GNU/Linux

• LinuxTechLab ☛ Why is Linux perfect for DevOps – LinuxTechLab

  The Linux Operating System is versatile and can be used for many different tasks. One of its key benefits is that it is open-source, which means that anyone can contribute to its development. Linux and DevOps both have the same goal, which is scalability. Scalability lets you deliver software faster without requiring developers to sacrifice their code quality.

  This makes Linux perfect for DevOps, as it allows for a community of developers to collaborate on making the OS as efficient and effective as possible. Most importantly, you need a powerful, dependable internet connection to work the OS smoothly; Xtream Internet is the finest option for you in this regard. In this guide, we will explore some of how Linux is perfect for DevOps.

• Desktop/Laptop

  • 9to5Linux ☛ System76 Teases the Launch Lite Open-Source Configurable Keyboard, Coming July 14th

    As its name suggests, Launch Lite appears to be a light version of the Launch configurable keyboard that System76 launched more than a year ago. As System76 says, Launch Lite is like Launch, but Lite, offering everyone a comfortable, portable, and configurable keyboard for all their computing needs.

    Highlights of the Launch Lite keyboard include System76’s open source milled chassis design with detachable lift bar to adjust the keyboard’s angle by 15 degrees, System76’s open source PCB design with individually addressable RGB LED back-lighting and N-Key rollover, and ANSI US QWERTY layout.

• Audiocasts/Shows

  • Video ☛ 9 AMAZING COMMAND LINE TOOLS for Linux – Invidious

• Kernel Space

  • LWN ☛ Linux 5.18.11

    I'm announcing the release of the 5.18.11 kernel.
    
    All users of the 5.18 kernel series must upgrade.
    
    The updated 5.18.y git tree can be found at:
    	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.18.y
    and can be browsed at the normal kernel.org git web browser:
    
    https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
    
    thanks,
    
    greg k-h
    

  • LWN ☛ Linux 5.15.54

  • LWN ☛ Linux 5.10.130

  • LWN ☛ Linux 5.4.205

  • LWN ☛ Linux 4.19.252

  • LWN ☛ Linux 4.14.288

  • LWN ☛ Linux 4.9.323

• Instructionals/Technical

  • Video ☛ How to install Nitrux 2.2.1 – Invidious

    In this video, I am going to show how to install Nitrux 2.2.1

  • Vitux ☛ How to Install Gradle Build Automation Tool on Rocky Linux 8 – VITUX

    Gradle is a build automation tool with a focus on extensibility and performance. It can be used to perform tasks related to software compilation, deployment, testing, static analysis (e.g., linting), and more.

    Gradle is very easy to learn if you are new to automated builds or want an alternative solution for any of the above tasks that your current build system does not support well enough or is unable to do at all. Gradle has some advantages over other tools like Ant, Maven, SBT (Scala Build Tool), etc., especially when it comes down to customizability and performance of the generated output during the process of creating a final executable jar for example.

    A Gradle plugin is an add-in that extends the Gradle build with some new functionality. Gradle ships with a set of plugins that we can use in our builds right away without any extra configuration. For example, by default, we get tasks for our build and test execution, dependency management, code quality analysis (through the JaCoCo plugin), and so on. We can also add more plugins to enhance our builds further if needed.

  • dwaves.de ☛ GNU Linux bash – the ultimate (LTE) modem debugging one-liner – Destination Host Unreachable – solved

• Games

  • Boiling Steam ☛ Nobara, a Fedora Derivative, explained by Glorious Eggroll himself – Boiling Steam

    We had noticed a little while ago that Fedora is on the rise when it comes to distros used for Linux Gaming. It was then brought to our attention that Nobara is also a thing, as a derivative of Fedora.

  • Boiling Steam ☛ New Steam Games with Native Linux Clients – 2022-07-13 Edition – Boiling Steam

    Between 2022-07-06 and 2022-07-13 there were 18 New Steam games released with Native Linux clients. For reference, during the same time, there were 230 games released for Windows on Steam, so the Linux versions represent about 7.8 % of total released titles.

• Desktop Environments/WMs

  • GNOME Desktop/GTK

    • Ubuntu Handbook ☛ AATWS – Highly Customizable Alt-Tab Window Switcher for GNOME | UbuntuHandbook

      Use Alt+Tab or Super+Tab frequently in Ubuntu or Fedora Linux? This extension replace the default window switcher with advanced options.

      It’s AATWS, Advanced Alt-Tab Window Switcher, a Gnome Shell extension which may be useful for those working with many application windows at the same time.

      The extension adds type to search function to the Alt/Super + Tab window/app switchers. Which allows to quickly find your opened app or window. It will also try to search and launch system applications if no match app/window exist.

Distributions and Operating Systems

• Fedora Family / IBM

  • The Next Platform ☛ Can IBM Get Back Into HPC With Power10?

    The “Cirrus” Power10 processor from IBM, which we codenamed for Big Blue because it refused to do it publicly and because we understand the value of a synonym here at The Next Platform, shipped last September in the “Denali” Power E1080 big iron NUMA machine. And today, the rest of the Power10-based Power Systems product line is being fleshed out with the launch of entry and midrange machines – many of which are suitable for supporting HPC and AI workloads as well as in-memory databases and other workloads in large enterprises.

• Canonical/Ubuntu Family

  • 9to5Linux ☛ Linux Mint 21 Beta Is Now Available for Download, Here’s a First Look

    
    Development of Linux Mint 21 “Vanessa” kicked off a few months ago, and the upcoming distribution will be based on the repositories and base packages of Canonical’s latest Ubuntu 22.04 LTS (Jammy Jellyfish) operating system series, which will be supported for the next five years, just like Linux Mint 21.

    Linux Mint 21 will ship not only with newer core components (e.g. Linux kernel, Mesa graphics stack, GCC, GNU C Library) from Ubuntu 22.04 LTS, but also with a newer version of the in-house developed Cinnamon desktop environment, namely Cinnamon 5.4, which brings numerous new features and improvements.

• Open Hardware/Modding

  • Arduino ☛ Minecraft controls this LED array [Ed: Microsoft's proprietary junk can only be a liability to Arduino]

    A common question asked by new makers is “what is the difference between a microcontroller development board and a single-board computer?” Or, in more common terms, “what is the difference between an Arduino and a Raspberry Pi?” There are many technical differences, but people are really asking about why you would use one over the other. The answer, in most cases, is that you use an Arduino to handle low-level control of sensors, motors, and so on, and you use a Raspberry Pi for computing processor-intensive tasks. If, however, you need both, then MrDemonFrog’s Minecraft-controlled LED array illustrates how to do so.

Free, Libre, and Open Source Software

• Programming/Development

  • Matt Rickard ☛ So Easy You Could Run It Yourself

    We’re not there yet. But it becomes easier every day. Could deploying a frontend framework like Next.js be as simple as a reusable template that deploys the static files to a CDN and the dynamic ones to serverless runtime? Maybe one day.

  • Rlang ☛ How to Calculate Lag by Group in R?

  • Ben Congdon ☛ So long, and thanks for all the Gophers!

    Whenever I’d interview candidates for Google, a frequent question was “What’s the best part of working there?”. Invariably, I’d answer with the well-worn (but true!) cliche that it’s the people who work here which make it special – not the free food.

    [...]

    I also got to write and review a small mountain of Go code at the company at which that language was created. This was a fun experience that helped me level-up as a programmer.

    So, why leave? It was much more of a “pull” than a “push”. Things were going well! I enjoyed the work I was doing, my impact was increasing over time, and I was progressively increasing my scope. My team recently shipped something that was a ~year in the making, and the usage metrics were encouraging.

  • Rlang ☛ How to Use Mutate function in R | R-bloggers

    How to Use Mutate function in R, This article demonstrates how to add additional variables to a data frame using R’s mutate() function.

  • Perl / Raku

    • Perl ☛ Scalar Context: Lists Versus Arrays | Tom Wyant [blogs.perl.org]

      For a long time after I first encountered Perl, I looked on “list” and “array” as essentially interchangeable concepts. A list was simply the source construct corresponding to an array. This idea is mostly correct. But as they say, the devil is in the details.

      One of the differences is what happens to them in scalar context. An array evaluates to the number of elements it contains.

  • Rust

    • Rust Blog ☛ The Rust Programming Language Blog: Changes in the Core Team [Ed: The collapse of Rust is continuing (mass-resignations); a miracle if it lasts 10 years? 5? Rust is based on restrictions of free speech and outsourcing to Microsoft's proprietary prison. I was given warnings from inside Rust 2-4 years ago and immediately changed my assessment of the project. Prior to it I thought it had gathered momentum. Now we see mass resignations and face-saving lies, which those who resign warned would come.]

Leftovers

• Linux Foundation

  • Linux Foundation’s Site/Blog ☛ The Linux Foundation Announces Conference Schedule for Open Source Summit Europe 2022

  • PR Newswire ☛ The Linux Foundation Announces Conference Schedule for Open Source Summit Europe 2022 [Ed: "2022 Conference Session Highlights Include"..."Microsoft"... the company that uses 'secure' boot to block GNU/Linux from even booting on PCs. "Linux" Foundation is in bed with Linux's worst enemies.]

• Security

  • WordPress 6.0.1 Maintenance Release

    This maintenance release features 13 bug fixes in Core and 18 bug fixes for the Block Editor. WordPress 6.0.1 is a short-cycle maintenance release. You can review a summary of the key updates in this release by reading the RC1 announcement.

    The next major release will be version 6.1 planned for later in 2022.

  • LWN ☛ The “Retbleed” speculative execution vulnerabilities

    Some researchers at ETH Zurich have disclosed a new set of speculative-execution vulnerabilities known as “Retbleed”. In short, the retpoline defenses added when Spectre was initially disclosed turn out to be insufficient on x86 machines because return instructions, too, can be speculatively executed.

  • ETH Zürich ☛ Retbleed: Arbitrary Speculative Code Execution with Return Instructions

    Retbleed (CVE-2022-29900 and CVE-2022-29901) is the new addition to the family of speculative execution attacks that exploit branch target injection to leak information, which we call Spectre-BTI. Unlike its siblings, who trigger harmful branch target speculation by exploiting indirect jumps or calls, Retbleed exploits return instructions. This means a great deal, since it undermines some of our current Spectre-BTI defenses.

    [...]

    We found that we can trigger the microarchitectural conditions, on both AMD and Intel CPUs, that forces returns to be predicted like indirect branches. We also built the necessary tools to discover locations in the Linux kernel where these conditions are met.

  • Announcing Istio 1.12.9

    This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.12.8 and Istio 1.12.9.

  • USCERT ☛ CISA Adds One Known Exploited Vulnerability to Catalog [Ed: This is 100% about Microsoft and 100% about Windows; notice how they evade the mention of that, as Microsoft failed to patch and it's already actively exploited; CISA is like a Microsoft front, shielding the NSA's back doors; Microsoft loves Linux as a distraction (FUD vector) from its own back doors, incompetence, and massive scale of security breaches. CISA isn't for security as much as it is for self-serving cover-up.]

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.

  • SamMobile ☛ Samsung Galaxy S22 series threatened by a new Linux kernel vulnerability [Ed: Notice how they try to blame "Linux" when it's most likely just Samsung poorly managing patches and the flaw isn't really severe (privilege escalation)]

    A security researcher recently discovered a new zero-day vulnerability in the Linux kernel, and it appears to put at risk even Android devices that have received the July 2022 security patch. The Google Pixel 6 was confirmed to be vulnerable, and so was the Galaxy S22 series.

• Defence/Aggression

  • Resetting Without Schwab: Russia & the Fourth Industrial Revolution

    On November 1, 2021, Dmitry Medvedev, deputy chairman of Russia’s Security Council, published an essay outlining six lessons from the COVID-19 pandemic. “COVID-19 has seriously accelerated the fourth industrial revolution. Since March 2020, there has been an explosion in the quantity and quality of a variety of online services, whether it be grocery delivery, access to government services, virtual cultural events, bank payments, or distance learning,” Russia’s former president and prime minister wrote. The main problem now facing the world, per Medvedev, was how to avoid a “digital divide” that would deprive people of “vital opportunities.”

    Medvedev also argued that COVID-19 triggered a “global crisis of confidence” that could be remedied by “giving the World Health Organization the authority to make significant mobilization decisions in the interests of the entire world community in an emergency situation.”

    Another important lesson from the pandemic was making vaccines accessible, and when deemed necessary, compulsory. Extolling the safety and efficacy of COVID-19 shots, the Russian statesman blamed “vaccine nationalism” for complicating efforts to inject the global population in a timely and cost-efficient manner.

    Medvedev’s essay provided a remarkably honest overview of Moscow’s trajectory from the start of the pandemic until the end of 2021; that it resembled a boilerplate press release from the World Economic Forum was, to put it mildly, somewhat concerning.

• Environment

  • [Older] Chomsky: To Tackle Climate, Our Morality Must Catch Up With Our Intelligence

    This week, the World Meteorological Organization warned that the world has a 50 percent chance of seeing warming of 1.5 degrees above preindustrial levels in the next five years. Even those who view the glass as half full tend to agree that efforts undertaken so far by the world’s countries to combat the climate crisis, while significant in some respects, are not enough. Indeed, the global economy continues to rely extensively on fossil fuels, which still provide about 80 percent of the energy supply.

    The warnings about an impeding climate catastrophe included in the second and third segments of the United Nations Intergovernmental Panel on Climate Change (IPCC) latest review of climate science, which were released on February 28 and April 4, 2022, respectively, went completely ignored amid the war in Ukraine and soaring energy costs.

    In the United States, the Biden administration’s response to soaring gas prices was to renew oil and gas drilling on federal lands and to announce “the largest-ever release of oil from the strategic petroleum reserves.” The rest of the world has also responded with short-term thinking to the consequences of the war in Ukraine.

• Internet Policy/Net Neutrality

  • Public Knowledge ☛ Public Knowledge Applauds House for Passing Bill Providing Veterans, Students With Refurbished Computers – Public Knowledge

    Today, the U.S. House voted to pass the “Computers for Veterans and Students (COVS) Act,” a bill introduced by Representative Abigail Spanberger (D-VA) to direct hundreds of thousands of out-of-service computers from the federal government to nonprofit refurbishers for repair and distribution to veterans, students, and low-income consumers. Participating refurbishers would also provide digital literacy training. Public Knowledge urges the Senate to pass this bipartisan bill to help close the nation’s device divide.

    The following can be attributed to Jenna Leventoff, Senior Policy Counsel at Public Knowledge:

    “One of the main reasons why people cannot connect to the internet is because they can’t afford a device. More than 10 percent of households across the country lack a computer, and countless more share computers amongst multiple family members. The COVS Act is a common-sense piece of legislation that will get computers into the hands of customers in need. We thank Representative Spanberger for her leadership and urge the Senate to take up this important legislation.

  • Michael Geist ☛ The Law Bytes Podcast, Episode 134: Monica Auer on CRTC Governance, Content Regulation and the Radio-Canada Decision

    Over the past couple of weeks, there has been mounting outrage over a CRTC decision involving Radio-Canada and a broadcast segment from 2020 in which the N-word was used multiple times as part of a discussion of a book that contains the word in its title. That decision has sparked cries of censorship and concerns about the CRTC. Given that Canadian Heritage Minister Pablo Rodriguez and the government want to give the Commission even power over Internet content as part of Bill C-11, the implications extend beyond this case. Monica Auer, the executive director of the Forum for Research and Policy in Communications, joins the Law Bytes podcast to discuss the latest developments, the broader concerns with CRTC governance, and whether assurances regarding Internet speech safeguards stand up to careful scrutiny.

  • Michael Geist ☛ The Rogers Outage Aftermath: What Else Should Be On Minister François-Philippe Champagne’s Telecom To-Do List? – Michael Geist

    The massive Rogers outage took centre stage yesterday as CEOs of the leading telecom companies met with Innovation, Science and Industry Minister François-Philippe Champagne to discuss next steps to reduce the likelihood of a similar event in the future. My initial post on the outage focused on three main issues: conducting hearings into the issue by both the CRTC and a House of Commons committee, competition policy, and consumer compensation. None of these issue were top of mind for the companies or Minister, who instead emphasized the need for agreements among the companies within 60 days on emergency roaming, mutual assistance during outages, and a communications protocol to better inform the public and authorities during telecommunications emergencies. The Minister also noted that there will also be a CRTC investigation.

Gemini* and Gopher

• Personal

  • SpellBinding: EYHLORG Wordo: MARES

  • emotions #1

    I think the reason people assume I’m being depressive is because for one, I usually have no interest in showing them, which also causes me to be quite bad at expressing them, and for two, people would assume that how they feel about something equals how others feel about something, one example would be that people assumes I’m being extremely depressive whenever I’m asking people about some “deep stuff”, because they tend to think thinking deep equals being sad or whatever.

    [...]

    Though I kinda feel bad about them being sad because of how they percieved me, and at the same time conflicted because they are the same people who are trying their best to empthasise with me, and pretty much me acting happy would likely ruin them.

• Technical

  • Samba Server notes

    Hopefully this will be the last time I need to search the web for the right samba settings.

  • Science

    • dwaves.de ☛ First Pictures taken by James Webb telescope arrive on Earth

      finally… all that wait is over… here come the first images of the $10 Billion telescope of almost 17 years of build time… (first design 1999, redesigned in 2005)

GNU/Linux

• Desktop/Laptop

  • LWN ☛ Garrett: Responsible stewardship of the UEFI secure boot ecosystem [Ed: LWN spin assistance; LWN fails to note that he’s the culprit, whom we should be egging over this; narrative shifting, but see the comments]

    Matthew Garrett grumbles about an apparent Microsoft policy change making it harder to boot Linux on some systems.

  • Liliputing ☛ Slimbook Executive is a lightweight Linux laptop with Intel Core i7-12700H – Liliputing

    Spanish PC maker Slimbook’s latest Linux-friendly laptop is a thin and light model that packs a lot of horsepower into a compact chassis. The new Slimbook Executive comes with a choice of 14 or 16 inch high-resolution, 90 Hz displays and both models are powered by a 45-watt Intel Core i7-12700H processor. The larger model also features NVIDIA GeForce RTX 3050 Ti discrete graphics.

    The Slimbook Executive is available now for 1299 (about $1310) and up.

  • Electropages ☛ Joint venture unveils world’s first RISC-V laptop

    As RISC-V continues to push the boundaries of open-source computing, a joint venture between DeepComputing and Xcalibyte has developed the world’s first RISC-V laptop set to be released in September. Why is RISC-V’s popularity growing, what are the specs of the new laptop, and could this help push the use of Linux onto everyday users?

• Audiocasts/Shows

  • Video ☛ My Top 5 Productive Apps on Linux for mid 2022! – Invidious

    Want to get some productive work done on your Linux machine? Here are some apps that might help you out!

  • Video ☛ Why I HATE Windows Defender – Invidious [Ed: Proprietary placebo promising security while Microsoft gives the NSA back doors]

  • Video ☛ CrowdSec Console First Look – A Free and Awesome Security Dashboard for Linux Servers – Invidious

    CrowdSec is an Intrusion Prevention System that does things a bit differently than other IPS solutions. It’s collaborative, and open-source. CrowdSec has been featured on LearnLinuxTV a few times in the past, but in this video we’ll explore the CrowdSec Console, which allows you to monitor the security events of your Linux servers from an impressive web dashboard. In this video, we’ll get an overview and see it in action!

• Applications

  • OSTechNix ☛ Quickgui – A GUI For Quickemu To Run Virtual Machines – OSTechNix

    The other day we discussed how to run Linux, macOS, Windows virtual machines with Quickemu. Quickemu is a command line program. Not everyone is fan of command line mode. For those who prefer GUI over CLI, I present you Quickgui, a graphical frontend for Quickemu to create, run and manage virtual machines.

    What Is Quickgui?

    Quickgui is a Flutter frontend for quickget and quickemu. Using Quickgui, you can quickly create and run virtual machines via a simple graphical interface. No need to remember commands!

    Quickgui is built with Flutter, an open source framework by Google for building beautiful, natively compiled, multi-platform applications from a single codebase.

• Instructionals/Technical

  • Linuxiac ☛ Rsync Command in Linux with Practical Example [Ed: it's not a comment but a program. It's also not exclusive to Linux.]

    This guide shows you how to use the rsync command in Linux to synchronize files and directories using simple examples.

  • ID Root ☛ How To Install DeaDBeeF on Ubuntu 22.04 LTS – idroot

    In this tutorial, we will show you how to install DeaDBeeF on Ubuntu 22.04 LTS. For those of you who didn’t know, DeaDBeeF (as in 0xDEADBEEF) is a free and open-source audio player for Linux. It plays a variety of audio formats like Mp3, ogg, flac, ape, wv/iso.wv, wav, m4a/m4b/mp4 cd audio, and converts between them. DeadBeef is available for GNU/Linux, BSD, and other UNIX-like systems.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the DeaDBeeF music player on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

  • LinuxBuz ☛ The Ultimate Docker Cheat Sheet – Quick Reference – LinuxBuz

    A Docker cheat sheet is a set of notes used for quick reference while using Docker in the real world. I have prepared a Docker cheat sheet that includes an extensive list of Docker commands.

    Here, I am presenting my Docker Cheat Sheet (a one-page guide) with all common terms and useful one-liners commands. You can use it as a quick reference guide when working with Docker. If you want to learn more about Docker with detail information and examples, you can read the rest of the article.

  • H2S Media ☛ How to Install Azure Data Studio on Ubuntu 22.04 LTS Jammy [Ed: Why would any GNU/Linux users want that???]

  • HowTo Geek ☛ cURL vs. wget in Linux: What’s the Difference?

    If you ask a bunch of Linux users what they download files with, some will say wget and others will say cURL. What’s the difference, and is one better than the other?

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • KDE Plasma 5.25.3, Bugfix Release for July – KDE Community

      Plasma 5.25 was released in June 2022 with many feature refinements and new modules to complete the desktop experience.

      This release adds two weeks’ worth of new translations and fixes from KDE’s contributors.

Distributions and Operating Systems

• Reviews

  • ZDNet ☛ KaOS 2022.06 gives the KDE desktop an out-of-the-box but user-friendly twist | ZDNet

    I love it when a distribution dares to be different. We have enough clones of the Windows desktop metaphor and macOS has pretty much perfected the dock/topbar layout. So when I see a distribution that takes a standard desktop and flips it on its ear, it immediately gets my attention.

    Such is the case with KaOS 2022.06, which takes the KDE desktop environment and gives it an out-of-the-box twist to give it just enough unique flavor, without adding an extra layer of complexity for users.

