11.09.22

Facebook is Dying. Part II.

Posted in Deception at 10:00 pm by Guest Editorial Team

Reprinted with permission from Ryan

In my last post, I mentioned that Social (Control) Media is dying off, and we’re no worse for wear because of it.

I noted that Musk was ruining Twitter (as a business) and clearly had no idea what to do, because he has no successful businesses on their own merit, which make profit without ripping off the public via government theft of wages. (Taxation to give to private companies as endless bailouts.)

Musk is hardly alone. Many of the large US corporations operate this way.

Facebook’s CEO, Mark Zuckerberg, has gone totally crazy. Like Vladimir Putin deciding to invade Ukraine crazy.

He’s thrown so much money into the “Metaverse” VR crap, which everyone mocks, and most people who actually did buy the expensive headsets gave up trying to use within their first month, that he’s wiped out over $268 billion of wealth and climbing just with this, and only with the top 10 investors in Facebook.

Most of the loss goes to Zuckerberg, but in many cases, Facebook shares were stuffed into people’s retirement accounts like some sort of a Ponzi scheme, without their consent, because it was part of a passive fund.

(Most American workers have no control over their retirement investments, either because a pension fund “takes care of that” or because they’re in some sort of corporate savings schemes like 401(k) and 403(b), where they have to choose between funds, and they all have some shit in the plumbing so there is no perfect outcome.)

Facebook is failed. It has plunged in “book value” by over $700 billion in the past year. It just sacked 11,000 people today in “Round 1” (means more to come….), and it admits it will lose many more billions of dollars in “Metaverse” before Mark Zuckerberg runs the company into the ground completely.

Any one problem that Facebook has would be bad for the company, but probably not fatal.

Unfortunately for them, they’ve seen ad revenues decline as America enters quite possibly a worse recession than 2008, and their CEO has not only failed to see the recession coming, but blew through their cash reserves instead of investing it into the products people are actually “engaging” with. They have some, but they’re being utterly neglected due to the VR nonsense.

Zuckerberg takes advantage of the somewhat unique structure of Facebook to do whatever he wants with it (he set it up so he gets a lot of votes) and his investors only have two options. Sit there and continue to get thumped by a CEO who is squandering assets, or dump their shares for whatever they can get today, which floods the market with shares that nobody wants at lower and lower prices.

I do wish the people who are losing their jobs the best of luck in the 2023 Hunger Games.

Maybe some of them can even find a job that _benefits_ society next time instead of pampering my parents, both of which are right-wing cranks who are level 12 susceptible to paranoid conspiracy theories and propaganda, with a feedback bubble which makes them feel validated, or like they’re in some sort of clear majority in their political opinions, which get even more fringe by the year thanks to this gaslighting.

If my parents were a lot more astute than they actually are, they would notice that it was Jack Welch (GE/RCA merger, dad) and the Catholic Church (mom) who screwed them on their retirement and left them to rot, and Republicans that allowed it and are coming for their Social Security money while they worry about non-existent threats like “brown people from other countries”, like the Fox News telescreens order them to.

In his case, he got his from a wealthy Republican businessman, and in her case, the pension turned out to be nothing more than an unsecured promissory note from a Mafia-affiliated group of pedophiles with a city-state in the middle of Italy. Will they never learn?

(Rhetorical. People who haven’t figured it out by 71 or 65 probably won’t. Mom still swears up and down that the Archdiocese told them their pensions were guaranteed for 20 years. Just like they were previously guaranteed for “as long as you live”, and before that they were “guaranteed to grow until you’re 66”, then “63”, then “62”, then “nobody new gets a pension and yours is frozen NOW”. How much money is there really? Nobody will say. Where is it invested? “Don’t worry!”)

Even if the unemployed Facebook and Twitter workers take a job at Taco Bell, slinging cheap tacos and burritos at people who are stoned at 2 AM is neutral to the fabric of our society.

Facebook and Twitter are as corrosive as Xenomorph blood and I wish the platform a swift and total demise. But they’ve already done insurmountable harm to people like my parents.

Mom spent all of COVID bashing me for being responsible and levelheaded enough to get me and my spouse our vaccines. For wearing masks at large gatherings. For using hand hygiene. And we didn’t get COVID, and they got….COVID and the flu at her house, at the same time.

She lacks the ability to comprehend how vaccines work, or even the very basics of germ theory, which is unfortunate since she’s a nurse.

Many political confederates of mom and dad are no longer with us because listening to the Party of Trump was the last mistake they ever made.

But even as they witnessed millions of each other dying on ventilators, they still proclaim it was all a hoax.

This is what happens when you’re watching Fox News and looking at Facebook all day.

Facebook waited until this country was on the verge of being overthrown in a coup before they even thought to ban Trump. It took _days_ after for them to claim they made a very brave decision.

In the background, they didn’t want to do it. They wanted dimwits looking at Facebook, even if Trump was the reason why. It helped them sell ads.

Facebook is too dangerous to continue. Fortunately, I doubt we will need to endure it for too much longer.

Links 09/11/2022: Release Candidate of Leap Micro

Posted in News Roundup at 12:44 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • VideoMillions of Twitter Users Leave For Mastodon – Invidious

        Apparently, all we needed to make Mastodon more popular was for Elon Musk to buy Twitter. But is this a good thing? Are all these new Mastodon users going to be happy on Mastodon? I have some thoughts on this situation.

      • Tux Digital38: Crackin’ Passwords – Linux Out Loud – TuxDigital

        This week, Linux Out Loud chats about how variety is the spice of Linux.

        Welcome to episode 38 of Linux Out Loud. We fired up our mics, connected those headphones as we searched the community for themes to expound upon. We kept the banter friendly, the conversation somewhat on topic, and had fun doing it.

      • VideoSetup a Splunk Lab on Ubuntu Server 22.04 – Invidious [Ed: Splunk is proprietary. Better use the Free/libre alternatives.]

        ! In this video, we cover how to set up a Splunk Lab on Ubuntu Server for people training to get in the Cyber Security Field.

    • Graphics Stack

      • GamingOnLinuxNVIDIA PhysX 5.1 SDK goes open source

        Available now under a BSD license, today NVIDIA put up the NVIDIA PhysX 5.1 SDK as open source which is great to see from team Green.

    • Instructionals/Technical

      • EarthlyContainers are chroot with a Marketing Budget

        But for me, containers are just chrooted processes. Sure, they are more than that: Containers have a nice developer experience, an open-source foundation, and a whole ecosystem of cloud-native companies pushing them forward. But, let me show you why I think chroot1 is the key.

        So, let’s build a container runtime using only the chroot system call. Doing so, we can learn a little about chroot, a little about container runtimes, and it will also be fun!

      • Jaakko KeränenCapsule Housekeeping

        A quick note about some improvements to the capsule, specifically regarding the version accessible from the web: [...]

      • Manuel MatuzovicDay 32: the clamp() function

        The clamp() function defines a minimum value, a preferred value, and a maximum value.

        A quick recap of min() and max() before we talk about clamp(): [...]

      • KlaraEasily Migrating from Linux to FreeBSD

        If you are already experienced with Linux, FreeBSD should feel very familiar. The operating systems have a lot in common, due both to their Unix heritage and many shared modern components. Much of what may be unfamiliar to a Linux user adopting FreeBSD is also inconsistent between Linux distributions themselves.

        In this article, we will cover some of the conceptual differences between Linux and FreeBSD, and go on to contrast some aspects of the basic system utilities and the differing views of hardware given by the two systems.

      • [Old] How to manage a mailing list?

        Asking for help to send by blog posts by email.

        I’m currently in the process of moving my www blog out of Worpdress and merging it with this Gemini capsule. I’m quite excited by the progress I made in this project and will soon talk more about it. But there’s one bottleneck I’m currently facing : migrating users subscribed to my mailing list.

      • HowTo ForgeHow to Install LibreNMS Monitoring Solution on Rocky Linux

        LibreNMS is a monitoring tool that supports auto-discovery with multiple protocols, including SNMP, ARP, OSPF, and BGP.

      • HowTo ForgeHow to Install Odoo ERP Software (formerly OpenERP) on Debian 11

        Odoo (formerly OpenERP) is an open-source and powerful business management software.

      • VituxHow to Remove a User on Debian and Ubuntu Linux – VITUX

        When using Debian or Ubuntu operating system on your server or desktop, you sooner or later will have to add or remove users from your system.

      • OSTechNixInstall NetData Performance Monitoring Tool In Linux – OSTechNix

        This guide explains what is Netdata, how to install Netdata in Linux and how to analyze and monitor a Linux system performance and resource usage with Netdata.

      • H2S MediaHow to install Mosquitto in Ubuntu 22.04 or 20.04 LTS

        Tutorial to install the Mosquitto on Ubuntu 22.04 Jammy or 20.04 Focal LTS including Management Web Graphical Interface Cedalo.

        Eclipse Mosquitto is a lightweight message broker published under an open-source license. It implements MQTT protocol versions 5.0, 3.1.1, and 3.1. And because of its low power consumption, it can be used on boards like Raspberry pi.

        Whereas the MQTT protocol (MQ Telemetry Transport or Message Queue Telemetry Transport) was developed in 1999 for M2M (machine-to-machine) communication as part of a joint oil pipeline[1] project between IBM and Arcom Control Systems.

        The Mosquitto project also provides a C library for implementing MQTT clients, and the very popular mosquitto_pub and mosquitto_sub command line MQTT clients.

      • Linux CapableHow to Install VirtualBox 7.0 on Ubuntu 22.04 | 20.04

        Oracle VM VirtualBox 7.0, the latest free and open-source hypervisor from Oracle has been released with numerous new features and improvements. The new version sees additions such as a recent utility showing performance statistics for running guests, secure boot support, Full VM encryption support (via CLI), and a reworked virtual machine wizard. Additionally, various bugs have been fixed in this release. For more information, visit the VirtualBox 7.0 changelog.

        In the following tutorial, you will learn how to install VirtualBox 7.0 on your Ubuntu desktop or server by importing the official virtual box repository and installing the most up-to-date version using the command line terminal. The extra benefit for users using this method is that you will receive them instantly from the VirtualBox repository when updates drop.

      • DebugPointHow to Find Systemd or Any Other init System in Linux

        Here’s how you can determine if you are running systems or any other init system in your Linux distribution.

        The first process, which starts when you boot up your Linux distribution, is called init (short for initialization). It has the process identifier 1 (i.e. pid=1). All the processes and applications in your Unix-based system are direct descendants of this init process.

        Based on functionality and features, different types of init processes are present. For example, systemd, Runit, OpenRC, sysVinit, etc. Among those, the systemd is the most popular and modern one, which is used and adopted by all the modern Linux distributions, including Ubuntu and Fedora.

        There are ongoing debates about Systemd and its performance compared to the traditional Unix-based init systems. But that’s a topic for another article.

        let’s find out how you can determine whether you are running a systemd or any other init system in your Linux distribution.

      • HowTo ForgeHow to Install LOMP Stack (OpenLiteSpeed, MariaDB, and PHP) on Debian 11

        A simple tutorial that explains how to find out what init system in your Linxu distributions – systemd or any other init systems.

      • Linux HandbookLHB Linux Digest #22.12: Lesser Known Bash Tips, Block Devices and More
      • How to Install Wine 7.20 on Ubuntu / Linux Mint – Tips On Unix

        This tutorial will be helpful for beginners to install wine 7.20 on Ubuntu 22.04 LTS, Ubuntu 20.04, and Linux Mint 21.

      • DebugPointHow to Find Systemd or Any Other init System in Linux

        The first process, which starts when you boot up your Linux distribution, is called init (short for initialization). It has the process identifier 1 (i.e. pid=1). All the processes and applications in your Unix-based system are direct descendants of this init process.

        Based on functionality and features, different types of init processes are present. For example, systemd, Runit, OpenRC, sysVinit, etc. Among those, the systemd is the most popular and modern one, which is used and adopted by all the modern Linux distributions, including Ubuntu and Fedora.

        let’s find out how you can determine whether you are running a systemd or any other init system in your Linux distribution.

    • Games

  • Distributions and Operating Systems

    • HackadayZ80 Gets New OS

      If you have a soft spot for a Z80 computer but want a new operating system experience, try Zeal. You can watch a demo of the open-source OS in the video below.

      As you might expect, the whole system is written in Z80 assembly language. The features you expect are there: files, directories, device drivers, a clock, and even memory banking to support up to 16M of memory. The work isn’t totally done, nor is the initial target computer — Zeal — but it looks like a great piece of work so far and will be of interest to anyone who has a Z80.

    • SUSE/OpenSUSE

      • OpenSUSERelease Candidate of Leap Micro Now Available – openSUSE News

        The release candidate of openSUSE’s modern lightweight host operating system Leap Micro 5.3 is now available on get.opensuse.org.

        The release made NetworkManager the default network configuration tool; autoyast ensures this. Users should be aware that firewalld is only installed from the ISO if the firewall is enabled during an installation.

        A new SELinux module for Cockpit provides basic functionality for users to troubleshoot configurations.

        A first-boot wizard gives users an alternative to setting a password via combustion/ignition, which allows for formatting partitions, configuring users, and writing of regular files, systemd units, and more.

        The RC introduces newly generated QEMU Copy On Write images for Leap Micro.

    • Debian Family

    • Canonical/Ubuntu Family

      • UbuntuCanonical to attend Supercomputing 22 | Ubuntu

        With SC22 just around the corner, now is a great time to get in touch with Canonical on all things HPC.

        SC22 or Supercomputing 2022 is one of the main events on High-Performance Computing (HPC) and Supercomputing. You can expect to hear about all the relevant topics in the space, and even hear more about workloads that run on High-performance computing clusters, such as Complex computational or numerical workloads or advanced simulations, or even workloads such as High-Performance Data Analytics (HPDA), Artificial Intelligence and Machine Learning (AI/ML).

      • The Register UKStrong support for Snap, Ubuntu Core at Canonical conference • The Register

        Canonical remains committed to its Snap format as the coverage at its first public gathering in a few years shows.

        Vulture Towers Central Europe are in Prague – which, handily, is also the location for Canonical’s 2022 Ubuntu Summit. A significant amount of the coverage is devoted to the company’s IoT offering, Ubuntu Core, and the Snap packaging system that it’s built from. Indeed the second talk of the event was by Oliver Grawert, one of the core architects of the system, titled: “An Ubuntu for a 10 ton steel press and your window shades: UbuntuCore at a glance.”

        The Snap project emerged from Ubuntu’s 2014 effort to build an Ubuntu-powered phone. When the phone project proved “not to be commercially viable”, the company looked at moving some tech from the phone project into its nascent Ubuntu Core distribution, its play for the internet of things market, aimed at being “fail-safe, tinker-proof and reliable at a higher level.”

    • Open Hardware/Modding

      • ArduinoHumidify the air around you with home automation | Arduino Blog

        Keeping the air in your home in the right condition is incredibly important. Your home is your safe haven from the outside world, a place where you can control your environment and enjoy the comfort and peace of a secure space.

        Humidifiers are an excellent way to keep the atmosphere of your home in exactly the right balance for your health and enjoyment. Traditional humidifiers work well, but automated humidifiers can work even better.

        In this article, we’ll look at why humidifiers are so useful and how you can use home automation to create your own smart home humidifiers.

      • Linux GizmosHardkernel debuts new Odroid board for $69.00

        Hardkernel just launched a new Odroid board based on the S922X hexa-core SoC. The Odroid-N2L doesn’t include ethernet support, but it comes with up to 4GB of LPDDR4, one … HDMI, 40 I/O pins via expansion header and an eMMC connector.

      • Raspberry PiReplica HP-16C coding calculator

        Raspberry Pi Pico powers a tiny little 602 LCD display and three keypads. A level shifter converts the voltage between the Pico and the LCD display. The maker is still working on the code. They built this replica calculator to emulate the code testing experience HP-16C gave coders, except they’re using it to learn CircuitPython. Once they’ve a better grip on the language, they hope this recreation will have all of the original functions of Hewlett-Packard’s bespoke handheld.

      • Raspberry PiAt what age can a child start coding?

        Coding, or computer programming, is a way of writing instructions so that computers can complete tasks. Those instructions can be as simple as ‘move a toy robot forwards for three seconds and then make a beep’, or more complicated instructions, such as ‘check the weather in my local area and then adjust the heating in my house accordingly’.

      • Tom’s HardwareRaspberry Pi Mini PC Beats Commute Boredom

        There’s nothing like tinkering with a Raspberry Pi but why wouldn’t you take it with you if you could? That’s where maker, developer and 3D-artist Thor Brigsted’s latest project comes into play. He’s created an ultra-mobile PC (UMPC) with our favorite SBC that spans just 5-inches across.

        According to Brigsted, the need for the project was devised from a need to fill some spare time spent on public transport. This UMPC makes it possible for Brigsted to program on the go while also familiarizing with the intricacies of Linux. Not only is he experimenting with programming on the Pi, he’s using this system to develop a new game from scratch.

      • Tom’s HardwarePaper PCBs Heralded as the Future of Disposable Electronics

        A diagram accompanying the paper provides an overview of the paper PCB creation process. In brief, the steps are as follows: wax pattern printing, paper ink infusion, and screen printing of functional elements, laser cutting of through holes, and adding conductive traces. The aforementioned inks use a mix of conductive and semi-conductive formulas, capable of forming resistors, capacitors and transistors. The printed ‘wires’ and components are said to be as flexible as the paper they are deposited on.

  • Free, Libre, and Open Source Software

    • Goodbye Twitter, Hello Blog!

      It’s quickly become clear that the acquisition of Twitter by Elon Musk means the end of the site as I’ve known it since 2008. Instead I’m going to collect all the stuff I would have tweeted about & post it to this blog roughly once a week. If you have an RSS reader you can follow along there. I’ve also created a subreddit where I’ll link to each post, so that folks can follow via Reddit if they prefer, and also comment on what I’ve written. I’d also appreciate comments over email!

      My goal is to post fewer things, more thoughtfully, to a smaller audience for a while, and see how that goes.

    • SaaS/Back End/Databases

      • AIMTop 9 Open Source Graph Databases

        Understanding most domains requires processing large sets of connections along with individual values. Along with financial services providers, even social networks, payment networks or road networks depend on understanding relationships between individual values to establish recommendation engines and detect fraud.

        This is where the importance of graph databases is highlighted as they utilise topographical data models to store data. They store nodes and relationships instead of documents or tables. Traversing through nodes, joins, and relationships is a lot faster than assessing individual values.

    • Education

      • Daniel JanusDutch Clojure Days 2022

        It’s a tradition of this blog that I write down impressions on my way back from Amsterdam conferences (addendum a week later: unfortunately I took a flight this time, too short to complete this entry, and it had to wait until I caught up). This time, it was Dutch Clojure Days 2022, my first post-COVID full-size conference and the first DCD I’ve ever been to. And, hopefully, not last. I know I want to come back.

    • Licensing / Legal

      • JoinupThe Africa Legal Innovation Week

        The Africa Legal Innovation Week is a hybrid, annual conference that brings legal technologists across the African Continent together to discuss the role of technology in supporting access to justice. The event that is taking place from 22 to 29 November 2022, will give the attendees a chance to meet, interact and network with the leading digital justice and legal innovation experts, as well as engage with Africa’s disruptive justice and legal innovations.

      • JoinupEUPL in Encyclopedia

        The E – Scolarship Community Encyclopedia is a user-generated content collection platform for researchers with additional contributions published on scientific websites by competent experts. It focuses on scientific topics and concepts, including Mathematics and Computer Science.

    • Programming/Development

      • QtQt Installer Framework and Online Installer 4.5.0 released

        We are happy to announce about the Qt Installer Framework and Online Installer 4.5 releases today.

      • QtIntroducing Qt Insight (Beta Program)

        Qt Insight is an analytics solution designed to provide real customer insights on the usage of your application or device. It was created for companies utilizing embedded technology to shed light on an application’s performance, usage, and user data that may not be otherwise attainable.

      • DJ AdamsExtracting blog post dates from URLs with jq

        I had a JSON array of objects from a list of GitHub repo issues. Each object contained a blog post URL and a title. The URL had the post date embedded in the path, and I wanted to sort them all based on the post date. Here’s how I did it.

        I have a working list of blog posts, as issues in a GitHub repo (as a sort of temporary data store). Each issue has the blog post title as the issue title, and just the blog post URL in the issue body, like this: [...]

      • ChrisStatistical Process Control: A Manager’s Guide

        There are two ways to present statistical process control: one for the practitioner, and one for the statistician. This is the practitioner’s version. In this version, the reason behind some things will be given as, People have relied on these tools to increase quality and decrease costs for over 80 years. Trust me, it works.

        That reason might not sit right with some of you, so try to rest assured that there is sensible statistical theory behind it, too. I just won’t go through that now.

      • Python

        • James BennettA Python 3.11 “gotcha”

          Recently at work I’ve been doing a bit of performance tuning on a service that’s getting ready to launch. It’s been built mostly on the tried-and-true principle of “first make it correct, then make it fast”, and really more like “then make it fast if necessary“. This is important because you generally want to have an idea of your performance goals up-front, and if you’re already hitting them then you should not spend a bunch more time trying to micro-optimize your way into being as fast as possible.

          The actual performance tuning part of this wasn’t that exciting; there were just a couple database columns that needed indexes, and once they’d been added, the response times were back to where I wanted them to be.

  • Leftovers

    • The NationThe Outer Limits of Painting

      I was surprised when I saw that New York City’s Gagosian gallery was going to show Rick Lowe’s work. As long as I’ve been aware of him, Lowe has never made art that could be sold. He’s known for what some call “socially engaged practice,” and others refer to simply as “activist art”—art that aims to transform people’s perception of themselves, of others, and of society through direct interventions in daily life, rather than via images or objects. Such a mission, unlikely to yield much in the way of merchandise, is probably anathema to a gallery, let alone a market powerhouse like Gagosian.

    • Telex (Hungary)Hungarian olympic champion Liu brothers to change countries
    • HackadayThree Norths Align, And It’s Not Even Up North

      Sometimes here at Hackaday we bring you stories from slightly outside our world of tech, because they have an interesting angle. Maybe they relate to science or astronomy, or in the case of the UK’s Ordnance Survey explaining how Britain’s three Norths will align, geography.

    • HackadayClever Control Loop Makes This Spinning Drone Fault-Tolerant

      Most multi-rotor aircraft are about as aerodynamic as a brick. Unless all its motors are turning and the control electronics are doing their thing, most UAVs are quickly destined to become UGVs, and generally in spectacular fashion. But by switching up things a bit, it’s possible to make a multi-rotor drone that keeps on flying even without two-thirds of its motors running.

    • ScheerpostSound and Fury, Signifying Nothing
    • Education

    • Hardware

      • Hackaday3D Printed Shelf Connector

        Sometimes, you really need a custom shelf. Whether you have a weird-shaped space, weird-shaped stuff, or just want something different, making your own shelving can make your place more like home. The Plus Shelf by [shurly] aims to make building your own shelves a little easier with a 3D printed bracket.

      • HackadayKeebin’ With Kristina: The One With The Pumpkin Keyboard

        Oh, the places plastic has taken us. One of the arguably better inventions might be the fake carve-able pumpkin, which is more or less guaranteed not to shrivel up and rot on your porch, though it might get smashed by wily teenagers along with its organic brethren next door.

      • HackadaySlingbox Getting Bricked – You Have Less Than 24 Hours

        The Slingbox devices used to let you catch up with the programming on your TV when you weren’t near it, using your Internet-connected mobile device. As cable TV became less popular, their business model faded away, and in 2020, they scheduled a service shutdown for November 9th, 2022. If you own a Slingbox, it’s getting bricked tomorrow – for those reading this in EU, that’ll be today, even. Do you have a Slingbox? You might still be able to repurpose it, let’s say, for local media streaming – but only if you waste no time.

      • HackadayCheap Scope Troubleshoots Commodore

        [Adrian] had a Commodore computer to fix and decided to see how his latest tiny portable scope would work. He paid $57 for the tiny little test instrument although the current price seems higher. It claims to have 120MHz bandwidth along with 500 megasamples per second. There are several versions with different claimed specs, but we did find a similar device for under $60. You can see the unboxing and how it worked in the video below.

    • Health/Nutrition/Agriculture

      • [Old] AFRThe science behind those apps you can’t stop using

        In 1930, a psychologist at Harvard University called B.F. Skinner made a box and placed a hungry rat inside it.

        The box had a lever on one side. As the rat moved about it would accidentally knock the lever and, when it did so, a food pellet would drop into the box. After a rat had been put in the box a few times, it learnt to go straight to the lever and press it: the reward reinforced the behaviour.

        Skinner proposed that the same principle applied to any “operant”, rat or man. He called his device the “operant conditioning chamber”. It became known as the Skinner box.

      • Vintage EverydayA “Slot Machine Doctor”, 1941

        The slot machine manufacturers will never stop until they have American life completely on a “coin-in-slot” basis, apparently. And in 1941, they’ve devised this machine. Strap your wrist to it, drop in a dime, and read your blood pressure level and pulse rate.

      • Counter PunchThe Future of China’s Green Revolution

        On the problem side, China is the largest emitter of carbon dioxide in the world by a rather wide margin. In 2020, China was responsible for a little over 30 percent of annual carbon emissions. The share of the number two emitter, the United States, was about 13.5 percent. Factoring in all greenhouse gasses doesn’t change the picture very much, with China still number one at 26 percent and the United States number two at approximately half that figure. But if you look at historical emissions, the picture reverses, with the United States responsible for approximate 20 percent of all carbon dioxide emissions since 1850 and China in second place at 11 percent. Also, on a per-capita basis, China slips to the number four position, with approximately half the emissions today of either the United States or Russia.

        At the same time, China has been a global leader in shifting from fossil fuels to renewable energy, adding more renewable energy capacity than any other country. By the end of 2022, China is on pace to install an astounding 156 gigawatts of additional capacity provided by wind turbines and solar panels, which is 25 percent more than the record it set in 2021. By comparison, the United States is expected to install only about 30 gigawatts of solar and wind power this year.

      • Counter PunchNo Evidence for Psychiatry’s Depression Claims, Report Three 2022 Research Reviews

        The implications of these reviews are broken down in the following sections: (1) What We Have Been Told; (2) The Scientific Reality; (3) What Are the Variables Associated with Depression? and (4) The Stacked Deck against Scientific Realities Denting Brain-Defect Mythology.

        What We Have Been Told

    • Proprietary

      • Trail Of BitsWe sign code now

        Sigstore announced the general availability of its free and ecosystem-agnostic software signing service two weeks ago, giving developers a way to sign, verify and protect their software projects and the dependencies they rely on. Trail of Bits is absolutely thrilled to be a part of the project, and we spoke about our work at the inaugural SigstoreCon.

      • BBCMedibank: Data stolen from Australia health insurance available online [iophk: Windows TCO]

        Some health claims data – including medical procedure history – was released, along with names, addresses, birthdates and government ID numbers.

      • Indian ExpressAustralian health insurer’s customer data published online after Medibank refused to pay ransom [iophk: Windows TCO]

        The release of information on the dark web appeared to be a sample of the data that Medibank had previously determined had been stolen last month, a company said. Medibank expected the thief would continue releasing data.

      • ReutersAustralia’s top health insurer reels after data breach [iophk: Windows TCO]

        Medibank Private Ltd (MPL.AX), Australia’s biggest health insurer, reported a massive data breach in October that compromised personal and medical information of its current and former customers, and slashed its stock value by almost a fifth.

      • Krebs On SecurityPatch Tuesday, November 2022 Election Edition – Krebs on Security
      • MIT Technology ReviewHere’s how a Twitter engineer says it will break in the coming weeks

        On November 4, just hours after Elon Musk fired half of the 7,500 employees previously working at Twitter, some people began to see small signs that something was wrong with everyone’s favorite hellsite. And they saw it through retweets.

        Twitter introduced retweets in 2009, turning an organic thing people were already doing — pasting someone else’s username and tweet preceded by the letters RT — into a software function. In the years since, the retweet and its distant cousin, the quote tweet (which launched in April 2015) have become two of the most common mechanics on Twitter.

    • Linux Foundation

      • Linux Foundation’s Site/Blog10 MLflow Features to 10 Million Downloads

        This milestone, which few open source projects achieve, was accomplished through contributions from the MLflow community’s many open-source developers and users. As we celebrate the community’s success, we think it’s worth taking a moment to reflect on how MLflow reached this level of adoption in the emerging MLOps ecosystem. I’d like to highlight ten design principles and features that contributed to MLflow passing 10,000,000 monthly downloads by making users successful with a wide variety of model development and MLOps initiatives.

    • Security

      • LWNSecurity updates for Wednesday [LWN.net]

        Security updates have been issued by Debian (vim, webkit2gtk, and wpewebkit), Fedora (mingw-python3, vim, webkit2gtk3, webkitgtk, and xen), Mageia (389-ds-base, bluez, ffmpeg, libtasn1, libtiff, libxml2, and mbedtls), Red Hat (kpatch-patch and linux-firmware), SUSE (conmon, containerized data importer, exim, expat, ganglia-web, gstreamer-0_10-plugins-base, gstreamer-0_10-plugins-good, gstreamer-plugins-base, gstreamer-plugins-good, kernel, kubevirt, protobuf, sendmail, and vsftpd), and Ubuntu (libzstd, openjdk-8, openjdk-lts, openjdk-17, openjdk-19, php7.2, php7.4, php8.1, and pixman).

      • Hacker NewsNew IceXLoader Malware Loader Variant Infected Thousands of Victims Worldwide [Ed: Microsoft Windows TCO]

        IceXLoader is traditionally distributed through phishing campaigns, with emails containing ZIP archives functioning as a trigger to deploy the malware. Infection chains have leveraged IceXLoader to deliver DarkCrystal RAT and cryptocurrency miners.

      • Hacker NewsExperts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

        Called Cloud9 by security firm Zimperium, the malicious browser add-on comes with a wide range of features that enables it to siphon cookies, log keystrokes, inject arbitrary JavaScript code, mine crypto, and even enlist the host to carry out DDoS attacks.

      • Hacker NewsSeveral Cyber Attacks Observed Leveraging IPFS Decentralized Network [Ed: This foolishly blames the media instead of the attacks; many terror attacks rely on roads; ban roads?

        In one malspam delivery chain detailed by Talos, an email purporting to be from a Turkish financial institution urged the recipient to open a ZIP file attachment that, when launched, worked as a downloader to retrieve an obfuscated version of Agent Tesla hosted within the IPFS network.

      • Bruce SchneierDefeating Phishing-Resistant Multifactor Authentication

        CISA is now pushing phishing-resistant multifactor authentication.

      • Hacker NewsFeature to Compromise European Diplomatic Entity Network [Ed: Microsoft Windows TCO]

        The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity.

        “The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,” Mandiant researcher Thibault Van Geluwe de Berlaere said in a technical write-up.

      • LinuxInsiderA New SBOM Tool, OpenSSL Fixes, GitHub Flaw, Software Supply Chain Help

        Troubles with software supply chain safety have recently grabbed a chunk of negative headline space. That might well set the stage for what to expect in an upcoming State of Open Source Report.

      • Privacy/Surveillance

        • ABCLawmakers say EU isn’t tackling phone surveillance scandal

          The European Parliament’s inquiry committee investigating the use of surveillance spyware by the bloc’s governments said Tuesday the EU’s executive arm and member countries are failing to properly tackle a surveillance scandal that has targeted opposition politicians and journalists.

          In a draft report published Tuesday, the committee investigating Pegasus said the European Council and national governments “are practicing omertà” — or a code of silence — and regretted that the European Commission only shared “reluctantly and piecemeal” information concerning spyware attacks on its own employees.

        • International Business TimesWoman tracks down stolen iPhone on her own after police refuse to help her

          Sabina has expressed utter disappointment with the way police handled her case, she said: “When they told me that they couldn’t help me get my phone, I felt terrible and awful. And when they told me that no one had been assigned to the case I had to ask them if they were serious.”

        • Patrick BreyerEuropean Health Data Space: Threat to self-determination and privacy

          This afternoon, the EU Commission will present draft legislation to the Committee on Civil Liberties, Justice and Home Affairs (LIBE) to create a “European Health Data Space” (EHDS). The proposal aims to connect patients‘ health data across Europe. For example, patients’ medical histories, test results or prescriptions are to be shared with hospitals and doctors treating a patient throughout the EU, unless the patient restricts access. Industry, research and authorities would also be given access to personal health data.

        • Jonathan FaberAbsence of registrants on New York’s postmortem Right of Publicity registry may not be what it seems

          [...] States considering right of publicity legislation would be well-advised not to include a registration system, particularly if it is anything other than voluntary, or if it creates a condition for damages.

        • TechdirtSenator Wyden Asks State Dept. To Explain Why It’s Handing Out ‘Unfettered’ Access To Americans’ Passport Data

          There are supposed to be limits on what the federal government can do with all the data it forces people to hand over in exchange for government services. But much of the limiting appears to be left up to the discretion of federal agencies. Discretion is the better part of valor, as they say. If these agencies are ever going to become valorous, they’re probably going to have to steal it.

        • TechdirtLouisiana Cops Sued After Dash Cam Video Showed They Lied About Why They Performed A Pretextual Stop

          Courts have continually said pretextual stops are a cool way to engage in law enforcement fishing expeditions. But there are a few caveats.

        • Biometric UpdateGroups and motivations advocating for digital identity principles put under the microscope

          What is the underlying worldview of groups proposing visions for “good” digital identity systems? An attempt to answer this question is offered up in a new study published by Cambridge University Press.

          ‘On the sociopolitical configurations of digital identity principles’ by Edgar A. Whitley and Emrys Schoemaker attempts to begin making clear where different groups are coming from, and why.

          Identity is a major part of the United Nations Sustainable Development Goal 16.9, but Whitley and Schoemaker suggest that the prioritization of development differs between groups promoting digital identity and identification systems.

          The World Bank explicitly focusses on the development impact of identity, while the World Economic Forum and ID2020 present development as one among several motivations for implementing identity systems, according to the study.

          The paper takes up a call from Elizabeth Renieris in a 2021 paper on Ethiopia’s trial of a blockchain-based digital ID system for students. In the paper, Renieris argues that evaluations of digital identity systems should not be narrowly confined to their technical aspects.

        • AccessNowEU calls for spyware moratorium, but no ban to protect human rights – Access Now

          Today, the European Parliament’s Pegasus committee is calling for an immediate moratorium on the sale, acquisition, transfer, and use of spyware. Access Now reviewed an early copy of the committee’s draft report via Politico — the preliminary conclusions of its investigations — that outlines detailed recommendations that would significantly increase the protections against the use of spyware and ensure further accountability. Notably, however, it just does not demand the prohibition of technologies that are incompatible with human rights. To right this wrong, Access Now is calling on the special committee to recognise a need for a ban to strengthen its stance on these dangerous tools, and urges other EU institutions to take the necessary steps to implement the committee’s recommendations both in law and practice.

          “A call for prohibition would have been a key indicator that the European Parliament has the fortitude to stand up against the spyware industry and abusive governments. Hungary and other examples highlight the painful gaps the EU still needs to fill to protect democracy, rule of law, and fundamental rights”, said Fanny Hidvegi, Europe Policy and Advocacy Director at Access Now. “The special committee’s report rightly shows that national security is a political excuse not a legal constraint, and EU institutions have the means and obligations to fulfill their role as the guardian of the EU treaties.”

    • Defence/Aggression

      • SalonOhio man killed his neighbor because “he thought he was a Democrat,” family says

        A southwest Ohio man shot and killed his neighbor because he believed he was a Democrat, according to the victim’s family.

        Austin Gene Combs was taken into custody by Butler County sheriff’s deputies just before noon Monday after the shooting was reported in Okeana, and investigators found Anthony Lee King dead from multiple gunshot wounds, reported the Journal-News.

      • SCMPIndonesian Islamic group eyes ‘soft power’ with Spanish church purchase

        Indonesia’s second-largest Muslim organisation Muhammadiyah plans to buy and convert a church in Spain’s Alcala

      • Star TribuneOfficials: US aid worker shot dead in Baghdad in rare attack

        State Department spokesman Ned Price told reporters the department is aware of the reports of the killing of a U.S. aid worker in Baghdad and is looking into them. But, he said the department was not yet in a position to confirm the accounts of the death or that the person was a U.S. citizen.

      • Jerusalem Post‘Defeating Israel means defeating the US,’ Canada, EU -Palestinian activists

        Terrorist paraphernalia was readily apparent in previously released footage. Some marchers wore headbands showing allegiance to Lions’ Den, a terrorist group that has been responsible for several recent terrorist attacks and battles with IDF soldiers. One prominently displayed banner depicted the launch of rockets, and another poster depicted a gunman with a Carlo submachine pistol, a firearm favored by Palestinian terrorists.

      • Pro PublicaReforms Falter in Police Department Under Scrutiny for Killings

        For more than a decade, the families of those killed by police in Vallejo, California, have pleaded for oversight of their city’s exceptionally lethal police force.

        When a series of fatal shootings attracted national attention and the scrutiny of state officials in 2020, Vallejo’s leaders pledged to implement 45 reforms recommended by a private consulting group and overseen by the California Department of Justice. But officials have blown past deadlines and failed to follow through on nearly all of the promised reforms. Reporting by Open Vallejo and ProPublica has found that the city has fully implemented just two.

      • The Gray ZoneWho’s really behind Burkina Faso’s coup?
      • Site36After EU recommendation: Frontex drone allowed to fly in civilian airspace in Greece

        Two Israeli arms companies are offering their long-range drones in Europe for border surveillance. In addition to the military in Switzerland, the Greek coast guard is also carrying out corresponding missions.

      • Site36Laws for „U-Spaces“: More airspace for commercial drones

        At an aviation trade fair in Cologne, Deutsche Telekom’s business and the surveillance of commercial drone flights are also on the agenda

      • Counter PunchWhy the US Navy Needs Non-Nuclear Submarines

        Indeed, it is, but it only involves USN nuclear submarines, which Admiral Houston says are the “best in the world” (2), which is debatable, but that is not the purpose of this article. He didn’t say US submarine captains are the best in the world, which is good, because as I pointed out in my 2007 book, Lessons Not Learned: The U.S. Navy’s Status Quo Culture, that is simply not true due to the focus on engineering over war fighting, the careerism and the risk averse culture of the USN (3).

        This conclusion was recently confirmed by a friend named Commander Kerry Gentry who commanded an SSBN and told me that even today only about 20% of USN submarine captains stand a chance of defeating a first class enemy submarine, especially those commanded by captains who were trained by the British or Dutch, and many countries can make that claim, even though the Royal Navy no longer operates diesel boats, which I think was a mistake. He’s retired now, but he keeps track of these things and it would be wise for the USN to actually listen to constructive criticism from former senior officers who have the experience to know what they are talking about. Gentry was never a “yes man” so he retired as an O-5. He was a highly effective SSBN skipper, and might have made admiral if the USN were more open-minded to thoughtful advice from concerned officers that know that this organization is too expensive, and does not live up to Tom Clancy’s “we’re the best” propaganda. He even told me that the silent service is more like a cult still based on the domineering personality and pro-nuclear brainwashing of Admiral Rickover, who passed away decades ago, but remains a strong influence nevertheless. He and his disciples believed that real navies use only nuclear submarines, but it is time to get past that.

      • MeduzaLukashenko’s war Desperate to avoid direct involvement in Ukraine, Belarus is giving up more sovereignty to Russia — Meduza
      • MeduzaIndependent surveys find Russians’ support for the war has declined — Meduza

        According to recent polls conducted by the independent projects Russian Field and Chronicles, the number of people in favor of continuing the war in Ukraine has declined.

      • MeduzaU.S. basketball star Brittney Griner transferred to Russian penal colony — Meduza

        U.S. basketball star Brittney Griner, who was convicted on drug smuggling charges in August, has been transferred to a penal colony, according to her lawyers.

      • MeduzaPutin names Russian priest who died in Ukraine while doing ‘pastoral duties’ Hero of Russia — Meduza

        Russian Archpriest Mikhail Vasilyev, who died in Ukraine while “carrying out pastoral duties” on November 6, has been posthumously awarded the title Hero of Russian by Vladimir Putin.

      • MeduzaAn ‘incomprehensible’ offensive in Pavlivka Russian marines allege their unit lost 300 people in just four days. Their commanders deny, deny, deny. — Meduza

        In late October, near the village of Pavlivka in the annexed part of Ukraine’s Donetsk region, heavy fighting broke out between Russian and Ukrainian forces. On November 5, the Russian Defense Ministry reported that it had “defeated” Ukrainian forces on the southern Donetsk front; the following day, however, multiple Russian “war correspondents” posted a message from marines in the 155th Brigade of Russia’s Pacific Fleet who took part in the offensive. The marines alleged that their unit had lost approximately 300 people and half of their equipment in just four days. They asked Oleg Kozhemyako, governor of Russia’s Primorsky Krai, to conduct an independent investigation into the actions of the officers responsible for the failed operation and for the heavy losses.

      • MeduzaZelensky weighs in on Russian governor’s denial of heavy losses in Donetsk region: ‘I guess he can see better from Vladivostok’ — Meduza

        In an address on November 7, Ukrainian President Volodymyr Zelensky commented on the reports from marines in the 155th Brigade of Russia’s Pacific Fleet that they lost hundreds of men in just four days during an offensive in Ukraine’s Donetsk region.

      • MeduzaRussian draftees reportedly sent to fight as part of Wagner Group — Meduza

        The mother of a man from Russia’s Omsk region who was conscripted in September claims that her son and several other draftees from the region were sent to join the Wagner private military company (PMC), Soldiers’ Mothers Committee Executive Secretary Valentina Melnikova told the news outlet Agentstvo.

      • MeduzaRussian Education Ministry developing military training courses for high schools and vocational schools — Meduza

        The Russian state news outlet TASS reported Tuesday that Russia’s Education Ministry is developing a basic military training course for secondary and vocational schools, citing a response the ministry provided to a inquiry from Sergey Mironov, the leader of the party A Just Russia. The document says that 35 hours over the course of five days will be allotted for basic defense training.

      • MeduzaHow to slay a dragon — and avoid creating a new one Mikhail Khodorkovsky on his new book, Russia without Putin, checks and balances, lustration, and building a new civil consensus — Meduza

        Since the start of Russia’s war with Ukraine, not only Ukraine’s, but also Russia’s own survival has become a topic of heated discussion. Will Vladimir Putin manage to stay in power? Will Russia itself continue to exist in its present form? These are just two of the many currently open questions that Mikhail Khodorkovsky urges Russians to debate — in order to develop a new social consensus in advance of the inevitable regime change. Khodorkovsky’s new book, “How Do You Slay a Dragon: A Manual for Start-Up Revolutionaries,” is an attempt to jump-start that public debate, and to propose some solutions for reorganizing the Russian state in such a way that would prevent future abuses of power. The book’s central argument is that a parliamentary republic, with a carefully calibrated system of checks and balances, must replace the current model of Russian statehood, in which the president is vested with an extraordinary range of powers — and way too many opportunities to make unilateral decisions. This article is based on Khodorkovsky’s extended interview with Margarita Lyutova. Our free translation condenses his key remarks on what would be a good outcome for Russia from the viewpoint of a cautious optimist.

      • MeduzaRussian military commissariat sends draft summons for missing cook who served on sunken Moskva cruiser — Meduza

        A military commissariat in St. Petersburg sent a draft order to a ship’s cook from the Russian cruiser Moskva whose family has been searching for him since April.

      • MeduzaIn new ‘immersive’ Russian play, actors wearing Ukrainian uniforms take audience ‘hostage’ and fire blanks — Meduza

        A new play that premiered in Russia’s Kaluga region on Tuesday purports to depict past stages of the war in Ukraine’s Donbas region. The title of the play is Polite People, a euphemism used to describe the unmarked Russian soldiers who appeared in Ukraine at the start of the war and seized the Crimean Peninsula from Ukraine in 2014.

    • Transparency/Investigative Reporting

      • SalonHow fact-checking Thoreau’s observations at Walden Pond can inform modern research

        We recently published an article in the journal Bioscience that lays out a three-step approach for assessing the quality of historical observations. Using this approach, we believe that scientists can confidently use historical resources to inform studies reaching back to times and places where formal scientific data is not available.

    • Environment

      • Eesti RahvusringhäälingEnvironment Agency and PÖFF bring environmental films to cinema screens

        For the third year in a row, the Environment Agency presents a special program of environmental films at the Tallinn Dark Nights Film Festival (PÖFF), bringing film enthusiasts the most recent nature documentaries.

      • Common DreamsReport Demands ‘Rapid Transition’ to Renewables as Climate Calamities Spread Across US

        Emphasizing that mitigating the climate emergency and planetary heating is within policymakers’ power, a new draft federal report released Monday outlined the impacts the crisis has had on U.S. communities so far and warned that extreme weather, wildfires, and climate-linked public health crises will only worsen without far-reaching action.

        The finalized Fifth National Climate Assessment (NCA5) is expected to be released in 2023, but federal agencies including the National Oceanic and Atmospheric Administration (NOAA), the National Science Foundation, and NASA released the draft as global leaders attend COP27, the United Nations’ annual climate conference.

      • Common DreamsBy 2030, Poor Nations Will Need $2.4 Trillion Per Year to Fight Climate Crisis: Report

        By 2030, poor countries will need a combined total of $2.4 trillion per year to slash greenhouse gas pollution and respond to escalating extreme weather disasters, according to a new report presented Monday at the United Nations COP27 climate summit.

        That amount of money (6.5% of annual world GDP) would be enough for every developing country except China to make the changes required to cap global warming at 1.5°C above preindustrial levels, say the report’s authors, but it dwarfs the level of annual funding that has so far been provided to help low-income nations mitigate and adapt to the fossil fuel-driven climate emergency.

      • TruthOutClimate Action Will Be Stalled or Reversed If GOP Takes Congress, Activists Say
      • Common DreamsGreenpeace Dismisses COP27 Deforestation Pact as ‘Carbon Trickery’

        Greenpeace on Tuesday denounced the so-called Forest and Climate Leaders’ Partnership launched by more than two dozen nations at the COP27 summit in Sharm El-Sheikh, Egypt, arguing that the pact is unlikely to stop deforestation.

        “A robust partnership could go a long way to provide the necessary resources to protect, conserve, and restore the world’s forests, but this partnership is nothing but a green light for eight more years of forest destruction, with little respect for the rights of Indigenous peoples and local communities,” Victorine Che Thōner of Greenpeace International said in a statement.

      • Energy

        • RTL23% of new car registrations are electric or hybrid

          By 30 September 2022, 7,513 new registrations of electric or hybrid cars had been recorded in Luxembourg. Of those, 4,589 were 100% electric. The trend away from combustion engines thereby continues with 23% of new registrations being electric or hybrid cars.

        • Eesti RahvusringhäälingSikkut: Long-term plan for Tallinn-Helsinki tunnel has not changed

          Although plans for the Tallinn-Helsinki tunnel were overshadowed by more pressing issues during the Ukraine energy crisis, the long-term plan and strategic importance of the tunnel have not changed, Minister of Economic Affairs and Infrastructure Riina Sikkut said.

        • FortuneEU warns it may shut down Bitcoin miners to steer more energy to households and factories

          But Bitcoin bulls have consistently pushed against the narrative that Bitcoin mining is a waste of energy, frequently citing the stat that global Bitcoin mining operations use less power than all the clothes dryers of the U.S. combined. The contention in the [cryptocurrency] energy-use debate therefore is whether mining Bitcoin provides as much utility as consumer goods.

          For policy makers, the answer is often no.

          Even when Bitcoin mining runs on renewable power, policy planners would rather save that energy for industrial or consumer purposes because renewable electricity is still a limited resource.

        • The Register UKBitcoin energy consumption a feature, not a bug, says [cryptocurrency]-miner

          Zach Bradford, chief executive of publicly traded Bitcoin miner CleanSpark, waded into the debate sparked by the Ethereum Merge, the shift from proof of work to proof of stake, which could see an order of magnitude reduction in the power consumed by the rival cryptocurrency network.

        • IEABitcoin energy use estimates
        • [Old] Internet ArchiveAsk the Economist: Should a Christian Invest in Bitcoin?

          With real assets, you earn a return because you put money at risk and it is put to productive use. When you buy a stock or a corporate bond, on the other side of your investment is a business that uses your money to expand, to create new products, to employ workers—one hopes, to serve the common good. When a bank issues a mortgage, it makes a loan to a homeowner who borrows money to buy a house. The investor earns a return and the borrower benefits as well.

          Christians should be excited to invest in ways that serve the common good, whether by using their retirement funds to align values and investments or by providing funding for a car wash to provide jobs or in any number of other ways. Investing creates and serves.

          Given the choice between investing in a bubble that enables illicit black-market transactions, or investing in real assets that one hopes serve the common good—the choice should be obvious for Christians.

        • David RosenthalMatt Levine’s “The [Cryptocurrency] Story”: Part 1

          Even if you’re not a Bloomberg subscriber you can read Matt Levine’s The [Cryptocurency] Story with a free registration, or here, and I urge you to do so. It is long, about 40K words, but well worth the effort. It is remarkably good – lucid, comprehensive, balanced, accurate. It even has footnotes expanding on the details where he is oversimplifying for clarity of exposition.

          Levine’s magnum opus is in four parts: [...]

        • TruthOutFossil Fuel Firms Spent Millions in Bid to Defeat Democrats in the Midterms
        • Common DreamsBig Oil Spent $13 Million to Boost Republicans in These 3 Toss-Up Senate Races

          As voters across the United States headed to the polls Tuesday, a Greenpeace analysis found that the powerful oil and gas industry has spent nearly $13 million—averaging roughly $4.3 million per race—to boost Republicans vying for Senate seats in Pennsylvania, Georgia, and Nevada, key battleground states that could tip the balance of power in Congress.

          According to Greenpeace’s breakdown of campaign finance data, Big Oil has donated more than $5.4 million to party committees and super PACs backing Dr. Mehmet Oz in Pennsylvania, $5.3 million to bolster Herschel Walker in Georgia, and $2 million to support Adam Laxalt in Nevada, each of whom has signaled they would oppose climate action if elected. During his tenure as Nevada’s attorney general, Laxalt—who has ties to the Koch network—worked with other GOP officials to shield ExxonMobil from a fraud investigation.

        • Common DreamsClimate Defenders Urge ‘Zero Tolerance for Net-Zero Greenwashing’ as UN Publishes New Report

          Nongovernmental actors who continue to invest in fossil fuels, deforestation, and other activities that exacerbate the climate emergency cannot claim to be net-zero, a report published Tuesday during the United Nations’ COP27 climate conference asserted.

          “Using bogus ‘net-zero’ pledges to cover up massive fossil fuel expansion is reprehensible. It is rank deception.”

        • Common DreamsTuvalu Proposes Fossil Fuel Nonproliferation Treaty at COP27

          Campaigners on Tuesday applauded leaders in the Global South for continuing to lead the way in the fight for far-reaching climate action as the island nation of Tuvalu brought a proposal for a fossil fuel nonproliferation treaty to the United Nations’ annual climate change conference.

          “We all know that the leading cause of climate crisis is fossil fuels,” Kausea Natano, prime minister of Tuvalu, told global leaders at COP27 in Sharm El-Sheikh, Egypt. “It’s getting too hot and there is very [little] time to slow and reverse the increasing temperature. Therefore, it is essential to prioritize fast-acting strategies.”

      • Wildlife/Nature

        • Counter PunchWe Know How to Stop the Decimation of Grizzlies, We Just Need the Will to Act

          Grizzly bears are protected under the Endangered Species Act, but their mortality rate is exploding mainly from human conflicts. Bears are expanding their range, largely due to food shortages in places like the Greater Yellowstone Ecosystem. Grizzlies are confronted by armed people at cattle ranches and locations of unsecured foods and garbage.

          Range expansion by bear populations is important for their long-term survival for two main reasons. One is a change in their food base due to climate warming. As plants and animals adapt, often by moving north, individual bears must explore new areas to survive. When they appear, people often respond with fear and alarm. If we hope to have them avoid extinction, changes in our daily routines are needed.

      • Overpopulation

        • ADFWith Fish Stocks Depleted, China Casts Nets Around Globe

          From the coasts of Africa to South America, around the Indian Ocean and the South Pacific, China’s distant-water fleet (DWF) is steadily decimating fish stocks worldwide.

          China’s bottom trawl fleet catches an estimated 2.35 million tons of fish per year around the African continent worth more than $5 billion, according to the Environmental Justice Foundation (EJF).

    • Finance

    • AstroTurf/Lobbying/Politics

      • Pro PublicaHow Tennessee Disenfranchised 21% of Its Black Citizens

        Leola Scott recently decided to become a more active citizen. The 55-year-old resident of Dyersburg, Tennessee, was driven to action after her son was stabbed to death and nobody was charged.

        In August, Scott tried to register to vote. That’s when she learned she’s not allowed to cast a ballot because she was convicted of nonviolent felonies nearly 20 years ago.

      • TruthOut1 in 5 Black Voters in Tennessee Have Been Disenfranchised by State Policies
      • TruthOutTwice-Impeached Trump Wants to Know “How Many” Times GOP Will Impeach Biden
      • TruthOutHope for Progressive Victories May Lie in Races You Haven’t Heard About Yet
      • TruthOutArizona’s Rollback of Indigenous Voting Rights Could Swing the State for the GOP
      • Democracy NowIndigenous Voters Helped Democrats Carry Arizona in 2020. Now Their Voting Rights Are Under Attack

        Indigenous voters in Arizona who played a key role in catapulting Joe Biden to victory in 2020 are facing a sweeping rollback of their voting rights that may swing the state back to Republicans in Tuesday’s midterms. “In 2020, Native voters understood that the election of Donald Trump was an existential problem,” says New Yorker staff writer Sue Halpern, whose latest piece explores how voters on Arizona’s Navajo, Apache and Hopi reservations are navigating the 2021 Supreme Court ruling that banned a common method of voting collection used by Indigenous voters. We also speak with Lydia Dosela, who is running efforts to get out the vote on Indigenous reservations in Arizona to make sure “all Native American voices are heard loud and clear.”

      • Democracy NowSunrise Movement on Midterm Election: If GOP Takes Congress, Climate Action Will Be Stalled, Reversed

        The climate movement warns the midterm elections will either advance or torpedo climate initiatives in the U.S. This comes as climate activists and scientists at the U.N. climate summit in Egypt cautioned that the world is heading toward climate disaster without deeper cuts in planet-heating emissions. “We are up against a ticking time bomb of an unrelenting climate crisis and an economic crisis that is bearing down on working people,” says Varshini Prakash of the Sunrise Movement, which has reached 3 million young voters to get out the vote in the midterms. Prakash also explains how parts of President Biden’s climate legislation passed this year could be stalled or reversed if Republicans take back control of Congress in 2023.

      • Democracy NowElection Protection Force Fights Voter Suppression: Racist Poll Workers, Vigilantes, Missing Ballots

        We speak to Damon Hewitt, the head of the Lawyers’ Committee for Civil Rights Under Law, which is spearheading nationwide efforts to protect the vote in Tuesday’s midterm elections. Republicans at the national and state levels have tried to disqualify thousands of absentee and mail-in ballots in an effort to swing close races in battleground states like Pennsylvania and Wisconsin. Hewitt describes how litigation has become a major part of the election process, given the increased number of election deniers and white supremacists who now hold positions as election officials. “When the casualness of racism is weaponized in the electoral process, that leads to voter suppression if we don’t stand up,” says Hewitt, who cautions that the final election results in Tuesday’s midterms may take a couple of days. He suggests people report problems to the Election Protection hotline: 866-OUR-VOTE.

      • The NationThe Future of Democracy Requires an Electorate Free From Fear

        On Tuesday, the United States holds its first midterm elections since the January 6, 2021, attack on the US Capitol. Since then, it has become increasingly clear that the grave threat to American democracy posed on that day was no aberration; it was a prelude to a broader right-wing movement to undermine our electoral process.

      • The NationBuckle Up: This Could Be a Month-Long Election Night

        For Americans who were on edge about whether voters would turn against President Donald Trump and his Republican allies, election night 2018 was a nerve-wracking exercise in mixed signals, conflicting indicators, and extended uncertainty. Early on, it still looked like Republicans were holding on in key congressional and statehouse races. It was almost midnight when the results finally confirmed that Democrats had taken control of the House, and hours more passed before it became clear that Republican “superstars,” like Wisconsin Governor Scott Walker, were going down to defeat. Only as the days passed did it become clear that Democrats had enjoyed a strikingly successful night nationwide—enjoying a net gain of 41 seats in the US House, gaining seven governorships, picking up multiple statewide posts, adding roughly 350 state legislative seats, and taking charge of six legislative chambers that had previously been controlled by the GOP.

      • The NationGeorgia Democrats Are Holding Their Breath

        Beverly Glover was right. The 66-year-old lifelong East Macon resident shooed me away from Senator Raphael Warnock’s Monday rally immediately, once she learned I wanted to get back to Atlanta in time for a late-afternoon Stacey Abrams event. I had best be going. It was only 1:45.

      • The NationA Libertarian Candidate Shares Her Abortion Story to Push Back on the Party’s Right-Wing Shift

        Kelly Halldorson is not going to be the next governor of New Hampshire—which may be why, when she shares her abortion story publicly for the first time—it doesn’t sound like a campaign ad.

      • Telex (Hungary)Deutsch on sanctions: We were able to protect ourselves from a disaster, but couldn’t protect ourselves from negative consequences
      • Counter PunchOur Challenge is the Future, Not the Past

        When the election is over and the votes are counted, the winners will crow and the losers will cry. Nothing new there. But once the celebration and wailing is over, the job of running Montana will remain – and that’s going to take the best abilities of all of us.

        Many of those challenges are eternal — we still have to educate our children, provide police and fire protection, ensure our citizens have access to health care, and allow our senior citizens to live out their lives in dignity.

