Welcome to this week's Linux Weekly Roundup. We had a full week in the world of Linux with these releases deepin 20.8, Kali Linux 2022.4, SparkyLinux 2022.12, KaOS 2022.12, MakuluLinux 2022-12-04.
Still no sound, but I learned a couple of new things…
So, I finally got around to upgrading my laptop. I decided to go for my fourth XPS13, and this time I opted for a maxed out XPS13 Plus. A really nice machine. However, the driver stack isn’t quite there yet. Yes, I should have read up more before buying, but I didn’t and I know it will be sorted out over time.
As a vim user, the touch Esc key will be a challenge. Perhaps this is where I learn to bind to capslock, but I’ve not come to that point yet.
So, after installing using the netinst image with non-free drivers (and my phone over USB tether for networking since the wifi still didn’t work), I had to move to testing for anything to work. Then I installed firmware-iwlwifi, iwlwifi and firmware-sof-signed from non-free. This got me into a graphical desktop and most things work (I could configure the touch pad for tap-to-click, and so on). I run a KDE desktop, so I installed some Plymouth stuff, breeze for SDDM and such, but that shouldn’t affect the issues described here.
The Kubernetes Special Interest Group (SIG) Release is proud to announce that we are digitally signing all release artifacts, and that this aspect of Kubernetes has now reached beta.
Signing artifacts provides end users a chance to verify the integrity of the downloaded resource. It allows to mitigate man-in-the-middle attacks directly on the client side and therefore ensures the trustfulness of the remote serving the artifacts. The overall goal of out past work was to define the used tooling for signing all Kubernetes related artifacts as well as providing a standard signing process for related projects (for example for those in kubernetes-sigs).
We already signed all officially released container images (from Kubernetes v1.24 onwards). Image signing was alpha for v1.24 and v1.25. For v1.26, we've added all binary artifacts to the signing process as well! This means that now all client, server and source tarballs, binary artifacts, Software Bills of Material (SBOMs) as well as the build provenance will be signed using cosign. Technically speaking, we now ship additional *.sig (signature) and *.cert (certificate) files side by side to the artifacts for verifying their integrity.
The 60th edition of the Top500 list, revealed today at SC22 in Dallas, Texas, showcases many of the same systems as the previous installment, with Frontier still out in front as the first official Linpack exascaler, clocking 1.102 exaflops. Installed at Oak Ridge National Laboratory, Frontier – a collaboration of the DOE, HPE and AMD – comprises 74 HPE Cray EX cabinets, housing 9,408 nodes, each equipped with one AMD Milan “Trento” Epyc CPU and four AMD Instinct MI250X GPUs.
Frontier also scored highest on the HPL-MxP benchmark with 7.9 exaflops. A companion benchmark to the Top500, HPL-MxP was formerly known as HPL-AI. The benchmark “seeks to highlight the convergence of HPC and artificial intelligence (AI) workloads based on machine learning and deep learning by solving a system of linear equations using novel, mixed-precision algorithms that exploit modern hardware,” according to the backers.
We like to think of the FOSS space as being run by volunteers and that's certainly true for the userspace but when it comes to the kernel it wouldn't even be functional without corporate
Graham McNicoll & Jeremy Dorn are Co-founders of GrowthBook, the open source feature flagging and experimentation platform out of YC.
Mike Malone is Founder of Smallstep, the automated certificate management platform for DevOps teams. Their certificate management project, also called smallstep, has 5K stars on GitHub and provides a private certificate authority and ACME server for secure automated certificate management.
In this video, we are looking at how to install CLion on Linux Mint 21.
More than two months in the works, Linux kernel 6.1 is here to introduce experimental support for the Rust programming language. While this may sound very exciting for some, you should keep in mind that "experimental" means that it’s only a very basic implementation of Rust that cannot be used for any real-world use cases.
Another major change in Linux 6.1 is the multi-generational LRU VM work to better identify the memory pages that are actually in use. In addition, the new kernel series brings the ability to perform PKCS#7 signature verifications in BPF programs and to create destructive BPF programs, and a new security-module hook for controlling how user namespaces are created.
So here we are, a week late, but last week was nice and slow, and I'm much happier about the state of 6.1 than I was a couple of weeks ago when things didn't seem to be slowing down.
Of course, that means that now we have the merge window from hell, just before the holidays, with me having some pre-holiday travel coming up too. So while delaying things for a week was the right thing to do, it does make the timing for the 6.2 merge window awkward.
That said, I'm happy to report that people seem to have taken that to heart, and I already have two dozen pull requests pending for tomorrow in my inbox. And hopefully I'll get another batch overnight, so that I can try to really get as much of the merge window done with early. We all want to have a calm holiday season.
And because of that "we all want to have a calm holiday season", I want to re-iterate that I'm going to be pretty strict about the merge window rules. The rules are that the pull requests sent to me during the merge window should have been ready _before_ the merge window, and have seen some time in linux-next. No last-minute batch of experimental new development that hasn't been seen by our test automation.
So to make my life easier, I will just drop any pull requests that come in late, or that look like they haven't been in linux-next. This time of year, we're all going to be much happier to deal with the stress of the season _without_ having to deal with the stress of any late development. So if you already realize that work hasn't been in linux-next, let's just all agree to not even send me the pull request at all, and we'll all be happy with the calm end-of-the-year season. Ok?
Anyway, I think I've harped on that enough, let's just enjoy this release and the upcoming festivities. As can be seen from the shortlog below, last week really was very quiet, and it's mainly a few last-minute fixes mostly dominated by drivers (networking in particular, but there's some media, HID and GPU noise in there too).
Linus
Headline features in 6.1 include reworked, LLVM-based control-flow integrity, initial support for kernel development in Rust, support for destructive BPF programs, some significant io_uring performance improvements, better user-space control over transparent huge-page creation, improved memory-tiering support, fundamental memory-management rewrites in the form of the multi-generational LRU and the maple tree data structure, the kernel memory sanitizer, and much more. See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 6.1 page for more information.
This isn't the only such fix in recent years. As a series of articles on Phoronix details, there has been a slow but steady flow of fixes for the kernel's handling of floppy drives since at least kernel 5.17, as The Register mentioned when it came out....
Back in July 2016, SUSE kernel developer Jiri Kosina submitted a patch. The problem arose because this change broke something else and later got reverted, and so the problem hung around. In July last year, he sent in a new patch that fixed it again for the 5.12 kernel, and was later back-ported to 5.10, an LTS version, and again into kernel 5.15 — another an LTS version, and the one you're running today if you're on the current Ubuntu LTS release, or something built from it such as Linux Mint 21....
Now, in December 2022, a new patch for the forthcoming kernel 6.2 fixes a memory leak that dates back to 5.11 or before.
After two years of work to reverse engineer Apple Silicon GPU instruction set and to implement the kernel driver, Asahi Linux has finally got an alpha-quality release of its GPU driver that is already good enough to run a smooth desktop experience and some games, Asahi developers Alyssa Rosenzweig and Asahi Lina say.
[...]
Being still an alpha release, there is still much work to do before the GPU driver becomes complete and stable. In particular, OpenGL 3 is still in early stage and Vulkan support is only nascent, although it can reuse the driver, the compiler, and some source code shared with the OpenGL driver. Additionally, the current OpenGL implementation has not passed yet the OpenGL (ES) conformance tests.
Fireplace and Puddle help you simulate log fire and rainstorms within your Linux terminal.
Christmas is almost here, and in the Northern Hemisphere, nights are drawing in, the temperature's dropping, and fuel prices aren't getting any cheaper.
As the hoarfrost settles across your eyebrows and icy stalactites form from your nostrils, warm yourself with the light of a log fire in your terminal, or embrace the weather with a CLI rainstorm.
A new version of OpenShot, a free, open-source video editor for Linux, is available to download.
OpenShot 3.0 contains over 1,000 improvements and fixes, includes better stability and memory usage, and debuts interesting new performance and export capabilities. This is the first update to the non-linear video editor since last year.
Jonathan Thomas, the creator of OpenShot, details the changes in a blog post, explain that he and the OpenShot team “worked tirelessly over the past 12 months to identify and fix as many stability issues as possible”. Those less familiar with the app may be unaware it has the nickname “OpenShut” due to recurrent performance issues.
There’s also improved real-time video playback, said to be ‘smoother’ with ‘fewer freezes and pauses’ during preview thanks to changes made to the editor’s video decoding engine.
OpenShot Video Editor is a free, open-source video editor licensed under the GPL version 3.0. OpenShot can take your videos, photos, and music files and help you create the film you have always dreamed of. Easily add sub-titles, transitions, and effects, and then export your film to DVD, YouTube, Vimeo, Xbox 360, and many other common formats. What really sets OpenShot apart from other video editors is the easy-to-use user interface.
OpenShot has many great features, such as trimming and arranging videos, adjusting audio levels, transitions between videos, compositing multiple layers of video, chroma-key / green screen effect, and support of most formats and codecs.
One of the big reasons some people don't switch to Linux is a lack of video editors. While it's true there are more video editing programs on macOS and Windows, there are some great options on Linux too, such as Kdenlive and DaVinci Resolve.
Another popular video editing application that runs on Linux is the open source OpenShot. This cross-platform video editor can run on Windows and macOS too, meaning you can try it on one of those platforms to see if it meets your needs before switching to Linux. And now, OpenShot has reached a new major milestone -- version 3.0. The developers brag that it includes over a thousand changes.
"We have worked tirelessly over the past 12 months to identify and fix as many stability issues as possible in OpenShot. This was a unique challenge, both in finding clever ways to identify and reproduce crashes, and finding solutions that don't impact the performance of OpenShot. A few notable improvements are related to thread safety (during timeline changes and video playback caching), multi-threaded unit tests designed to flush out race conditions and concurrency issues, safer object clean-up and deletion, and updates to the Undo/Redo system to prevent crashes (for example, when spamming undo)," explains Jonathan Thomas, OpenShot Creator.
Earlier this year, we released Akvorado, a flow collector, enricher, and visualizer. It receives network flows from your routers using either NetFlow v9, IPFIX, or sFlow. Several pieces of information are added, like GeoIP and interface names. The flows are exported to Apache Kafka, a distributed queue, then stored inside ClickHouse, a column-oriented database. A web frontend is provided to run queries. A live version is available for you to play.
[...]
The proposed deployment solution relies on Docker Compose to set up Akvorado, Zookeeper, Kafka, and ClickHouse. I hope it should be enough for anyone to get started quickly. Akvorado is performant enough to handle 100ââ¬Â¯000 flows per second with 64 GB of RAM and 24 vCPU. Withââ¬Â¯2ââ¬Â¯TB of disk, you should expect to keep data for a few years.
Are you looking for a tool to quickly bootstrap a Kubernetes cluster? Why not try kubeadm?
Kubeadm is an excellent tool for quickly creating a Kubernetes cluster. By running a series of pre-checks, kubeadm ensures that the server has all the components and configurations needed for Kubernetes. In addition to bootstrapping a Kubernetes cluster with ease, kubeadm also allows you to customize and configure cluster components.
In this guide, you’ll learn how to set up a Kubernetes cluster using kubeadm, upgrade the cluster, and deploy an application to test if it works.
To install a firewall on a Linux server, you can use the ufw (Uncomplicated Firewall) command line utility
Today we are looking at how to install PyCharm Professional edition 2022.3 on a Chromebook.
If you have any questions, please contact us via a Rumble comment and we would be happy to assist you!
Please use the video as a visual guide, and the commands and links below to install it on your Chromebook.
In this post, you will learn how to analyze network traffic in real-time thanks to iptraf-ng. Let’s go.
iptraf-ng is a console-based network statistic monitoring utility. Thanks to it, you will be able to get useful information from the network. It should be noted that, iptraf-ng is a fork of iptraf and is present in many Linux distributions. The ncurses text-based user interface makes it easy to configure and to use this tool.
PHP 8.2 is now available to install on Debian 11 Bullseye or Debian 10 Buster using the well-known Ondà â¢ej Surý third-party repository. Most Debian users prefer using the distribution due to its name in open-source, especially since it is one of the most stable distributions. However, sometimes you may want to install the latest version of a particular software for development or, in most cases, performance for specific software like CMS systems.
A quick overview of what is new with PHP 8.2 is new features and enhancements, including support for read-only classes, allowing constants in trait declarations, fetching enumeration values in constant expressions, MySQLi execute queries, and several bug fixes.
Postfix SASL Authentication is one of the most popular methods for remote SMTP authentication. It’s a secure, reliable, and highly configurable way of sending and receiving emails. Essentially, the Postfix SASL Authentication consists of an authentication server and a client. The client is a mail program that sends the message, and the authentication server validates the credentials of the user. Once authentication is successful, the message is sent and authenticated at the receiving server.
The following step will configure the Postfix server to relay emails from a remote SMTP server with authentication.
I wanted to install NetBSD 9.3 as a virtual machine on a headless FreeBSD machine. This machine already has a bridge in place.
Quarto is Posit’s new open-source scientific and technical publishing system built on Pandoc that allows you to weave together narrative text and code to produce high-quality outputs including reports, presentations, websites, and more. It’s the successor of the highly successful, but R specific, R Markdown ecosystem, bringing all the benefits of R Markdown to other programming langues like Python, Julia and Observable.
Unfortunately, because of the lack of official arm64 binary sources for some of its dependencies (e.g. Deno, SASS, Pandoc), and as explained to me, their limited bandwidth to support not sufficiently popular architectures like Linux arm64. Quarto does not officially support the arm64 architecture, but that doesn’t mean we can’t make it work on it ourselves.
In this tutorial, we will show you how to install aaPanel on Rocky Linux 9. For those of you who didn’t know, aaPanel is a free and open-source hosting control panel easy to install LANMP/LAMP (Linux Apache/Nginx, MySQL, PHP), and OpenLiteSpeed with just a click. Being a web-based GUI control panel, it makes it easy to manage remote and local machines with its vast features.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of aaPanel open-source hosting control panel on Rocky Linux. 9.
Between 2022-12-04 and 2022-12-11 there were 88 new games validated for the Steam Deck. We use numerous criteria such as popularity, reviews and more to get to that Best Steam Deck Games List you find below. Here’s a quick pick of the most interesting ones, split into Verified and Playable ones.
This year’s latest update to KaOS, 2022.12, gives users Linux kernel 6.0.12, the latest Plasma 5.26 desktop, and adds new tools to the distro arsenal.
KaOS is an independent rolling-release distribution inspired by Arch Linux and entirely focused on the KDE Plasma Desktop and related Qt Toolkit-based software.
Although it uses Pacman as its package manager, KaOS does not rely on software repositories developed and maintained by Arch Linux. Instead, the software is available from in-house repositories, built exclusively for 64-bit systems.
The OpenBSD project develops an operating system which is lean, clearly documented, and has a proactive approach to security. The project is also the source of such popular software packages as OpenSSH and LibreSSL which are included in many open source operating systems. OpenBSD's latest release was version 7.2 which can run on over a dozen CPU architectures.
The install media for OpenBSD is available in separate formats for optical media (ISO files) and USB thumb drives (IMG files). The ISO file for the x86_64 architecture is 556MB while the IMG file is 664MB. Booting the OpenBSD media brings up a text console where we are asked if we'd like to install a new copy of OpenBSD, upgrade the operating system, perform an auto-install, or run a command line shell.
The command line shell provided on the install media offers a limited environment. There is just enough command software available to perform some tests and get the system installed. There isn't a full array of tools provided like you'd get on a full install of OpenBSD or from most Linux live discs.
We are excited to announce an integration between Red Hat Insights and Slack is now available as Service Preview. This new communication channel facilitates initiatives to optimize IT operations (ITOps) and development operations (DevOps) by providing a Chat Operations (ChatOps) component to the Hybrid Cloud Console.
For Debian GNU/Linux 12 “Bookworm,” which is expected to hit the streets in the summer of 2023, the Debian Project apparently didn’t hold its usual artwork contest. Instead, they decided to go, once again, with the artwork created by the famous Juliette Taka, who made the artwork of several previous Debian GNU/Linux releases.
Juliette Taka’s “Emerald” artwork will be used as the default theme for Debian GNU/Linux 12 “Bookworm.” This will be used for the wallpaper, login screen, installer, Plymouth boot splash screen, GRUB boot loader, Syslinux / Isolinux, and even as a banner for the website, blog, and wiki.
In this tutorial, we'll test I2C communication with two Arduino boards. LCD are used to display the data sent between master and slave
You can rely on Elektor for solutions and insights to all your electronics challenges. Elektor breaks the constraints of a magazine. It’s a community of active e-engineers — from novices to professionals — eager to learn, make, design and earn surprising electronics. Every edition of Elektor Magazine is loaded with up-to-date news and views, real-world lab tests and high-quality DIY construction projects.
A month ago, when the Great Discontinuity happened, I started working on a Steampipe plugin to enable SQL queries against the Mastodon API, along with a companion Steampipe “mod” (suite of dashboards) to display and chart the results of those queries.
I expect these dashboards will soon be available in Steampipe Cloud, where it will take just a few seconds to pop in your Mastodon access token (from, e.g., https://mastodon.social/settings/applications/new) and begin using the dashboards.
Meanwhile, if you’re so inclined, you can find the plugin here and the dashboards here. If you’re reasonably technical you can pretty quickly and easily install Steampipe, clone these repos, build the plugin, and start using the dashboards.
Why would you want to? My own motivation, originally, was to do Mastodon analytics. I thought Steampipe’s SQLification of the API would be a handy way to discern and monitor activity trends during a period of extraordinary flux. And that’s proven to be true, to a limited extent. Here’s a snapshot of the dashboard that uses the instance activity API.
Earlier this week, I did a quick poll to ask readers what time of week is the most convenient one for them to read these recaps. The majority said “whenever”, with “weekend” taking the second place. Weekend it is then.
Highlights of the week: new releases of Blender, Inkscape, OpenShot, news from GIMP and Ardour.
Examples of two, popular A.I. systems — OpenAI’s ChatGPT and Microsoft GitHub’s Copilot — and how they can negatively impact the world… plus the highly unethical (and illegal) ways that they are developed.
Java is no longer among the top three most popular programming languages in the TIOBE Index, one of several not particularly definitive yardsticks by which such things are measured.
According to Paul Jansen, CEO of Netherlands-based TIOBE Software, the rising popularity of C++ has pushed Java down a notch. The index's rankings are now: Python in first place, C second, C++ third, and Java fourth. C++ stepped up to third, and Java fell to fourth.
"C++ surpassed Java for the first time in the history of the TIOBE Index, which means that Java is at position 4 now," said Jansen in the December update for the TIOBE Index. "This is the first time that Java is not part of the top 3 since the beginning of the TIOBE Index in 2001."
So, which spectral estimator should you pick? The flow chart below presents a reasonable way to pick between spectral estimators. The first question you should ask is, do you want to assume a model for the data? If you don’t know anything about the data or don’t trust what you know, then move to the left side of the flow chart. If the Fourier methods have enough resolution, use the periodogram or the Blackman-Tukey spectral estimator (BTSE). If they don’t, you could try the minimum variance spectral estimator (MVSE). If the MVSE does not have enough resolution, try a high order autoregressive (AR) estimate. The AR method does assume a model for the data, but a high enough AR model can estimate any PSD.
Hypothesis Testing in R, A formal statistical test called a hypothesis test is used to confirm or disprove a statistical hypothesis.
The lsm tree is needed in tigerbeetle to reduce the time taken to recover from crashes and to reduce the cost (ram) of running large databases (vs just having a replicated log on disk and all other state in memory). It's not ready yet though - merging the lsm tree reduced the single node performance on my laptop to ~23k transfers/second (the goal is >1m transfers/second). So that's my main focus at the moment. I've identified a couple of issues so far but haven't fixed any of them yet.
A Cornell team has created an interface that allows users to handwrite and sketch within computer code – a challenge to conventional coding, which typically relies on typing.
The pen-based interface, called Notate, lets users of computational, digital notebooks – such as Jupyter notebooks, which are web-based and interactive – to open drawing canvases and handwrite diagrams within lines of traditional, digitized computer code.
Sometimes when you see an elegant algorithm, you think "looks great, I just need it to also do X". Perhaps you are able to build X directly out of what the algorithm gives you; fantastic. Or, perhaps you can alter the algorithm a bit, and it works just as well while also doing X. Sometimes, though, you alter the algorithm and things go pear-shaped.
Tonight's little note builds on yesterday's semi-space collector article and discusses an worse alternative to the Cheney scanning algorithm.
To recall, we had this visit_field function that takes a edge in the object graph, as the address of a field in memory containing a struct gc_obj*. If the edge points to an object that was already copied, visit_field updates it to the forwarded address. Otherwise it copies the object, thus computing the new address, and then updates the field.
For the sake of argument, let's say that you want to create all of your cloud infrastructure using Terraform, but you also want to use NixOS and Nix flakes. One of the main problems you will run into is the fact that Nix flakes and Terraform are both declarative and there's no easy way to shim Terraform states and Nix flake attributes. I think I've found a way to do this and today you're going to learn how to glue these two otherwise conflicting worlds together.
Ruby programming language giant and lovely person Chris Seaton passed away last night.
[...]
His social media posts showed his struggles with mental health of late. It’s heartbreaking that we couldn’t save him.
The Ruby community has lost a giant. As a programmer, I always feel as if I’m standing on the shoulders of giants. Chris Seaton was one of those giants.
I’ve been working at the same company as Chris for the past 2 years. However, I first met him through the open source world many years ago. He was working on a Ruby implementation called TruffleRuby, and got his PhD in Ruby. Can you believe that? A PhD in Ruby? I’d never heard of such a thing. My impression was that nobody in academia cared about Ruby, but here was Chris, the Ruby Doctor. I was impressed.
Since the elves started using Red (https://raku-advent.blog/2019/12/21/searching-for-a-red-gift/) they thought it was missing a better way of testing code that uses it. They tested it using several SQL files that would be used before each test to populate the database with test data. That works ok, but that’s too hard to understand what’s expected from the test not looking at those SQL files. It also added a big chunk of boilerplate at the beginning of each test file for runnig the SQL. In every file it’s the same code, changing only what file to use. So they decided to look for some better way of doing that.
Searching for it they found a new module called RedFactory. It’s specific for Red and uses factories to make it easier to write and read tests written for code that uses Red. The idea about factories is to have a easy way of adding data to your test DB with default values making that easy to populate the test DB at the same file as the test and setting speccific values only for what is needed on the test.
This year, the diamond that I discovered was a leather craftsman by the name of Ed Mason. The son of a saddle maker, Ed has continued his father's legacy, crafting some truly cool leather goods for the cowboy and cowboy-adjacent; saddle bags, gun cases, and other western tack make up most of his stock. What really caught my eye, though, was his selection of minimalist bifold card wallets.
Now, I'm a sucker for a good leather wallet, and while the ones on display were pretty simple in design, it was the sales pitch that really sold me. As I was looking through his stock, Ed took the time to show me how he selected his leather specifically for its character. He appreciated how the scars, scrapes, wrinkles, and other defects from the processing of the leather to the condition of the actual animal added beauty to each piece, rather than removed it, and was eager to share that philosophy.
Eternally current and always fashionable, blue jeans are among the most-worn articles of clothing on Earth, transcending time, trends, and social class. Their popularity is ubiquitous, so much so that legendary designer Yves Saint Laurent once declared: “I wish I had invented blue jeans. The most spectacular, practical, relaxed and nonchalant. They have expression, modesty, sex appeal, simplicity — everything I hope for in my clothes.”
Unfortunately for the planet, the production of this garment takes a huge environmental toll.
A single pair of cotton jeans consumes between 10,000 and 20,000 liters (2,600-5,300 gallons) of water along its supply chain. Add to that large doses of synthetic pesticides, fertilizers, dyes and other chemicals that pollute soils and waterbodies, impacting wildlife and people, plus major energy expenditures that generate high greenhouse gas emissions.
My party survived their first dungeon in Four Against Darkness solo dungeon-delving game.
I almost thought they were all gonna die on the second chamber where they faced a level 5 Minotaur (they are all level 1) and Sebastian miscast the sleep spell.
The City Watch Rejects guild is composed of Clara (warrior), Inah (cleric), Zix (rogue), and Sebastian (wizard) who are now licking their wounds and counting their loot.
A few thoughts on how LLMs might (and might not) disrupt Google.
Last year, I asked a more generalized version of this question in How to Beat Google Search. Funnily enough, I had written about the open-source GPT-3 model (GPT-J) only two days before and made zero connection to the two. But now, as LLMs are becoming more sophisticated, more people are using prompts to query specific knowledge.
Why can't Google do this? Much of the AI research that underpins LLMs originated at Google. They have no lack of talent or sophistication when it comes to this technology—a few reasons why Google might be disrupted by the AI it helped create.
In 1978, Arpad Elo, a physics professor, and chess master, introduced the Elo rating system as a way to measure the relative skill levels of chess players. Since then, the system has been adapted and applied to a wide range of competitive activities, from video games and sports to online dating and even voting in political elections. The Elo system is based on a simple idea: each player has a numerical rating that represents their skill level, and this rating is adjusted based on the outcome of their games. For example, if a higher-rated player beats a lower-rated player, their rating will go up, while the loser's rating will go down.
You’ll most likely have seen instances where the term “scientific consensus” has been misused or misunderstood. People for example often confuse it with appeals to popular opinion or think it is the result of discussions or determined by a vote or just finding a compromise. Because of this, opinion polls - even if predominated by unqualified individuals - are used to argue that no scientific consensus exists for a particular topic even if it clearly does.
It’s important to note that a scientific consensus is not proof for a scientific theory but that it’s the result of converging lines of evidence all pointing to the same conclusion. It is therefore not a part of the scientific method but is actually a consequence of it. When people argue against a scientific consensus, they are usually misunderstanding the term or are deliberately abusing the ambiguity of the term consensus. A scientific consensus is not infallible but nonetheless represents the best knowledge available on a given scientific topic at a given time. In addition, it provides the foundation for new knowledge by generating follow-up questions for scientists to explore.
Researchers at Tohoku University, the University of Messina, and the University of California, Santa Barbara (UCSB) have developed a scaled-up version of a probabilistic computer (p-computer) with stochastic spintronic devices that is suitable for hard computational problems like combinatorial optimization and machine learning.
Moore's law predicts that computers get faster every two years because of the evolution of semiconductor chips. Whilst this is what has historically happened, the continued evolution is starting to lag. The revolutions in machine learning and artificial intelligence means much higher computational ability is required. Quantum computing is one way of meeting these challenges, but significant hurdles to the practical realization of scalable quantum computers remain.
Today, humans build robots, but in the future, robots could be programmed to build more of themselves. Researchers at MIT’s Center for Bits and Atoms (CBA) have created robotic subunits called “voxels” that can self-assemble into a rudimentary robot, and then collect more voxels to assemble larger structures or even more robots.
The researchers, led by CBA Director Neil Gershenfeld, concede that we’re still years away from a true self-replicating robot, but the work with voxels is answering some vital questions that will help us get there. For one, the team has shown that it’s feasible to make the assembler bot and the structural components of whatever you’re building can be made of the same subunits — in this case, voxels.
A new computational approach will improve understanding of different states of carbon and guide the search for materials yet to be discovered.
While it's possible that someone out there enjoys folding clothes, it's probably not a beloved pastime. Accordingly, researchers at UC Berkeley's AUTOLAB have developed a new robotic method of folding garments at record speed (for a robot) called SpeedFolding.
Unless you have been living under a rock, you have heard of this new ChatGPT assistant made by OpenAI. You might be aware of its capabilities for solving IQ tests, tackling leetcode problems or to helping people write LateX. It is an amazing resource for people to retrieve all kinds of information and solve tedious tasks, like copy-writing!
Aside from some living tissues, few materials can autonomously learn to exhibit desired behaviors as a consequence of prolonged exposure to unanticipated ambient loading scenarios. Still fewer materials can continue to exhibit previously learned behaviors in the midst of changing conditions (e.g., rising levels of internal damage, varying fixturing scenarios, and fluctuating external loads) while also acquiring new behaviors best suited for the situation at hand. Here, we describe a class of architected materials, called mechanical neural networks (MNNs), that achieve such learning capabilities by tuning the stiffness of their constituent beams similar to how artificial neural networks (ANNs) tune their weights. An example lattice was fabricated to demonstrate its ability to learn multiple mechanical behaviors simultaneously, and a study was conducted to determine the effect of lattice size, packing configuration, algorithm type, behavior number, and linear-versus-nonlinear stiffness tunability on MNN learning as proposed. Thus, this work lays the foundation for artificial-intelligent (AI) materials that can learn behaviors and properties.
Proteins are an essential part of life. Not only do they function as the “building blocks” for living organisms, but they also perform nearly every cellular task, from waste management to tissue repair. It tracks, then, that pharmaceuticals often contain or “target” proteins in an attempt to change or eliminate symptoms or disease within the body. There’s just one little problem: The only proteins we can use to create drugs are the ones we know.
Optical fiber has long since replaced copper wiring in core information networks. But that’s not the case for free-space optical (FSO) communications using optical lasers to transmit data through the air. Despite FSO having the potential to provide orders of magnitude more data capacity compared with that of the traditional radio-frequency communications space missions currently rely on, the technology has been stuck on the launch pad because of atmospheric interference that can absorb and scatter the signals, as well as the strict acquisition and tracking requirements for communicating between ground stations and orbiting satellites.
But now researchers from the International Centre for Radio Astronomy Research, in Western Australia, have developed a coherent FSO link operating at 1,550 nanometers across a turbulent atmosphere between an optical ground terminal and a retroreflector mounted on an airborne drone. Their findings were published this October in Scientific Reports.
Researchers at the U.K.'s University of Lincoln (UoL) designed an end-over-end walking (E-Walker) robot for space construction projects. The E-Walker robot features seven degrees-of-freedom motion capabilities. UoL's Manu Nair and colleagues conducted an exercise in which they tested the E-Walker on the in-orbit assembly of a 25-meter (82-foot) Large Aperture Space Telescope. Nair said, "The proposed innovative E-Walker design proves to be versatile and an ideal candidate for future in-orbit missions. The E-Walker would be able to extend the life cycle of a mission by carrying out routine maintenance and servicing missions post assembly, in space.
A team of quantum engineers at UNSW Sydney has developed a method to reset a quantum computer – that is, to prepare a quantum bit in the ‘0’ state – with very high confidence, as needed for reliable quantum computations. The method is surprisingly simple: it is related to the old concept of ‘Maxwell’s demon’, an omniscient being that can separate a gas into hot and cold by watching the speed of the individual molecules.
“Here we used a much more modern ‘demon’ – a fast digital voltmeter – to watch the temperature of an electron drawn at random from a warm pool of electrons. In doing so, we made it much colder than the pool it came from, and this corresponds to a high certainty of it being in the ‘0’ computational state,” says Professor Andrea Morello of UNSW, who led the team.
A new approach sheds light on the behavior of turbulent structures that can affect the energy generated during fusion reactions, with implications for reactor design.
My collaborator, Tammy Shreiner, is running a workshop for social studies educators on teaching with Slow Reveal Graphs. The idea of slow reveal graphs is that visualizations are just too complex for students to pick out all the visual elements. Instead, a slow reveal graph is presented in stages, and at each stage, students are prompted to reflect (and discuss, or write about), “What do you notice now? What do you wonder about?”
Tammy has been building a bunch of slow reveal graphs that really fascinating. I’m particularly amazed at the ones that she and her colleague Bradford Dykes have been building.
Energy harvesting reaps energy that would otherwise go to waste—from sources ranging from solar rays to vibrations to ambient gradations in heat, ocean waves/tides, wind, and even the metabolisms of living organisms. These sources can be tuned to produce electricity that is safe, sustainable, and deployable in conditions not suited to the use of batteries.
Incorporating such energy harvesting into the Internet of Things (IoT) extends its reach to nearly any place on the globe—not just those that can access power lines or rechargeable batteries.
"Energy harvesting has the potential to expand the capabilities of the Internet of Things to heights previously unattainable without the technology," said ABI Research analyst Taylor Jensen, who is just putting the finishing touches on a study on energy harvesting for IoT applications.
Electronic computing and communications have come a very long way since the days of radio telegraphy and vacuum tubes, with consumer devices now containing levels of processing power and memory that would be unimaginable just a few decades ago.
But as computing and information processing devices get ever smaller and more powerful, they are running into some fundamental limits imposed by the laws of quantum physics. The future of the field may lie in photonics—the light-based parallel to electronics. Photonics is theoretically similar to electronics but substitutes photons for electrons, and photonic devices may be capable of processing data much faster than their electronic counterparts, including for quantum computers.
China is lifting its most severe Covid policies - including forcing people into quarantine camps - just a week after landmark protests against the strict controls.
People with Covid can now isolate at home rather than in state facilities if they have mild or no symptoms.
They also no longer need to show tests for most venues, and can travel more freely inside the country.
It’s bunk. Surgery that isn’t immediately life-threatening still can have a huge impact on quality of life. People also don’t (generally) get surgery for the sake of it, which deflates any idea of it being optional.
I’ve been lucky to only need two elective surgeries in my life thus far, once in my twenties, and another last year in my thirties. If you haven’t, you probably know someone who has. Frankly, I resent the idea that anyone in that situation is doing it for kicks; worse if it’s being used as evidence for why universal healthcare for the unwashed masses in places like the US would be a waste of money.
The post has the project launching on GitHub in 2023, which isn't that helpful. Still, it would be pretty cool to say I contributed to Foundation.
One of the arguments I've heard against supporting partial distrust of Certificate Authorities in places like Linux root certificate stores (which you currently can't really do) is that a bad CA can simply backdate TLS certificates to get around things like 'certificates issued from December 1st 2022 onward won't be trusted'. On the one hand, this is technically true (although these days either such a TLS certificate wouldn't be usable in the majority of web browsers or it would soon be detected through Certificate Transparency logs). On the other hand, there are a collection of reasons to think that it's a good thing that browser can do this sort of thing (and thus that more software should support it).
The original view of CA trust was that it was binary; either the CA was working perfectly fine and would in the future, or the CA was entirely bad and compromised, and should be distrusted immediately. While there have been some CA incidents like this, such as the DigiNotar compromise, in practice a significant number of the CA problems that have come up over the years have been less clear cut than this, such as the WoSign case (and the WoSign case was exceptionally bad in that WoSign actively issued bad TLS certificates). The recent case of TrustCor is illustrative; as far as was reported to Mozilla (and summarized by them), TrustCor never mis-issued any TLS certificates or committed any other clear violations of CA requirements. They were merely sketchy.
Unless you’ve been living under a rock the past few years, you’ve likely at least heard of Log4j. This is an Apache open source library that’s commonly used in just about everything Java-related online. Unfortunately, in late 2021 the logging package was discovered to be critically vulnerable to remote code execution attacks, meaning an attacker could exploit it to install malware (e.g., ransomware) onto vulnerable systems and inject larger networks.
Next-generation electronic devices could feature enhanced security systems built directly into their circuitry to help fend off malicious attacks. Protective “logic locks” — based on an advanced branch of electronics called spintronics — could be incorporated into the integrated circuits of electronic chips to defend chip security, KAUST researchers have shown.
“The need for hardware-based security features reflects the globalized nature of modern electronics manufacture,” explains Yehia Massoud from KAUST. Electronics companies usually employ large specialized, external foundries to produce their chips, which minimizes costs but introduces potential vulnerabilities to the supply chain. The circuit design could simply be illegally copied by an untrusted foundry for counterfeit chip production or could be maliciously modified by the incorporation of “hardware Trojans” into the circuitry that detrimentally affects its behavior in some way.
Returning readers will be almost painfully aware that here at nxdomain.no (also known as bsdly.net) we host and maintain a blocklist, which in turn is the product of traffic that hits our mail system with attempts at delivery to one or more of the now more than three hundred thousand known bad addresses, also featured at the blocklist home page.
Josh and Kurt talk to Jill Moné-Corallo about GitHub’s bug bounty and product security team. It’s a treat to discuss bug bounties with someone who is managing a very large bug bounty for one of the most important web sites in the world of software today.
After a weekend of protests, the authorities in China are using the country’s all-seeing surveillance apparatus to find those bold enough to defy them.
The robot police dystopia will have to wait. Last week the San Francisco Board of Supervisors voted to authorize the San Francisco Police Department to add lethal robots to its arsenal. The plan wasn't yet "robots with guns" (though some police bomb disposal robots fire shotgun shells already, and some are also used by the military as gun platforms) but to arm the bomb disposal robots with bombs, allowing them to drive up to suspects and detonate. Once the public got wind of this, the protests started, and after an 8–3 vote authorizing the robots last week, now the SF Board of Supervisors has unanimously voted to (at least temporarily) ban lethal robots.
Shortly after the initial news broke, a "No Killer Robots" campaign started with the involvement of the Electronic Frontier Foundation, the ACLU, and other civil rights groups. Forty-four community groups signed a letter in opposition to the policy, saying, "There is no basis to believe that robots toting explosives might be an exception to police overuse of deadly force. Using robots that are designed to disarm bombs to instead deliver them is a perfect example of this pattern of escalation, and of the militarization of the police force that concerns so many across the city.”
In April, 2022, Lumen Research Fellow Shreya Tewari reported discovering more than 30,000 fraudulent copyright infringement notices, dating as far back as June 2019, that appeared to be deliberate attempts to misuse the Digital Millennium Copyright Act’s (DMCA’s) notice-and-takedown procedure. In August, Shreya and I discovered an additional 33,000+ notices, some sent as recently as January 2021, strikingly similar to the initial set. The content at the allegedly infringing URLs in the new set is almost entirely related to Stanislav Kondrashov, a controversial Russian oligarch, and his alleged criminal activity. This steady stream of apparently fraudulent notices on just one “topic” is a powerful indicator that systematic misuse of the DMCA notice-and-takedown (N&TD) process is real and ongoing. However, questions such as, how long and how frequently fraudulent or otherwise problematic notices have been or will continue to be submitted, have yet to be answered.
Since June 2022, I have been assisting with research within the Lumen Database, searching for possible evidence of misuse of the DMCA process. Because I had the example notices that Ms.Tewari discovered, I had a basic understanding of how fraudulent notices might appear and what search methodology to use. My own searches within Lumen found 33,396 notices sent to Google over the course of almost two years by over 40 different notice senders, targeting more than 500 unique URLs.
Submitted to Lumen between June 2019 and January 2021, these new notices shed light on the abuse of copyright law as a tool for reputation management. They reveal how notice senders, likely acting on behalf of others, fake copyright claims to remove or censor legitimate journalism linking the notice sender’s clients to accusations of criminal activity, corruption, murder, drug trafficking, and the like. This particular set of notices, all revolving around Stanislov Kondrashov, is most probably one of many others just like it.
According to various news reports, Stanislav Kondrashov is a Russian businessman with a long history of alleged corruption, hostile corporate takeovers, tax evasion, and contract killings. Most of the articles which were cited as infringing in this notice set include material about Kondrashov’s alleged involvement in: the murder of Denis Voronenkov, laundering through the company Telf AG and VEC, funding of the Wagner mercenary group, and large-scale scams involving the resale of coal and refined oil products, among other details.
Most of the domain names targeted by the 33,396 notices appear to be online news forums. I individually analyzed a randomly selected representative pilot set of 400 DMCA notices within the larger notice set, originating from five different jurisdictions as marked by the notice sender: the USA, UK, Ukraine, Russia, and the Netherlands. Of the 400 randomly selected notices, all were related to Kondrashov’s criminal activity. Within that pilot group, the domains targeted for takedown include legitimate news sources in Ukraine, Russia, Luxembourg, and Norway, including Antikor News, Rus Republic, Vlasti Info, Fraza, Glavk.net, and The Russian Crimes, along with many more.
This is a quick summary about the newly published paper "A toolkit for understanding and addressing climate scepticism" by Matthew J. Hornsey and Stephan Lewandowsky. It leverages a thread tweeted by Stephan Lewandowsky shortly after publication as well as a mention in Doug Bostrom's and Marc Kodack's New Research Week #47
Despite record fossil fuel pollution in 2022, plummeting clean technology costs and backlashes to Russia’s war in Ukraine leave open a path to meeting Paris climate targets.
News coverage of this summer’s devastating flood in Pakistan has peaked, but the deluge left behind hasn’t subsided: Experts predict the floodwaters could take six months to fully recede.
The stunning collapse of FTX, one of the world’s leading crypto exchanges, has not only shaken the crypto world but called into question the future of blockchain and digital assets. In a year of repeated failures and crashes, the calls for increased regulation are getting louder. Ryan Clements is a law professor at the University of Calgary, where he holds the chair in Business Law and Regulation and specializes in the regulation of fintech, blockchain and crypto-assets. He’s written extensively on crypto regulatory issues, including an expert report on Canadian cryptocurrency governance for the Public Order Emergency Commission. He joins the Law Bytes podcast to provide some background into the growth of crypto, the collapses of Luna and FTX, and where Canada sits on the regulatory spectrum.
The ability to conveniently charge an EV away from home is a top concern for many EV owners. A 2022 survey of EV owners by Forbes indicates that 62 percent of respondents are so anxious about their EV range that travel plans have been affected. While “range anxiety” may be overblown, the need for an extensive and reliable external charging infrastructure is not.
Electric vehicles, often called EVs, are responsible for less global-warming pollution over their life cycle than gas-powered vehicles, despite the fact that battery manufacturing — for the moment — increases the climate impacts of EV production.
FBI Director Chris Wray is raising national security concerns about TikTok, warning Friday that control of the popular video sharing app is in the hands of a Chinese government “that doesn’t share our values.”
Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, “which allows them to manipulate content, and if they want to, to use it for influence operations.” He also asserted that China could use the app to collect data on its users that could be used for traditional espionage operations.
Ten years ago, Chicago teachers modeled what a militant fight for public education looks like by walking off the job. A decade later, the legacy of social justice unionism continues to animate the U.S. labor movement.
In light of the conditions that Europe is experiencing, in terms of high energy prices and the repercussions on the industrial sector, like the closure of factories and the high cost of production. In your opinion do European countries have the capacity and resources to prevent industrial investments from “escaping”? Especially since the US plans in general to restore industry to its lands, thus, it may represent an opportunity to lure European industries to move to there and take advantage of cheap energy prices. This shift will have wide repercussions on Europe’s productive capacities and competitiveness, as well as on its trade balance. So, what happens to the position of Europe in the global economic system? Will it remain part of the capitalist center or deviate from it?
Canadian Heritage Minister Pablo Rodriguez has touted Bill C-18, the Online News Act, as critical for Canada’s media sector, but government’s internal modelling suggests there will be limited benefits for most news outlets. Earlier this fall, the Parliamentary Budget Officer estimated that it would generate $329 million per year, with over 75% of that revenue going to broadcasters such as Bell, Rogers, and the CBC. At the time, I noted that meant that “newspapers will receive less than 25% of the funding or about $81 million to split among hundreds of news outlets.” It turns out that the government believes that vastly overstates the benefit as its own modelling estimates about $150 million in total revenues, less than the 50% of the PBO’s estimate. Assuming a similar apportionment of revenues between broadcasters and newspapers, that would place the benefit at just over $37 million for the entire newspaper sector. In fact, as the government has expanded the eligibility to hundreds of additional outlets, the benefits for each organization shrinks even further.
Last night we had a light snowfall, just enough to sugarcoat the
rooftops and everything not covered with concrete.
Today is already the 3rd Sunday of Advent, so only 7 workdays to go
before Christmas vacation. Work's been a bit too much lately with a
lot of problems to solve and many meetings to attend.
In which I share my thoughts and complaints on the new 0.5x version of Dwarf Fortress, with an extra addendum helping new players get started with the game.
Written on a 2015 Macbook Pro (running Linux), naturally while listening to the new Dwarf Fortress Soundtrack[1]. (IDK I've seen a lot of phlogs do this and I want to be cool and hip).
it all started when i wanted to find a cli based pgp utility that was simpler than gnupg. i've been using gnupg off and on for years and if you have tried it, you'd know too how terrible the user experience is.
I seem to be following my normal pattern of blogging for a bit, and then forgetting to update it for months at a time cos I don't think I have anything fun, interesting or blog worthy to report.
Anyways, living in the country has been OK. We got the insulation and double glazing finished up in early spring, and we had a few cold (0€°C overnight, top of 9€°C) days, and the diffrence was pretty astounding. The kitchen felt so warm we thought we'd left the oven on accidentally. We eventually got the fire managed so that we were maintaining ~20€°C on those colder days with it damped almost all the way down, which is a big diffrence from not being able to sustain more than about 18€°C with the fire on full blast previously!
## or, how to avoid debugging as much as possible by among other things writing yet another blog entry instead of working on the actual problem
Whist trying out some new terminal IRC client on the grounds that irssi is both long of tooth and short on security I noticed that the new IRC client had a feature to edit a message using the EDITOR environment variable. This is not very notable. That the CPU usage of that editor then went to 100% is somewhat notable. Normally the editor does not use 100% CPU so presumably the issue has to do with the environment that the editor, ex, is
I really like the interaction of the Forth REPL, and I've written many forths... But at the end of the day, all you have is a Forth, syntactically annoying, and you kind of need to reinvent the wheel every time you want to do anything. On the other end of the spectrum, Lisp is great, but binding to the C infrastructure is a challenge, and you wind up with 100MB of code.
So why not use the C compiler to generate code, but keep a Forth-like interactive environment in which compiled C functions and data live? Actually, not quite: when functions are edited, the new one supersedes the old one, and all callers are automatically updated. And yes, the source for every compiled function is there, to be looked at or edited.
Today I'm announcing GNUnet++. An experimentable yet sensable C++ wrapper for GNUnet services. You can find my introduction to GNUnet in my older articles [1][2]. TL;DR GNUnet is GNU's version of IPFS and libp2p. It has some pros and cons over `libp2p`. Like built-in trafic covering, firewall bypass, etc.. But has (much) lower adoption rate and stablity. In any case, it's a fun project and I see potential in it. The pure C API is a pain point I can help fix - with GNUnet++.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.