So many of us have asked this same question over and over. We sit and wonder, “Why is Linux still in the single-digit market share on the desktop?” Most often, the answer is a shrug and the hope that maybe this time next year we’ll finally break into double digits.
In the meantime, the faithful in the Linux community are always trying to figure out the thing that Linux needs to get over the hump. Lately, I’ve been giving this question some extra cycles in the ol’ gray matter and have come up with five ideas, none of which actually have to do with software. You see, I believe Linux has matured to the point it could easily overtake Windows as the desktop of choice for the masses. It’s that easy to use. And given that the majority of users have reached the point where nearly all of what they do is within a browser, it should be a no-brainer.
Wading into the fad for vintage desktop aesthetics (Windows, MacOS Classic) comes Hot Dog Linux. It stands for "Horrible Obsolete Typeface and Dreadful Onscreen Graphics" and isn't taking prisoners. Check out the Atari GEM theme! Jesus christ.
Linux-Libre is a variation of the Linux kernel that aims to only provide a free and open source implementation of hardware drivers. It is currently maintained by the Free Software Foundation of Latin America. As such, the Linux distributions that use it also promote the use of Free and Open Source software (FOSS).
Good day, everyone
Welcome back to the second episode of the "Meet Our Contributors" blog post series for APAC.
This post will feature four outstanding contributors from the Australia and New Zealand regions, who have played diverse leadership and community roles in the Upstream Kubernetes project.
So, without further ado, let's get straight to the blog.
In the 21st episode of Enterprise Linux Security, Jay and Joao discuss the recent "Dirty Pipe" vulnerability, as well as Nvidia's recent breach.
I'm announcing the release of the 5.16.15 kernel.
All users of the 5.16 kernel series must upgrade.
The updated 5.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
thanks,
greg k-h
Kodi 19.4 Matrix is officially out and now available for download on all the supported devices such as Amazon Fire Stick, FireStick 4K, Fire TV Cube, Windows PC, Mac, Android, iOS, and Linux.
With various enhancements and bug fixes, 19.4 is expected to offer a better experience than the previous iterations of the Kodi 19 Matrix. However, do not expect any dramatic changes in the way you use Kodi. The previous version, Kodi 19.3, was released in 2021.
In this tutorial, we will show you how to install Fragments on Ubuntu 20.04 LTS. For those of you who didn’t know, KTorrent is a BitTorrent application by KDE which allows you to download files using the BitTorrent protocol. While offering a simple user interface, there are a lot of options that include plugins support, magnet link support, custom groups, and so on.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the KTorrent BitTorrent client on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Looking for the last, best system monitor you could ever imagine for the Linux desktop? Jack Wallen is certain he's found that tool in System Monitoring Center.
Linux has no shortage of monitoring tools. Toss a rock at a Linux desktop and you’ll probably hit a handful of monitors. That doesn’t mean, however, that every one of those monitors is worth your time. But every so often a monitoring tool comes along that does something different or packages the monitoring of services and performance in such a way that makes you realize how important these tools are.
Up until now, the only way to define a policy in Kubewarden was to use a ClusterAdmissionPolicy which is applied to cluster-wide resources across all namespaces.
That’s why we’re thrilled to announce the new AdmissionPolicy resource. This new resource is created inside a namespace and the policies will process only the requests that are targeting the namespace where the AdmissionPolicy is defined. Except from being a “namespaced” resource, AdmissionPolicy works exactly the same as the ClusterAdmissionPolicy.
A few days ago, I reviewed a USB 3.0 to 2.5 Gbps Ethernet adapter based on Realtek RTL8156B chip in Ubuntu 20.04, and let’s say the reliability and performance were underwhelming. I got some recommendations like changing cables, the MTU size, etc…
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
SSH applications are based on a client–server architecture, connecting an SSH client instance with an SSH server. SSH operates as a layered protocol suite comprising three principal hierarchical components: the transport layer provides server authentication, confidentiality, and integrity; the user authentication protocol validates the user to the server; and the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels.
SSH was designed on Unix-like operating systems, as a replacement for Telnet and for unsecured remote Unix shell protocols, such as the Berkeley Remote Shell (rsh) and the related rlogin and rexec protocols, which all use insecure, plaintext transmission of authentication tokens.
A file is a data storage resource in a computer that is mainly recognized by its filename. Sometimes we need the scattered data of two or more than two files in one place in an organized way. There are many commands available in Linux to combine the multiple file data in one file, but this Article is all about combining data of two files in one using the “cat’ command on Ubuntu 20.04(Linux Operating System).
As the name suggests, The “cat” command is abbreviated as “concatenate” that is used to combine the data. We can use the cat command to create single or multiple files, view their contents, merge files, and show output to a terminal screen or redirect it to files. In this article, the cat command will be used to merge data from two files into one file in an organized manner.
A network comprises different types of traffic, including legitimate and malicious traffic. A network can also have various types of issues. To handle the network traffic-related issues, we can use the tcpdump command.
The tcpdump tool can capture traffic from various protocols, such as TCP, UDP, ARP, and ICMP. It can help us monitor, capture, and analyze network traffic. It can help us filter the traffic, which helps to speed up the traffic analysis.
Passbolt is a free and open-source password manager based on PHP, MySQL, and OpenPGP. It is a self-hosted application server, you can install it on your server. Passbolt is primarily designed for teams, but you can also use it as a personal password manager.
Passbolt is built on OpenPGP and has an extensible API. On the client-side, you can use the Passbolt browser extension, which builds on OpenPGP.js for encryption functionality. On the server-side, Passbolt uses the GnuPG PHP extension and openpgp-php to perform key validation and user authentication. Passbolt uses the GPGAuth protocol for user authentication.
In this guide, we will learn what is fstab in Linux, and what is the usage of fstab file, the structure of /etc/fstab file and finally how to debug fstab issues. At the end, we will also discuss a brief introduction to mtab file, its usage and how mtab differs from fstab.
Have you ever encountered a problem in a YAML, Python or any other files that emphasizes indentation?
And later, you realized that everything in the file was correct, except for the indentation and saw that there was a line indented with 3 spaces instead of 4 spaces?
That happens often. Most IDEs let you view the special characters and identify the end of line, spaces and tabs. Vim is not behind any other IDE. It can also show you those hidden characters.
Grep stands for (Global Regular Expression Print) is a Linux command-line utility to perform essential regular expression in the file.
Finding strings and patterns from the file and streaming the output type of operation can be performed using the grep command.
Grep can be piped with other commands. For example, you can pipe cat and grep together to search strings from files and display them on the screen.
SuluCMS is a free, open-source, powerful and reliable content management system (CMS). It is based on Symfony and PHP and it uses MariaDB/MySQL as its backend database. Individuals and businesses can use this CMS to build dynamic websites according to their needs. It also comes with a Web Panel and many features like API, SEO Integration etc.
After writing about Linux cursor theme Phinger a few folks asked if I had a guide on how to change cursor theme in Ubuntu.
I didn’t, so I figured I’d write one.
So this is a quick tutorial that shows you how to change cursor theme on Ubuntu 20.04 LTS (and above) and how to install cursor themes available to download from sites like GNOME Look and Github.
Then, to help you put all of the information to good use, I list a couple of third-party cursor sets I think look dope on the ‘buntu desktop — but feel free to ignore these and use something else!
In the old days, you had a computer and it did one thing at a time. Literally. You would load your cards or punch tape or whatever and push a button. The computer would read your program, execute it, and spit out the results. Then it would go back to sleep until you fed it some more input.
The problem is computers — especially then — were expensive. And for a typical program, the computer is spending a lot of time waiting for things like the next punched card to show up or the magnetic tape to get to the right position. In those cases, the computer was figuratively tapping its foot waiting for the next event.
Someone smart realized that the computer could be working on something else while it was waiting, so you should feed more than one program in at a time. When program A is waiting for some I/O operation, program B could make some progress. Of course, if program A didn’t do any I/O then program B starved, so we invented preemptive multitasking. In that scheme, program A runs until it can’t run anymore or until a preset time limit occurs, whichever comes first. If time expires, the program is forced to sleep a bit so program B (and other programs) get their turn. This is how virtually all modern computers outside of tiny embedded systems work.
So last week we mentioned that Stadia was going to introduce a solution to run Windows games unmodified on Linux, and not using Proton as Google was apparently building their own thing.
Godot 3.4.3 was released less than 3 weeks ago, but a few significant regressions were found in that release, so we're fast-tracking the release of Godot 3.4.4 to solve those.
This Release Candidate adds a handful of fixes, including several regression fixes. Please make sure to test it on your projects and to report any issue, so that we can release 3.4.4 stable in the coming days.
Love your casual games? Lazy Galaxy 2 from Coldwild Games is out now with a Linux version and it's a wonderful idle / clicker game that also blends in some other strategy elements too.
"Lazy Galaxy is an idle/clicker game with base-building and RTS elements. Lead an evil (albeit lazy) alien race to conquer the universe! Expand your base, fight vicious foes, and conquer the galaxies. Acquire combat experience and convert into candy, the most precious alien resource!"
Stormworks: Build and Rescue is a popular sim where you design, create and pilot your own air sea rescue service and now it should work a lot better on Steam Deck and gamepads in general.
"Stormworks: Build and Rescue is a rich and dramatic physics playground. Take your custom-designed, block-based and programmable vehicles into fierce oceanic storms. Plan and execute thrilling rescues in a variety of challenging crisis scenarios. Export and share your meticulously designed vehicles and missions with other players via the Steam workshop."
With gameplay that's a fun mix of Stardew Valley, Minecraft and survival games it seems Core Keeper has become an instant hit on Steam.
In only a single week, the developer has announced that 250,000 copies have been sold which shows that if you have the right idea there's plenty of room for indie games to push through the noise of hundreds of games releasing on Steam each month. Core Keeper seemed to come out of nowhere too, with not a whole lot said about it before release so they didn't even have a big marketing push either.
MacGuffin's Curse from developer Brawsome originally released in 2012 and it just got a nice HD upgrade, along with a newly released Linux version.
A werewolf comedy puzzle adventure where players sneak and smash their way through sokoban-inspired puzzling rooms, meeting a cast of quirky quest-givers along the way. It was winner of Best Game Writing at Freeplay 2011, and was selected to be in the PAX10 at the inaugural PAX Australia.
The third major expansion X4: Tides of Avarice and another big free update are available now for space sim X4: Foundations. Egosoft continuing showing their commitment to their fans, and for lovers of open-world space sims everywhere.
It's an absolutely huge upgrade too, probably worth jumping back in if you bounced off it at warp speed at any time in the past. Some of what's new includes scrap recycling, AMD FSR support, new achievements, a personal office, new capital ship designs, special NPCs that offer new mission chains, new equipment mods, an expanded Encyclopedia, new voices and the list goes on. There's even more when you look at the DLC that brings in new factions, new areas to explore and much more.
After the project reorganized its version numbering, GNOME 42 consolidates the ongoing modernization effort. Bear in mind, we're describing the release candidate, so some of the details might change before it comes out.
The Reg looked at GNOME 40 about a year ago. That was a major release, and one of the big changes was new human-interface guidelines. That continued in GNOME 41 and the process is not finished yet.
The big new thing remains Gtk4, the underlying programming toolkit used to implement GNOME and all GNOME apps. Gtk4 includes a new library called libadwaita, which governs the appearance of GNOME apps. You might remember the name "Adwaita" from what used to be the default theme in earlier versions of GNOME. The word means "the only one" in Sanskrit and, in part, libadwaita is the outcome of a long-running argument about theme in the Gtk ecosystem.
One of the triggers was when the developer of a popular icon theme made a position statement that he did not provide icons for third-party applications, because he respected their own branding.
This led to a request from a group of GNOME developers asking downstream integrators to stop themeing their apps.
There’s a good NetSpeed indicator that shows the current download & upload speed in Ubuntu panel. For those would like a floating desktop widget, a new extension is available for GNOME 40.
The new ‘Screen Net Speed‘ extension adds an animated widget to your screen displays current download & upload speed. By clicking on it will toggle display its position (so far only bottom left or bottom right).
The widget is always on top. And, it automatically rises (move up) when network speed increase and sets (move down) when speed slow down. As well, a paper plane icon is present in panel to toggle display the widget.
Arch Linux is a popular option for Linux users who want more control over their operating system.
While many experienced users customize the Arch Linux experience to provide some of the best user experiences (in terms of its UI), it could be challenging for new Linux users.
If you are not aware of the specifics about Arch Linux, you might want to read out Ubuntu vs Arch Linux comparison article.
However, some Arch-based distros aim to offer a more accessible experience without taking the control away.
We are happy to announce that The NetBSD Fundation is a mentoring organization at Google Summer of Code 2022!
Would you like to contribute to NetBSD or pkgsrc during the summer? Please give a look to NetBSD wiki Google Summer of Code page with possible ideas list and/or please join #NetBSD-code IRC channel on libera or get in touch with us via mailing lists to propose new projects!
Powered by the famous open-source multimedia framework FFmpeg and the Qt application framework, the Shotcut video editor lets you edit a wide range of video formats up to 4K resolutions and HDR, many audio formats up to 5.1 surround, as well as several popular image formats including WebP, SVG, TIFF, BMP, GIF, and others.
Some of Shotcut’s major features include frame-accurate seeking of many of the supported video formats, multi-format timeline to make it easier to mix and match resolutions and frame-rates within a project, built-in audio and video filters, audio mixing across all tracks, pitch compensation for video speed changes, deinterlacing, color correction and grading, and batch encoding with job control.
Many view the automotive industry’s objectives as a challenging dichotomy. The industry aims to advance the concept of the software-defined vehicle by providing the latest advancements in computing technology to enable functional and safety features, while at the same time holding these features to strict ISO standards that govern the functional safety of electronic systems within road vehicles.
These opposing aims slow the development process, and limit industry access to established insiders. Open source and, in particular, automotive Linux have a potential to fulfill both of these general requirements in ways that traditional proprietary systems have not managed. Several trends are emerging in 2022 to address these challenges.
Cloud-native architectures and containers can increase efficiency, performance, and agility for telecommunications service providers as they continue to find ways to compete in the market. Developers, architects, and others involved in the software development process can consider a shift-on-stack deployment model with vhostuser to integrate cloud-native network functions (CNFs).
In network functions virtualization (NFV) deployments, OpenShift can be deployed on top of OpenStack, but the deployment only supports exposing SR-IOV Virtual Functions to the CNF running on the OpenShift worker node (VM running on OpenStack).
Don’t panic too much; Ubuntu’s new logo still uses the orange and white colour scheme we’re all familiar with. But the iconic Circle of Friends (CoF) motif? Well that is different, sporting a tighter and more unified look than in its earlier iterations.
Perhaps most strikingly of all is that the CoF no longer sits inside a circle (’roundel’ in design speak) but is now housed at the bottom of a solid orange rectangle...
We’re approaching the Ubuntu 22.04 LTS release and it’s that time of the cycle when everyone is watching for the first glimpse of the official mascot artwork. This release, however, also has another visual treat in store. Because this time, Ubuntu’s logo – the Circle of Friends – gets an upgrade too!
I was an MA student at an art college, after having been an arts/humanities BA undergrad student a few years prior to that (and following a few subsequent years working my first post-college job and some time spent backpacking around the world as well). I was studying an arts/technology course, as I had an obsession with all things 'media' and communications theory at the time (this broadly encompassing everything from natural language, linguistics and grammar, philosophy of language, and an extension here into other aspects of arts/media practice - détournement, painting, audio-visual, etc.) At my college, in the departments where I was taking courses and hopefully beyond this as well, the flavour of OS used by staff was Linux - most often Ubuntu or other popular forms of the Linux OS. This was largely so because of the politics of free software that were aligned to by teachers at the college, as well as the complimentary nature of the *nix system with the technical skillset that formed many parts of their studies and discipline; computing, software studies, etc. This was largely my first exposure to free software and the command line, and the RasPi was the first linux-based device that I found in my possession. We had been running some RasPi's in class for some collaborative local-access projects between a group of us, and I decided to purchase one for some experiments at home. These were really my first steps into a different relationship with software towards a creative hands-on approach through free software, server configuration (and onwards into some sysadmin, programming, git, gopher, gemini.. etc). For me, it really all began with the Pi.
If you’re a regular around here, you might have noticed the new “For Home” option in our navigation bar up at the top of the page. But before you click it, wait a moment. We want to bend your ear about what we’re up to, and we want to pick your brains about what you think we should get up to.
Wind River’s experience with Linux and open source over the past nearly two decades across mission-critical industries is well-known throughout the industry. In fact, according to VDC Research, Wind River is ranked as the market leader in commercial embedded Linux global revenues.
We are excited to announce Librem SIMple: an affordable cellular plan that protects your privacy.
When we announced Librem AweSIM our goal was simple: provide a cellular service that protected your privacy. Cellular providers in the US are creating unified customer identifiers so they can “identify users across multiple devices and serve them relevant advertising.” With Librem AweSIM only we know the link between a phone number and a customer’s personal information.
In order to be able to interface IR sensor with Arduino, it is necessary to understand what IR sensor actually is. IR stands for the infrared region. Sensors capable of working with that region of light are IR sensors. IR technology is widely used in industries and our daily life. For example in the TV remote, IR technology is used for the communication between the TV and it’s remote allowing the user to have a level of comfort by controlling the TV from a fair amount of distance rather than manual labour. Since the IR sensor uses low power that makes them user-friendly and uses widely.
In the electromagnetic spectrum, IR radiations lie in the visible and microwave region. The range of these waves is between 0.7 micrometers and 100 micrometers. IR spectrum can divide into three regions namely near-infrared, mid and far-infrared region. The range of near-infrared is between 0.7 and 3 micrometers. From 3 micrometer to 6 micrometer lies mid-infrared region and higher than 6 micrometer is a far-infrared region.
Waveshare’s $25 “CM4-Duino” carrier for the Raspberry Pi CM4 has an Arduino Uno form factor and GPIO plus USB 2.0, HDMI, MIPI-CSI, and an M.2 M-key slot for a wireless module or NVMe storage.
Waveshare has launched a compact, Arduino-compatible carrier board for the Raspberry Pi Compute Module 4 that sells for only $25. The CM4-Duino has a 73.58 Ãâ 53.34mm, Arduino Duo R3 like form factor and Arduino GPIO header that is said to support most Arduino shields.
RISC-V IP leader SiFive announced it has raised $175 million in Series F financing from Coatue, which values the company at over $2.5 billion. Earlier this week, SiFive sold its OpenFive SoC design business to AlphaWave for $210 million.
SiFive announced a Series F round of $175 million led by Coatue Management, adding to previous rounds for a total of over $350 million raised since the company’s founding in 2016. The RISC-V core IP developer is now valued at $2.5 billion, a half billion more than the valuation last year when Intel attempted but then abandoned an acquisition of the company. Earlier this week, Canadian semiconductor IP designer Alphawave announced that it had acquired SiFive’s OpenFive RISC-V SoC design business for $210 million (see farther below).
Leaving “big tech” ecosystems on the desktop is fairly easy with a Linux laptop or a manual Linux install. Smartphones, though, seem strictly the domain of Apple and Google. Do any Linux-based smartphones exist? Let’s take a look at this mostly nascent smartphone genre.
First, let’s make a technical caveat. Both iPhones and Android phones are, in a way, Linux phones, or at least related to Linux. Google built its Android operating system on top of AOSP, which is an open-source project based on the Linux kernel—the foundation of all Linux distributions. AOSP’s code is free and available for anyone to modify and use for their own purposes. The version of Android you use on your phone, however, is closed-source. That means the modifications Google has made are proprietary and not publically available.
There is a new Android build of Lagrange that is based on the desktop v1.11 release.
While most of v1.10 was focused on the mobile variant, this release is very much centered on the desktop. The split view mode that was added back in v1.4 is now finally expanded to also support creation of additional windows. There is also a bunch of smaller features for a better user experience.
To me these proposals feel like Web technology. They are (relatively) complex technical solutions that are difficult to apply universally to everyone, and require (relatively) costly commitment from both gemlog authors and readers.
Gemlogs are not meant for interaction, per se. It's a bit like having a discussion with someone by publishing open letters in a newspaper. It's a many-to-many, open ended forum.
Gemlog discussions have a certain stress-free nature. You can just make a post and not worry about any replies, or deal with them at your leisure after a week or a month. It's a slow, disengaged form of communication, amendable to an intermittently-offline way of life.
Should we try to build a two-way communication channel out of gemlogs? I'm leaning on "no": it adds complexity for everyone, and it's better to converse over existing channels that are actually designed for such interaction.
I’m jumping directly to Offpunk 0.9 as a release candidate of Offpunk 1.0, which should be released next week.
While there are many improvements that could be made, I believe Offpunk has reached some maturity with mainly bug fixes and small improvements since the 0.4 release.
One of those improvements is that Offpunk will now avoid fetching http content above 20Mo if that content was not explicitely requested. This configurable download limit is impossible to implement with Gemini as there is no "content-lenght" information but Gemini content is recommended to be under 100Mo.
Mozilla Firefox has been one of the most popular browsers for a long time, especially for Linux users. People choose Mozilla over other popular browsers primarily for its speed, security, and other benefits. Eventually, it is the default browser for most modern Linux distributions. So, the developers of this browser always keep it updated so that users don’t have to face any issues regarding speed. Still, many of us need to speed up the Firefox browser on Linux. And today, I will share some of the most effective ways for that.
Many times, you have faced different problems that can slow down Firefox. The performance issue is one of the most common problems we often face. However, we have learned about some quick solutions to speed up the browser on the Linux system.
The new Board of Directors of The Document Foundation has just started the two year term on February 18, 2022. Full members are: Thorsten Behrens, Paolo Vecchi, Jan ‘Kendy’ Holešovský, Emiliano Vavassori, Caolán McNamara, Cor Nouws and László Németh. Deputies are: Gábor Kelemen, Ayhan Yalçñnsoy and Gabriel Masei.
Four people have been elected for the first time to the Board of Directors: László Németh and Gábor Kelemen from Hungary; Ayhan Yalçñnsoy from Turkey; and Gabriel Masei from Romania.
Go 1.18 is now generally available as a production release, with the much-anticipated generics features.
Go is an open-source programming language aimed at being simple, reliable, and efficient. It was originally designed at Google in 2007. What made Go popular is the fact that it is a general-purpose language directed at creating backends.
Go 1.18 arrives seven months after Go 1.17. It’s a big update, with improvements to the language, toolchain implementation, runtime, and libraries.
Go 1.18, which is available for download from go.dev as of March 15, adds support for generic code utilizing parameterized types. Generics have been dubbed the most significant enhancement to the Go programming language since its 2012 introduction. It was also Go programmers’ most-requested feature.
For DTail 4, logging has been completely rewritten. The new package name is "internal/io/dlog". I rewrote the logging because DTail is a special case here: There are logs processed by DTail, there are logs produced by the DTail server itself, there are logs produced by a DTail client itself, there are logs only logged by a DTail client, there are logs only logged by the DTail server, and there are logs logged by both, server and client. There are also different logging levels and outputs involved.
As you can imagine, it becomes fairly complex. There is no ready Go off-shelf logging library which suits my needs and the logging code in DTail 3 was just one big source code file with global variables and it wasn't sustainable to maintain anymore. So why not rewrite it for profit and fun?
My first goes at making a UI were in database packages like dBase. You could make menus, dialogs and other clickable things on an 80 by 25 text-only DOS screen. It seemed like a magical way to make software features discoverable and fun. Ooh, look, my popup has a drop shadow!
Everyone knows that an application exit code should change based on the success, error or maybe warnings that happened during execution.
[...]
the situation was a little bit more complicated, some functions in other modules also exited the application, so sys.exit() calls were distributed in lots of modules an files.
Exiting the application in some random function of another module is something i dont consider nice coding style, because it makes it hard to track down errors.
In Java, as I discussed in a previous article on Red Hat Developer, every array access is guarded by a range check, a test that guards references to array elements and protects the program from out-of-bound accesses by throwing an ArrayIndexOutOfBoundsException. In this article, you'll see how HotSpot, OpenJDK's Java Virtual Machine, can improve application performance by cleverly transforming code to eliminate the need for range checks.
Note: This article uses interval notation, which consists of parentheses and brackets, to describe ranges. If you're unfamiliar with it, check out the table on interval notation in this document.
Recently, I caught an episode of a show that’s been on the air seemingly forever, but is clearly on its last legs—The Goldbergs, a show about a Philadelphia-area family in 1980-something that’s overloaded with random pop culture references. One of the main stars of the show, comedian Jeff Garlin, left in a fairly dramatic way in the middle of the season, the result of HR complaints he received while on the show. Given that he’s the patriarch of the family, it’s the kind of character that would certainly be missed in any traditional family sitcom. And how did The Goldbergs handle it? They ran old footage of him, found a body double, and superimposed CGI onto the body double’s face, of course. It went over as well as you would expect—mocked by Twitter, but only about a week and a half after the episode aired—which of course raised an important question for me: Is this the worst example of an Ed Wood-style body double in film or television history? It may or may not be, but today’s Tedium is all about Fake Shemps.
When I think about digital or computational cultures in some near-distant futures, I can't figure out what that could or *should* look like. Does the extension of digitality drive a more commonly widespread software/coding literacy in our society? If so, what does that achieve?
Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes them vulnerable to recovery.
Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild.
The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure and acquired by Rambus as part of its 2019 acquisition of Verimatrix, a Rambus representative said. That version was deprecated prior to the acquisition and is distinct from a FIPS-certified version that the company now sells under the Rambus FIPS Security Toolkit brand.
What sort of future are we working towards? I don't like where this is going. I guess we all believe in total war, now.
Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Apple security page and apply the necessary updates.
Security updates have been issued by Debian (openssl and python-scrapy), openSUSE (chrony, expat, java-1_8_0-openj9, libqt5-qtbase, openssl-1_0_0, php7, and rust, rust1.58, rust1.59), Oracle (389-ds:1.4, httpd:2.4, libarchive, libxml2, and vim), Red Hat (389-ds:1.4, glibc, httpd:2.4, kpatch-patch, libarchive, libxml2, vim, and virt:rhel and virt-devel:rhel), SUSE (chrony, compat-openssl098, expat, libqt5-qtbase, openssl, openssl-1_0_0, openssl-1_1, openssl1, php7, rust, rust1.58, rust1.59, and squid3), and Ubuntu (libreoffice, netkit-rsh, openssl, openssl, openssl1.0, tar, and tcpdump).
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits.
The B1txor botnet, which is spreading via the Log4Shell flaw, enables attackers to get shell access to Linux systems and install a rootkit.
Chinese security company 360Netlab discovered and named the bot in February and publicly disclosed it this week. It takes the form of a backdoor for Linux that uses DNS tunnelling for its command and control (C2) communications.
There are hundreds of thousands of Linux and Raspberry Pi devices connected to the internet right now, protected by nothing more than the default password.
In possession of these default passwords, cybercriminals are using numerous automated bots to scan for vulnerable devices. Once they find them, planting malware becomes relatively easy.
The 2021 Cellebrite IPO is the result of a broken public disclosure regime that actively ignores serious human rights violations around the world. The U.S. Congress must ensure the Securities and Exchange Commission (SEC) does its job properly so investors can evaluate the human rights impacts of their acquisitions and make sound decisions.
Last April, Cellebrite announced its intention to make an initial public offering. The company’s flagship product is the Universal Forensic Extraction Device (UFED), a powerful mobile data forensics tool that extracts and analyzes data stored on a phone or computer. While UFEDs can be used in the context of legitimate law enforcement investigations, Cellebrite also reportedly sells them to repressive regimes, which then employ the devices to expose journalists’ contacts, incriminate regime critics and human rights defenders, and prosecute pro-democracy protesters. As U.S. Representative Tom Malinowski put it, Cellebrite “has demonstrated a consistent disposition to sell first and ask questions later.”
Despite all of this, the Cellebrite IPO got the green light. The company won the endorsement of the SEC, got approval for its IPO plan, and is now listed on NASDAQ. So what went wrong — and how do we fix it?
What I mean is that, I think, there's a lot about the problems of global capitalism that are fundamentally about how relatively minor problems can become huge and world changing when scaled up to the level of entire nations or a global economy.
A small number of people owning cars isn't that big of a deal but when most of the industrialized world has built itself around car ownership, suddenly it's this huge system that is self-perpetuating. Cities sprawl around roads. Neighborhoods become unwalkable. Efficient trains take a back seat to personal transit or only slightly better busses. You need a car because the world assumes cars so more people buy cars. That's the kind of weird scaling I've been thinking about.
So I have a lot of sympathy for the concept of decentralized finance. The simplest way to summarize my politics is "anarchist" and people coming together to find ways to organize and exchange resources outside of a government issued currency, as supported by the private financial sector's special status for capitalist states, has a lot of appeal to me.
[...]
But what I worry is that this all comes down to the old adage that "you can't solve a social problem with a technical solution". The idea of a cryptocurrency is that it's a trustless system. I'm not sure if I see a point to trustless systems anymore because the hard part of creating an extra-governmental system that people can use is the community building. I was thinking about this, in part, because of the recent OpenSea "hack" where people lost a bunch of their assets and are now suing in order to get compensated for their losses. I say "hack" because, of course, if we take code-is-law seriously then everything that happened was completely legitimate. People agreed to smart contracts that meant they would be giving over all of their assets. If they didn't mean to do that, too bad for them, they should be more careful and thoughtful.
That sounds callous, right? I mean even if it's over a bunch of, let's be real, completely worthless pointers to jpgs on the internet it's cruel to act like tricking someone into an agreement they didn't intend to enter is their own fault.
But that's what "trustless" implies! The only way a system can truly be trustless is if there's no community accountability, no recourse, no way to actually handle conflict. But doing all of that? That's the actual hard work, the important work! That's the work that means we'd be capable of actually effectively organizing.
[...]
So, yes, I think I've reached a point where I'm feeling very pessmisstic about any attempt to actually build trustless systems and that's why I've lost my sympathy for cryptocurrency projects.
In this episode, Whitney is joined by Matthew Ehret to discuss how the Fabian Society and other groups developed a model for “penetrating” governments throughout the West and beyond long before the World Economic Forum’s Young Global Leaders program came into existence.
India has been responsible for more shutdowns each year than any other country. Why?
This week, Senators Ben Ray Luján (D-NM), Cynthia Lummis (R-WY), and Ron Wyden (D-OR) introduced the “Fair Repair Act” to protect consumers’ right to repair their own electronic products. The bill is the Senate companion to Rep. Mondaire Jones’s (D-NY) “Freedom to Repair Act.”
As consumer devices have increased in complexity, the inability to repair a device without using specialized tools or software has limited the right to repair. Device manufacturers have often restricted access to repair tools, forcing consumers to use the manufacturer’s overpriced official repair channels or purchase a newer device. The bill further secures the right to repair by helping consumers gain access to the tools they need to actually repair their devices – and on the same terms that device manufacturers offer their own authorized repair contractors.
Copyright is artificial scarcity.
That sucks. That comes at a huge cost. Articifical scarcity enables poverty.