• Canonical/Ubuntu Family

  • Ubuntu ☛ Event Data Recorders: Safety and software considerations | Ubuntu

    There has been a lot of talk about Event Data Recorders (EDR) in the automotive industry lately. Event Data Recorders are tamper-proof memory devices that collect accident data on modes of transport. You might recognise EDRs as flight data recorders; they have been used in avionics for more than 50 years. What you might now know is that in recent years they’ve also become an important part of the automotive industry. In China, for example, EDRs have been required since January 2021. What are the Event Data Recorder requirements in Europe?

  • Ubuntu ☛ High-performance computing (HPC) cluster architecture [part 4] | Ubuntu

    In this blog, we will give an insightful overview of HPC clusters, their architecture, components and structure.

• Mobile Systems/Mobile Applications

  • 7 Simple Ways to Fix Camera App Crashing or Not Working on Android

  • Digital Trends ☛ The Pixel 6 is the best cheap Android phone this Prime Day | Digital Trends

  • Hindustan Times ☛ Best Android watches: The ultimate buyer’s guide

  • Android Headlines ☛ Nokia T10 Arrives With 8″ HD Display, Android 12, Optional LTE & More

Free, Libre, and Open Source Software

• OSI Blog ☛ The future of innovation has patent-free standards [Ed: Simon Phipps wrote this after he had brought Microsoft, the biggest patent bully, into OSI]

  As with any legal loophole, simply existing meant it was exploited and became the norm, even if it was initially temporary (like income tax in the UK.) Once exploitation of a legal loophole becomes competitive, it becomes its own justification for the existence of the regulations (“look at the economic value of this segment”) and they become near impossible to remove – even when the original justification has ceased to need preferential protection.

  So today we see a swathe of rich consumer electronics and telecom companies, addicted to the revenue they get from licensing the standard-essential patents (SEPs) they have embedded in what they call “open” standards (abusing the term to include standards that you have to pay to read and get patent licenses to implement), lobbying hard to ensure their value to the economy is recognized.

Leftovers

• Linux Foundation

  • Linux Foundation’s Site/Blog ☛ FINOS Announces 2022 State of Open Source in Financial Services Survey [Ed: “The Linux [sic] Foundation” in partnership with Microsoft]

    FINOS, the fintech open source foundation, and its research partners, Linux Foundation Research, GitHub, Intel, Mend, Red Hat, Scott Logic, SUSE, Symphony, Tradeweb, and Wipro, are conducting its second annual survey as part of its ongoing research on the state of open source adoption, contribution, and readiness in the financial services industry.

  • Linux Foundation’s Site/Blog ☛ The 10th Annual Open Source Jobs Report: Critical Skills, Hiring Trends, and Education [Ed: Linux Foundation Annual Open Source Jobs Report is Made Using Proprietary Software on Proprietary Operating System (Not Linux)]

  • Linux Foundation’s Site/Blog ☛ 10th Annual Jobs Report: Skill up for the summer and your next open source gig

    For those of us in the northern hemisphere, summer is finally here! Perhaps you celebrated the Summer Solstice a few weeks ago. If you’re from the United States, the fireworks from the 4th of July are now just a fun memory.

    Like me, you’re now probably thinking about how you’re going to spend your downtime this summer. Perhaps you plan on taking things easy, maybe finishing off that novel you never got to this year, or taking a road trip?

• Security

  • Red Hat Official ☛ Social Engineering vs Mistakes: Two sources of pain, one process

    There are a million ways for awful things to happen to your data and accounts. For example, someone could accidentally commit their AWS access keys publicly to GitHub, and attackers quickly run up $100,000 in charges mining cryptocurrency on expensive GPU-enabled instances. Or “account support” calls with a notice that your account has false charges, but they can remove them once they verify your credit card info. There are fake software updates that steal bank account information. And fictitious warnings about login failures to your corporate email with a link to “login and verify access.” Not to mention account information leaked from one of your online services, including your banking site. Although there are many causes of account exposure, they fall broadly into two categories: malicious intent or accidental leaks.

  • Stop using phishing as a measure of your cyber awareness culture | Pen Test Partners

    If I had a penny for every time someone said to me “let’s measure our security culture by phishing our staff” I’d probably be able to fill my car up.

    It’s a really easy thing to do, you carry out some online training and typically they come with phishing simulations as a free or low cost add on. On the face of it that sounds great, train staff to spot phishing emails and they will be much better prepared to take up the mantle of defending your organisation. It sounds like the perfect solution, There’s a problem though, it’s Not.

  • FOSSLife ☛ New OrBit Malware Infects All Running Processes [Ed: "FOSSlife Team" helps the anti-Linux FUD lobby; so much for "FOSS'... maybe focus on back doors in proprietary software instead; no need to infect it, the doors are wide open...]

    Security researchers from Intezer have reported a new Linux malware variant called OrBit.

  • LWN ☛ Security updates for Tuesday [LWN.net]

    Security updates have been issued by Debian (chromium), Mageia (openssl and webkit2), Slackware (seamonkey), SUSE (crash, curl, freerdp, ignition, libnbd, and python3), and Ubuntu (dovecot and python-ldap).

  • Understanding Memory Leaks in Java | Developer.com

    When creating applications in Java, developers can create managed objects in their software using the new keyword. Programmers do not need to remove these managed objects explicitly in their code, since the garbage collector takes care of the removal of objects that are no longer required. So long as the objects are disposed of by the garbage collector, this is fine. However, if the garbage collector is unable to remove objects that are no longer referenced, there are chances of memory leaks in your applications.

    A memory leak in Java refers to a state when an object no longer needed by the application remains alive in the Java Virtual Machine (JVM). Memory leaks occur when an application accidentally hangs on to object references that are no longer necessary. Memory leaks lead to performance degradation over time because of your application’s increased (and unexpected) use of memory.

  • X.Org Security Advisory: July 12, 2022

    X.Org Security Advisory: July 12, 2022
    
    Multiple input validation failures in X server extensions
    =========================================================
    
    All theses issues can lead to local privileges elevation on systems
    where the X server is running privileged and remote code execution for
    ssh X forwarding sessions.
    
    * CVE-2022-2319/ZDI-CAN-16062: X.Org Server ProcXkbSetGeometry Out-Of-Bounds
    Access
    
    The handler for the ProcXkbSetGeometry request of the Xkb extension does
    not properly validate the request length leading to out of bounds memory
    write.
    
    * CVE-2022-2320/ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds
    Access
    
    The handler for the ProcXkbSetDeviceInfo request of the Xkb extension
    does not properly validate the request length leading to out of bounds
    memory write.
    

  • xorg-server 21.1.4

    This release fixes 2 recently reported security vulnerabilities in xkb, several
    regressions since 1.20.x and a number of miscellaneous bugs.
    

  • Vice ☛ Hackers Say They Can Unlock and Start Honda Cars Remotely

    On Thursday, a security researcher who goes by Kevin2600 published a technical report and videos on a vulnerability that he claims allows anyone armed with a simple hardware device to steal the code to unlock Honda vehicles. Kevin2600, who works for cybersecurity firm Star-V Lab, dubbed the attack RollingPWN.

    […]

    In a phone call, Kevin2600 explained that the attack relies on a weakness that allows someone using a software defined radio—such as HackRF—to capture the code that the car owner uses to open the car, and then replay it so that the hacker can open the car as well. In some cases, he said, the attack can be performed from 30 meters (approximately 98 feet) away.

    In the videos, Kevin2600 and his colleagues show how the attack works by unlocking different models of Honda cars with a device connected to a laptop.

    The Honda models that Kevin2600 and his colleagues tested the attack on use a so-called rolling code mechanism, which means that­—in theory­—every time the car owner uses the keyfob, it sends a different code to open it. This should make it impossible to capture the code and use it again. But the researchers found that there is a flaw that allows them to roll back the codes and reuse old codes to open the car, Kevin2600 said.

  • Privacy/Surveillance

    • AccessNow ☛ TikTok forced to pause plans for privacy-intrusive ads

      When TikTok announced its plan to impose personalised ads on everyone over 18 who uses the platform in EEA, UK, and Switzerland, Access Now told the company in no uncertain terms that it must scrap this action that would risk privacy, and deny agency. Reports now indicate that TikTok has hit the brakes.

      On 5 July, 2022, Access Now sent open letters to TikTok to immediately halt these invasive changes, and to the European Data Protection Board and its members to intervene.

• Civil Rights/Policing

  • AccessNow ☛ The EU AI Act proposal: a timeline – Access Now

    The use of artificial intelligence (AI) technology opens new risks for human rights, including for people and communities targeted for discrimination and marginalisation. Access Now advocates for AI regulations based on internationally recognised human rights principles. Below is a summary of our proposed amendments to the draft EU AI Act and a timeline of our related commentary and recommendations.

  • AccessNow ☛ Civil society calls on Indian government to withdraw amendments to IT Rules – Access Now

    We, the undersigned organizations operating in more than 10 countries and internationally in the promotion and protection of digital rights and freedoms, submit the following comments and urge you to withdraw the amendments recently proposed to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021 (IT Rules 2021). [1] We commend the Ministry of Electronics and Information Technology (MeitY) on the initiative to amend the IT Rules 2021, and commence a process of consultation on the proposed amendments.

    Amendments to the Rules are necessary in order to meaningfully protect fundamental rights. In our view, however, these new revisions add concerns to already restrictive provisions in the Rules that pose a direct threat to the rights to freedom of expression and privacy, as well as other related human rights protected under the Indian Constitution and international law.

• Digital Restrictions (DRM)

  • The Register UK ☛ Hive to pull the plug on smart home gadgets by 2025 [Ed: "Smart" things are for dumb, gullible people]

    Home automation platform Hive plans to terminate key products in its line, including the Hive View cameras, HomeShield, and Leak products.

    A Hive spokesperson told The Register: “At Hive, we’ve got big plans to make… homes greener, so we’ve made the tough decision to discontinue our smart security and leak detection products. As a smart tech brand in the middle of a climate crisis, we know the focus needs to change and will instead be developing smart home tech that’ll help get us closer to achieving Net Zero.”

    Users, some of whom have invested four figure sums in Hive products are less than impressed.

• Monopolies

  • U.S. Antitrust Reform Is Necessary to Defend Global Human Rights [Ed: Why is Microsoft absent from this? Have the bribes paid off? Paid politicians? Paid press? Microsoft: get busy, regulators, with "GAFA"... while we too spy even more than "GAFA" and also commit a ton of crimes... including against GNU/Linux (which we claim to "love" to keep you asleep)... Public Access is already infiltrated by Microsoft (the Board), but is Access Now also infiltrated to distract and deflect?]

    In today’s interconnected world, it is nearly impossible to function in society without relying on a tech tool made in the USA. Trying to sell something? Use Facebook marketplace. Want to start a business? Google has a platform for your micro-targeted ads. This excessive concentration of power has helped solidify Big Tech’s reign over the world, making it much harder to hold these companies accountable for facilitating human rights violations, such as attacks against human rights defenders in the Philippines and ethnic violence in Ethiopia.

GNU/Linux

• Desktop/Laptop

  • Matthew Garrett ☛ Matthew Garrett: Responsible stewardship of the UEFI secure boot ecosystem

    After I mentioned that Lenovo are now shipping laptops that only boot Windows by default, a few people pointed to a Lenovo document that:
    Starting in 2022 for Secured-core PCs it is a Microsoft requirement for the 3rd Party Certificate to be disabled by default.

    “Secured-core” is a term used to describe machines that meet a certain set of Microsoft requirements around firmware security, and by and large it’s a good thing – devices that meet these requirements are resilient against a whole bunch of potential attacks in the early boot process. But unfortunately the 2022 requirements don’t seem to be publicly available, so it’s difficult to know what’s being asked for and why. But first, some background.

  • Liliputing ☛ Lilbits: Linux laptops and handhelds, iOS 16 beta, and Microsoft Store policy change blocks sales of some open source apps

    The thing about free and open source apps is that anyone can take the source code and make their own version of an app with few (or no) changes. Many open source licenses even allow you to redistribute your version of an app. So it’s unsurprising that app stores are sometimes litters with unofficial versions of popular apps… sometimes with “developers” charging money for apps that are normally available for free.

    In order to crack down on that, Microsoft recently updated its Microsoft Store policies to prohibit sales of open source apps that are available for free from other sources (such as the developer’s website or GitHub). But some developers of free and open source software do make their software available for free download from some locations while charging a fee for the same software when downloaded from app stores… so Microsoft has gotten some pushback.

• Kernel Space

  • Notebook Check ☛ AMD Linux patches reveal no Infinity Cache for the Phoenix Point APU and only four displays at a time for the RDNA3 GPUs – NotebookCheck.net News

    Information about AMD’s next-generation RDNA3 architecture keeps trickling down. This time around we have a report about AMD’s DCN display controllers for the upcoming RX 7000 series GPUs and the Phoenix Point APU thanks to Coelacanth’s Dream. The report also contains some interesting data regarding AMD’s Infinity Cache on RDNA3.

• Benchmarks

  • CNX Software ☛ Benchmarks comparison between UP 4000, Raspberry Pi 4, UP board, and Jetson Nano

    We wrote about the UP 4000 SBC with an Intel Apollo Lake processor and Raspberry Pi form factor yesterday. But today, I noticed the UP community had put up a benchmarks comparison between the UP 4000 board, the original UP board (Atom x5-8350), the Raspberry Pi 4, and NVIDIA Jetson Nano.

• Applications

  • Linux Links ☛ 5 Best Free and Open Source Terminal-Based Image Viewers

    
    Viewing images direct in a terminal used to come at a serious disadvantage. The vast majority of terminal emulators display images using block-characters. Images can be displayed using half blocks or quarter blocks, the former offers the ability to display pixels with colour-accuracy. Whether half blocks or quarter blocks are used, pixelation is evident.

    But you don’t need to suffer pixelation when viewing images, as the Kitty Graphics Protocol lets us display 24-bit color high definition images direct in your terminal.

    Terminals that support the Kitty Graphics Protocol include Kitty, WezTerm, Konsole, and wayst. Unfortunately, the vast majority of terminal emulators do not support the protocol. Instead, these terminal emulators may only support Sixel (“six pixels”), a bitmap graphics format which consists of a pattern six pixels high and one wide, resulting in 64 possible patterns.

  • Its FOSS ☛ eBook Manager Calibre 6.0 is Here With Full-Text Search and Other Improvements

    Calibre is a popular open-source eBook reader for Linux, macOS, and Windows. It is also available for the ARM platform (Linux).

    It happens to be one of the best eBook readers for Linux.

    After a year and a half of development, a new major upgrade for Calibre has finally landed.

  • Its FOSS ☛ List Upgradable Packages With apt Command in Ubuntu – It’s FOSS

    The apt command is used for package management in Debian and Ubuntu. While you are probably already familiar with the install and remove options, apt provides a few extra features as well.

    One of them is the ability to see all the upgradable packages on your system.

  • Medevel ☛ Xandikos is an Open-source CardDav and CalDav Server

    Xandikos is a free open-source self-hosted CalDav and CardDav server that uses Git as a backend.

    [...]

    The project is released and licensed under the GNU GPLv3 (or later).

  • Medevel ☛ SkyTube is The Best Free Safe YouTube Client for Kids

    As many parents complain about YouTube in-video ads that target their kids, we find that it’s our duty to find the best kids-friendly YouTube app alternative that protects your child privacy.

    So here, we introduce: SkyTube.

    SkyTube is not your regular YouTube app alternative, firstly, it does not depend on Google Apps API like the YouTube App.

    Secondly, it allows the user (parent) to block certain videos, channels, or even a specific language.

    [...]

    SkyTube is an open-source project that is released under the GPLv3.0 License.

• Instructionals/Technical

  • ZDNet ☛ Docker 101: How to install Docker on Ubuntu Server 22.04

    Compared to some other solutions, Docker is more user-friendly, offers plenty of GUI applications (so you don’t have to always work from the command line), and is supported by Linux, macOS, and Windows.

  • How to Install Git on Ubuntu [Ed: Even Microsoft MVPs gradually move away from Windows]

  • HowTo Geek ☛ How to Run Commands as Another User in Linux Scripts

    Naturally enough, when you run a command or script the system executes it as a process that was launched by you. But you can run commands and scripts as another user.

  • Electronics Weekly ☛ Linux frustration – where is a command line wizard when you need one

    Most of them are pre-owned with valid Windows 10 licences, but installing a clean Windows 10 seems impossible now without setting up a Microsoft account and its associated control freakery – which I don’t want.

    If I was convinced it was only for security, I might go for it but, and I am no expert, it feels a lot more like ever-more-coercive integration between me and a company (please correct me below if I am wrong here).
    Anyway, I have had a lot of success installing and using Ubuntu Linux (thanks to Canonical and the rest of the Linux world for making it so nice to use, and effective, and free).

    However, through no fault of anyone – I think it is a not-everyone-has-caught-up situation – I am really struggling to install Eagle PCB (free version), and the two 3d printing ‘slicers’ Cura and Prusa Slicer into (onto?) Ubuntu 22.04 LTS.

    [...]

    With Ubuntu 20.04, Ultimaker Cura (the AppImage file) has installed straight away without needing the command line
    (Just right click the file and set it to ‘make executable’, then right click it again to run it.

  • Trend Oceans ☛ How to Install and Configure Synaptic Package Manager in Ubuntu? – TREND OCEANS

    Synaptic Package Manager is a lightweight GUI software manager that uses the APT package manager as a backend to install, uninstall, update, and list packages in Debian-based distributions.

    There was a day when we used to recommend Synaptic over the APT package manager to new Linux users. However, the GUI software manager recommendation remains the same, only replaced by more modern tools such as GNOME Software and KDE Discover.

  • Red Hat Official ☛ How to configure a firewall on Linux with firewalld [Ed: Read Hat wants you to only ever use Microsoft systemd and firewalld]

    Learn how to install, configure, and use firewalld to restrict or allow a computer’s access to services, ports, networks, subnets, and IP addresses.

  • Red Hat ☛ How to run VS Code with OpenShift Dev Spaces | Red Hat DeveloperWhile Visual Studio Code isn’t included in OpenShift Dev Spaces by default, it can be installed easily, giving access to a rich extension ecosystem.

    While Visual Studio Code isn’t included in OpenShift Dev Spaces by default, it can be installed easily, giving access to a rich extension ecosystem.

  • Linux Capable ☛ How to Install SMPlayer on Ubuntu 22.04 LTS – LinuxCapable

    SMPlayer is a free, open-source media player with built-in codecs that can play virtually any video and audio format. SMPlayer doesn’t need any external codecs and provides many exciting features, like the ability to play YouTube videos and search for subtitles or cast to external devices. Even though SMPlayer is available for all major platforms, including Windows, macOS, and Linux, it’s still one of the best options for Linux users because of its simple user interface and flexible settings.

    In addition, SMPlayer is also portable, so you can carry it around on a USB drive and use it on any computer without leaving traces behind. So if you’re looking for a media player that can play practically any file type without hassle, SMPlayer is worth trying.

    The following tutorial will teach you how to install SMPlayer Ubuntu 22.04 LTS Jammy Jellyfish using a LaunchPAD APT PPA with the command line terminal.

  • Linux Capable ☛ How to Install PhotoQT on Ubuntu 22.04 LTS – LinuxCapable

    PhotoQt is a simple, open-source image viewer designed to be more than the average image viewer with much more eye candy, highly configurable, and easy to use. PhotoQt is written in Qt, making it a platform-independent software that supports Linux, Mac OS X, and Windows operating systems.

    PhotoQt has several features that make it unique among image viewers. First, PhotoQt is highly configurable, allowing users to customize how the program looks and behaves. Second, PhotoQt is very easy to use, with an intuitive interface that makes navigating through images quick and easy. Finally, PhotoQt is extremely fast, making it ideal for viewing extensive image collections and an excellent choice for a simple yet powerful image viewer.

    The following tutorial will teach you how to install PhotoQT Ubuntu 22.04 LTS Jammy Jellyfish using a LaunchPAD APT PPA with the command line terminal.

  • Linux Shell Tips ☛ How to Insert a Line at a Specific Line Number

    Supposing you have a large file that needs some editing and you are looking for the quickest way of achieving such an objective via a Linux operating system environment, what do you do? If you already have access to your target file and can identify each line number associated with the file content, then your problem is half solved.

    This article will walk us through various approaches to inserting a line at a specific line number on an editable file under a Linux operating system.

  • TecMint ☛ How To Set Correct SSH Directory Permissions in Linux

    For SSH to work well, it requires correct permissions on the ~/.ssh or /home/username/.ssh directory: the default location for all user-specific ssh configuration and authentication files. The recommended permissions are read/write/execute for the user, and must not be accessible by group and others.

    Besides, ssh also requires that the files within the directory should have read/write permissions for the user, and not be accessible by others. Otherwise, a user might encounter the following error…

  • ID Root ☛ How To Install Snap on Manjaro 21 – idroot

    In this tutorial, we will show you how to install Snap on Manjaro 21. For those of you who didn’t know, Snap is a well-known package manager that packages and deploys various software on Linux-based Operating Systems. Snap is backed by Canonical, the same organization that developed the popular Debian-based Ubuntu Operating System.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Snap on a Manjaro 21.

  • HowTo Forge ☛ Ubuntu 22.04 Minimal Server Installation

    This tutorial shows the installation of an Ubuntu 22.04 base server in detail with many screenshots. The purpose of the guide is to show the base installation of Ubuntu 22.04 LTS that can be used as a basis for our other Ubuntu tutorials here at howtoforge like our perfect server guides.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • 9to5Linux ☛ KDE Plasma 5.25.3 Is Out Now with More Plasma Wayland Fixes, Various Other Changes

      
      The KDE Project currently maintains two stable branches of its popular Plasma desktop environment, the long-term supported Plasma 5.24 LTS and the short-lived 5.25 series, the latter receiving today another batch of bug fixes just a day after the former was updated to Plasma 5.24.6 LTS.

      KDE Plasma 5.25.3 is here two weeks after KDE Plasma 5.25.2 with more fixes for the Plasma Wayland session. For example, it addresses a System Settings crash that occurred when changing the screen resolution to a resolution that’s not officially supported by the monitor.

Distributions and Operating Systems

• IPFire Official Blog ☛ IPFire 2.27 – Core Update 169 released

  The next Core Update – one of the biggest in size we have ever put together – is released: IPFire 2.27 – Core Update 169. It introduces the support of two-factor authentication (2FA) for OpenVPN clients, updates several core parts of the system, provides mitigations for another two types of CPU side-channel attacks, as well as package updates, bug fixes and other security improvements.

  Before we talk in detail about what is new, I would like to ask you for your support. IPFire is a small team of people and like many of our open source friends, we’ve taken a hit this year and would like to ask you to help us out. Please follow the link below where your donation can help fund our continued development: https://www.ipfire.org/donate.

• Fedora Family / IBM

  • The Register UK ☛ Oracle Linux 9 released, with some interesting additions • The Register

    Oracle Linux 9 is out and has some interesting differences from the other Red Hat relatives.

    The version was released at the end of June, marking an unusually long gap from Red Hat’s announcement of RHEL 9 the month before. For comparison, the beta of AlmaLinux 9 came just three days after RHEL 9′s official availability on May 17, and the final version followed within a week.

    A similar delay seems to be affecting Rocky Linux as well. Nearly a month after Red Hat’s announcement of RHEL 9, the Rocky Linux team tweeted that Rocky 9 was coming soon.

    Oracle’s release notes reveal an interesting change. Under the heading “Package Changes from the Upstream Release”, the second item in the list is btrfs-progs. Given that Red Hat explicitly no longer supports Btrfs in RHEL, this is unexpected.

    Oracle supplies a choice of kernels with Oracle Linux, along with documentation on how to switch between them. One is called the “Red Hat Compatibility Kernel” (RHCK) and the other the Unbreakable Enterprise Kernel (UEK), which is Oracle’s modified build of the kernel. If you need strict RHEL compatibility – the target that AlmaLinux and Rocky Linux provide – then RHCK is identical to the kernel in RHEL, just as CentOS Linux used to be. UEK is something different and, among other things, includes Btrfs support.

  • Enterprisers Project ☛ 10 CIOs share advice on career development

    Whether just starting out on our professional journey or many years in, we all face hurdles in our careers. When the going gets tough, it can be helpful to have core values and guiding principles to lean back on.

    Recently, finalists in the 2022 National CIO of the Year ORBIE Awards each shared a piece of advice they had collected over their careers. We’ve rounded up the 10 best quotes on career development below. Read on, or download the complete quote book for advice on leadership, soft skills, career development, strategy, and more.

  • Enterprisers Project ☛ 8 transformational traits for IT leaders

    IT leadership used to be solely about managing systems. Not anymore. The role of an IT leader today is about getting your teams and your partners to imagine the unimaginable and make it so.

    Here are eight characteristics of transformational IT leaders today.

  • Red Hat Enlists ABB to Push OpenShift to the Industrial Edge – Container Journal

    Red Hat and ABB today announced they have allied to drive the adoption of the Red Hat OpenShift platform based on Kubernetes in industrial edge computing environments.

    Nick Barcet, senior director for technology strategy within the CTO organization at Red Hat, says this alliance is the latest in what will become a series of partnerships to extend container applications to edge computing platforms that have 2GB of RAM to process data.

  • Weekly status of Packit Team: July 2022

    Weeks 26–27 (June 27th–July 11th) # We adjusted the way we check the author of the PR for PRs related to dist-git commits that trigger Koji build jobs.

  • Fedora Project ☛ Fedora Community Blog: Community Blog monthly summary: June 2022

    This is the latest in our monthly series summarizing the past month on the Community Blog. Please leave a comment below to let me know what you think.

• Debian Family

  • Tails ☛ Tails 5.2 is out

    Tails 5.3 is scheduled for August 9.

    Have a look at our roadmap to see where we are heading to.

• Canonical/Ubuntu Family

  • Ubuntu ☛ Design and Web team summary – 1 July 2022

    The Web and design team at Canonical runs two-week iterations building and maintaining all of the Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration.

• Devices/Embedded

  • OpenSource.com ☛ OpenWrt, an open source alternative to firmware for home routers | Opensource.com

    If you’re reading this article from home, you are probably connected with a LTE/5G/DSL/WIFI router. Such devices are usually responsible to route packets between your local devices (smartphone, PC, TV, and so on) and provide access to the world wide web through a built-in modem. Your router at home has most likely a web-based interface for configuration purposes. Such interfaces are often oversimplified as they are made for casual users.

    If you want more configuration options, but don’t want to spend for a professional device you should take a look at an alternative firmware such as OpenWrt.

• Open Hardware/Modding

  • FSFE ☛ A PC in your pocket: Librem 5, a Free Software phone [Ed: Sponsoring articles about oneself. This is FSFE.]

    Librem 5 runs the fully convergent PureOS, which means you can take your desktop with you within your phone. Its dedicated graphical environment, Phosh, is becoming a popular option for Linux phones. Guido Günther, one of Purism’s main developers, reveals details of Librem’s software development in this interview.

    Having a Free Software phone gives you control over your device. You can gain a higher level of privacy protection, and you can finally avoid apps you were stuck with before. It also means you can often keep your device for longer, and protect the environment by reducing e-waste.

    When deciding on your switch to a Free Software operating system, your options are installing a new system on your current phone or acquiring a phone with a Free Software operating system pre-installed.

    The latter is clearly the easier route, and Purism’s Librem 5 may be the solution for you. By default, it runs PureOS, a Free Software operating system that comes with Phosh, its polished graphical environment. Projects like postmarketOS, Mobian, and Debian have picked up Phosh too, putting it into use on other devices and contributing patches.

    Guido Günther is one of the main developers of Phosh (and an FSFE supporter!) and he kindly agreed to tell us about the software, how it fits within the Librem 5 ecosystem, and its advantages.

• Mobile Systems/Mobile Applications

  • Pocket Now ☛ Android 13 based One UI 5 leak reveals upcoming features | Pocketnow

  • 9to5Google ☛ Nokia T10 launches w/ 8-inch HD display, Android 12, more – 9to5Google

  • Android Headlines ☛ Samsung’s Galaxy M12 & Galaxy A22 5G Get Android 12 Update

  • Indian Express ☛ Nokia C21 Plus with 13MP camera and Android 11 Go launched in India: Here’s what’s new | Technology News,The Indian Express

  • Phone Arena ☛ Add this new Google Maps widget to your Android phone. Here’s how! – PhoneArena

  • Phone Arena ☛ Nokia brings back the retro charm with three feature phones, Android tablet – PhoneArena

  • Sportskeeda ☛ PUBG Mobile 2.1 update direct APK download link for Android

  • Nothing phone (1) android smartphone has an intentional design that provides warmth » Gadget Flow

  • Geeky Gadgets ☛ Oppo A97 Android smartphone unveiled – Geeky Gadgets

  • Medevel ☛ Elementary: An Open-source Free Periodic Table Android App for Students and Teachers

    Elementary is a free open-source Periodic Table of the Elements and element reference app for Android devices that is designed to work on big and small screens like tablets, mobiles and Android TV.

    The app is released under the MIT license, and it does not come with any ads, tracker scripts, or in-app purchase.

    The app is available to download from the Google Play application store, the F-Droid store, and in the Amazon Appstore.

    [...]

    The app and source code is released under the MIT License

Free, Libre, and Open Source Software

• Apache Blog ☛ The Apache News Round-up: week ending 8 July 2022

  Happy Friday, everyone –let’s review the Apache community’s activities from over the past week

• Productivity Software/LibreOffice/Calligra

  • LibreOffice 7.4 RC1 is available for testing

    The LibreOffice Quality Assurance (QA) Team is happy to announce LibreOffice 7.4 Release Candidate 1 (RC1) is available for testing!

    LibreOffice 7.4 will be released as final in mid August, 2022 ( Check the Release Plan for more information ) being LibreOffice 7.4 RC1 the third pre-release since the development of version 7.4 started at the end of November, 2021. Since the previous release, LibreOffice 7.4 Beta1, 280 commits have been submitted to the code repository and 121 issues got fixed. Check the release notes to find the new features included in this version of LibreOffice.

• Programming/Development

  • IT Pro Today ☛ The Sustainability Impact of Technical Debt

  • CNX Software ☛ Using Raspberry Pi Pico as a logic analyzer – CNX Software

    MCU boards, including the $1.5 BluePill board, have been used as cheap logic analyzers for years, notably with Sigrok open-source software. So it should come as no surprise the $4 Raspberry Pi Pico board can also be used as a logic analyzer, with one developer claiming it can deliver 100 Msps, or the performance obtained with a 1.6 GHz CPU, thanks to the PIOs from the Raspberry Pi RP2040.

    Hackaday reported about a Sigrok driver for the Pico last March, but the topic was brought to our attention via a post on Hackster.io about an open-source Windows program developed from scratch to transform the Raspberry Pi Pico board into a logic analyzer capable of 100 Msps.

  • OpenSource.com ☛ 7 kinds of garbage collection for Java | Opensource.com

    An application written using programming languages like C and C++ requires you to program the destruction of objects in memory when they’re no longer needed. The more your application grows, the great the probability that you’ll overlook releasing unused objects. This leads to a memory leak and eventually the system memory gets used up, and at some point there’s no further memory to allocate. This results in a situation where the application fails with an OutOfMemoryError. But in the case of Java, Garbage Collection (GC) happens automatically during application execution, so it alleviates the task of manual deallocation and possible memory leaks.

    Garbage Collection isn’t a single task. The Java Virtual Machine (JVM) has eight different kinds of Garbage Collection, and it’s useful to understand each one’s purpose and strength.

  • Shell/Bash/Zsh/Ksh

    • Bash Scripting – If, Else If, Else Tutorial – buildVirtual

      This short tutorial shows how to use if else statements in Bash. An if else statement in programming is a conditional statement that runs a set of statements depending on whether an expression is true or false. This ‘decision making’ capability can be very useful when used in Bash shell scripts, as with any other programming language. In a bash script you will typically see a number of ways in which IF statements are used.

Leftovers

• Proprietary

  • Ghacks ☛ Microsoft recommends disabling Windows Desktop Search to fix Outlook search on Windows 11 (again) [Ed: Windows is profoundly broken; blocking GNU/Linux from booting is the only way Windows can survive]

• Security

  • Scanning for security.txt files | Pen Test Partners

    RFC 9116 was written by E. Foudil and Y. Shafranovich and left draft status in April 2022. This RFC formally defines the unofficial security.txt file that has been an unofficial standard for many years, initially created back in 2017 and documented at https://securitytxt.org/.

    The security.txt file provides a simple file with a known path that security researchers can look at to locate an endpoint where vulnerabilities can be disclosed without attempting to email random contacts, tweet them, phone the sales number or hunt down their CIO from LinkedIn (all tactics we have used in the past).

    This is a positive step and takes virtually zero development time to implement. Every company, whether e-commerce, government, or security provider should have a security.txt file, though from personal experience many don’t.

  • dwaves.de ☛ web cms – wordpress still dominating – second comes no cms

    What is interesting, that 33% of all website creators, decide to not use any CMS at all (static HTML/manually editing it).

    there is even a trend of creating cms inside wordperss, “cms inside the cms” so to speak, with plugins such as Enfold, elementor.com and wpastra.com

    problem: this also makes wordpress the #1 target for hackers.

  • Privacy/Surveillance

    • AccessNow ☛ “Save the GDPR”: our message to the European Commission -

      The European Union is a legislative superpower with a weak enforcement track record. The latest demonstration of this reality is one of the EU’s flagship laws: the General Data Protection Regulation (GDPR). Four years after the law became applicable, the EU now needs to save the GDPR. So today, we ask the European Commission to introduce a new legislative act to complement the GDPR and clarify its enforcement. Here is why.

      [...]

      Our takeaway: after four years and thousands of people filing complaints with their data protection authorities, people in the EU are still waiting to see their data protection rights materialise. It appears the road to data protection is paved with delays, uncertainty, and unequal access to remedy across the EU. A new study that we commissioned by The Data Protection Law Scholars Network, The right to lodge a data protection complaint: OK, but then what? An empirical study of current practices under the GDPR, shows that, in practice, data subjects across the EU do not have an equal right to lodge a complaint. This is a serious impediment to the GDPR’s efficacy for vindicating our rights.

      Does this mean that it is time for a full legislative reform of the GDPR? To some, this option might seem tempting. The very existence of a “Brussels bubble” depends on the legislative train never stopping. But if the real issue with the GDPR is lack of enforcement, will changes to its content make things any better? It is unlikely. In fact, it may lead to a watering down of hard-fought protections for people’ rights. A recast of the GDPR should be off the table, at least in the near future.

    • AccessNow ☛ A new EU law will save the GDPR

      It’s been four years since the European Union’s flagship law, the General Data Protection Regulation (GDPR), went into effect, yet slow enforcement is rendering it nothing more than pixels on a screen. The European Commission must step up and save the GDPR — by introducing a supporting legislative act to bolster its application.

      Access Now’s new report, Four year under the GDPR: how to fix its enforcement, unpacks the problems with the application of the law, and lays out concrete recommendations for a solution. Read the snapshot.

      “After four years, the law’s impacts are hard to see, not because the law is flawed — it can change the way our data is secured across the continent — but because it continues to be ignored,” said Estelle Massé, Europe Legislative Manager and Global Data Protection Lead at Access Now. “Data Protection Authorities are making efforts to bring the GDPR promises to life but political and legal hurdles are stopping progress. We need the European Commission to create clear and binding rules on enforcement and cooperation and to further empower the European Data Protection Board.”

      Red flags over the unequal and slow enforcement of the GDPR have been waving for years. Thousands of people across Europe have filed complaints to their local Data Protection Authorities, but due to slow resolution of cross-border cases and bottlenecks, and differences in national procedural laws, very few of those have even been acknowledged.

Gemini* and Gopher

• Personal

  • Titan A.E.

    The merging of 2D and 3D is a rare artstyle these days. In many cases, the best displays of it were only born out of technological limitations after all. In media where it is used these days, it’s mostly for background elements not worth the time and budget to properly animate. I think it carries a certain amount of charm, though. The best example being this old gem I watched recently, Titan A.E. I had heard it was a flop, so I was not expecting much, but I was pleasently surprised.

  • Some of the music i’m listening t

• Politics

  • My Job Application Statistics

    Apologies in advance, this is going to be a very short, uninformative post; it’s more of a public diary entry of sorts for me to put down a couple quick thoughts, and so won’t be especially englightening or deep.

    I’ve been applying for jobs since December of 2019.
    I figure, it being the two year anniversary of unemployment, I’d celebrate by making a diagram and rambling a bit about my experience!

• Technical

  • gaming on void (and a thinkpad) part 2: the survival guide

    ay mates, lelkins here. it’s been a fun gaming journey on void, to be more exact, the glibc version of void. it’s my first ever systemd-less distro. it’s surprisingly usable for gaming, especially with the fact that they added gamemode in their repository, along with stuff like polymc for you minecraft fellows. i’ve been on void for, like, a month, i think. just recently came back to arch at around 2022-07-06.

    gaming on it can be a little hard if you don’t know what you’re doing. the general linux gaming stuff like wine and gamemode ARE in the void packages, but they aren’t how you expect. the general linux gaming community prefers wine-staging over stable wine, as staging has patches and specific gubbins that make games work better. gamemode is gamemode, but it doesn’t work normally to the point of needing to use a different command, as i mentioned in part 1. i will mention how to use gamemode again as it’s one of the most important tools of linux gaming. i will use minetest as an example game here.

  • more lelkins? in his gemini? it’s more likely than you’d think!

    ay mates, lelkins here! back from the grave! it’s been a while, isn’t it? sorry for this huge hiatus. my life doesn’t have a lot of interesting stuff to put here, as it is basically very normal. like white bread. i did make the tinylog in the hopes of me generating more posts, but even that went dry, forever stuck in the garf zone. i just don’t feel very motivated to write on gemini cause, like i said on the first sentence, i just don’t have much to write since my life is too normal. not much material. not much going on. i genuinely have no idea what to write here either.

    i’ve been told by my good mate masqq to start 100daystooffload. just write daily about whatever, as long as you have something in there. *write about the things you want to write.*