      • Counter PunchWhat is to be Done?  Burning Questions for the Democratic Party

        The 2022 midterm elections were never going to favor the Democrats. Statistically the president’s party loses 26 seats in the House and four seats in the Senate.  With a five-vote house margin and a 50-50 senate the odds were against the Democrats.  Couple that with low presidential approval  ratings and a souring economy, classic political science analysis six months ago would tell you that  the Democrats were going to have a bad year.  The Supreme Court overturning Roe v Wade changed the political tide for a few months, but in the last few weeks the midterm cycle reverted back to what normally one would have predicted.

        Thus for Democrats looking for solace, they might simply dismiss the losses as beyond their control, doomed by a structural cycle of American politics.  But to think that is to miss the underlying causes of the problems for the Democratic Party.

      • ScheerpostElection Night 2022 Coverage with Democracy Now!

        By Democracy Now! On Tuesday, Nov. 8, Democracy Now! will air a 3-hour election night special from 9 p.m. to midnight ET. Democracy Now! will be covering the key congressional races which will determine the balance of power in Congress, as well as gubernatorial races and ballot initiatives from around the country. Join them to […]

      • Common Dreams‘I Won’t Let You Down’: Fetterman Defeats Dr. Oz, Flipping Key Senate Seat

        Pennsylvania Lt. Gov. John Fetterman narrowly defeated Dr. Mehmet Oz on Tuesday, flipping a crucial Republican-held Senate seat as Democrats look to maintain control of the upper chamber.

        Speaking to supporters after the race was called in the early hours of Wednesday morning, Fetterman said his dedicated campaign strategy of reaching every Pennsylvania county, regardless of past hostility to Democratic candidates, was key to his victory.

      • Common DreamsFetterman Campaign Joins Lawsuit Against GOP “Attack on Americans’ Democratic Rights”

        John Fetterman’s U.S. Senate campaign joined Democratic groups on Monday in suing to override a recent Pennsylvania Supreme Court decision barring state election officials from counting absentee and mail-in ballots that lack a correct date on the outer envelope, a technicality with potentially huge implications for the battleground’s razor-close midterm races.

        Filed in federal court on the eve of Election Day, the lawsuit argues that a Pennsylvania state law requiring voters to date the outer envelopes of absentee ballots “has no relevance to determining whether an individual is qualified to vote, in violation of the Civil Rights Act, and serves no purpose other than to erect barriers to qualified voters exercising their fundamental constitutional right.”

      • TruthOutFetterman Sues to Get Thousands of Ballots Set Aside by GOP Lawsuit Counted
      • America’s Quack Dr. Oz and the failure of medical academia, revisited

        Election Day is finally here. By tonight or tomorrow, it’s quite possible that something I never would have dreamed of a decade ago (or even a couple of years ago) will have come to pass. America’s Quack Dr. Mehmet Oz might well be Senator-Elect Oz from Pennsylvania, because the polling as of today for his race against the Democrat John Letterman is too close to call. Never mind that Oz has spent his life since the 1980s in New Jersey and run his practice and The Dr. Oz Show from Manhattan, only moving to his in-laws’ house in Pennsylvania when his ambition led him to think that he could be a U.S. Senator. If Dr. Oz wins, he will join Rand Paul as the a quack turned Senator.

      • MeduzaRussian Security Council Secretary meets with Iranian counterpart in Tehran — Meduza

        Russian National Security Council Secretary Nikolai Patrushev has arrived in Tehran for a meeting with Iranian Supreme National Security Council Secretary Ali Shamkhani, according to the Iranian news outlet IRNA.

      • MeduzaJournalist Dmitry Kolezev declared wanted by Russian authorities — Meduza

        Dmitry Kolezev, editor-in-chief of the Russian news outlet Republic, has been declared wanted by the Russian Interior Ministry. According to the ministry’s official website, a criminal case has been opened against Kolezev, though the exact charges are unclear.

      • MeduzaRussian police search home of neo-Nazi activist and politician Dmitry Demushkin — Meduza

        Russian nationalist and neo-Nazi Dmitry Demushkin reported on Telegram that police had come to his apartment and begun “banging on his door” at 6:00 am Tuesday morning. He said he didn’t know the reason for their visit.

      • Common DreamsAOC Says ‘Don’t Fall For It’ as GOP Revives ‘Red Mirage’ Conspiracy

        As Americans head to the polls to vote in Tuesday’s midterm elections, U.S. Rep. Alexandria Ocasio-Cortez and other Democrats warned that, as they tried to do in 2020, Republican candidates may attempt to prematurely declare victory or even claim fraud in contests in which they’re initially ahead but they ultimately lose once all outstanding ballots are counted.

        “It takes time to count every vote accurately and that’s why Election Day is not results day.”

      • TruthOutOcasio-Cortez Cautions: “Don’t Fall for” GOP Lies About Mail-In Ballot Counting
      • TruthOutDeSantis Wants to Bar Federal Election Monitors From Florida’s Bluest Counties
      • Common DreamsOpinion | The Very Best Response to GOP Election Denial? Vote.

        There’s only one message this morning: get out and vote. 

      • Common DreamsProgressives Say Massive Voter Turnout Is the Best Counter to the ‘Big Lie’

        With Republicans doing all they can to suppress the vote and sow doubt about the election process with brazen lies, progressive campaigners, lawmakers, and watchdogs said Tuesday that the most effective counter to the GOP and its corporate backers is large-scale turnout, particularly among young and working-class voters.

        “Record-breaking youth voter turnout gets you historic gun safety legislation, it gets you student debt cancellation, it gets you the largest investment by any country on the planet to tackle the climate crisis, and it’s getting us long-overdue marijuana reform,” Cristina Tzintzún Ramirez, the president of NextGen America, said in an MSNBC appearance Tuesday morning, pointing to recent policy moves spurred by the 2020 youth turnout surge, which helped deny former President Donald Trump a second term and gave Democrats narrow control of Congress.

      • TruthOutBlack Lives Matter — They Can’t Be Up for Debate Each Election Season
      • Common DreamsOpinion | If the GOP Gets Its Way, Today Could Be the Beginning of the End for US Democracy

        There are only two ways that independent nations can be governed: by the people themselves through free and fair elections with maximum participation, or by an elite group that is only acting for its own benefit.

      • Common DreamsOpinion | The GOP Is Terrified of You, Because Democracy Scares the Hell Out of Them

        Obviously, I can’t tell you how today’s elections will turn out. But I do want to reassure you about one thing: Over the long term, we are winning.

      • Democracy NowReport from NH: Could GOP Conspiracy Theorist General Don Bolduc Defeat Sen. Maggie Hassan?

        We speak with New Yorker staff writer Sue Halpern about the Senate race in New Hampshire, where she says far-right Republican nominee Donald Bolduc is running a “vigorous campaign” against the incumbent Democratic Senator Maggie Hassan and spreading conspiracy theories that some schoolchildren were using litter boxes. “If Maggie Hassan loses, the Democrats might well lose the Senate,” says Halpert, adding that New Hampshire is “a very swingy state” and the midterm outcomes there could surprise many people.

      • NBCElon Musk sells at least $3.95B of Tesla shares after Twitter takeover

        According to filings with the Securities and Exchange Commission published Tuesday, Musk sold 19.5 million more shares of Tesla.

        Musk sold almost $22 billion worth of Tesla shares in 2021, a year when the stock jumped over 50%. This year, he sold over $8 billion worth of Tesla stock in April and another roughly $7 billion worth in August.

      • India TimesTwitter engineer says he was fired for helping coworkers who faced layoffs

        A former Twitter Inc engineer has accused the company of firing him days after it was acquired by Elon Musk because he developed a tool to allow workers to save important documents in anticipation of mass layoffs.

        The engineer, Emmanuel Cornet, filed a complaint with the U.S. National Labor Relations Board on Monday claiming he was engaged in protected activity when he shared the software on an internal Twitter messaging channel.

      • AIMTikTok Parent ByteDance Reveals its SOTA Recommendation Engine

        Earlier this week, we released a story on how TikTok has revolutionised the short-video industry through its recommendation system. In just five years, the platform acquired about 1.2 billion monthly active users (as per Q4 2021) and is estimated to reach 1.8 billion users by the end of year.

        Today, tech giant ByteDance revealed the main structure of ‘Monolith’, TikTok’s recommendation system’s algorithm. TikTok has undoubtedly taken over the internet by basically reading your mind to get personalised content.

      • CS Monitor‘Chief Twit’: Will toxic Twitter discourse change under Musk?

        In the chaos that has enveloped Twitter the platform – and Twitter the company – since Elon Musk took over, it has become clear this isn’t changing anytime soon. In fact, it’s likely to get much worse before it gets better – if it gets better at all.

      • MWLWhy Mastodon/the Fediverse kind of sucks right now

        The truth is, nobody can prepare for a stupid billionaire.

      • TechdirtI Still Hope Twitter Succeeds

        The last few weeks of Elon craziness regarding Twitter has been kind of shocking in all sorts of ways. We knew, going in, that he didn’t appear to understand the challenges of running a social media website. His statements regarding free speech suggested that he really didn’t understand that concept either. But, every time I point this stuff out, people (often on Twitter) start yelling at me that I’m being unfair to him, not giving him a chance, or they say I’m “jealous” (of what?!?) and that we just needed to let him do his thing.

      • Misinformation/Disinformation/Propaganda

        • The AtlanticElon Musk Is No Aberration

          And yet, in the days since Elon Musk took control of the site, users have taken to blaming this problem and the platform’s other long-standing issues on him. When a doctored video of former President Barack Obama being mocked at a Wisconsin rally went viral, the writer James Surowiecki rightly lamented, “Account posts totally fake video of Obama, presenting it as real, and it’s retweeted and replied to by thousands of people who think it’s real.” But he prefaced this observation with the words “New Twitter,” as though this didn’t routinely happen on the Old Twitter. “Is this what we are to expect on Twitter moving forward: zero content moderation or fact checking?” asked one Democratic political consultant, seemingly without irony. (In fact, Twitter’s nascent crowdsourced fact-checking system, Birdwatch, quickly labeled the video in question as misleading, though as usual, this did not stop it from spreading.)

        • New York TimesFueled by Falsehoods, a Michigan Group Is Ready to Challenge the Vote

          The New York Times reviewed more than 20 hours of recordings of Michigan Fair Elections meetings, along with training sessions and organizing calls from closely linked groups. What emerged was a picture of an organization fueled by falsehoods, bent on trying to influence the 2022 midterms and determined to change the voting system in ways that would benefit Republicans.

        • VOA NewsAfter Election, Disinformation Battle Continues

          Those claims gained new life early Tuesday after officials in New Jersey and in Arizona reported problems with some of their ballot scanners.

        • Common Dreams‘What the Heck Is Going On!?’ Bowman Says of Twitter Issues on Election Day

          As Twitter’s new owner, billionaire Elon Musk, faces intense criticism for his handling of the social media giant and encouraging voters to support GOP congressional candidates, U.S. Rep. Jamaal Bowman on Tuesday revealed that he spent hours trying to post an Election Day video from his campaign account.

          “Twitter not letting me post videos. This is crazy. Never happened before. What’s Elon doing?”

    • Censorship/Free Speech

      • WSWSFacebook censors Australians Against Covid spokesperson Craig Wallace and a Sydney health worker

        The censorship of Wallace is one of many examples highlighting the suppression on social media of those who share scientifically backed information in opposition to the “Let it Rip” policies of governments internationally and their false claim that the pandemic is over.

      • AIMContent Moderation on Social Media Platforms is a Slippery Slope

        This has sparked a debate over whether content moderation is actually possible, and how to ensure a fair trade-off between curbing harmful content and allowing free speech. For example, this tweet by Ben Lang, co-founder & executive editor of Road to VR, that expresses disdain over any form of content moderation on social media platforms: [...]

      • As a Christian I’m worried that Islam is above criticism

        Pressure to adopt a formal definition first mounted in 2018 with the publication of a report by the All Party Parliamentary Group (APPG) entitled Islamophobia Defined. They proposed the following definition: “Islamophobia is rooted in racism and is a type of racism that targets expressions of Muslimness or perceived Muslimness.”

        As I pointed out at the time, this definition is hopelessly vague and highly problematic. Islam is not a race. Criticising Islamic culture, beliefs or practices is not racism. According to this definition, saying that UK law is preferable to sharia law would be Islamophobic, since sharia law is an expression of Muslimness.

      • India TodayKerala Muslim women burn hijab in solidarity with Iranian movement

        People from various religions, including Muslim women who are part of the organisation, took part in the event. The hijab burning, inspired by similar incidents in Iran, took place on Sunday in Kerala’s Kozhikode.

      • RFERLFather Says Son Killed For Honking His Car Horn In Support Of Iranian Protests

        Activists said Rahimi was targeted by plainclothes security agents on October 8 because he had honked his car horn in solidarity with anti-government protests in the northwestern city of Sanandaj, the provincial capital of Iran’s Kurdistan Province.

    • Freedom of Information / Freedom of the Press

      • VOA NewsJournalists Charged With Propaganda Over Iran Protest Coverage

        Iran on Tuesday charged two female journalists with “propaganda against the state” over their coverage of mass protests.

        The judiciary announced that the journalists — Niloufar Hamedi and Elaheh Mohammadi — are “remanded in custody for propaganda against the system and conspiring against national security.”

        Both women have been in custody already for more than a month.

      • ReutersU.S. appeals court to reconsider if citizen journalist can sue over arrest

        A federal appeals court on Friday said it would reconsider whether a citizen journalist in Texas can sue over her arrest for asking police questions, marking the latest twist in a case that has already divided parts the court’s conservative faction.

        The full New Orleans-based 5th U.S. Circuit Court of Appeals said it would revisit its 2-1 decision reviving Priscilla Villarreal’s lawsuit against Laredo, Texas, police officers, county prosecutors and the city over her 2017 arrest.

      • ReasonThis Court Case Could Make It a Crime To Be a Journalist in Texas

        It has been five years since police in Laredo, Texas, mocked and jeered at Priscilla Villarreal, a local journalist often critical of cops, as she stood in the Webb County Jail while they booked her on felony charges. Her crime: asking the government questions.

        That may seem like a relatively obvious violation of the First Amendment. Yet perhaps more fraught is that, after all this time, the federal courts have still not been able to reach a consensus on that question. Over the years, judges in the 5th Circuit have ping-ponged back and forth over whether jailing a journalist for doing journalism does, in fact, plainly infringe on her free speech rights.

      • Court House NewsAppeals court sides with citizen journalist jailed for asking questions

        At oral arguments in February, lawyers for the city said officials were simply enforcing a statute and that Villarreal should not have sought the names of the deceased before they were made public, or published them on Facebook.

        But in finding for Villarreal, the panel concluded that it was “hard to imagine a more textbook violation of the First Amendment.”

      • Rolling StoneTrump Keeps Musing About Journalists Being Raped in Prison — He’s Not Joking

        The rally on Monday wasn’t the first time Trump imagined journalists being raped in prison. He laid out the same fantasy at a rally in Texas last month, saying the reporter would give up the identity of the leaker as soon as they realize they are “going to be the bride of another prisoner very shortly.” The audience burst out in laughter, just as they did Monday night in Ohio.

      • Common DreamsTrump Reportedly Seeking Tips for Imprisoning Journalists If Reelected in 2024

        Amid speculation that former U.S. President Donald Trump will announce his 2024 run next week, Rolling Stone reported Tuesday that the Republican leader has sought advice about how he could ramp up his war with the news media by jailing journalists if he regains control of the White House.

        Trump’s first presidential campaign and four years in office featured constant attacks on reporters, outlets, and the industry in general, from his frequent declarations of “fake news” to going after journalists for reporting on leaked information.

    • Civil Rights/Policing

      • RFAChina imprisons 2 Tibetan monks for sending donations to Dalai Lama

        Chinese authorities in Tibet have sentenced two monks from the Kirti monastery in Sichuan province to prison for sending prayer offerings to the Dalai Lama and the abbot of their monastery, both living in exile in India, Radio Free Asia has learned.

        The two monks, Rachung Gendun and Sonam Gyatso, had both sent the donations to Tibet’s foremost spiritual leader and Kirti Rinpoche, sources said.

      • CS MonitorUS has fraught history with Native adoption. Enter the Supreme Court.

        The law has faced many legal challenges, but none quite like the one the U.S. Supreme Court will hear on Wednesday. As election results begin to trickle in across the country, the justices will hear oral arguments in a quartet of cases challenging ICWA on a variety of constitutional and doctrinal grounds.

      • CS MonitorIn Iran’s protests, a hidden message made clear

        Amazingly, the protests in Iran, now the longest-running against one-man rule by a cleric, have been largely leaderless. Demonstrators have united around anger (over dress codes), slogans (“Woman, Life, Freedom”), and shared agony over poverty and inflation. The leaderless quality, however, points to a largely unspoken theme: a desire for equality.

      • Thank you rawtext.club (and the whole Gemini sphere)!

        The moment when I realised that I should not make my weblog available through Gemini. No, I needed to make my gemlog available on the web and migrate all my old content into my gemlog.

        And that’s what I did. I started a python script generating my index.gmi. And to convert my posts to html. And to do all the things you never think about when you start writing software. Until it works.

      • APNICSystem administration work during the COVID-19 lockdown: Insights and practical recommendations

        On 11 March 2020, the World Health Organization officially declared the COVID-19 outbreak as a pandemic. Office workers worldwide began to adjust to a ‘new normal’ of working from home wherever possible and the IT infrastructure supporting their work had to keep up with these changes.

        While these changes were disruptive for most, for system administrators (sysadmins) the effects were compounded. This is because sysadmins are generally those running and adapting the digital infrastructure for users and clients. Therefore, not only did sysadmins have to adjust their own work to the remote working conditions but they also had to help others in adjusting, both technically and socially.

      • CS MonitorIn Pakistan, Hindu culture perseveres despite discrimination

        Pakistan’s Sindh province has a rich Hindu history and tradition – an outlier in the Muslim-majority country. Discrimination, however, is on the rise though the landscape of Pakistan, and Sindh in particular, retains a Hindu imprint.

      • Gatestone Institute“You Think You Can Run Away?”: The Persecution of Christians, September 2022

        “There is still no breathing space for Christian communities in southern Kaduna, as terrorists, jihadists, bandits and armed herdsmen have continued to plunder and wreck Christian communities in the southern part of Kaduna state.” — Statement from the Southern Kaduna Peoples Union on extensive murders, saharareporters.com, September 19, 2022.

      • CBSReport: Dad won’t let drowning daughter be saved by “strange” rescuer

        “The father was a tall and strong man. He started pulling and preventing the rescue men and got violent with them. He told them that he prefers his daughter being dead than being touched by a strange man,” Burqibah said.

      • Hindu Post2 minor Hindu cousins, Nisha (11) & Heena (13), abducted by armed men: Pakistan

        Two minor Hindu cousin sisters aged 11 and 13 were abducted from their home in Pakistan in the pre-dawn hours of September 24. Nisha (11) d/o Mavji Ashok Kohli & Heena (13) d/o Ramji Ashok Kohli were abducted by 8 Muslim men – Hajan Abdullah, Ejhas, Sanaullah, Mustafa, Ayub Khaskeli & others – from Tando Ghulam Ali, Badin district of Sindh province as per human rights activist Mahesh Vasu.

      • VOA NewsSaudis Detain American Woman Seeking to Leave With Daughter

        U.S. officials said Saudi authorities had confirmed the detention of Morris, whose efforts to leave the kingdom with her now-8-year-old daughter have been made more difficult by Saudi Arabia’s strict male guardianship laws. Morris in recent months had spoken to reporters and tweeted about her circumstances.

      • EFFEFF Award Winner: Digital Defense Fund

        The EFF Awards is a new ceremony dedicated to the growing digital rights communities whose technical, social, economic, and cultural contributions are changing the world. We can feel the impact of their work in diverse fields such as journalism, art, digital access, legislation, tech development, and law.

        All are invited to attend the EFF Awards ceremony! The celebration will begin at 6 pm. PT, Thursday, November 10 at The Regency Lodge, 1290 Van Ness Ave. in San Francisco. Register today to attend in person. At 7 pm PT, the awards ceremony will stream live and free on Twitch, YouTube, Facebook, and Twitter.

        We are honored to present our three winners of this year’s EFF Awards: Alaa Abd El-Fattah, Digital Defense Fund, and Kyle Wiens. But before the ceremony kick off, we want to take a closer look at each of our honorees. Up next, Digital Defense Fund, EFF Award for Civil Rights Technology :

      • Common DreamsGerman Chancellor, Greta Thunberg Call for Release Hunger Striker Alaa Abd El Fattah

        German Chancellor Olaf Scholz and Swedish climate campaigner Greta Thunberg on Tuesday joined the growing chorus of calls demanding that United Nations Climate Change Conference host Egypt release hunger-striking political prisoner Alaa Abd El Fattah.

        “Human rights and climate movements are stronger when we stand in solidarity together.”

      • Democracy NowAlaa Abd El-Fattah’s Sister Speaks Out at U.N. Climate Summit as Pressure Grows on Egypt to Free Him

        The family of the imprisoned Egyptian dissident Alaa Abd El-Fattah says they no longer know if he is still alive or if he is being force-fed, more than 50 hours after he stopped drinking water in an intensification of a six-month hunger strike. We feature an address by Alaa’s sister Sanaa Seif at the U.N. climate summit in Sharm el-Sheikh. “The symbolic battle has been won by your show of support,” says Seif. “I just hope his body and he is not sacrificed for it.”

      • Counter PunchImmigration Hypocrisy on the Border

        I speak from personal experience. I grew up in a border town — Laredo, Texas and lived there for 33 years. I don’t know whether the situation with respect to maids, nannies, and gardeners is the same as it was when I was living along the border, but I suspect it is. 

        The Border Patrol was an integral part of life in Laredo. Border Patrol agents wore uniforms and you saw them in their ugly pea-green vehicles everywhere — in town having coffee at Denny’s, stopping cars on roads and highways outside of town, manning fixed checkpoints on the highway, and conducting warrantless trespasses and searches of nearby farms and ranches. We were living under an immigration police state.

      • Counter PunchHow the Islamic Revolution Gave Rise to a Massive Women’s Movement in Iran

        This indeed is true that the Islamic Republic instituted draconian patriarchal policies after the revolution on 1979 that stripped the very basic formal rights that women had been granted under the ancien régime. These measures formally reduced women to second-class citizens in matters of marriage, custody, inheritance, crime and judiciary, dress code, segregation, and many other spheres of social life.  Yet, despite all this, women’s social mobility and presence in public sphere grew exponentially in the past four decades.  Ironically, this is in part an effect of the unintended consequences of these policies. Women learned very quickly how to navigate the new terrain, push the boundaries of the new institutions, and in practice gain access to rights and privileges from which the Islamic Republic deprived them. The recent revolt could not materialize without the remarkable agentive presence and mobility of women who carved out a space for ceaseless social and political engagement during the past four decades. Women are revolting because they refuse to continue the struggle in a field the boundaries of which are drawn in the dilapidated spirits of patriarchy.  Their gains have reached a hard as well as a glass ceiling that needs to be overcome.

        The Iranian revolution succeeded in ending the monarchy on February 11, 1979. On February 26, only two weeks after the victory of the revolution, Ayatollah Khomeini annulled the Family Protection Law of 1967 and its 1975 amended version, which had given women more rights in divorce and matters of custody under the Shah. Since its inception, the clergy by and large had opposed the law’s basic premises, which they believed violated the Islamic views on women’s role in family.  Khomeini knew that the unity and uniformity that his leadership afforded the revolutionary movement would not remain uncontested for long after the triumph of the revolution. He knew that the spirit of Islam and the symbolic revolutionary language with which it inspired millions of Iranians of many creeds and classes needed to be translated into a body of institutional projects of postrevolutionary state-building.  So, he seized the opportunity to put women under the control of their menfolk.

      • The NationIndia Spellman Was Wrongfully Convicted When She Was Just 17

        On October 6, India Spellman was supposed to have an evidentiary hearing for a potential retrial. In Philadelphia, a crowd of supporters passed through the courthouse’s metal detectors to fill the benches. Many wore T-shirts declaring Spellman’s innocence. The courtroom was so crowded that some were forced to stand. There was just one person missing: India Spellman.

      • The NationMeet the Woman Leading the Charge Against Bail Reform in New York

        On a cool spring morning outside a Dunkin’ Donuts in the Bronx, Madeline Brame stood before a pair of TV news microphones and cleared her throat. “This is my son, Sergeant Hason Correa,” she said, directing the cameras’ attention to the large poster she held of a man in military fatigues, a photo from when he served in the war in Afghanistan. The rally of around 25 people was made up mostly of friends and collaborators who stood behind her. Four years ago, she said, when her son was 35, “Hason was kicked, punched, stomped, and stabbed nine times by four people he did not know, nor had he done any harm.” The knife stroke that killed him plunged straight through his chest, piercing his heart.

      • The NationHow to Survive Our Apocalyptic Future

        When I was growing up, there was a parody of an old-fashioned public announcement tacked to the wall of our kitchen that I vividly remember. It had step-by-step instructions for what to do “in case of a nuclear bomb attack.” Step 6 was “bend over and place your head firmly between your legs”; step 7, “kiss your ass goodbye.”

      • Common DreamsOpinion | How to Survive in a World of Tipping Points

        When I was growing up, there was a parody of an old-fashioned public announcement tacked to the wall of our kitchen that I vividly remember. It had step-by-step instructions for what to do “in case of a nuclear bomb attack.” Step 6 was “bend over and place your head firmly between your legs”; step 7, “kiss your ass goodbye.”

      • ScheerpostEAT ME
      • TechdirtAppeals Court Says St. Louis County’s Warrantless Arrests Are Likely Unconstitutional… But Somehow Still Pretty Much OK

        Law enforcement needs probable cause to effect arrests and engage in searches. In most cases, a warrant is also required. It’s a bit of paperwork that allows the government to bypass Fourth Amendment protections to serve the greater good, i.e., the invasion of privacy (a search) or the removal of personal freedom (an arrest).

      • MeduzaSt. Petersburg police raid homes of 50 bar workers and owners in investigation of alleged scheme to defraud drunk customers — Meduza

        St. Petersburg police raided the homes of 50 employees and owners of bars on the city’s Rubinstein Street, according to the Russian news site 47news.

    • Internet Policy/Net Neutrality

      • TechdirtThe FCC Ponders The Creation Of A Space Division

        For years we’ve been firing no shortage of low-Earth orbit satellites into space without the federal government showing much concern about the the impact of these new technologies at scale. Like, the navigational hazards of unchecked space junk, or the way scientists warned that Starlink causes significant light pollution that seriously harms scientific research and can’t be fully mitigated.

    • Monopolies

      • Trademarks

        • Hollywood ReporterDrake and 21 Savage Sued by Condé Nast Over Fake Vogue Cover

          The publisher accuses the artists of trademark infringement for rolling out a “deliberately deceptive” campaign “built entirely on the use of the VOGUE marks,” according to a lawsuit filed on Monday in New York federal court. “That Defendants would knowingly violate Condé Nast’s rights in this manner underscores the tremendous value that a cover feature in Vogue magazine carries to amplify sales of an album that was to be released days after Defendants commenced their deceptive campaign,” reads the complaint. “This of course was Defendants’ aim.”

      • Copyrights

        • TechdirtRussia Considers Creating A List Of ‘Unfriendly’ Copyright Holders To Infringe On

          Fascist kleptocrats sure do love their lists, don’t they? Way back in March, when Vladimir Putin decided to invade a sovereign neighbor, we discussed how Russia was contemplating simply legalizing software piracy in the wake of crippling sanctions to try to keep the Russian economy as stable as possible. That Russia would take such a step came to the surprise of exactly nobody, of course, but there were questions as to how such a thing would work with parties that are not sanctioning Russia, such as China.

        • Torrent FreakPirate IPTV Service Must Pay $15.7m But Court Rejects ‘Overbroad’ Injunction

          DISH Network and the International Broadcaster Coalition Against Piracy have won a $15.7m judgment against iStar, a pirate IPTV provider found directly liable for infringing DISH copyrights. The court authorized domain seizures and restrained hosting companies in the U.S. and EU, but a DISH proposal for an injunction against unknown third parties was completely rejected.

        • Torrent FreakFilmmakers Win $4.2m Piracy Damages from Defunct VPN Hosting Company

          A group of filmmakers has won over $4.2 million in damages from the defunct hosting company MICFO. The order is tied to a default judgment that finds the company liable for contributory copyright infringement through its VPN customers. It also opens the door to follow-up liability claims against these VPN providers.

        • Torrent FreakFewer Rightsholders Use YouTube Content ID, But They Flag More Content

          YouTube’s latest Transparency Report shows that fewer copyright holders used the Content ID system to protect their works. Despite the modest decline, more content was flagged overall, with over 750 million claims during the first half of 2022. Traditional DMCA takedown notices are on the rise as well, with an increase of more than 30% year-over-year.

        • EFFThe Filter Mandate Bill Is a Privacy and Security Mess

          Since 1998, the Digital Millennium Copyright Act (DMCA) has required services to accommodate “standard technical measures” to reduce infringement. The DMCA’s definition of standard technical measures (STMs) requires them to be developed by a broad consensus in an open, fair, multi-industry, and perhaps most importantly voluntary process. In other words, current law reflects an understanding that most technologies shouldn’t be adopted as standards because standards affect many, many stakeholders who all deserve a say.

          But the filter mandate bill is clearly designed to undermine the measured provisions of the DMCA. It changes the definition of standard technical measures to also include technologies supported by only a small number of rightsholders and technology companies. 

          It also adds a new category of filters called “designated technical measures” (DTMs), which must be “accommodated” by online services. “Accommodating” is broadly defined as “adapting, implementing, integrating, adjusting, and conforming” to the designated technical measure. A failure to do so could mean losing the DMCA’s safe harbors and thereby risking crushing liability for the actions of your users.  

  • Gemini* and Gopher

    • Personal

      • 🔤SpellBinding: DEFLOUY Wordo: WESTS
      • Pagat Archive

        Sent an email asking for permission to make a mirror/archive. This time it was for Pagat, a site with tons and tons of card games. And like last time, permission was given provided that I don’t make any archives/mirrors public. Fair enough!

    • Technical

      • Does vim have an issue with movement?

        Probably all [neo]vim (in the following just abbreviated to vim) users know that hjkl is superior to the arrow-keys, but it seems like many vim users are still not satisfied with these and other methods of movement present in vim. That is why some of them created plugins like easymotion to jump to anywhere on the currently visible window with just two keys pressed.

      • Evolution of the Web.

        A website is an online place where you can tell people to follow you on different social media so they might have a chance, if the algorithm allows it, to read what you hope to write in the future.

        A social media is a platform where you can create an account, get an audience and ask them to follow you on another social media platform.

      • Programming

        • bphflog improvements

          Finally got around to actually reading the Gemini subscription specification, which turns out to be pretty simple, assuming I read it aright. Also now with a RSS feed as integrating XML::RSS was pretty simple so I did that.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Linux Foundation Dumps Open Source Software, Moves to Proprietary Software, Breaks RSS Feeds, Barely Publishes Anything Anymore

Posted in Deception, Free/Libre Software, GNU/Linux at 7:21 am by Dr. Roy Schestowitz

HubSpot

This is new

HubSpot

Not even remotely Open Source

LF blog

This blog speaks of Open Source, but it also rejects it

LF newsletter

They’ve hardly published anything lately; one or two posts in three weeks

LF quiet

A lot of activity and then nothing

Summary: The Linux Foundation seems to have at least partly abandoned WordPress and Drupal (GPL) in favour of proprietary and outsourced “offerings”; there has been a lot of outsourcing in recent years and this reaffirms the observation that the Foundation is run by inadequate management that fails to understand the ‘product’ it is named after, the licensing aspects, the community etc.

Links 09/11/2022: Many Programming Picks

Posted in News Roundup at 6:35 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • TecMintThe Most Used Operating Systems in the World [Ed: Android/Linux most widely used, not Windows]

        If you have ever used a PC, Macbook smartphone, tablet or any smart device (which is likely the case since you are reading this tutorial) chances are you have interacted with an operating system.

        An operating system is a program that handles all the aspects of a device such as a PC or a smartphone including managing all the software and hardware functions. It handles key aspects such as booting, device management, memory management, process management, loading and executing of programs, and many more.

    • Applications

      • UbuntubuzzScrcpy: Control Your Android Phone Screen from Ubuntu Laptop

        This tutorial will help you to use Scrcpy (screen copy) program so you can remotely and visually control your Android phone from Ubuntu laptop. Fortunately, it is available on Ubuntu and does not require root to work. This is useful for surprisingly many purposes will be explained below, including being helpful when your screen is damaged. Now let’s try this excellent program!

      • PowerDNSSecond Beta Release of PowerDNS Recursor 4.8.0

        We are proud to announce the second beta release of PowerDNS Recursor 4.8.0.

    • Instructionals/Technical

      • Data SwampMirroring sources used in nixpkgs (software preservation)

        This may appear like a very niche use case, in my quest of software conservancy for nixpkgs I didn’t encounter many people understanding why I was doing this.

      • Automate code build and deployment with ansible | Pablo Iranzo Gómez blog

        Let’s say that we want to keep our system updated with some code which is not distributed as a regular package, but as a code in a repository (which unfortunately, it’s a pretty common situation).

      • Linux HandbookUsing Brace Expansion in Bash Shell

        Brace expansion {..} is one of the most underutilized but awesome shell features in Linux.

        You can use it to print sequences of numbers and letters. Add two integers or letters separated by two dots in curly braces and see the magic.

      • DebugPointHow to Enable Netflix Full HD (1080p) in Ubuntu and Other Linux

        A simple tutorial for you to enable full HD 1080p Netflix playback in Ubuntu and other Linux.

        The steps are a little different in Firefox and Chrome. Follow accordingly.

        Netflix playback in Ubuntu and other Linux distributions is in only HD 720p by default. It’s from their current requirement, which is mentioned here for its HTML5-based player in the browser.

      • DebugPointHow to Watch Netflix in Linux [Easy Guide]

        Here’s how you can watch Netflix in Ubuntu and other Linux distributions in a super simple way.

        Watching the popular streaming service Netflix requires a small additional step besides simply logging on and watching. Because you need to specifically enable DRM (Digital Rights Management) in your web browser. And modern HTML5-based streaming uses CDM (Content Decryption Module). DRM/CDM technology enforces certain audio and video security requirements to play in your browser. The movies, TV shows, and documentaries that you watch are copyright protected and encrypted. And you need an additional add-on or plugin in your web browser to decrypt them first to play.

      • ID RootHow To Install Apache Maven on Rocky Linux 9 – idroot

        In this tutorial, we will show you how to install Apache Maven on Rocky Linux 9. For those of you who didn’t know, Apache Maven is an open-source software project management and build a tool that is tailored specifically for Java projects. It is based on the Project Object Model and contains XML files to define configuration details, project dependencies, and other data. It is designed to help Java developers build projects by proficiently documenting and reporting important project-related information.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Apache Maven on Rocky Linux. 9.

      • It’s FOSS31 Linux Commands Every Ubuntu User Should Know

        What are the essential Ubuntu commands?

        I have been asked this question several times by regular readers, and I have tried to avoid answering it.

        Why? Don’t I know Ubuntu commands? Nope. That’s not the reason. It is because it is difficult to categorize them. What’s essential to me may not be essential to you.

      • Linux CapableHow to Install Google Chrome on Fedora 37/36/35

        Most users of Linux know Firefox is, by default, installed on most desktops. This is no exception when it comes to Fedora. However, as good as Firefox, desktop users may often prefer installing another browser, in this case, Google Chrome. The best method to install Google Chrome on a Fedora desktop is to use the official repository, from which you can instantly grab any new updates when they surface.

        Chrome is still the most prominent used browser worldwide, so many updates do come along if a security flaw is found. I do think having it direct from the source instead of waiting for a maintainer from a third party to push it is better. Also, as a bonus, people who like testing edge software can install the beta or unstable repository builds using the same technique, with a bit of modification in the following tutorial on your Fedora desktop using the command line terminal.

      • Linux CapableHow to Install Telegram on Fedora 37/36/35

        Cross-platform messaging apps are becoming increasingly popular as they offer a convenient way to stay in touch with friends and family no matter where they are. Telegram is one such app that offers several unique features that set it apart from its competitors. Perhaps most notably, Telegram provides end-to-end encryption for all chats, meaning that only the sender and recipient can read the messages. This makes Telegram an ideal choice for those who value privacy and security.

        In the following tutorial, you will learn how to install the Telegram client on a Fedora Linux desktop using the command line terminal with two installation methods with cli: RPM Fusion and the natively installed Flatpak package manager.

      • Linux Shell TipsHow to Install and Secure MySQL on Rocky Linux

        This article guide takes us through the installation, configuration, and testing of MySQL database server software on a Rocky Linux distribution.

        Independently, MySQL is an ideal open-source database management software. Dependently, it completes the LEMP stack by linking up with Linux, Nginx, and PHP/Python/Pearl.

        With MySQL, data query and management are achieved via the implementation of SQL (Structured Query Language) and relational models.

      • Red HatHow static application security testing improves software security

        Static application security testing (SAST) is one of the most effective techniques to improve application security. The term covers a variety of testing techniques that analyze an application’s source, bytecode, or binary code for security vulnerabilities. Typically, developers complete this analysis during the software development lifecycle of an application. Many SAST tools are mature, and the techniques have become central to secure coding. Source code is the most common target of SAST, but you can also utilize SAST on bytecode and binary code.

        Binary scanning analyzes the binary itself or the result of disassembling or decompiling it. Scanning binaries can add a benefit, unlike source code scanning, which identifies vulnerabilities created by the compiler. On the other hand, the reports from scanning binaries have many more false positives in some cases.

        In general, SAST tools may generate many false positives and require tuning. The Red Hat Security Guide provides an overview of SAST.

    • WINE or Emulation

      • Ruben SchadeThe 86Box PC emulator

        For someone who’s been using virtualisation tools since Virtual PC on a 1999 iMac DV, and who makes his living documenting and architecting systems on Linux Xen, I had no idea of the existence of PCem, and of the 86Box fork. ozzmosis sent me a screenshot on Mastodon, and I’ve been hooked on it ever since.

        Compared to other virtualisation tools like QEMU and DOSBox, 86Box aims to faithfully reproduce original hardware going back to the first IBM PC. It does this using original ROMs, coupled with period accurate virtual drives, interfaces, sound cards, GPUs, and NICs.

        This is an important distinction. It can run on non-PC hardware like Apple Silicon because it isn’t a hypervisor. It also means vintage operating systems receive hardware they expect, and for which they have driver support. If you ever wanted to see how Windows 3.0 or OS/2 looked with 256 colours on a Tseng VGA card, this is how you do it.

