09.11.22

Links 11/09/2022: Papirus Icon Set Refreshed

Posted in News Roundup at 12:59 pm by Dr. Roy Schestowitz

  • Tech

    • Railroads Reverse Years of Streamlining to Improve Freight Service | SupplyChainBrain

      Rail yards are starting to rumble with activity again as freight railroads invest in expanding capacity and improving service. The Wall Street Journal reports that Norfolk Southern and Union Pacific have recently reopened several “hump yards,” where trains are broken down and reassembled for their next destinations.

      The yards were among operations that had been significantly curtailed in the industry’s years-long push to operate more efficiently by using fewer trains and holding them to tighter schedules.

    • Applications

      • Ubuntu PitKoodo Reader: An Open Source eBook Reader for Linux

        Are you looking for an eBook reader for your Linux desktop and laptop? Well, then you need to check out Koodo Reader must. It’s an open-source eBook reader app for your Linux. Simply put, it’s an all-in-one tool you need to read eBooks on your Linux system.

        Koodo fills the limitations of other eBook readers by providing an elegant look and user experience. Though Linux has plenty of eBook reader apps (e.g., Foliate and Calibre) available, Koodo stands out for its unique features and functionalities. It’s exceptionally lightweight and user-friendly.

        In this article, you’ll get an in-depth overview of the features Koodo has for you, from where you can download Koodo, how to install it on different Linux distros, and the user guide.

        [...]

        Let me give you a concise brief of this reader app.

    • Instructionals/Technical

      • ID RootHow To Install FreeOffice on Ubuntu 22.04 LTS – idroot

        In this tutorial, we will show you how to install FreeOffice on Ubuntu 22.04 LTS. For those of you who didn’t know, FreeOffice is a free and open-source alternative tool for MS Office created by SoftMaker. It is compatible with Windows, Linux, and Mac and free for home use or at the workplace. Although Free Office does not offer all applications as available in Microsoft Office, it focuses mainly on day-to-day used applications such as Text (an alternative to MS Word), PlanMaker (spreadsheet), and Presentation (like PowerPoint).

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the FreeOffice suite on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • uni TorontoWhat systemd timer directives seem to be used in practice

        Systemd .timer units have a bunch of different On<Thing> directives to define the time when the timer(s) trigger, including OnCalendar=. As I discovered when looking into using timers to run things very frequently, there can be more than one way to get what you want with all of these directives. This variety of options raises a straightforward question, namely what do people seem to do in practice.

        I’m not energetic enough to download every Ubuntu or Fedora package that has a timer and look at them all. Instead, I’m looking (only) at the packages installed on the Fedora and Ubuntu systems I have ready access to, and especially the timer units that are actually enabled (things that aren’t enabled can have weird things lurking in their depths). Widely installed and enabled timer units sort of set the standard for what people expect.

        By far the most popular option is OnCalendar. Unsurprisingly there’s a bunch of packages that use ‘daily’ or ‘weekly’ as basically a replacement for cron.daily and cron.weekly. Even the Certbot timer unit (on both Ubuntu and Fedora) uses OnCalendar, although it has an interesting trick; it sets itself to run at 00:00 and 12:00 but also has a 12 hour randomized delay, so the actual activation time of all of those Certbot timers is (hopefully) randomized very broadly across the day. This same trick is used by fwupd-refresh.timer, motd-news.timer (in Ubuntu), man-db.timer, and plocate-updatedb.timer (although it only activates once a day so it’s not quite the same).

      • ByteXDUsing Filament to Create a WebGUI for FreeRadius – ByteXD

        Filament is a TALL (Tailwind, Alpine.js, Laravel, Livewire) admin panel framework.

        There are several admin panel frameworks available for Laravel. Until recently, my favorite was Laravel Nova — the official Admin Panel, backed by the creators of Laravel.

      • ByteXD[Fix] Laravel: Return type of Illuminate\\Support\\Collection::offsetExists($key)
      • Barry Kaulerchroot too many levels of symbolic links

        There is a serious problem in the ’3buildeasydistro’ script in woofQ, building Easy Bookworm. In a few places it runs “chroot rootfs-complete …”, that now fail.

      • Data SwampSolene’% : Video – talk about NixOS deployments tools

        At work, we have a weekly “knowledge sharing” meeting, yesterday I talked about the state of NixOS deployments tools.

      • Make Use OfHow to Self-Host Bitwarden Password Manager on Raspberry Pi Zero

        Many users create simple passwords or use the same ones while signing up for any service or product online, as they are easy to remember. Some users do use complex passwords but save the credentials in the web browser, which is neither recommended nor safe. Instead of using a web browser to manage your passwords, you can build a self-hosted modern password manager using Bitwarden with Multi-Factor Authentication (MFA), backups, SSL certificate, remote access, and enhanced security.

        [...]

        Insert the microSD card into the card reader and connect it to your computer system. Then follow these steps to write the 64-bit Lite version of Raspberry Pi OS to it.

    • Games

      • Tom MacWrightWilderplace – macwright.com

        There are few people I’ve worked as closely with as Saman Bemel Benrud. We built a lot of stuff together at Mapbox, from iD to Mapbox Studio. But he was insistent that after this job, he was going to make games and comics. No more tech rocket ships.

        He’s gone and done it. Saman, along with Micah Fitch and Tom Lubanovic, released Wilderplace today. It’s an endlessly creative turn-based adventure game.

    • Desktop Environments/WMs

      • OMG UbuntuPapirus Icon Set’s September Update Adds 38 New Icons – OMG! Ubuntu!

        A new version of the Papirus icon theme for Linux desktops is available to download.

        Furthering August’s amiable update, Papirus designers add 38 new and updated icons in this refresh.

        Among the gamut of glyphs within are icons for GTK audio editor Ear Tag, Material Design-led music player Harmonoid, and convergent KDE podcast client Kasts.

        There are also icons for the Chromium-based web browser Naver Whale, well-regarded Gabut Download Manager, and the Electron-based and privacy-focused Discord client WebCord.

  • Distributions and Operating Systems

    • DebugPointTop 10 Best Linux Distributions in 2022 For Everyone

      We compiled a list of the 10 best Linux distributions for everyone in 2022 based on their stability, attractiveness and time required to configure after installation.

      The Linux Distribution space is heavily fragmented to the point that a new fork is being created almost every day. A very few of them are unique and bring something different to the table. Most of them are just the same Ubuntu or Debian based with a different theme or a wrapper.

      The Linux distro landscape is so dynamic that it changes every month. Some Linux distributions become more stable with ever-changing packages and components, while others become unstable in quality. Hence, it’s challenging to pick and choose the best Linux distribution for your school, work or for just casual browsing, watching movies, etc. Not to mention, many Linux distributions are discontinued every year due to a lack of contributions, cost-overrun and other reasons.

      That said, we compiled the below 10 best Linux distributions in 2022, which is perfect for any user or use case. That includes casual dual-boot users with Windows 10 or 11, students, teachers, developers, creators, etc. Take a look.

  • Free, Libre, and Open Source Software

    • Programming/Development

      • Jim NielsenPodcast Notes: Jen Simmons on ShopTalk Show – Jim Nielsen’s Blog

        While listening to Chris, Dave, and Jen discuss the array of new things coming to CSS, what stuck out to me was how much these new things aren’t necessarily about addressing specific concerns around technological capability — e.g. when will we get IF statements in CSS? — but rather about addressing organizational and cultural concerns that arise from humans trying to work together to build software — e.g. how can teams of people write, maintain, and refactor CSS?

      • The Package: learning how to build an R package

        I recently made my first R package and was asked how I did it. The answer of course was: I searched, read, and stumbled around until it was done. But having gone through the process I figured it was worthwhile summarising what I did and what I found tricky.

      • Using Shiny Server in Docker
      • Python application deployment with RStudio Connect: Streamlit

        RStudio Connect is a platform which is well known for providing the ability to deploy and share R applications such as Shiny apps and Plumber APIs as well as plots, models and R Markdown reports. However, despite the name, it is not just for R developers (hence their recent announcement). RStudio Connect also supports a growing number of Python applications, API services including Flask and FastAPI and interactive web based apps such as Bokeh and Streamlit.

      • Why I don’t enjoy RSpec all that much

        One of the reasons I prefer testing with Minitest is the dissatisfaction with my everyday RSpec work. Here are things I don’t like about typical RSpec test suites and how to fix them.

        Please take the post with a grain of salt. If you enjoy writing RSpec this way, keep enjoying it! Some things are personal, and it’s okay.

      • Taking on Virtual Events with Regular Structured and Casual Meetups ☕️ – R Consortium

        The R Consortium recently interviewed John Blischak and Tim Hoolihan with the Cleveland R UseR Group. The organizers share more about how the group managed to continue to grow with consistent structured and casual virtual events like their Virtual R Café.

      • Stacey on IoTCan TinyML really provide on-device learning?

        Imagine if your smart speaker could be trained to recognize your accent, or if a pair of running shoes could alert you in real time if your gait changed, indicating fatigue. Or if, in the industrial world, sensors could parse vibration information from a machine that changed location and function often in real time, halting the machine if that information suggested there was a problem.

      • HaikuOS[GSoC 2022] XFS : Final Report | Haiku Project

        GSoC 2022 is nearing its end so here is the final report on my project, which aims at adding more XFS file system support on Haiku.

      • Beneath and Beyond the Cox Model – R Views

        The Cox Proportional Hazards model has so dominated survival analysis over the past forty years that I imagine quite a few people who regularly analyze survival data might assume that the Cox model, along with the Kaplan-Meier estimator and a few standard parametric models, encompass just about everything there is to say about the subject. It would not be surprising if this were true because it is certainly the case that these tools have dominated the teaching of survival analysis. Very few introductory textbooks look beyond the Cox Model and the handful of parametric models built around Gompertz, Weibull and logistic functions. But why do Cox models work so well? What is the underlying theory? How do all the pieces of the standard survival tool kit fit together?

      • VideoThe C++ memory leak detector no one told me about | address sanitizer – Invidious

        The Address sanitizer is an awesome tool that does a lot more than just detect memory leaks. In this video I show you the basic usage of this tool using a leaky C++ code snippet

      • Data SwampBento 1.0.0 released
  • Leftovers

    • BloombergCities Using Digital Twins Like SimCity for Policymakers

      Cities like Orlando, FL, and Singapore are using digital twins to generate virtual models of themselves, in order to simulate the effects of potential new policies or infrastructure projects that can inform real-world decision-making.

    • Science

      • Extreme TechCanada Is Working On the World’s Largest Geothermal Solar Lagoon

        Petite-Rivière-Saint-François has never been considered much of a tourist destination. The tiny Quebec town is typically regarded as a pass-through municipality on the way to Canada’s Charlevoix region, an area known for its vast greenery, architecture, skiing, and arts scene. Soon, however, that’s going to change. In just a couple of years, Petite-Rivière will be home to geoLAGOON, the world’s largest geothermal solar lagoon.

        If you’re thinking the term “geothermal solar lagoon” looks at first like a jumble of buzzwords, you’re not the only one. But each aspect of the self-sufficient, environmentally-friendly destination is carefully planned. The center will be a large, open-air lagoon heated to 100.4 F (38 C) year-round. The heat will come from an “energy ecosystem” consisting of solar, air, and biomass resources, as well as built-in geothermal equipment. Under the lagoon will sit a thermal reservoir heated to 150 F (70 C) by both solar and geothermal energy.

      • New ScientistDeepMind AI learns to play soccer using decades of match simulations

        Artificial intelligence has learned to play soccer. By learning from decades’ worth of computer simulations, an AI took digital humanoids from flailing tots to proficient players.

        Researchers at the AI research company DeepMind taught the AI how to play soccer in a computer simulation through an athletic curriculum resembling a sped-up version of a human baby growing into a soccer player. The AI was given control over digital humanoids with realistic body masses and joint movements.

    • Hardware

      • IEEEAerial Dragon Robot Reconfigures Itself Into a Flying Manipulator

        A couple years ago, we wrote about the Dual-rotor embedded multilink Robot with the Ability of multi-deGree-of-freedom aerial transformatiON—Dragon, of course. It’s one of the wildest drones we’ve ever seen, consisting of four pairs of gimbaled, ducted fans, with each pair linked together through a two-axis actuated joint, making it physically flexible in flight to a crazy degree.

        Dragon is one of those robots with literally more degrees of freedom than it knows what to do with—in the sense that the hardware is all there. But the trick is getting it to use that hardware to do things that are actually useful in a reliable way. In 2018, Dragon was just learning how to transform itself to fit through small spaces, but now it’s able to adapt its entire structure to manipulate and grasp objects.

      • Extreme TechNASA Spends $50 Million to Develop Next-Gen Processor for Space Exploration

        NASA has been using the same spaceflight computers for almost 30 years, but it won’t be much longer. The agency has awarded a $50 million contract to Arizona-based Microchip Technology Inc. to “architect, design, and deliver” a next-generation space-optimized processor. NASA expects the new chip, which will be used in future lunar and planetary missions, will be 100 times faster than the chips currently in use.

        In an interview we conducted with Perseverance rover engineer Adam Steltzner, he told us the chip powering the robot was no faster than the CPU in a late 90s Mac computer — the phone in your pocket is an order of magnitude more powerful. However, you can’t just slap the latest Intel CPU in a spacecraft and call it a day. Space is a harsh environment with extreme temperatures and damaging radiation. Regular computer hardware tends not to last very long. The Ingenuity Mars helicopter is one notable exception. It runs on a Qualcomm smartphone SoC, and despite NASA’s low expectations, it’s still going strong on Mars.

      • TechCrunchGM’s Cruise recalls, updates software in 80 robotaxis following crash

        Cruise, the autonomous vehicle unit under GM, reported a software recall and update in 80 of its robotaxis following a crash in June.

        The crash, which resulted in minor injuries to two riders, received national attention because it occurred a day after Cruise received the final permit from California regulators to commercialize its driverless robotaxi service.

    • Security

      • Fear, Uncertainty,
        Doubt/Fear-mongering/Dramatisation

      • Privacy/Surveillance

        • Cops wanted to keep mass surveillance app secret; privacy advocates refused

          Much is known about how the federal government leverages location data by serving warrants to major tech companies like Google or Facebook to investigate crime in America. However, much less is known about how location data influences state and local law enforcement investigations. It turns out that’s because many local police agencies intentionally avoid mentioning the under-the-radar tech they use—sometimes without warrants—to monitor private citizens.

        • How About a Civic Group to Oppose a Cashless Society? – Ralph Nader

          The most perceptive ancient historians and philosophers could not have foreseen a time when a certain type of mass convenience and abundance becomes a threat to democracy, justice and dispersed power. Welcome to the incarcerations of the credit card payment systems Gulag and the corporate state’s drive to stop consumers from paying with cash.

          So long as you have a credit card and a credit score, you’re in a world of easy credit (no down payments, etc.), and high interest rates, especially on unpaid monthly balances. All it takes is swiping your card and pushing buttons at retail establishments or online to make a purchase.

        • RFAWeChat warns users their likes, comments and histories are being sent to China — Radio Free Asia

          The Chinese social media platform WeChat is warning users outside China that their data will be stored on servers inside the country, RFA has learned.

          A number of overseas WeChat users received a notification on Sept. 6, warning that “personal data [including] likes, comments, browsing and search history, content uploads, etc.” will be transmitted to China.

          The notification also reminds users that their behavior while using the app is subject to WeChat’s licensing agreement and privacy policy.

          A YouTuber living in France who gave only the pseudonym Miss Crook said she was shocked to receive a French translation of the same message.

          “I clicked through and … this message popped up, so I automatically clicked cancel,” she said. “It’s becoming clear what the difference is between a democracy and a dictatorship.”

    • Defence/Aggression

      • The WireThe Truth About the Kargil War Is Bitter But it Must Be Told

        On Vijay Diwas, which is observed on July 26 every year, glowing tributes are rightly paid to the soldiers who laid down their lives to ensure India’s victory in the historic Kargil War. But the nation also witnesses another drama of a different kind.

        A lot of old Army generals, who never saw an artillery shell fall closer than two km, that too during demonstrations in firing ranges, as well as the likes of those who have seen snow only in Bollywood classics like Kashmir ki Kali and Aarzoo, emerge as great experts on TV channels. Some can even be heard yelling their lungs out. They heap praise upon themselves for ensuring India’s victory in Kargil and indulge in a lot of chest thumping from the safe confines of television studios. But the truth behind the fiasco that resulted in the loss of more than 500 Indian soldiers, and another 1,500 wounded during the war gets suppressed in the cacophony.

        [...]

        The events which led to the Kargil fiasco, which I will go on to narrate in some detail in this story, are not classified. They are available as court records, information procured through RTI queries and from books published by those involved in the war, including General V.P. Malik, Major General Verma, Captain Amarinder Singh and a few others.

    • Environment

      • Energy

        • RlangHow strongly does German electricity demand react to high prices?

          The discussion on how to deal with exploding European electricity prices takes on steam. Recent ideas of the EU and similar proposals by the German government do not directly attempt to reduce electricity wholesale prices. The goal is to collect infra-marginal rents in another way and redistribute the money to energy users by different channels than wholesale price reductions.

        • Graphing California Electricity Supply using ggplot2

          Graphing California Electricity Supply using ggplot2 during record temperatures 9/05/2022 – 09/09/2022

          Raw data from CA ISO. Data is available in 5 minute increments for each 24 hour period.

        • ForbesEthereum Founder’s Huge 2040 Bitcoin And Crypto Crash Price Prediction

          The bitcoin price has fallen sharply since hitting a peak of almost $70,000 per bitcoin late last year. The ethereum price has also suffered an almighty crash with ethereum cofounder Vitalik Buterin issuing an urgent update warning in the run-up to ethereum’s major merge upgrade that begins next week.

        • The AtlanticCrypto’s Core Values Are Running Headfirst Into Reality

          This is the promise crypto advocates have sold consumers and politicians over the past decade, as crypto has blown up into a trillion-dollar behemoth—in the process making Buterin, now best known as the founder of the Ethereum network, very, very rich. (Buterin’s Ethereum Foundation did not respond to a request for comment.) Even as crypto has wormed its way into the mainstream, the argument goes, the tech was constructed in such a way as to prevent meddling on the part of banks and governments. For example, Jesse Powell, CEO of the Kraken exchange, has referred to crypto networks as “censorship-resistant rails of last resort.” And the venture-capital powerhouse Andreessen Horowitz, now the foremost backer of crypto start-ups, has invoked that same idea in promoting its multibillion-dollar funds.

      • Wildlife/Nature

        • Data from elephant seals reveal new features of marine heatwave ‘the Blob’

          The North Pacific Blob, a marine heatwave that began in late 2013 and continued through 2015, was the largest and longest-lasting marine heatwave on record. A new study using data collected by elephant seals reveals that in addition to the well documented surface warming, deeper warm-water anomalies associated with the Blob were much more extensive than previously reported.

      • Overpopulation

        • World Overshoot Day: World has already overshot nature’s budget for rest of the year

          This year’s Earth Overshoot Day was observed July 28, a day before it was celebrated last year July 29 and nearly a month earlier than it was celebrated in 2020 August 22.

          The day, hosted and calculated by Global Footprint Network, an international research organisation, falls earlier every year, to indicate that humanity’s demand for natural resources exceeds what the Earth can provide.

    • Finance

      • Jacobin MagazineMikhail Gorbachev’s Project Was a Noble Failure Thwarted by Forces Beyond His Control

        When he became the last Soviet leader, Mikhail Gorbachev wanted to democratize the USSR without embracing free-market capitalism and end the Cold War without enabling US domination. The world is still haunted by his inability to achieve those goals.

      • Ruben SchadeRubenerd: Queen Elizabeth II

        Liz represented a family that has wrought untold suffering and theft to people around the world, and altogether not enough has been done to atone and compensate for this, let alone acknowledge it. Charles III’s coronation will also cost billions of pounds right when working class people are struggling to keep the heater on.

        [...]

        The world’s relationship with Liz was more complicated than people on either side acknowledge. This is most starkly represented in Hong Kong, where her family were responsible for the Opium wars on one end, and represented lost freedoms and resistance since the handover.

    • AstroTurf/Lobbying/Politics

      • Michael West MediaA winner by wallet maybe, but Lachlan Murdoch has put Crikey on the world stage

        If he gets in the witness box, Lachlan Murdoch stands to win his defamation action against Crikey but the Australian news site is already triumphant. Michael West and Alan Austin report.
        Lachlan Murdoch is suing Crikey for defamation. A $10 billion US media juggernaut is suing a $20 million small publisher Downunder, plus its politics correspondent Bernard Keane and editor Peter Fray. Goliath versus David.
        Murdoch took exception to a Crikey article in June which described former US president Donald Trump as a ‘‘confirmed unhinged traitor’’ who had propelled the US into a ‘‘new and dangerous state of crisis’’. It added that News Corp’s owners ‘‘and their slew of poisonous Fox News commentators are the unindicted co-conspirators of this continuing crisis’.’

      • Michael West MediaNo future: Governor-General’s charity knocked on the head – Michael West

        It may be the easiest budget cut the Albanese government makes as it battles with a trillion dollars of debt.

        On Wednesday night, with MWM’s coverage rating hot (it still is on Thursday morning), the government announced that the $18m charity endorsed by the Governor-General, funded by the taxpayer, headed by a low-profile businessman, and with only the vaguest mandate, would be scrapped.

      • Michael West MediaDid Tourism Australia really get a KPMG report, or was it Scomo’s imagination? – Michael West

        There are still many questions surrounding Scott Morrison’s ill-starred time at the helm of Tourism Australia, writes Jommy Tee. Newly released documents confirm KPMG did not undertake a probity audit in 2005 into the assessment and evaluation of shortlisted tenderers for Tourism Australia’s advertising contracts.

        It’s more than 100 days since Scott Morrison led the Coalition to a crushing election defeat. Under a twin assault from Labor and the climate independents, Coalition seats fell like ninepins everywhere except Queensland. Outside the Sunshine State, the Coalition recorded the worst defeat in terms of seats of any government since Gough Whitlam’s.

    • Censorship/Free Speech

      • New York TimesOpinion | Censorship Is the Refuge of the Weak – The New York Times

        Republicans across the country are trying to use the power of the state to restrict speech.

      • GizmodoBiden Issues Another Vague Call to ‘Reform’ Section 230

        Since taking the White House in November 2020, President Joe Biden has issued repeated calls to amend one of the most foundational laws governing the internet, Section 230 of the Communications Decency Act.

      • New York TimesHong Kong Sentences 5 Over ‘Seditious’ Children’s Books – The New York Times

        Tales about a sheep village resisting a wolf pack prompted the charges against leaders of a speech therapists’ union, extending a government crackdown on dissent.

      • Hong Kong Free Press5 Hong Kong speech therapists jailed for 19 months each for sedition over children’s books – Hong Kong Free Press HKFP

        Five Hong Kong speech therapists have each been sentenced to 19 months behind bars under the colonial-era sedition law. They were convicted of publishing a series of illustrated books that effectively “brainwashed” young readers, a judge ruled.

        District Judge Kwok Wai-kin meted out jail terms to Lorie Lai, Melody Yeung, Sidney Ng, Samuel Chan and Fong Tsz-ho on Saturday, three days after he found them guilty of conspiring to print, publish, distribute and display three books with seditious intent between June 2020 and July 2021.

      • JURISTACLU of Nevada sues Las Vegas over age restrictions – JURIST – News

        The American Civil Liberties Union (ACLU) of Nevada has filed a federal lawsuit against the city of Las Vegas and the Fremont Street Experience on behalf of a street performer and two 18-year-olds. The ACLU stated that the age restrictions to enter the popular tourism destination, in place on weekends since July 12, 2022, violate the First Amendment of the Constitution.

      • RFAReport: China accelerates global campaign to sway foreign media — Radio Free Asia

        China is intensifying its campaign to influence and manipulate news and information worldwide, and using an array of tools to project a positive image of itself abroad, a U.S.-based watchdog group said in a report released Thursday.

        In Southeast Asia, Indonesia and Malaysia were vulnerable to Beijing’s influence campaigns from early 2019 through the end of last year, while the Philippines was more resilient, according to the new report by Freedom House, a non-profit headquartered in Washington.

        “The Chinese government, under the leadership of President Xi Jinping, is accelerating a massive campaign to influence media outlets and news consumers around the world. While some aspects of this effort use the tools of traditional public diplomacy, many others are covert, coercive, and potentially corrupt,” the report said in giving an overview of Beijing’s media influence push across the globe.

      • New York TimesArab States Demand That Netflix Drop ‘Offensive Content’ – The New York Times

        Egypt joined six Gulf Arab nations in insisting that streaming services take down programs that go against “societal values.”

      • The AtlanticSalman Rushdie, Free Speech, and Violence – The Atlantic

        In August, the author Salman Rushdie was stabbed in the neck. The novelist has spent decades living under the threat of a hit put out by Ayatollah Ruhollah Khomeini in 1989. The religious directive was a response to Rushdie’s novel The Satanic Verses, which Khomeini regarded as blasphemous. For many, the attack was an opportunity to reflect on the importance of free expression, and a reminder of the clear distinction between speech and violence.

        For others, it was an opportunity to remind others of the clear distinction between speech and violence, which is something that all those snowflake libs, who are sort of like the fanatic who stabbed Rushdie in the neck, should take to heart.

        “We live in a culture in which many of the most celebrated people occupying the highest perches believe that words are violence,” Bari Weiss wrote on her Substack, citing no one in particular. “In this, they have much in common with Iranian Ayatollah Ruhollah Khomeini.” She added that “of course it is 2022 that the Islamists finally get a knife into Salman Rushdie. Of course it is now, when words are literally violence and J.K. Rowling literally puts trans lives in danger and even talking about anything that might offend anyone means you are literally arguing I shouldn’t exist.”

      • RFAChina’s state media urged not to stray from party line, dumb down ideology — Radio Free Asia

        The head of China’s state news agency has pledged never to swerve from the ruling Chinese Communist Party (CCP) line or from supporting incumbent leader Xi Jinping as he gears up to seek an unprecedented third term in office at the 20th CCP National Congress in October.

        Xinhua news agency president Fu Hua said his journalists shouldn’t take leave of the party line, Xi Jinping Thought or core propaganda themes “not even for a minute.”

        “Xinhua will never depart from the party line, not even for a minute, nor stray from the path laid down by general secretary Xi Jinping, not even for a minute, nor lose sight of General Secretary Xi Jinping and the Central Committee, not even for a minute,” Fu wrote in a Sept. 2 article for the Cyberspace Administration publication ChinaNetNews.

        Fu’s pledge was explicitly linked to the run-up to the 20th party congress, and called on Xinhua to “give the strongest voice to the party’s ideas” during that time.

      • RFAVietnamese authorities walk back decision ordering artist to destroy 29 paintings — Radio Free Asia

        The Ho Chi Minh City People’s Committee reversed a decision ordering a popular Vietnamese poet and artist to destroy 29 of his works because he hosted an exhibition in July without a permit, he told RFA.

        Bui Quang Vien, better known by his pen name Bui Chat, held the exhibition from July 15-30 at the city’s Alpha Art Station. Authorities on Aug. 9 fined him 25 million dong (about U.S. $1,000) and ordered the destruction of 29 of his abstract paintings, an unprecedented move critics called a “step backward” even in a country known for heavy censorship.

        Authorities summoned the painter on Aug. 31 to inform him they had made a new decision on his case, and he received official notification on Monday, he told RFA’s Vietnamese Service.

      • Deutsche WelleForced abroad, Russian independent media continue fight against censorship | News | DW | 08.09.2022

        Russia has sentenced a former star journalist to jail and revoked the license of a Kremlin-critical newspaper, further tightening the screws on independent media. Getting uncensored information is harder than ever.

      • ReasonCloudflare Can Cancel Service to Awful Sites Like Kiwi Farms. But Should It?

        There’s been ample cheering over the internet intermediary company Cloudflare canceling services to the controversial 8chan heir Kiwi Farms. If history is any indication, however, Cloudflare’s decision will do little to stop online hate and harassment. Meanwhile, it moves us yet another step further from the sort of neutrality that’s typically guided internet infrastructure companies (that is, things like web hosting, cybersecurity, and newsletter services). And the further we stray from this neutrality, the worse the consequences for all sorts of online speech and organizing.

        Cloudflare is a private business, and perfectly free to drop services to any entity it likes. But whether it should—and whether it made the right call with Kiwi Farms—is up for debate.

      • ViceTwitter Experiences Intermittent Outages Following Death of Queen Elizabeth II

        Several users are reporting being unable to access Twitter after the death of Queen Elizabeth II.

        The Internet Observatory, an organization that tracks outages and instances of internet censorship around the world, reported “international outages.”

        The website Downdetector, which allows users to report issues with websites, showed hundreds of users reporting the social media platform being down and unreachable.

      • New York TimesBattling Violence and Censors, Women in China Become ‘Invisible and Absent’ – The New York Times

        The Chinese Communist Party has long promoted gender equality as a core tenet, but as cases of gender abuse make headlines, Beijing has tried to squelch dissent and control the narrative.

    • Freedom of Information / Freedom of the Press

      • CPJSpain is set to reform ‘gag law,’ but press freedom groups are skeptical – Committee to Protect Journalists

        In May, Diego Díaz Alonso, editor of Spanish non-profit news outlet Nortes, was surprised to receive a 601 euro (US$611) fine in the mail. The letter claimed that Díaz Alonso had resisted police and obstructed emergency services as they were treating a homeless person lying unconscious in the street in Gijón, in northern Spain, the previous summer. But Díaz Alonso told CPJ he was at the scene as a journalist and did not resist or obstruct anyone. He said that his July 2021 report alleging excessive police force against the homeless is what drew the authorities’ ire–and the fine.

    • Civil Rights/Policing

      • OWPAn Overdue Reckoning: The Napalpí Ruling And Indigenous Repression In Argentina – The Organization for World Peace

        In May, Voice of America reported that a court in Resistencia held the Argentinian state responsible for committing “crimes against humanity” in July 1924, when police and settlers massacred around 400-500 indigenous Qom and Moqoit peoples for protesting slave-like working conditions in the Napalpí reservation. Judge Zunilda Niremperger ordered the state to pay “historic reparations”, although these will not include financial compensation.

        On July 19th 1924, a group of 130 men, armed to the teeth with Winchester rifles, surrounded indigenous encampments and opened fire indiscriminately, killing countless men, women, and children. The assailants then hacked anyone left standing to death with machetes and hunted down witnesses for weeks.

    • Internet Policy/Net Neutrality

      • James GBuilding an ‘on this day’ feature for my website | James’ Coffee Blog

        “on this day,” in the context of the web, refers to a tool that lets you see what you have posted on a particular day over a previous time period, typically over years. I have been thinking about this idea since the IndieWebCamp Berlin event, after seeing David’s personal website with a “this week” section. This section shows all of David’s posts from a given week in the past.

        The concept of being able to see what I have posted in the past intrigues me, serving as a reminder that my website is a growing being. Additionally, a page that shows old posts on a given day raises the profile of some of my older posts that may be further in my archives, particularly those that are not featured on a prominent category (i.e. coffee or the IndieWeb on this site). I could bring a bit more serendipity to my site for both users and myself.

  • Gemini* and Gopher

    • Personal

    • Technical

      • Programming

        • Assembly Calling

          I’ve been itching to code in assembly for a few weeks now. It’s just a part of my cycle – getting tired of the complexity and bulk of high-level languages and wanting to do something direct and simple – and what is more direct than coding assembly-language instructions on a CPU?


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Links 11/09/2022: FLAC 1.4.0 and Twitter Gives Whistle-Blower $7.75 Million ‘Hush Money’

Posted in News Roundup at 7:37 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Linux LinksLinux Around The World: USA – Tennessee – LinuxLinks

      Tennessee is a state in the Southeastern region of the United States. It is bordered by Kentucky to the north, Virginia to the northeast, North Carolina to the east, Georgia, Alabama, and Mississippi to the south, Arkansas to the southwest, and Missouri to the northwest.

    • Audiocasts/Shows

    • Applications

    • Instructionals/Technical

      • DTUpdating SailfishOS | dt.iki.fi

        The phone will alert you that there’s an update. Go to Settings => Sailfish OS Updates.
        As always, backup first.
        Then, download the update.
        I get a message that I need to “remove or revert the following packages”.
        Time to look around for help, like the release notes for the version you’re updating to.

      • Linux CapableHow to Install VeraCrypt on Debian 11 Bullseye

        VeraCrypt is a free, open-source disk encryption software for Windows, macOS, and Linux. It can encrypt whole partitions or storage devices and is also capable of creating Encrypted Virtual hard drives. VeraCrypt is an excellent tool for ensuring the confidentiality of your data. It is easy to use and offers a wide range of features, making it an ideal choice for both beginners and experienced users; especially being highly customizable, you can tailor it to your specific needs. VeraCrypt is a perfect solution for anyone who wants to keep their data safe and secure.

        The following tutorial will teach you how to install VeraCrypt on Debian 11 Bullseye using a third-party repository with the command line terminal with how to import and install, update, and, if required, remove.

      • TecAdminWhat’s the Difference Between Public, Default, Protected and Private Members in Java – TecAdmin

        Access modifiers are special keywords that define the accessibility or scope of a member. We can specify how other code can interact with specific methods or variables within or outside classes and packages. Like many programming concepts, access modifiers are simple in practice but can seem confusing at first. Once you understand them, they can help make your code more readable and maintainable.

      • Linux CapableHow to Install Hare Lang on Fedora 36 Linux

        Hare is a systems programming language designed to be simple, stable, and robust. It uses a static type system, manual memory management, and minimal runtime. As a result, it is well suited to writing operating systems, system tools, compilers, networking software, and other low-level, high-performance tasks. The language has a clean and consistent syntax that makes it easy to learn and read. In addition, the Hare compiler is extremely fast, making it possible to iterate on code changes rapidly. Hare offers an excellent balance of power and efficiency, making it an ideal choice for systems programming.

        The following tutorial will teach you how to install Hare on Fedora 36 Linux using a COPR repository using the command line terminal and an example hello world output test using Hare to verify the installation was successful using CLI.

      • Linux CapableHow to Install Wike on Fedora 36 Linux

        Wike is a lightweight and open-source Wikipedia reader app for Linux-based GNOME desktops. It was written and developed in Python by Hugo Olabera. Wike makes use of the MediaWiki API to fetch content from Wikipedia. The app has a minimalist interface, with just a search bar and a sidebar for navigation, and articles are displayed in a simple, easy-to-read format. Wike also supports dark mode, so you can easily read articles at night or in low-light conditions. Overall, Wike is an excellent option for anyone looking for a fast and lightweight way to view Wikipedia articles on their Linux desktop.

        The following tutorial will teach you how to install Wike on Fedora 36 Linux using a COPR repository using the command line terminal.

      • Linux CapableHow to Install Neovim on Linux Mint 21 LTS

        Vim is a highly configurable text editor built to make creating and changing any kind of text very efficient. It is an almost entirely compatible version of the Unix editor Vi. Many new features have been added: multi-level undo, syntax highlighting, command line history, online help, filename completion, block operations, foldings, Unicode support, etc.

        Neovim is a project that seeks to aggressively refactor Vim source code to provide feature parity with Vim and additional wide-ranging capabilities for plugins and scripting languages that current versions of Vim lack. This will include a better plugin architecture, improved documentation and tutorials, a logo, and website rebranding. Neovim has an exemplary default configuration for modern systems out of the box. However, it retains much of the flexibility and configurability that made Vim so famous in the first place; experienced users can still fine-tune Neovim to their particular workflow. Also, plugins can be written in any programming language and extended using arbitrary APIs, making Neovim an excellent platform for anything from quick notes to full-scale project development.

      • CitizixHow to install and configure Pritunl in Rocky Linux/ Alma Linux 9

        In this guide we will learn how to install and configure Pritunl vpn server in Rocky Linux 9. Pritunl is a free and open source enterprise distributed VPN server. It allows you to virtualize your private networks across datacenters and provide simple remote access in minutes. It utilizes a graphical interface that is friendly and easy to use to the user. It is secure and provides a good alternative to the commercial VPN products.

    • Games

      • Boiling SteamIntroducing Nils, Our New Team Member – Boiling Steam

        Nils is our new member at Boiling Steam. You may have already seen his first video about How to Make A Video Game in Godot in 10 minutes, which is proving very useful to get you started in Godot. He has got a lot more coming in the next few weeks. In the meantime, we wanted you to get to know him a little more!

        Nils started experimenting with Linux with dual booting since 2005, when “What do you mean I can install stuff from the repo with one line, and there are a bunch of games there too?” changed everything for him. Nils has then been using Linux exclusively since 2020 to avoid intrusion and bloatware. His favorite style of games are the ones that “don’t feel like doing chores; I have my own daily tasks to finish.”

  • Distributions and Operating Systems

    • Debian Family

      • Russell Coker & Debian: September 11 Islamist sympathy

        One of the more unusual discussions on the debian-private (leaked) gossip network are the numerous flame wars that errupted after the September 11 attacks in New York and the Pentagon.

        Some developers wanted to express sympathy, others wanted to condemn and some even demanded revenge.

        At a high level, this is the type of discussion that thought police have sought to banish by carpet-bombing free software organizations with codes of conduct/obedience. Today we will sneak into the time machine and listen to the forbidden music.

        At the time Russell Coker sent the email about Palestine, news reports were telling us about Palestinians celebrating the attacks. Was Coker inspired by that or was his email a mere coincidence? The controversial video is available here.

        Anybody writing a message like this today would be expelled/banned/censored immediately by the thought police.

  • Leftovers

    • Education

      • Teen VogueStudent Loan Forgiveness Critics Are Wrong About Who Benefits and Why

        Opponents of the current student debt forgiveness proposal have several reasons for believing the policy is terrible, including, particularly, that only the very rich will benefit (i.e., it’s regressive) and that those who need to have their debt forgiven are financially irresponsible. But these views fail to address how race, wealth, and gender construct different economic realities for different people.

      • The AtlanticYour Career Is Just One-Eighth of Your Life

        In this wobbly economic moment, I thought that sharing the best actual-career advice I’ve come across might be marginally useful. This counsel is surely weighted toward white-collar knowledge work, although I hope it’s at least somewhat valuable to any reader.

    • Health/Nutrition/Agriculture

      • NPRHow the polarizing effect of social media is speeding up

        In his new book, The Chaos Machine, Fisher details how the polarizing effect of social media is speeding up. He joined All Things Considered to talk about why tech companies benefit from this outrage, and the danger it could pose to society.

      • BBCAir pollution cancer breakthrough will rewrite the rules

        Crucially, the researchers were able to stop cancers forming in mice exposed to air pollution by using a drug that blocks the alarm signal.

        The results are a double breakthrough, both for understanding the impact of air pollution and the fundamentals of how we get cancer.

      • ASU receives 1st cryptocurrency gift to support clean air work

        The first cryptocurrency donation to the university is a $300,000 gift from Balvi, a direct giving fund established by Vitalik Buterin, the co-creator of Ethereum. This donation will support ASU’s Clean Indoor Air Project, a public health initiative focused on increasing awareness about the importance of indoor air quality, improving access to portable indoor air cleaners and evaluating the performance of DIY air cleaners in under-ventilated K–12 classroom environments.

      • 51+ Scary Smartphone Addiction Statistics for 2022 [Nomophobia on the Rise]

        The average smartphone owner unlocks their phone 150 times a day.

        Using smartphones for longer intervals of time changes brain chemistry.

      • [Old] Signs and Symptoms of Cell Phone Addiction

        Although cell phone addiction is not yet listed in the Diagnostic and Statistical Manual of Mental Disorders, 5th Edition (DSM-5), research has compared it to gambling addiction, which has clearer diagnostic criteria and is included in the DSM-5.

        At least 4 of the following signs and symptoms are thought to comprise criteria for cell phone addiction, and the problematic cell phone overuse must cause significant harm in the individual’s life:2,3

      • [Old] Psychology TodayThe New Skinner Box: Web and Mobile Analytics: We are all now part of the greatest behavioral experiment in history.

        The same rules apply on computer and mobile-based social media sites. This table presents some of the variables BF Skinner would manipulate to perform his experiments along with the web and mobile analytics that correspond to each variable. By examining how you proceed through a website and which pages you spend the most time on, companies learn to maximize your engagement in their products or services.

      • [Old] MediumThe Psychology Behind the Urge to Check Your Phone

        Not so long ago, I started seeing a correlation between the time spent on social media and my overall productivity levels. And the correlation was dramatic.

        Every single workday without social media turned out 2 to 4 times more productive than otherwise 100% of the time.

        But even though I know that social media may potentially mess me up, I keep checking Facebook throughout the day, most days. Why?

      • [Old] The AtlanticSkinner Marketing: We’re the Rats, and Facebook Likes Are the Reward: Our Internet handlers are using operant conditioning to modify our behavior.

        We’re entering the age of Skinnerian Marketing. Future applications making use of big data, location, maps, tracking of a browser’s interests, and data streams coming from mobile and wearable devices, promise to usher in the era of unprecedented power in the hands of marketers, who are no longer merely appealing to our innate desires, but programming our behaviors.

      • [Old] What Is a Skinner Box?

        When the animal pushes the button or lever, the box is able to deliver a positive reinforcement of the behavior (such as food) or a punishment (such as noise) or a token conditioner (such as a light) that is correlated with either the positive reinforcement or punishment.

      • Dual mechanisms of reinforcement reward and habit in driving smartphone addiction

        [...] This study is one of the first ones that assess the interplay between the two formation mechanisms in the extant literature on smartphone addiction. This study also reveals the dangers of smartphone features which have always been regarded as advantages. The findings contribute to the current understandings of smartphone addiction.

      • [Old] NIHA Double-Edged Impact of Social Smartphone Use on Smartphone Addiction: A Parallel Mediation Model

        Evidence supports predictive roles of non-social smartphone use for smartphone addiction, but the relationship of social smartphone use and smartphone addiction is unclear. This study explored whether social smartphone use has a double-edged impact on smartphone addiction. Using data from a sample of 909 Chinese undergraduates, we tested a parallel mediation model that considered online social support and realistic social support as mediators. As predicted, social smartphone use weakened smartphone addiction through realistic social support and contributed to smartphone addiction through online social support. Moreover, we tested the moderating role of agreeableness in the mediation path of online social support. Agreeableness only moderated the indirect effects. Specifically, the predictive effects of online social support on smartphone addiction was greater for lower rather than higher agreeableness. The results suggest that social needs play an important role in the formation of smartphone addiction. Several limitations and implications are also discussed herein.

      • [Old] Smartphone Addiction: How Technology Affects Public Health and Social Relationships

        The signs and symptoms of smartphone addiction are similar to those of other addictions such as compulsive gambling and drug abuse. These include anxiety, depression and behavioral issues, as well as strained personal relationships. For example, a person struggling with gambling may become easily irritated when they cannot place a wager. In individuals with smartphone addiction, feelings of anxiety or irritability arise when they are not near their phones.

    • Proprietary

      • VOA NewsUkraine Warns Russian Cyber Onslaught Is Coming [iophk: Windows TCO]

        The attacks, according to an assessment shared Friday by a top Ukrainian cyber official, are expected to include precision cyber strikes, combining virtual efforts against key systems with physical action targeting critical infrastructure as winter approaches.

        “We saw this scenario before,” Deputy Minister of Digital Transformation Georgii Dubynskyi told reporters on the sidelines of a cybersecurity conference in Washington.

    • Security

      • Integrity/Availability/Authenticity

        • USENIXWho Are You (I Really Wanna Know)? Detecting Audio DeepFakes Through Vocal Tract Reconstruction

          Generative machine learning models have made convincing voice synthesis a reality. While such tools can be extremely useful in applications where people consent to their voices being cloned (e.g., patients losing the ability to speak, actors not wanting to have to redo dialog, etc), they also allow for the creation of nonconsensual content known as deepfakes. This malicious audio is problematic not only because it can convincingly be used to impersonate arbitrary users, but because detecting deepfakes is challenging and generally requires knowledge of the specific deepfake generator. In this paper, we develop a new mechanism for detecting audio deepfakes using techniques from the field of articulatory phonetics. Specifically, we apply fluid dynamics to estimate the arrangement of the human vocal tract during speech generation and show that deepfakes often model impossible or highly-unlikely anatomical arrangements. When parameterized to achieve 99.9% precision, our detection mechanism achieves a recall of 99.5%, correctly identifying all but one deepfake sample in our dataset. We then discuss the limitations of this approach, and how deepfake models fail to reproduce all aspects of speech equally. In so doing, we demonstrate that subtle, but biologically constrained aspects of how humans generate speech are not captured by current models, and can therefore act as a powerful tool to detect audio deepfakes.

      • Privacy/Surveillance

        • Fast CompanyA showdown between an ad tech firm and the FTC will test the limits of U.S. privacy law

          The lawsuit, filed on August 29, is part of a broader push for stronger limits on personal data under FTC Commissioner Lina Khan. In July, the agency said it would crack down on efforts to stop the illegal sharing of health data in the wake of the Supreme Court’s overturning of Roe v. Wade and an executive order by President Biden to protect reproductive rights. Last month it began seeking public comment for a set of new rules on “commercial surveillance.” (​​The agency will hold a public livestreamed forum on the issue today.) The rules could ultimately be superseded by a new bipartisan federal privacy bill, the American Data Privacy and Protection (ADPPA), if Congress were to pass it, but Khan has called the rulemaking an important step if that doesn’t happen.

        • OONIUser Guide: OONI Test Lists Editor

          The OONI Test Lists Editor enables the public to review and contribute to the lists of websites (“test lists”) that are tested for censorship by OONI Probe users around the world.

          This user guide provides step-by-step instructions on how to use the Test Lists Editor to review and contribute websites for censorship testing.

          Upon reading this guide, we hope you will feel empowered to contribute to test lists!

        • YLEStricter enforcement of restraining orders likely in 2023

          “I think that some type of ankle bracelet should be used to monitor where a person is moving around. If they head close to the victim, the device would beep and sound an alarm,” Minister of Justice Anna-Maja Henriksson (SPP) told Yle.

        • IT WireInvestor lawsuit against SolarWinds over breach dismissed

          Investors sued the directors of the company, claiming they were aware of the risks that the firm’s software posed, but failed to act to prevent devastating attacks that came to light in 2020. The attacks were given the moniker SUNBURST.

          The suit was filed on 4 November 2021 in the Delaware Chancery Court, by the Construction Industry Labourers Pension Fund, the Central Labourers’ Pension Fund, and two individual investors.

        • USENIXOpenVPN is Open to VPN Fingerprinting

          VPN adoption has seen steady growth over the past decade due to increased public awareness of privacy and surveillance threats. In response, certain governments are attempting to restrict VPN access by identifying connections using “dual use” DPI technology. To investigate the potential for VPN blocking, we develop mechanisms for accurately fingerprinting connections using OpenVPN, the most popular protocol for commercial VPN services. We identify three fingerprints based on protocol features such as byte pattern, packet size, and server response. Playing the role of an attacker who controls the network, we design a two-phase framework that performs passive fingerprinting and active probing in sequence. We evaluate our framework in partnership with a million-user ISP and find that we identify over 85% of OpenVPN flows with only negligible false positives, suggesting that OpenVPN-based services can be effectively blocked with little collateral damage. Although some commercial VPNs implement countermeasures to avoid detection, our framework successfully identified connections to 34 out of 41 “obfuscated” VPN configurations. We discuss the implications of the VPN fingerprintability for different threat models and propose short-term defenses. In the longer term, we urge commercial VPN providers to be more transparent about their obfuscation approaches and to adopt more principled detection countermeasures, such as those developed in censorship circumvention research.

      • Confidentiality

        • USENIX“It’s stressful having all these phones”: Investigating Sex Workers’ Safety Goals, Risks, and Practices Online

          We investigate how a population of end-users with especially salient security and privacy risks — sex workers — conceptualizes and manages their digital safety. The commercial sex industry is increasingly Internet-mediated. As such, sex workers are facing new challenges in protecting their digital privacy and security and avoiding serious consequences such as stalking, blackmail, and social exclusion. Through interviews (n=29) and a survey (n=65) with sex workers in European countries where sex work is legal and regulated, we find that sex workers have well-defined safety goals and clear awareness of the risks to their safety: clients, deficient legal protections, and hostile digital platforms. In response to these risks, our participants developed complex strategies for protecting their safety, but use few tools specifically designed for security and privacy. Our results suggest that if even high-risk users with clear risk conceptions view existing tools as insufficiently effective to merit the cost of use, these tools are not actually addressing their real security needs. Our findings underscore the importance of more holistic design of security tools to address both online and offline axes of safety.

    • Defence/Aggression

      • NPRHere’s why the risk of a nuclear accident in Ukraine has ‘significantly increased’

        “Let me be clear, the shelling around Zaporizhzhia nuclear plant must stop,” IAEA Director General Rafael Mariano Grossi said in a brief recorded statement released on Friday.

        Grossi also warned that the continued fighting might require the plant to shut down its last operating reactor. That would set into motion a chain of events that could intensify the current nuclear crisis. Here’s how.

      • BBCSweden election: Gang [sic] shootings cast shadow over vote

        A sharp rise in gun violence and gang [sic] crime has become a leading issue in what Sweden’s media have described as one of the ugliest election campaigns in history.

      • SalonBiden’s speech worked: Nearly 6 in 10 Americans agree MAGA is a threat to democracy

        It would be an overstatement to suggest Biden caused Americans to wake up to the threats with a single speech. He was helped by a summer-long news cycle that provided the evidence for his claim so that by the time he made it, voters were ready to listen.

      • Statement by the North Atlantic Council concerning the malicious cyber activities against Albania

        1. We stand in solidarity with Albania following the recent cyber attack on its national information infrastructure. Allies acknowledge the statements by Albania and other Allies attributing the responsibility for the cyber attack to the Government of Iran. We strongly condemn such malicious cyber activities designed to destabilise and harm the security of an Ally, and disrupt the daily lives of citizens. NATO and Allies support Albania in strengthening its cyber defence capabilities to withstand and repel such malicious cyber activities in the future. [...]

      • USAStatement by NSC Spokesperson Adrienne Watson on Iran’s Cyberattack against Albania

        Iran’s conduct disregards norms of responsible peacetime State behavior in cyberspace, which includes a norm on refraining from damaging critical infrastructure that provides services to the public. Albania views impacted government networks as critical infrastructure. Malicious cyber activity by a State that intentionally damages critical infrastructure or otherwise impairs its use and operation to provide services to the public can have cascading domestic, regional, and global effects; pose an elevated risk of harm to the population; and may lead to escalation and conflict.

      • The United KingdomUK condemns Iran for reckless cyber attack against Albania

        These cyber attacks are the latest in an increasingly reckless pattern of behaviour by Iran. Iranian-linked cyber actors have a number of powerful disruptive and destructive tools at their disposal. The UK has previously attributed and advised on a number of cyber incident by Iranian actors: [...]

    • Environment

      • Energy

        • [Old] Exotic and sustainable, night trains are coming back to Europe

          In this case, it’s a trans-European night train network that would consist of 40 international long-distance lines. By 2030, it would connect more than 200 cities and places across Europe, from Lisbon in the west to Moscow in the east, and from Helsinki in the north to Málaga in the south.

    • AstroTurf/Lobbying/Politics

      • VarietyElon Musk Says Twitter’s $7.75 Million Severance Payment to Whistle-Blower Is Another Reason He’s Justified in Nixing Deal

        “Twitter did not seek Defendants’ consent… before making this payment nor was this payment disclosed to Defendants,” the letter, disclosed in an SEC filing Friday, said. “In fact, Defendants only learned of this payment when Twitter filed the separation agreement with the court on September 3, 2022.”

      • The VergeElon Musk sends yet another notice trying to terminate the Twitter deal

        Elon Musk has sent a third letter to Twitter attempting to terminate his $44 billion acquisition of the company. Musk’s legal team cited Twitter’s multimillion dollar severance payment to former security chief and whistleblower Peiter Zatko as a violation of the merger agreement and a reason to end the deal. The letter, dated September 9th, was sent to Twitter’s chief legal officer Vijaya Gadde, and was included in a filing Twitter made with the SEC on Friday (which you can read at the bottom of this article).

        Last month, Zatko made headlines by accusing Twitter of misleading investors about the number of bots on the service, failing to delete users’ data, and having poor security practices, among other things. Musk jumped on the accusations, citing them in his second termination letter and subpoenaing Zatko to testify in the lawsuit. Zatko was set to be deposed on Friday.

      • The VergePresident Joe Biden speaks after groundbreaking for Intel’s $20 billion semiconductor plant

        Intel had previously delayed the plant’s July groundbreaking ceremony because its plans largely relied “on funding from the CHIPS Act,” which Congress had yet to pass. But after a summer of negotiations, Biden signed the $280 billion tech and science bill last month, calling it “a once in a generation investment in America itself.”

      • Misinformation/Disinformation

    • Censorship/Free Speech

      • The HillHillicon Valley — Klobuchar pulls committee vote on tech bill

        The amendment passed in a 11-10 vote. Sen. Jon Ossoff (D-Ga.), who is isolating in India after testing positive for COVID-19, was not present and did not provide a proxy vote either way on the amendment — giving the GOP senators an upper hand.

        The underlying bill would grant newsrooms that employ fewer than 1,500 full-time employees — a cap essentially aimed at excluding the country’s three largest newspapers and national broadcasters — the ability to collectively negotiate with dominant tech platforms, like Google and Facebook, to be compensated for distributing their content.

    • Civil Rights/Policing

      • Hollywood ReporterCondé Nast Voluntarily Recognizes Union

        The union was voluntarily recognized after a card check took place on Friday afternoon, the NewsGuild of New York — the union that workers aligned themselves with — announced later that day. The bargaining units involved include 500 staffers working across video, editorial and production at brands including Allure, Architectural Digest, Bon Appétit, Condé Nast Traveler, Epicurious, Glamour, GQ, Self, Teen Vogue, them., Vanity Fair and Vogue as well as Condé Nast Entertainment, and encompasses around 100 subcontracted workers. The four new bargaining units involved are called U.S. Digital Video Production, Programming and Development; Editorial Brands and Centers of Excellence; Commerce; and Audience Development and Social. (The NewsGuild of New York already represents workers at The New Yorker, Wired, Pitchfork and Ars Technica.)

      • NPRA Black pastor sues the police who arrested him while watering his neighbors’ flowers

        The attorneys representing Jennings said the release of the body camera video will furthermore clear the way for “legal action against the officers and more.”

        “This video makes it clear that these officers decided they were going to arrest Pastor Jennings less than five minutes after pulling up and then tried to rewrite history claiming he hadn’t identified himself when that was the first thing he did,” Daniels said in a statement to NPR.

      • ABCSouth Dakota tribes buy land near Wounded Knee massacre site

        The Oglala Sioux and the Cheyenne River Sioux said the purchase of the land on the Pine Ridge Indian Reservation was an act of cooperation to ensure the area was preserved as a sacred site. More than 200 Native Americans — including children and elderly people — were killed at Wounded Knee in 1890. The bloodshed marked a seminal moment in the frontier battles the U.S. Army waged against tribes.

    • Internet Policy/Net Neutrality

      • India TimesEU to consult on making Big Tech contribute to telco network costs

        ETNO, Europe’s lobby for telecoms operators, said in a report in May that more than half of the global network traffic is attributable to six firms: Google, Facebook, Netflix, Apple, Amazon and Microsoft.

        These firms have argued that the introduction of any new financial contribution would challenge “net neutrality”, or the principle that internet service providers should enable access to all content and applications regardless of their source.

      • [Old] I ran the worlds largest DDoS-for-Hire empire and CloudFlare helped

        I agree with CloudFlare’s analogy, the fire department should respond to a fire at any home regardless of who lives in it. However this real world example is not an accurate representation of the situation CloudFlare is presenting. As the operator of the largest DDoS-for-Hire empire in the history of the internet, I have a unique perspective on the situation CloudFlare finds themselves in.

    • Monopolies

      • India TimesGoogle, Apple facing anti-competitive complaint in Mexico

        His complaint accuses Apple and Google of “completely inhibit(ing) competition” by “taking advantage of their monopoly in app stores to tie use of their own payment processing systems for in-app purchases.”

  • Gemini* and Gopher

    • Personal

      • Penny ‘splaining

        Among my collection of unusual cycles I have a penny farthing. I bought it after spending a few years thinking about the idea and talking to those around me about potentially buying one (to my wife’s horror). During that time I obviously read all I could about them. How they came to be, the advantages and disadvantages. Eventually I decided I would buy one, despite the significant expense and person who made it to being very clear in potential draw backs (he should get an award for truth in advertising). I have now owned and ridden it for more than two years on a very regular basis (I frequently use it for commuting).

    • Technical

      • Daily-Driving the PinePhone

        Yesterday was the first day I went outside my house with the intent to daily-drive the PinePhone. This included swapping the SIM-card from my old Android into the PinePhone. I still had my old Android with me though, if anything went wrong. So how did it go? I would neither call it a success nor a complete failure. Maybe a success with a bit of unluck would be the most fitting description.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Links 11/09/2022: MiTubo 1.3 and Haiku Activity Report

Posted in News Roundup at 4:38 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • VideoDebunking 7 Myths About Immutable Linux Distros – Invidious

        Immutable Linux distros are this fangled way of using Linux and as one might expect it comes with it’s detractors even for things that aren’t real problems

      • VideoGTA Online – The Casual Criminals • ep1 // Linux – Invidious

        A pre-preview “episode” of Casual Criminals, a series where a pair of dirt bags in GTA online fumble around looking for easy money but usually only finding trouble, a jail cell, a hospital bed, or all of the above. The POV is from Teal1500 (so, not me) and shot in first-person because I really like the immersive feel that GTA has and I think it lends itself well to a silly RP like this because of how jank GTA’s controls are. I’ve been role playing my character in GTA for a while and I thought it would be fun to try to put a story together for him. Teal and I recorded this video from Teal’s perspective to see if doing a GTA roleplay would be any good. As it turns out, it is! Not entirely sure how much effort (if any) I will put into maintaining this “series”. I have one more episode planned but if y’all think it’s good, I might put together a few more.

      • VideoOh No, My Favorite Websites Got SHUT DOWN (again) – Invidious

        Kiwi farms and some other sites that would probably hurt the algorithm if I put them in this description got shut down, and Kiwi got all its archives purged from archive.org. Internet censorship is going to continue to grow, the threshold for being “harmful and or dangerous” will continue to lower.

    • Kernel Space

      • FreeBSDSharing Dual-Licensed Drivers between Linux and FreeBSD | FreeBSD Foundation

        As a silicon vendor, allowing device driver source code to be shared between Linux, FreeBSD, and other operating systems brings several benefits, including a potentially increased market, and additional collaboration effort resulting in increased test coverage and bug fixes.

        Linux and FreeBSD are both Open Source UNIX-like operating systems. Both have a long development history and are maintained by sizable development teams consisting of professional, volunteer, academic and hobbyist contributors. Both are capable of high performance in demanding production applications.

        However, one area where they differ is in the license: Linux is licensed under the GNU General Public License (GPL) while FreeBSD uses the permissive Berkeley Software Distribution (BSD) license. The GPL is a reciprocal, “share-alike” license, sometimes called a viral license: derivative works of a GPL project must also be made available under the same license terms. In contrast, the BSD license allows FreeBSD to be used as a component of other projects but does not require that the derivative source code be shared. Some companies build products using unmodified FreeBSD, or share their modifications; examples include Netgate (pfSense), Netflix (streaming content distribution) and iXsystems (TrueNAS). Other companies like NetApp, Sony, and Apple build products that reuse parts of FreeBSD in proprietary software.

        It is possible to share driver source code between multiple operating systems to reduce development costs. In order to do so there are at least two aspects to consider: license compatibility, and architecture and interface compatibility.

    • Applications

      • Its FOSS10 Destructive Linux Commands You Should Never Run

        I have been asked this question numerous times and I have avoided answering that because there is no definite list of dangerous Linux commands.

        You have the tools that enable you to control and modify every aspect of your operating system. I am not trying to scare you but if you are unfamiliar with the commands and tools, you can screw up your system pretty easily.

        Imagine the scenario of a young child in a household. There are numerous ways the kid can hurt herself. But does this mean the child should not be allowed outside the crib? That would be damaging to her growth.

        This is where parents set boundaries and guide the child. Don’t go near the fire. Don’t poke your fingers in the power outlets. As the child grows and gains experience, she can turn the stove on, make a fire in the fireplace and plug in the power cables.

      • MiTubo 1.3: sorting of QML ListView via Drag-Drop | Mardy

        One feature that I’ve been asked to add to MiTubo, and that indeed becomes more and more important as the number of subscriptions increases, is the ability to group subscriptions into folders. I’ve spent a good amount of time implementing the needed support in the C++ backend, which is now able to handle nested folders too, but given that building the UI parts was not a quick task and seeing how much time has passed since the last release, I thought of releasing a partial implementation of the whole feature, consisting only of the ability to manually sort the subscriptions via drag&drop (that, is no folder support). It turns out this is already not a trivial work!

        I found a nice tutorial on ListView DnD sorting by the great Aurélien Gâteau which I found very inspiring, and while I didn’t actually reuse the same code (mostly because I was already halfway through with my implementation, which I started before finding his tutorial), it was helpful to have it as a reference.

      • Amberol – SparkyLinux

        A small and simple sound and music player that is well integrated with GNOME. Amberol aspires to be as small, unintrusive, and simple as possible. It does not manage your music collection; it does not let you manage playlists, smart or otherwise; it does not let you edit the metadata for your songs; it does not show you lyrics for your songs, or the Wikipedia page for your bands. Amberol plays music, and nothing else.

    • Instructionals/Technical

      • Tom’s HardwareHow to Turn a Raspberry Pi Into a Wi-Fi Access Point

        The latest Raspberry Pi OS release saw a beta of Network Manager, a tool new to the Raspberry Pi that replaces dhcpcd as a means to manage networking on the Pi. This new tool provides us with a simple, GUI based means to configure a spare Raspberry Pi as a wireless access point. If you need to extend a networking setup, add Wi-Fi to those hard to reach places, then this is for you.

        We’re going to go through the steps necessary to configure a Raspberry Pi as a wireless access point, and have the access point start whenever the Pi is booted. Best of all, this project will work with the Raspberry Pi 3B, 3B+ and the latest Raspberry Pi 4.

      • The Things Spammers Believe – A Tale of 300,000 Imaginary Friends

        That said, at the time in the mid noughties this greytrapping setup was announced, we had been battling scammy spam email and malicious software that also abused email to spread for some years, and we were eagerly looking for new ways to combat the spam problem which tended to eat into time and resources we would rather have used on other things entirely.

        With that backdrop, collecting made up or generated, invalid email addresses in our home domains from various logs as traps for spammers seemed like an excellent joke and a fun way to strike back at the undesirables who did their damnedest to flood our users’ mailboxes.

      • Omar PoloRunning gotwebd behind nginx

        When I migrated my web server to OpenBSD some months ago (finally!) I decided to move from cgit to gotwebd too. To be fair, initially it wasn’t a pleasure because, as gotwebd was heavily work in progress, there wasn’t proper documentation, there were some bugs and so on. Lately however, with the 0.75 release approaching, the man pages were written and gotwebd become more stable too. I don’t regret the decision to move to it and I’m rather happy now.

        If you’re using OpenBSD running it is a no-brainer: on the latest -CURRENT you’ll find a `gotwebd’ package that includes the rc.d(8) script and the instructions on how to run it with httpd(8) in the manual. What’s the situations for other systems?

      • ID RootHow To Install RawTherapee on Ubuntu 22.04 LTS – idroot

        In this tutorial, we will show you how to install RawTherapee on Ubuntu 22.04 LTS. For those of you who didn’t know, RawTherapee is an open-source, powerful application that is used to edit and process raw photos. RawTherapee enables the users to process their raw images taken from the camera to clearer and sharper images. It is also used to convert the raw photos captured from digital cameras by professional photographers into different viewable image formats.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the RawTherapee on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • Data SwampNixOS Bento: new reporting feature

        Bento received a new feature, it is now able to report if the remote hosts are up-to-date, how much time passed since their last update, and if they are not up-to-date, how long passed since the configuration change.

        As Bento is using SFTP, it’s possible to deposit information on the central server, I’m currently using log files from the builds, and compare this date to the date of the configuration.

        This will be very useful to track deployments across the fleet. I plan to also check the version expected for a host and make them report their version after an update, this should possible for flakes system at least.

      • Data SwampNixOS Bento: now able to compare local and remote NixOS version

        Project update: the report is now able to compare if the remote server is using the NixOS version we built locally. This is possible as NixOS builds are reproducible, I get the same result on the server and the remote system.

        The tool is getting in a better shape, the code received extra checks in a lot of place.

        A bit later (blog post update), I added the possibility to trigger the update from the user.

      • Linux HintCommands to Sync Time with NTP Server in Linux

        For many people, computer clocks in your devices, network machines, and servers are generally accurate. But that’s not true! These clocks are manually maintained and backed by batteries which over time drift the clock, especially in the older machines.

        So why is accurate time so important? Having exact time on your machine is quite significant because of several reasons. Many aspects of your computer activity are linked with time. Perfectly synched time is crucial for tracking security-related issues; troubleshooting can become quite difficult if the timestamps in log files are incorrect. Even for financial services, keeping accurate time is critical.

      • TecAdminHow to View HTTP Headers in Google Chrome – TecAdmin

        Google Chrome DevTools (developer tools) is the browser’s built-in comprehensive toolkit for developers. Which provides a large number of information that is useful for the developers for debugging purposes. You can also find the website’s request headers and response header values directly with dev tools.

      • uni TorontoMachine room temperatures and the value of long Prometheus metrics history

        We have a few machine rooms. These aren’t high-tech, modern server rooms, which is not surprising since they’ve generally been there for decades. As part of this, our machine rooms don’t really have a specific set temperature that they’re supposed to stay at. They’re not supposed to get too hot, but the actual temperature they’re at varies over the year and depends on a lot of things, including what we’re running in them at the moment. To make sure that everything is (still) working, we have temperature sensors in the machine rooms that feed into our Prometheus setup.

        Recently we were looking at our dashboards and noticed that one of the machine rooms had an oddly high temperature. It wasn’t alarmingly high, and we could see it going up and then jumping back down in a familiar pattern that we see in all of our machine rooms as the AC cycles on and off. But it felt like the temperature of that machine room should be lower and maybe something was wrong. Since we have a long metrics history (we keep years worth of Prometheus metrics), we started looking at historical temperature data for this machine room, both in the past of this year and at this time in previous years (to see if this was something that had happened at this time of year before).

      • RCA:Renewing FreeIPA Internal Certificate After Expiration | Zamir’s Board

        On September 9th, users report failed to authentication to FreeIPA. By looking into the system status, we realize that the IPA services cannot start successfully. Most importantly, pki-tomcatd cannot start properly. With a deeper look we realized that acme.sh automatically renewed the SSL certificate and restarted FreeIPA, so we decided that should be the direct cause. With more in-depth research we realized that it’s internal certificate issue.

      • ID RootHow To Install SmartGit on Fedora 36 – idroot

        In this tutorial, we will show you how to install SmartGit on Fedora 36. For those of you who didn’t know, SmartGit is one of the most powerful Git GUI clients with support for Azure DevOps, Bitbucket, GitHub, GitLab, etc. It focuses on simplicity while targeting non-experts and people who prefer a graphical application over command line usage. SmartGit is available for different platforms including Windows, Linux, and macOS.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the SmartGit on a Fedora 36.

      • DebugPointExport or Save As PDF A Specific Range in LibreOffice Calc Sheets using Macro

        A simple program to show you how you can export range from LibreOffice as pdf using macro.

        Exporting a LO sheet’s content to PDF is often necessary because of the wide use of PDF files for distributions, reporting etc. In the earlier tutorial, I showed how to export an entire sheet’s content to a pdf file. In this tutorial, I will show how to export a specific range (e.g. A1:B2 etc.) as a content of a pdf file.

      • SteveCo: Migrating libvirt VMs

        I recently moved a bunch of libvirt VMs from a CentOS 7 host to a CentOS Stream 9 host. Normally moving virtual machines from one libvirt host to another is pretty easy. All you need to do is stop the VM on the original host, copy the disk image from host to host (with rsync or whatever is convenient), dump the VM config (with virsh dumpxml guest), and import that config on the new host (with virsh define). It turns out a few things have changed that make that not quite work though…

    • Games

      • GamingOnLinuxVoxel Doom brings voxel goodness to the original DOOM

        I am ashamed to admit that I never played much of the original DOOM when it came out or in the decades since. When I saw the Voxel Doom project I downloaded it and decided to finally give the old classic an honest try.

      • GamingOnLinuxThe Starlight Children’s Foundation Bundle has a really odd selection

        Humble recently launched the Starlight Children’s Foundation Bundle and it’s a thoroughly odd selection but some of you might want to check it out. As usual I’ll list the Deck Verified rating for Steam Deck and any notes on Linux Native or ProtonDB compatibility levels.

      • GizmodoQuake 1 port to Apple Watch

        Vyzmazal managed to get Quake running on an Apple Watch Series 5 which, while a few generations old now, still packs a processor that’s more than capable of running the game through a software renderer at around 60 fps at a respectable resolution of 640×480, and successfully tested at up to 1024×768, although with a reduced frame rate.

      • ViceThe Chess World Is Absolutely Losing It Over Cheating Allegations After Massive Upset

        The chess world has been rocked by online allegations of cheating after a top chess grandmaster was toppled by a relative newcomer this week in a major high stakes tournament in St. Louis.

        31-year-old Norwegian chess grandmaster Magnus Carlsen—rated the top player in the world by the International Chess Federation (FIDE)—abruptly withdrew from the Sinquefield Cup in St. Louis after a third-round defeat by Hans Niemann, a young chess prodigy from the United States.

        Soon after his loss, Carlsen posted a cryptic tweet featuring a speech by football manager Jose Mourinho. “I prefer not to speak,” Mourinho said in the 2020 video. “If I speak I am in big trouble…and I don’t want to be in big trouble.”

  • Distributions and Operating Systems

    • 9to5LinuxFirst Look at Crystal Linux, an Arch Linux-Based Distro Focused on Ease of Use and Usability

      Meet Crystal Linux, an aspiring Arch Linux-based distro that, just like EndeavourOS and other similar distributions, wants to bring the power, simplicity, and flexibility of the Arch Linux distribution to the masses, mostly targeted at users who want a great Arch Linux experience with a very easy setup process.

      Unlike other Arch Linux-based distros, Crystal Linux tries to be unique as it comes with its own in-house built installer that lets you set your timezone, choose a keyboard layout, create a user, set a hostname, partition the disk, and select a default desktop environment or window manager.

    • Make Use OfThe 8 Best Lightweight Linux Distributions With Openbox Window Manager

      The Openbox window manager offers better performance than conventional Linux desktops. Here are some of the most popular Openbox-based distros.

      Are you looking for a lightweight Linux distribution for an old PC? You’re in luck, for Openbox holds the answer to all your distribution woes. It is a highly customizable, lightweight, next-generation window manager that runs smoothly on older hardware. This is not all; it provides extensive standard support to replace the famous GNOME or Unity interfaces.

      If you run Openbox inside KDE or GNOME desktops, you can combine the customization options of the former with the desktop environments for the best results.

      To make the most of the given requirements, you need to check out the top distributions that support Openbox and its functionalities.

    • HaikuOSHaiku Activity & Contract Report, August 2022

      As is the usual way of things, the monthly Activity Report is hereby combined with my Contract Report.

      This report covers hrev56321 to hrev56399.

      David Karoly, who has been doing a lot of work in and around the ARM ports, was granted commit access last month. Welcome to the team, David!

    • BSD

    • Debian Family

      • 9to5LinuxDebian GNU/Linux 11.5 “Bullseye” Released with 53 Security Updates and 58 Bug Fixes

        Debian GNU/Linux 11.5 is here exactly two months after the Debian GNU/Linux 11.4 point release as an updated installation medium for those who want to install the latest and greatest Debian GNU/Linux 11 “Bullseye” operating system series on new computers.

        It includes all the security and software updates that have been released from July 9th until today through the main Debian GNU/Linux 11 “Bullseye” software repositories. In numbers, it includes a total of 58 miscellaneous bug fixes and 53 security updates.

      • FLOSSLinux: 202209102213 – Debian release day – Cambridge – post 3

        Working a bit more slowly – coming to the end of the process. I’ve been wrestling with a couple of annoying old laptops and creating mayhem. The others are almost through the process – it’s been a very long day, almost 12 hours now.

        As ever, it’s good to be with people who appreciate this work – I’m also being menaced by a dog that wants fuss all the time. It certainly makes a difference to have fast connectivity and even faster remarks backwards and forwards.

      • FLOSSLinux: 202209110020 – Debian release day(s) – Cambridge – post 4

        RattusRattus, Isy, smcv have all just left after a very long day. Steve is finishing up the final stages. The mayhem has quietened, the network cables are coiled, pretty much everything is tidied away. A new experience for two of us – I just hope it hasn’t put them off too much.

        The IRC channels are quiet and we can put this one to bed after a good day’s work well done.

    • Open Hardware/Modding

      • Tom’s HardwareLatest Raspberry Pi OS Release Brings Improved Camera and Networking Support | Tom’s Hardware

        Raspberry Pi systems can bask in that new operating system glow today, with the launch of the latest edition of the tiny computer’s Debian-based OS. This release features many smaller tweaks, but the headline features seem to be an improved Python camera interface, and a simplified ability to easily make a Raspberry Pi into a wireless access point.

        Behind the scenes, this means Pi OS has moved from using the easily edited but slightly obscure dhcphd file to manage networking to the NetworkManager application already used by other Linux distributions. It’s not the default yet, dhcphd is still there, but it will become so in future releases so we’d better get used to it.

        NetworkManager makes it easier to connect to Wi-Fi networks with hidden SSIDs, and smooths the process of dealing with VPNs. Some may find the ability granted by the app to configure your Pi as a wireless access point interesting too. It’s being considered a beta feature for now, and must be switched to using the raspi-config tool.

      • Tom’s HardwareRadxa Lifts Lid on Eight-core Compute Module To Take On Raspberry Pi | Tom’s Hardware

        The powerful eight-core Rockchip RK3588S processor is usually found at the larger end of the single-board computer spectrum, but Radxa has today announced, as first reported by CNX Software, that it will be incorporating the chip in a board that’s the size of the Raspberry Pi Compute Module 4. And it comes with as much as 16GB of RAM, too.

      • Tom’s HardwareKhadas VIM1S Low-Power SBC Gets Processor Refresh | Tom’s Hardware

        Khadas is launching an upgraded version of its VIM1 SBC Arm-powered SBC, which launched in 2016. The new VIM1S, as reported by CNX Software (opens in new tab), is a low-powered board that could still give the Raspberry Pi 4 (opens in new tab) a run for its money in the low-power computing sector.

      • OlimexA64-OLinuXino Open Source Hardware Linux computer is back in stock

        All variants of the Open Source Hardware Linux computer A64-OLinuXino now are back in stock!

      • CNX SoftwareSipeed MetaSense RGB ToF 3D depth cameras are made for MCUs – ROS Robots (Crowfunding) – CNX Software

        We’ve just written about the Arducam ToF camera to add depth sensing to Raspberry Pi, but there are now more choices, as Sipeed has just introduced its MetaSense ToF (Time-of-Flight) camera family for microcontrollers and robots running ROS with two models offering different sets of features and capabilities

      • Linux GizmosRGBD/ToF 3D cameras compatible with MCUs and support ROS1/ROS2

        The MetaSense A075V and the MetaSense A010 are two open-source and low-cost Time of Flight (ToF) cameras designed to interface with microcontrollers and ROS1/ROS 2 based platforms. Both devices have an operating depth range from 0.2 to 2.0m (2.5m on A075V model) with less than 1 cm accuracy.

        According to the product page, the MetaSense A075V uses a Cortex A7 processor (up to 1.5GHz) along with a 0.4T Neural Processor Unit. The MetaSense A010 which is optimized to interface with MCUs features a 32-bit RISC-V processor (up to 144MHz) with 132KB of RAM and 192KB ROM.

      • SparkFun ElectronicsBoard’s Eye Point of View – News – SparkFun Electronics

        If you’ve ever wondered how our boards are made, you’re in luck today! This behind the scenes video gives you a front row seat to every step of production of the QuickLogic Thing Plus, from the components getting soldered on all the way to packing the red box that ends up in your mailbox.

      • ArduinotinyML device monitors packages for damage while in transit | Arduino Blog

        Although the advent of widespread online shopping has been a great convenience, it has also led to a sharp increase in the number of returned items. This can be blamed on a number of factors, but a large contributor to this issue is damage in shipping. Shebin Jose Jacob’s solution involves building a small tracker that accompanies the package throughout its journey and sends alerts when mishandling is detected.

        Jacob started by creating a new Edge Impulse project and collecting around 30 minutes of motion samples from an Arduino Nano 33 BLE Sense’s onboard three-axis accelerometer. Each sample was sorted into one of five categories that range from no motion all the way to a hard fall or vigorous shaking. Features were then generated and used to train a Keras model, which yielded an accuracy of 91.3% in testing.

      • HackadayThe Open Source Rotary Cell Phone, Two Years Later

        We know the pandemic has screwed with a lot of people’s sense of time, but we doubled checked, and it has indeed been more than two years since the Internet first laid eyes upon the incredible rotary cell phone put together by [Justine Haupt]. We’re happy to report that not only has she continued to develop and improve the phone since the last time it made the rounds, but that the kits for this open source marvel are currently available for preorder.

  • Free, Libre, and Open Source Software

    • Web Browsers

      • Daniel’s weekly report

        I have merged the first WebSockets take into the curl master branch. You need to enable it explicitly in the build to get it, but I hope lots of people do and try it out and give me feedback.

        There are several outstanding issues to do to make the WebSockets support really good, but now at least this significant first step has been taken. Thanks for flying curl.

      • Chromium

        • [Old] Contra Chrome
        • DaemonFC (Ryan Farmer)Don’t use Google Chrome. Bonus: Microsoft Azure Clown Computing | BaronHK’s Rants

          I’m sick of typing out why people should not use Google Chrome.

          Instead, I can make this page to direct people to which sums up the major point.

          Even before Chromium (the base of Chrome) gets rid of the ManifestV2 API for browser extensions next year (2023), it has already deleted APIs that ublock-origin and NoScript depended on for security guarantees.

          ManifestV3 just makes things much worse, again.

          AdGuard has already made a prototype extension that conforms to MV3, and it’s completely terrible according to users. (Warning: Google link) Ads load and then basically get hidden, so that they can spy on you regardless of whether you see them or not. And the rules limit makes it very hard to even do that.

          Soon, the choice will be to use something like this or to not use Chrome at all.

          Not using Chrome at all is a better option, and you can move your bookmarks and passwords over to another browser now while there’s still time.

          I’ve never used Chrome for my default Web browser and refuse to install it on any machines where I need security. Google is the major threat to your security when you have their software on your computer.

          Just having their repository allows them to install anything they want on your computer, which won’t complain about it even if it replaces your operating system files with malware, because you imported their signing key when you installed Chrome.

          (This is essentially the same situation people who use Raspberry Pi OS face with the Microsoft repository, which is enabled by default.)

          Chrome is too dangerous to use on the Web, for many reasons.

          Primarily because the company that makes it is an ad tech that gives it away for “free” because it is malicious software designed to run other malicious software and display advertising.

    • Programming/Development

      • Matt RickardSQLite Doesn’t Use Git

        SQLite as a database – Fossil uses SQLite as a database instead of Git’s object model. This makes it easy to back up and store repositories.

      • RlangHow to Avoid Overfitting?

        How to Avoid Overfitting?, Overfitting is a frequent error committed by Data Scientists. Your many hours of coding may be wasted if this happens.

        Your model’s outputs could be inaccurate, which would complicate the decision-making process even more.

        Let’s first discuss what overfitting is before moving on to how to avoid overfitting.

      • shikokuchuo{net}: nanonext – a web toolkit
      • Oh, I’m sure it’s probably nothing | Emily Riederer

        As a general matter, these are all exciting advances with great potential to aid in different workflows when used judiciously. However, it also poses the question: what cognitive burdens do we alleviate and which do we add when our projects begin to leverage multiple languages?

        Despite common data analysis tools like SQL, R, and python being high-level languages with declarative interfaces (in the case of R’s tidyverse and python’s pandas), successful usage still requires understanding the underlying assumptions and operations of each tool. There is not such thing as a truly declarative language; only those that generally make decisions that the user likes well-enough to ask for the “what” and delegate the “how”. These differences can emerge at many different levels: such as foundational issues like whether data structures are copied or modified in-place or broader design choices like default hyperparameters in machine learning libraries (e.g. python’s scikitlearn notoriously uses regularized logistic regression as the default for logistic regression.) Somewhere along that spectrum lies the fickle issue of handling null values.

      • Exploring OMPR with HiGHS solver

        There is a class of software for modeling optimization problems referred to as algebraic modeling systems which provide a unified interface to formulate optimization problems in a manner that is close to mathematical depiction and have the ability to link to different types of solvers (sparing the user from solver specific ways of formulating the problem). Both commercial and open source options are available. GAMS and AMPL are examples of commercial options. The popular open source options are JuMP in Julia and Pyomo in python. I have typically used Pyomo in Python but have explored using it from R. I recently became aware of algebraic modeling system in R provided by OMPR package.

      • MediumGetting Familiar with the R Studio Source Pane | by Trevor French | Trevor French | Sep, 2022 | Medium

        You may have been using R Studio for years without realizing what all of those buttons do. This graphic and corresponding annotations will walk you through how everything works.

        a. Show in New Window- This allows you to pop the source pane into a new window by itself.

        b. Save Current Document- This saves the file contained in the tab you currently have active.

      • Matt RickardWASI vs. WASM

        WebAssembly (WASM) modules have no conception of the filesystem, the network, or much else outside the browser sandbox. Many are experimenting with using the format outside the browser for server-side applications. How can it be used both serverside and clientside?

      • GSoC ’22 final report

        Well, this is rather easy for me to talk about, I’ll be on X.org’s Developers Conference soon, and full of motivations behind the work I’ve done.

        Not just me, though! Me, Maíra and Magali (who might be familiar names to you already) will be there as well, and unfortunately Tales didn’t manage to get a visa due to bureaucracy layers no one dares to understand.

        Looking retrospectively, the project’s motivation actually boils down to a dogfight between AMD engineers and the weird code they have to manage. As I’ve talked about previously, GPU code can be quite intense, the DML module being a particularly fun example.

        [...]

        KW (for the intimate) is a much needed and very interesting project, whom I tried my best to contribute to: I spent about a month and a half at the beginning of GSoC pushing it, to the point where I simply had no will to make my commit messages pretty or to respond maintainers.

        Lucky me the owner of the project is also my GSoC mentor, and he completely understood where I was at and that I’d not be able to accomplish the (optional) goals I had set for KW in my proposal.

        I really think this situation helped me understand better what is it that we’re doing when we contribute to free software, and that was the lesson I took.

      • Xe’s BlogAnnouncing the glorious advent of XeDN – Xe

        So I made a mistake with how the CDN for my website works. I use a CDN for all the static images on my blog, such as the conversation snippet images and the AI generated “hero” images. This CDN is set up to be a caching layer on top of Backblaze B2, an object storage thing for the cloud.

        There’s only one major problem though: every time someone loads a page on the website, assets get routed to the CDN. I thought the CDN was configured to cache things. Guess what it hasn’t been doing.

      • Version controlling your .Rprofile, .gitconfig and other dotfiles. | Dr. Rick Tankard

        Dotfiles are an important part of coding on Linux and macOS. In my work, I find myself not only working on my macOS laptop but on several Linux servers. Each of these requires dotfiles to configure my R (.Rprofile), git (.gitconfig and .gitignore_global), ssh (.ssh/config but not key files), vim (.vimrc) and shell (.zshrc, .bashrc, .bash_profile, etc.).

      • Purchase Flower For Just Because Occasion. How `R` you doing it? | Everyday Is A School Day

        Randomness can be difficult to simulate because we are biased. Not that thinking of buying your spouse flowers is a bad thing. What if you can preserve that idea and actualization by coding that! But how?

      • Jeff GeerlingCosplaying as a Sysadmin

        As a software developer, I never was a true sysadmin. I never pulled a server to replace a failed drive at 3 a.m. I never got to roll my little maintenance cart through a cold aisle, with hearing protection to keep my fragile eardrums from rupturing amidst a sea of 100+ dB screaming server fans…

        That is, until I built my homelab. Now I can act like a sysadmin as I make sure my kids never have a moment of downtime while they’re streaming their favorite episode of Odd Squad.

      • Matt RickardParallelizing Programs on the Blockchain

        EVM-based blockchains are often too difficult to scale past 1,000 transactions per second. Transactions can reference shared states and dynamically call into other contracts. This means that transactions must be executed in serial. On the other hand, program writers don’t need to declaratively enumerate their dependencies (e.g., state or other programs).

        The first way to gain parallelization is to do away with dynamic function calling. Both Solana’s Sealevel runtime and Move (Aptos/Sui) use static dispatch rather than dynamic. Sealevel enforces this at the “operating system” level, while Move does it as a domain-specific language (DSL).

      • Kushal Das: khata, under WASI

        While I am learning about WebAssembly slowly, I was also trying to figure out where all I can use it. That is the way I general learn all new things. So, as a start, I thought of compiling my static blogging tool khata into WASM and then run it under WASI.

      • C

      • Python

        • EarthlyHow Classes and Objects Work in Python

          If you’re a developer looking to level up your Python skills, adding OOP to your Python box can be helpful. This tutorial will help you get started with object-oriented programming in Python.

          Python is one of the most-loved programming languages that supports procedural, functional, and object-oriented programming paradigms.

          Procedural programming works fine for simple and smaller projects. But as you start working on larger applications, it’s important to organize code better. Object-oriented programming lets you group related data and functions logically. It also facilitates code reuse and lets you add functionality on top of existing code.

        • Didier StevensUpdate: translate.py Version 2.5.12 | Didier Stevens

          A small update for my translate.py program.

        • Didier StevensUpdate: oledump.py Version 0.0.70

          This is an update to plugin plugin_vba_dco.py, improving generalization and adding option -p.

          You can watch this maldoc analysis video to learn how to use the generalization feature of this plugin…

      • Perl

        • Not Your Grandfather’s Perl

          What I do appreciate that’s missing from many other languages and systems is the extreme committment to backwards compatibility. The knowledge that the next minor release won’t break existing scripts is underrated, IMO.

        • [Old] CoRecursiveCoRecursive #079: CPAN: This Day In History

          CPAN was the first open-source software module repository. And on this day, Aug 1st, in 1995, CPAN was first announced to a private group of PERL users.

      • Rust

        • Xe’s BlogThe Sheer Terror of PAM – Xe

          Hey all, this is my RustConf 2022 for 2022! I’m super excited to finally be able to share this page publicly. Enjoy the talk! I’ve included a video of it, my script and slides embedded below and finally a link to the slides PDF at the bottom of the page. Choose how you want to enjoy this talk. All the options are vaild.

    • Standards/Consortia

      • Accessibility, Jitsi, IRC, Element-Desktop

        The Wikipedia page on Accessibility says the following – Accessibility is the design of products, devices, services, vehicles, or environments so as to be usable by people with disabilities. The concept of accessible design and practice of accessible development ensures both “direct access” (i.e. unassisted) and “indirect access” meaning compatibility with a person’s assistive technology. Now IRC or Internet Relay Chat has been accessible for a long time. I know of even blind people who have been able to navigate IRC quite effortlessly as there has been a lot of work done to make sure all the joints ‘speak to each other’ so people with one or more disabilities still can use, and contribute without an issue. It does help that IRC and many clients have been there since the 1970s so most of them have had more than enough time to get all the bugs fixed and both text-to-speech and speech-to-text work brilliantly on IRC. Newer software like Jitsi or for that matter Telegram is lacking those features. A few days ago, discovered on Telegram I was shared that Samsung Voice input is also able to do the same. The Samsung Voice Input works wonder as it translates voice to text, I have not yet tried the text-to-speech but perhaps somebody can and they can share whatever the results can be one way or the other. I have tried element-desktop both on the desktop as well as mobile phone and it has been disappointing, to say the least. On the desktop, it is unruly and freezes once in a while, and is buggy. The mobile version is a little better but that’s not saying a lot. I prefer the desktop version as I can use the full-size keyboard. The bug I reported has been there since its Riot days. I had put up a bug report even then.

      • USENIXTranscending POSIX: The End of an Era?

        POSIX has become the standard for operating systems abstractions and interfaces over the decades. Two drivers for the design of the abstractions are the hardware constraints and the use cases of the time. Today, the speed balance between I/O and compute is shifting in favor of I/O, which is partly why coprocessors and special-purpose accelerators are becoming more mainstream. Therefore, we argue that the POSIX era is over, and future designs need to transcend POSIX and re-think the abstractions and interfaces at a higher level. We also argue that the operating system interface has to change to support these higher level abstractions.

      • India TimesPentagon warns of GPS interference from Ligado broadband network

        The National Academy of Sciences, Engineering, and Medicine report released Friday warned some Iridium Communications mobile satellite services “used by the U.S. Department of Defense and others will experience harmful interference under certain conditions and warned some high-precision devices sold before about 2012 “can be vulnerable to significant harmful interference.”

        The Defense Department said the study is consistent with its view that “Ligado’s system will interfere with critical GPS receivers and that it is impractical to mitigate the impact of that interference” and noted the study found FCC’s proposed mitigation and replacement measures “are impractical, cost prohibitive, and possibly ineffective.”

  • Leftovers

    • Robert OCallahanEyes Above The Waves: Success, Privilege And God

      I agree with Zitron and Lewis that we have an unhealthy tendency to take credit for our own success. But pushing against that too hard may lead to a mindset that nothing we do makes any difference — we’re just a victim of circumstances — which leads to apathy and irresponsibility.

    • SICPTranscendence | Structure and Interpretation of Computer Programmers

      I do not know that I have felt that sense of transcendence, and believe I am probably missing out both on strong emotional connections with others and on an ability to contribute effectively to society (to a society, to any society) by lacking the strong motivation that comes from knowing that making other people happier makes me happier, because I am with them.

    • GeorgeGenerators Of Disagreement With AI Alignment – by George

      I often find myself disagreeing with most of the things I read about AI alignment. The closest I probably get to accepting a Berkely-rationalism or Bostrom-inspired take on AI is something like Nintil’s essay on the subject. But even that, to me, seems rather extreme, and I think most people that treat AI alignment as a job would view it as too unconcerned a take on the subject.

      This might boil down to a reasoning error on my end, but:

      I know a lot of people that seem unconcerned about the subject. Including people working in ML with an understanding of the field much better than mine, and people with an ability to reason conceptually much better than mine, and people at the intersection of those two groups. Including some of my favorite authors and researchers.

      And, I know a lot of people that seem scared to death about the subject. Including people working in ML with an understanding of the field much better than mine, and people with an ability to reason conceptually much better than mine, and people at the intersection of those two groups. Including some of my favorite authors and researchers.

      So I came to think that there might be some generators of disagreement around the subject that are a bit more fundamental than simple engineering questions about efficiency and scaling. After reading nintil’s (linked above) and VKRs most recent essays on the subject, I think I can finally formulate what those might be.

    • HackadayThe Big List Of Naughty Strings Helps Find Those User Input Problems

      Any software that accepts user input must take some effort to sanitize incoming data, lest unexpected and unwelcome things happen. Here to make that easier is the Big List of Naughty Strings, an evolving list of edge cases, unusual characters, script-injection fragments, and all-around nonstandard stuff aimed at QA testers, developers, and the curious. It’s a big list that has grown over the years, and every piece of it is still (technically) just a string.

    • HackadayWho Is Responsible For Your Safety?

      We recently posted a video where some ingenious metal-shop hackers made a simple jig to create zig-zag oil grooves on the inside of a cylinder, and the comment section went wild. What ensued was a flood of complaints that the video displayed unsafe shop practices, from lack of safety glasses to wearing flip-flops while operating a lathe.

    • Science

      • Carl SvenssonThe Stubborn Computing Manifesto

        Stubborn computing is about being able to pick – and stick to – what you think is the best tool for the job. It’s an investment in software over time: As with the carpenter’s hammer, the chef’s knife or the weaver’s loom, it’s about subconscious and intrinsic mastery of the tools of one’s craft – a deep-seated skill growing along with a never-ending creative process. Ars longa, vita brevis.

        Stubborn computing isn’t about rejecting what’s new; it’s about embracing what’s good. The stubborn user realizes the benefits of faster hardware, better encryption, higher resolutions, more colours and increased bandwidth, but will practice extreme caution when discerning between change and improvement. Stubborn computing appreciates real improvement, but is wary of unforeseen danger and thus careful to rely too heavily on it initially. Stubbornness builds slowly.

        Stubborn computing isn’t an ironic fling with a past never experienced, nor is it about sentimental reminiscing. The stubborn user doesn’t install a Windows 95 theme because of a superficial whim or in a pointless search of lost time. The stubborn user might do so because their brand of stubbornness is rooted in the Windows 95 workflow, and they will go to great lengths to recreate this workflow in many more aspects than shallow aesthetics.

      • uni MITNew programmable materials can sense their own movements | MIT News | Massachusetts Institute of Technology

        Engineers 3D print materials with networks of sensors directly incorporated.

        This image shows 3D-printed crystalline lattice structures with air-filled channels, known as “fluidic sensors,” embedded into the structures (the indents on the middle of lattices are the outlet holes of the sensors.) These air channels let the researchers measure how much force the lattices experience when they are compressed or flattened.

      • Mind MattersCan Computer Neural Networks Learn Better Than Human Neurons? | Mind Matters

        They can and do; when artificial intelligence programmers stopped trying to copy the human neuron, they made much better progress

      • Interesting EngineeringChinese game company appointed the world’s first humanoid robot as its CEO

        The world of technology continues to meet the firsts.

        Recently, the China-based mobile game company NetDragon Websoft appointed an artificial intelligence-supported virtual human being as the general manager named “Tang Yu.”

        The appointment was made on August 26 and the virtual CEO, Ms. Tang Yu started her position in the company’s principal subsidiary, Fujian NetDragon Websoft.

        According to the company’s statement, Tang Yu will support decision-making during the company’s daily operations and provide a more effective risk management system. She will also be used as a real-time data center and analytics tool for the board.

      • TechRadarHuawei just beat the iPhone 14 to a key new feature

        Just a week ago we were reporting on how the iPhone 14 might be the first smartphone to offer satellite communication, but as it turns out it won’t – because Huawei just got there first with the Huawei Mate 50 and Mate 50 Pro.

      • Towards Data ScienceImproving Machine Learning Outcomes | by John Hawkins | Towards Data Science

        In order to build successful machine learning solutions, there are certain fundamental ideas that everyone involved needs to understand. In this blog post, we look at three key early stages of the design process that managers can focus on to ensure that the project is headed toward a successful outcome.

      • New ScientistTwo atomic clocks have been quantum entangled for the first time | New Scientist

        Researchers have quantum entangled atomic clocks, allowing them to be synchronised more accurately. Such entangled clocks could be used to study dark matter and gravity more precisely

      • ACMPushing the Frontiers of Mathematical Research

        For decades, mathematicians have turned to computers for help with tasks like big numerical calculations and visualizing complex geometric objects. Like a blackboard, the computer has been a handy tool that picks up where human capacity to juggle numbers, symbols, and pictures drops off.

        Today, however, computers are playing an entirely new role: they are learning modern mathematics.

        A loose-knit international group is using computer proof assistants, originally developed to check formal software correctness, to create online libraries of mathematical theorems and proofs. The theorems housed in these libraries can then be called upon as building blocks for proofs of new mathematical results. The hope is that the libraries one day will encompass the entirety of mathematical knowledge.

        “It’s a completely new way to do mathematics that is very satisfying,” said mathematician Kevin Buzzard of the U.K.’s Imperial College London.

        Buzzard discussed this work in one of the most-watched lectures at the 2022 International Congress of Mathematicians in July this year. (The Congress, originally scheduled to be held in Saint Petersburg, Russia, was transformed into an entirely online event after that country’s invasion of Ukraine.) Around the same time, a paper appeared on the arXiv containing what might be called a “proof assistant manifesto,” laying out progress achieved and describing challenges ahead. Buzzard is one of the paper’s 10 authors, along with ACM A.M. Turing Award recipient Leslie Lamport.

      • ACMLamboozling Attackers: A New Generation of Deception

        Deception is a powerful resilience tactic that provides observability into attack operations, deflects impact from production systems, and advises resilient system design. A lucid understanding of the goals, constraints, and design trade-offs of deception systems could give leaders and engineers in software development, architecture, and operations a new tactic for building more resilient systems—and for bamboozling attackers.

        Unfortunately, innovation in deception has languished for nearly a decade because of its exclusive ownership by information security specialists. Mimicry of individual system components remains the status-quo deception mechanism despite growing stale and unconvincing to attackers, who thrive on interconnections between components and expect to encounter systems. Consequently, attackers remain unchallenged and undeterred.

        This wasted potential motivated our design of a new generation of deception systems, called deception environments. These are isolated replica environments containing complete, active systems that exist to attract, mislead, and observe attackers. By harnessing modern infrastructure and systems design expertise, software engineering teams can use deception tactics that are largely inaccessible to security specialists. To help software engineers and architects evaluate deception systems through the lens of systems design, we developed a set of design principles summarized as a pragmatic framework. This framework, called the FIC trilemma, captures the most important dimensions of designing deception systems: fidelity, isolation, and cost.

        The goal of this article is to educate software leaders, engineers, and architects on the potential of deception for systems resilience and the practical considerations for building deception environments. By examining the inadequacy and stagnancy of historical deception efforts by the information security community, the article also demonstrates why engineering teams are now poised—with support from advancements in computing—to become significantly more successful owners of deception systems.

      • HackadayUnderstanding Wavelets

        Mathematical transforms can be a great help in understanding signals. Imaging trying to look at a complex waveform and figuring out the frequency components without the Fourier transform. [Artem Kirsanov] calls the wavelet transform a “mathematical microscope” and his video gives you a great introduction to the topic. You can see the video below.

    • Hardware

      • Ruben SchadeRubenerd: Weird Al had 100 gigs of RAM

        Defragmentation isn’t necessary if you’re on an SSD, and if anything could add to wear without benefit. But I do miss those animations.

        The bigger observation there is memory. A hundred gigs seemed ridiculous and unobtainable at the time. Consumer-level machines still measured memory in megabytes, and people had memories of a decade prior when this was kilobytes, or even less. I still remember a kid at my school being amazed that my Commodore 16 from eBay didn’t have 16 MiB of memory.

      • MacRumorsGarmin Reacts to Apple Watch Ultra: ‘We Measure Battery Life in Months. Not Hours.’

        Garmin has reacted to Apple’s new rugged Apple Watch Ultra, saying in a tweet following the iPhone 14 and Apple Watch event that it measures battery life in “months” and “not hours,” promoting its latest Enduro 2 watch for athletes.

      • IEEENo More Invasive Surgery—This Pacemaker Dissolves Instead

        After having cardiovascular surgery, many patients require a temporary pacemaker to help stabilize their heart rate. The device consists of a pulse generator, one or more insulated wires, and an electrode at the end of each wire.

        The pulse generator—a metal case that contains electronic circuitry with a small computer and a battery—regulates the impulses sent to the heart. The wire is connected to the pulse generator on one end while the electrode is placed inside one of the heart’s chambers.

        But there are several issues with temporary pacemakers: The generator limits the patient’s mobility, and the wires must be surgically removed, which can cause complications such as infection, dislodgment, torn or damaged tissues, bleeding, and blood clots.

      • It’s Time to Address the Poor Quality of Supply Chain Data | SupplyChainBrain

        The reality of global supply chains in recent years has been a sorry affair, but there’s reason for hope.

        By their nature, supply chains are notoriously messy, complex and opaque. Fundamental issues remain hidden in the shadows, whether they be child and forced labor, deforestation or the impact of climate change. The outsourcing of production results in a lack of responsibility for poor conditions in facilities. And the failure to achieve visibility into multiple tiers of the supply chain reinforces that lack of accountability.

      • HackadayFlexible Radiation Monitoring System Speaks LoRa And WiFi

        Radioactivity has always been a fascinating phenomenon for anyone interested in physics, and as a result we’ve featured many radioactivity-related projects on these pages over the years. More recently however, fears of nuclear disaster have prompted many hackers to look into environmental radiation monitoring. [Malte] was one of those looking to upgrade the radiation monitor on his weather station, but found the options for wireless geiger counters a bit limited.

      • Hackaday2022 Cyberdeck Contest: The Folding Mini-Deck

        The trend for cyberdecks has brought us many takes on the home-made portable computers, but it’s fair to say that some of them can be rather unwieldy. This is not an accusation you can point at [Smeef] with the Mini-Deck though, because its Raspberry Pi Zero, Adafruit miniature display, and tiny keyboard make the whole unit able to fit in the palm of a hand. We’re not sure we’ve seen one so compact!

    • Health/Nutrition/Agriculture

    • Security

      • ACMThe Challenges of IoT, TLS, and Random Number Generators in the Real World

        IoT (Internet of things) is now a first-class member of the Internet, communicating with cloud infrastructure. With this come additional requirements to ensure confidentiality, integrity, and authentication for every customer’s data. The IETF TLS (Transport Layer Security) protocol is used for almost all Internet traffic security, but TLS is not as secure as the general public believes it to be. The current TLS protocol has been proven secure, but do IoT implementations live up to that promise? IoT does not always have the luxury of hardware RNGs (random number generators) or other features typically found on servers, laptops, or even phone processors. The history of RNGs that have not been as random as expected has led to this question.

      • James Brown[A repeat] roguelazer’s website: SSH MITM at Best Western

        I’m currently staying in a Best Western hotel in Eureka, CA, avoiding the Bay Area heat wave, and I noticed something remarkable: the hotel’s free WiFi network performs automatic man-in-the-middle interception of all SSH traffic. I’ve literally never seen this before on public WiFi… Check it out…

        [...]

        Based on traceroutes, it really does look like all of my traffic is being routed through some central facility in Texas that’s doing god knows what DPI on it.

      • Silicon AngleMajor security bugs are a long-term threat: Here’s why and what’s next

        The technology world is entering a new phase where code complexity and widespread use of global software tools have opened the door for a damaging security flaw that can last for years.

      • Silicon AngleGoogle rolls out update for high-severity vulnerability in Chrome

        Google LLC has begun rolling out an update for Chrome to fix a high-severity vulnerability that is being actively targeted by hackers.

        The vulnerability is found in the Windows, Mac and Linux versions of Chrome, the search giant detailed in a blog post Friday. The update that Google’s engineers have created to fix the issue is set to roll out over the coming weeks.

      • Scoop News GroupNavigating the path to passwordless authentication

        Yves Audebert is chairman, president and co-CEO of Axiad IDS, a trusted identity solutions provider for government and financial organizations. He previously founded ActivCard / ActivIdentity, one of the lead providers of the Defense Department’s Common Access Card and HSPD12 FIPS 201 credentialing systems.

        If you have been in business long enough, you have probably heard the quote often cited from Lewis Carroll’s Through the Looking Glass: “If you don’t know where you’re going, any road will lead you there.” And while this quote isn’t verbatim from the book (or the subsequent movie Alice in Wonderland), the sentiment has stood the test of time because it appropriately captures an important strategic premise — that it’s important to be clear on your destination and desired business goals before kicking off a strategic initiative.

    • Defence/Aggression

    • Transparency/Investigative Reporting

    • Environment

    • Finance

      • TruthOutUK’s New Prime Minister Makes No Apologies for Favoring the Wealthy
      • Common DreamsOpinion | A Farmworker Speaks Truth to Power in Washington

        In the early days of the pandemic, California farmworker Carolina Sanchez saw stark differences in how she was treated on union versus non-union jobs. 

      • TruthOutMaine’s Biggest City Will Vote on Public Campaign Financing Measure
      • Michael West MediaTapped out: underclass left behind in Australia’s cashless future

        Begging is tough enough at the best of times, but brutal now that the nation is on the brink of a cashless economy. Card machines may be an alternative for Australians who rely on spare change from strangers to stay afloat, writes James Fitzgerald Sice, but is this the best way to get ahead?

        Dave Brown* has been begging on the streets of Sydney’s inner west for more than five years. However, it is only in the past year that he has started accepting card payments from passersby.

        Dave is a 41-year-old recovering drug addict on a disability pension who lives in a housing commission unit in Glebe. Dave’s criminal record has meant he has found it difficult to find and keep a job, leaving him vulnerable to the steady decline of cash in Australia.

        During the Covid-19 pandemic, this steady decline became a sudden drop-off. So when Dave found out that his 15-year-old dog Jedda needed operations to remove numerous cancerous lumps, he took a leap-of-faith into the digital economy.

      • Michael West MediaChildcare owner to join Early Childhood Strike amid staff crisis – Michael West

        Severe labour shortages and poor pay for carers have left the childcare sector in crisis. One childhood operator, John Owens, has written to Premier Dominic Perrottet to tell him he will join tomorrow’s Early Childhood rally. What’s the scam?

        “Some 30-40% of staff time is now spent on process driven tasks (red tape) imposed on our sector by NSW Education. Parents generally have no idea how NSW Education is driving up the cost of childcare and distracting our staff from their core responsibility (caring for and educating the children),” writes Owens.

      • Common DreamsOpinion | The US Must Ends Its Complicity in Illicit Financial Flows Out of Africa

        If you caught the breaking news story about Russians flying gold out of Sudan, straight from the mines, you were likely shocked by the blatant theft. The truth is that for years, every year, nearly $90 billion of African resources are lost to the Global North in Illicit Financial Flows, or IFFs. It isn’t just the Russians—U.S.-based corporations and others throughout the Global North are also complicit in this theft.

    • AstroTurf/Lobbying/Politics

      • Newsweek‘I’m Going to Kill You’: Man With Gun Arrested at Pramila Jayapal’s Home

        A armed man was arrested outside of Representative Pramila Jayapal’s home over the weekend after he threatened to kill her if she didn’t “go back to India.”

        According to the most recent data from the FBI on hate crimes, “62 percent of victims were targeted because of the offenders’ bias toward race/ethnicity/ancestry, which continues to be the largest bias motivation category.” Reported hate crimes increased by nearly 1,000 between 2019 and 2020.

      • Michael West MediaRoyal Favours: pipe and slippers time for David Hurley and Scott Morrison – Michael West

        It’s time for Governor-General David Hurley and Scott Morrison to go. Public perceptions of mates-deals have tarnished the two highest offices in the land. Michael West reports on the unfolding scandal of the Australian Future Leaders Foundation.

        It is time for the Governor-General to exit. Scott Morrison too. The former has tarnished the reputation of the Crown, the latter the very foundations of Australia’s democracy.

      • TruthOutTrump’s Political Operation Has Raised Over $500 Million Since the 2020 Election
      • HackadayLondon Bridge Has Fallen — By Radio

        One of the global news stories this week has been the passing of the British monarch, Queen Elizabeth II. Since she had recently celebrated 70 years on the throne, the changing of a monarch is not something that the majority of those alive in 2022 will have seen. But it’s well known that there are a whole suite of “London Bridge has fallen” protocols in place for that eventuality which the various arms of the British government would have put in motion immediately upon news from Balmoral Castle. When it became obvious that the Queen’s health was declining, [Hackerfantastic] took to the airwaves to spot any radio signature of these plans.

      • Telex (Hungary)How Queen Elizabeth II won the hearts of Hungarians in 1993

        Queen Elizabeth II and the Duke of Edinburgh spent four days in Hungary in May 1993. Their visit was covered in detail both by the Hungarian and the foreign press. The Queen saw the Holy Crown of Hungary, visited museums and gave a speech at Parliament. In addition to the usual political visits, she also made a stop at a homeless shelter and had a bite to eat at a farmhouse in Bugacpuszta, with cither music in the background. We looked up some old newspaper articles to remember her visit, and how much Hungary loved her.

      • Common DreamsOpinion | 10 Observations About the 2022 Midterms

        Two-thirds of the way through 2022, the political situation is quite different than it appeared to be on January 1. Then, Democrats viewed the midterm elections with trepidation; now, they see them as an opportunity. Here are 10 reasons why the situation has changed.

      • Common DreamsOpinion | Release the Dirty Permitting Bill Draft Now

        As a West Virginian Veteran, I appreciate that person’s right to speak out is a cornerstone of our democracy. For decades, people across the country have voiced their concerns about polluting facilities in their neighborhoods as part of the federal government’s review and decision-making regarding permits and projects.

    • Monopolies

      • Copyrights

        • Dallas NewsWhy copyright is a bad fit for the [Internet] age

          The problem is that copyright, in the form of the 1998 Digital Millennium Copyright Act (DMCA), is too powerful, and its reach is too wide. Unlike analog material, digital formats — ebooks, Spotify streams — need software to access them. If that software has any form of copy protection, as is usually the case, whatever restrictions it imposes on the user cannot be legally sidestepped, because of the DMCA.

          Controlling in detail how we enjoy books, music or films is not what copyright is designed for. Copyright is supposed to be about rewarding artists fairly for their creativity. Modern copyright fails to do that. A 2018 survey by the Authors Guild revealed that median earnings from book income fell by 50%, from 2009′s $6,250, to $3,100 in 2017. In the music industry, a 2021 U.K. Parliament report found that performers’ incomes average less than the median wage.

        • [Old] VoxBook publishers just spent 3 weeks in court arguing they have no idea what they’re doing

          In an early sign that this trial would scar publishing’s romantic image, however, the DOJ’s initial lawsuit turned up internal emails in which PRH’s CEO Markus Dohle admits that he “never, never bought into that argument,” and that one of the “goals” of the post-merger PRHS&S would be to become an “exceptional partner” to Amazon.

          Over the course of the trial that ensued, publishers would continue to insist on their existing public image as helpless incompetents at the whims of larger companies and an irrational market. The government, meanwhile, stuck to the narrative that the publishers were savvy operators who knew exactly what they were doing with their billion-dollar companies. The question of which story was most convincing will help decide the future of American antitrust law.

        • Torrent FreakFootball Fans Turn Pirate as Another Legal Streaming Service Falls Over

          To divert people away from piracy, legal streaming services warn of the unreliability of illegal streaming sites. But for the third time in a matter of weeks, football fans have been unable to watch key matches due to legal platforms falling over. As one fan wrote on Twitter: if I pay for a legal service that doesn’t work and can find a pirate stream in less than a minute, why am I paying?

        • CoryDoctorowHow Audible steals from creators

          If you listen to audiobooks, chances are you get them on Audible, Amazon’s monopoly platform with a 90+% market-share in many genres. But my books aren’t for sale there, even though that means foregoing the majority of the market. I explain why in a chapter of “Chokepoint Capitalism,” my forthcoming book, co-authored with Rebecca Giblin.

          Audible is a classic “chokepoint capitalism” story – that is, it’s a story about a company that has corralled an audience inside some kind of walled garden, and used its control over the audience to demand greater and greater concessions from the creators who want to reach them, eventually abandoning all pretense of fairness and literally stealing from creators.

          In Audible’s case, the walls are made from DRM, or “Digital Rights Management” – this is the “copy protection” system that Audible requires of all creators and publishers who sell on its platform. The company claims that DRM prevents listeners from stealing from creators by making it impossible to share the books they buy.

          In reality, though, removing Audible’s DRM is not hard; if you’re a dishonest person who wants to share an Audible title widely, you can figure out how with a couple of quick searches. But while removing DRM is easy, it’s also very, very illegal: under Section 1201 of the DMCA (a 1998 US copyright law), selling someone a DRM-bypass tool is a felony carrying a 5-year sentence and a $500k fine.

          That means that DRM never prevents copyright infringement (because infringers don’t care if they break the law), but it always prevents competition. If you’re a rival of Audible, hoping to unseat it, you have to convince potential customers to give up their Audible titles or maintain two separate libraries. You can’t just give them a tool to convert Audible files to MP3s or even another DRM format.

  • Gemini* and Gopher

    • Personal

      • Confession (Penance)

        The two hardest things to do as a Catholic are 1) Give up your sins, 2) Confess your sins when you fail to give them up.

        If it wasn’t for these two basic things, then being a Catholic would be very easy. But it is what we are called to do.

        I’ve heard, more than once, the absurd idea that “Being a Catholic is easy because you can sin all you want, because you can then just go to Confession.”

      • The Disappearance Of 4chan user ‘Strah’

        So its september which means the spooky season is here. Its this time of year where my interest in the paranormal, the creepy, and the conspiratorial really peaks.

      • Star Log 2022-09-10 22:30 AKDT (Fairbanks, AK, US)

        After the failure last night, I was feeling rather discouraged. But I continued to pray, and I noticed the forecast predicting lighter cloud cover around 10pm. So, I stayed up a bit later than usual, and was blessed with a great hour of star gazing, mainly toward the southern sky.

        I had done a little research before hand, and so I was hoping to see Jupiter a little to the left of the moon tonight. I was not disappointed — Jupiter was brilliant. My binoculars are not powerful enough to actually view the disc, but the brightness of it certainly was attention-getting. The brightness is not well-captured in Stellarium, but this gives you an idea of the position of it…

    • Technical

      • Programming

        • The trouble with trantor’s threading design

          This is just something on my mind and I’m trying to figure out how to solve. Most web frameworks use a work-stealing thread pool to improve throughput. Maybe one of the threads is overburdened with 100 tasks in its queue. But all the other 15 threads are idle. Other threads should be able to take tasks away from the overburdened thread. Well, I can’t do that (at least not easily) in Drogon and Trantor.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

IRC Proceedings: Saturday, September 10, 2022

Posted in IRC Logs at 2:01 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now


IPFS Mirrors

CID Description Object type
 QmYRU7hJrQ5kduWNGT2eRSvkGsLwb1BZdKK18PB4sx6JM1 IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmSGcFawxuZDZV45KJg5GAcTu7Nqk4HMP2cw8m5Wujx6m8 IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmZ5UVYrgJumHtw4GogY7yof5m3CRRNheujXrdbgjyUE2V IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmaF5rEgotHgVuwKBPit74kgfSjAdCKoF5H2adxduheQuX IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmWYWPLpuxTfvyfyPKASykEAUGHb5FRGn3rhwaBY9wCfiG IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmcRPrbTiLtM1tMASjySv1k5bxmbsojxLYSf3Jo4efteBY IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmYssQChqVirPMJvYqeYjBMzqgNFmFVCHV4oXmoGWLdhFL IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 Qmeb18xCartrFkrsd68tJDKC6kerRF8vYmWaRgTCpLqord IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmVuPxmX77pHLEiaxQUdUu9Hv2c5on5vmDiepeKvhokhrK

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts