Recent AWS outages sent Alex on a hunt to find more self-hosted alternatives, and Chris digs into the latest Home Assistant release.
Plus a frenzy of your excellent feedback and questions.
Blender, which is free and open source software, is one of the best programs for creating professional-quality 3D animations.
Kali Linux is the standard hacking toolbox – and pretty confusing at first glance, too. c’t 3003 is therefore taking a short tour of Kali.
Newly ordained Hackaday editor-in-chief Elliot Williams and staff writer Dan Maloney jump behind the podcast mic to catch you up on all this week’s essential hacks. We’ll have a Bob Ross moment with an iPad, go to ridiculous lengths to avoid ordering a 555, and cook up a Wii in toaster. Need to make a VGA adapter from logic chips? Or perhaps you want to quantify the inner depths of human consciousness? Either way, we’ve got you covered.
A new batch of AMDGPU DRM-Next patches were sent in on Thursday and mostly revolve around fixes. Among the notable fixes is reducing buffer object memory usage for multi-GPU systems by being able to share the system memory DMA mapping address and thus in turn reducing memory usage by avoiding the duplicating of that information. There are also fixes around RAS, SR-IOV, compiler warnings, power management, IP discovery, and SVM fixes to the AMDKFD compute code. There are also some new display-related bits exposed via DebugFS, new SMU debug options, and various driver documentation updates.
Not only is Loongson working on bringing up LoongArch ISA support for the GCC compiler and related GNU toolchain components, but the Chinese company has now laid out their plans for LoongArch on LLVM.
Loongson has been very busy this year bringing up LoongArch, their new downstream of the MIPS CPU architecture. They have been working on porting the Linux kernel to LoongArch as well as the open-source code compilers and related components for what they aim to be a Chinese domestic high performance CPU. Current LoongArch-based 3A5000 CPU benchmarks are not so impressive but will be interesting to see how this new MIPS-based architecture evolves.
Following the Radeon Pro Software for Enterprise 21.Q4 Windows driver that released earlier in the month, this week brought the similar quarterly enterprise graphics driver update to Linux.
Radeon Pro Software for Enterprise 21.Q4 for Linux released this week and is officially supported on RHEL/CentOS 7 and RHEL/CentOS 8, Ubuntu 20.04.3 LTS, Ubuntu 18.04.5 LTS, and SUSE SLED/SLES 15 SP3. This Radeon PRO 21.Q4 Linux driver continues to officially support the AMD Radeon Pro W/WX GPUs, Radeon Vega Frontier Edition, Radeon Pro Duo, and the Radeon PRO VII.
Since early 2020 Micron went public with HSE as an open-source storage engine for SSDs and persistent memory. The HSE key-value store proved to be extremely performant with the likes of a MongoDB implementation but required changes to the Linux kernel that made it initially a higher barrier for entry. HSE 2.0 shipped in October that no longer required those kernel changes while still offering blistering fast performance. Now to round out the year they have HSE 2.1.
After being more than ten years in the making after being started by Fujitsu engineers in 2008 but never going through all the steps for upstreaming, thanks to a SUSE engineer the Linux 5.17 kernel will finally have the Xen USB virtual host driver.
Juergen Gross of SUSE recently has been cleaning up, updating, and getting the Xen pvUSB Linux front-end driver in a state for upstream. Earlier this week the goal was realized when Greg Kroah-Hartman pulled this driver into the USB subsystem tree he maintains ahead of the upcoming Linux 5.17 merge window.
After the open-source NVIDIA Tegra DRM driver changes intended for Linux 5.16 weren't pulled due to timing, they are back around for Linux 5.17 with most notably the open-source Tegra driver feature pull request introducing NVDEC video decoding.
NVIDIA's Thierry Reding sent out the Linux 5.17 Tegra DRM driver changes to DRM-Next today. Like the work that was intended for Linux 5.16 but un-merged, the big items are a rework to buffer object handling to better match DMA-BUF expectations and then the NVDEC driver.
It's been a while since last comparing the Apple macOS performance to Linux since in part because the newer Apple Silicon (M1) hardware isn't yet in good enough shape for performance tests on Linux. But for those wondering about the Intel-powered Macs and how the performance of the latest Linux distributions compare to that of macOS 12 Monterey, here are some benchmarks of the new macOS 12.1 up against Ubuntu 20.04.3 LTS, Ubuntu 21.10, and Intel's own Clear Linux.
Prometheus is an open-source monitoring solution for collecting and aggregating metrics as time series data. Put more simply, each item in a Prometheus store is a metric event accompanied by the timestamp it occurred.
Prometheus was originally developed at Soundcloud but is now a community project backed by the Cloud Native Computing Foundation (CNCF). It’s rapidly grown to prominence over the past decade as its combination of querying features and cloud-native architecture have made it the ideal monitoring stack for modern applications.
In this article, we’ll explain the role of Prometheus, tour how it stores and exposes data, and highlight where Prometheus’ responsibility ends. Part of its popularity is down to the software’s interoperability with other platforms which can surface data in more convenient formats.
The Deluge BitTorrent client got an update after more than 2 years of development by releasing v2.0.4 and then v2.0.5 with a quick fix.
Deluge is a lightweight, free and open-source, and cross-platform BitTorrent client written in Python. It uses libtorrent library and features full encryption, GTK, Web and console UI. And, it has a daemon package to run as a system service, allowing user to control remotely over the web.
Version 6.0 of GNU Nano was released. The slim and easy-to-use text editor for the command line is included in most Linux distributions and provides the most important editor functions including syntax highlighting and macros via keyboard shortcuts. What is unusual about version 6.0 is its code name: “Humor heeft ook zijn leuke kanten” is what it means, translated: “Humor also has its beautiful sides”. The expression goes back to the Dutch comedian Herman Finkers, who coined the sentence: “Humor heeft ook leuke kanten.”, “Humor also has beautiful sides”.
Linux continues to be in demand, given its open-source nature, ease-of-use, and various apps and packages. Add a healthy mix of digital art tools to this list, and you will already have a fantastic operating system to work on.
The highly coveted tools mentioned below promise to deliver highly functional and powerful graphic design utilities to digital artists.
Check out these 10 authentic tools tailor-made for digital artists and creative people alike.
Version 6.2 of the open source emulation and virtualization software QEMU has been released. 189 developers contributed over 2300 commits to the minor release. ARM virtualization in particular benefits from the innovations, but there are also innovations in the emulation of RISC-V and PowerPC architectures.
Among other things, the team improved the compatibility with Apple’s silicon SoC: With the update, QEMU masters the Hypervisor.framework (hvf) accelerator for virtualizing AArch64 architectures on silicon hosts. In addition, virtual machines with QEMU 6.2 can use Intel’s SGX (Software Guard Extensions). The entire changelog can be found in QEMU-Wiki.
GNU/Linux distros have lots of good things going for them. For example, they can be a refresher for someone from Windows or macOS. A lot of things in Linux are pretty similar to Windows, but what’s not identical is checking the OS version in Linux.
One can, arguably, go to the Settings > System Info on a Linux distribution, but provided there are tons of distributions out there, it’ll be hard for us to cover every single one of them as some of them differ. Therefore, in this article, let’s look at the three commands to check the OS version in Linux.
Command to install Gparted on Debian-based Linux systems such as Ubuntu 22.04 Focal Fossa and Ubuntu 22.04 LTS Jammy Jelly Fish using command terminal.
GParted is a GTK -based graphical user interface for GNU Parted. With GParted the partitioning of a drive can easily be changed, for example, partitions can be enlarged or reduced, newly created, moved, or reformatted. General information and safety instructions on partitioning can be found in the article Partitioning.
For Terraform 0.12 and later, you can use the join() function, to allow you to join or concatenate strings in your Terraform plans. The terraform join function has two inputs, the separator character and a list of strings we wish to join together.
Today we are looking at how to install MetaTrader 4 with the Hugosway Broker on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
Timelie is a single-player stealth and puzzle game developed and published by Urnique Studio. The game was developed in Unity and was released on Microsoft Windows and Mac OS. Here’s how you can play it on Linux.
First, download the newest version of Linux Mint. As I write this, that's Mint 20.2, but Linux Mint 20.3 will be out in early 2022. At about 1.5GB, depending on your internet speed, this may take a while.
Mint comes with three different desktop interfaces. These are MATE, Xfce, and its default desktop, Cinnamon. I recommend you go with Cinnamon, for starters. If it turns out you really want to get deep into Linux, you'll have plenty of opportunities to explore the various Linux interfaces.
Once you've downloaded Mint, you should try the Linux distro before installing it. Fortunately, unlike other operating systems, Linux distros like Mint make it easy to give them a test run before committing to it.
If you don't have an ISO burner program, download one. I recommend freeware programs ImgBurn for optical drives and Yumi for Windows for USB sticks. Other good choices are LinuxLive USB Creator and UNetbootin. These are all free programs.
Unless you're using an older PC that won't boot from a USB stick, I strongly recommend using a USB flash drive for your test drive. You can run Linux from a DVD, but it's very slow. But, I might add, Linux Mint will run on pretty much any PC that hasn't turned 10 yet. So, if you have a computer collecting dust in the closet that you want to get some use from, go for it.
JAVA_HOME is an operating system environment variable that stores the location of the java installation folder. Every time a java program or application is run, this variable is invoked. You need to set up the JAVA_HOME variable correctly to run your java program otherwise you will encounter this error message “Error: JAVA_HOME is not defined correctly.”.
In this tutorial, you will learn different methods to set up the JAVA_HOME variable and different configuration options that are available to you while setting up this system variable.
Amazon Simple Notification Service (SNS) is a web service that coordinates and manages the delivery of messages. It is a highly available, durable, secure, fully managed pub/sub messaging service. It uses cross availability zone message storage to provide high message durability. Amazon SNS also ensures that data is encrypted in transit. It is used to broadcast the messages of a message-producer system.
To receive messages published to an SNS topic, we must subscribe to an endpoint. We can have endpoints such as AWS Lambda, Amazon SQS, HTTP/S, or an email address to the topic we create. When we subscribe to an endpoint to a topic and confirm the subscription, the endpoint begins to receive messages published to the associated topic.
Vulnerabilities arise every day with the security specialist engaged in fixing it and the hackers working to exploit it. A Vulnerability scanner checks a system with the already known vulnerabilities which can be exploited by attackers to compromise a system. There are many tools available in the market for vulnerability scanning. Nessus is one such powerful scanning tool for discovering vulnerabilities. It is developed and maintained by Tenable Network Security Inc. It was once ranked first in the security tools checklist of Nmap Software LLC. Although it is now dropped to the third position in the list, it is still a powerful remote security scanning tool.
In this tutorial we are going to learn how to install and configure Redis 6 on Rocky Linux 8 using Ansible. This guide will also work on other RHEL 8 based servers like Oracle Linux and Alma Linux.
Redis is an in-memory data structure store, used as a distributed, in-memory key–value database, cache and message broker, with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indices.
Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows.
zsh (Z Shell) is a very popular Unix shell. It’s similar to Bash but comes with many added features that change its appearance and behavior.
zsh is also very customizable, which allows users to create their own themes and plugins, which further extends its features.
Tutorial to install self-hosted web-based open-source project management software known as “OpenProject” on Ubuntu 20.04 Focal Fossa using command terminal. OpenProject enables companies to have project references, documentation, user manuals, and more, all in one central location, accessible from anywhere to share information with teams.
OpenProject is a web-based project management software available in the Community Edition, Enterprise on-premises, and Enterprise cloud. Of course, the Enterprise editions will have some premium features along with support & hosting facilities. Whereas the community edition is free to download and can be hosted on any server, well, the user will be responsible for the installation and configuration, here.
We can use Opensource for universities, educational institutions, research, IT / technology companies, NGOs, administrations, foundations, public institutions, authorities, banks and insurance companies, and the automotive industry.
Recently, when I was updating Ubuntu via command line, I encountered a warning that complained about target package being configured multiple times.
The timedatectl command allows you to both query and change the system clock and its settings on Linux systems.
To display the current settings, use the command by itself—with no arguments.
Virtualization in today's time plays a critical role. From consumer level desktop usage to enterprise level cloud services, there are a variety of applicabilities.
This guide will help you to get started with virtualization in a comprehensive manner. This will give you enough fundamental knowledge to you as a student, engineer or even as a CTO to understand different types of virtualization and how it is used in the industry today.
Want to Expose your localhost on the Internet? Often, clients ask for an update, or your friends want to know the site you were working on. We can solve all these problems using Localtunnel.
Localtunnel exposes your localhost to the Internet without foul play on DNS or deploying on another commit. Apache, Nginx, and Node Js application can be easily accessed by your friends or client for updates.
Back in the early days of personal computers, I wrote the IBM training course for the original IBM PC. To complete the course in time for the IBM, ComputerLand, and Sears training, IBM gave me a PC to take home so I could work over evenings and weekends—arguably the first instance of anyone having an IBM PC in their home.
I did this work in Boca Raton, Florida, where the small, local power company was commonly known as "Florida Flicker and Flash," with good reason. The short but frequent power outages caused me to lose my work more than once. Unfortunately, there were no Uninterruptible Power Supply (UPS) systems to keep my PC up and running through these annoying and sometimes destructive incidents.
A UPS keeps a computer running long enough to last through minor power events, such as outages and surges of a few seconds up to as much as 20 or 30 minutes. In the case of these longer outages, the function of the modern UPS is to notify the computer to power down before the UPS runs out of battery power. Otherwise, the sudden loss of power can lead to loss of data.
The computer and UPS communicate through a serial or USB cable. A system service manages the communications and sends appropriate commands to both the UPS and the computer. Windows computers generally use a free version of the software provided by the UPS vendor. However, the apcupsd utility supports Linux, Windows, BSD, Solaris, and macOS, providing consistency across operating systems.
This set of tools supports APC UPS systems and provides varying degrees of support for UPS systems produced by Tripp-Lite, CyberPower, and others. I currently have UPS systems from all three of these manufacturers running on networks for which I have responsibility. I have not found a list of supported UPS systems. Nor is the apcupsd documentation helpful on this, and I have seen nothing definitive in any web searches.
The Wine development release 7.0-rc2 is now available.
What's new in this release (see below for details): - Bug fixes only, we are in code freeze.
The source is available from the following locations:
https://dl.winehq.org/wine/source/7.0/wine-7.0-rc2.tar.xz http://mirrors.ibiblio.org/wine/source/7.0/wine-7.0-rc2.tar.xz
Binary packages for various distributions will be available from:
https://www.winehq.org/download
You will find documentation on https://www.winehq.org/documentation
You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.
Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
With Wine 7.0 gearing up for release in January, since last week we have been under a feature freeze and weekly release candidates. Wine 7.0-rc2 is out now with more fixes in battening up this next open-source release for enjoying Windows games and applications on Linux / macOS / BSDs.
Wine 7.0-rc2 brings 34 known bug fixes over the past week. Among the software seeing fixes with this RC are Proteus 8, Final Fantasy XIV, Ace Ventura, Borderlands GOTY Enhanced, Dark Souls: Remastered, Resident Evil 4 HD, and others.
The PCSX2 developers have explained the licensing situation too; in essence, its core code is LGPLv3 licensed, and any of the code still leftover in AetherSX2 that’s covered under GPL will be removed by the time the app is officially released.
[...]
Given the alternatives for PlayStation 2 emulation in the past, AetherSX2 is a fantastic step forward. Its support from the PCSX2 developers also goes a long way, and we’re looking forward to seeing how the emulator grows and matures in the future. I’m personally excited to see how the new Qualcomm Snapdragon 8 Gen 1 will fare. Be sure to give it a try and let us know what you think in the comments!
The massive AI Kingdoms update for Kingdoms and Castles has finally hit Open Beta for anyone who owns it, so you can now see what the developer has been working on for quite some time.
Kingdoms and Castles is a city-building simulation game about growing a kingdom from a tiny hamlet to a sprawling city and imposing castle. It has gradually grown from quite a small and relaxed game into a much bigger city-builder / RTS hybrid, although you can still pretty much play how you want and AI Kingdoms are optional to add in.
According to a new Steam Update for the Steam app, Valve's next line of work revolves around improving Steam's Remote Play service within Linux. The update comes as Valve prepares for the Steam Deck and its proprietary Linux operating system, so this prep work will likely benefit the forthcoming handheld.
The update greatly improves Video Acceleration API (VA-API) hardware decoding on Linux. The touch controls settings have also been fixed to save the settings correctly in the Steam Link app. So there's a lot of work being undertaken to ensure that Remote Play works well within Linux.
VA-API support is important, as it's an open-source video API used by Linux operating systems, and the Steam Deck will presumably use the API to decode game streams with Remote Play. VAPPI is used by popular applications such as VLC within Linux and supports Intel and AMD open-source video drivers. The video API also supports many video codecs, including MPEG-2, H.264, H.265, VP9, and more.
Godot 3.4 was released a month ago, and it went fairly smoothly! Many thanks to all the contributors who worked on it, including all testers who tried beta and RC releases to ensure that the 3.4-stable branch would be an easy and worthwhile upgrade path for all users.
No software release is perfect though, so there will always be some things to iron out, which is why we provide maintenance releases for stable branches, focusing on bugfixing and preserving compatibility (see our release policy). Godot 3.4.1 is the first maintenance release in the 3.4 stable branch, and a recommended upgrade for all Godot 3.4 users.
Only a day after we mentioned that Baldur's Gate: Dark Alliance would be getting a new PC release and it's here already, along with Linux support! Your chance to relive another classic thanks to Interplay Entertainment and Wizards of the Coast.
"This revival of the original Baldur’s Gate: Dark Alliance puts the ‘action’ back into the action-RPG genre, plunging players into the heart of Faerûn. As well as looting and leveling, players must actively defend against and dodge attacks, evade deadly traps, and fight hordes of monsters ranging from swarming kobolds to the iconic and all-consuming Gelatinous Cube.
Netherlands based Two Tribes is an indie game developer who worked on titles like RUSH, EDGE, Toki Tori, RIVE and more just open sourced their game engine. This is the game engine that was used for the likes of RIVE and Toki Tori 2+ and it's now under the GPL2.
Creative Assembly continue rolling out more teaser videos of the upcoming Total War: WARHAMMER III, which will be ported to Linux by Feral Interactive.
Just recently CA put up a video finally giving us a proper look at the campaign map. Going over many different biomes you can expect to move armies through and perhaps conquer. It sure does look pretty and might have one of the best looking campaign maps of any similar strategy game.
This tutorial will showcase how you can be very productive with an on-demand tiling system that does not require you to make a hard choice at login. Window Shuffler allows you to use tiling only when you want, on the monitor or virtual desktop you want, without requiring you to log off your regular DE and switch to a tiling environment.
Since I started using it, I have a hard time using any other desktop environment that does not bring the features of Window Shuffler.
Window Shuffler is developed by Jacob Vlijm of Ubuntu Budgie. It is installed by default on Ubuntu Budgie. Various users reported that it works well on other GTK desktop environments, such as Ubuntu MATE. I believe it is also available on the AUR for arch users… btw.
Having said that, there are some integrations that are done very well on Ubuntu Budgie, so for anyone willing to give it a try, I recommend to spin up a live ISO of the latest Ubuntu Budgie. By doing so, you will be able to have a taste of the full experience of Window Shuffler.
[...]
Window Shuffler applet is a nice, optional feature introduced by Jacob Vlijm with Ubuntu Budgie 21.10. It allows us to add an applet to Budgie panel, which controls Shuffler tiling. This is very useful especially for users that are new to tiling, or those that have not learned the shortcuts, or that like tiling windows but are not keyboard fanatics.
In order to get started, we first have to open Budgie Desktop Settings, Panels, Top Panel, and click the + Icon next to Add applet. Scroll to the bottom, and add Window Shuffler. I am going to leave it in the default position, next to the clock in the middle of my top panel. Feel free to move it around as needed. We can now close Budgie Desktop Settings.
Next step is to open our Window Shuffler Control. We can now do this from the gear icon in our new Applet.
GCompris is one of the oldest and most popular open-source educational software suites for GNU/Linux distributions, and the new release, GCompris 2.0, is here to provide even more hours of fun and entertainment for your children.
Highlights of GCompris 2.0 include several new activities, such as Baby Mouse for helping children interact with a computer for the first time, Oware as traditional African strategy game, Positions to help children learn the terms that describe an object’s relative position, and Ordering Sentences for helping children practice reading and grammar by sorting out parts of a sentence.
Just in time for the upcoming holidays, "KDE's educational suite of more than 170 activities and pedagogical games", GCompris, has released version 2.0.
Update on what happened across the GNOME project in the week from December 10 to December 17.
Coming just two weeks after the major EndeavourOS Atlantis release, the EndeavourOS Atlantis Neo is here as an interim release that addresses a few issues present in the Atlantis ISO.
For example, EndeavourOS Atlantis Neo improves the Calamares graphical installer, which has been updated to version 3.2.49, to support encrypted Btrfs installations when selecting Swap partition and hibernation, as well as to allow users to install EndeavourOS on machines with less than 2 GB of RAM.
I want to start with the clarification that EndeavourOS is a rolling release and that the changes and updates on our ISOs only affect the installation experience and an update of our offline edition. We don’t hold back packages in any way. The point release numbers in the ISO name simply refer to the year of release followed by the number of releases in that year. Having said that, let’s go back to the Atlantis neo release and here’s what’s going on:
Major release – The recent Atlantis release was a major release that contained a lot of improvements and new features created and implemented by our developers’ team, next to the regular upstream package updates. A major release will also be “celebrated” with a new wallpaper and a new code name inspired by existing or fictional spacecraft names.
Hotfix feature – This is an express tool for the dev. team to push out small bug fixes to a released ISO. Those fixes can be, corrected errors created by us, workaround scripts to patch an upstream bug or upstream bug fixes that don’t interfere with other packages on the ISO. Just see it as a band-aid, fixes pushed out by this feature are merely temporary patches.
Interim release – An interim release ships a slightly updated version of a recent major release, without the addition of new features or new wallpapers. The fixes these releases contain are, reversed workarounds due to an upstream fix and/or upstream bug fixes or changes that also affect the behaviour of other packages on the ISO. Of course, with these changes, they will also ship all the upstream package updates.
Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!
The Fedora Respins SIG is pleased to announce the latest release of Updated F35-20211216-Live ISOs, carrying the 5.15-7-200 kernel.
The next set of isos will be released around 20220115.
This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 950MB of updates savings )).
Throughout our fictional case study of Davie Street Enterprises (DSE), we have witnessed how embracing modern tech industry best practices have drastically increased the speed at which the company can accomplish its goals while improving overall operational efficiency.
DSE has done this by finding platforms, services, and processes that best align with its goals—made possible by the combination of Red Hat products and our partner ecosystem. In this post, we will focus on those operational efficiencies and how they can be further enhanced through the use of Red Hat Cloud Services, all of which are built on Red Hat OpenShift.
In a world where organizations are continually asked to do more with less, IT leaders are always looking for new technologies and strategies that can help their teams become more agile and efficient. Doing so frees up time and resources that can be better used to deliver the essential technologies needed to drive business success.
Manually performing routine tasks and complicated processes eats up both time and money, and automating those efforts can make the difference between keeping pace with customer demand and falling behind.
Debian comes with tons of fonts for all kinds of purposes, you can easily list them (almost) all with: apt-cache search ^fonts-.
However, sometimes they are not in their latest version, or as a user you would like to get access to new fonts that are not present in Debian stable yet.
With the tool fnt you can easily preview, and install fonts from Debian sid and Google Web Fonts (that's about 2,000 fonts that are DSFG compliant). Any user can use the tool to install fonts only for the user itself, or the system administrator can run it as root to install the fonts system wide.
The package fnt is already in Bookworm, so if you run Debian testing you can use it to get, test and use many fonts that are in their way of being packaged in Debian...
With the development of open source software-defined networking solutions, virtualisation took a progressively more important place in modern data centres. Concepts like virtual switching and routing became part of the data centre networking scene, with OVS as a pioneering example. Virtual switches nevertheless did initially miss very important networking features and standards, which hardware-based network devices already had – and which were proven and widely implemented. OVN came to represent those network features in virtual switching environments and address their extensibility across multi-host clusters. Let’s first take a closer look in order to understand what OVN is.
With the explosion of application traffic and the multiplication of data centre workloads during the last decade, east-west traffic greatly increased and ended up impacting the traditional north-south based architectures. This raised the need to review the entire data centre architecture while keeping the goal of meeting performance, security, and monitoring requirements.
From a performance and security perspective, rather than shunting the traffic to centralised security and management blocks within the data centre (which might cause performance issues) or accepting uncontrolled zones, the forwarding and security intelligence can be distributed throughout the data centre.
Linux has become one of the most user-beloved operating systems since it was released in 1991. Linux, based on the kernel combined with the GNU Project, was actually the first complete open-source operating system.
Linux is characterized by the great versatility of its use. You can run it on a credit-card-sized single-board computer, such as the Raspberry Pi, to teach kids computer science at school. At the same time, Linux assists in performing computations in quantum mechanics on the most powerful supercomputers.
There are a wide variety of Linux distributions and operating systems based on the Linux kernel. Some of them are purely open-source, like Debian or Gentoo, while the others are provided by commercial vendors (for example, Red Hat and Ubuntu). Probably, the most prominent Linux-based OS is Android, which is an absolute winner in the market of mobile operating systems.
The Linux OS is widely used in embedded systems due to its high flexibility. Embedded Linux development is aimed at customizing Linux to make it fully compliant with your product requirements.
Linux is compatible with almost any modern hardware platform. If you need to move to different electronics or update the current hardware version, it won’t be a problem to port your operating system and run it successfully on the new system on a chip or desktop platform.
If you want to get a more detailed understanding of Linux and its strengths for healthcare, please check out our guide on why choose Linux for medical devices.
I’ve not used an FM radio for years, but if you’d like to teach younger generations about older technology and show them how to solder components there’s an RDA5807 based kit that would allow you to build DIY FM Radio operating in the 87 MHz to 108 MHz range.
The JC-300 kit comes with a bare PCB, and all components required including a speaker, an antenna, and a holder for a 18650 battery. Some of the main components of the kit include...
SMART Wireless Computing has announced the Inforce 68A1, a compact system-on-module based on Qualcomm QCS8250 IoT processor with support for up to seven concurrent 4Kp120 camera inputs, and decode/encode two 4Kp120 video streams simultaneously.
Equipped with 8GB PoP DDR5 memory, 64GB UFS storage, a wireless module supporting 802.11ax Wi-Fi 6E and Bluetooth 5.1, the module is designed for high-end IoT applications such as smart cameras, video collaboration, AI hubs, connected healthcare, and smart retail.
Smart Wireless unveiled an “Inforce 68A1 SoM” that runs Android 10 on a Qualcomm QCS8250 with 8GB LPDDR5, 64GB UFS, and 802.11ax (Wi-Fi 6E) that supports dual 4K120 displays and up to 7x 4K120 camera inputs. An “ACC1C20” dev kit is also available.
In July, we reported on Thundercomm’s TurboX C865 SOM and dev kit, as well as eInfochips’ EIC-QCS8250-210 Mini-ITX board, both of which run Android on Qualcomm’s octa-core QCS8250. The octa-core SoC is an embedded oriented variant of the Snapdragon 865. Now, Smart Wireless has launched an Inforce 68A1 SoM and ACC1C20 reference board based on the QCS8250.
2021 was a year of transformation and growth for Purism, amidst real challenges. Thank you for all your support and contribution! This has been a particularly daunting year for the supply chain. Really, the global pandemic has made supply chains less reliable, and lead times and shipping times for various parts incredibly unpredictable. In midst of these, we deeply sympathize with those who are waiting on their devices. We assure you that our teams have been working overtime to fulfill orders and build the inventory of critical parts.
Recently, the UK’s Competition and Markets Authority (CMA) initiated a second round of consultation on the voluntary commitments offered by Google in the Chrome Privacy Sandbox (GCPS) investigation. We welcome the inclusion of greater transparency, consultation, and restrictions on self-preferencing, as we had advocated for in the initial consultation. However, we remain concerned by the broadening scope of the standstill period that will further delay both the deprecation of Third Party Cookies (TPCs) and the deployment of privacy forward technologies such as Privacy Budget or GNATCATCHER which have the potential to address cross-site tracking that occurs through fingerprinting and IP addresses.
A year ago I posted Glean in 2021 as a way to look into the future and set out a vision and plan for the project. Today I’m looking back at 2021, if we were able to follow up on my plans back then and look at all the other things we did for Glean.
Let’s start easy: According to the index we wrote 21 This Week in Glean blog posts (including this one). Close enough to one every other week. Communicating about our work is important and TWiGs are one way to put our ideas and thoughts about the project out there.
Let’s first look at the topics I identified as important in last year’s blog post.
This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.
This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.
This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.
This is an advent calendar for techies. In the fully commercialized digital world, almost everything belongs to a large Internet corporation. Their software is neither open nor free. As an alternative, there is this small island of the open source world: software whose code is publicly visible and can be independently checked for possible security gaps and backdoors. Software that can be freely used, distributed and improved. Often the drive for work is simply the joy of providing something useful to society.
Augur is a prediction market-focused decentralized oracle network and peer-to-peer driven technology. Augur is free software that is released under the GNU General Public License (GPL) and the Massachusetts Institute of Technology (MIT) licenses.
The remaining, a paltry 0.29% of votes, went with the third option, an (A)GPL License that allows users to distribute, run, study, and share free software.
Do you know the law of least astonishment? I am not sure of its origin, but I first learned it from the excellent “Tao of Programming.” Simply put, it is the principle that software should always respond to the users in a way that least astonishes them. In other words, printing a document shouldn’t erase it from your file system.
Following the law of least astonishment, what should a program do when it hits a hard error? You might say that it should let the user know. Unfortunately, many systems just brush it under the rug these days.
I think it started with Windows. Or maybe the Mac. The thinking goes that end users are too stupid or too afraid of error codes or detailed messages so we are just leaving them out. Case in point: My wife’s iPhone wouldn’t upload pictures. I’m no expert since I carry an Android device, but I agreed to look at it. No matter what I tried, I got the same useless message: “Can’t upload photos right now. Please try again later.” Not only is this not very informative, but it also implies the problem is in something that might fix itself later like the network.
The GStreamer community keeps focusing their efforts on improving Windows support and is still adding various super fascinating features for Windows. GStreamer is about to release a new stable release (1.20) very soon, so you may want to know what’s new on the Windows front
webrtcsink is an all-batteries included GStreamer WebRTC producer, that tries its best to do The Right Thingââ¢.
Following up on the last part of my last blog post, I have spent some time these past few months working on a WebRTC sink element to make use of the various mitigation techniques and congestion control mechanisms currently available in GStreamer.
This post will briefly present the implementation choices I made, the current features and my ideas for future improvements, with a short demo at the end.
Note that webrtcsink requires latest GStreamer main at the time of writing, all required patches will be part of the 1.20 release.
awstranscriber, a GStreamer wrapper for AWS Transcribe API
If all you want to know is how to use the element, you can head over here.
I actually implemented this element over a year ago, but never got around to posting about it, so this will be the first post in a series about speech-to-text, text processing and closed captions in GStreamer.
Speech-to-text has a long history, with multiple open source libraries implementing a variety of approaches for that purpose[1], but they don't necessarily offer either the same accuracy or ease of use as proprietary services such as Amazon's Transcribe API.
My overall goal for the project, which awstranscriber was only a part of, was the ability to generate a transcription for live streams and inject it into the video bitstream or carry it alongside.
The main requirements were to keep it as synchronized as possible with the content, while keeping latency in check. We'll see how these requirements informed the design of some of the elements, in particular when it came to closed captions.
My initial intuition about text was, to quote a famous philosopher: "How hard can it be?"; turns out the answer was "actually more than I would have hoped".
Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 937 other packages on CRAN, and downloaded over 22 million times (per the partial logs from the cloud mirrors of CRAN).
This release brings another bug fix release 10.7.5 by Conrad in the ‘long-term support’ 10.7.* series we started with 0.10.7.0 on September 30. As the bug fixes can come a little quicker than the desired monthly cadence CRAN aims for, we skipped a few of those release for CRAN only but of course still provide them via the Rcpp drat repo.
A new release 0.4.18 of RProtoBuf arrived on CRAN earlier today. RProtoBuf provides R with bindings for the Google Protocol Buffers (“ProtoBuf”) data encoding and serialization library used and released by Google, and deployed very widely in numerous projects as a language and operating-system agnostic protocol.
This release, the first since March of last year, contains two contributed pull requests improving or extending the package, some internal maintance updating the CI setup as well as retiring an old-yet-unused stub interface for RPC, as well as an update for UCRT builds on Windows.
But, would really like to compile the latest Scribus. Also, Vym is a great mind-mapping tool that requires qt5. What else? -- krita is another qt5-base app I think.
So, I examined the error message where it failed. It is code supporting the AVX instructions. These are instructions that were added onto Intel x86 CPUs in 2011, though even now not all recent Intel CPUs support AVX.
Apparently, although qt5 will compile-in support for these instructions, it will detect support in the CPU at run-time, and fallback if AVX not supported.
Back in OE Pyro-series, I compiled Qt5 and Scribus 1.5.x in OpenEmbedded. Now on the OE Dunfell-series, no such luck.
OE has a 'meta-qt5' layer, which is supposed to be compatible with the Dunfell release, however compile fails. The error message looks like it might be related to the gcc version. My guess is that the meta-qt5 developers are focussed on OE releases after Dunfell and have neglected the Dunfell release.
OE does have a 'meta-qt4' layer, and that has recently had commits to make it compatible with the Dunfell release. It just needed a couple of little patches, and it compiled.
Rui Ueyama, author compositor LLVM lld and compiler chibicc , introduced the first stable release of the new high-linker the Mold , well ahead of the binding rate of object files linkers GNU gold and LLVM lld. The project is considered ready for production deployments and can be used as a faster transparent replacement for GNU linker on Linux systems. The plans for the next significant release include bringing support for the macOS platform to readiness, after which work will begin to adapt Mold for Windows.
Mold is written in C ++ (C ++ 20) and is distributed under the AGPLv3 license, which is compatible with GPLv3, but not compatible with GPLv2, since it requires opening changes when developing network services. This choice is explained by the desire to receive funding for the development – the author is ready to sell the rights to the code for relicensing under a permissive license such as MIT, or to provide a separate commercial license for those who are not satisfied with the AGPL.
I am a lambdacamel and therefore I like to adapt concepts and techniques from functional programming, and in particular from the Haskell language, to Raku. One of the techniques that I use a lot is generic traversals, also known as “Scrap Your Boilerplate” after the title of the paper by Simon Peyton Jones and Ralf Lämmel that introduced this approach.
Last week, the following e-mail was sent to all members of the Rust project (including all working groups) to follow up on the moderation issue. The footnotes have been added to provide additional context to the wider Rust community, and were not part of the original e-mail.
The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most severe vulnerability ever, and it does look like it’s at least in the running. The bug was first discovered by security professionals at Alibaba, who notified Apache of the flaw on November 24th. Cloudflare has pulled their data, and found evidence of the vulnerability in the wild as early as December 1st. These early examples are very sparse and extremely targeted, enough to make me wonder if this wasn’t researchers who were part of the initial disclosure doing further research on the problem. Regardless, on December 9th, a Twitter user tweeted the details of the vulnerability, and security hell broke loose. Nine minutes after the tweet, Cloudflare saw attempted exploit again, and within eight hours, they were dealing with 20,000 exploit attempts per minute.
That’s the timeline, but what’s going on with the exploit, and why is it so bad? First, the vulnerable package is Log4j, a logging library for Java. It allows processes to get log messages where they need to go, but with a bunch of bells and whistles included. One of those features is support for JNDI, a known security problem in Java. A JNDI request can lead to a deserialization attack, where an incoming data stream is maliciously malformed, misbehaving when it is expanded back into an object. It wasn’t intended for those JNDI lookups to be performed across the Internet, but there wasn’t an explicit check for this behavior, so here we are.
Easterly adds that “this effort also underscores the urgency of building software securely from the start and more widespread use of Software Bill of Materials (SBOM)” as directed by President Biden earlier this year. An SBOM, Easterly says, “would provide end users with the transparency they require to know if their products rely on vulnerable software libraries.”
CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability, directing federal civilian executive branch (FCEB) agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228.
Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations review ED 22-02 for mitigation guidance. For additional details, see CISA’s webpage Apache Log4j Vulnerability Guidance.
More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted by the recently disclosed log4j vulnerabilities (1, 2), with widespread fallout across the software industry. The vulnerabilities allow an attacker to perform remote code execution by exploiting the insecure JNDI lookups feature exposed by the logging library log4j. This exploitable feature was enabled by default in many versions of the library.
This vulnerability has captivated the information security ecosystem since its disclosure on December 9th because of both its severity and widespread impact. As a popular logging tool, log4j is used by tens of thousands of software packages (known as artifacts in the Java ecosystem) and projects across the software industry. User’s lack of visibility into their dependencies and transitive dependencies has made patching difficult; it has also made it difficult to determine the full blast radius of this vulnerability. Using Open Source Insights, a project to help understand open source dependencies, we surveyed all versions of all artifacts in the Maven Central Repository to determine the scope of the issue in the open source ecosystem of JVM based languages, and to track the ongoing efforts to mitigate the affected packages.
The Google Security Blog looks into the ripple effects of the Log4j vulnerability.
Everyone is asking us if GIMP is vulnerable to the recent log4j vulnerabilities (also dubbed “log4shell” in the media, in particular regarding to the CVE-2021-44228 zero-day vulnerability).
As an official statement: no, GIMP is not vulnerable to log4shell!
We do not use log4j and there is not even any Java code in GIMP. So enjoy GIMP and feel safe while creating more wonderful artworks!
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.
NASA has revealed that Ingenuity – the experimental helicopter sent to Mars with the Perseverance Rover – has clocked up a whole half-hour of flight in the Red Planet's meanly thin atmosphere.
The 'copter passed the thirty-minute mark during its 17th flight, on December 5, which sets a new record for the space agency.
But NASA was unsure of the craft's status because of what the US agency has described as "an unexpected cutoff to the in-flight data stream as the helicopter descended toward the surface at the conclusion of its flight."
At this point of the story we need to share this old tweet from the Apache Software Foundation.
A critical exploit in widespread Java library has been found, disrupting much of the internet as server admins scramble to fix it. The vulnerable component, log4j, is used everywhere as an included library, so you will need to check your servers and make sure they’re updated.
[...]
The exploit was quickly patched in log4j‘s latest release, 2.16.0, but the problem isn’t fixing it—it’s finding out where you need to. Since log4j is an embedded dependency, it may be non-trivial to search for the specific version of it on your system. And, since Java is so popular, many third-party tools and components may use it, so you may not even know if you are running Java software on your machines.
Even if you think you aren’t vulnerable, you probably still need to double check. This exploit affects so many systems that there is a solid chance you may be running log4j or Java without realizing it.
Luckily, JDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the primary attack vector (using LDAP) that’s being exploited the most right now. You still need to patch it regardless, since it can easily be used with other attack vectors as well. Also, just the simple act of making a request to an endpoint can reveal data about machines on your network, which isn’t a good thing either.
This exploit highlights why it is important to keep a Software Bill of Materials (SBOM), basically a list of all the software on your systems, where it comes from, and what it’s made from. In the future, this knowledge can help you quickly patch against attacks like this.
In the present, you are probably just concerned about getting your network patched. To do that, you’ll need to scan your systems to find log4j versions used by your software, and make a list of all the vulnerable components.
Throughout 2021, Tedium has covered a variety of stories with all sorts of weird angles. Like your crankiest uncle, I’ve fired off numerous “letters to the editor” (emails to Ernie) after reading a Tedium article and thinking there was something left out.
[Perinski]’s design for a mechanical flux dispenser uses some common hardware and a few 3D printed parts to create a syringe with fine control over just how much of the thick stuff gets deposited. The design is slick, and there’s a full parts list to accompany the printed pieces. [Perinski] even has some useful tips on how to most effectively get flux into 5 mL syringes without making a mess, which is a welcome bit of advice.
Despite the fact that we’re rapidly approaching the year 2022, there are still an incredible number of gadgets out there that you’re expected to power with disposable batteries. Sure you can buy rechargeable stand-ins that come in the various shapes and sizes of the traditional alkaline cells, but that’s a stopgap at best. For some, if a new gadget doesn’t feature an internal Li-ion battery and standardized USB charging, it’s a non-starter.
[Danilo Larizza] is one of those people. Bothered by the fact that his Oregon Scientific weather station required a pair of CR2032 coin cells, he set out to replace them with an integrated rechargeable solution. The conversion ending up being easier to implement than he initially expected, and by his calculations, his solution should keep the unit up and running for nearly 40 days before needing to be topped off with a standard USB charger.
The Gluggle Jug is an aptly-named thing – it’s a jug that makes loud, satisfying glugging noises when poured. But how does it work? [Steve Mould] set out to investigate.
[Steve]’s first plan was to cut apart an existing Gluggle Jug to see how it worked, but cutting ceramics can be difficult and time-consuming, and the asymmetric design only made things harder. Instead, he simply smashed a jug to see what it looked like inside, and replicated the basic design in a transparent laser-cut version.
The design is simple – the glug sounds are from bubbles passing into a closed cavity within the jug as the water is poured out. Stop pouring, and air from that cavity then escapes back through the open mouth of the jug via more bubbles, making an even louder glugging sound. The frequency of the sound is determined by the height of the jug, which is essentially acting as a closed-pipe resonator.
Coinbase, the company supporting the eponymous digital currency exchange platform, announced the opening of the source texts of the cryptographic library Kryptology , which offers a set of cryptographic algorithms for use in distributed systems in which encryption and authentication is carried out with the involvement of several participants. The code is written in the Go language and is distributed under the Apache 2.0 license.
The Linux OS has built itself a reputation for being a haven for internet privacy enthusiasts, and for good reason. The freedoms offered by Linux to their users is unmatched by other popular OS systems such as Windows and ChromeOS, but how does it stack up in the department of software security? Is Linux more secure from malware and hackers than the mega corporate alternative that is Windows?
We are proud to announce the release of it-depends, an open-source tool for automatic enumeration of dependencies. You simply point it to a source code repository, and it will build a graph with the required dependencies. it-depends currently supports cargo, npm, pip, go, CMake, and autotools codebases, packages in their associated package managers, and Ubuntu apt.
The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement to make the management of seccomp, SELinux and AppArmor profiles easier and more convenient. We're happy to announce that we recently released v0.4.0 of the operator, which contains a ton of new features, fixes and usability improvements.
Apple evidently has decided against forcing customers to run its sex crime detection software on their iPhones in order to refer those stashing illegal child abuse images in iCloud to authorities.
We say "evidently" because the iTitan has simply erased the explanatory text it posted in August that describes its non-consensual image vetting system and has not responded to a request to clarify its plans.
That month, Apple announced its intention to implement Child Sex Abuse Material (CSAM) Detection [PDF], one of two initiatives that it detailed on its Child Safety webpage. The other, a parental control for its Message app to "warn children and their parents when receiving or sending sexually explicit photos," debuted in iOS 15.2, which was released on Monday.
British Mensa Limited has paid former CTO Eugene Hopkinson defamation damages and costs settling his claims of libel, malicious falsehood, and breach of his rights under the UK GDPR relating to a series of statements it made on the subject of a January 2021 cyber-attack and a data leak at the org.
In February, the club for people with a high intelligence quotient launched an investigation following a brute force attack on 20 January. There were two separate incidents in which "limited personal data of a few members and officers" was briefly exposed in the website's forum.
In the last few years I started to use Telegram as my main messenger, beside good old SMS/e-mail.
I never used WhatsApp as I try to stay away from the Facebook/Meta/… ecosystem.
Telegram seemed like a good choice as a lot of people I know are there and we e.g. mirror our KDE channels often to Telegram for better outreach, too. And all old messengers like ICQ more or less were abandoned by everybody I know including myself ;=)
Unfortunately, during the current pandemic, I met more and more people that went down into the rabbit hole thanks to totally uncontrolled Telegram groups.
Yes, you can say: this is free speech.
It is.
But on the other side, I think it can’t really be tolerated that people start to live in some parallel universe that completely ignores any science/laws/facts of the real world.
Nearly 30 years ago, my mother was one of the hundreds of thousands of people who attended the 1992 March for Women’s Lives in Washington, D.C. It was a pivotal moment for abortion rights at the Supreme Court, which was about to hear arguments in the case Planned Parenthood v. Casey. Though she left me at home, the words on her sign — “Every child a wanted child” — made an impression. So did the fact that the buses to Washington were chartered by our synagogue. When she returned, I wore the neon pink “Choice” hat she’d bought to my classroom at Jewish day school and began to spread the word.
That anecdote is not unique in the Jewish American experience: For many Jews, abortion rights are an ethical value, passed on from parent to child, with community support. The latest Pew Religious Landscape Study, from 2014, found that 83 percent of Jews surveyed supported legal abortion in most or all cases, more than any other religious group surveyed.
A firm commitment to abortion rights isn’t just one of the socially liberal stances that progressive American Jews take. It’s also a belief rooted in our sacred texts, which — despite differing interpretations across time and denominations — consistently prioritize the ultimate well-being of the pregnant person over that of the fetus.