    • Desktop Environments/WMs

      • OpenSource.comWhy sysadmins should choose Awesome window manager on Linux

        Awesome is a window manager for the Linux desktop. A “window manager” is a graphical interface that primarily (if not literally) just manages the drawing and arrangement of windows. In practice, even the most rudimentary of window managers actually provides a little more than just the ability to draw a window. Most also provide a pop-up menu so you can launch an application, some provide a dock or panel so you can switch between different applications you have running. They stop short at providing desktop conveniences such as drawing a wallpaper in the background of your screen, mounting and unmounting devices, providing a system tray, and so on. A window manager assumes you can use other applications to build a desktop experience to your own liking, and so it focuses on managing windows. The Awesome window manager takes a “tiling” approach, meaning that each window you launch takes up a fraction of your desktop according to the number of windows you have open.

  • Distributions and Operating Systems

    • Red Hat / IBM

      • Red Hat OfficialAutomating beyond configuration management

        When Red Hatters discuss configuration management, they’re usually applying the term to IT infrastructure within an organization, such as standing up computing resources, installing applications or configuring specific applications to function as intended for the end user.

        Infrastructure-level configuration management is a high-impact area of the business because without proper infrastructure, an organization is not able to leverage most or any technology. For this reason, it’s important to view configuration management only as a potential starting point on your automation journey.

      • Red Hat OfficialOpenSSL: Email address buffer overflow security flaws

        The OpenSSL project published two important impact security flaws on November 1, 2022. Since Heartbleed was released, OpenSSL security flaws grab the attention of customers, media, and the community users of this software.

        OpenSSL provided pre-notification days before the issue was public, and they followed up with a blog to explain why the CVE was later split into two CVEs and downgraded. Due to the amount of material on the internet, it becomes difficult to understand everything going around this issue. The intent of this blog is to put things into perspective for our customers and community members to understand what is happening, what the risks are, and how to mitigate them.

      • Red Hat OfficialConsiderations when implementing developer portals in regulated enterprise environments

        There is a trend in the industry at present around developer experience. At the center of this is the developer portal. This concept is not new. Many enterprise environments have created their own platforms and tools that help streamline the process of getting teams coding faster in environments where everything is not easily accessible.

        There is also a large movement within the industry to provide frameworks and tools that build developer portals. The leading framework in this arena, Backstage.io, states on its website that a developer portal “restores order to your infrastructure and enables your product teams to ship high-quality code quickly.” These are very noble goals, much needed in many environments.

      • Red Hat Official3 ways SSSD logging improvements make sysadmins’ lives easier | Enable Sysadmin

        New System Security Services Daemon (SSSD) features in RHEL 8.6 and 9.0 make it easier to troubleshoot identity management problems.

      • Enterprisers ProjectIT leadership: Lessons from the military

        Turbulent times can either paralyze you with fear or energize you with unlimited opportunities – and great leaders are often what make the difference. In the midst of complexity and volatility, top leaders anticipate and adapt. They build clarity out of uncertainty. They communicate a vision that inspires you to strive for more. They challenge and elevate their teams, giving people the confidence to not just persevere but step up to the big moments and make bold things happen.

      • Enterprisers ProjectDigital transformation in 2023 and beyond: Trends to watch [Ed: When Red Hat speaks of "digital transformation" it means more vendor lock-in (through newly-introduced complexity)]

        What’s at the top of your digital transformation to-do list?

      • OpenSource.comUsing Python in VS Code and Codium [Ed: Red Hat is pushing Microsoft's junk to developers instead of proper Free software not means to attack Free software developers]

        Over the past couple of years, I have had the privilege of working with middle school children to introduce them to Python coding and the Raspberry Pi 400. It’s been a lot of fun, and the Pi has been a great platform for the students and me. We’ve used Code with Mu and it’s been quite successful. Our aptitude with Python has grown with experience, and so recently I started looking for ways to offer these students more.

    • Canonical/Ubuntu Family

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Programming/Development

      • QtQt-Bridge Metadata format

        Qt Design Studio has the capability to generate QML based UI files from a json file. Qt Design Studio expects a .metadata file for the import and the contents define the DOM and the QML item’s properties in the json format.

        Qt-Bridge plugins for Photoshop and Sketch generate such .metadata files. The .metadata files can be imported in the Qt Design Studio to generate QML.

        Similarly, other design tools can export the user interface in the specified metadata format to generate QML using Qt Design Studio.

      • Positech GamesOptimization for fun!

        I am well aware that my game Democracy 4 is not exactly slow with huge framerate issues. However, optimization is fun! or at least it should be, but in practice, getting profiling to work on remote PCs is not exactly easy. I have basically used every profiling software imaginable and still have not got one that I think really does the job well…

        I have basically wasted about an hour today trying to work out why I couldn’t get the intel vtune amplifier stuff to work with event based profiling and get rid of this pesky error that was clearly nonsense about ‘not able to recognize processor… until I finally realized that I actually have an AMD chip in my (relatively) new PC so…yeah… That drove me to try out the AMD uProf profiler, which is something I had not used before.

      • Jim NielsenOptimize For Nothing

        Maybe that’s inevitable. If you want to run a business, you have to optimize for something to turn a profit? I’m no good at business, so don’t ask me.

        But for argument’s sake, what would push this piece further is to hear a claim like: “We’re not optimizing for anything. Rather than optimize around metrics or feelings from our users, we are building something based on our own sensibilities and opinions of what makes the world more enjoyable to us.”

        What I find profound and universal about anyone’s work is what they observe in themselves and, in turn, reflect in their work to the world — not any one optimization.

      • Hillel WayneNotes on Every Strangeloop 2022 Talk I Attended

        This is my writeup of all the talks I saw at Strangeloop, written on the train ride back, while the talks were still fresh in my mind. Now that all the talks are online I can share it!

      • Bozhidar BatsovOCaml Tips: Converting a String to a List of Characters

        While playing with OCaml I was surprised to learn there’s no built-in function the convert a string to a list of its characters. Admittedly, that’s not something you need very often, but it does come handy from time to time.

      • R

        • R XML: How to Work With XML Files in R – R programming

          R programming language can read all sorts of data, and XML is no exception. There are many ways to read, parse, and manipulate these markup language files in R, and today we’ll explore two. By the end of the article, you’ll know how to use two R packages to work with XML.

          We’ll kick things off with an R XML introduction – you’ll get a sense of what XML is, and we’ll also write an XML dataset from scratch. Then, you’ll learn how to access individual elements, convert XML files to an R tibble and a data.frame, and much more.

        • Rlang‘CGAL’ meets ‘R6’: the ‘cgalMeshes’ package

          My new package cgalMeshes (not on CRAN yet) deals with 3D meshes. All algorithms implemented in this package are performed by the C++ library CGAL.

        • Modeling the secular trend in a cluster randomized trial using very flexible models – ouR data generation

          A key challenge – maybe the key challenge – of a stepped wedge clinical trial design is the threat of confounding by time. This is a cross-over design where the unit of randomization is a group or cluster, where each cluster begins in the control state and transitions to the intervention. It is the transition point that is randomized. Since outcomes could be changing over time regardless of the intervention, it is important to model the time trends when conducting the efficacy analysis. The question is how we choose to model time, and I am going to suggest that we might want to use a very flexible model, such as a cubic spline or a generalized additive model (GAM).

        • DataGeeekModeling the Extinction of Species with SVM-Kernel

          In the last article, we analyzed carbon emissions and the effects that created them. This time I want to look into another important environmental issue, animal biodiversity; by animals, I mean mammals, birds, fish, reptiles, and amphibians.

          The metric we are going to be interested in is the living planet index which measures the change in the number of 31,831 populations across 5,230 species relative to the year 1970. The explanatory variables we will take, are annual carbon emissions per capita(co2), annual gross domestic product per capita(gdp), and regions(region).

        • Download shapefiles from ESRI ArcGIS Online Story Maps – Jonathan Chang

          Recently, we needed to get out some shapefiles from an ArcGIS Online map. It’s immediately clear that there’s a lot of data, and no obvious way to get it from a download or share link anywhere on the app page. The desired solution is anything but taking a screenshot and tracing it in ImageJ, as that’s an absolute last resort. In this post, I’ll walk through how I managed to get those shapefiles downloaded, and hopefully provide some easy tips to do the same for other ArcGIS online maps.

    • Standards/Consortia

  • Leftovers

    • CoryDoctorow“When Franny Stands Up,” Eden Robins’ debut novel

      Of all the alternate history premises in fiction, the McGuffin of Eden Robins’s debut, “When Franny Stands Up,” is one of the most unlikely and – it turns out – rich. Robins’ novel opens on Franny, a teenage Jewish girl from the Chicago suburbs who’s snuck out on Christmas Eve to hear the notorious comedian Boopsie Baxter do standup.

    • Michael UrspringerCQ World Wide DX Contest SSB – Urs-o-Log

      Yesterday I took part in one of he biggest radio amateur contests “CQ World Wide DX Contest” which runs for 48h. However I did not take part full time :-). There were some times with high electromagnetic storms so the conditions sometimes were not so good.

    • Science

      • Some Recent Developments in Mixture Cure Model Methodology for Survival Analysis | YoungStatS

        The mixture cure model in survival analysis has received large and growing attention in the last few decades. Here we present an overview drawing together early results and some recent new developments, and pointing out areas where further work is needed.

      • CityU researchers invent smart mask to track respiratory sounds for respiratory disease identification

        Wearing face masks has been recognised as one of the most effective ways to prevent the spread of COVID-19, even in its coming endemic phase. Apart from the conventional function of masks, the potential for smart masks to monitor human physiological signals is being increasingly explored. A research team led by the City University of Hong Kong (CityU) recently invented a smart mask, integrating an ultrathin nanocomposite sponge structure-based soundwave sensor, which is capable of detecting respiratory sounds of breathing, coughing and speaking.

      • Government TechnologyUniversity at Buffalo’s Robot Dog Contributes to AI Research

        A yellow quadrupedal robot nicknamed Yubie, branded Spot the Agile Mobile Robot, is wandering around campus helping researchers study robotics, computer science, artificial intelligence and other high-tech fields.

      • New ScientistAI-controlled robotic laser can target and kill cockroaches | New Scientist

        A laser controlled by two cameras and a small computer running an AI model can be trained to target certain types of insect

        Researchers have created a device that uses machine vision to spot cockroaches and zap them with a laser. They say the method could offer a cheaper and more environmentally friendly alternative to insecticides.

        Ildar Rakhmatulin at Heriot-Watt University in Edinburgh, UK, and his colleagues equipped a laser with two cameras and a small computer running an AI model that can be trained to target certain types of insect.

      • The Reproducibility Crisis in Science – These Researchers Have a Fix – USC Viterbi | School of Engineering

        The scientific method – it’s the backbone of all scientific research. Everyone from third grade science students to Nobel Prize winners use the problem-solving method. And one of the cornerstones of the scientific method is that results must be reproducible.

        What does that mean? For our purposes, “reproducibility” means being able to obtain consistent results using the same input data; computational steps, methods, and code; and conditions of analysis.

        So, if your experiment is to test X under Y conditions and your result is Z, then if you repeat the experiment, you should get Z again. And when another researcher tries to test X under Y conditions, they should also get the result Z. That’s how science works!

        Unfortunately, that is not always – or even often – the case.

    • Education

      • Michael West MediaAcademics strike as wage theft spreads, uni executive salaries soar – Michael West

        Academics at five Queensland universities walked off the job last week and held a rally in Brisbane to protest against casualisation, reduced work security and dozens of cases of wage theft. Michael Sainsbury reports as concerns rise in Australia’s universities over the billowing schism between academic and VC pay.

        University staff were hit hard by the pandemic, with more than 20,000 jobs lost. Now, two-thirds of university staff are in insecure employment on casual and fixed-term contracts, while many universities are requiring teachers to undertake work out of contracted hours. Meanwhile, university executive salaries hover at record levels.

    • Hardware

      • Full control of a six-qubit quantum processor in silicon – QuTech

        Researchers at QuTech—a collaboration between the Delft University of Technology and TNO—have engineered a record number of six, silicon-based, spin qubits in a fully interoperable array. Importantly, the qubits can be operated with a low error-rate that is achieved with a new chip design, an automated calibration procedure, and new methods for qubit initialization and readout. These advances will contribute to a scalable quantum computer based on silicon. The results are published in Nature today.

      • New ScientistUnpiloted military helicopter flies 134 km in simulated mission [Ed: Solution in search of a problem]

        A retrofitted Black Hawk helicopter flew autonomously between mountains to deliver blood supplies in a simulated mission. It also picked up a simulated medical casualty

    • Health/Nutrition/Agriculture

      • NatureAI model transferability in healthcare: a sociotechnical perspective

        To deliver value in healthcare, artificial intelligence and machine learning models must be integrated not only into technology platforms but also into local human and organizational ecosystems and workflows. To realize the promised benefits of applying these models at scale, a roadmap of the challenges and potential solutions to sociotechnical transferability is needed.

      • Didier StevensQuickpost: BruCON Travel Charger

        I already have a similar travel adapter, but this BruCON travel adapter has one extra important feature for me: a USB C port.

    • Security

      • Hacker NewsInstall Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days [Ed: Delete Windows. Microsoft knew about these flaws and did not patch until it was too late and they were actively exploited a lot (at least 4 such holes, based on CISA)]

        Microsoft’s latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days. 12 of the issues are rated Critical, two are rated High, and 55 are rated Important in severity.

      • Hacker NewsVMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software [Ed: Proprietary software again; VMware cannot keep blaming "FOSS" for its shoddy software's holes]

        VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and obtain elevated permissions.

        Topping the list, are three critical vulnerabilities tracked as CVE-2022-31685, CVE-2022-31686, and CVE-2022-31687. All the shortcomings are rated 9.8 on the CVSS vulnerability scoring system.

      • MandiantThey See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming [Ed: Microsoft as national security threat and a major liability]

        In early 2022, Mandiant detected and responded to an incident where APT29 successfully phished a European diplomatic entity and ultimately abused the Windows Credential Roaming feature. The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting. Mandiant has been tracking APT29—a Russian espionage group that is sponsored by the Foreign Intelligence Service (SVR)—since at least 2014. Some APT29 activity is also publicly referred to as Nobelium by Microsoft.

      • Patches for 6 zero-days under active exploit are now available from Microsoft [Ed: Microsoft and security are opposites]

        It’s the second Tuesday of the month, and that means it’s Update Tuesday, the monthly release of security patches available for nearly all software Microsoft supports. This time around, the software maker has fixed six zero-days under active exploit in the wild, along with a wide range of other vulnerabilities that pose a threat to end users.

      • Privacy/Surveillance

        • FuturismUS Gov to Crack Down on “Bossware” That Spies On Employees’ Computers [Ed: Will they crack down on companies like Microsoft or only smaller ones with fewer lawyers?]

          Ever since the COVID-19 pandemic drove a wave of working from home, companies have been relentless in their efforts to digitally police and spy on remote employees by using what’s known as “bossware.” That’s the pejorative name for software that tracks the websites an employee visits, screenshots their computer screens, and even records their faces and voices.

          And now, the National Labor Relations Board (NLRB), an agency of the federal government, is looking to intervene.

          “Close, constant surveillance and management through electronic means threaten employees’ basic ability to exercise their rights,” said NLRB general counsel Jennifer Abruzzo, in a Monday memo. “I plan to urge the Board to apply the Act to protect employees, to the greatest extent possible, from intrusive or abusive electronic monitoring and automated management practices.”

        • ACMAuraRing: Precise Electromagnetic Finger Tracking

          Wearable computing platforms, such as smartwatches and head-mounted mixed reality displays, demand new input devices for high-fidelity interaction. We present AuraRing, a wearable magnetic tracking system designed for tracking fine-grained finger movement. The hardware consists of a ring with an embedded electromagnetic transmitter coil and a wristband with multiple sensor coils. By measuring the magnetic fields at different points around the wrist, AuraRing estimates the five degree-of-freedom pose of the ring. AuraRing is trained only on simulated data and requires no runtime supervised training, ensuring user and session independence. It has a dynamic accuracy of 4.4 mm, as measured through a user evaluation with optical ground truth. The ring is completely self-contained and consumes just 2.3 mW of power.

    • Transparency/Investigative Reporting

      • Michael West MediaCrime to report a crime: outrage as government turns screws on whistleblower David McBride

        The rise of the Albanese government spared hopes of a new deal for people blowing the lid on government malfeasance. It isn’t working out that way for one prominent whistleblower, writes Callum Foote who interviewed David McBride. Says McBride, the government is wrongly using national security to stop the reporting of crime.

        It wasn’t the first time David McBride, a soldier and military lawyer, had experienced another defeat at the hands of the government. But last week he was dealt a bitter blow.

        McBride is a whistleblower who is being prosecuted after leaking details of alleged war crimes committed by Australian soldiers in Afghanistan to the ABC. These documents came to be known as “The Afghan Files” and the release of this information led to a police raid of the ABC headquarters in June of 2019 and The “Brereton Report,” which alleged that Australian Defence Force personnel had killed 39 Afghan civilians.

    • Environment

      • Energy

        • Michael West MediaA new state power! – Michael West

          Victorian Premier Daniel Andrews’ is bringing back the government-owned State Electricity Commission to reverse the decades-long privatisation of Australia’s energy market. Some media outlets are ramping faux outrage whilst cooler heads know if done right, it should prove wrong long espoused benefits of neoliberal economics.

    • Finance

      • Michael West MediaAdvance Australia Fair: does Budget 2022 cut the mustard on corporate tax crooks? – Michael West

        Anthony Albanese and Jim Chalmers still have a bit of work to do to catch up with Tony Abbott and Joe Hockey, but only when it comes to corporate tax avoidance. Callum Foote reports on budget measures to crack down on the biggest scam in town.

        In sheer dollar terms it is the biggest rort in the world. Multinational tax avoidance. Billions of dollars a year siphoned out of Australia alone, parked in tax havens, hidden on the hushed advice of Big4 tax advisors and blue chip law firms.

    • AstroTurf/Lobbying/Politics

      • Into The Fediverse!

        This is more of a test post after enabling some new Fediverse features on the server.

      • IT WireiTWire – Grandstanding about Musk and Twitter is simply a waste of time

        When politicians indulge in grandstanding on issues over which they have no control, the normal reaction is to ignore them and treat them with derision.

        But when government-appointed functionaries also start indulging in the same kind of spin, in a bid to draw attention to themselves and get their mugs in the media, they need to be called out.

        If one is wondering what this is all about, it concerns the gratuitous statements made by the eSafety Commissioner, Julie Inman Grant, about the acquisition of Twitter by Tesla and SpaceX chief executive Elon Musk.

        Now if Inman Grant had vented on any topic under the sun on some forum or the other in her capacity as a private individual, one would have nothing to say. [It is important to note here that she is an external contributor to the defence industry lobby group, the Australian Strategic Policy Institute.]

    • Censorship/Free Speech

    • Digital Restrictions (DRM)

    • Monopolies

      • IT WireiTWire – Europe opens probe into Microsoft bid to buy Activision Blizzard

        The European Commission, the executive arm of the European Union, has begun an in-depth investigation into Microsoft’s proposed acquisition of the gaming company Activision Blizzard.

        In a statement on Tuesday, the EC said it had concerns whether the deal would lessen competition in markets for distribution of console and personal computer video games and for PC operating systems.

        Microsoft announced its acquisition in January, with the price paid being US$70 billion (A$107.8 billion) to become the globe’s third-largest gaming firm.

      • Copyrights

        • Michael GeistRegister Your TikTok Videos at the CRTC?!: Commission Encourages TikTokers To Participate in Future Process on Bill C-11 Content Registration

          Even as Canadian Heritage Minister Pablo Rodriguez continues to insist that user content isn’t touched by Bill C-11, the CRTC is sending a different message. In a recent article on how digital creators are contemplating leaving Canada as a result of Bill C-11’s regulation of user content, the CRTC stated:

          We strongly encourage interested parties – like TikTok users – to monitor our announcements and participate in public processes. Any decisions on who would have to register and how would only follow those processes, and people should make no assumptions about how the Commission may rule beforehand.

          The CRTC and its chair Ian Scott contradicting Rodriguez has been a regular occurrence throughout the Bill C-11 process. Scott has twice confirmed that the CRTC has the power to regulate user content under the bill (despite Rodriguez inaccurately saying otherwise) and has also confirmed that it has the power to encourage platforms to prioritize certain content in a manner that would entail algorithmic manipulation (Rodriguez has denied that algorithms are covered the bill). Now in the same article that Rodriguez’s office says users are not affected by the bill, the CRTC urges those same users to participate in the process that will establish the rules for content registration.

  • Gemini* and Gopher

    • Technical

      • Internet/Gemini

        • I made a gemsite on tilde

          I made a little gemsite on tilde.team. I will still post here regularly but my posts to my own gemsite will be more organized

      • Programming

        • Re: Handling Optional Values in Rust macro_rules

          I love Rust, but there are certain things which I don’t feel it does very well. One thing that I think was a mistake in C was the entire preprocessor, and most especially macros. I’m not exactly a fan of macros in Rust, either. I think this posts central premise is a good example where I can demonstrate a language which has a better solution.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

IRC Proceedings: Tuesday, November 08, 2022

Posted in IRC Logs at 2:40 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now


IPFS Mirrors

CID Description Object type
 Qme7syXjkbH9D2ppiR8q4kzezyr7Rme1zKXXYZ58YAMBmY IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmXEsbnBW9tSqfZEgckKygpLjwfs9USxdgKFQ9QyLzTGvc IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 Qmcujmswcfmi9V5THrvxAcF9Evg7JT9BCKnkq1qfNYyWqc IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmeNF4Jjy2DGgCNNvdcRH6GzoST2VS5J17mi6VATNXEaut IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmZ2gV6D4kfcm1LrqzGZyf3o2Nt4A4LBEitHbAFHgXovPp IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmbJ4ToCsJYRzCfeDF1ACTuFJt4wyBpUgu1s6nRATqJ7J9 IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmQRLbxFUmuRd3Bh95oSVwXr7kMYVqViQBWgnPAqLAxSRc IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmRA3Az877hTVCVNWti1gbTCmEEjEJU7XyjJ7uBN9Qws6e IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): Qmde6QEourkyGGcYZLdpsAi286GrfoXVkX6CUevUzZsmmk

Links 09/11/2022: Clonezilla Live 3.0.2

Posted in News Roundup at 12:17 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Djalel OukidTuxedo OS, is it just another Ubuntu-based distro?

        TUXEDOComputers has announced the first version of its new Ubuntu-based operating system that comes pre-installed on their Linux devices under the name Tuxedo OS 1. Of course, the new distro is an addition to the Linux community, but what makes Tuxedo OS different from Vanilla Ubuntu or other popular distros? Is it the perfect expected distro?

    • Audiocasts/Shows

    • Applications

      • Linux Links8 Best Free and Open Source Graphical Mastodon Clients


        Mastodon is a free and open source microblogging platform similar to Twitter, but with user privacy and decentralization in mind. It’s one of many protocols that interacts with the Fediverse of protocols like Pleroma, GNU Social, and others. Unlike Twitter, Mastodon is not one social network.

        Getting started with Mastodon can be confusing for newcomers. Mastodon is a federated service. This means its similar to email. You can create an email account with many different providers. And that’s the same with Mastodon. The service lets you sign up to one of many sites that run Mastodon software, called instances. A user can communicate with other Mastodon users on different instances. The instances are themed – many by country, city, or interest.

    • Instructionals/Technical

      • Linux NightlyUsing systemd to Manage Services on Linux – Linux Nightly

        The majority of Linux distributions rely on Systemd to manage all of the daemons and services running on a system. Systemd allows users to manage and administer system services, mainly through use of the systemctl command. In this tutorial, you will learn how to use systemd to manage and interact with services on Linux.

      • The AnarcatAntoine Beaupré: Using the bell as modern notification

        Computer terminals have traditionally had an actual bell that would ring when a certain control character (the bell character, typically control-g or \a in an C escape sequence) would come in the input stream.

        That feature actually predates computers altogether, and was present in Baudot code, “an early character encoding for telegraphy invented by Émile Baudot in the 1870s”, itself superseding Morse code.

      • UNIX CopGitLab: Setup and Install on Ubuntu 18.04, 20.04, and 22.04

        This post is about Gitlab setup and install it.

        GitLab, a web-based Git repository manager, and code hosting application provides an integrated platform to manage projects from planning to development to deployment to the cloud. With GitLab, you can host your Git server and manage your entire development process under one roof, from start to finish. Setting up GitLab on Ubuntu 18.04, 20.04, and 22.04 (Bionic Beaver) can be tricky, but it’s worth it if you’re familiar with the Linux command line and want to get the most out of this powerful tool.

        In this tutorial, I will explain how to set up and configure GitLab on an Ubuntu 18.04, 20.04, and 22.04 server in five steps. Let’s get started!

      • UNIX CopPandora FMS Monitoring Tool Installation on Ubuntu 22.04

        Pandora FMS is software for monitoring computer networks. Pandora FMS allows the visual monitoring of the status and performance of several parameters from different operating systems, servers, applications and hardware systems such as firewalls, proxies, databases, web servers or routers. Wikipedia

        Designed to be modular, multi-platform and easy to customize, Pandora FMS supports monitoring of networks, servers, applications, databases, cloud and virtualization, logs, user experience, and business processes.

        It uses powerful agents for all operating systems to collect data from monitored systems and devices, supports both local and remote network monitoring, auto-monitoring where agents detect storage devices, partitions or databases, and many other things. Agents can control system components such as services, execute processes or remove temporary files and more.

        It also features a flexible notification and alert system, supports remote access via tools such as eHorus and SSH, auto-discovery of networks, network elements, network topology, etc. And has an integrated reporting system with dozens of different report templates and graphs for analysis. Notably, it is fully compatible with most open-source tools and experienced users can also create custom integrations with the services of their choice and so much more.

      • UNIX CopHow to setup Secure GitLab Registry

        We demonstrated how to configure a GitLab instance in our previous post so that you may manage the projects for your company or yourself. We advised using an FQDN and making the GitLab instance accessible through HTTPS. Since most of the applications are containerized, it makes sense to configure a container registry where multiple iterations of your programme and its many components can be kept in Docker images.

        Don’t worry if you don’t know what a container registry is. Once you actually upload the first container image to a GitLab instance, it will become evident. Consider it like repositories for your container images for the time being. These are simply images, stored inside the remote GitLab instance but are not running containers.

      • Linux Hint2 Easy Methods to Install Docker on Raspberry Pi

        Docker is an open-source platform to create, edit, and run applications in the container. The container is a lightweight, loosely created environment where you have the freedom to package and run an application. You can run multiple containers at a single host without worrying about utilizing the system resources and it contains everything you need to run an application on the system.
        Thus, you can speed up the development process through docker since it reduces the time for writing and running code in production.

        In this article, you will learn how to install docker on your Raspberry Pi system through different methods.

      • Linux HintHow to Install Geany on Linux Mint 21

        Geany is the most popular, lightweight, fast, and open-source text editor used for programming purposes. It is a multi-platform software that runs on several systems like NetBSD, Solaris, Windows, and Linux.

      • Linux HintHow to Clear Arduino Serial Buffer

        Arduino is an electronic platform that takes instructions from users in the form of code known as sketch and generates output accordingly. To collect the instructions and process them one by one, the Arduino uses a serial buffer. The Arduino serial buffer holds the incoming data until the device is ready to process them. Sometimes we have to clear the Arduino serial buffer to avoid interference with incoming data. Let’s see this in more detail.

      • Linux HintHow to Install GNU Debugger GDB on Linux Mint 21

        GNU Debugger, commonly referred as GDB is a powerful and open-source debugging tool that can run on Linux and Unix-type operating systems. The GDB tool was specifically designed for C and C++ languages; due to its wide range of supportive languages, it can debug other languages as well like Ada, Fortran, Go, Pascal, and many others. It is used by developers to examine variables, calling functions, debug preprocessor macros, server-client debug architecture, and many other rich features that one can think of it.

      • Linux HintHow to Install Conky System Monitoring Tool on Raspberry Pi

        Conky is a system monitoring application that displays information on a desktop. Conky displays information about the whole system like the battery status, email notifications, storage, processor information, and much more. It also displays the calendar, time, and status of the weather. In this article, we will show you how to install Conky system monitoring tool on Raspberry Pi OS.

      • Linux HintHow to Install and Setup Plex Media Server on Raspberry Pi

        Plex Media Server is a media streaming platform that allows you to watch Live TV channels, TV shows, and movies. You can even stream your media files, such as audio, video, and pictures, from your system and organize them according to your choice.

        This article is a detailed guide in installing and setting up the Plex media server on your Raspberry Pi system.

      • Linux HintHow to Install Apache Maven on Linux Mint 21

        Apache Maven is a popular, open-source project management tool used to develop and manage Java projects and documentation. It comes from the concept of POM (project object model) with the extensible feature. It has the ability to add plugins and support other languages as well, such as C#, Scala, and Ruby. It is a helpful comprehension tool that gives bundles of details about projects. This tool is also available for Linux distribution also and in this tutorial, we will learn how to install it on Linux Mint 21 system.

      • Linux BuzzHow to enable timestamp in history command

        In this post, we will describe how enable timestamp in history command.

        History command in Linux & UNIX systems keep tracks all command which were executed by the users in the past. By default, history command keeps the records of last 1000 commands. This feature helps sysadmins to recall the command’s syntax if it is executed in the past and also helps in troubleshooting and audit purpose.

        However, in history command output, timestamp is not enabled, so to enable it we must export environment variable HISTTIMEFORMAT.

      • Linux HintHow to Install GNOME Screenshot Utility on Raspberry Pi

        GNOME Screenshot is a lightweight tool used by Linux users to take screenshots on their systems. It’s one of the most valuable tools that allow you to capture an entire window, desired window, and selected area screenshots on your system.

        If you are looking for a screenshot tool for your Raspberry Pi system, you can easily install this tool using this article’s guidelines.

        How to Install GNOME Screenshot Utility on Raspberry Pi

        The GNOME Screenshot utility can easily be installed on all Linux systems, including the Raspberry Pi system and you can follow the below-mentioned steps to install it on Raspberry Pi.

      • Linux HintHow to Install Gradle on Linux Mint 21

        Gradle is an open-source, popular build automation tool used to create applications based on Groovy and Kotlin. It is a flexible tool and is famous among Linux users because of its consistency. Gradle supports many programming languages like Java, Android, C/C++, Scala, etc. It doesn’t matter how long the project is, Gradle will download respective dependencies and repositories automatically to create it. The structure it follows to create applications is building (compiling, linking, code packaging), automating, and delivering the product with fast performance.

      • KifarunixHow to Integrate TheHive with MISP
      • Network WorldBash: A primer for more effective use of the Linux bash shell | Network World

        There are lots of sides to bash and much to know before you’re likely to feel comfortable snuggling up to it. This post examines many aspects of this very popular shell and recommends further reading.

      • Make Use OfHow to Run Ubuntu as a Docker Container

        Docker is the most-loved programming tool according to Stack Overflow’s 2022 developer survey. It is widely used in IT and has revolutionized the way we deploy applications.

        Docker containers are a bit similar to virtual machines, but they are more lightweight and come packed with only the basic required elements of an operating system. To appreciate how minimal Docker containers can be, let’s see how you can run Ubuntu in Docker.

      • ID RootHow To Install Symfony Framework on Ubuntu 22.04 LTS – idroot

        In this tutorial, we will show you how to install Symfony Framework on Ubuntu 22.04 LTS. For those of you who didn’t know, Symfony is a web application framework written in PHP. It provides a set of reusable PHP components. Symfony is easy to install and configure on most platforms.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Symfony Framework on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • Linux Made SimpleHow to install SSF2 Project B Patch 9 on a Chromebook

        Today we are looking at how to install SSF2 Project B Patch 9 on a Chromebook.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • Real Linux UserHow to create a Linux Mint bootable USB in macOS and Windows – Linux Mint 21 edition – Real Linux User

        One of the many powerful features of Linux is the ability to start a distribution directly from a USB stick, without affecting your hard drive and the operating system on it. It is therefore not required to perform a complete installation to use or try out Linux before actually installing it. But even if you have made the decision to install Linux individually or maybe next to your current Windows or macOS installation, you need a bootable Linux USB device. In this tutorial, I will explain how to create a Linux Mint bootable USB in macOS and Windows, from which Linux Mint 21 can be started to try out or install.

  • Distributions and Operating Systems

    • New Releases

      • LinuxiacClonezilla Live 3.0.2 Comes with UFW Firewall in the Live System

        Clonezilla is a free, open-source disk imaging and cloning application that runs from a live CD or USB drive. It is created for disk partition, imaging, cloning tasks, bare metal backup, and recovery.

        It is targeted any IT pro looking for a reliable, cost-effective tool to enable them to image and restore machines quickly and safely.

        There are three Clonezilla variations: Clonezilla Live, a small bootable Linux distribution for x86/64-based computers, Clonezilla Lite Server, and Clonezilla SE. Recently, the Clonezilla project published the latest release of Clonezilla Live 3.0.2, so let’s look at what’s changed.

      • 9to5LinuxClonezilla Live 3.0.2 Disk Cloning/Imaging Utility Released with Linux Kernel 6.0 – 9to5Linux

        Clonezilla Live 3.0.2 disk cloning/imaging utility is now available for download. This release is powered by the latest Linux 6.0 kernel series and synced with the Debian Sid repositories as of November 3rd, 2022.

        The post Clonezilla Live 3.0.2 Disk Cloning/Imaging Utility Released with Linux Kernel 6.0 appeared first on 9to5Linux – do not reproduce this article without permission. This RSS feed is intended for readers, not scrapers.

    • BSD

      • APNICA few more of my favourite things about the OpenBSD Packet Filter tools | APNIC Blog

        With PF, you can create a network that learns. Fairly early in PF’s history, it occurred to the developers that the network stack collects and keeps track of information about the traffic it sees, which could then be acted upon if the software became able to actively monitor the data and act on specified changes. So the state tracking options entered the pf.conf repertoire in their initial form with the OpenBSD 3.7 release.

        A common use case is when you run an SSH service or really any kind of listening service with the option to log in, you will see some number of failed authentication attempts that generate noise in the logs. Password guessing, or as some of us say, password groping, can turn out to be pretty annoying even if the miscreants do not actually manage to compromise any of your systems. So to eliminate noise in our logs we turn to the data that is anyway available in the state table, to track the state of active connections, and to act on limits you define such as the number of connections from a single host over a set number of seconds.

    • SUSE/OpenSUSE

      • Ish SookunopenSUSE Board Election 2022 campaign has begun

        openSUSE members can also ask questions to the candidates on the project mailing list. Vojtěch Zeisek asked the candidates about their plans and what they want to achieve with the project.

        Douglas had an interesting answer. He stated that he would like to see that the openSUSE Project adopts the blockchain technology. He cited the election as an example where a smart contract could facilitate the task of running elections and maintaining an updated members list based on whether members’ tokens have been used in (x) number of years.

        He also mentioned NFT as something that could be explored to create a sort of badge system like the Fedora project has and member contributions could be rewarded with NFTs.

    • Fedora Family / IBM

      • Weekly status of Packit Team: November 2022 | Packit

        Week 44 (November 1st – November 7th) # Fixed an issue due to which the repository was never searched for a specfile if specfile_path was not specified, and specfile_path was always set to <repo_name>.spec. (packit#1758) Packit is now able to generate automatic Bodhi update notes including a changelog diff since the latest stable build of a package. (packit#1747) Description of Bodhi updates now contains a changelog diff. (packit-service#1713)

      • Red Hat.NET 7 now available for RHEL and OpenShift [Ed: Red Hat helps Microsoft's lock-in tactics]

        This is a quick overview of what developers need to know about this new major release. The .NET 7 release is now available, targeting Red Hat Enterprise Linux (RHEL) 8.7, RHEL 9.1, and Red Hat OpenShift.

    • Debian Family

      • CNX SoftwareAXERA AX620A 4K AI SoC delivers up to 14.4 TOPS for computer vision applications – CNX Software

        AXERA AX620A is a high-performance, low-power AI SoC with a quad-core Arm Cortex-A7 processor and a 14.4TOPs @ INT4 or 3.6TOPs @ INT8’s NPU that is slightly inferior to the Amlogic A311D, and mainly used for AI vision applications.

        [...]

        The AX620A SDK is based on Debian 11 Linux.

      • Aurélien Jarno – riscv64 porterbox

        For quite some time, many people asked for a riscv64 porterbox. Now we’ve got one called debian-riscv64-porterbox-01.debian.net.

        A big thanks to SiFive for providing the HiFive Unmatched board and OSUOSL for assembling the hardware and hosting it.

      • Blisk

        Blisk is the first developer-oriented browser with built-in devices that runs on your desktop and is available for Windows, macOS, and Linux. It provides teams and freelancers with a workspace to develop and test modern web applications twice faster. You can use Blisk as a regular browser to look for something across the web (Browsing mode) or you can use a workspace for web development (Developer Mode).

    • Canonical/Ubuntu Family

      • Daniel LangeYour software stores are a bad idea | Daniel Lange’s blog

        There is significant effort involved to get your apt or dnf commands always have a consistent set of servers to talk to.

        [...]

        That way more admins need to learn how to run high availability services for dubious business opportunities to “later” monetize services. Services that nobody cares to pay for and thus opportunities that never materialize. But every company wants to find that out again. Because if Apple could do it, why shouldn’t Canonical be able to do it? $$$!1!!

    • Open Hardware/Modding

      • Tom’s HardwareRaspberry Pi Takes Star Trek UI To Red Alert | Tom’s Hardware

        Not everyone has the luxury of making their way onto a Starfleet-operated starship but if you’re craving the experience, you’ll have to settle for the next best thing. Today we’re sharing an incredible LCARS interface project put together by Rob, also known as meWho_System47 over at Twitter, who worked with James Mitchell to make it run on our favorite SBC, the Raspberry Pi.

        LCARS is an acronym from the Star Trek universe that stands for Library Computer Access/Retrieval System. The user interface design was created by Michael Okuda a a means to convey a complex computer interfaces, using backlit plastic panels. This interface can be seen on screens throughout the series and is loved by fans for its unique design. This custom LCARS UI project is packed full of features for the modern Star Trek fan and can even interact with real-world technology.

      • Linux HintEnhance Raspberry Pi Zero Functionality with PoE USB HUB HAT

        Want to power up the Raspberry Pi Zero by ethernet cable and need to add some extra USB ports to it then PoE USB HUB HAT would be the best for you. This HUB comes with two USB Type-A and one USB Type-C ports along with the ethernet port. This HUB can add extra functionality to the Raspberry Pi Zero as one can connect the number of devices which will increase the number of applications for which it can be used.

      • Linux HintHow to Legally Download Free ROMs for RetroPie

        RetroPie is a gaming emulator that allows users to play different emulator games like PlayStation, NES, SNES, and so on. The aim of RetroPie is to provide retro gaming support for Raspberry Pi systems so that the user can use the device as a gaming machine. However, to play games on RetroPie, you should need a game ROM that needs to be put inside the RetroPie directory so that you can then play it on your device. To learn more about RetroPie you can check this article.

        If you are looking for help on how you can download free ROMs for RetroPie, follow this article’s guidelines.

        But, before moving toward the process, let’s first discuss ROMs.

      • Linux HintIs ESP32 Better than Arduino

        Both Arduino and ESP32 are microcontroller-based boards that can take inputs and generate output accordingly. Both these boards are famous among students and researchers because they don’t need any extra hardware like CPU to process the information, one just needs a tiny board that can fit in your pocket and perform tasks easily. But a question comes to everyone’s mind is ESP32 better than Arduino.

      • Linux HintInterfacing MQ-2 Gas Sensor with ESP32 Using Arduino IDE

        Sensors are an important part of designing IoT based projects as they feed the data to the system. Microcontroller based IoT boards gained popularity because of their ability to interface different sensors and upload data to the cloud or generate an emergency email.

        The board we are talking about is ESP32 which due to its limitless feature helps users to interface multiple sensors. Gas sensor is among the widely used sensors with ESP32 which can detect fire eruption or gas leakage inside a room. Let’s find out the possible way of interfacing MQ-2 gas sensor with ESP32.

      • Linux HintESP32 ADC – Read Analog Values with Arduino IDE

        ADC (analog to digital converter) is an electronic circuit that comes with different microcontroller boards or integrated inside the microcontroller. ADC is used to convert the analog voltage from different sensors into digital form. Like Arduino, ESP32 also has an ADC which can read analog data. Let’s find out more about ESP32 ADC.

      • CNX SoftwareGiveaway Week 2022 – Pico:ed Smart Cutebot Kit

        The third prize of this year’s giveaway week comes courtesy of ELECFREAKS which offers a Cutebot Pico:ed kit based on the Pico:ed board with a Raspberry Pi RP2040 microcontroller and following BBC Micro:bit form factor. The kit also includes two high-speed motors to drive two wheels, ultrasonic & distance sensors, two RGB LED lights and clearance lamps on the bottom, two line-tracking probes, and an active buzzer used as a horn.

      • ArduinoIncrease a robot arm’s payload capacity by relocating its wrist motors | Arduino Blog

        o give an electric car more range, you need a bigger battery pack. But that adds weight, so you need bigger motors and more battery capacity to compensate. This creates a vicious cycle and robot arms are susceptible to a similar problem. A robot arm needs to lift its own weight in addition to whatever it picks up. Bigger motors to increase the payload capacity also increase weight, thereby decreasing the payload capacity. This video from RoTechnic describes how to sidestep that cycle with remote motors.

        RoTechnic’s robot arm has six degrees of freedom (DoF): a rotating base, a shoulder joint, an elbow joint, a rotating wrist joint, a tilting wrist joint, and a rotating end effector. If the robot were a conventional design, all of those joints (except the first two) would require a motor that adds levered weight to lift. The weight of those motors would subtract from the amount that the arm could otherwise lift. But three of this robot’s motors sit on the table nearby so that it doesn’t need to lift them.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Content Management Systems (CMS)

      • WordPressIntroducing Twenty Twenty-Three

        Twenty Twenty-Three is here, alongside WordPress 6.1! The new default theme offers a clean, blank canvas bundled with a collection of style variations.

        Style variations are predefined design options that give you the opportunity to alter the appearance of your site without having to change your theme. This means that you can keep your template structure but change the visual details of your site with ease.

        For a truly diverse collection, Twenty Twenty-Three’s featured style variations were submitted by members of the WordPress community, resulting in 38 submissions from 19 people in 8 different countries. From those submissions, a curated collection of ten was chosen and bundled with the new theme.

    • FSF

      • FSFFSD meeting recap 2022-11-04

        Check out the great work our volunteers accomplished at today’s Free Software Directory (FSD) IRC meeting.

      • GNUpoke – News: Binary Tools devroom @ FOSDEM 2023 [Savannah]

        GNU poke will be part of the Binary Tools devroom at the next edition of FOSDEM, to be celebrated 4th and 5th February 2023 in Brussels.

        Below is the Call For Proposals for the devroom. Hope to see you there, is gonna be fun! :)

    • Licensing / Legal

      • Vice Media GroupGitHub Users File a Class-Action Lawsuit Against Microsoft for Training an AI Tool With Their Code [Ed: Microsoft keeps breaking thje law in an attempt to injure the competition]

        GitHub programmers have filed a class-action lawsuit against GitHub, its parent Microsoft, and its technology partner, OpenAI, for allegedly violating their open-source licenses and using their code to train Microsoft’s latest AI tool, called Copilot.

        GitHub Copilot, which was launched in June, suggests code and functions to GitHub users in real time. Copilot is powered by Codex, an AI system that was created by OpenAI and licensed to Microsoft. According to OpenAI, Codex was trained on “millions of public repositories” and is “an instance of transformative fair use.” However, open-source programmers on GitHub disagree, claiming that Codex has violated their open-source licenses, which only allow non-commercial redistribution and modification of the code and often have restrictions including a requirement to preserve the name of the authors.

    • Programming/Development

      • escapewindow | blue sky: a federation of automation platforms

        Once upon a time, an excited computer lab assistant showed my class the world wide web. Left-aligned black text with blue, underlined hypertext on a grey background, interspersed with low-resolution GIFs. Sites, hosted on other people’s computers across the country, transferred across analog phone lines at over a thousand baud. “This,” he said. “This will change everything.”

        Some two decades later, I blogged about blue sky, next-gen Release Engineering infrastructure without knowing how we’d get there. Stars aligned, and many teams put in hard work. Today, most of our best ideas made it into taskcluster, the massively scalable, cloud-agnostic automation platform that runs Mozilla’s CI and Release Pipelines.

  • Leftovers

    • Hardware

      • IT WireiTWire – Nvidia makes new chip for China to bypass updated US restrictions

        US chip manufacturer Nvidia has created a new advanced chip in China that meets the export control rules laid down by the US administration in October.

        A company spokesperson told iTWire in response to a query: “The Nvidia A800 GPU, which went into production in Q3, is another alternative product to the Nvidia A100 GPU for customers in China.

        “The A800 meets the US Government’s clear test for reduced export control and cannot be programmed to exceed it.”

        Reuters was the first to report about the new chip, saying on Monday, “Chinese computer sellers are advertising products with the new chip”.

      • IT WireSome US Lexus models losing connected features after 3G shutdown

        Some Toyota Lexus models manufactured between 2010 and 2018 and sold in the US will lose all Lexus Enform features and services after shutdown of 3G networks, a report says.

        Apparently the only way to regain these features is to upgrade to a new model. The features that are lost relate to convenience and safety, the site Jalopnik claimed. Lexus Enform is a telematics program for the luxury brand.

        Major US mobile networks are only now phasing out 3G services, something that happened a while ago in Australia.

    • Health/Nutrition/Agriculture

      • uni MichiganNicotine use & Gen Z

        As I scroll through TikTok, a snippet catches my attention. An indie sleaze song accompanies a video of a beautiful person in a chic outfit, a cigarette casually hanging between their fingers — which are heavily decorated with rings. They take a pleasant drag before blowing the smoke out, gazing mysteriously into the distance through their thick sunglasses as if in a Quentin Tarantino movie scene. They scream “cool,” not only because of their eclectic outfit or “it-girl” body, but also because of the grungy and nonchalant way they inhale a known carcinogen.

    • Security

      • Hacker NewsAmadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines [Ed: Microsoft Windows TCO]

        The cybersecurity firm’s latest analysis is based on a Microsoft Word file (“심시아.docx”) that was uploaded to VirusTotal on October 28, 2022. The document contains a malicious VBA macro that, when enabled by the victim, runs a PowerShell command to download and run Amadey.

      • IT WireMicrosoft fixes four zero-days, 58 other flaws on Patch Tuesday [Ed: Microsoft already helped the NSA exploit these, and for who knows how long....]

        Microsoft has released patches for four zero-day vulnerabilities among the 62 advisories which it released on Wednesday AEDT, in its monthly Patch Tuesday fixes. All of these zero-days have been exploited in the wild.

        Nine of the flaws detailed were in the critical category, the security firm Tenable said in its analysis, with 53 being in the next, important, category.

        Top of the list were two vulnerabilities that affect Windows Mark of the Web, a security feature used to tag files that are downloaded from the Internet, and prevent them from carrying out certain functions.

      • IT WireiTWire – Ransomware group keeps its word, posts Medibank data on dark web

        A ransomware group that on Tuesday threatened to post data stolen from medical insurer Medibank Group on the dark web has kept its word and released a small sample of what it claims is the data it appropriated.

        The operator of this group, that hosts a copy of the site formerly used by the REvil gang, said the data was stored “in not very understandable format (tables dumps) we’ll take some time to sort it out and we posting (sic) a small part of the data, in ‘human readable format (sample in json file )’ also we post all raw data.

        [...]

        The name of the ransomware used is not definite but some refer to it as BlogXX. But it can attack only systems running Microsoft’s Windows operating system.

      • LWNSecurity updates for Tuesday [LWN.net]

        Security updates have been issued by Debian (pixman and sudo), Fedora (mingw-binutils and mingw-gdb), Red Hat (bind, bind9.16, container-tools:3.0, container-tools:4.0, container-tools:rhel8, dnsmasq, dotnet7.0, dovecot, e2fsprogs, flatpak-builder, freetype, fribidi, gdisk, grafana, grafana-pcp, gstreamer1-plugins-good, httpd:2.4, kernel, kernel-rt, libldb, libreoffice, libtiff, libxml2, mingw-expat, mingw-zlib, mutt, nodejs:14, nodejs:18, openblas, openjpeg2, osbuild, pcs, php:7.4, php:8.0, pki-core:10.6 and pki-deps:10.6, poppler, protobuf, python27:2.7, python38:3.8 and python38-devel:3.8, python39:3.9 and python39-devel:3.9, qt5, redis:6, rsync, unbound, virt:rhel, virt-devel:rhel, wavpack, webkit2gtk3, xmlrpc-c, xorg-x11-server, xorg-x11-server-Xwayland, and yajl), SUSE (exiv2, expat, rubygem-nokogiri, sudo, and vsftpd), and Ubuntu (isc-dhcp, libraw, sqlite3, and tiff).

      • Hacker NewsNew Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader [Ed: Microsoft Windows TCO]

        Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader.

        SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like SystemBC and Raccoon Stealer 2.0, according to an analysis from Cyble.

        [...]

        Clippers, also called ClipBankers, fall under a category of malware that Microsoft calls cryware, which are designed to steal crypto by keeping close tabs on a victim’s clipboard activity and swapping the original wallet address, if present, with an attacker-controlled address.

      • USCERTCISA Adds Seven Known Exploited Vulnerabilities to Catalog [Ed: Most of these are Microsoft Windows, but CISA fails to say so]

        CISA has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.

      • XSAs released on 2022-11-08

        The Xen Project has released one or more Xen security advisories (XSAs). The security of Qubes OS is affected. Therefore, user action is required.

      • QSB-086: Speculative security issues on AMD CPUs (XSA-422)

        We have just published Qubes Security Bulletin (QSB) 086: Speculative security issues on AMD CPUs (XSA-422). The text of this QSB is reproduced below. This QSB and its accompanying signatures will always be available in the Qubes Security Pack (qubes-secpack). More information about QSBs, including a complete historical list, is available here.

      • SANSCritical OpenSSL 3.0 Update Released. Patches CVE-2022-3786, CVE-2022-3602, (Tue, Nov 1st) [Ed: This title is still false.]

        As preannounced, OpenSSL released version 3.0.7, which patches two related vulnerabilities rated as “High.” Initially, as part of a preannouncement, the vulnerability was rated “Critical.” OpenSSL 3.0 was initially released in September of last year.

        The update patches a buffer overrun vulnerability that happens during the certificate verification. The certificated needs to contain a malicious Punycode encoded name, and the vulnerability is only triggered AFTER the certificate chain is verified. An attacker first needs to be able to have a malicious certificate signed by a certificate authority the client trusts. This does not appear to be exploitable against servers. For servers, this may be exploitable if the server requests a certificate from the client (mTLS) [1] . OpenSSL also published a blog post with details here: https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/

        In short: While this is a potential remote code execution vulnerability, the requirements to trigger the vulnerability are not trivial, and I do not see this as a “Heartbleed Emergency”. Patch quickly as updated packages become available, but beyond this, no immediate action is needed.

      • SANSInfoSec Handlers Diary Blog – SANS Internet Storm Center

        I spotted a malicious RAR archive that contained a VBS script. It was called “Unidad judicial citacion pendiente Fiscalia.rar” and protected with a simple 4-numbers password to defeat automatic scanning. Inside, the VBS script has the same name. Both are unknown to VT.

      • SANSMicrosoft November 2022 Patch Tuesday, (Tue, Nov 8th) [Ed: Microsoft left many known holes unpatched until it was too late and those were widely exploited]

        The previously disclosed (and exploited) vulnerability is a security feature bypass on Windows Mark of the Web (MOTW) (CVE-2022-41091). According to the advisory, an attacker can craft a malicious file that would evade MOTW defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. The CVSS for this vulnerability is 5.4.

      • SANSWindows Malware with VHD Extension

        Windows 10 supports various virtual drives natively and can recognize and use ISO, VHD and VHDX files. The file included as an attachment with this email, when extracted appears in the email as a PDF but is is in fact a VHD file.

    • AstroTurf/Lobbying/Politics

      • ZDNetWhy Twitter will fail shortly

        Elon Musk has taken over Twitter, and it appears he’s already failing on his promise not to turn Twitter into a ‘free-for-all hellscape.’ But, I’m not here to talk about his policy blunders. That’s a story for another day. No, I’m here to predict that Twitter, the site, will soon crash. And, once it fails, it won’t be coming up for a while.

      • VideoThe Absolute State Of Twitter – Invidious

        Twitter has become more popular than ever, it’s new owner Elon Musk claims to value free speech more than anything else yet he recently decided to add further restrictions to parody accounts.

      • Daniel AleksandersenDon’t record your social life on an append-only social network | Ctrl blog

        Secure Scuttlebutt (SSB) is an alternative, self-governed, distributed social network without gatekeepers. You only see updates and mentions from people you follow, so moderation isn’t as much of an issue as on Twitter. However, the technology that powers the platform is ill-suited for sharing things with our ever-changing social circles.

        [...]

        All you need to get started is an SSB-compatible client app; you don’t even need an internet connection (except when pushing and pulling updates). Every update you publish, whether public or private, is stored in a local append-only database (AOD). The database exists primarily on your local device.

        The network works by having its users synchronize with each other’s account databases. The databases get distributed through “pub” servers. Some SSB client apps can also exchange updates using other means, such as directly between devices using distributed peer-to-peer (P2P) connectivity. Users and pubs can pass along updates on behalf of mutual connections, so everyone doesn’t need to be online simultaneously for the network to function.

      • VoxMidterm election results 2022: Gen Z candidate Maxwell Frost is elected to Congress, plus more firsts – Vox

        Maxwell Alejandro Frost, a 25-year-old community organizer, has officially become the first Gen Z member elected to Congress after winning a House seat in Florida’s 10th Congressional District.

    • Monopolies

      • EngadgetEuropean Union opens ‘in-depth’ investigation into Microsoft’s purchase of Activision Blizzard

        As expected, the European Commission will carry out a full-scale investigation into Microsoft’s $69 billion bid to buy Activision Blizzard. Following a preliminary probe, the European Commission announced Tuesday (via Reuters) it believes the deal may “significantly reduce competition” in a handful of areas, including the PC and console gaming markets, as well as among cloud gaming services.

        According to the Commission’s antitrust officials, Microsoft has the potential economic incentive to prevent competitors from accessing Activision Blizzard’s “high-profile and highly successful games,” including new Call of Duty entries. The body notes it’s also concerned the deal could unfairly advantage Windows against competing PC operating systems. On the surface, that seems like a strange concern, but it’s worth pointing out that the success of devices like the Steam Deck has made Linux something of a viable gaming alternative to Windows.

        With today’s announcement, the European Commission now has 90 working days to complete its probe, a timeline that means a decision would arrive on March 23rd, 2023 at the latest.

      • Jacobin MagazineCory Doctorow Wants You to Fight Big Tech

        In their new book, Chokepoint Capitalism: How Big Tech and Big Content Captured Creative Labor Markets and How We’ll Win Them Back (Beacon, 2022), Rebecca Giblin and Cory Doctorow explain how big market players squeeze creators and consumers through monopoly and monopsony — and outline a way to break free from their grasp.

        Coauthor Cory Doctorow recently spoke to David Moscrop for Jacobin and discussed Chokepoint Capitalism, Doctorow’s anti-capitalist oeuvre, what chokepoint capitalism means for creators and consumers, its prevalence in the cultural industries, and how to fight against it.

  • Gemini* and Gopher

    • Politics

      • On Christian Nationalism

        Fun fact: I was what could now be described as a Christian nationalist in my younger years.

        I thought (my romanticized version of) America was God’s country and American culture was godly culture, and Satan was out to destroy it through Democrats and “politically correct” (PC) ideology. I was thoroughly indoctrinated by Trinity Broadcasting Network (TBN) and Christian radio stations and regularly donated to Christian Coalition, American Centers for Law and Justice, and other similar entities. I believed that America’s God-given destiny was to conquer the nations and make them submit to the Gospel.

      • The state of American politics on this election day

        I no longer write about politics a lot. After many years of activism and community organizing, and having witnessed the sorry state of U.S. politics, I sort of lost interest. As conservatives used to say, not everything in society is politics, and not everything in society should be addressed in the realm of politics.

        Once again, today’s midterm elections are called “the most consequential” of our times. I’ve heard this two years ago, four years ago, six years ago, and eight years ago. Most of my friends these days are Democrats and left-leaning independents. They feel that a Republican victory will bring an existential crisis to the United States.

      • And hopefully, this means I stop getting SMS spam from politicians

        It’s political season. Not to be confused with deer season (or rabbit season, or duck season or even gator season, much to the dismay of many). And it’s the second Tuesday of November on an even year, so it’s also Federal political season.

        Lovely.

        The sun was out, the weather was cool (for Florida, which means the asphalt is only slightly soft from the heat) and as usual [1], I walked to the polling station. It wasn’t crowded at all and it only took a few moments to fill out the ballot.

    • Technical

      • Internet/Gemini

        • Quick updates (Nov. 8, 2022)

          I have not been here for about half a year. I have been also not as active on various social media platforms as I used to be.

      • Programming

        • Handling Optional Values in Rust macro_rules

          I couldn’t bear the amount of repetitive in code in [one of my projects] that had to do with the definition, identification and representation of token types in the scanner part of an interpreter. All of the token string representations were defined as string constants in one place and then I had created an enumeration of the token types themselves with one function for parsing a string into a token type and one function to get the string representation from a token type. This problem seems like a perfect fit for [a Rust macro], but as we’ll see it was a bit more involved to implement than I initially thought. However, once I grokked how to make use of macro recursion over multiple match arms the solution turned out to be quite simple and elegant.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts