme] Alexander Ramsay and Team UPC Inciting Politicians to Break the Law and Violate Constitutions, Based on Misinformation, Fake News, and Deliberate Lies Wrapped up as 'Studies'

    The EPO‘s law-breaking leadership (Benoît Battistelli, António Campinos and their corrupt cronies), helped by liars who don't enjoy diplomatic immunity, are cooperating to undermine courts across the EU, in effect replacing them with EPO puppets who are patent maximalists (Europe’s equivalents of James Rodney Gilstrap and Alan D Albright, a Donald Trump appointee, in the Eastern and Western Districts of Texas, respectively)



  24. Has the Administrative Council Belatedly Realised What Its Job in the European Patent Organisation Really Is?

    The "Mafia" which took over the EPO (the EPO's own workers call it "Mafia") isn't getting its way with a proposal, so it's preventing the states from even voting on it!



  25. [Meme] Team UPC is Celebrating a Pyrrhic Victory

    Pyrrhic victory best describes what's happening at the moment (it’s a lobbying tactic, faking/staging things to help false prophecies be fulfilled, based on hopes and wishes alone), for faking something without bothering to explain the legal basis is going to lead to further escalations and complaints (already impending)



  26. Links 24/1/2022: Scribus 1.5.8 and LXLE Reviewed

    Links for the day



  27. IRC Proceedings: Sunday, January 23, 2022

    IRC logs for Sunday, January 23, 2022



  28. [Meme] Team UPC Congratulating Itself

    The barrage of fake news and misinformation about the UPC deliberately leaves out all the obvious and very important facts; even the EPO‘s António Campinos and Breton (Benoît Battistelli‘s buddy) participated in the lying



  29. Links 24/1/2022: pgBadger 11.7 Released, Catch-up With Patents

    Links for the day



  30. The Demonisation and Stereotyping of Coders Not Working for Big Corporations (or 'The System')

    The war on encrypted communication (or secure communications) carries on despite a lack of evidence that encryption stands in the way of crime investigations (most criminals use none of it)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts