Links 18/12/2021: EndeavourOS Atlantis Neo and Wine 7.0 RC2

Posted in News Roundup at 8:01 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Someone Else’s Computer | Self-Hosted 60

        Recent AWS outages sent Alex on a hunt to find more self-hosted alternatives, and Chris digs into the latest Home Assistant release.

        Plus a frenzy of your excellent feedback and questions.

    • Audiocasts/Shows

    • Kernel Space

      • AMD Radeon GPU Driver Code Sees More Fixes For Linux 5.17 – Phoronix

        A new batch of AMDGPU DRM-Next patches were sent in on Thursday and mostly revolve around fixes. Among the notable fixes is reducing buffer object memory usage for multi-GPU systems by being able to share the system memory DMA mapping address and thus in turn reducing memory usage by avoiding the duplicating of that information. There are also fixes around RAS, SR-IOV, compiler warnings, power management, IP discovery, and SVM fixes to the AMDKFD compute code. There are also some new display-related bits exposed via DebugFS, new SMU debug options, and various driver documentation updates.

      • China’s Loongson Looks To Mainline LoongArch Support In LLVM – Phoronix

        Not only is Loongson working on bringing up LoongArch ISA support for the GCC compiler and related GNU toolchain components, but the Chinese company has now laid out their plans for LoongArch on LLVM.

        Loongson has been very busy this year bringing up LoongArch, their new downstream of the MIPS CPU architecture. They have been working on porting the Linux kernel to LoongArch as well as the open-source code compilers and related components for what they aim to be a Chinese domestic high performance CPU. Current LoongArch-based 3A5000 CPU benchmarks are not so impressive but will be interesting to see how this new MIPS-based architecture evolves.

      • Radeon Pro Software for Enterprise 21.Q4 Linux Driver Released – Phoronix

        Following the Radeon Pro Software for Enterprise 21.Q4 Windows driver that released earlier in the month, this week brought the similar quarterly enterprise graphics driver update to Linux.

        Radeon Pro Software for Enterprise 21.Q4 for Linux released this week and is officially supported on RHEL/CentOS 7 and RHEL/CentOS 8, Ubuntu 20.04.3 LTS, Ubuntu 18.04.5 LTS, and SUSE SLED/SLES 15 SP3. This Radeon PRO 21.Q4 Linux driver continues to officially support the AMD Radeon Pro W/WX GPUs, Radeon Vega Frontier Edition, Radeon Pro Duo, and the Radeon PRO VII.

      • Micron HSE 2.1 Open-Source Storage Engine Released – Phoronix

        Since early 2020 Micron went public with HSE as an open-source storage engine for SSDs and persistent memory. The HSE key-value store proved to be extremely performant with the likes of a MongoDB implementation but required changes to the Linux kernel that made it initially a higher barrier for entry. HSE 2.0 shipped in October that no longer required those kernel changes while still offering blistering fast performance. Now to round out the year they have HSE 2.1.

      • Xen pvUSB Front-End Driver Coming For Linux 5.17 – Phoronix

        After being more than ten years in the making after being started by Fujitsu engineers in 2008 but never going through all the steps for upstreaming, thanks to a SUSE engineer the Linux 5.17 kernel will finally have the Xen USB virtual host driver.

        Juergen Gross of SUSE recently has been cleaning up, updating, and getting the Xen pvUSB Linux front-end driver in a state for upstream. Earlier this week the goal was realized when Greg Kroah-Hartman pulled this driver into the USB subsystem tree he maintains ahead of the upcoming Linux 5.17 merge window.

      • Graphics Stack

        • NVIDIA NVDEC Video Decode Support Sent Out For Linux 5.17, Better Power Management – Phoronix

          After the open-source NVIDIA Tegra DRM driver changes intended for Linux 5.16 weren’t pulled due to timing, they are back around for Linux 5.17 with most notably the open-source Tegra driver feature pull request introducing NVDEC video decoding.

          NVIDIA’s Thierry Reding sent out the Linux 5.17 Tegra DRM driver changes to DRM-Next today. Like the work that was intended for Linux 5.16 but un-merged, the big items are a rework to buffer object handling to better match DMA-BUF expectations and then the NVDEC driver.

    • Benchmarks

      • Apple macOS Monterey 12 Performance Is Surprisingly Competitive With Linux – Phoronix

        It’s been a while since last comparing the Apple macOS performance to Linux since in part because the newer Apple Silicon (M1) hardware isn’t yet in good enough shape for performance tests on Linux. But for those wondering about the Intel-powered Macs and how the performance of the latest Linux distributions compare to that of macOS 12 Monterey, here are some benchmarks of the new macOS 12.1 up against Ubuntu 20.04.3 LTS, Ubuntu 21.10, and Intel’s own Clear Linux.

    • Applications

      • What Is Prometheus and Why Is It So Popular?

        Prometheus is an open-source monitoring solution for collecting and aggregating metrics as time series data. Put more simply, each item in a Prometheus store is a metric event accompanied by the timestamp it occurred.

        Prometheus was originally developed at Soundcloud but is now a community project backed by the Cloud Native Computing Foundation (CNCF). It’s rapidly grown to prominence over the past decade as its combination of querying features and cloud-native architecture have made it the ideal monitoring stack for modern applications.

        In this article, we’ll explain the role of Prometheus, tour how it stores and exposes data, and highlight where Prometheus’ responsibility ends. Part of its popularity is down to the software’s interoperability with other platforms which can surface data in more convenient formats.

      • Deluge BitTorrent Client 2.0.5 Released with Automatic Clipboard Detection | UbuntuHandbook

        The Deluge BitTorrent client got an update after more than 2 years of development by releasing v2.0.4 and then v2.0.5 with a quick fix.

        Deluge is a lightweight, free and open-source, and cross-platform BitTorrent client written in Python. It uses libtorrent library and features full encryption, GTK, Web and console UI. And, it has a daemon package to run as a system service, allowing user to control remotely over the web.

      • Version 6.0 of the GNU Nano text editor has been released – Market Research Telecast [Ed: Automated translation]

        Version 6.0 of GNU Nano was released. The slim and easy-to-use text editor for the command line is included in most Linux distributions and provides the most important editor functions including syntax highlighting and macros via keyboard shortcuts. What is unusual about version 6.0 is its code name: “Humor heeft ook zijn leuke kanten” is what it means, translated: “Humor also has its beautiful sides”. The expression goes back to the Dutch comedian Herman Finkers, who coined the sentence: “Humor heeft ook leuke kanten.”, “Humor also has beautiful sides”.

      • The 10 Best Linux Apps for Digital Artists

        Linux continues to be in demand, given its open-source nature, ease-of-use, and various apps and packages. Add a healthy mix of digital art tools to this list, and you will already have a fantastic operating system to work on.

        The highly coveted tools mentioned below promise to deliver highly functional and powerful graphic design utilities to digital artists.

        Check out these 10 authentic tools tailor-made for digital artists and creative people alike.

      • QEMU 6.2: Improved compatibility with Apple M1 – Market Research Telecast [Ed: Automated translation]

        Version 6.2 of the open source emulation and virtualization software QEMU has been released. 189 developers contributed over 2300 commits to the minor release. ARM virtualization in particular benefits from the innovations, but there are also innovations in the emulation of RISC-V and PowerPC architectures.

        Among other things, the team improved the compatibility with Apple’s silicon SoC: With the update, QEMU masters the Hypervisor.framework (hvf) accelerator for virtualizing AArch64 architectures on silicon hosts. In addition, virtual machines with QEMU 6.2 can use Intel’s SGX (Software Guard Extensions). The entire changelog can be found in QEMU-Wiki.

    • Instructionals/Technical

      • How To Check OS Version In Linux?

        GNU/Linux distros have lots of good things going for them. For example, they can be a refresher for someone from Windows or macOS. A lot of things in Linux are pretty similar to Windows, but what’s not identical is checking the OS version in Linux.

        One can, arguably, go to the Settings > System Info on a Linux distribution, but provided there are tons of distributions out there, it’ll be hard for us to cover every single one of them as some of them differ. Therefore, in this article, let’s look at the three commands to check the OS version in Linux.

      • How to install Gparted on Ubuntu 20.04 | 22.04 LTS Linux

        Command to install Gparted on Debian-based Linux systems such as Ubuntu 22.04 Focal Fossa and Ubuntu 22.04 LTS Jammy Jelly Fish using command terminal.

        GParted is a GTK -based graphical user interface for GNU Parted. With GParted the partitioning of a drive can easily be changed, for example, partitions can be enlarged or reduced, newly created, moved, or reformatted. General information and safety instructions on partitioning can be found in the article Partitioning.

      • How to Use the Terraform Join Function – buildVirtual

        For Terraform 0.12 and later, you can use the join() function, to allow you to join or concatenate strings in your Terraform plans. The terraform join function has two inputs, the separator character and a list of strings we wish to join together.

      • How to install MetaTrader 4 with the Hugosway Broker on a Chromebook

        Today we are looking at how to install MetaTrader 4 with the Hugosway Broker on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to play Timelie on Linux

        Timelie is a single-player stealth and puzzle game developed and published by Urnique Studio. The game was developed in Unity and was released on Microsoft Windows and Mac OS. Here’s how you can play it on Linux.

      • How to install Linux on your Windows PC | ZDNet

        First, download the newest version of Linux Mint. As I write this, that’s Mint 20.2, but Linux Mint 20.3 will be out in early 2022. At about 1.5GB, depending on your internet speed, this may take a while.

        Mint comes with three different desktop interfaces. These are MATE, Xfce, and its default desktop, Cinnamon. I recommend you go with Cinnamon, for starters. If it turns out you really want to get deep into Linux, you’ll have plenty of opportunities to explore the various Linux interfaces.

        Once you’ve downloaded Mint, you should try the Linux distro before installing it. Fortunately, unlike other operating systems, Linux distros like Mint make it easy to give them a test run before committing to it.

        If you don’t have an ISO burner program, download one. I recommend freeware programs ImgBurn for optical drives and Yumi for Windows for USB sticks. Other good choices are LinuxLive USB Creator and UNetbootin. These are all free programs.

        Unless you’re using an older PC that won’t boot from a USB stick, I strongly recommend using a USB flash drive for your test drive. You can run Linux from a DVD, but it’s very slow. But, I might add, Linux Mint will run on pretty much any PC that hasn’t turned 10 yet. So, if you have a computer collecting dust in the closet that you want to get some use from, go for it.

      • How to set JAVA_HOME path on Ubuntu

        JAVA_HOME is an operating system environment variable that stores the location of the java installation folder. Every time a java program or application is run, this variable is invoked. You need to set up the JAVA_HOME variable correctly to run your java program otherwise you will encounter this error message “Error: JAVA_HOME is not defined correctly.”.

        In this tutorial, you will learn different methods to set up the JAVA_HOME variable and different configuration options that are available to you while setting up this system variable.

      • How to create an SNS Topic and a Subscriber on AWS

        Amazon Simple Notification Service (SNS) is a web service that coordinates and manages the delivery of messages. It is a highly available, durable, secure, fully managed pub/sub messaging service. It uses cross availability zone message storage to provide high message durability. Amazon SNS also ensures that data is encrypted in transit. It is used to broadcast the messages of a message-producer system.

        To receive messages published to an SNS topic, we must subscribe to an endpoint. We can have endpoints such as AWS Lambda, Amazon SQS, HTTP/S, or an email address to the topic we create. When we subscribe to an endpoint to a topic and confirm the subscription, the endpoint begins to receive messages published to the associated topic.

      • How to configure a Nessus Vulnerability Scan Policy

        Vulnerabilities arise every day with the security specialist engaged in fixing it and the hackers working to exploit it. A Vulnerability scanner checks a system with the already known vulnerabilities which can be exploited by attackers to compromise a system. There are many tools available in the market for vulnerability scanning. Nessus is one such powerful scanning tool for discovering vulnerabilities. It is developed and maintained by Tenable Network Security Inc. It was once ranked first in the security tools checklist of Nmap Software LLC. Although it is now dropped to the third position in the list, it is still a powerful remote security scanning tool.

      • How to using Ansible to install and configure Redis 6 on Rocky Linux 8

        In this tutorial we are going to learn how to install and configure Redis 6 on Rocky Linux 8 using Ansible. This guide will also work on other RHEL 8 based servers like Oracle Linux and Alma Linux.

        Redis is an in-memory data structure store, used as a distributed, in-memory key–value database, cache and message broker, with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indices.

        Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows.

      • Install and Use Oh My Zsh Framework for Zsh on Linux

        zsh (Z Shell) is a very popular Unix shell. It’s similar to Bash but comes with many added features that change its appearance and behavior.

        zsh is also very customizable, which allows users to create their own themes and plugins, which further extends its features.

      • How to install OpenProject on Ubuntu 20.04 LTS Server – Linux Shout

        Tutorial to install self-hosted web-based open-source project management software known as “OpenProject” on Ubuntu 20.04 Focal Fossa using command terminal. OpenProject enables companies to have project references, documentation, user manuals, and more, all in one central location, accessible from anywhere to share information with teams.

        OpenProject is a web-based project management software available in the Community Edition, Enterprise on-premises, and Enterprise cloud. Of course, the Enterprise editions will have some premium features along with support & hosting facilities. Whereas the community edition is free to download and can be hosted on any server, well, the user will be responsible for the installation and configuration, here.

        We can use Opensource for universities, educational institutions, research, IT / technology companies, NGOs, administrations, foundations, public institutions, authorities, banks and insurance companies, and the automotive industry.

      • [Solved] Target Packages is configured multiple times Error in Ubuntu

        Recently, when I was updating Ubuntu via command line, I encountered a warning that complained about target package being configured multiple times.

      • Using the timedatectl command to control your Linux time and time zone | Network World

        The timedatectl command allows you to both query and change the system clock and its settings on Linux systems.

        To display the current settings, use the command by itself—with no arguments.

      • Virtualization: A Comprehensive Guide for Beginners

        Virtualization in today’s time plays a critical role. From consumer level desktop usage to enterprise level cloud services, there are a variety of applicabilities.

        This guide will help you to get started with virtualization in a comprehensive manner. This will give you enough fundamental knowledge to you as a student, engineer or even as a CTO to understand different types of virtualization and how it is used in the industry today.

      • Localtunnel – Expose your Localhost to the Internet

        Want to Expose your localhost on the Internet? Often, clients ask for an update, or your friends want to know the site you were working on. We can solve all these problems using Localtunnel.

        Localtunnel exposes your localhost to the Internet without foul play on DNS or deploying on another commit. Apache, Nginx, and Node Js application can be easily accessed by your friends or client for updates.

      • Manage your APC battery backup system with this Linux command | Opensource.com

        Back in the early days of personal computers, I wrote the IBM training course for the original IBM PC. To complete the course in time for the IBM, ComputerLand, and Sears training, IBM gave me a PC to take home so I could work over evenings and weekends—arguably the first instance of anyone having an IBM PC in their home.

        I did this work in Boca Raton, Florida, where the small, local power company was commonly known as “Florida Flicker and Flash,” with good reason. The short but frequent power outages caused me to lose my work more than once. Unfortunately, there were no Uninterruptible Power Supply (UPS) systems to keep my PC up and running through these annoying and sometimes destructive incidents.

        A UPS keeps a computer running long enough to last through minor power events, such as outages and surges of a few seconds up to as much as 20 or 30 minutes. In the case of these longer outages, the function of the modern UPS is to notify the computer to power down before the UPS runs out of battery power. Otherwise, the sudden loss of power can lead to loss of data.

        The computer and UPS communicate through a serial or USB cable. A system service manages the communications and sends appropriate commands to both the UPS and the computer. Windows computers generally use a free version of the software provided by the UPS vendor. However, the apcupsd utility supports Linux, Windows, BSD, Solaris, and macOS, providing consistency across operating systems.

        This set of tools supports APC UPS systems and provides varying degrees of support for UPS systems produced by Tripp-Lite, CyberPower, and others. I currently have UPS systems from all three of these manufacturers running on networks for which I have responsibility. I have not found a list of supported UPS systems. Nor is the apcupsd documentation helpful on this, and I have seen nothing definitive in any web searches.

    • Wine or Emulation

      • The Wine development release 7.0-rc2 is now available.
        The Wine development release 7.0-rc2 is now available.
        What's new in this release (see below for details):
          - Bug fixes only, we are in code freeze.
        The source is available from the following locations:
        Binary packages for various distributions will be available from:
        You will find documentation on https://www.winehq.org/documentation
        You can also get the current source directly from the git
        repository. Check https://www.winehq.org/git for details.
        Wine is available thanks to the work of many people. See the file
        AUTHORS in the distribution for the complete list.
      • Wine 7.0-rc2 Released With 34 Fixes This Week

        With Wine 7.0 gearing up for release in January, since last week we have been under a feature freeze and weekly release candidates. Wine 7.0-rc2 is out now with more fixes in battening up this next open-source release for enjoying Windows games and applications on Linux / macOS / BSDs.

        Wine 7.0-rc2 brings 34 known bug fixes over the past week. Among the software seeing fixes with this RC are Proteus 8, Final Fantasy XIV, Ace Ventura, Borderlands GOTY Enhanced, Dark Souls: Remastered, Resident Evil 4 HD, and others.

    • Games

      • AetherSX2 is the best way to play PlayStation 2 games on your Android smartphone

        The PCSX2 developers have explained the licensing situation too; in essence, its core code is LGPLv3 licensed, and any of the code still leftover in AetherSX2 that’s covered under GPL will be removed by the time the app is officially released.


        Given the alternatives for PlayStation 2 emulation in the past, AetherSX2 is a fantastic step forward. Its support from the PCSX2 developers also goes a long way, and we’re looking forward to seeing how the emulator grows and matures in the future. I’m personally excited to see how the new Qualcomm Snapdragon 8 Gen 1 will fare. Be sure to give it a try and let us know what you think in the comments!

      • AI Kingdoms arrive for Kingdoms and Castles in a new Beta | GamingOnLinux

        The massive AI Kingdoms update for Kingdoms and Castles has finally hit Open Beta for anyone who owns it, so you can now see what the developer has been working on for quite some time.

        Kingdoms and Castles is a city-building simulation game about growing a kingdom from a tiny hamlet to a sprawling city and imposing castle. It has gradually grown from quite a small and relaxed game into a much bigger city-builder / RTS hybrid, although you can still pretty much play how you want and AI Kingdoms are optional to add in.

      • Steam Deck Handheld Gaming PC Poised for Big Streaming Gains

        According to a new Steam Update for the Steam app, Valve’s next line of work revolves around improving Steam’s Remote Play service within Linux. The update comes as Valve prepares for the Steam Deck and its proprietary Linux operating system, so this prep work will likely benefit the forthcoming handheld.

        The update greatly improves Video Acceleration API (VA-API) hardware decoding on Linux. The touch controls settings have also been fixed to save the settings correctly in the Steam Link app. So there’s a lot of work being undertaken to ensure that Remote Play works well within Linux.

        VA-API support is important, as it’s an open-source video API used by Linux operating systems, and the Steam Deck will presumably use the API to decode game streams with Remote Play. VAPPI is used by popular applications such as VLC within Linux and supports Intel and AMD open-source video drivers. The video API also supports many video codecs, including MPEG-2, H.264, H.265, VP9, and more.

      • Godot Engine – Maintenance release: Godot 3.4.1

        Godot 3.4 was released a month ago, and it went fairly smoothly! Many thanks to all the contributors who worked on it, including all testers who tried beta and RC releases to ensure that the 3.4-stable branch would be an easy and worthwhile upgrade path for all users.

        No software release is perfect though, so there will always be some things to iron out, which is why we provide maintenance releases for stable branches, focusing on bugfixing and preserving compatibility (see our release policy). Godot 3.4.1 is the first maintenance release in the 3.4 stable branch, and a recommended upgrade for all Godot 3.4 users.

      • Baldur’s Gate: Dark Alliance re-release is out now with Linux support | GamingOnLinux

        Only a day after we mentioned that Baldur’s Gate: Dark Alliance would be getting a new PC release and it’s here already, along with Linux support! Your chance to relive another classic thanks to Interplay Entertainment and Wizards of the Coast.

        “This revival of the original Baldur’s Gate: Dark Alliance puts the ‘action’ back into the action-RPG genre, plunging players into the heart of Faerûn. As well as looting and leveling, players must actively defend against and dodge attacks, evade deadly traps, and fight hordes of monsters ranging from swarming kobolds to the iconic and all-consuming Gelatinous Cube.

      • Two Tribes open sourced their game engine for RIVE and Toki Tori 2+ | GamingOnLinux

        Netherlands based Two Tribes is an indie game developer who worked on titles like RUSH, EDGE, Toki Tori, RIVE and more just open sourced their game engine. This is the game engine that was used for the likes of RIVE and Toki Tori 2+ and it’s now under the GPL2.

      • Get a look at the Total War: WARHAMMER III campaign map and more battles | GamingOnLinux

        Creative Assembly continue rolling out more teaser videos of the upcoming Total War: WARHAMMER III, which will be ported to Linux by Feral Interactive.

        Just recently CA put up a video finally giving us a proper look at the campaign map. Going over many different biomes you can expect to move armies through and perhaps conquer. It sure does look pretty and might have one of the best looking campaign maps of any similar strategy game.

    • Desktop Environments/WMs

      • Window Shuffler: Tiling Window Management From Ubuntu Budgie – Front Page Linux

        This tutorial will showcase how you can be very productive with an on-demand tiling system that does not require you to make a hard choice at login. Window Shuffler allows you to use tiling only when you want, on the monitor or virtual desktop you want, without requiring you to log off your regular DE and switch to a tiling environment.

        Since I started using it, I have a hard time using any other desktop environment that does not bring the features of Window Shuffler.

        Window Shuffler is developed by Jacob Vlijm of Ubuntu Budgie. It is installed by default on Ubuntu Budgie. Various users reported that it works well on other GTK desktop environments, such as Ubuntu MATE. I believe it is also available on the AUR for arch users… btw.

        Having said that, there are some integrations that are done very well on Ubuntu Budgie, so for anyone willing to give it a try, I recommend to spin up a live ISO of the latest Ubuntu Budgie. By doing so, you will be able to have a taste of the full experience of Window Shuffler.


        Window Shuffler applet is a nice, optional feature introduced by Jacob Vlijm with Ubuntu Budgie 21.10. It allows us to add an applet to Budgie panel, which controls Shuffler tiling. This is very useful especially for users that are new to tiling, or those that have not learned the shortcuts, or that like tiling windows but are not keyboard fanatics.

        In order to get started, we first have to open Budgie Desktop Settings, Panels, Top Panel, and click the + Icon next to Add applet. Scroll to the bottom, and add Window Shuffler. I am going to leave it in the default position, next to the clock in the middle of my top panel. Feel free to move it around as needed. We can now close Budgie Desktop Settings.

        Next step is to open our Window Shuffler Control. We can now do this from the gear icon in our new Applet.

      • K Desktop Environment/KDE SC/Qt

        • GCompris 2.0 Educational Software for Kids Brings New and Improved Activities

          GCompris is one of the oldest and most popular open-source educational software suites for GNU/Linux distributions, and the new release, GCompris 2.0, is here to provide even more hours of fun and entertainment for your children.

          Highlights of GCompris 2.0 include several new activities, such as Baby Mouse for helping children interact with a computer for the first time, Oware as traditional African strategy game, Positions to help children learn the terms that describe an object’s relative position, and Ordering Sentences for helping children practice reading and grammar by sorting out parts of a sentence.

        • GCompris Releases Version 2.0 (KDE.news) [LWN.net]

          Just in time for the upcoming holidays, “KDE’s educational suite of more than 170 activities and pedagogical games”, GCompris, has released version 2.0.

      • GNOME Desktop/GTK

    • Distributions

      • New Releases

        • EndeavourOS Atlantis Neo Brings Much-Needed Fixes and a Christmas Surprise

          Coming just two weeks after the major EndeavourOS Atlantis release, the EndeavourOS Atlantis Neo is here as an interim release that addresses a few issues present in the Atlantis ISO.

          For example, EndeavourOS Atlantis Neo improves the Calamares graphical installer, which has been updated to version 3.2.49, to support encrypted Btrfs installations when selecting Swap partition and hibernation, as well as to allow users to install EndeavourOS on machines with less than 2 GB of RAM.

        • Happy holidays, Atlantis neo has arrived – EndeavourOS

          I want to start with the clarification that EndeavourOS is a rolling release and that the changes and updates on our ISOs only affect the installation experience and an update of our offline edition. We don’t hold back packages in any way. The point release numbers in the ISO name simply refer to the year of release followed by the number of releases in that year. Having said that, let’s go back to the Atlantis neo release and here’s what’s going on:

          Major release – The recent Atlantis release was a major release that contained a lot of improvements and new features created and implemented by our developers’ team, next to the regular upstream package updates. A major release will also be “celebrated” with a new wallpaper and a new code name inspired by existing or fictional spacecraft names.

          Hotfix feature – This is an express tool for the dev. team to push out small bug fixes to a released ISO. Those fixes can be, corrected errors created by us, workaround scripts to patch an upstream bug or upstream bug fixes that don’t interfere with other packages on the ISO. Just see it as a band-aid, fixes pushed out by this feature are merely temporary patches.

          Interim release – An interim release ships a slightly updated version of a recent major release, without the addition of new features or new wallpapers. The fixes these releases contain are, reversed workarounds due to an upstream fix and/or upstream bug fixes or changes that also affect the behaviour of other packages on the ISO. Of course, with these changes, they will also ship all the upstream package updates.

      • IBM/Red Hat/Fedora

        • Fedora Community Blog: Friday’s Fedora Facts: 2021-50

          Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!

        • Ben Williams: F35-20211216 updated Live isos released

          The Fedora Respins SIG is pleased to announce the latest release of Updated F35-20211216-Live ISOs, carrying the 5.15-7-200 kernel.

          The next set of isos will be released around 20220115.

          This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 950MB of updates savings )).

        • Davie Street Enterprises embraces cloud technologies and services

          Throughout our fictional case study of Davie Street Enterprises (DSE), we have witnessed how embracing modern tech industry best practices have drastically increased the speed at which the company can accomplish its goals while improving overall operational efficiency.

          DSE has done this by finding platforms, services, and processes that best align with its goals—made possible by the combination of Red Hat products and our partner ecosystem. In this post, we will focus on those operational efficiencies and how they can be further enhanced through the use of Red Hat Cloud Services, all of which are built on Red Hat OpenShift.

        • Red Hat Ansible Automation Platform delivers on high ROI expectations

          In a world where organizations are continually asked to do more with less, IT leaders are always looking for new technologies and strategies that can help their teams become more agile and efficient. Doing so frees up time and resources that can be better used to deliver the essential technologies needed to drive business success.

          Manually performing routine tasks and complicated processes eats up both time and money, and automating those efforts can make the difference between keeping pace with customer demand and falling behind.

      • Debian Family

        • 2,000 fonts for Debian – Bits from Debian

          Debian comes with tons of fonts for all kinds of purposes, you can easily list them (almost) all with: apt-cache search ^fonts-.

          However, sometimes they are not in their latest version, or as a user you would like to get access to new fonts that are not present in Debian stable yet.

          With the tool fnt you can easily preview, and install fonts from Debian sid and Google Web Fonts (that’s about 2,000 fonts that are DSFG compliant). Any user can use the tool to install fonts only for the user itself, or the system administrator can run it as root to install the fonts system wide.

          The package fnt is already in Bookworm, so if you run Debian testing you can use it to get, test and use many fonts that are in their way of being packaged in Debian…

      • Canonical/Ubuntu Family

        • Data centre networking: What is OVN? | Ubuntu

          With the development of open source software-defined networking solutions, virtualisation took a progressively more important place in modern data centres. Concepts like virtual switching and routing became part of the data centre networking scene, with OVS as a pioneering example. Virtual switches nevertheless did initially miss very important networking features and standards, which hardware-based network devices already had – and which were proven and widely implemented. OVN came to represent those network features in virtual switching environments and address their extensibility across multi-host clusters. Let’s first take a closer look in order to understand what OVN is.

        • Data centre networking: SmartNICs

          With the explosion of application traffic and the multiplication of data centre workloads during the last decade, east-west traffic greatly increased and ended up impacting the traditional north-south based architectures. This raised the need to review the entire data centre architecture while keeping the goal of meeting performance, security, and monitoring requirements.

          From a performance and security perspective, rather than shunting the traffic to centralised security and management blocks within the data centre (which might cause performance issues) or accepting uncontrolled zones, the forwarding and security intelligence can be distributed throughout the data centre.

    • Devices/Embedded

      • Linux vs Windows 10 IoT. How to Choose the Best OS for Your Medical Device?

        Linux has become one of the most user-beloved operating systems since it was released in 1991. Linux, based on the kernel combined with the GNU Project, was actually the first complete open-source operating system.

        Linux is characterized by the great versatility of its use. You can run it on a credit-card-sized single-board computer, such as the Raspberry Pi, to teach kids computer science at school. At the same time, Linux assists in performing computations in quantum mechanics on the most powerful supercomputers.

        There are a wide variety of Linux distributions and operating systems based on the Linux kernel. Some of them are purely open-source, like Debian or Gentoo, while the others are provided by commercial vendors (for example, Red Hat and Ubuntu). Probably, the most prominent Linux-based OS is Android, which is an absolute winner in the market of mobile operating systems.

        The Linux OS is widely used in embedded systems due to its high flexibility. Embedded Linux development is aimed at customizing Linux to make it fully compliant with your product requirements.

        Linux is compatible with almost any modern hardware platform. If you need to move to different electronics or update the current hardware version, it won’t be a problem to port your operating system and run it successfully on the new system on a chip or desktop platform.

        If you want to get a more detailed understanding of Linux and its strengths for healthcare, please check out our guide on why choose Linux for medical devices.

      • Build a DIY FM Radio with this $12 kit – CNX Software

        I’ve not used an FM radio for years, but if you’d like to teach younger generations about older technology and show them how to solder components there’s an RDA5807 based kit that would allow you to build DIY FM Radio operating in the 87 MHz to 108 MHz range.

        The JC-300 kit comes with a bare PCB, and all components required including a speaker, an antenna, and a holder for a 18650 battery. Some of the main components of the kit include…

      • Inforce 68A1 SoM supports up to seven 4Kp120 cameras, dual 4Kp120 video encoding/decoding – CNX Software

        SMART Wireless Computing has announced the Inforce 68A1, a compact system-on-module based on Qualcomm QCS8250 IoT processor with support for up to seven concurrent 4Kp120 camera inputs, and decode/encode two 4Kp120 video streams simultaneously.

        Equipped with 8GB PoP DDR5 memory, 64GB UFS storage, a wireless module supporting 802.11ax Wi-Fi 6E and Bluetooth 5.1, the module is designed for high-end IoT applications such as smart cameras, video collaboration, AI hubs, connected healthcare, and smart retail.

      • Qualcomm QCS8250 module and kit can handle seven 4K120 cam inputs

        Smart Wireless unveiled an “Inforce 68A1 SoM” that runs Android 10 on a Qualcomm QCS8250 with 8GB LPDDR5, 64GB UFS, and 802.11ax (Wi-Fi 6E) that supports dual 4K120 displays and up to 7x 4K120 camera inputs. An “ACC1C20” dev kit is also available.

        In July, we reported on Thundercomm’s TurboX C865 SOM and dev kit, as well as eInfochips’ EIC-QCS8250-210 Mini-ITX board, both of which run Android on Qualcomm’s octa-core QCS8250. The octa-core SoC is an embedded oriented variant of the Snapdragon 865. Now, Smart Wireless has launched an Inforce 68A1 SoM and ACC1C20 reference board based on the QCS8250.

      • Open Hardware/Modding

        • Year End Update for 2021, Looking Forward to 2022

          2021 was a year of transformation and growth for Purism, amidst real challenges. Thank you for all your support and contribution! This has been a particularly daunting year for the supply chain. Really, the global pandemic has made supply chains less reliable, and lead times and shipping times for various parts incredibly unpredictable. In midst of these, we deeply sympathize with those who are waiting on their devices. We assure you that our teams have been working overtime to fulfill orders and build the inventory of critical parts.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Firefox Nightly: These Weeks in Firefox: Issue 106
          • Despite improvements, delaying the deprecation of third party cookies in the CMA’s Privacy Sandbox commitments will hold back privacy on the open web

            Recently, the UK’s Competition and Markets Authority (CMA) initiated a second round of consultation on the voluntary commitments offered by Google in the Chrome Privacy Sandbox (GCPS) investigation. We welcome the inclusion of greater transparency, consultation, and restrictions on self-preferencing, as we had advocated for in the initial consultation. However, we remain concerned by the broadening scope of the standstill period that will further delay both the deprecation of Third Party Cookies (TPCs) and the deployment of privacy forward technologies such as Privacy Budget or GNATCATCHER which have the potential to address cross-site tracking that occurs through fingerprinting and IP addresses.

          • Data@Mozilla: This Week in Glean: Looking back at Glean in 2021

            A year ago I posted Glean in 2021 as a way to look into the future and set out a vision and plan for the project. Today I’m looking back at 2021, if we were able to follow up on my plans back then and look at all the other things we did for Glean.

            Let’s start easy: According to the index we wrote 21 This Week in Glean blog posts (including this one). Close enough to one every other week. Communicating about our work is important and TWiGs are one way to put our ideas and thoughts about the project out there.

            Let’s first look at the topics I identified as important in last year’s blog post.

      • FSF

        • Open Source Advent Calendar

          • Open Source Advent Calendar: The WordPress Blog and Web Builder – Market Research Telecast

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: The Thunderbird email program – Market Research Telecast

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: the Libreoffice office suite

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

          • Open source advent calendar: the image editing program Gimp

            This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.

        • Licensing/Legal

      • Programming/Development

        • Error Codes And The Law Of Least Astonishment | Hackaday

          Do you know the law of least astonishment? I am not sure of its origin, but I first learned it from the excellent “Tao of Programming.” Simply put, it is the principle that software should always respond to the users in a way that least astonishes them. In other words, printing a document shouldn’t erase it from your file system.

          Following the law of least astonishment, what should a program do when it hits a hard error? You might say that it should let the user know. Unfortunately, many systems just brush it under the rug these days.

          I think it started with Windows. Or maybe the Mac. The thinking goes that end users are too stupid or too afraid of error codes or detailed messages so we are just leaving them out. Case in point: My wife’s iPhone wouldn’t upload pictures. I’m no expert since I carry an Android device, but I agreed to look at it. No matter what I tried, I got the same useless message: “Can’t upload photos right now. Please try again later.” Not only is this not very informative, but it also implies the problem is in something that might fix itself later like the network.

        • GStreamer ❤ Windows: A primer on the cool stuff you’ll find in the 1.20 release

          The GStreamer community keeps focusing their efforts on improving Windows support and is still adding various super fascinating features for Windows. GStreamer is about to release a new stable release (1.20) very soon, so you may want to know what’s new on the Windows front

        • webrtcsink, a new GStreamer element for WebRTC streaming

          webrtcsink is an all-batteries included GStreamer WebRTC producer, that tries its best to do The Right Thing™.

          Following up on the last part of my last blog post, I have spent some time these past few months working on a WebRTC sink element to make use of the various mitigation techniques and congestion control mechanisms currently available in GStreamer.

          This post will briefly present the implementation choices I made, the current features and my ideas for future improvements, with a short demo at the end.

          Note that webrtcsink requires latest GStreamer main at the time of writing, all required patches will be part of the 1.20 release.

        • awstranscriber

          awstranscriber, a GStreamer wrapper for AWS Transcribe API

          If all you want to know is how to use the element, you can head over here.

          I actually implemented this element over a year ago, but never got around to posting about it, so this will be the first post in a series about speech-to-text, text processing and closed captions in GStreamer.

          Speech-to-text has a long history, with multiple open source libraries implementing a variety of approaches for that purpose[1], but they don’t necessarily offer either the same accuracy or ease of use as proprietary services such as Amazon’s Transcribe API.

          My overall goal for the project, which awstranscriber was only a part of, was the ability to generate a transcription for live streams and inject it into the video bitstream or carry it alongside.

          The main requirements were to keep it as synchronized as possible with the content, while keeping latency in check. We’ll see how these requirements informed the design of some of the elements, in particular when it came to closed captions.

          My initial intuition about text was, to quote a famous philosopher: “How hard can it be?”; turns out the answer was “actually more than I would have hoped”.

        • Dirk Eddelbuettel: RcppArmadillo on CRAN: Bugfixes

          Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 937 other packages on CRAN, and downloaded over 22 million times (per the partial logs from the cloud mirrors of CRAN).

          This release brings another bug fix release 10.7.5 by Conrad in the ‘long-term support’ 10.7.* series we started with on September 30. As the bug fixes can come a little quicker than the desired monthly cadence CRAN aims for, we skipped a few of those release for CRAN only but of course still provide them via the Rcpp drat repo.

        • Dirk Eddelbuettel: RProtoBuf 0.4.18: Multiple Updates

          A new release 0.4.18 of RProtoBuf arrived on CRAN earlier today. RProtoBuf provides R with bindings for the Google Protocol Buffers (“ProtoBuf”) data encoding and serialization library used and released by Google, and deployed very widely in numerous projects as a language and operating-system agnostic protocol.

          This release, the first since March of last year, contains two contributed pull requests improving or extending the package, some internal maintance updating the CI setup as well as retiring an old-yet-unused stub interface for RPC, as well as an update for UCRT builds on Windows.

        • Qt5 qtbase compiled in OE

          But, would really like to compile the latest Scribus. Also, Vym is a great mind-mapping tool that requires qt5. What else? — krita is another qt5-base app I think.

          So, I examined the error message where it failed. It is code supporting the AVX instructions. These are instructions that were added onto Intel x86 CPUs in 2011, though even now not all recent Intel CPUs support AVX.

          Apparently, although qt5 will compile-in support for these instructions, it will detect support in the CPU at run-time, and fallback if AVX not supported.

        • Qt4 and Scribus 1.4.8 compiled

          Back in OE Pyro-series, I compiled Qt5 and Scribus 1.5.x in OpenEmbedded. Now on the OE Dunfell-series, no such luck.

          OE has a ‘meta-qt5′ layer, which is supposed to be compatible with the Dunfell release, however compile fails. The error message looks like it might be related to the gcc version. My guess is that the meta-qt5 developers are focussed on OE releases after Dunfell and have neglected the Dunfell release.

          OE does have a ‘meta-qt4′ layer, and that has recently had commits to make it compatible with the Dunfell release. It just needed a couple of little patches, and it compiled.

        • First stable release of the Mold linker developed by the developer LLVM lld

          Rui Ueyama, author compositor LLVM lld and compiler chibicc , introduced the first stable release of the new high-linker the Mold , well ahead of the binding rate of object files linkers GNU gold and LLVM lld. The project is considered ready for production deployments and can be used as a faster transparent replacement for GNU linker on Linux systems. The plans for the next significant release include bringing support for the macOS platform to readiness, after which work will begin to adapt Mold for Windows.

          Mold is written in C ++ (C ++ 20) and is distributed under the AGPLv3 license, which is compatible with GPLv3, but not compatible with GPLv2, since it requires opening changes when developing network services. This choice is explained by the desire to receive funding for the development – the author is ready to sell the rights to the code for relicensing under a permissive license such as MIT, or to provide a separate commercial license for those who are not satisfied with the AGPL.

        • Perl/Raku

        • Rust

          • Follow-up on the moderation issue [Ed: 'Damage control' from an abundantly censorious project]

            Last week, the following e-mail was sent to all members of the Rust project (including all working groups) to follow up on the moderation issue. The footnotes have been added to provide additional context to the wider Rust community, and were not part of the original e-mail.

        • Java

          • This Week In Security: Log4j, PDF CPU, And I Hacked Starlink | Hackaday

            The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most severe vulnerability ever, and it does look like it’s at least in the running. The bug was first discovered by security professionals at Alibaba, who notified Apache of the flaw on November 24th. Cloudflare has pulled their data, and found evidence of the vulnerability in the wild as early as December 1st. These early examples are very sparse and extremely targeted, enough to make me wonder if this wasn’t researchers who were part of the initial disclosure doing further research on the problem. Regardless, on December 9th, a Twitter user tweeted the details of the vulnerability, and security hell broke loose. Nine minutes after the tweet, Cloudflare saw attempted exploit again, and within eight hours, they were dealing with 20,000 exploit attempts per minute.

            That’s the timeline, but what’s going on with the exploit, and why is it so bad? First, the vulnerable package is Log4j, a logging library for Java. It allows processes to get log messages where they need to go, but with a bunch of bells and whistles included. One of those features is support for JNDI, a known security problem in Java. A JNDI request can lead to a deserialization attack, where an incoming data stream is maliciously malformed, misbehaving when it is expanded back into an object. It wasn’t intended for those JNDI lookups to be performed across the Internet, but there wasn’t an explicit check for this behavior, so here we are.

          • The Log4j Vulnerability: What You Still Need to Know

            Easterly adds that “this effort also underscores the urgency of building software securely from the start and more widespread use of Software Bill of Materials (SBOM)” as directed by President Biden earlier this year. An SBOM, Easterly says, “would provide end users with the transparency they require to know if their products rely on vulnerable software libraries.”

          • CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

            CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability, directing federal civilian executive branch (FCEB) agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228.

            Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations review ED 22-02 for mitigation guidance. For additional details, see CISA’s webpage Apache Log4j Vulnerability Guidance.

          • Google Online Security Blog: Understanding the Impact of Apache Log4j Vulnerability

            More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted by the recently disclosed log4j vulnerabilities (1, 2), with widespread fallout across the software industry. The vulnerabilities allow an attacker to perform remote code execution by exploiting the insecure JNDI lookups feature exposed by the logging library log4j. This exploitable feature was enabled by default in many versions of the library.

            This vulnerability has captivated the information security ecosystem since its disclosure on December 9th because of both its severity and widespread impact. As a popular logging tool, log4j is used by tens of thousands of software packages (known as artifacts in the Java ecosystem) and projects across the software industry. User’s lack of visibility into their dependencies and transitive dependencies has made patching difficult; it has also made it difficult to determine the full blast radius of this vulnerability. Using Open Source Insights, a project to help understand open source dependencies, we surveyed all versions of all artifacts in the Maven Central Repository to determine the scope of the issue in the open source ecosystem of JVM based languages, and to track the ongoing efforts to mitigate the affected packages.

          • Understanding the Impact of Apache Log4j Vulnerability (Google) [LWN.net]

            The Google Security Blog looks into the ripple effects of the Log4j vulnerability.

          • GIMP is not affected by the log4j vulnerability

            Everyone is asking us if GIMP is vulnerable to the recent log4j vulnerabilities (also dubbed “log4shell” in the media, in particular regarding to the CVE-2021-44228 zero-day vulnerability).

            As an official statement: no, GIMP is not vulnerable to log4shell!

            We do not use log4j and there is not even any Java code in GIMP. So enjoy GIMP and feel safe while creating more wonderful artworks!

          • Security firm Blumira discovers major new Log4j attack vector

            A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.

          • Mars helicopter has Log4j bug, breaks records all the same • The Register

            NASA has revealed that Ingenuity – the experimental helicopter sent to Mars with the Perseverance Rover – has clocked up a whole half-hour of flight in the Red Planet’s meanly thin atmosphere.

            The ‘copter passed the thirty-minute mark during its 17th flight, on December 5, which sets a new record for the space agency.

            But NASA was unsure of the craft’s status because of what the US agency has described as “an unexpected cutoff to the in-flight data stream as the helicopter descended toward the surface at the conclusion of its flight.”

            At this point of the story we need to share this old tweet from the Apache Software Foundation.

          • How to Check If Your Server Is Vulnerable to the log4j Java Exploit (Log4Shell)

            A critical exploit in widespread Java library has been found, disrupting much of the internet as server admins scramble to fix it. The vulnerable component, log4j, is used everywhere as an included library, so you will need to check your servers and make sure they’re updated.


            The exploit was quickly patched in log4j‘s latest release, 2.16.0, but the problem isn’t fixing it—it’s finding out where you need to. Since log4j is an embedded dependency, it may be non-trivial to search for the specific version of it on your system. And, since Java is so popular, many third-party tools and components may use it, so you may not even know if you are running Java software on your machines.

            Even if you think you aren’t vulnerable, you probably still need to double check. This exploit affects so many systems that there is a solid chance you may be running log4j or Java without realizing it.

            Luckily, JDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the primary attack vector (using LDAP) that’s being exploited the most right now. You still need to patch it regardless, since it can easily be used with other attack vectors as well. Also, just the simple act of making a request to an endpoint can reveal data about machines on your network, which isn’t a good thing either.

            This exploit highlights why it is important to keep a Software Bill of Materials (SBOM), basically a list of all the software on your systems, where it comes from, and what it’s made from. In the future, this knowledge can help you quickly patch against attacks like this.

            In the present, you are probably just concerned about getting your network patched. To do that, you’ll need to scan your systems to find log4j versions used by your software, and make a list of all the vulnerable components.

  • Leftovers

    • 2021 in Tedium, Through Another Set of Eyes

      Throughout 2021, Tedium has covered a variety of stories with all sorts of weird angles. Like your crankiest uncle, I’ve fired off numerous “letters to the editor” (emails to Ernie) after reading a Tedium article and thinking there was something left out.

    • Hardware

      • DIY Mechanical Flux Dispenser Syringe Has Fine Control | Hackaday

        [Perinski]’s design for a mechanical flux dispenser uses some common hardware and a few 3D printed parts to create a syringe with fine control over just how much of the thick stuff gets deposited. The design is slick, and there’s a full parts list to accompany the printed pieces. [Perinski] even has some useful tips on how to most effectively get flux into 5 mL syringes without making a mess, which is a welcome bit of advice.

      • Weather Station Dumps CR2032 Cells, Gains 18650 | Hackaday

        Despite the fact that we’re rapidly approaching the year 2022, there are still an incredible number of gadgets out there that you’re expected to power with disposable batteries. Sure you can buy rechargeable stand-ins that come in the various shapes and sizes of the traditional alkaline cells, but that’s a stopgap at best. For some, if a new gadget doesn’t feature an internal Li-ion battery and standardized USB charging, it’s a non-starter.

        [Danilo Larizza] is one of those people. Bothered by the fact that his Oregon Scientific weather station required a pair of CR2032 coin cells, he set out to replace them with an integrated rechargeable solution. The conversion ending up being easier to implement than he initially expected, and by his calculations, his solution should keep the unit up and running for nearly 40 days before needing to be topped off with a standard USB charger.

      • Gluggle Jug Is Neat Application Of Hydrodynamics | Hackaday

        The Gluggle Jug is an aptly-named thing – it’s a jug that makes loud, satisfying glugging noises when poured. But how does it work? [Steve Mould] set out to investigate.

        [Steve]’s first plan was to cut apart an existing Gluggle Jug to see how it worked, but cutting ceramics can be difficult and time-consuming, and the asymmetric design only made things harder. Instead, he simply smashed a jug to see what it looked like inside, and replicated the basic design in a transparent laser-cut version.

        The design is simple – the glug sounds are from bubbles passing into a closed cavity within the jug as the water is poured out. Stop pouring, and air from that cavity then escapes back through the open mouth of the jug via more bubbles, making an even louder glugging sound. The frequency of the sound is determined by the height of the jug, which is essentially acting as a closed-pipe resonator.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • Coinbase publishes Kryptology library of distributed crypto algorithms

              Coinbase, the company supporting the eponymous digital currency exchange platform, announced the opening of the source texts of the cryptographic library Kryptology , which offers a set of cryptographic algorithms for use in distributed systems in which encryption and authentication is carried out with the involvement of several participants. The code is written in the Go language and is distributed under the Apache 2.0 license.

        • Security

          • Is Linux a More Secure OS Than Windows? | by Stephen Pelzel | Upskilling | Dec, 2021 | Medium

            The Linux OS has built itself a reputation for being a haven for internet privacy enthusiasts, and for good reason. The freedoms offered by Linux to their users is unmatched by other popular OS systems such as Windows and ChromeOS, but how does it stack up in the department of software security? Is Linux more secure from malware and hackers than the mega corporate alternative that is Windows?

          • What does your code use, and is it vulnerable? It-depends! | Trail of Bits Blog

            We are proud to announce the release of it-depends, an open-source tool for automatic enumeration of dependencies. You simply point it to a source code repository, and it will build a graph with the required dependencies. it-depends currently supports cargo, npm, pip, go, CMake, and autotools codebases, packages in their associated package managers, and Ubuntu apt.

          • Kubernetes: What’s new in Security Profiles Operator v0.4.0

            The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement to make the management of seccomp, SELinux and AppArmor profiles easier and more convenient. We’re happy to announce that we recently released v0.4.0 of the operator, which contains a ton of new features, fixes and usability improvements.

          • Privacy/Surveillance

            • Apple quietly deletes details of derided CSAM scanning tech from its Child Safety page without explanation [Ed: Apple does not care about the US Constitution; it'll treat all of its clients like pedophiles (until they prove otherwise)]

              Apple evidently has decided against forcing customers to run its sex crime detection software on their iPhones in order to refer those stashing illegal child abuse images in iCloud to authorities.

              We say “evidently” because the iTitan has simply erased the explanatory text it posted in August that describes its non-consensual image vetting system and has not responded to a request to clarify its plans.

              That month, Apple announced its intention to implement Child Sex Abuse Material (CSAM) Detection [PDF], one of two initiatives that it detailed on its Child Safety webpage. The other, a parental control for its Message app to “warn children and their parents when receiving or sending sexually explicit photos,” debuted in iOS 15.2, which was released on Monday.

            • UK Mensa arm pays libel damages to former CTO • The Register

              British Mensa Limited has paid former CTO Eugene Hopkinson defamation damages and costs settling his claims of libel, malicious falsehood, and breach of his rights under the UK GDPR relating to a series of statements it made on the subject of a January 2021 cyber-attack and a data leak at the org.

              In February, the club for people with a high intelligence quotient launched an investigation following a brute force attack on 20 January. There were two separate incidents in which “limited personal data of a few members and officers” was briefly exposed in the website’s forum.

    • Censorship/Free Speech

      • Farewell Telegram – Hello Signal! – Ignorance is bliss…

        In the last few years I started to use Telegram as my main messenger, beside good old SMS/e-mail.

        I never used WhatsApp as I try to stay away from the Facebook/Meta/… ecosystem.

        Telegram seemed like a good choice as a lot of people I know are there and we e.g. mirror our KDE channels often to Telegram for better outreach, too. And all old messengers like ICQ more or less were abandoned by everybody I know including myself ;=)

        Unfortunately, during the current pandemic, I met more and more people that went down into the rabbit hole thanks to totally uncontrolled Telegram groups.

        Yes, you can say: this is free speech.

        It is.

        But on the other side, I think it can’t really be tolerated that people start to live in some parallel universe that completely ignores any science/laws/facts of the real world.

    • Civil Rights/Policing

      • Opinion | Abortion Rights Are a Religious Freedom for Progressive Jews – The New York Times

        Nearly 30 years ago, my mother was one of the hundreds of thousands of people who attended the 1992 March for Women’s Lives in Washington, D.C. It was a pivotal moment for abortion rights at the Supreme Court, which was about to hear arguments in the case Planned Parenthood v. Casey. Though she left me at home, the words on her sign — “Every child a wanted child” — made an impression. So did the fact that the buses to Washington were chartered by our synagogue. When she returned, I wore the neon pink “Choice” hat she’d bought to my classroom at Jewish day school and began to spread the word.

        That anecdote is not unique in the Jewish American experience: For many Jews, abortion rights are an ethical value, passed on from parent to child, with community support. The latest Pew Religious Landscape Study, from 2014, found that 83 percent of Jews surveyed supported legal abortion in most or all cases, more than any other religious group surveyed.

        A firm commitment to abortion rights isn’t just one of the socially liberal stances that progressive American Jews take. It’s also a belief rooted in our sacred texts, which — despite differing interpretations across time and denominations — consistently prioritize the ultimate well-being of the pregnant person over that of the fetus.

[Meme] The ‘Cartel’ Ran Home With All the Money…

Posted in Europe, Humour, Patents at 6:24 pm by Dr. Roy Schestowitz

Zdravstvo v Sloveniji: Each composer to make a living? They ran off with all the capital

Summary: It’s a lot worse than merely unfortunate when special interests capture one’s government and help themselves to the cookie jar (or take the whole jar a la Slovenia)

Slovenian Patent Office as a Hostage

Posted in Europe, Patents at 6:01 pm by Dr. Roy Schestowitz

The copyright ‘cartel’ (collective interest of the few who collude to the exclusion/detriment of the vast majority) and the patent litigation ‘cartel’ do not represent the interest of the country, but they have a lot of money and connections

Luka Novak in a Slovenian article
Original text in Slovenian

Summary: Further to the latest part in the series about Benoît Battistelli‘s illegal EPO regulations we present here the English translation of an important article from Slovenia, which at the moment helps Team UPC and António Campinos promote the patently unlawful and unconstitutional (across nations) UPC

The following is a translation of an article cited minutes ago. It merits wider reach/visibility now that ‘Team UPC’ is basically commandeering Slovenia in pursuit of illegal, unconstitutional, and economically ruinous agenda:

IPO: a ‘hostage’ to disputes over millions

Uroš Škerl Kramberger

30. August 2013

The Intellectual Property Office will be without a director from tomorrow. Luka Novak has been sacked without explanation and the government has not (yet) managed to find a new one. Andrej Šifrer, the singer-songwriter, has dropped out, and no one else wants the post of Director because of tensions with copyright organisations.

Luka Novak is returning (involuntarily) to publishing from the Intellectual Property Office.

Luka Novak will spend his last day in the director’s office of the Intellectual Property Office today. He was dismissed abruptly and without explanation by the government one month ago, and yesterday’s cabinet meeting has yet to find a new director.

Until the day before yesterday, musician Andrej Šifrer was a candidate for the post of Director, but because he did not meet the formal conditions, his candidacy was dropped. Šifrer declined to comment on the developments.

“To this day, I still don’t know why I was removed”, says Luka Novak. “They mentioned a reorganisation of the office, but I was not officially informed of anything.”

Government spokesman Boštjan Lajovic assured us yesterday that an acting director would be appointed at the end of Novak’s mandate, which will be on Saturday. The “right” person would be found among the current staff of the Office. The Ministry responsible for economic affairs explained that the search for an acting director is still ongoing.

However, our discussions with insiders yesterday showed that the relationship between politics, the profession and the collective copyright management organisations that the Intellectual Property Office (IPO) is supposed to oversee is too heated for the post of Director to be tempting at all, even on a temporary basis.

Amongst others, we spoke to two IP experts who have already been asked to take over the running of the Office but have turned it down. Novak also explained to us that the appointment of an acting Director would not be urgent. In fact, it is possible to appoint an “interim commissioner” – just enough to keep the office running. This “has happened several times in the history of the Office”.

The fact that Andrej Šifrer, the music composer, aspires to become Director is symptomatic of the issues at stake in Novak’s view: copyright and the collecting societies (such as SAZAS and ZAMP) that administer authors’ rights are given too much weight, according to Novak.

Most of our interlocutors yesterday, who did not wish to be named because of the sensitivity of the subject, pointed out that the work of the Office is only to a minor extent devoted to authors’ rights, and to a major extent to rights deriving from economic activities, such as industrial property and patents.

“Copyright is handled by one and a half people at the Office, while forty people deal with other areas”, one of our interlocutors noted, for example. Experts advised us that a solution that might be appropriate, as is also known from other countries, would be to move the regulation of copyright law under the Ministry of Culture.

The problem is that the Office, which deals with a wide range of rights protection – from patents and protection certificates to trademarks and geographical indications – has for years been “hostage” to disputes between collecting societies such as SAZAS, IPF and AIPA, which have been unable to agree on how to collect and distribute money, and the disputes have spilled over into politics.

These are organisations that are overseen by the URSIL, but at the same time are difficult to control because of the large amounts of money that flow through them from users to authors. Our interlocutors pointed out that past directors, such as Jurij Žurej, have tried to regulate relations between the Office and the organisations and between the organisations themselves, but that resentment and antagonism have only deepened.

SAZAS collects and distributes more than ten million Euros each year to authors, IPF just over one million Euros and AIPA a similar amount. All organisations retain part of the money for their own operations.

It should be noted that problems such as these aren’t unique to Slovenia; it’s a big problem associated with businesses controlling the government and misusing their financial might.

The EPO’s Overseer/Overseen Collusion — Part XXXVII: Stubbornly Independent Slovenia

Posted in Europe, Patents at 5:31 pm by Dr. Roy Schestowitz

Series parts:

  1. The EPO’s Overseer/Overseen Collusion — Part I: Let the Sunshine In!
  2. The EPO’s Overseer/Overseen Collusion — Part II: A “Unanimous” Endorsement?
  3. The EPO’s Overseer/Overseen Collusion — Part III: Three Missing Votes
  4. The EPO’s Overseer/Overseen Collusion — Part IV: The Founding States
  5. The EPO’s Overseer/Overseen Collusion — Part V: Germany Says “Ja”
  6. The EPO’s Overseer/Overseen Collusion — Part VI: A Distinct Lack of Dutch Courage
  7. The EPO’s Overseer/Overseen Collusion — Part VII: Luxembourgish Laxity
  8. The EPO’s Overseer/Overseen Collusion — Part VIII: Perfidious Albion and Pusillanimous Hibernia
  9. The EPO’s Overseer/Overseen Collusion — Part IX: More Holes Than Swiss Cheese
  10. The EPO’s Overseer/Overseen Collusion — Part X: Introducing the Controversial Christian Bock
  11. The EPO’s Overseer/Overseen Collusion — Part XI: “General Bock” – Battistelli’s Swiss Apprentice?
  12. The EPO’s Overseer/Overseen Collusion — Part XII: The French Connection
  13. The EPO’s Overseer/Overseen Collusion — Part XIII: Battistelli’s Iberian Facilitators – Spain
  14. The EPO’s Overseer/Overseen Collusion — Part XIV: Battistelli’s Iberian Facilitators – Portugal
  15. The EPO’s Overseer/Overseen Collusion — Part XV: Et Tu Felix Austria…
  16. The EPO’s Overseer/Overseen Collusion — Part XVI: The Demise of the Austrian Double-Dipper
  17. The EPO’s Overseer/Overseen Collusion — Part XVII: The Non-Monolithic Nordic Bloc
  18. The EPO’s Overseer/Overseen Collusion — Part XVIII: Helsinki’s Accord
  19. The EPO’s Overseer/Overseen Collusion — Part IXX: The Baltic States
  20. The EPO’s Overseer/Overseen Collusion — Part XX: The Visegrád Group
  21. The EPO’s Overseer/Overseen Collusion — Part XXI: The Balkan League – The Doyen and His “Protégée”
  22. The EPO’s Overseer/Overseen Collusion — Part XXII: The Balkan League – North Macedonia and Albania
  23. The EPO’s Overseer/Overseen Collusion — Part XXIII: The Balkan League – Bulgaria
  24. The EPO’s Overseer/Overseen Collusion — Part XXIV: The Balkan League – Romania
  25. The EPO’s Overseer/Overseen Collusion — Part XXV: The Balkan League – Fresh Blood or Same Old, Same Old?
  26. The EPO’s Overseer/Overseen Collusion — Part XXVI: A Trojan Horse on the Budget and Finance Committee
  27. The EPO’s Overseer/Overseen Collusion — Part XXVII: Cypriot Complicity
  28. The EPO’s Overseer/Overseen Collusion — Part XXVIII: Benoît and António’s Loyal “Habibi”
  29. The EPO’s Overseer/Overseen Collusion — Part IXXX: The EPOnian Micro-States – Monaco and Malta
  30. The EPO’s Overseer/Overseen Collusion — Part XXX: San Marino and the Perfidious Betrayal of Liberty
  31. The EPO’s Overseer/Overseen Collusion — Part XXXI: The Abstentionists
  32. The EPO’s Overseer/Overseen Collusion — Part XXXII: “Plucky Little Belgium”?
  33. The EPO’s Overseer/Overseen Collusion — Part XXXIII: Swedish Scepticism
  34. The EPO’s Overseer/Overseen Collusion — Part XXXIV: An “Extremely Dubious” Proposal
  35. The EPO’s Overseer/Overseen Collusion — Part XXXV: Slovakian Scruples
  36. The EPO’s Overseer/Overseen Collusion — Part XXXVI: Serbian Sour Grapes
  37. YOU ARE HERE ☞ Stubbornly Independent Slovenia

URSIL Director Luka Novak and his deputy Helena Zalaznik
The Slovenian representatives in June 2013: URSIL Director Luka Novak and his deputy Helena Zalaznik.

Summary: Benoît Battistelli‘s unlawful “Strike Regulations” were not approved by Slovenia; it seems like this resistance to EPO autocracy was in turn challenged by lobbyists — the sorts of people who prop up the UPC and the likes of António Campinos

Slovenia is probably the most well-developed and prosperous of the successor states of the former Federal Republic of Yugoslavia. Although the country straddles the Balkan Peninsula, most Slovenians prefer to consider it as part of “Central Europe”. In fact, they are likely to object to their homeland being referred to as a “Balkan state” due to the negative associations which this term evokes.

“…they are likely to object to their homeland being referred to as a “Balkan state” due to the negative associations which this term evokes.”Back in June 2013, the Slovenian delegation on the EPO’s Administrative Council was headed by Luka Novak, the Director of the Intellectual Property Office of the Republic of Slovenia (known locally as the “URSIL”).

Novak was not present in Munich for the 136th Council meeting. The acting head of delegation on that occasion was his deputy, Helena Zalaznik, the long-serving head of URSIL’s patent department.

As far as can be determined, like his colleague Mihály Ficsor from the Hungarian IPO, Novak was off on a WIPO jolly in Marrakech for signing a “Treaty to Facilitate Access to Published Works for Persons Who Are Visually Impaired or Otherwise Print Disabled”.

However, unlike Ficsor, Novak at least managed to ensure that his deputy Zalaznik was properly instructed to refrain from endorsing Battistelli’s “Strike Regulations”.

Novak was initially appointed as “acting director” of the URSIL on an ad interim basis in July 2012 and his appointment was confirmed in October 2012.

Prior to his appointment Novak enjoyed a kind of minor celebrity status in Slovenia as an author, publisher and “TV personality”.

“Novak is also known in Slovenia and France as the author of various books, including works of fiction and non-fiction on diverse topics.”He was born in 1963, to Andrej and Edvina Novak. His father Andrej was a journalist and later Slovenia’s representative to the Council of Europe, and his mother Edvina founded the publishing company Vale-Novak in 1990.

Novak spent his childhood in Ljubljana and Paris, where his father was a foreign correspondent for the Slovenian newspaper Delo. He graduated from the Faculty of Arts of Ljubljiana University in 1987 with a degree in Comparative Literature and pursued post-graduate studies in Paris, Cologne and Tübingen.

After returning to Ljubljana in 1993, he took over the management of his mother’s publishing company Vale-Novak and also set up his own company Totaliteta Publishers.

Novak is also known in Slovenia and France as the author of various books, including works of fiction and non-fiction on diverse topics.

“Novak also enjoyed fame in Slovenia as a “TV personality”.”For example, Le Métro, Inconscient urbain is described as “a psychogeographical analysis of public transport in Paris, New York and Tokyo” and Phénoménologie de la mayonnaise is “a historical, anthropological and philosophical analysis of gastronomy”.

He has also authored novels such as The Golden Shower, or What Men Want and The Feeling of Spring in Litzirüti.

Luka Novak's books
Novak is known as a publisher and the author of various books, both fiction and non-fiction.

Novak also enjoyed fame in Slovenia as a “TV personality”. Together with his wife Valentina Smej, he has co-written and co-hosted 120 episodes of gastronomical and lifestyle TV shows for various TV channels.

“Together with his wife Valentina Smej, he has co-written and co-hosted 120 episodes of gastronomical and lifestyle TV shows for various TV channels.”During this phase of his career he was Slovenia’s answer to Jamie Oliver and his cookery show Love through the stomach led to the publication of several best-selling cookbooks.

He was also involved in a major TV documentary series called 50 Books That Shaped Slovenia. The series depicted and assessed the role of the most important literary works that contributed to the development and formation of Slovenia as a nation.

Luka and Valentina Novak
Slovenia’s answer to Jamie Oliver: Novak co-hosted the show “Love through the stomach” with his wife Valentina.

Over the years, Novak has also been an active participant in Slovenian politics. In 2006 he made an unsuccessful attempt to get elected as mayor of Ljubljana on the Eurosceptic EUDS ticket.

Luka Novak in Ljubljana
In 2006 Novak made an unsuccessful bid to become mayor of Ljubljana on the Eurosceptic EUDS ticket.

Novak was subsequently associated with the centre-right Slovenian People’s Party (SLS) and, although he did not become a member, he helped to draft the party’s cultural programme for the 2011 election.

“In 2006 he made an unsuccessful attempt to get elected as mayor of Ljubljana on the Eurosceptic EUDS ticket.”Following the election, the SLS became a junior partner in the coalition government formed under the leadership of Janez Janša. It is likely that Novak’s connections to the SLS helped him to secure the position as head of the URSIL following the dismissal of Jurij Žurej in May 2012.

Luka with Janez Podobnik
Novak (r.) with Janez Podobnik (I.) of the centre-right SLS.

But like his predecessor Žurej, Novak didn’t survive long in the job.

In August 2013 – not long after the EPO vote on Battistelli’s “Strike Regulations” – he was dismissed as head of the URSIL without reason.

We shall look at the circumstances of Novak’s dismissal in more detail in the next part. But for the moment we shall simply note that his successor at the head of the URSIL was a lady by the name of Vesna Stankovič Juričič.

“We shall look at the circumstances of Novak’s dismissal in more detail in the next part.”During her time on the EPO’s Administrative Council, Stankovič Juričič took a stubbornly independent line and was openly critical of Battistelli.

As a matter of fact, a leaked recording from a meeting of the EPO’s Budget and Finance Committee in 2014 shows that she was not afraid to openly challenge “Il Capo” and call him out on the dubious “human resources” policy which was being promoted by his management team:

At the beginning,” tells us one who listened to the recording, “one can hear an intervention of the Slovenian delegation. It says that the EPO is not a company on the stock exchange and should focus on quality and careful handling of human resources. Battistelli insults and threatens the delegation.

Then, Battistelli says that the [reform of the] career system will make “hundreds of millions for the office” and that “the Office should not care about FR, UK and DE law” but rather think only in terms of “what is good for the office”.”

However, like her predecessor, Stankovič Juričič didn’t last long at the head of the URSIL. As a matter of fact she departed in May 2015, about a year and a half through her five year term.

Vesna Stanković Juričić openly challenged Battistelli on his dubious “human resources” policy but did not last long at the head of the Slovenian URSIL.

At the time it was rumoured among EPO insiders that Stankovič Juričič had been replaced at the request of Battistelli who was reputed to have flown to Ljubljana to complain to her supervising minister.

However, anecdotes of this kind exaggerate Battistelli’s ability to directly influence the domestic political affairs of EPO member states and obscure the real story behind Stankovič Juričič’s departure.

“At the time it was rumoured among EPO insiders that Stankovič Juričič had been replaced at the request of Battistelli who was reputed to have flown to Ljubljana to complain to her supervising minister.”That story can be found in local Slovenian media reports which reveal details of the local political intrigues that led to “constant changes” in the leadership of the URSIL between 2012 and 2015.

More specifically, these media reports explain the nefarious influence exerted over the Slovenian “IP” office by certain collective management organisations (CMOs) and their lobby groups.

In the next part we will investigate these matters in more detail and see how the Slovenian IPO became “a hostage to disputes over millions”. (Local copy with translation [PDF])

Links 17/12/2021: Switching to Garuda Linux and GCompris 2.0 Release

Posted in News Roundup at 12:22 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Why I Switched to Garuda Linux

        Months after making Garuda Linux my daily driver operating system on my desktop PC, I still don’t have any regrets. It’s continued to be everything I look for in a Linux distribution (distro). Here’s why.


        With my job, though, fast access to the latest and greatest software is paramount. I don’t have time to constantly find workarounds and scour alternative software sources. Garuda solves this problem for me by granting access to the most bleeding-edge packages by default, via the Chaotic-AUR repository. App source code gets packaged and pushed to my device soon, if not immediately, after publication.

        If that sounds like a threat to the stability of those apps and my PC, that’s because it is. So how can I rely on Garuda as a daily driver operating system? It’s simple: Garuda creates a snapshot of your system every time you update that you can easily restore in the case of a catastrophic upgrade. Combine that with regular backups of personal files, and you have an operating system that you can rely on for daily use and for the latest software.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.15.10
        I'm announcing the release of the 5.15.10 kernel.
        All users of the 5.15 kernel series must upgrade.
        The updated 5.15.y git tree can be found at:
        	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y
        and can be browsed at the normal kernel.org git web browser:
        greg k-h
      • Linux 5.10.87
      • Linux 5.4.167
    • Applications

      • Find, Download, and Update AppImages Quickly with this Neat Tool – OMG! Ubuntu!

        If you a fan of AppImages and want a ‘centralised’ way to find, download, and update them, check out AppImage Pool.

        This open source app is built using Dart and Flutter (now Ubuntu’s toolkit of choice) and it’s kind of like a one-shop app store for finding and downloading App Images on Linux.

        I say kind of because AppImage Pool is a well-made frontend to the AppImage Hub. While that hub is a popular end-point for many AppImages, the packaging format’s free-roaming nature means distribution isn’t exclusive to any one place (so not every app every released as an AppImage is going to be on it).

        Also, I’m not going inflict any proselytising about which app format(s) you should or shouldn’t use. That’s never been my style; use what vibes for you and ignore whatever doesn’t. If you only like to use AppImages? Have at it!

    • Instructionals/Technical

      • What Is Swap Space In Linux?

        So, you finally decided to switch to Linux from Windows. You search the internet for tutorials, and halfway through the installation process, you hear about the term “Linux Swap,” wonder what it is, and one search on the internet brought you to this article. Let’s look at Swap Space is in Linux and if it’s essential or not.

        Swap is similar to the memory expansion feature on smartphones recently made available by some manufacturers. In a nutshell, it uses the phone’s internal storage like RAM if the actual RAM runs out of space. Similarly, on Linux, Swap space keeps your computer from crashing by storing volatile data on its internal memory (HDD/SSD) if your physical RAM is full.

      • How To Use Sleep Command in Linux: Explained with Examples

        Linux operating systems are all about commands and the way you use them to complete your task. Sleep command in Linux is one of the commands you can use to delay a specific time during a script’s execution process. It benefits the developers when they want to pause the command execution for one particular time. So if you also want to learn everything about sleep commands, this article is just for you. In this article, you will learn about every possible detail of the sleep command in Linux.

      • How to Use Ansible to Install and Configure Postgres 14 on Ubuntu 20.04

        In this guide we are going to install and configure Postgresql 14 in Ubuntu 20.04 using Ansible.

        Postgresql is an open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance. Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance.

        Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows.

      • How to update/upgrade Debian/Ubuntu Linux using Ansible

        It is essential to keep your system up to date and to apply all security patches. If you are tasked with managing multiple servers, the process of logging in to each and every server to perform the task can be cumbersome. You can use Ansible to achieve the functionality. The Ansible apt module can be used to manage apt updates and apt upgrades. The module uses either aptitude or the apt-get command on the remote server for package management.

        Similarly, if there are kernel updates that require OS reboot, it would be best to use the reboot ansible module to reboot the machine, wait for it to go down, come back up and to respond to commands

        In this guide, we will create a script to update Debian based systems cache and upgrade packages installed. We will also include a task to restart the server if there were kernel updates that requires reboot.

      • Install Grafana Server On Ubuntu 21.04 – Unixcop the Unix / Linux the admins deams

        Grafana is free and open-source software. That visualizes and monitors data from sources such as Prometheus, InfluxDB, Graphite, and ElasticSearch. The built-in sharing feature is there in Grafana. Which allows you to share data.

        Today we will learn to install and secure Grafana.

      • Install PIP for Python 3 in CentOS 8 – Unixcop the Unix / Linux the admins deams

        PIP is a package manager used to install and manage software packages written in Python. CentOS repository allow both pip2 and pip3 for python 2 and python 3 respectively using dnf command. Python 3 is the most recent, stable, long-term supported version of Python. If you don’t specifically need Python 2 for compatibility with older applications use Python 3.

        In this tutorial we will install PIP 3 for python 3.

      • What Is Swap Space In Linux? – Fossbytes

        So, you finally decided to switch to Linux from Windows. You search the internet for tutorials, and halfway through the installation process, you hear about the term “Linux Swap,” wonder what it is, and one search on the internet brought you to this article. Let’s look at Swap Space is in Linux and if it’s essential or not.


        Creating Swap space is unnecessary to install Linux, but if your computer has less RAM and more storage space, you can salvage some to make some swap space as it might come in handy in some situations.


        Considering you’re already in the installer and created / and /home partitions, the next step would be creating swap space. All you need to do is create an empty partition of size depending on how much RAM you have (Minimum 2GB to 4GB of swap space if you have 8GB RAM). In the options, select “use it as swap” or any word that correlates to Swap and click on create. You can then go ahead with the installation process.

      • Set The Currently Playing Spotify Song Title And Album Cover As Your GNOME Wallpaper With This Script – Linux Uprising Blog

        Blueberry is a new Python scripts that sets your currently playing Spotify song title and album cover as your GNOME desktop wallpaper. To use it, you need Spotify Premium.

        The wallpaper includes the album cover in the center, while also using the 2 main colors from the cover to paint the rest of the wallpaper. The artist and song title are also displayed on the wallpaper.

        The script changes your background to the currently playing Spotify song album cover and song title, no matter how you listen to music on Spotify. You can use the native desktop app, the Spotify snap or flatpak packages, Spotify web, using some other desktop Spotify clients, and even Spotify running on your phone.

      • Write your screenplay on Linux in Fountain markdown | Opensource.com

        A screenplay is the blueprint for a movie, and it used to be written on a typewriter. You bought the typewriter, and you could write a screenplay. And not just one screenplay, but lots of them. You could write screenplays until typewriters fell out of fashion.

        The puzzling thing is, though, that as technology for writing became “better,” the harder it got to write screenplays. There are strict formatting rules in the screenplay world implemented to help the Assistant Director (AD) on a film shoot estimate how long each scene would take to shoot. You’d think that a computer would make this easier than the exclusively manual process required on a typewriter. Yet, popular computers managed to restrict writers with expensive software that became embedded in Hollywood culture. If you didn’t have the right software, you were told that you could never be a serious screenwriter.

        All that changed with open source software, though, and one of the simplest methods of writing screenplays is not to use special software at all. The Fountain markdown technique requires just a plain text editor, like Atom, Kate, Gedit, or similar, and it exports to a properly formatted HTML or PDF screenplay.

      • How to List Git Tags – buildVirtual

        First of all, what are Git tags? Tags are labels or ref’s that point to specific points in your Git history. They are generally used to mark or highlight a significant git commit in your project, for example, when you have a version release (e.g. v1.0.1 could be the tag value). When a commit is tagged it is easy to find, so if you wanted to find a particular version release, you can find it quickly because of the git tag. This tutorial will show you how you can list git tags in your code repository.

      • How to connect Prometheus to OpenShift Streams for Apache Kafka | Red Hat Developer

        Configure Prometheus and Red Hat OpenShift Streams for Apache Kafka to work together, so you can get your cluster metrics all in one place.

      • How To Install OpenProject on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install OpenProject on Ubuntu 20.04 LTS. For those of you who didn’t know, OpenProject is an open-source task management system that is completely web-based written in Ruby on Rails and Angular js. It allows you to manage projects across a diversity of teams and departments. It is available in both community and enterprise editions. The community edition covers a wide range of features and plugins and is available for free.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the OpenProject open-source task management on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to manage the system logs using Webmin – Unixcop the Unix / Linux the admins deams

        Hello, friends. We continue our series of posts about webmin. Now we will show you something very simple but that can help us on many occasions. In this post, you will learn how to manage the system logs using Webmin.

      • How to install and configure QEMU 6.2 on Ubuntu 20.04 – NextGenTips

        In this tutorial, we are going to learn how to install and configure QEMU on Ubuntu 20.04.

        QEMU is a free and open-source hypervisor, it emulates the machine’s processor through dynamic binary translation and provides a set of different hardware and device models for the machine, enabling it to run a variety of guest operating systems.

        QEMU is capable of emulating a complete machine in software without the need for hardware virtualization support. It is also capable of providing userspace API virtualization for Linux and BSD kernel services. It is commonly invoked indirectly via libvirt library when using open source applications such as oVirt, OpenStack, and virt-manager.

    • Games

      • There’s been a lot of Steam Deck news in the last few days… 🙄 – Invidious

        I’m super stoked for the Steam Deck, but I gotta admit. I’m a bit triggered by the way the premium carrying case looks. Every indication said it should be blue inside.

      • Steam Deck ‘on track’ for February, Valve hopes for millions by end of 2023 | GamingOnLinux

        Seems Valve really are expecting big things from the SteamOS 3 Linux-powered Steam Deck handheld, according to a new report from PC Gamer. Originally due to be launching this month, Valve ended up delaying it until February 2022. Due to all the worldwide shortages, many were worried about another delay but Valve appear confident in hitting that new date.

        In the new report Valve sound very bullish, with designer Greg Coomer mentioning how different their shipping will be compared to traditional consoles. Valve don’t need to ship masses of boxes around to traditional stores, as it’s only sold in the one place – Steam.

      • Seems no hope for Insurgency: Sandstorm on Steam Deck / Linux | GamingOnLinux

        Sadly it seems like Insurgency: Sandstorm is not one you’ll be enjoying on the Linux desktop or Valve’s Steam Deck any time soon, even with Epic Games supporting Easy Anti-Cheat with Wine / Proton.

        A game that originally planned Linux support, which New World Interactive decided not to do while also cancelling the planned story campaign back in 2019. The last hope was Steam Play Proton but it appears the developer will not be enabling support for it in EAC.

      • Project Zomboid reintroduces multiplayer with the newest Beta build | GamingOnLinux

        After multiple years working on Build 41 of Project Zomboid, The Indie Stone have now finally hooked up multiplayer for it and you can test it yourself now.

        Project Zomboid did already have multiplayer but Build 41 that’s available in an opt-in Beta is a massive overhaul of the entire game. It is the single biggest update the game has ever seen and it’s still not done, which is why it’s left in an opt-in Beta but most people generally play on that version now. Build 41 has all sorts like revamped animations and combat, a whole new sound design by some who did the incredible Alien: Isolation, a huge map expansion and the list of what’s new and improved at this point is practically endless.

      • Oxygen Not Included – Spaced Out! has officially launched | GamingOnLinux

        After a year in Early Access, the Oxygen Not Included – Spaced Out! expansion has now officially launched.

        This is a pretty great looking expansion for a game that I already firmly loved, with Klei Entertainment really putting in the effort on this one to give players many reasons to go out and buy it. The idea of sending your little people off into the unknown to start another colony is great. If you were after the ability to build up a whole lot more, this is an essential purchase for ONI fans.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • digiKam 7.4.0 is released

          After five months of maintenance, the digiKam team is proud to present version 7.4.0 of its open source digital photo manager. This new version arrives after 20 years of developement since the first public 0.1.0, released at Christmas 2001.

          Here is the list of most important features coming with this release…

        • GCompris Releases Version 2.0 | KDE.news

          GCompris 2.0 improves classic favorites loved by children of all ages, and adds even more activities for more fun and learning.

          GCompris is KDE’s educational suite of more than 170 activities and pedagogical games. It is used by teachers, parents and, most importantly, children worldwide. GCompris is a fixture in classrooms and at home, giving kids the opportunity to practice a wide range of skills while having fun at the same time.

        • Setting a default global theme has just become much easier

          Just set the default global theme in /etc/xdg/kdeglobals and your good to go.
          In the last years System Settings has been gradually improved with each release featuring more pages being cleaned up, redesigned or even rewritten from scratch. In this process there was also focus on proper state handling, adding ‘Defaults’ button where missing and sensible, adding highlighting of changed settings and making sure that these systems do the correct thing. In this post I will explain how Global Themes factor into this and how their pre-run set-up is now much simpler for distributions starting with Plasma 5.24.

    • Distributions

      • SUSE/OpenSUSE

        • Frameworks, Gear, Pipewire Update in Tumbleweed

          There was no slowing down of snapshots this week as new software continues to flow with daily openSUSE Tumbleweed releases. Tumbleweed went seven for seven this week!

          Just two updates were in the 20211214 snapshot. The remote accessing package remmina 1.4.22 provided fixes for freerdp3 compatibility, and remmina also had a fix for a crash if the main window is closed. The libcap-ng 0.7.11 package, which analyzes a system for apps with too many privileges, removed unneeded rules.

      • IBM/Red Hat/Fedora

        • IBM Emeritus Irving Wladawsky-Berger: A Winning Strategy for the Post-Pandemic “New Normal”

          “A winning digital strategy requires new twists to familiar moves,” said a recent McKinsey article, Strategy for a digital world. “Competitive differentiation, now more than ever, emerges from superior digital capabilities and technology endowment, more agile delivery, and a progressively more tech-savvy C-suite.”

          According to the latest McKinsey Global Survey on digital strategy, the pandemic has sped up the adoption of digital technologies by several years. While the imperative for a strategic approach to technology is universal, the survey found that some companies are already leading the pack because they have better overall technology capabilities, talent, leadership, and resources, and their superior technology endowment is linked to better economic outcomes.

          The pandemic has accelerated the pace of change of the leading technology companies as well as the industry leaders who’ve been investing heavily in new digital-enabled strategies and business models, widening the gap between these top economic performers and all other companies. At the same time, the survey showed that many of the organizations that are being left behind could be missing opportunities to catch up by investing in the areas of their business most at risk of digital advances.

          Traditional legacy companies should revisit the classic strategies that may have worked well for them in decades past but that must now be updated given the accelerated pace of digital disruption. The McKinsey article offers a road map for so doing based on five major changes.

        • 5 features that will make you fall in love with Emacs

          I love a good text editor, and I was an aimless sometimes-Vim sometimes-Kate sometimes-Gedit user until I fell solidly into Emacs, thanks to a very wise boss who wanted to standardize tools within his team. I didn’t intend to become a user of Emacs exclusively, but every time I used a different editor, I found myself missing an Emacs feature.

          That’s how text editors get you, though: You develop a subtle familiarity with an editor such that the “work” of translating thought—whether it’s a network design idea, a specific configuration, or a Bash script—into text feels so natural that sometimes you have to type your thoughts just to make sense of them.

          At some point, I accepted that I was an Emacs user, but I like a diverse toolset; I like alternatives and options. That’s one reason I use open source! Emacs has a few key features that I consider essential, not necessarily in implementation but in concept. Here are five great text editor features I learned from Emacs and strive to implement, one way or another, in any text editor I use.

        • Why glibc 2.34 removed libpthread

          The recent 2.34 release of the GNU C library, glibc, removes libpthread as a separate library. This article explains the motivation behind this change and some consequences for developers and system administrators.

          For a long time, glibc was split into multiple, separate, shared objects. For example, the threading library libpthread was contained in a shared object libpthread.so.0, and the application interface for the dynamic linker, libdl, in the file libdl.so.2. There was even a time, some twenty years ago, when there were two separate implementations of libpthread, the LinuxThreads implementation for Linux 2.4 and earlier and the Native POSIX Threads Library (NPTL) implementation for Linux 2.6 and later.

          In the glibc 2.34 release, we have integrated most components that used to be in separate shared objects into the main libc object, libc.so.6. These changes have been implemented in a backward-compatible fashion, so even though libpthread is gone as a separate object, all the public functions it used to provide (such as pthread_create) are still available. In this consolidation effort, glibc follows the pioneering work of the musl C library, which provides absolutely everything (including the dynamic linker) in a single shared object.

        • IT leadership: 5 steps to a successful training strategy | The Enterprisers Project

          The pressure on established enterprises to modernize and compete against agile, cloud-native startups has never been more intense – especially for those that continue to use a large amount of legacy technology. At a time when it’s crucial for organizations to address these issues to survive, leaders must find ways to bridge the skills gap between old and new.

          The real solution lies in cross-training, reskilling, and upskilling IT teams now to ensure they understand both legacy environments and modern application development practices. That way, when the inevitable time comes to transform, the team will be prepared.

      • Canonical/Ubuntu Family

        • Add a Cool Falling Snow Effect to the Ubuntu Desktop

          Your desktop!

          December is, after all, the most wonderful time of the year. There’s no reason why your preferred Linux distro of choice should escape the decorative blitz — the rest of us can’t!

          After you set a xmas wallpaper and open VLC to see its once-a-year easter-egg you can add a live snowing effect to your desktop.

          Not only will a flurry of falling unicode characters speed up your productivity and make it fas—Okay, it won’t do any of that, but it will blanket your desktop in irresistibly seasonal sleet.

        • Linux Mint 20.3 Beta Download and Test before Stable Release

          Linux Mint 20.3 Beta Download and Test before Stable Release, The Linux Mint project has published a new development release. Linux Mint 20.3 Beta introduces dark theme support for the Hypnotix video streaming application and presents a new document manager called Thingy. “The Hypnotix IPTV player looks better than ever, thanks to Dark Mode support and a new set of flags.

        • Pop!_OS 21.10: Radical distro shows potential but does not play nicely with others

          Although its name alludes to the American revolution in 1776, System76 is rather younger. It was established in 2005, just a year after Ubuntu released its first version. The company sells PCs pre-installed with Linux, and since 2017 has offered its own distro, Pop!_OS [sick! sorry, sic], a heavily modified version of Ubuntu – and it’s just released version 21.10.

          Pop!_OS (we’ll just call it Pop) is probably the most substantially different Ubuntu derivative. Whether that sounds appealing or not depends on taste, and possibly on how well you know Canonical’s original.

          You can choose a version of the ISO which comes preinstalled with the latest version of Nvidia’s proprietary graphics drivers, including support for the notoriously tricky Optimus laptop GPU-switching functionality.

        • Ubuntu 22.04 Theme Replaces Purple with Orange (Like, Everywhere)

          I didn’t want to write about this change quite so soon as a) it’s not finished or final and the code hasn’t landed in Ubuntu 22.04 daily builds yet. However, people have noticed and I don’t want to look like I’m behind.

          So, you may remember that last cycle Ubuntu’s community-based design team were instructed to remove purple (aka aubergine) from the Yaru GTK theme (as it is being dropped from the Ubuntu colour palette). While the great ‘de-purpling’ task didn’t end up happening in time for Indri it does appear to be happening for Jammy.

        • Ubuntu Yaru Theme To Lose Its Aubergine Accent Color For Ubuntu 22.04 Jammy Jellyfish – Linux Uprising Blog

          For the upcoming Ubuntu 22.04 release, the Yaru developers are removing the aubergine (eggplant) color from the default Ubuntu theme, replacing it with orange, since libadwaita will only allow Ubuntu to use one accent color.

          The work for this has already started, with orange now being used throughout the Yaru GTK and GNOME Shell theme for every element that was previously aubergine – sliders, switches, checkboxes, etc. What’s more, the orange from the window close button was also removed, I assume also due to libadwaita.

        • Robotics and Ubuntu rewind 2021

          A year packed with news and events. A year where great competitions came to an end. A year that made us dream with new robots. 2021 inspired us to reach new heights and pursue new breakthroughs.

          As we power millions of robotics developers with Ubuntu and our robotics open source tools, we present a recap of what marked this year. Discover the victories and defeats of 2021. Those product launches that made the front page. Our best tutorials and whitepapers. And the work of the R&D community that captured our imagination. This was 2021!

        • Snapcrafters – One for all, all for one

          In mid-2017, a small group of techies banded together and formed a team that would specialize in creating community-supported snaps of applications for which there was or would be no upstream support. This team called itself: Snapcrafters.

          Over time, it slowly, gradually grew, attracting more people and bringing yet more snaps under its umbrella, some fairly popular ones, others a bit more obscure. Then, for a while, the effort lost some of its momentum, and the Snapcrafters settled into a steady rhythm, with a few passionate contributors who couldn’t really cover it all. Fast forward to early summer 2021, the community veterans felt it was their make it or break it moment. They could close shop, or try to infuse their team with a breath of fresh ideas and work. They decided on the latter, and thus the Snapcrafters community effort was revived.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • The Talospace Project: 91ESR with Baseline Compiler/Baseline wasm for POWER9

            It’s heeeeeee-re. I’ve completed the pull-up of the POWER9 Firefox JavaScript JIT to the current ESR, Firefox 91. As a bonus I also completed the second-stage Baseline Compiler (Baseline Interpreter being the first-stage compiler) at the same time for a reason I’ll explain in a minute.
            The build process is the same as Firefox 91, using the 91ESR tree, but requires adding –enable-jit to your .mozconfig and applying this patch and set of files. Please note that POWER9 remains the only supported architecture (Power10 grudgingly, but it should work), and only on little-endian. If you compile big-endian, the JIT should statically disable itself, even with –enable-jit. If you compile with -mcpu=power9, which is recommended, the JIT is statically enabled with –enable-jit and becomes slightly faster because there are fewer runtime checks. If you don’t explicitly specify POWER9, or do something like -mcpu=power8, but still specify –enable-jit, then runtime detection should be enabled (which right now disables the JIT). I have not tested this on POWER8 because I don’t have a POWER8, so I can’t fix it myself. If this doesn’t work or builds a defective Firefox or JavaScript shell, please submit a correction and I’ll incorporate it.

          • The Mozilla Blog: Pocket & Texas Monthly Take You Inside The World of the Dallas Cowboys Cheerleaders With New Partnership
      • Productivity Software/LibreOffice/Calligra

        • LibreOffice has been awarded the Editor’s Pick badge by Software Informer – The Document Foundation Blog

          Work with document files either imported from programs like MS Word, Excel and other office tools or created natively in formats like ODF or PDF compatible with modern and open standards. Editing, copying and incorporating data in databases is possible.

          LibreOffice is an open-source free alternative to heavy commercial office suites like MS Office. While having generally the same functionality, LibreOffice is more open to modification and updates, making it a more attractive suite if you want a comfortable and adjustable tool for working with documentation.

      • FSF

        • GNU Projects

          • Changes between v5.9 and v6.0:
          • GNU Nano 6.0 Released – It’s FOSS News

            Ever since its release in late 1999, GNU Nano has set new standards for ease-of-use for terminal-based text editors. Since then, it has seen multitudes of releases, the latest of which is the brand-new version 6.0.

            While not necessarily the most feature-packed release, it does have a few key improvements. Let’s take a look at some of them!

          • GNU Nano 6 broadens the horizons of the editor and supports more colors – itsfoss.net

            Complying with the cadence of a major release every year (although this time rushing), we already have among us GNU Nano 6, the new major version of the well-known console text editor that is pre-installed in many Linux distributions.

            GNU Nano 6 arrives with some interesting news. To start we have the option ‘–zero’, which allows launching the program so that the title bar, the status bar and the help lines are hidden, thus using all the lines of the terminal as the editing area. The title bar and status bar can be toggled with ‘M-Z’.

            Colors can now be specified with three digit hexadecimal numbers following the RGB format, allowing you to choose from 216 index colors. As an alternative, non-handymen handling hexadecimal numbers have fourteen new color names available to them: Pink, Beet, Plum, Sea, Sky, Slate, Teal, Sage, Brown, Ocher, Sand, Fawn, Brick, and Crimson , which in English are rosy, beet, plum, be, sky, slate, teal, sage, brown, ocher, sand, tawny, brick Y crimson.

            Sleep is enabled by default as of GNU Nano 6, being callable through the combination ‘^ T ^ Z’ (without quotes). The options ‘–z’, ‘–suspendable’ and ‘set suspendable’ have been marked as obsolete, so they are ignored. If you want to suspend the editor with a click, you can place the phrase “bind ^ Z suspend main” (without quotes) in the file ‘nanorc’.

  • Leftovers

    • Hardware

      • Simple Mods Turn 3D Printer Into Electrochemical Metal Cutter | Hackaday

        We’re not aware of any authoritative metrics on such things, but it’s safe to say that the Ender 3 is among the most hackable commercial 3D printers. There’s just something about the machine that lends itself to hacks, most of which are obviously aimed at making it better at 3D printing. Some, though, are aimed in a totally different direction.

        As proof of that, check out this Ender 3 modified for electrochemical machining. ECM is a machining process that uses electrolysis to remove metal from a workpiece. It’s somewhat related to electric discharge machining, but isn’t anywhere near as energetic. [Cooper Zurad] has been exploring ECM with his Ender, which he lightly modified by replacing the extruder with a hypodermic needle electrode. The electrode is connected to a small pump that circulates electrolyte from a bath on the build platform, while a power supply connects to the needle and the workpiece. As the tool traces over the workpiece, material is electrolytically removed.

      • Add Smarts To Your Old Capsule Coffee Maker | Hackaday

        Everyone has their preferred method of making (and consuming) coffee. While modern coffee makers are starting to come standard with IoT and ‘smart’ capabilities, owners of older models should fear not, as [Andreas Skoglund] shows how just about any old machine can be upgraded with the latest automation wizardry.

        The most involved part of this conversion is removing the electronic guts of the Dolce Gusto donor machine, leaving just the original heater, pump and the control levers. With safety in mind, the user must make the machine ‘hot’ by configuring the levers and replacing the coffee capsule manually, otherwise no automated coffee magic can take place.

    • Integrity/Availability

      • Proprietary

        • Windows 11 Officially Shuts Down Firefox’s Default Browser Workaround

          Looks like Microsoft is hell bent on pushing Edge. Swallow the Edge pill, will you??

        • Microsoft is playing dirty in fight to squash Edge browser rivals [Ed: When the media says Microsoft "plays dirty" it's downplaying what actually happens; Microsoft is breaking the law, as usual]

          Windows 11 update leaves you little choice but to use Microsoft Edge

        • Security

          • Open Source Foundations Must Work Together to Prevent the Next Log4Shell Scramble

            As someone who has spent their entire career in open source software (OSS), the Log4Shell scramble (an industry-wide four-alarm-fire to address a serious vulnerability in the Apache Log4j package) is a humbling reminder of just how far we still have to go. OSS is now central to the functioning of modern society, as critical as highway bridges, bank payment platforms, and cell phone networks, and it’s time OSS foundations started to act like it.

            Organizations like the Apache Software Foundation, the Linux Foundation, the Python Foundation, and many more, provide legal, infrastructural, marketing and other services for their communities of OSS developers. In many cases the security efforts at these organizations are under-resourced and hamstrung in their ability to set standards and requirements that would mitigate the chances of major vulnerabilities, for fear of scaring off new contributors. Too many organizations have failed to apply raised funds or set process standards to improve their security practices, and have unwisely tilted in favor of quantity over quality of code.

          • diffoscope 197 released

            The diffoscope maintainers are pleased to announce the release of diffoscope version 197. This version includes the following changes:

            [ Chris Lamb ]
            * Drop unnecessary has_same_content_as logging calls.
            [ Mattia Rizzolo ]
            * Ignore the new "binary-with-bad-dynamic-table" Lintian tag.
            * Support pgpdump 0.34 in the tests. 
            and testing the fix.

          • Vulnerability in the USB Gadget Linux kernel subsystem, potentially allowing code execution – itsfoss.net

            A vulnerability ( CVE-2021-39685 ) has been identified in USB Gadget , a subsystem of the Linux kernel that provides a programming interface for creating client USB devices and software simulation of USB devices that could lead to a kernel leak, crash, or arbitrary code execution at the kernels. The attack is carried out by an unprivileged local user through manipulation of various device classes implemented on the basis of the USB Gadget API, such as rndis, hid, uac1, uac1_legacy, and uac2.

            The problem has been fixed in the Linux kernel updates 5.15.8 , 5.10.85, 5.4.165, 4.19.221, 4.14.258, 4.9.293 and 4.4.295 published the other day . In distributions, the problem remains unresolved ( Debian , Ubuntu , RHEL , SUSE , Fedora , Arch ). An exploit prototype has been prepared to demonstrate the vulnerability .

          • Security updates for Friday

            Security updates have been issued by Debian (kernel), Fedora (dr_libs, libsndfile, and podman), openSUSE (fetchmail, log4j, log4j12, logback, python3, and seamonkey), Oracle (go-toolset:ol8, idm:DL1, and nodejs:16), Red Hat (go-toolset-1.16 and go-toolset-1.16-golang, ipa, rh-postgresql12-postgresql, rh-postgresql13-postgresql, and samba), Slackware (xorg), SUSE (log4j, log4j12, and python3), and Ubuntu (apache-log4j2 and openjdk-8, openjdk-lts).

          • Privacy/Surveillance

            • Comparing Draft Data Protection Bill, 2021 with its predecessors

              The much awaited Joint Parliamentary Committee Report (‘JPC Report’) on the Personal Data Protection Bill, 2019 (‘PDPB’) is finally here. We have updated you on the key takeaways from the JPC Report. In this post we present a bird’s eye view of how user rights are dwindling from the Srikrishna Committee to PDPB to the Joint Parliamentary Committee on Data Protection.


              In 2017, a month before the Supreme Court pronounced it’s judgment in Justice K.S.Puttaswamy (Retd.) vs Union Of India AIR 2017 SC 4161], the Union Government constituted a Committee of Experts to deliberate on a data protection framework. The Committee was headed by Justice BN Srikrishna. In 2018, it published its report along with a draft of the legislation on data protection (‘2018 Bill’). In 2019, the Union Government introduced the PDPB and referred it to a Joint Parliamentary Committee (‘JPC’) consisting of 20 members. After almost two years, the JPC has tabled its report which contains the Draft Data Protection Bill, 2021. We have already updated you on the key takeaways from the JPC Report. In this post, we explain how the Srikrishna Committee Report (‘Srikrishna Report’), the PDPB and Draft Data Protection Bill, 2021 have proposed different data protection regimes. We do this because these three documents are significant milestones on India’s long and protracted road towards a data protection legislation

              As our analysis below demonstrates, the proposed law has become increasingly less respectful of individual rights, and more concerned with the impact of the regulation on the Union Government. For example, the Srikrishna report provided for a data protection authority (‘DPA’) which is entirely independent of executive control. In contrast, the Draft Data Protection Bill, 2021 made the Union Government the sole authority to determine the composition of the DPA despite the fact that the DPA will regulate government agencies. Read our analysis on 8 key metrics to see how the proposed law has evolved and how far it has strayed from the ruling of the Supreme Court in Puttaswamy.

    • Civil Rights/Policing

      • Access Now to Telenor: Where are the answers Myanmar deserves on the M1 sale? – Access Now

        As 2021 comes to an end, it has been more than five months since Telenor announced the cut-and-run of its Myanmar operations. Their decision to sell to M1 Group — an investor with a disastrous human rights record — remains in a quandary. What is clear, however, is that Telenor’s users still have no answers to how their rights will be protected. This is unacceptable.

        “For months, Access Now and civil society has continued to pressure Telenor to address the rights risks the disposal will generate, to no avail,” said Dhevy Sivaprakasam, Asia Pacific Policy Counsel at Access Now. “While our questions linger unanswered, human rights in Myanmar languish on the chopping block.”

        In July, the Centre for Research on Multinational Corporations (SOMO) submitted a complaint on behalf of 474 civil society organizations to — and now accepted by — the OECD’s Norwegian National Contact Point, breaking down how the sale failed to meet OECD’s responsible disengagement standards. In August, Access Now and 44 organizations addressed a letter to Telenor’s Board, highlighting how Telenor had “dumped the Myanmar outfit at a discounted rate, failed to provide any kind of risk assessment [or] indication of how it would deal with the repercussions of such a risky and irresponsible sale.”

Links 17/12/2021: FSF Adopts Board Member Agreement and Calibre 5.34 Released

Posted in News Roundup at 8:29 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Applications

      • Calibre 5.34 Open-Source EBook Manager Adds Support for Nook Glowlight 4

        The weekly Calibre release cycle continues, and Calibre 5.34 is here today to introduce support for Barnes & Noble’s recently launched Nook Glowlight 4 e-reader, which features a sleeker and smaller lightweight design, 300 dpi, 32GB of storage, USB-C charger, and retails for $149.99 USD.

        Calibre 5.34 also brings various improvements to the application, including a new “Exclude Files” button in the Spell Check tool in Edit Book to allow users to exclude some file from being checked, bigger thumbnails in EPUB/MOBI catalogs up to 3 inches, and the ability to create a keyboard shortcut for pasting metadata that ignores the value of the exclude_fields tweak in Preferences > Shortcuts > Edit metadata.

      • Excellent Utilities: PDF Mix Tool – perform common editing operations on PDF files

        This is a series highlighting best-of-breed utilities. We cover a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides.

        Portable Document Format (PDF) is a file format created by Adobe Systems in 1993 for document exchange. The format includes a subset of the PostScript page description programming language, a font-embedding system, and a structural storage system.

        PDF Mix Tool is a small utility that allows you to perform common editing operations on PDF files. It’s a Qt-based tool that’s written in C++.

    • Instructionals/Technical

      • How to Setup and Configure UFW Firewall on Linux Mint 20 – LinuxCapable

        One of the keystones of any operating system is a properly configured firewall for complete system security. Linux Mint uses IP tables; however, most users will opt to use software that works as a front end with UFW (Uncomplicated Firewall).

        Some of the great benefits of UFW are its simplicity, user-friendly and easy-to-use command line, making it great for beginners in Linux to the most advanced power users.

        In the following tutorial, you will learn to install and set up UFW Firewall on Linux Mint 20 distribution series.

      • How to back up and restore MySQL/MariaDB data for a website – TechRepublic

        One of the keystones of any operating system is a properly configured firewall for complete system security. Linux Mint uses IP tables; however, most users

      • How to Use Ansible to Install and Configure Postgres 14 on Debian 11

        In this guide we are going to install and configure Postgresql 14 in Debian 11 Using Ansible.

        Postgresql is an open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance. Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance.

        Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows.

      • How to install Shotcut Video Editor on Elementary OS 6.0 – Invidious

        In this video, we are looking at how to install Shotcut Video Editor on Elementary OS 6.0.

      • How to install the Shotcut Video Editor on Elementary OS 6.0

        Today we are going to look at how to install the Shotcut Video Editor on Elementary OS 6.0.

        Firstly we run an optional command, this command is only needed if you cant launch Flatpak applications like your default browser on your system. For some reason, we couldn’t, so if you can, you can skip the first command.

      • Tips for getting started gaming on Linux

        Getting started gaming on Linux is tough if you’re new to the platform. To make it easier for new users, we’ll go over various tips to start gaming on Linux.

      • How to install Krita 5.0.0 beta 5 on a Chromebook

        Today we are looking at how to install Krita 5.0.0 beta 5 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to Use apt Command to Manage Packages in Linux

        This article shows you how to use apt command in Ubuntu, Debain, Linux Mint, or any other Debian or Ubuntu based distributions, with examples so that you can manage packages with easy.

        apt is a powerful package management tool that can be used to search, install, update, upgrade, and manage the packages in a Linux operating system. It automatically manages package dependencies, installing required software as needed, and removing it when no longer required.

      • The Best of VLC: 7 Useful Things You Can Do in VLC Media Player

        VLC is a well-known media player of stored audio and video files, but did you know that you can do so much more with the program? For instance, you can record your screen or listen to podcasts. In this article we look at some of the most useful tips and tricks for VLC Media Player so that you can make the most out of using it.

    • Games

      • Babble Royale turns Scrabble into Fortnite

        I tried playing a few rounds of Babble Royale, but while the concept is fun as a high-brow joke on the genre, I bounced off pretty hard on the actual gameplay. You can only play new letters off the last word that you spelled, which means that longtime Scrabble players will have to seriously think about how they play. There were also times where I just was plain stuck, walled in by existing words but unable to play any real ones of my own, leaving me to sit around until the game cleared out some of the map.

      • Latest Steam Client Update Greatly Improves VA-API Hardware Decoding on Linux

        The new Steam Client update comes less than a month after the previous update, which added support for VA-API hardware encoding on Linux, to greatly improves VA-API (Video Acceleration API) hardware decoding for Linux gamers using Steam?s Remote Play feature for playing local multiplayer games online.

        Also for Linux gamers, the new Steam Client release updates the Linux runtime ?scout? to version 0.20211207.0, adding support for the WebP image format in SDL2_image, fixes an issue with the starting directory, which sometimes could be incorrect when launching devkit titles, along with the ability to cleanly report an error if a devkit title is configured without a command-line.

    • Distributions

      • IBM/Red Hat/Fedora

        • Performance enhancements in Red Hat Enterprise Linux 8.5

          With the release of Red Hat Enterprise Linux (RHEL) 8.5, we continue our efforts to harden performance tooling, listen to customer feedback and improve our workload tuning recommendations. Specifically in 8.5, we are announcing…

          With the release of RHEL 8.5, we have rebased Performance Co-Pilot (PCP) to 5.3.1. This release allows for better scalability and we are now providing guidance on how to architect PCP environments that monitor up to 1,000 hosts. Details on how to set up a decentralised or federated configuration that enables a large setup can be found here.

        • Migrating to Fedora 35

          Over the past couple of years, interest in Linux on the desktop has slowly increased. While running any Linux distribution on a personal computer is still uncommon, an increasing amount of people have heard of it. Thus, it would be good to talk about the steps that it takes, in case you’re interested in trying another operating system. Today we’ll talk about migrating to Fedora Linux.

          A primary goal of this article is to also dispel some myths about changing your operating system. There is a tendency amongst niche audiences to over-promise their preferred product, and it would be disingenuous to claim that anybody can install Fedora Linux today.

          As to why you might want to migrate to Fedora Linux, that’s a bit beyond the scope of this article. But if this is the first time you hear about Fedora, then feel free to read here Fedora’s mission statement: Freedom, Friends, Features, and First.

        • Open source takes on diabetes

          People with type 1 diabetes navigate complex systems of devices, insurers, manufacturers, and doctors. Those systems, though, don’t always serve the patients who use them. Our latest film introduces you to the community of makers, patients, and caregivers using open source solutions to reshape those systems.

        • We see DevSecOps differently

          Security is often an afterthought. Something that’s done at the end of the development life cycle by the security and IT operations teams. When software updates are made once or maybe twice a year, this process is manageable. But when software developers start opting for shorter, agile software development life cycles that take a few days or even a few hours, this approach to security becomes a hindrance to launching necessary updates or even launching the application quickly to production.

        • Red Hat launches beta test of automated image-building service for hybrid clouds – SiliconANGLE

          IBM Corp. subsidiary Red Hat today launched a public beta test of a new hosted service called Image Builder that the company said can streamline the process of assembling customized Red Hat Enterprise Linux operating system images for hybrid cloud environments.

          The service addresses the tedious and error-prone process of building or installing operating systems for deployment across a hybrid infrastructure composed of public and private clouds. Images built on virtualization platforms can require different tools and risky modifications in the public cloud, Red Hat said. The same holds true for small edge data centers.

          Image Builder, which requires no setup or infrastructure, provides a single and consistent platform that can be applied to all RHEL system images, Terry Bowling, a Red Hat senior technical product manager, wrote in a blog post being published today. “No more guessing about which cloud or virtual guest agents need to be installed,” he wrote. “Simply define your very own ‘gold’ template package set and build for each target deployment environment.”

        • Red Hat Expands Application Services Portfolio Capabilities to Optimize Cloud-Native Application Development

          Red Hat, Inc., the world’s leading provider of open source solutions, today announced sweeping updates throughout its portfolio of application services. These updates deliver a more seamless and unified experience for application development, delivery, integration, and automation across hybrid cloud environments.

      • Debian Family/Purism

        • Video Editing with Linux: Dialing in the Framerate

          Next in our video editing series for the Librem 14, Gardiner Bryant dives into standard frame rates and when to use which rate. You’ll learn how to make a video feel quick or slow things down for a cinematic shot. This video will help those looking to level up their overall video production.

        • We’re puttin’ the Band back together – Purism

          They kept practicing and moved into a drier more comfortable garage for practising on Purism’s gitlab – close buddies like wlroots liked to stick around during their sessions and party out but that’s a different story.They soon got their first gig in PureOS with a short playlist but the audience was freaking out. So they continued to play gigs, got better over time and even played shows in pmOS and Mobian and other spots. While that was all going nicely, Calls always wanted to hang around with the other rock stars in GNOME core, do a solo album and participate in the GNOME 41 all stars project so it moved in with the GNOME folks.

      • Canonical/Ubuntu Family

        • Linux Mint 20.3 Beta is Now Available

          The developers of Linux Mint have made the beta of their latest release available for download and installation.

          The beta release of Linux Mint 20.3 (“Una”) is now available for testers to install and offer their feedback to the developers. Based on Ubuntu 20.04.3 LTS, Linux Mint 20.3 will remain with the 5.4 kernel to ensure stability and be supported for 5 years.

          The biggest update to Linux Mint comes by way of the Cinnamon 5.2 desktop. With this new release comes a new app called Thingy, which is a document manager for quick access to recent and favorite documents. Thingy also keeps track of your reading progress of documents.

          Other improvements/changes include dark mode support for even more apps (such as Celluloid, GNOME Terminal, Hypnotic, Pix, and XViewer). Hypnotic (the IPTV viewer) now has a search function, so it’s easier to find the TV channels, movies, and series you’re looking for. Hypnotic also supports the Xtream API.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Who is the first Executive Director of the Open Source Initiative?

        I started my career as an architect, trained to design cities and buildings. I realized early in my career that software has the power to influence outcomes in architectures: some designs from the archistars are possible because of the software they use. When I started using CAD and GIS software at the Joint Research Center of the European Commission, I first noticed they were hard to procure and hard to use. Managing license keys alone was a job. Also, after acquiring those packages I still had to write code in order to be productive.
        I realized that software was going to both allow and prevent me from doing my job well. Also, software was too hard to buy and use despite being very expensive. There had to be a better way. I started looking into alternatives and I stumbled upon the GNU project and its manifesto. Then I discovered Linux, a GIS tool called GRASS and more. Such free/libre software was not always functionally better than proprietary alternatives but felt “right” to me: a much better philosophical approach to developing the science of computing.

        I started advocating for free and open source software then, and never stopped.

      • Web Browsers

      • SaaS/Back End/Databases

      • FSF

        • FSF Adopts A Board Member Agreement, Code of Ethics For Board Members

          Following the Richard Stallman situation, board members leaving, projects seeking greater transparency from the FSF, and other issues within the Free Software Foundation the past two years, the FSF has finally adopted a new governance framework for board members.

          Free Software Foundation Board Members will now need to commit to the Board Member Agreement and a Code of Ethics in order to provide for greater transparency, accountability, ethics, and responsibility.

        • FSF Adopts New Governance Framework for Board Members — Free Software Foundation — Working together for free software

          The board of the Free Software Foundation (FSF) has approved and implemented two new measures designed to help make FSF governance more transparent, accountable, ethical, and responsible. They are a Board Member Agreement that enumerates the responsibilities of board members, and a Code of Ethics that lays out principles to guide their decision-making and activities.

          “The FSF has always been a steady beacon for freedom and against the widespread mistreatment of computer users,” said FSF president Geoffrey Knauth. “In the last year, the board realized that we faced a challenge and opportunity to improve our governance practices and recruit new leaders to the FSF board. I’m proud of this important step in that ongoing work.”

          The new measures are the first products of a six-month, consultant-led review. They formalize crucial aspects of the FSF’s governance, and will guide board members to understand and embrace their responsibilities to the nonprofit’s worldwide mission to promote computer user freedom.

          The new Board Member Agreement spells out nineteen duties and responsibilities, including minimum expectations for organizational and financial oversight, participation in board activities, the recruitment of associate members, and annual performance reviews.

          The Code of Ethics details thirteen specific provisions establishing how the board of directors will conduct the business affairs of the organization in good faith and with honesty, integrity, due diligence, and competence.

        • GNU Projects

          • Gnu Nano releases version 6.0 of text editor, can now hide UI frippery

            Text editor GNU Nano has reached version 6.0.

            The app’s last x.0 release emerged in July 2020 and was just the fifth full version in the project’s history.

            Version 6.0 debuted on December 15th and is named “Humor heeft ook zijn leuke kanten”.

            The Register believes that’s a phrase often uttered by Dutch comedian Herman Finkers and translates as “Humor also has its nice sides”. We’re sure readers who don’t need to rely on machine translation will help us out with a better translation in the comments.

      • Programming/Development

        • State Machines in Qt 6.2

          State machines are abstract computational machines that can be in only one of their finite number of states at any given time. They can change from one state to another in response to inputs. State machines can be defined by the list of their states, their initial state and the inputs that trigger the state transitions.

        • Python

          • Time to Say Goodbye: Python 3.6 Is End-of-Life

            Why? Because it will no longer receive either bug or security fixes. What does that mean? It means if you’re using Python 3.6 past this month, you do so at your own risk.

            Trust me when I say you do not want that. This is especially so with the recent discovery of the Log4j vulnerability. No, that doesn’t directly involve Python, but it makes a very loud and painful case for always staying up to date.

            That’s a problem. Consider this: As of Dec. 16, 2021, at least 17.39% of packages that were downloaded from PyPI were based on Python 3.6. And that’s knowing this version of Python was about to reach end of life.

        • Java

          • Officials point to Apache vulnerability in urging passage of cyber incident reporting bill

            Key federal cybersecurity officials are pushing for passage of legislation to create mandates for certain organizations to report cyberattacks amid the fallout from a massive vulnerability in Apache logging package log4j, which has left organizations worldwide vulnerable.

            Bipartisan legislation to establish cyber incident reporting standards was set to be included in the compromise version of the National Defense Authorization Act (NDAA), but was removed at the last minute due to concerns from Sen. Rick Scott (R-Fla.) about the scope of the bill. Scott’s concerns were addressed, but not in time for the provision to be included in the NDAA.

          • Log4j is patched, but the exploits are just getting started

            So far, researchers have observed attackers using the Log4j vulnerability to install ransomware on honeypot servers — machines that are made deliberately vulnerable for the purpose of tracking new threats. One cybersecurity firm reported that nearly half of corporate networks it was monitoring had seen attempts to exploit the vulnerability. The CEO of Cloudflare, a website and network security provider, announced early on that the threat was so bad the company would roll out firewall protection to all customers, including those who had not paid for it. But concrete news on exploitation in the wild remains scarce, likely because victims either don’t know or don’t yet want to acknowledge publicly that their systems have been breached.

  • Leftovers

    • The 99-Year-Old Grandmother Effect: How to View Fuel Reductions on the Bootleg Fire

      If one did not know much about wildfire ecology, the photos accompanying the article might persuade you that thinning and prescribed burning should be widely applied to our forests.

      However, there is much unstated in the article. For instance, there is abundant evidence from numerous high severity blazes around the West that “fuel reductions” typically fail. Of course, not all fuel reductions fail, but most do not significantly alter the outcome of fires.

    • Sign of the Time
    • Saying goodbye to an old friend

      How do you like them apples? We didn’t and poor Better paid the price.

    • Science

      • Earth’s magnetic field illuminates Biblical history

        The fire’s heat would have erased any magnetism in the minerals of this floor. Earth’s magnetic field then left its mark as those minerals cooled, magnetising them anew. Assuming the fragments have not moved since then, the alignments of their magnetic fields will point in the direction of Earth’s field as it was on that fateful day.

        Looking for magnetic alignments in this way was well understood when Mr Vaknin began his investigation. But he and his colleagues also did an experiment. They heated samples of the fallen floor in their laboratory and exposed them to a magnetic field as they cooled down, thus repeating what had happened when the edifice was destroyed. By comparing the resultant magnetisation with the original one, and knowing the strength of the field they had themselves applied, they were able to estimate the strength of Earth’s magnetic field on the day of the sack.

    • Education

      • Afghanistan’s academics are starting to lose hope

        Meanwhile, there is still no sign of public universities opening. The acting minister of higher education claimed there are not sufficient funds for students to resume their studies – even the thousands of final-year undergraduates waiting to take their exams. Apparently, there is no money either to pay university lecturers; this is the fourth consecutive month they have gone without pay, Moreover, even amid high inflation in the basic staples of life, the ministry of finance recently announced reduced pay scales for Afghan civil servants, including academics – despite previous promises to maintain lecturers’ salaries.

        This isn’t the only bad news for Afghan academia. Lecturers have also been dismayed by the Taliban’s appointment of people with no academic background to university chancellorships and vice-chancellorships, as well as to key positions in the Ministry of Higher Education. The fear is that such inexperience at the top will lead to the unravelling of all the hard-earned progress achieved by the sector over the past 20 years.

    • Hardware

      • Motorized Device Helps Swap Out Hard-To-Reach Light Bulbs | Hackaday

        High ceilings can make a residence feel open and airy, but they often come with difficult-to-reach light fittings. To better deal with that, [mattwach] built a motorized light bulb changer which makes the job much easier.

        Light bulb changers already exist, but they typically need to be used on-axis with the light fitting, which for chandeliers and many other lights, can be difficult. Instead, [mattwach’s] design allows the device to be used at 90-degree angles, and motorizes it for added ease of use.

        A 12V gear motor does the work of turning the contraption, and has more than enough torque to get the job done. A flanged coupling is used to attach the motor to the light bulb changer itself. An ATTiny85 microcontroller is then used to control the motor via an L293D H-bridge driver. A PS2 thumbstick is hooked up for user input, and all the electronics is mounted on a broomstick along with the light bulb end effector mounted at a right angle.

      • Using Fishing Wire To Hold In Pin Headers Is A Nifty Trick | Hackaday

        Working on a breadboard, one can get used to the benefits of being able to readily plug and unplug jumper wires to reconfigure a project. One could only dream of doing so with PCBs, right? Wrong! [Stewart Russell] recently shared a tip on Twitter on how to do just that, with the help of a little fishing wire.

    • Health/Nutrition/Agriculture

      • Unions Demand Covid-19 Safety Measures for Health Workers Be Made Permanent

        More than 40 labor unions and advocacy organizations representing over 14 million employees issued a petition this week demanding that the U.S. Occupational Safety and Health Administration permanently adopt Covid-19 protection standards—which are set to expire next week—for healthcare and other frontline workers.

        The petition calls on OSHA to extend and expand the emergency temporary standard (ETS) enacted in June, with an expiration date of December 21. It says, in part:

      • What’s Polluting the Air? Not Even the EPA Can Say.

        For decades, a factory on the outskirts of Portland, Oregon, has churned out hulking metal parts for Boeing’s commercial airplanes. Despite the steady pulse of its machinery, the plant maintains a low profile; Oregonians more readily associate Boeing with its historic headquarters up north in Seattle. Perhaps, I reasoned last spring, this helped explain why no one had noticed that the company’s satellite campus seemed to have unleashed an environmental catastrophe.

        In 2016, Boeing reported to the Environmental Protection Agency that it had massively ramped up the amount of chromium compounds it was pumping into the skies of eastern Portland. For anyone who followed Erin Brockovich’s crusade against the dangerous chemical in Hinkley, California, this should have come as alarming news. Hexavalent chromium, as the highly toxic form of the metal is known, can cause lung, nasal and sinus cancers, trigger pulmonary congestion and abdominal pain, and damage the skin, eyes, kidneys and liver. Although it is widely used in the aerospace industry to protect plane parts from corrosion, hexavalent chromium is such a potent carcinogen that in 2004 Boeing’s own environmental newsletter acknowledged that “it would be most desirable to eliminate the offending agent” altogether.

      • Why the Second-Driest State Rejects Water Conservation

        With rising temperatures and two decades of drought depleting the Colorado River, some Southwestern states are spending hundreds of millions of dollars to pay homeowners to tear out their lawns and farmers to fallow their fields.

        But Utah, the fastest-growing and second-driest state in the nation, is pursuing a different strategy.

      • Cuba Defeats Covid-19 with Learning, Science, and Unity

        Cubans have wholeheartedly carried out masking, social-distancing, testing and quarantining. Cuba’ s bio-medical research and production facilities created five anti-Covid vaccines. As of December 3, 90.1 percent of Cubans had received their first dose; 82.3 percent of them were fully vaccinated. Only seven other countries have higher rates. (1) Trials showed that Cuba’s workhorse Abdala and Soberana 02 vaccines were protective for over 90 percent of vaccine recipients.

        Cuba’s Covid vaccines don’t need extremely low-temperature refrigeration as is the case for major U.S. vaccines. In that regard they are particularly useful in poorly resourced countries. Cuba has sent, or is preparing to send, vaccines to Vietnam, Venezuela, Iran, and Nicaragua. Cuban scientists are elaborating a version of their Soberana Plus vaccine that will protect against the Omicron variant.

      • A tantalizing clue to why omicron is spreading so quickly

        This focus on the respiratory tract, instead of the lungs, may suggest that omicron could cause less severe disease compared with delta or the original version of the virus. But many scientists, including Veldhoen, say it’s too soon to draw that conclusion.

      • My Journey Into the Land of the Unmasked

        Not that masking on the plane really mattered, because people could take their masks off while they were eating or drinking. I spied one man who nursed a beer for an hour and a half, just to avoid having to put his mask back on. The most frustrating thing about proper mask use is that the point is to protect other people from your potential diseases. So I was sitting there, not drinking beer, protecting the beer guy, but that guy couldn’t be bothered to return the favor.

      • Twitter suspends conservative activist who criticized ‘surgical mutilation of minors’

        “Throughout most of the country, there would be little controversy in saying that children should not be the subject of procedures that sterilize and mutilate their young bodies. In fact, advocating on behalf of those procedures would be considered hateful,” stated Schilling.

    • Integrity/Availability

      • Proprietary

        • NY Man Pleads Guilty in $20 Million SIM Swap Theft

          A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.

        • Avast claims to have found backdoor in US Govt commission network

          Security provider [sic] Avast claims to have found a backdoor on the Windows network of a US Government commission that is associated with international rights, but has been unable to get the body to engage in order to resolve the problem.

        • Pseudo-Open Source

          • Openwashing

            • NAB to ‘innersource’ some of its business platforms

              NAB said that code quality, collaboration and learning opportunities had all increased under innersource.

              “When we write code in the open, we tend to write better code,” Cobby said.

              “We’re improving discoverability and the ease of finding the source of truth for a piece of information, and we’re reusing intellectual property across the different domains.”

              Cobby said that the openness made it easier to understand why certain architectural decisions were made.

              “We peer review each other’s work and our discussions are in the open, so that we can always find out why a certain architectural decision was made or why this decision was made not to use a particular technology,” he said.

          • Privatisation/Privateering

        • Security

          • Privacy/Surveillance

            • EFF to Court: Deny Foreign Sovereign Immunity to DarkMatter for Hacking Journalist

              EFF’s brief argues that private companies should not be protected by foreign sovereign immunity, which limits when foreign governments can be sued in U.S. courts. Hundreds of technology companies sell surveillance and hacking as a product and service to governments around the world. Some companies sell surveillance tools to governments—in 45 of the 70 countries that are home to 88% of the world’s internet users—and others, like DarkMatter, do the surveillance and hacking themselves.

              DarkMatter’s hacking has serious consequences. In her lawsuit, Oueiss recounts being targeted by thousands of tweets attacking her, with accounts posting stolen personal photos and videos, some of which were doctored to further humiliate her. And earlier this month, EFF filed a lawsuit against DarkMatter because the company hacked Saudi human rights activist Loujain AlHathloul, leading to her kidnapping by the UAE and extradition to Saudi Arabia, where she was imprisoned and tortured.

              U.S. companies are on both ends of DarkMatter’s misconduct—some are targets, like Apple and iPhone users, and other companies are vendors. Two U.S. companies sold zero-click iMessage exploits to DarkMatter, which it used to create a hacking system that could infiltrate iPhones around the world without the targets knowing a thing.

            • EU’s Digital Identity Framework Endangers Browser Security

              The amendment would require browsers to trust third parties designated by the government, without necessary security assurances. But trusting a third party that turns out to be insecure or careless could mean compromising user privacy, leaking personal or financial information, being targeted by malware, or having one’s web traffic snooped on.

              What is a CA?

              Certificate Authorities (CAs) are trusted notaries which underpin the main transport security model of the Web and other internet services. When you visit an HTTPS site, your browser needs to know that you are communicating with the site you requested, and that trust is ultimately anchored by the CA. CAs issue digital certificates that certify the ownership and authenticity of a public encryption key. The CA verifies that this key does belong to that website. For a certificate to be valid in a browser, it must be signed by a CA. The fundamental duty of the CA is to verify certificate requests submitted to it, and sign only those that it can verify as legitimate.

            • CBP Proudly Announces Its Facial Recognition Program Has Successfully Nailed A COVID Scofflaw

              Customs and Border Protection continues to protect our borders against… stuff. Much like the TSA struggles to catch any terrorists (or, indeed, any items actual terrorists might use) but still issues press releases crowing about the agency’s ability to identify and seize novelty items and the occasional gun someone decided not to check, the CBP is more than happy to point out how a system that relies on millions of facial images collected at ports of entry every so often stops someone from entering the country.

            • If You Think Facebook is Bad for Privacy, Wait Until You See Mark Zuckerberg’s Metaverse

              Meta’s metaverse is by no means the “official” version of the idea. Indeed, Stephenson tweeted:

            • After Weeks Of Reports Of Misuse Of Its Exploits, NSO Group Considering Shutting Down Its Malware Service

              RIP NSO Group. Cause of death: investigative reporting.

            • Facebook parent company bans six private spy firms from Facebook, Instagram

              Spies for hire are secretly targeting journalists, human rights activists and political dissidents on behalf of corporations and governments to an extent not previously understood, Facebook’s parent company says in a new report, while banning six companies and a Chinese network named in the report from its social media platforms.

            • Meta bans surveillance-for-hire firms for targeting users

              It said in its report that some 1,500 pages had been suspended by Meta across Facebook, Instagram and WhatsApp following a months-long investigation.

              The companies targeted people in more than 100 countries on behalf of their clients, Meta said.

    • Defence/Aggression

      • Over 100 Congressional Democrats Call on Biden to Restore Engagement With Cuba

        Over 100 members of Congress on Thursday urged President Joe Biden to step away from “failed policy” by taking a number of steps to reengage with Cuba and help curb a humanitarian crisis in country.

        “We believe that a policy of engagement with Cuba serves U.S. interests and those of the Cuban people,” the lawmakers wrote in their letter to Biden.

      • Opinion | The Many Ways War Is Poisoning Us

        War spews hell in all directions. Just ask the guys at Talon Anvil, a secret U.S. “strike cell” recently exposed by the New York Times as a unit with a reputation for ignoring the rules of engagement and killing lots and lots of civilians with drone strikes as it plays war with ISIS.

      • Opinion | Guantanamo Hasn’t Made Us Safer

        A recent Senate Judiciary Committee hearing on closing Guantanamo Bay prison coincided with Congress’ approval of a $778 billion military budget that no one asked for: it was, in fact, $25 billion more than the Commander-in-Chief had requested.

      • Steve Coll on How the U.S. Pursued Withdrawal Over Peace in Afghanistan & Let the Taliban Take Over

        As Afghanistan spirals into a humanitarian crisis after the abrupt U.S. withdrawal earlier this summer, we look at years of failed U.S. diplomacy that allowed the Taliban to seize power and leave the small nation in a state of disrepair. A New Yorker magazine investigation shows how the U.S. repeatedly undermined the Kabul-based government in a rush to leave the country. “I’ve been reporting in general and around Afghanistan for a long time. I was still shocked by the degree of cynicism that the United States often brought to this endeavor to seek peace, particularly during the Trump years,” says New Yorker staff writer Steve Coll, a Pulitzer Prize-winning reporter who has covered Afghanistan for decades

      • “No Food Available”: Afghanistan Faces Catastrophe as Donors Cut Humanitarian Aid to Taliban Gov’t

        Afghanistan under the new Taliban government faces a humanitarian catastrophe this winter as the United States and other donors have cut off financial aid. The United Nations warns nearly 23 million people in Afghanistan — or more than half the population — face potentially life-threatening food shortages, with nearly 9 million already on the brink of famine. In addition, people face lack of proper healthcare, unemployment and housing shortages. “The international aid organizations, for them, it’s just another country … where they take pictures and make their careers out of it,” says Pashtana Durrani, activist and executive director of the educational nonprofit LEARN Afghanistan. “For me, it’s my country, and people are starving in it.”

      • ‘It’s probably a mistake’ Journalists uncover Rostov court verdict referring to Russian military personnel deployed to ‘people’s republics’ in eastern Ukraine

        In a verdict handed down in November, a Russian court openly referred to the presence of Russian military personnel stationed in the “DNR and LNR” — the self-proclaimed Donetsk and Luhansk “people’s republics” in eastern Ukraine. 

      • Can Turkey and Armenia really mend their hostile ties?

        One of the biggest sources of tension has revolved around Ankara’s refusal to recognise the genocide of Armenians by Ottoman Turks during World War I.

        Starting in 1915, the crumbling Ottoman Empire’s Armenian population was arrested, deported and killed, with the death toll estimated at up to 1.5 million people.

      • Chemical emitted by babies could make men more docile, women more aggressive

        Sniffing HEX did not calm all the participants down, but had different impacts on men and women, the team reports today in Science Advances. Women exposed to the chemical behaved 19% more aggressively in the noise-blast task, whereas men were 18.5% less aggressive.

        In a second experiment, the scientists compared how individuals behaved when exposed to HEX or to the control odor while monitoring their brain activity in a functional magnetic resonance imaging scanner. HEX again increased aggression in women (by an average of 13%) and dampened male aggression (by 20%). The chemical also had different effects on brain activity, reducing neural communication between brain areas that control aggression in women, and boosting communication between those regions in men.

      • Proud Boys supporter sentenced to nearly 3 years in prison for threatening senator

        A member of the Proud Boys has been sentenced to nearly three years in prison after pleading guilty to threatening Sen. Raphael Warnock (D-Ga.) and other actions earlier this year.

        Eduard Florea, 41, was sentenced Thursday by U.S. District Judge Eric Komitee to 33 months in prison for threatening Warnock and possessing ammunition after a prior felony.

        Florea had pleaded guilty to the charges in August. The Department of Justice (DOJ) has said the New York man had posted on social media on Jan. 5, “We need to all come to an agreement . . . and go armed . . . and really take back Washington.”

    • Environment

      • Opinion | Catastrophic Global Disorder Beckons Unless We Act Swiftly on Climate

        When midnight strikes on New Year’s Day of 2050, there will be little cause for celebration. There will, of course, be the usual toasts with fine wines in the climate-controlled compounds of the wealthy few. But for most of humanity, it’ll just be another day of adversity bordering on misery—a desperate struggle to find food, water, shelter, and safety.

      • Our 2021 UK Highlights: ‘Climate-Conflicted’ Bank Directors, North Sea ‘Rogues’ and COP26 Greenwash

        Another time warp of a year is drawing to a close, with the image of Covid-19 booster queues snaking around street corners marking a sombre end to a long 12 months.

        As the pandemic continues to wreak havoc globally, climate change and its impacts again made waves around the world – with a surge in extreme weather events preventing anyone from looking away.

      • This Is Life After the Dixie Fire

        Half a mile south of what’s left of the old Gold Rush–era town of Greenville, Calif., Highway 89 climbs steeply in a series of S-turns as familiar to me as my own backyard. From the top of that grade, I’ve sometimes seen bald eagles soaring over the valley that stretches to the base of Keddie Peak, the northernmost mountain in California’s Sierra Nevada range.

      • Melting of Ice Sheets Is Dramatic, But Melting of Permafrost Means Mass Death
      • ‘Our Atmosphere Is Broken’: US Tops Record for Hurricane-Force Winds in a Day

        The United States on Wednesday had the most hurricane-force gusts ever recorded in a single day after an after an “off the charts” storm system tore through the central part of the country, bringing tornadoes and triggering widespread power outages, dust storms, and warnings of the climate emergency.

        “This is just the kind of thing that happens when you’re in the process of breaking the planet’s climate system.”

      • Energy

        • Make No Mistake: Hydrogen = Fracking

          There’s no denying it. New Mexico Governor Michelle Lujan Grisham’s plans to “kick start the hydrogen fuel industry” is nothing short of a scheme to subsidize oil and gas companies and keep the state dangerously reliant on fossil fuels.

          “Dirtier Than Coal”

        • Nuclear Energy Can­not Meaningfully Contribute to a Climate-Neutral Energy System

          On the other hand, the experience with commercial nuclear energy generation acquired over the past seven decades points to the significant technical, economic, and social risks involved. This paper reviews arguments in the areas of “technology and risks,” “economic viability,” ’timely availability,” and “compatibility with social-ecological transformation processes.”

          Technology and risks: Catastrophes involving the release of radioactive material are always a real possibility, as illustrated by the major accidents in Three Mile Island, Chernobyl, and Fukushima. Also, since 1945, countless accidents have occurred wherever nuclear energy has been deployed. No significantly higher reliability is to be expected from the SMRs (“small modular reactors”) that are currently at the planning stage. Even modern mathematical techniques, such as probabilistic security analyses (PSAs), do not adequately reflect important factors, such as deficient security arrangements or rare natural disasters and thereby systematically underestimate the risks.

        • Opinion | The Royal Canadian Mounted Police Serves and Protects Fossil Fuel CEOs

          Canada has a climate double standard. While land and water defenders face serious criminalization, repression, and police brutality, we’re continuing to witness in Wet’suwet’en territory, corporations—backed by the the Royal Canadian Mounted Police (RCMP)—get away with breaking the law with impunity.

        • The Infrastructure Bill’s Hydrogen Funding Is a Big Win for the Oil and Gas Industry

          The infrastructure bill signed into law by President Biden in November includes $9.5 billion dollars to support the creation of a clean hydrogen industry — but much of the money is going to support the U.S. fracked gas industry under the guise of “clean” blue hydrogen. While being presented as a clean hydrogen plan for decarbonizing the energy system, the main focus of the hydrogen section of the bill is to continue and expand the use of natural gas (that is, methane) in the U.S. economy via what’s known as blue hydrogen. 

          Blue hydrogen is the name for a fuel product that currently cannot be produced on a commercial scale. Hydrogen gets labeled different colors based on how it’s produced. There’s gray, made from fossil fuels, and green, made using renewable energy. 

      • Wildlife/Nature

        • Whales Could Save the World’s Climate, Unless the Military Destroys Them First

          Now, with the Biden administration’s mandate to slash carbon emissions “at least in half by the end of the decade,” the Pentagon has committed to using all-electric vehicles and transitioning to biofuels for all its trucks, ships and aircraft. But is only addressing emissions enough to mitigate the current climate crisis?

          What does not figure into the climate calculus of the new emission-halving plan is that the Pentagon can still continue to destroy Earth’s natural systems that help sequester carbon and generate oxygen. For example, the plan ignores the Pentagon’s continuing role in the annihilation of whales, in spite of the miraculous role that large cetaceans have played in delaying climate catastrophe and “maintaining healthy marine ecosystems,” according to a report by Whale and Dolphin Conservation. This fact has mostly gone unnoticed until only recently.

    • Finance

      • A Last-Ditch Effort to Eliminate a Tax Dodge for the Super-Rich
      • Dems Face 2022 Nightmare, Critics Warn, If Student Debt Payments Restart and Child Credit Ends

        Progressives are spelling out for the Democratic Party the disastrous implications that are likely to come with the government’s possible failure to extend the enhanced child tax credit right as the White House plans to require tens of millions of people to restart their federal student loan payments—warning that the 2022 midterms could be “brutal” if the party imposes new financial burdens on working families.

        With right-wing Sen. Joe Manchin (D-W.Va.) telling the White House Wednesday he wants to “zero out” the child tax credit (CTC) in the $1.75 trillion Build Back Better reconciliation package, millions of families with children may have received their final monthly payment of up to $300 per child this week.

      • Rev. William Barber Condemns Manchin’s ‘Immoral, Unmerciful, Economically Insane’ Obstruction

        Rev. Dr. William Barber, the co-chair of the national Poor People’s Campaign, lambasted Sen. Joe Manchin on Thursday for endangering both the Build Back Better Act and voting rights legislation, two central elements of the Democratic Party’s popular legislative agenda.

        “December is the Senate’s deadline, but the deadline for the movement is when we win.”

      • Most of the Democratic Party Is Responsible for the Build Back Better Debacle
      • The Lives Hanging in the Balance of Build Back Better

        As 2021 races to a close, President Joe Biden and the Democratic Party’s entire domestic agenda hangs in the balance. Biden and Democratic lawmakers have been hard at work putting together a massive legislative package to address a number of key priorities, including health care, housing, caregiving, education, and climate change. But with Republicans marching in lockstep against it, Democrats can only pass the Build Back Better agenda on their own, requiring that every member vote in favor.

        The House has passed its version of the legislation, but in the Senate some conservative Democrats have said that they would refuse to vote for the plan unless it’s smaller and cheaper (even as they’ve also resisted provisions in the bill that would raise revenue, such as a higher corporate tax rate and tougher IRS enforcement for the wealthy) and even proposed slowing the whole process down. Senate majority leader Chuck Schumer has vowed to get it passed before Christmas, but it’s still unclear if the party can meet that tight deadline.

      • Elizabeth Warren: Congress Must Expand the Supreme Court

        President Joe Biden has never been a fan of serious Supreme Court reform—whether expanding its numbers, establishing term limits, or both. And he punted on the question by creating a 34-member commission to study the issue. Last week, Biden’s commission wrapped up by making no recommendations, citing “profound disagreement among commissioners,” and merely passed along a 288-page report dispassionately examining the pros and cons of various court-reform proposals.

      • Reddit takes first official step toward going public.

        The path forward has not been without issues. Critics of the site noted Reddit’s longtime laissez-faire approach to content moderation, often preferring a hands-off approach to some of the most noxious ideas and people on the internet. But over the years, a number of its executives — including the former chief executive Ellen Pao, and later Steve Huffman, the current chief executive — made it a priority to rein in the platform and enforce new, stricter rules on what was allowed on the site.

    • AstroTurf/Lobbying/Politics

      • Jayapal Laments That Progressives ‘Don’t Have Enough Control’ in Congress

        Amid a series of setbacks this week, Rep. Pramila Jayapal acknowledged that progressive lawmakers are currently limited in their ability to advance a pro-working class agenda—an implicit endorsement of Sen. Joe Manchin’s advice to elect more left-leaning candidates if the goal is to win transformative policies that are popular and would benefit the vast majority.

        In an interview with Politico published Thursday, Congressional Progressive Caucus Chair Jayapal (D-Wash.) said that her caucus has been unable to prevent right-wing Democrats from gutting the party’s Build Back Better Act (BBB) because “we don’t have enough control.”

      • A Show About Nothing and The End of History

        Ironically Seinfeld exists as a communist utopia and this is what American viewers gravitate towards. In Slavoj Zizek’s vision of communism, it is not surplus value that determines society, but rather an envy. Likewise, Seinfeld’s characters spend little time engaged in production or consumption. Instead, they seem to live perfectly stable lives. Politics and economics have no impact on their well-being. All of this, under communism, is taken care of.

        Instead, the characters end up going to extraordinary lengths to address the pettiest of concerns. This could be labeled as bourgeois but I like to think of it as utopian. Rather than sell their bodies for basic resources as the working class must do under capitalism the characters in Seinfeld have basic human (economic) rights and instead spend their time and energy navigating social norms.

      • ‘I’m Dreading February 2022′: Ocasio-Cortez Shares Student Loan Horror Stories From Constituents

        With six weeks to go until tens of millions of Americans will be required to restart payments of their student debt, Rep. Alexandria Ocasio-Cortez on Thursday shared the stories of some of her constituents who have struggled with the “cruel impact” of the student loan system.

        In an email to supporters, the New York Democrat shared the story of LeeAnn, a nurse living in Connecticut who will have to begin paying down $30,000 in student loans again starting February 1, nearly two years after Congress imposed a payment moratorium due to the coronavirus pandemic. Having grown up in poverty, LeeAnn was uncertain she could afford nursing school, but she was assured that if she took out a loan to get her education it would be forgiven once she started working.

      • No, President Biden, We’re Not Your “Customers”

        Portraying government as a business and you as its “customer” ranks right up there with “the consent of the governed” on the list of fictions contrived to confer “legitimacy” on an institution that does its best to run every aspect of your life, at your expense, whether you consent or not.

        Let’s have a look at some of the “customer experience improvements” on offer in the new executive order.

      • Opinion | Will the Media Wake Up to the Danger to American Democracy?

        Thomas Edsall, formerly a journalist who covered politics for The Washington Post, and now a contributor to The New York Times, has written a piece that has raised eyebrows. “How to Tell When Your Country Is Past the Point of No Return” is yet another op-ed revealing that the mainstream media are finally waking up to the dire threat our democratic institutions. But chiefly, it is instructive in its demonstration that they still suffer from serious limitations.

      • DeSantis Hypes His Anti-Critical Race Theory Bill by Quoting Martin Luther King
      • Young Voters Say They Disapprove of Biden’s Performance by Nearly 2-to-1 Margin
      • Jim Jordan Confirms He Wrote Text to Meadows Promoting Electoral College Scheme
      • Sinema Imperils Voting Rights Push for the Sake of Archaic Filibuster Rule
      • With ‘Asinine’ Filibuster Defense, Sinema Imperils Last-Ditch Voting Rights Push

        Right-wing Sen. Kyrsten Sinema on Wednesday cast further doubt on Democrats’ nascent effort to pass voting rights legislation before the end of the year by reiterating her defense of the Senate’s legislative filibuster, an archaic rule that the GOP minority has used to stonewall bills aimed at protecting the franchise.

        “Senator Sinema is single-handedly destroying any hope of progress on voting rights.”

      • The Tragic Opera Starring Joe Manchin Has Lasted Far Too Long
      • Illinois Sets National Precedent in Banning Immigration Detention
      • Opinion | Neoliberal Capitalism to Blame for Inflation, Not Public Benefits and Social Programs

        Headlines are screaming that inflation is here to stay.

      • Group Urges Primary Challenges for Progressive Caucus Members Who Are ‘Progressive in Name Only’

        Late last year the Congressional Progressive Caucus instituted a series of structural changes that its leaders and outside advocates hoped would turn the legislative bloc into a genuine force for change—in part by shedding members who were not fully committed to progressive policy objectives.

        But a new report out Thursday claims that despite the CPC’s overhaul, a number of House Democrats who are “progressive in name only” (PINOs) remain part of the nearly 100-member strong caucus, raising questions over its potential to achieve the stated aim of “standing up for progressive ideals in Washington and throughout the country.”

      • Should Have Seen This Coming: U.S. Raises Prospect of Retaliation Over Canada’s Digital Services Tax Plans

        The Canadian decision to push ahead now is puzzling given that an international consensus is precisely the approach that benefits Canada, since it provides the prospect of new revenues with the cover of a global agreement that removes the risk of tariff retaliation. There is unquestionably a need to ensure that large multinational companies – whether tech or otherwise – pay their fair share. But there is also a need for Canada to be strategic in implementing such policies. Launching into new digital services tax legislation two years before it is scheduled to take effect while there is both an international agreement on the table and mounting disputes with the U.S. seemingly invites further trade escalation with no real benefits from years to come.

      • Jailing Former Immigration Ministers: Denmark’s Inger Støjberg

        A Danish court of impeachment, in finding the former minister guilty for intentionally neglecting her duties under the Ministerial Responsibility Act, sentenced her to 60 days in prison.  Of the 26 members of the court, only one found for the ex-minister.

        It was only the third time since 1910 that a politician has been referred to the impeachment court. The last was in 1993, when former Conservative justice minister Erik Ninn-Hansen faced proceedings for illegally halting the family reunification of Tamil refugees in 1987 and 1988.

      • Lawmakers scuffle as Russian State Duma approves first reading of controversial vaccine pass legislation

        The first reading of a controversial draft bill on requiring QR-code vaccine passes for accessing public places in Russia led to a scuffle between Communist Party and United Russia lawmakers in the State Duma on Thursday, December 16. 

      • Kshama Sawant: “We Won Because We Did Not Back Down”

        Once again, Seattle City Council member Kshama Sawant and her Socialist Alternative organization have beaten the political odds. Last week, she defeated a million-dollar recall campaign by real estate developers and landlords, Democratic Party leaders, big Trump donors, and newspaper editorialists, who all teamed up to evict the eight-year councilor from City Hall.

      • Introducing Hungary’s top cyclist: 20-year-old Kata Blanka Vas

        Kata Blanka Vas caught the attention of most of Hungary’s spectators at the Tokyo Olympics. Even since then, she’s been rushing from one race to the next, and her path has led her to the ranks of the top cyclists. We accompanied the 20-year-old competitor and her team to a race in the Czech Republic so that you may get to know her a bit better!

      • Facebook whistleblower lands book deal

        Facebook whistleblower Frances Haugen is writing a book that will include “a critical examination of Facebook,” after revealing what critics say is damning information about the social media giant.

        Little, Brown and Co, an imprint of the publishing house Hachette Book Group, announced on Thursday that it will be publishing Haugen’s book.

        The title and release date for the book have not yet been determined, according to The Associated Press. The imprint did not reveal any financial terms of the deal.

      • [Old] IRC Changes

        Effective immediately, #southeastlinuxfest and #self-offtopic in IRC Freenode are no longer operated by SELF. They have been taken over by the entity that has taken over Freenode. Do not use these channels or this network any longer. We have migrated to #southeastlinuxfest and #self-offtopic on Libera.chat. We have an unofficial contingent on OFTC as well

      • How Beijing Influences the Influencers

        But even if the creators do not see themselves as propaganda tools, Beijing is using them that way. Chinese diplomats and representatives have shown their videos at news conferences and promoted their creations on social media. Together, six of the most popular of these influencers have garnered more than 130 million views on YouTube and more than 1.1 million subscribers.

        Sympathetic foreign voices are part of Beijing’s increasingly ambitious efforts to shape the world conversation about China. The Communist Party has marshaled diplomats and state news outlets to carry its narratives and drown out criticism, often with the help of armies of shadowy accounts that amplify their posts.

        In effect, Beijing is using platforms like Twitter and YouTube, which the government blocks inside China to prevent the uncontrolled spread of information, as propaganda megaphones for the wider world.

      • Kentucky Tornadoes, Money Competition for Teachers: One Weekend in Late Capitalist America

        Another weekend in America: American workers died on the job during an environmental disaster, while others literally scrambled on the floor for cash.

        A monster storm system sent at least 50 tornados rampaging across Arkansas, Illinois, Indiana, Kentucky, Missouri, Mississippi, Ohio, and Tennessee, killing dozens. The most recent numbers out of Kentucky, which bore the brunt of the damage, put the death toll at at least 70 people, including multiple children. Also included in the death toll are a number of people who died on the job, notably at an Amazon warehouse in Illinois and a Kentucky candle factory.

    • Misinformation/Disinformation

      • Canada Strikes Again: Allows Lawsuit Against Twitter To Proceed Over Speech Of Twitter Users

        Canada, despite being our friendly neighbor to the north, has been known to have some not great laws regarding speech. Over the years, we’ve covered a few too many distressing lawsuits that attack speech, including by going after intermediaries rather than the speakers themselves. While sometimes (but not always), Canadian courts eventually get to the right decision, it’s often many years later, and after a whole lot of censorial nonsense.

      • Paki fake news channels exploit General Rawat’s helicopter accident

        A Logically investigation has found that Pakistan-linked disinformation networks, made up of botnets, blogs and high-profile individuals, are amplifying conspiracy theories about the Dec 8 helicopter crash that killed General Rawat.

        The narratives, which include false claims that Tamil rebels or Nagaland Maoists attacked the helicopter, and that PM Narendra Modi had orchestrated the attack, were aimed at fostering separatist tensions within India.

      • Facebook Won’t Win the Blame Game on COVID Misinformation

        For a study of contrasting executive styles in one company, look no further than the difference between how Instagram chief Adam Mosseri performed in front of Congress last week and how his fellow Meta Platforms exec Andrew “Boz” Bosworth acquitted himself in a recorded interview with Axios on Sunday.

        While Mosseri did his best to be as diplomatic as possible, Bosworth, who next year will step up to become Meta CTO, came off as if he was chugging truth serum before being asked about the way Facebook was contending with how ubiquitous COVID misinformation is on the world’s biggest social platform.

    • Censorship/Free Speech

      • Censoring Texas History

        In late 18th-century America, the working assumption about slave labor in the cotton fields was that it was becoming too expensive. Here is the scenario: In the American South most slaves were used in cotton production. Yet, the use of slave labor was negatively impacting cotton’s profitability. The most labor-intensive aspect of the cotton process at this time, after planting and harvesting, was the extraction of cotton seeds from the raw cotton ball. If you ever get hold of a raw cotton ball, you can easily see why this would be so. The seeds are tightly entwined in a thick mass of cotton fibers. To increase production meant acquiring more slaves to perform this task of extraction. By the 1790s, the cost of additional slaves exceeded the expected profit from added production. Under these conditions U.S. cotton production was stagnant and losing markets to foreign production (such as in India). There was little incentive to expand American cotton production into new regions.

        Then in 1793, Eli Whitney (1765–1825) invented the modern cotton gin or cotton engine. It automated the seed extraction process. Whitney’s was not the first cotton gin. Small, hand-cranked models had been in use in India since the 16th century and were introduced into the American south around the mid-18th century. However, their use was restricted to long-staple cotton and their production capacity was low. Whitney’s invention, on the other hand, simultaneously lowered a major cost of production of both long- and short- staple raw cotton, while increasing the volume yield. At this point American cotton production became more competitive and the incentive for expansion grew. Cotton producers looked westward for new land—such as the Mexican province of Texas.

      • How Russia tries to censor Western social media

        Google and Meta face the threat of multi-million-dollar fines for failing to delete content that the Russian government considers illegal – but a close look at court papers reveals these are often simply posts about protests in support of jailed opposition leader Alexei Navalny.

    • Freedom of Information/Freedom of the Press

    • Civil Rights/Policing

      • What Will We Do With Our Rage in 2022?
      • Opinion | How the US Government Segregated America

        For many years, I worked in Boston public housing with teams of residents, community organizations, public housing staff and other professors on reducing and removing the many asthma triggers that caused the highest rates of asthma and asthma attacks in the city. Living and working in the heart of the city neighborhoods, I was keenly aware of the apartheid nature of public and residential housing (black Roxbury, white South Boston, white gentrification overtaking Boston’s mixed-income interracial neighborhoods, and white suburbs)

      • The Supreme Court, Abortion, and the New Dred Scott

        Dred Scott v. Sanford is the infamous 1857 Supreme Court decision which ruled that an African-American slave taken from slave to free territory in the US was not entitled to his freedom. At issue was the Missouri Compromise, a national law which divided America into free territory in the North, slave for the South when it came to admission for new states.  In reaching this conclusion the Supreme Court ruled that the intent of the framers of the Constitution was that persons of African descent could never be citizens, they were simply property of their owners.  Therefore any law, such as the Missouri Compromise that rendered individuals such as Dred Scott as free unconstitutionally violated their owners Fifth Amendment property rights.

        Chief Justice Taney in writing the opinion defended states’ rights.  He declared that issues such as who is a citizen and what rights they have should be left up to the individual states.  In reaching this conclusion Taney hoped the Court once and for all resolved the slavery issue.  How wrong he was.  Less than a year later Abraham Lincoln declared a “House divided against itself cannot stand” and by 1861 the  US was involved in a divided Civil War.  Dred Scott was not the end, but the final straw in the path to a political crisis the likes of what we have not seen…so far.

      • Breaking-Up Big Tech: Will History Repeat Itself?

        Over the last century, the U.S. has witnessed repeated efforts to break-up, if not outlaw, monopolies, cartels and trusts. The classic effort occurred in the fin de siècle era, from the adoption of the Sherman Antitrust Act (1890) and the Clayton Antitrust Act (1914), with the breakup of Standard Oil and other companies. Nearly a century later, a similar spirit led to the break-up of American Telegraph and Telephone (AT&T, the old Ma Bell) in 1984. While those promoting the current anti-monopoly efforts share much with earlier advocates, today’s efforts face a very different economic situation.

        The forces driving Big Tech are just the tip of an economic restructuring that’s been brewing for years. “Since 2008 American firms have engaged in one of the largest rounds of mergers in their country’s history, worth $10 trillion,” The Economist noted in a 2016 study. “Unlike earlier acquisitions aimed at building global empires, these mergers were largely aimed at consolidating in America, allowing the merged companies to increase their market shares and cut their costs.” Consolidation is occurring in all sectors as diverse as airlines, retail, telecom, hospitals & health care, food and even eyeglasses.

      • Unions Make Life Better at Work and Beyond, New Report Shows

        While it is well-established that unions strengthen worker power on the job and reduce inequality, a new report out Wednesday shows that higher unionization rates are also associated with improved conditions outside of the workplace, including better access to healthcare, paid leave, and the ballot box.

        “Unions have linked voting rights to workers’ rights.”

      • ‘Next!’ Starbucks Union Drive Spreads to Massachusetts, Arizona

        Inspired by the successful unionization of workers at two Buffalo, New York Starbucks stores last week, employees at a pair of the chain’s Boston-area locations—one in the city’s Allston neighborhood and the other in Brookline—requested votes this week to join the Workers United union.

        “We see this as an opportunity for us to empower one another and get treated as partners by the company.”

      • The Startling Postcolonial Poetics of “Coolitude”

        When the abolition of the slave trade finally came to pass, at least in England, the British were desperate to make amends. Parliament promptly declared that it would pay the enslavers £20 million—40 percent of Britain’s annual budget—as compensation for the abrupt loss of their “property.” Worse still, before the still-enslaved Africans and Afro-Caribbeans could muster a celebratory cheer, the colonial planters had already readied their replacements. On August 1, 1834, the very day that the Slavery Abolition Act took effect, a batch of 39 indentured laborers arrived from colonial India to work in the sugar plantations of Mauritius. They were promptly housed in barracks known as “Camp des Noirs.”

      • Defendant number nine Russia jails prominent businessman Mikhail Fedyaev in connection with deadly mine accident in Siberia

        One of the richest people in Russia, prominent businessman Mikhail Fedyaev was once predicted to take over as head of Siberia’s Kemerovo region. But on Wednesday, December 15, he was jailed pending trial in connection with a methane blast that killed 51 people at the Listvyazhnaya coal mine in November. Investigators charged Fedyaev with abuse of authority entailing grave consequences, making him the ninth defendant in the criminal case initiated over the accident. Earlier, on December 2, Russian President Vladimir Putin publicly chastised Fedyaev over the mine’s safety. The businessman’s arrest on Wednesday coincided with Investigative Committee Head Alexander Bastrykin paying a visit to the Listvyazhnaya mine and urging the investigation team to establish “the role of the mine’s owners in the tragedy.”

      • Testing Rape Kits Can Deliver Exonerations, Closure and Cost Savings. Why Does It Still Take So Long to Do?

        Bernard Webster had lived in a prison cell for a decade when he first heard about DNA technology. He started writing to everyone he knew trying to get evidence tested in his felony rape case. It took a whole other decade for him to be exonerated in 2002. Another two decades later, he may get the compensation he is due. Under a Maryland law updated this year, the state could owe him $1.7 million for the time he was wrongfully imprisoned, less the $900,000 the state has already paid him.

        Webster’s case is one example of the costs of delaying DNA testing, yet the collection of microscope glass slides that was used to exonerate him remains mostly untested. The stash of physical evidence from more than 1,800 cases comes from one of the country’s oldest DNA databases of rape crimes, which is stored in a Baltimore County hospital. County and state officials renewed efforts in 2019 to finish processing it, along with more than 6,000 unsubmitted rape kits stored in police inventory rooms across the state. ProPublica’s “Cold Justice” series this year spurred additional pleas and pledges for testing after we chronicled how DNA samples that were preserved decades ago by Dr. Rudiger Breitenecker helped solve some of the county’s most brutal cold cases.

      • EU ‘gig worker’ rules look to rein in algorithmic management

        The Commission’s directive proposals on algorithmic management were one of three sets of measures announced last week, including the provision of employee status for those working with “digital labor platforms.” That group includes ride-hailing firms such as Uber and Lyft, as well as delivery companies such as Deliveroo and informal domestic service work platforms like TaskRabbit.

        There are an estimated 28 million gig workers in the EU, the Commission said, a number that’s expected to rise to 43 million in 2025.

    • Internet Policy/Net Neutrality

      • The Internet Industry’s Most High Profile, But Least Successful, Trade Group Dissolves

        While this may feel like Washington DC insider baseball, it’s fairly notable that the “big” internet trade/lobbying group, the Internet Association has announced it’s shutting down (Emily Birnbaum at Politico had the scoop the night before the official announcement). There will likely be a bunch of post mortems and discussions about this happening just as the big internet companies (who came together to set up IA in the first place) are under such regulatory threats. But, to me, this is good riddance. It was an organization that more often than not made things worse for the internet, rather than better. And that’s too bad, because it had a real chance to do the opposite. This is not to say there weren’t good people who worked there — there absolutely were. But as an organization, it missed a ton of opportunities to do the right thing.

      • U.S. Prepares To Spend $42 Billion On A Broadband Problem It Can’t Accurately Measure

        As we’ve noted, the recent infrastructure bill will deliver a record $65 billion to be spent on improving lagging U.S. broadband access. Roughly $42 billion will be used specifically to expand broadband coverage, mostly via state grants doled out by the National Telecommunications and Information Administration (NTIA). By any measure this is a good thing, and the investment should result in significant improvements in patchy, expensive U.S. broadband access.

    • Digital Restrictions (DRM)

      • Spotify Buys Company That Turns Radio Shows Into Podcasts

        Spotify has acquired Whooshkaa, an Australian podcasting platform that allows radio broadcasters to turn their shows into monetizable podcasts.

        Using Whooshkaa’s technology, broadcasters are able to record live broadcasts and edit out ads that can be replaced with dynamic, podcast-only ads. Following the acquisition, Whooshkaa’s technology will be integrated into Megaphone, the podcast advertising and publishing platform that Spotify acquired last year, and the audio giant will be able to add more third-party audio content to its library.

    • Monopolies

      • Patents

        • As Omicron Spreads, 100+ Firms in Africa, Asia & Latin America Can Make mRNA Vaccine If Tech Shared [Ed: The patent monopolies worsen the situation]

          As the coronavirus variant Omicron spreads across the world at an unprecedented rate, a group of vaccine experts has just released a list of over 100 companies in Africa, Asia and Latin America with the potential to produce mRNA vaccine. They say it is the one of the most viable solutions to fight vaccine inequity around the world and combat the spread of coronavirus variants, including Omicron. We speak to Achal Prabhala, one of the vaccine experts who compiled the list. If mRNA technology could be shared with the listed companies, “we could vaccinate the world in as close to six months from now,” says Prabhala. “These are very much the people’s vaccines. It’s just that they are private property.”

        • More Than 100 Firms Across the World Can Make the mRNA Vaccine If Tech Is Shared
        • We Need a Coordinated Global Response to the Pandemic

          We need to learn the lessons of this game and apply them to the real world. In controlling a global pandemic, we must come to the realization that no one is safe until everyone is safe. Global cooperation is the key to success.

          The developed nations have received most of the vaccinations, but have been plagued by new variants such as Delta, which started in India, or the new Omicron, first reported in Southern Africa. These variants are created in areas of low vaccination, where high rates of transmission increase the odds of a new mutation that is more contagious, more deadly or able to break through the existing vaccines. Such variants, unfortunately, can circle the globe quite quickly, as we have seen. Consequently, we must develop a coordinated global response to this pandemic, if we truly want to defeat Covid 19.

      • Copyrights

        • Bruce Springsteen Sells Music Catalog in Massive Deal

          It is the latest and biggest megadeal in what has been a frothy couple of years in which investors, major music companies and private equity firms — lured by the rise of streaming and a promise of growing music revenues for years to come — have poured billions of dollars into buying song catalogs.

          Bob Dylan, Paul Simon, Stevie Nicks, Shakira, Neil Young and many other stars have sold all or parts of their work for prices reaching into the hundreds of millions. Dylan’s deal, with Universal Music Publishing Group last year, was only for his songwriting and was estimated at well over $300 million.

        • This Year’s ‘Anti-Piracy Award’ Goes to the EU Intellectual Property Office

          The Audiovisual Anti-Piracy Alliance has announced the winner of its annual “Anti-Piracy Award.” The honors go to a team at the European Observatory on Infringements of Intellectual Property Rights, which is part of the EU Intellectual Property Office. Among other things, the EU team has helped to prioritize the online piracy problem throughout Europe.

        • YouTube Urges Court to Dismiss Chaotic Class Action Copyright Lawsuit

          In the summer of 2020, musician Maria Schneider filed a class action lawsuit against YouTube demanding access to takedown tools and claiming that the service fails to terminate repeat copyright infringers. Almost 18 months later, YouTube wants the lawsuit dismissed, alleging that the plaintiffs are “hiding the ball” and “flouting the law”.

IRC Proceedings: Thursday, December 16, 2021

Posted in IRC Logs at 2:23 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now

IPFS Mirrors

CID Description Object type
 QmeEDKiPKMZNCp8SGodzsvqkA8rYhLG5dyJZVrNUWLUfBo IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmVLjGcifcW3Gr7Q4PkMxKSiToUqEUyaweCv5oDVUk6cRG IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmTFnoBnUQFmT4t2EQ8cEFXn2J9kxLW99p5unPwwZYJXhG IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmNWENwJMXFT7pndZeZH23PuiSDMrjFshek6bxALxeDJJ9 IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmakkCeAuaBC4MHZSfbauN7TjvxAgVw5QHoZQRkHEUte31 IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmVDmUhLMAdsZFXbYUeCYSWy1pKx75XcQm52D3JmK7Y9UG IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmfTi7FuV9mHkCossaR3LTcXjdWVZPbWsZVQu34XriJAxQ IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmUHnvFVg1DSWKhtZrFLDxwQmwojLBuuvZdmZTCMLcUWnd IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmTZSRzHEP7hwr4tL7ky23HxA9Z3tUBjQrfwYPAieSYsGe

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts