Docker firewall issues, Ardour’s major new feature, listening for your neighbours’ garage door openers and tyre pressure monitors, colourising old photos, complaints from new Ubuntu users, KDE Korner, and more.
Today we have been released from the Gulag so I have some channel updates. Look for the new site to launch in the next few weeks, and look for us on alternative platforms.
In the past it made legitimate sense to debloat your Linux install but when we're talking about modern hardware, most systems can over power basically anything you throw at it so is debloating just a waste of time
As mentioned, the Kernel Crawler is a new tool that automatically searches for new kernel versions supported for a number of Linux distros. It should make it easier to adopt Falco by simplifying the task of installing kernel modules and eBPF probes for a given kernel version. The Kernel Crawler is used to populate and maintain a database with the build matrix which lists all kernel versions and distros supported by Falco.
The 5.15.74 kernel was compiled on October 18, with Android drivers:
https://bkhome.org/news/202210/kernel-51574-compiled-with-android-drivers.html
I have compiled 5.15.76 with these changes, shown in bold text. Firstly, for the RTC:
Are you planning to leave Twitter and join Mastodon? Use these free and open-source Mastodon clients for your Linux desktop.
Mastodon is a free and open-source microblogging platform similar to Twitter. It is designed as a decentralised platform that can communicate with other Fediverse protocols such as GNU Social and Pleroma. With the recent news stories about Twitter, many users are trying Mastodon and migrating to the platform.
With that in mind, we give you a list of free Mastodon clients for Linux desktops as well as Windows and macOS in this post.
Our various test computers have an average of 50 environment variables on each of them. An environment variable, like any other variable, is a combination of a name and a value. The name is unique, set when the variable is created, and it last for the lifetime of the environment variable.
Variables hold values for us. When a process needs to know what the value is, it looks up the variable by name, and reads the value from it. Although variable names cannot be changed, their values can be.
In this tutorial, we will show you how to install Cacti on Rocky Linux 9. For those of you who didn’t know, Cacti is an open-source, web-based network monitoring and graphing tool designed as a front-end application for the open-source, industry-standard data logging tool RRDtool. Cacti gather performance metrics from servers and network devices and graph and store them for reporting and historical analysis.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Cacti monitoring tool on Rocky Linux. 9.
The CPU is the most important component of your computer. All applications and system services will need to utilize the CPU in order to run. Your Linux operating system will make a determination on how to divide its CPU resources across all of the various programs that are competing to use it.
In this tutorial, you will learn how to monitor your Linux system’s CPU usage.
The Librem 5 features a built-in smartcard reader. While most people use it for GPG I wanted to see if it can be used as an authenticator for services like email (SMTP, IMAP), access to web pages (HTTPS), calendars, etc. without either having to retype a password often or having to store it on the device itself: Single Sign On for all my frequently used services.
Today we are looking at how to install Inkscape on a Chromebook.
If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!
The Wine development release 7.20 is now available.
What's new in this release: - Mono engine updated to version 7.4.0. - Font linking improvements. - A number of fixes for exception unwinding. - Support for dumping EMF spool files in WineDump. - Various bug fixes.
The source is available at:
https://dl.winehq.org/wine/source/7.x/wine-7.20.tar.xz
Binary packages for various distributions will be available from:
https://www.winehq.org/download
You will find documentation on https://www.winehq.org/documentation
You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.
Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
Escapism increases with yet another ScummVM release!
The ScummVM Team is thrilled to announce the immediate availability of ScummVM 2.6.1.
ScummVM 2.6.1 is a maintenance release mainly focused on improving the new features and engines we introduced in our previous release.
Proton GE, developed by GloriousEggroll, is a fork of Valve's Proton that makes gaming on SteamOS and Linux distros a dream come true for gamers.
Halloween or not, playing horror games alone or with your friends is exciting. All those jump scares, gut-wrenching scenes, and creepy adventures are something to look forward to. If you’re looking for games to fuel your nights with horror, try the following free horror games on Steam.
It’s Halloween and the Kate and KWrite 22.12 release is approaching, so its about time we give you another update what we’ve been working on.
[...]
So far Kate was only able to display code views in Kate’s central view component. In the upcoming release, Kate can also place arbitrary Qt Widgets there, which required making some bigger changes under the hood. You might ask how is this relevant at all, to which we answer: this change enabled us to implement a treat bag of cool, new features. Already we have used this to implement a welcome page, an improved git diff viewer and the configuration options now reside in a tab instead of a dialog.
I hope Nate you don’t mind me taking the screenshots from your blog post, I’m just.. Lazy. I have no excuse. Lol.
For those who just want to see how it’s made, here’s link to the merge request: https://invent.kde.org/plasma/breeze/-/merge_requests/241
Also I am probably gonna make couple LOTR references due to talking about binding and light and dark and I’m sorry about that beforehand.
The All-American High School Film Festival (hereafter, A-AHSFF) is a week-long event hosted in New York City. Students can submit their short films in advance, and at the event are exhibitions and rewards for the best-judged films. There is also a tech fair, this year on the 22nd of October. KDE community member Nataniel Farzan is one of this year’s selected entrants, and negotiated a booth for KDE at the tech fair!
There aren’t very many members in the KDE community in the US, but a few of us live in the area. Philip Cohn-Cort and I heeded the call (with the invaluable remote support of Paul Brown and Aniqa Khokhar).
Paul and Aniqa did most of the heavy lifting of preparing the event for success. They requested the budget, and ordered the stickers, tablecloth, and banner. Big thank you to both of you! All Philip and I did was prepare the computers and, of course, show up.
Image generated by Waifu Diffusion v1.3 (float16) -- cloud sea, xenoblade chronicles 2, azurda, blue sky, giant tree, orca, 1girl, red hair, katana
One of the strengths of NixOS is that you can use NixOS modules to do things like override versions of packages so that you can customize what software is running on your computer. You can use this to manually patch programs, or alternatively override dependencies with other versions. Today I'm going to show you how to use an overlay to force NixOS to rebuild nginx with OpenSSL 1.1.1 instead of OpenSSL 3.x. You may want to do this if you want to reduce risks involved with the CRITICAL security issue announced for OpenSSL 3.x (OpenSSL 1.1.1 isn't listed as CRITICAL).
Featuring the lightweight Xfce 4.16 desktop environment and based on Ubuntu 22.04.1 LTS (Jammy Jellyfish), Linux Lite 6.2 is here five months after Linux Lite 6.0, which was the first release of the Ubuntu-based distribution based on Ubuntu 22.04 LTS.
Highlights of this release include a revamped Lite Upgrade in-house built utility that features a new end-user dialog and integration of the latest LibreOffice 7.4 office suite release, as well as an updated Lite Tweaks in-house built utility that improves kernel removal, log removal, and hostname setting.
Last week, the Linux community was abuzz with excitement over the release of Zorin OS 16.2. That operating system is notable for being designed for Windows switchers. Today, yet another such distribution that focuses on former Windows users is released -- Linux Lite 6.2.
Linux Lite 6.2 is is based on the excellent Ubuntu 22.04.1. The distribution uses Linux kernel 5.15.0-52 and Xfce 4.16 desktop environment. It comes with some excellent software pre-installed, such as Google Chrome 107, GIMP 2.10.30, Thunderbird 202.2.2, VLC 3.0.16, and LibreOffice 7.3.6.2.
Speaking about this new version of the operating system, the development team explains, "Linux Lite 6.2 Final is now available for download and installation. This release is mostly comprised of UI adjustments, up to date software and bug fixes. This release improves upon 6.0 with numerous UI enhancements, updates to many Linux Lite applications, the newest stable LibreOffice, Lite Upgrade has a new end dialogue, there's a new Video Editor in Lite Software and much more."
CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication€ | CISA âšâ https://www.cisa.gov/uscert/ncas/current-activity/2022/10/31/cisa-releases-guidance-phishing-resistant-and-numbers-matching ä·ⰠSource: USCERT
Canonical announced the code name of the upcoming Ubuntu 23.04 short-term release.
Following the alphabet-based code name convention, the code name for the upcoming Ubuntu 23.04 is – “Lunar Lobster”. We are at “L”, followed by the predecessor “Kinetic Kudu” with “K”.
In a cryptic tweet with only emojis, Ubuntu announced the name on Twitter. Since every Ubuntu release code name is actually the repo name, it’s already been updated in the official Ubuntu version control system “launchpad”.
The branch named “lunar” is created, and structures are ready to accept the changes of this release.
Welcome to the Ubuntu Weekly Newsletter, Issue 759 for the week of October 23 – 29, 2022.
Our local Debian user group gathered on Sunday October 30th to chat, work on Debian and do other, non-Debian related hacking :) This time around, we met at EfficiOS's offices. As you can see from the following picture, it's a great place and the view they have is pretty awesome. Many thanks for hosting us!
All Things Open 2022 is this week in Raleigh, North Carolina, and we're here all week! It's a great event that's focused on the tools, people, processes and technology that make open source possible.
Early next year, Firefox will release Mozilla’s Manifest V3 (MV3). Therefore, it’s an ideal time to consider migrating your Manifest V2 extensions. One of our goals throughout our approach to MV3 has been to gradually release new WebExtensions features that enable you to begin implementing APIs that are compatible with MV3. To this end, we recently released some exciting new features you should know about…
The MDN Web Docs team recently undertook a project to revamp and reorganize the “Contribution Docs”. These are all the pages on MDN that describe what’s what – the templates and page structures, how to perform a task on MDN, how to contribute to MDN, and the community guidelines to follow while contributing to this massive open source project.
The contribution docs are an essential resource that help authors navigate the MDN project. Both the community as well as the partner and internal teams reference it regularly whenever we want to cross-check our policies or how-tos in any situation. Therefore, it was becoming important that we spruce up these pages to keep them relevant and up to date.
Some folks who read TIGER_STYLE.md (the TigerBeetle coding guide) are surprised to learn that TigerBeetle allocates no memory after startup.
This month, as WordPress Accessibility Day approaches, we feature Raghavendra Satish Peri, a blogger turned digital entrepreneur based in India, specializing in web accessibility and digital marketing.
The People of WordPress series shares inspiring stories of how people’s lives can change for the better through WordPress and its global network of contributors.
People sometimes jest that Rust is just ML dressed up to look like C++. And I don't think that's entirely off: Rust has many of the key features present in ML languages. We have the same kind of type system (Hindley-Milner), we have sum types, and we have a module system which isn't directly tied to a module hierarchy. I want to talk a bit more about Rust's module system here.
In Rust we distinguish between "crates" and "modules". To people just learning about Rust the distinction can be a bit confusing. But in practice it makes sense to have both. In this post we're going to take a look at Rust's module system, what the differences are, and how we could introduce some features to bring crates and modules closer together.
Dear rOpenSci friends, it’s time for our monthly news roundup!
You can read this post on our blog. Now let’s dive into the activity at and around rOpenSci!
Introduction to the new exams2learnr package for including quizzes or individual questions from dynamic exercise templates into learnr tutorials which can be deployed as shiny apps.
I have a new hobby: camera traps, also known as trail cameras. Strapped to trees in my local bushland they sit in wait, firing automatically when triggered by a passing animal. Once in a while, something quite magical happens.
The 1.65.0 pre-release is ready for testing. The release is scheduled for November 03. Release notes can be found here.
Artists can leverage glTF to create rich 3D visuals, but the process can be difficult. Assets can be difficult to create, many 3D assets are still not compatible, the tooling ecosystem has gaps, and rendering can be inconsistent. However, solutions are on the horizon! This webinar will showcase the work currently taking place within the Khronos Group to address the current challenges and how to solve them. It will be followed by a Q&A session with the speakers and a panel of industry experts.
Just like last year, October was filled with quick pixel dailies. I decided to only post on mastodon, but due to the twitter exodus couldn’t quite post the 30kB images for the two remaining days. Good old blog post it is!
Galileo was one of the first scientists to use a telescope, make substantial improvements, and point it at the stars and moon. He published his observations in his “Starry Message” (Sidereus Nuncius) memo in 1610 — causing shockwaves through Italy and the rest of Europe.
If you are impatient for not just memory pooling powered by the CXL protocol, but the much more difficult task of memory sharing by servers attached to giant blocks of external memory, you are not alone. Memory fabric creator IntelliProp is right there with you.
And that is why IntelliProp, which has been a custom silicon design shop for the past two decades, has spent the past few years mashing up PCI-Express, CXL, and Gen-Z technologies to create its Omega Memory Fabric, also giving us a preview of what commoditized CXL memory sharing will look like in the future as various technologies, including Hewlett Packard Enterprise’s Gen-Z protocol and IBM’s OpenCAPI protocol, are merged into the CXL specification.
Nearly three years since SARS-CoV-2 first emerged, we’re still not certain where the virus behind COVID-19 came from.
The location of the initial outbreak close to the Wuhan Institute of Virology drew suspicion that it may have been a lab leak. But scientists largely came out in favour of a natural spillover from bats to humans, through an intermediate animal host, at the Huanan seafood market located a few kilometres away. To date, though, no immediate ancestor of SARS-CoV-2 has been found in bats nor in any other animal that was on sale at the market.
A recent preprint (a study yet to be peer-reviewed) claims to have identified possibly unusual sequence patterns in the SARS-CoV-2 genome. These patterns may indicate the virus was genetically modified in a lab.
Systemd version 252 has been released. As usual, the list of changes is long. It includes a new systemd-measure tool for the calculation of PCR values and a bunch of infrastructure to use the result for disk encryption
GitHub proofs of concept (PoCs) for known vulnerabilities could themselves contain malware as often as 10% of the time, security researchers have found.
Researchers at the Leiden Institute of Advanced Computer Science have alerted security professionals about risks associated with GitHub and other platforms like pastebin that host public PoCs of exploits for known vulnerabilities.
Security updates have been issued by Debian (batik, chromium, expat, libxml2, ncurses, openvswitch, pysha3, python-django, thunderbird, and tomcat9), Fedora (cacti, cacti-spine, curl, mbedtls, mingw-expat, and xen), Gentoo (apptainer, bind, chromium, exif, freerdp, gdal, gitea, hiredis, jackson-databind, jhead, libgcrypt, libksba, libtirpc, lighttpd, net-snmp, nicotine+, open-vm-tools, openexr, rpm, schroot, shadow, sofia-sip, tiff, and xorg-server), Mageia (libreoffice), Oracle (expat), Red Hat (device-mapper-multipath), and SUSE (cacti, cacti-spine, chromium, exim, jhead, kernel, libmad, opera, and pdns-recursor).
CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using mobile push-notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number matching to mitigate MFA fatigue. Although number matching is not as strong as phishing-resistant MFA, it is one of best interim mitigation for organizations who may not immediately be able to implement phishing-resistant MFA.
In the first part of this blog series, we discussed the run-time (in)security challenge, which can leave your code and data vulnerable to attacks by both the privileged system software of the public cloud infrastructure, as well as its administrators. We also introduced the concept of trusted execution environments and confidential computing, (CC), as a paradigm to address this challenge. CC takes a pragmatic approach: it considers the execution environment bootstrapped by the cloud’s system software to be untrustworthy, and proposes to run your security-sensitive workloads in an isolated trusted execution environment (TEE) instead. The TEE’s security guarantees are rooted in the deep hardware layers of the platform; security claims can be remotely verified.
But how does confidential computing work? To understand TEEs and CC in more detail, we need to understand isolation and remote attestation.
The OpenSSL project this week announced plans to release version 3.0.7 on November 1 to patch a critical security flaw affecting versions 3.0 and later. Co-founder Mark J. Cox noted it’s only the second critical patch “since we started rating flaws back in 2014.”
Former Liberal prime minister John Howard used to be often contemptuously referred to as the deputy sheriff for the US in the Pacific region when George W. Bush was in power.
Given the news that the US is now preparing to send six nuclear-capable B-52 bombers to Australia, one would be totally justified if the same title was applied to Labor Prime Minister Anthony Albanese.
The ABC's Four Corners program on Monday focused on the build-up of these nuclear-capable planes, and the level of jingoism in the report was quite easy to detect.
The US and its allies have been spreading fear, uncertainty and doubt about China for years and this step is apparently aimed at keeping the region safe.
Labor’s budget is projecting just over $38 billion to be spent on defence in 2022-23, increasing to $44.5 billion in 2025-26.
These projections have not changed since the Coalition’s March budget and represent the third largest spend by the federal government, beaten by just education, health and social security and welfare.
According to ARENA, “In the decade to 2030, Australia will spend $575 billion on defence.”
Labor has pledged to spend at least 2% of Australia’s GDP on defence. Spending as a share of GDP is expected to be 2.12% next financial year, followed by 2.11% in 2024-25 and 2.1% in 2025-26.
Every billionaire is a policy failure, but every billionaire is also a factory for producing policy failures at scale. The political power conferred by massive wealth accumulation makes a sham of democracy, because "one person, one vote" is easily swamped by "one dollar, one vote."
That's why we need to abolish all billionaires, even the "good" ones who promise to support charities or causes we support. But today, I want to focus on some extremely bad billionaires, Dick and Liz Uihlein, owners of the packing-supply monopoly @Uline.
The Uihleins are a multi-generational far-right clan of wealthy conspiracy peddlers. The family money starts with the founding of the @SchlitzBrewing company (and you thought @MolsonCoors was the only fascist beer!).
The rapid escalation of online censorship, and increasingly offline censorship, cannot be overstated. The silencing tactic that has most commonly provoked attention and debate is the banning of particular posts or individuals by specific social media platforms. But the censorship regime that has been developed, and which is now rapidly escalating, extends far beyond those relatively limited punishments.
[...]
There has been some reporting — by me and others — on the new and utterly fraudulent “disinformation” industry. This newly minted, self-proclaimed expertise, grounded in little more than crude political ideology, claims the right to officially decree what is “true” and “false” for purposes of, among other things, justifying state and corporate censorship of what its “experts” decree to be “disinformation.” The industry is funded by a consortium of a small handful of neoliberal billionaires (George Soros and Pierre Omidyar) along with U.S., British and EU intelligence agencies. These government-and-billionaire-funded “anti-disinformation” groups often masquerade under benign-sounding names: The Institute for Strategic Dialogue, The Atlantic Council’s Digital Forensics Research Lab, Bellingcat, the Organized Crime and Corruption Reporting Project. They are designed to cast the appearance of apolitical scholarship, but their only real purpose is to provide a justifying framework to stigmatize, repress and censor any thoughts, views and ideas that dissent from neoliberal establishment orthodoxy. It exists, in other words, to make censorship and other forms of repression appear scientific rather than ideological.
That these groups are funded by the West's security state, Big Tech, and other assorted politically active billionaires is not speculation or some fevered conspiracy theory.
One of Hong Kong’s largest pro-Beijing Facebook groups has disappeared, with its founder saying that Meta removed it for apparently violating community rules.
Faruk Eren, chair of the Turkish Press and Printing Press Employees' Union (Basñn Ià Ÿ), affiliated with the Revolutionary Workers' Unions Confederation (DISK), spoke to Mesopotamia Agency (MA) about the arrest of Kurdish journalists. Eren said that if there is no reaction against the unjust and unlawful detentions of Kurdish journalists, sooner or later, everyone will be targeted.
A pro-democracy publishing house in Thailand was approached by a Chinese businessman who wanted to pay it to shut down to boost his relationship with Beijing in the wake of the ruling Chinese Communist Party congress, its editors said in a statement.
A private investigation agency contacted Sam Yan Press in May with an offer of two million baht from a Chinese businessman who wanted to buy the company in order to shut it down, the publishing house said in a statement on its website dated Oct. 26.
"They said that the Chinese businessman was keen to make good relations with the Chinese government. We were in utter disbelief and thought it was a fraud. Therefore, we completely ignored the messages from the agency and continued with our causes," the statement, signed by the press' editorial board, said.
More than 2000 workers at Apple retail units in Australia have voted against a pay deal offered by the technology firm, the Retail and Fast Food Workers Union claims.
The union, one of three representing the workers, said in a statement: "After sitting on the results for 15 hours, Apple has finally admitted workers have smashed its rotten deal at a margin of more than 2 to 1 with well over 2000 workers voting no and for a better deal."
The company recently reported its results for the final quarter of its financial year, performing the best of any big technology outfit.
Apple reported US$90.1 billion (A$141 billion) in revenue for the quarter, an increase of 8% year-on-year, and US$394.3 billion, also up 8% year-on-year. But revenue is forecast to fall by 8% during the December quarter.
Halloween. Yes, it's tonight, I think, as I'm passing orchard their glass of water. One of my favorite night of the year. The jukebox is now playing a song from AC/DC and I'm hearing m15o calling for help in the kitchen. Shall we call it a kitchen? Let's just say in the room behind the bar. He's preparing some food for tonight! All I can say is that bread is going to be involved.
Arguing with my partner about when to set our goals for the year still seems so fresh in my memory, like it was just a few weeks ago. But just a few weeks ago, we were sizing up the final act of 2022. Since the pandemic started, time has seemed to crawl and sprint at the same time. Or is it just my perception of it?
The clouds lifted, the sun came out, and round 3:30pm, I said to Bunny, “Let's go to Pretty Place!”
Pretty place, aka (also known as) The Fred W. Symmes Chapel [1], is a church up on the side of a mountain, just across the North Carolina/South Carolina state line. 11 miles (18km) “as the crow flies” from The Bromfield Inn [2], or 17€½m (28km) as the car drives. And I implore you, gentle reader, to check the link out, to get into the mind set Bunny and I were in as we headed out to Pretty Place.
I can't believe it's Halloween already! We're having some friends over and it'll be a fun night!
Summer went a bit late this year, most days got into the 90s until just a couple weeks ago. We had a short, cool rain storm come in for a few days at the end of September. Roomie called it a "False Fall" which I really like the concept of. There are always those few days at the cusps of the seasons that feel like the upcoming one.
There is a Grinch Halloween special which doesn't get nearly enough love as it's Christmas counterpart that captures the Halloween spirit so perfectly!
Parts showed up Friday so I reset the router I borrowed, and dropped it off.
Picked up the parts, and got home and they did not work because they are "802.3af" type PoE and not "passive 24v" PoE.
I wonder if people might struggle less with computer security if we employed metaphors for previous technology.
People have attempted to get videos off the internet, showing a clear misunderstanding how how computers work. If they thought in terms of many people photocopying a picture, I'm sure they would understand how futile the efforts are.
I don't have stars and follows on my Github page and they seem to think that is a red flag. When they ask for my twitter (which I haven't used since basically when twitter came out) or FB or any other social media and I say I don't really use any of them, they just give me this strange look. So bizarre.
I just had to remind myself that this process is an exercise in the law of large numbers. You send out tons of resumes, get a bunch of interviews, a ton of rejections and a few offers you definitely don't want. Eventually you find a good match.
My go-to method for deploying command line tools I've written is to build Python packages and installing them. This works well for putting the tools on the PATH, but one thing I've been missing is to also include "OS integration files" (such as man pages, .desktop app launchers, and systemd unit files). Recently I learned a way to do it.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.