Bonum Certa Men Certa

Links 07/09/2022: Godot 4.0 alpha 16 and Hare in Kernel Code



  • GNU/Linux

    • Server

      • To Protect Cloud-Native APIs, Avoid Overly Permissive States - Container Journal

        APIs are now foundational to how modern applications are built: Using microservices and containers and running on platforms like Kubernetes. They’re the standard mechanism to integrate internal components or expose functionality to partners. APIs have also risen in ubiquity alongside microservices architecture, providing a common way to incrementally develop, scale and reuse specialized cloud-native functionality.

        But along with this newfound ubiquity, API attacks are surging. Malicious API traffic saw a staggering 117% increase in the past year, according to Salt Labs’ State of API Security Report, Q3 2022. This is partly due to the sheer number of APIs being produced. While some of these encompass public products, the majority are internal-facing services, the 2022 Postman State of the API Report finds.

        I recently chatted with John Morello, VP of product, Palo Alto Networks, to gather insights on how to best protect cloud-native applications and APIs. According to Morello, APIs are prone to data overexposure and require more modern analysis techniques to validate traffic. Furthermore, he believes IT security requires unified management across clouds—more holistic visibility and control can help correlate issues across various toolsets.

    • Audiocasts/Shows

    • Kernel Space

      • Drew DeVaultNotes from kernel hacking in Hare, part 1

        One of the goals for the Hare programming language is to be able to write kernels, such as my Helios project. Kernels are complex beasts which exist in a somewhat unique problem space and have constraints that many userspace programs are not accustomed to. To illustrate this, I’m going to highlight a scenario where Hare’s low-level types and manual memory management approach shines to enable a difficult use-case.

        Helios is a micro-kernel. During system initialization, its job is to load the initial task into memory, prepare the initial set of kernel objects for its use, provide it with information about the system, then jump to userspace and fuck off until someone needs it again. I’m going to focus on the “providing information” step here.

        The information the kernel needs to provide includes details about the capabilities that init has access to (such as working with I/O ports), information about system memory, the address of the framebuffer, and so on. This information is provided to init in the bootinfo structure, which is mapped into its address space, and passed to init via a register which points to this structure.

    • Graphics Stack

      • CollaboraImproving Vulkan graphics state tracking in Mesa

        3D rendering APIs such as OpenGL, D3D, and Vulkan involve a lot of state to drive the 3D pipeline. Even though most of the heavy lifting these days is done by programmable shaders, there are still many fixed-function pieces used to glue those shaders together. This includes things such as fetching vertex data and loading it into the vertex shader at the start of the pipeline, viewport transforms and clipping that sit between the end of the geometry pipeline and rasterization, and depth/stencil testing and color blending that happen at the end of the pipeline before writing the final image to the output buffers. Each of these fixed-function pieces is configurable and so has some amount of state associated with it.

        In OpenGL, the 3D rendering pipeline is modeled as one giant blob of state where everything is re-configurable at any time. It's left to the driver to track state changes and re-configure the hardware as needed. With Vulkan, we improved this situation quite a bit by baking much of the state into immutable objects. Images and samplers, for instance, have all their parameters provided at the time the image or sampler is created and they are immutable from then on. (The color or depth/stencil data pointed to by an image is mutable but the core parameters such as width, height, number of miplevels, etc. are not.) The only state mutability with respect to these objects is the ability to change which images/samplers are bound at any given time. Compiled shaders, along with the state for fixed function pieces such as depth/stencil testing, are all rolled up into a single monolithic pipeline object. Because fully monolithic pipeline objects can be cumbersome, Vulkan also provides the option to make some of that state dynamic, meaning that you set it manually via a vkCmdSet*() command instead of baking it into the pipeline. his allows the client to use the same pipeline object with, for instance, different blend constants.

    • Applications

      • Trend OceansGum: A Tool for Glamorous Shell Scripts in Linux - TREND OCEANS

        In a few days or very soon, you might be working on your own shell script on Linux. At that time, you might be going with the traditional method by learning all the shell programming codes and applying them to your script.

        What if I say there is an amazing tool called Gum, that provides you glamorous functionality, or in simple words, the beautiful syntax for your shell script?

    • Instructionals/Technical

      • HackadayLinux Fu: Eavesdropping On Serial | Hackaday

        In the old days, if you wanted to snoop on a piece of serial gear, you probably had a serial monitor or, perhaps, an attachment for your scope or logic analyzer. Today, you can get cheap logic analyzers that can do the job, but what if you want a software-only solution? Recently, I needed to do a little debugging on a USB serial port and, of course, there isn’t really anywhere to easily tie in a monitor or a logic analyzer. So I started looking for an alternate solution.

        If you recall, in a previous Linux Fu we talked about pseudoterminals which look like serial ports but actually talk to a piece of software. That might make you think: why not put a piece of monitor software between the serial port and a pty? Why not, indeed? That’s such a good idea that it has already been done. When it works, it works well. The only issue is, of course, that it doesn’t always work.

      • MakeTech EasierTmux Keyboard Shortcuts - Make Tech Easier

        Tmux is a simple yet powerful terminal multiplexer for UNIX-based machines. It allows you to seamlessly create and manage multiple terminal windows from a single teletype terminal (TTY). Tmux does this by creating self-contained pseudo-terminals which it serves to the user. This approach allows tmux to create terminal windows that persist across sessions. Not only that, this also allows it to easily transfer information and modify different terminals.

        Because of that, tmux is a staple program for both everyday users and system administrators alike. Its ability to provide a persistent terminal session means that you can run tmux remotely and run programs without the risk of terminating them upon disconnecting. Furthermore, its ability to manipulate terminal windows makes it a simple window manager for power users.

      • Easy way to Install VirtualBox on Oracle Linux - kifarunix.com

        Are you running Oracle Linux desktop and want to do some Virtualizations? Thus, follow through this guide to learn how to install VirtualBox on Oracle Linux. In this tutorial, we will be using Oracle Linux 9.

      • Filipe Rosset: Fedora rawhide – fixed bugs 2022/08
      • Easily Access Shared Folder on Linux VirtualBox VM - kifarunix.com

        In this tutorial, you will learn how to setup and easily access shared folder on Linux VirtualBox VM. VirtualBox supports the ability to share folders/directories between the host and VirtualBox VM making it easy to share files between the host and the guest.

      • TechRepublicHow to deploy a Docker Swarm on Ubuntu 22.04 | TechRepublic

        Docker is my go-to container deployment runtime engine. With it, I can quickly deploy containers to a network that are easily accessible. What happens when I want to be able to scale those applications? Doing so on a single Docker server would be a challenge. To that end, you deploy multiple Docker instances and cluster them together. That, my friends, is called a Docker Swarm.

      • ID RootHow To Install Splunk on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install Splunk on Ubuntu 22.04 LTS. For those of you who didn’t know, Splunk is aimed to process the data to make it useful for the user without manipulating the original data. It is one of the most powerful tools for analyzing, exploring, and searching data. It reads most of the output format from virtual machines, network devices, firewall, Unix-based and Windows based devices.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Splunk on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • MakeTech EasierHow to Create a Search Engine With SearxNG - Make Tech Easier

        SearXNG is a powerful meta-search engine that you can host anywhere. Unlike traditional search engines, SearXNG is an engine aggregator. This means that instead of processing searches by itself, it uses other engines to do the searching for it. Further, SearXNG is incredibly lightweight and easy to set up, and you can host it on a system as simple as a Raspberry Pi!

      • How To Fix “Connection Refused By Port 22” On Ubuntu 22.04 LTS | Itsubuntu.com

        How to Fix “Connection Refused By Port 22” on Ubuntu 22.04 LTS

        Port 22 is used by SSH on Ubuntu for communicating with other machines in the network to transfer data. Port 22 is also used to access the remote system. Meanwhile, this post is for you if you are having the error “Connection refused by port 22” while using port 22. In this post, we will show you the solution for the “Connection refused by port 22” error on Ubuntu.

      • TechRepublicHow to deploy a Node.js development environment on Ubuntu Linux 22.04 | TechRepublic

        Node.js is a very popular, open source back-end JavaScript runtime environment that is used for server-side development. Node.js makes it possible to execute JavaScript code outside of a web browser so you can design and build scalable applications.

        I’m going to demonstrate how to deploy a Node.js development environment on the latest release of Ubuntu Server (v 22.04). Ubuntu does include a version of Node.js in the default repositories and although it is way out of date, it can still be used and is supported until 2025. However, let’s get the latest version installed — as of this writing, that would be 18.8.0.

      • TechRepublicHow to configure a DHCP server on Rocky Linux | TechRepublic

        Rocky Linux has become one of the de facto standard replacements for CentOS. Not only is it a drop-in replacement for RHEL, but the maintainer Gregory Kurtzer has made it clear Rocky Linux will always be available and will never be owned by a company that could bring down the distribution.

        And for anyone who’s used RHEL or CentOS, Rocky Linux will be instantly familiar and can serve you and your company with ease.

      • H2S MediaInstall Foxit PDF Reader on Ubuntu 22.04 LTS Linux - Linux Shout

        With the Foxit PDF Reader, this category leader Adobe Reader gets high-quality competition. The big advantage of the alternative PDF reader: Even larger PDF files can be opened in a few seconds. The program can display PDF files of any format and even allows annotation, filling, and signing and is free for private use.

        For mobile use, there is Foxit PDF Reader Mobile, if you are looking for a full-fledged PDF editor, you should take a look at Foxit PDF Editor. Tools such as the comment function or the marking, under-, and cross-out of text passages can also be used in the free version of the “Foxit PDF Reader” for some time.

      • H2S MediaCreate a New User in Ubuntu 22.04 or 20.04 using GUI or Terminal

        Like windows, we can add users on Ubuntu 22.04 or 20.04 with different rights such as one with sudo and another without. This helps multiple users to work on the same system while their files and directory can only be accessible by them. Although the root or Super Admin user can access any other system/regular user account and its files, the standard/regular user account cannot. The process of creating a new user is not much difficult even on Ubuntu Linux. We can use the terminal or GUI interface of the OS to do that. Apart from creating a user on Ubuntu 22.04, we will also learn how to assign sudo rights to a user using this step-by-step guide.

    • Games

      • VideoRESTLESS SOUL | Linux Game - Invidious

        Laugh in the face of death in this hauntingly humorous comedy adventure about a wayward soul trying to make it back to the land of the living. Engage in bullet-hell lite battles, solve puzzles, and communicate with the dead as you navigate this “colorful” world. Death is just the beginning.

      • Boiling SteamNew Steam Games with Native Linux Clients - 2022-09-07 Edition - Boiling Steam

        Between 2022-08-31 and 2022-09-07 there were 25 New Steam games released with Native Linux clients. For reference, during the same time, there were 284 games released for Windows on Steam, so the Linux versions represent about 8.8 % of total released titles.

      • Godot EngineGodot Engine - Dev snapshot: Godot 4.0 alpha 16

        We're working towards finalizing the feature set for 4.0 beta, reviewing many PRs which have been opened prior to our roadmap feature freeze announced a month ago. While this process is ongoing, we'll keep releasing alpha builds so here's 4.0 alpha 16! Same deal as usual, lots of bugs fixed and more refactoring and feature work.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • OMG Ubuntu4 Retro Effects Added to ’Burn My Windows' Extension - OMG! Ubuntu!

          Despite the name, the Burn My Windows GNOME extension offers a grab-bag of different animated effects that play when opening and closing windows.

          Alongside its namesake inferno effect echoing the the Compiz Fusion years are an assortment of other animations, spanning the gamut from superfluous science-fiction teleports through to mystical looking disintegrations, and “physical” effects like shattering glass.

          Well, now we have even more choice as 4 brand new retro-style effects are included in the latest version of this brilliantly blingly bolt-on, which is rolling out as an update through the GNOME Extensions website this week.

  • Distributions and Operating Systems

    • Its FOSSelementary OS 7 Gears Up to Add Responsive Apps and Port to GTK 4

      elementary OS has seen some major slowdowns in development after the co-founder Cassidy James left the team(i.e. for the release of elementary OS 7).

      And I know, you're excited about performing an upgrade with sudo dist-upgrade. And, it looks like the things are getting better, and Danielle Foré (Founder) shared some progress going towards elementary OS 7 release.

      Here, I shall share of the development updates for the upcoming release.

  • Free, Libre, and Open Source Software

    • Web Browsers

    • SaaS/Back End/Databases

      • PostgreSQLPostgreSQL: CloudNativePG 1.17.0, 1.16.2 and 1.15.4 Released!

        The CloudNativePG Community has announced version 1.17.0, a new minor release of the CloudNativePG Operator, which introduces the possibility to create a new PostgreSQL cluster with a dedicated volume for Write-Ahead Log (WAL) files. Separating I/O workloads of database (PGDATA) and WAL files improves vertical scalability of PostgreSQL clusters, among the others.

        In this version, a new command, destroy, has been added to the cnpg plugin for kubectl to help remove an instance and the associated persistent volume claims from an existing cluster.

        Two new labels, cnpg.io/instanceName and cnpg.io/podRole, are now managed by the operator on all persistent volume claims that belong to a cluster.

        Some minor bugs have been fixed, in particular in the in-place operator upgrade process.

        New patch releases are available for all the supported versions, including 1.16.2 and 1.15.4.

    • Programming/Development

      • GSoC Final Report - Maíra Canal

        My journey on the Google Summer of Code project passed by so fast… This is my last week on the GSoC and those 14 weeks flew by! A lot of stuff happened during those three months, and as I’m writing this blog post, I feel quite nostalgic about this three months.

        Before I started GSoC, I never thought I would send so many patches to the mailing list, have an abstract approved on XDC 2022, or have commit rights on drm-misc.

        GSoC was indeed a fantastic experience. It gave me the opportunity to grow as a developer in an open source community and I believe that I ended up GSoC with a better understanding of what open source is. I learned more about the community, how to communicate with them, and who are the actors in this workflow.

      • LinuxSecurityEssential Guide to Securing Node.JS Applications
  • Leftovers

    • Crediting people

      Crediting people is important, and it's something that we - in the free software community - don't always apply enough. Or we unconsciously don't do so.

      That's where scientific papers get it really right. And for blog posts or articles, it depends on many factors (exercise for you: try to categorize blog posts into a discrete color scale, between red, green and blue, wrt. what this blog post is all about).

      So, with the exercise statement, you already know that not all text are equal in that regard [1]. I'm thinking about somehow quickly-written raw text, or sometimes just the title that happens to be exactly the same (with a totally different body), with a long timespan in-between.

    • Linux Foundation

    • Security

    • Monopolies

      • Patents

        • TediumDrink Coaster History: There Sure Are a Lot of Weird Coaster Patents

          When we drink beverages, often those beverages have to live in somewhere, and putting them on top of a wood table simply will not do. The container of that cold beverage you’re drinking is likely to condense all over the place, leaving a watery puddle in its wake. Putting it on top of wood, or marble, or any other surface, is simply a bad idea—and it’s an even worse one if that container has been recently spilled, leaving a mess all over the place. The hero of this story is the drink coaster, which can capture the condensation and ensure your fancy table is safe from the elements. But based on a quick search of Google Patents, simply being a coaster is no longer enough fro many coasters. It must do more—logic be damned. Today’s Tedium talks drink coasters, beer mats, and urinal coaster patents.

  • Gemini* and Gopher

    • Personal

      • EOPSTUW Wordo: EDUCE
      • Ruario's Journal [extract]

        So I attempted ROOPHLOCH and failed. Basically I was sitting at a public swimming pool, waiting for my youngest to finish their course and it occurred to me that perhaps I could do the challenge then and there. After all I was carrying a basic feature phone, which on the one hand provided some way for me to type up a post and on the other hand was offline from the perspective of providing a generalised internet connection. So I formulated a plan of doing the post as multiple SMS messaged and sending them to text to email service I use. That would provide a way to get the text I typed off the device. Sure, I would have to manually copy and paste it into an editor from there and upload as normal but I figured that was still within the spirit of the concept, seeing as I would have composed my text offline in an unusual location. Plus it would give me a way to use my remaining time, while I waited from my little one. I didn't bring a book.

      • Return To Scouts

        Yesterday was the first night back at Scouts after a summer of

        recovering from the previous year. I was a little anxious and didn't

        entirely want to go following a few weeks of 'urgghhh' thanks to work.

      • Neice

        I learnt something odd..... A friend of mine had a c section and so

        did my sister in law. Both sent me pictures of their child emerging

        from their body. In each case, the medical staff doing the operation

        asked if they wanted photos. They are disgustingly interesting photos.

        Think alien chest buster scene but lower down and you have it pretty

        much. Is this a thing? Why is this a thing? Do medical staff offer the

        same for those giving vaginal birth? I am baffled by this.

    • Technical

      • Science

        • Comparing coordinates of tree stems collected with GPS or tape measures

          In 2018 and 2019 I set up some 100x100 m (1 ha) permanent vegetation monitoring plots in Bicuar National Park, southwest Angola. We measured the stem diameter of each tree stem >5 cm diameter and attached a numbered metal tag to each of these stems so we could track the growth and mortality of each stem over time. At the same time as measuring the stem diameters and attaching the tags, I also took a quick GPS point with a Garmin GPSMAP 65s Handheld GPS unit.

      • Internet/Gemini

        • Trying to navigate the new-old web

          So, Gemini is actually really neat, there's no doubt about it. But of course, I'm not used to it, and so a couple things confuse me.

          [...]

          Secondly, what Gemini server software would you all recommend? There are quite a few options, and I'm not sure which one would fit me best.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

SoylentNews Grows Up, Registers as a Business, Site Traffic Reportedly Grows
More people realise that social control media may in fact be a passing fad
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 28, 2024
IRC logs for Thursday, March 28, 2024
[Meme] EPO's New Ways of Working (NWoW), a.k.a. You Don't Even Get a Desk at Work and Cannot be Near Known Colleagues
Seems more like union-busting (divide and rule)
Hiding Microsoft's Culpability in Security Breaches and Other Major Blunders (in the United Kingdom, This May Mean You Can't Get Food)
Total Cost of Ownership (TCO) is vast
Giving back to the community
Reprinted with permission from Daniel Pocock
Links 28/03/2024: Sega, Nintendo, and Bell Layoffs
Links for the day
Open letter to the ACM regarding Codes of Conduct impersonating the Code of Ethics
Reprinted with permission from Daniel Pocock
With 9 Mentions of Azure In Its Latest Blog Post, Canonical is Again Promoting Microsoft and Intel Vendor Lock-in, Surveillance, Back Doors, Considerable Power Waste, and Defects That Cannot be Fixed
Microsoft did not even have to buy Canonical (for Canonical to act like it happened)
Links 28/03/2024: GAFAM Replacing Full-Time Workers With Interns Now
Links for the day
Consent & Debian's illegitimate constitution
Reprinted with permission from Daniel Pocock
The Time Our Server Host Died in a Car Accident
If Debian has internal problems, then they need to be illuminated and then tackled, at the very least in order to ensure we do not end up with "Deadian"
China's New 'IT' Rules Are a Massive Headache for Microsoft
On the issue of China we're neutral except when it comes to human rights issues
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 27, 2024
IRC logs for Wednesday, March 27, 2024
WeMakeFedora.org: harassment decision, victory for volunteers and Fedora Foundations
Reprinted with permission from Daniel Pocock
Links 27/03/2024: Terrorism Grows in Africa, Unemployment in Finland Rose Sharply in a Year, Chinese Aggression Escalates
Links for the day
Links 27/03/2024: Ericsson and Tencent Layoffs
Links for the day
Amid Online Reports of XBox Sales Collapsing, Mass Layoffs in More Teams, and Windows Making Things Worse (Admission of Losses, Rumours About XBox Canceled as a Hardware Unit)...
Windows has loads of issues, also as a gaming platform
Links 27/03/2024: BBC Resorts to CG Cruft, Akamai Blocking Blunders in Piracy Shield
Links for the day
Android Approaches 90% of the Operating Systems Market in Chad (Windows Down From 99.5% 15 Years Ago to Just 2.5% Right Now)
Windows is down to about 2% on the Web-connected client side as measured by statCounter
Sainsbury's: Let Them Eat Yoghurts (and Microsoft Downtimes When They Need Proper Food)
a social control media 'scandal' this week
IRC Proceedings: Tuesday, March 26, 2024
IRC logs for Tuesday, March 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Windows/Client at Microsoft Falling Sharply (Well Over 10% Decline Every Quarter), So For His Next Trick the Ponzi in Chief Merges Units, Spices Everything Up With "AI"
Hiding the steep decline of Windows/Client at Microsoft?
Free technology in housing and construction
Reprinted with permission from Daniel Pocock
We Need Open Standards With Free Software Implementations, Not "Interoperability" Alone
Sadly we're confronting misguided managers and a bunch of clowns trying to herd us all - sometimes without consent - into "clown computing"
Microsoft's Collapse in the Web Server Space Continued This Month
Microsoft is the "2%", just like Windows in some countries