Busy man, internal mail spam-canned?
Summary: Sirius managers keep saying they’re too busy to reply to E-mail from staff; so what are they doing all day? If they don’t even respond to staff, then it’s not clear if they’re busy at all, they could just as well pretend to be “busy” by not doing anything at all, then use that as excuse or “evidence” of the busy-ness.
My wife Rianne never appreciated these insulting analogies (calling NOC staff “monkeys” and treating them accordingly)
5 Little Monkeys Swinging In The Tree
Summary: As per Rianne’s departure message about Sirius ‘Open Source’ (tuxmachines.org post), the abuse endured since 2019 did a lot of damage and false accusations were the last straw; the role was created by people who called folks who would occupy it “monkeys”; that’s how some would view the staff
THE staff will always remember what happened. The staff does not forget bullying. Witch-hunts are also impossible to forget. While Rianne strongly suspects that Matthew Garrett ‘doxxed’ her to her employer as part of his efforts to silence me, the more plausible explanation is that Sirius management was looking for excuses to quell technical dissent and moral defense. I’ve been arguing against many of the company’s decisions for a long time (internally).
“Adding insult to injury, in Rianne’s case her love of animals and regular donations to animal charities were sort of weaponised…”I wasn’t alone though; other staff also felt unhappy and some found the courage to speak about it, not just to peers but also to management. We’ve already shown a bunch letters after videos on grievances and there might be a letter-ripping video after explaining and showing the chain of events.
Adding insult to injury, in Rianne’s case her love of animals and regular donations to animal charities were sort of weaponised, hence the image below:
The company relied on truly ‘flimsy’ ‘evidence’. The management said, without any evidence, that I had uttered something “defamatory”; it took two weeks to actually show something and what they then showed was some side IRC channel (that nobody reads) stating perfectly factual information about my experiences, without naming people or the company. It was a chat between just two people and didn’t reveal anybody’s identity. It was factual and necessary; it was moral to object to bad ideas. Blind obedience and unquestionable docility should not be seen as a merit.
“It was factual and necessary; it was moral to object to bad ideas.”Based on a two-person chat, however, the company started breaching protocols and making up processes, as we shall show at a later date. The procedures set forth were disregarded and extreme measures taken for no good reason, so we resigned. It was done with immediate effect, as per the law; and “you are unlikely, in most circumstances, to need to continue the process,” say the rules. So we’re free to speak about what happened. We shall soon talk about labour union aspects as well. It’s something I’ve spoken about with friends for almost 4 years already.
In a company where some technical workers are compared to “monkeys” and there are about as many “managers” as non-managers, something has truly gone wrong. We had a moral duty or felt an urgent need to explain what had gone wrong. We now have a wiki that maintains several sections, including: memes, videos, report, key facts in a nutshell…
“As we’ve said before, the company stands no chance of surviving.”We’ve published about 45 videos with good titles (explaining in short the issues at hand), cases of clients (without naming them), openwashing, clown-washing etc.
As a reminder, we talk about a company that despite opposition from its own technical staff basically outsourced almost everything (Sirius also used to host for clients, on its very own premises). It used to self-host even the VoIP and file storage, but now, with no actual office, Sirius is just some account in another company’s server.
“Then, in Freenode, there was already an outlet for staff to discuss issues.”As we’ve said before, the company stands no chance of surviving. It’s deep in debt and it doesn’t know what it’s doing. Even its own clients began accusing it of “incompetence” (direct quote). When I joined the company in 2011 the staff had extensive media contacts in the wiki (for outreach, promotion, advocacy). It deteriorated over time as management was dismissing people without informing staff what actually happened (not safe to rely on hearsay and misinformation). Then, in Freenode, there was already an outlet for staff to discuss issues. Tackling a tradition of secrecy (dishonest management, but not quiet management), the IRC channel about the company insisted that “management wasn’t always right”, hence the need for a space in which bosses could be scrutinised. Now we do this in Techrights. The “monkeys” speak out. █
Moments ago:
Summary: It has become more than “abundantly clear” that Matthew Garrett is a de facto Microsoft mole inside Linux. Sad that not everyone can see this yet. He said he would be leaving the kernel alone (after he had attacked Linus Torvalds in vain, repeatedly, having done the same to Richard Stallman using false pretexts), but of course he lied. He would come back only to push more of Microsoft’s attacks into Linux. Just see the comments here; they do a better job than Michael Larabel (AMD shill), explaining why Pluton is a disaster and merely a rename of a truly sinister agenda.
Welcome to this week’s edition of FOSS Weekly! This post includes updates from lots of open source projects, Linux hardware maker System76, KDE, and more. We also have some interesting releases this week.
A bare metal server is defined as an advanced physical server designed to deliver a set of services dedicated to a single customer. This article explains the fundamentals of a bare metal server, how it works, and its importance in today’s digital world.
A Quick Overview of Linux Mint 21.1 “Vera”
Coming up in this episode
Helping one helps the other
A little off the beaten path
The history of GeckoLinux
And our experience
What will we think of next?
I have been asked a few times by viewers of the channel: “Why do you make so many videos about Vim, Emacs, Xmonad and other nerdy software?” Well, I have my reasons why I like to urge people to try out these kinds of extremely customizable and extensible programs.
I’ve had my Steam Deck for nearly a year at this point and there’s a small–but incredibly vocal–minority of folks who already want new Steam Deck hardware. The question is why? Let’s dig into this and see if their concerns are justified.
No, do NOT modify the system. This guide shows you how to retain the system while adding package management and the things you need to make the steamdeck your desktop!
Chris’ sticky upgrade situation, and we chat with the developer behind an impressive mesh VPN with new tricks.
**ktnef** , **ktorrent** , **ktouch** , **kturtle** , **kubrick** from the Slackware **kde** package set.
In this video, I am going to show an overview of Linux Mint 21.1 “Vera” Xfce and some of the applications pre-installed.
6 Python one liners. Generally these tips & tricks are various ways of using sets, iterable unpacking and itertools to do some powerful things in Python
In this video, we are looking at how to install Intellij Ultimate on KDE Neon.
XDG desktop portals are so incredibly useful and have been a massive boon for Flatpaks but not only flatpaks they’ve also been incredibly useful for improving Wayland as well.
A big thanks to Lu for putting this together!
The next Linux kernel cycle we could see upstream disable their driver support for Microsoft’s Remote Network Driver Interface Specification (RNDIS) protocol due to security concerns.
RNDIS is the proprietary protocol used atop USB for virtual Ethernet functionality but its support outside of Microsoft Windows has been mixed. It is not y used in cross-platform environments and due to security concerns the upstream Linux kernel is looking to move the RNDIS kernel drivers behind the “BROKEN” Kconfig option so they effectively become disabled in future kernel builds.
Ultimately once marked as “BROKEN” for a while, the drivers will likely be eventually removed from the upstream source tree.
The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
any system that uses it with untrusted hosts or devices. Because the
protocol is impossible to make secure, just disable all rndis drivers to
prevent anyone from using them again.Windows only needed this for XP and newer systems, Windows systems older
than that can use the normal USB class protocols instead, which do not
have these problems.Android has had this disabled for many years so there should not be any
real systems that still need this.
We haven’t posted updates to the work done on the V3DV driver since we announced the driver becoming Vulkan 1.2 Conformant
But after reaching that milestone, we’ve been very busy working on more improvements, so let’s summarize the work done since then.
This month’s status update will be lighter than usual: I’ve been on leave for a while at the end of December. To make up for this, I have some big news: we’ve released Sway 1.8! This brings a whole lot of improvements from wlroots 0.16, as well as some nice smaller additions to Sway itself. We’re still working on fixing up a few regressions, so I’ll probably release wlroots 0.16.2 soon-ish.
Together with Sebastian Wick we’ve plumbed support for more data blocks to libdisplay-info. We now support everything in the base EDID block! We’re filling the gaps in our CTA-861 implementation, and we’re getting ready to release version 0.1.0. As expected EDID blobs continue to have many fields packed in creative ways, duplicating information and contradicting each other, ill-defined in many specifications and vendor-specific formats.
I’ve continued working on the goguma Android IRC client. I’ve wired up automatic bug reporting via GlitchTip – this helps a lot because grabbing logs from Android is much more complicated than it needs to be. Thanks to the bug dashboard I’ve fixed numerous crashes. I’ve also sent upstream a fix for unreliable notifications when UnifiedPush is used.
Managing and coordinating multiple Linux machines can be hard. But not if you have got these automation and orchestration tools installed.
Whether you have a few PCs or a large IT infrastructure, orchestration and automation tools can help you bring in a lot of efficiencies and enable you to simplify the management of complex tasks and workflows.
The main orchestration and configuration software can handle all sorts of repetitive workloads such as OS and application installation, removal, updates, etc. Here are some of the most common orchestration and automation tools for Linux.
Learn your Linux machine’s maximum limits by stress testing your CPU with Stress-Terminal UI.
Everyone is familiar with the experience of buying highly specced hardware, only to get it home and realize that it wasn’t quite what you thought it was.
Discover the true potential of your CPU by putting it through stress tests in your Linux terminal with Stress-Terminal UI.
Nyxt is a lightweight modern web browser that focuses on functionality, usability and extensibility. It borrows concepts from both Emacs and Vim to provide a way to navigate the web with only your keyboard.
This article aims to guide you through the process of installing the Nyxt browser on Ubuntu. Further, this article also aims to show you how you can configure Nyxt to fit to your own personal workflow.
Are you seeking to modify the metadata of multimedia files? Look no further than music tag editor software! This unique range of software is essential for storing song information, including artist names, titles, and lyrics. As an added bonus, you can easily embed images into your audio file. Fortunately, several compatible options are available on Linux – many being open source and completely free to download! Investing in music tag editor software will make organizing your digital library easy-breezy.
ID3 is the leading audio tag format, offering two versions – ID3v1 and ID3v2. Besides those, there are additional tags like FLAC, OGG, AIFF, Mp3/Mp4/MWA/WAV, and more. The main purpose of an audio tag editor tool is to arrange files seamlessly so they can operate smoothly when needed.
Tutorial showing the basics of zip terminal command in Linux, with explanations of various examples.
The `sort` command in Linux is part of the GNU Coreutils package. This command is used to sort lines of text in a specified file or from the standard input in an ascending/descending order. The sorted output can be written to a file or displayed on the standard output. The `sort` command is a simple and powerful tool that can be used in various scenarios, from sorting data in a file for further analysis to preparing data for a report.
In this tutorial, you will learn how to check Docker container RAM and CPU usage.
I’m all about using the right tool for the right job. With my go-to Linux distribution, I mostly use apt for package installation. However, since some of the applications I use aren’t found in various apt repositories, that package manager does not get the sole responsibility for installing, updating and removing applications from the systems I work with.
You may receive the Error updating runtime response in Flatpak when trying to update one or all of your installed Flatpak applications. There is usually a trivial fix for this error, as Flatpak includes serveral ways to help users troubleshoot the root cause and apply a fix. In this tutorial, we will take you through the step by step instructions to resolve the Error updating runtime error message in Flatpak on a Linux system.
The Error installing application response in Flatpak is a generic error message that may occur whenever Flatpak runs into some trouble with installing an application. The most common cause for this type of error is something simple like specifying an application that does not exist, or is not available in any of your configured remote repositories. But this error could also be indicative of more serious problems with Flatpak.
In this tutorial, we will explore several causes of this error and show some troubleshooting steps that you can take to get your Flatpak tool working correctly again, and hopefully get your intended application to finally install. Follow along with the step by step instructions below on your Linux system to get Flatpak working again as intended.
The Permission denied error message in Flatpak may occur whenever Flatpak runs into some trouble either with installing or updating an application. This error usually indicates that the current user does not have the correct permissions to install or update an application, and can usually be fixed with sudo command or the –user option. In this tutorial, we will explore several causes of the Permission denied error in Flatpak, and help you resolve it on your Linux system to get Flatpak working as intended once more.
Today we are looking at how to install Synthesizer V Studio on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
In this tutorial, we will show you how to install Kernel Headers on Ubuntu. For those of you who didn’t know, Kernel headers are files that provide the necessary information for building kernel modules, which are programs that can be loaded into the kernel at runtime to extend its functionality. These headers contain information about the internal data structures and function calls used by the kernel, and they are required for building out-of-tree kernel modules, which are modules that are not included in the official kernel source code.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Kernel Headers on Ubuntu Linux. You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
There may be a case where you need to use Flatpak offline, such as in a secure environment that has computers which are restricted from accessing remote Flatpak repositories such as FlatHub. In such a case, it is possible to create your own offline Flatpak repo, load it with the software you choose, and then allow other computers to download software from it. In this tutorial, you will learn how to create an offline Flatpak repository that you can install Flatpak applications from on a Linux system.
There are a few reasons for Flatpak’s popularity, but one of its most alluring features is how it utilizes application sandboxing to enhance the security of the host Linux system. Flatpak isolates all applications into their own sandbox environment, so they only have limited access to the host system’s resources and files. This enhances security by ensuring that malicious or vulnerable applications have limited opportunities to compromise any part of the host system.
In this tutorial, we will discuss this component of Flatpak in detail, to help users understand how application sandboxing enhances the security of your Linux system. Distribution independent package managers like Flatpak are commonly touted as the future of Linux package management, and their ability to sandbox applications is one feature that is gaining them a lot of widespread support.
One of Flatpak’s best features is its ability to run each installed application in a sandboxed environment, which isolates it from the host system and other apps or services. Flatpak also extends granular sandbox controls to the end user, allowing them to delegate access to apps as they see fit. For example, it is possible to tell Flatpak to allow a certain app to have access to your file system.
System administrators can decide which Flatpak applications have network access, file system access, hardware resource access, etc. This is faciliated with default Flatpak commands, or more easily with a GUI application like Flatseal. In this tutorial, you will learn about Flatpak security and permissions and how to modify them on your Linux system.
While the sudo and su commands are both ubiquitous in Linux, for neophytes, it can be unclear when to opt for one rather than the other due to their syntactical similarities as well as overlapping functions. To simplify things, sudo and su are two distinct commands that can be used to switch user contexts within a Linux environment.
[...]
The sudo command is designed to provide temporary privileged access or superuser status to users who are not logged in as root. This is done by temporarily changing the user context to that of the root user. With sudo, users are restricted to executing specific commands for which they have been given access rights.
On the other hand, su stands for ‘substitute user’ and will allow any logged-in user to switch their current session’s privileges to that of another user. Unlike the sudo command, su does not require any verification or authentication to switch users.
Getting a Steam Deck is one thing. Using it to the fullest potential? That needs an entire guide. From the basics to the things, you’d never think about.
MySQL is one of the ancient and most reliable open-source RDBMS( relational database management systems) trusted by many users daily. If you are wondering, RDBMS is a service or, say, the software utilized in creating and managing databases based on a relational model. By saying open-source, we mean this software can be downloaded, used, and modified by anyone. It is, therefore, free to use and easy to understand.
Kodi media center finally announced the new major 20.0 release! Here are the new features and how to install guide for Ubuntu/Linux Mint based systems.
Kodi 20, code-name ‘Nexus’, is a big release with 4,600 commits since the last v19. It features AV1 media decoding support for several platforms. As well, it allows add-ons using inputsream.adaptive to play AV1 streams.
I use VirtualBox every day for the deployment of virtual machines. One feature I regularly use is Shared Folders, which makes it easy to share files and folders between guest and host. By doing this, I can create specific files and folders on my host and then share them with any virtual machine I create. I can do this without having to copy/paste, drag and drop, or send via email.
This article explains how to list all serial ports on a Linux system. Typically a filename in the format of /dev/ttyS0, /dev/ttyUSB0 or /dev/ttyACM0.
Zen Cart is a free, open-source e-commerce application with wide community support. It is written in PHP and requires a MySQL database.
In this tutorial, we will show you how to install Apache Spark on Rocky Linux 9. For those of you who didn’t know, Apache Spark is a free and open-source cluster-computing framework used for analytics, machine learning, and graph processing on large volumes of data. One of the key features of Spark is its in-memory data processing capabilities. It uses a data structure called a Resilient Distributed Dataset (RDD) that allows it to store data in memory and perform operations on it quickly. Spark also supports SQL-like query languages, such as SQL and DataFrame API, which makes it easy for developers to perform complex data operations.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Apache Spark on Rocky Linux. 9.
If you use Thunderbird on Windows, Mac OS, or Linux, and want to use it on your Chromebook, this guide is for you. Follow along as we go over how to install and set up the Thunderbird email app on Chromebook.
Godot 4.0 is coming out soon. It includes major improvements all across the board in features, performance, and usability. Still, one of the biggest questions the community has is: How does it compare with mainstream commercial offerings?
PikaOS is a brand new Ubuntu-based Linux distribution aimed at gamers, offering a vanilla GNOME experience with some exciting features.
One thing is sure about the Linux world: infinite distributions are available. Every user can find a distribution that matches their tastes, beliefs, and understanding, whether a complete beginner or a seasoned Linux wizard.
Every year, new ones arise on the Linux horizon. Some stand the test of time, while others fade away after failing to attract the minimum but a mandatory mass of users and developers to ensure their existence.
Today we’ll look at a brand new distribution that’s making its way into the Linux world. Please, meet PikaOS.
The whole purpose of machine automation is to eliminate human needs and errors. A CNC machine doesn’t get tired, doesn’t need breaks, and performs a task exactly the same way every time. But what if that weren’t true? What if machines experienced human emotions and let it affect their work like we do? That’s the idea behind Devlin Macpherson’s Nervous Drawing Machine.
By all outward appearances, this is just a standard two-axis pen plotter. Like many laser cutters and 3D printers, it has a stepper motors controlled by an Arduino board that follows g-code commands. A command might be something like “move the X axis 2mm to the right.” By chaining hundreds or thousands of those commands together, the machine can follow complex toolpaths that form letters, symbols, pictures, or anything else. Macpherson equipped the pen plotter with a continuously fed roll of paper so it can draw indefinitely.
In order to build wearables that react to movement, most people tend to reach for accelerometers, gyroscopes, and flex sensors. But due to their higher cost, one of teacher Gord Payne’s students wanted to create a low-cost alternative that could be easily sourced and integrated into projects.
A typical glove with finger movement tracking normally incorporates flexible strips, which vary in resistance based on the extent of their deviation from the starting angle. By reading this value with an Arduino board’s analog-to-digital converter (ADC) and mapping the resistance with a formula, the total angle can be found with decent accuracy. The student’s idea, however, substituted this special material for a flexible tube that has an LED on one end and a light-dependent resistor (LDR) on the other. When kept at the starting position, all of the light from the LED is able to hit the LDR, and any bends introduced from bending the tube cause less light to reach the other side.
A new stable release of Mozilla Firefox is available to download.
Firefox 109 is the first release of the browser this year but, as we’ve come to expect, the changes offered up are relatively minor overall — but that’s not a bad thing!
The biggest new feature is the new Unified Extensions button in the toolbar. This button streamlines the toolbar area when multiple extensions are installed, plus surfaces extensions that run in the background (which you may forget are installed) so you can see if they affect the current page, plus manage, pin, report, or remove it.
Site Specific Hacks are pieces of WebKit code (called Quirks internally) to change the behavior of the browser in order to repair for the user a broken behavior from a website.
On episode forty-seven of the WordPress Briefing podcast, Executive Director Josepha Haden Chomphosy shares her vision and current thinking for the WordPress open source project in 2023. Rather read it? The full letter is also available.
Last month at State of the Word, I shared some opening thoughts about “Why WordPress.” For me, this is an easy question, and the hardest part is knowing which lens to answer through. The reasons that a solopreneur will choose WordPress are different than the reasons a corporation would. And while artists and activists may have a similar vision for the world, their motivations change their reasons, too. That’s why I always focus on the philosophical parts of the answer because I know that I am speaking as an advocate for many types of WordPressers. I have a few other reasons, too, which you may not be aware of as you use our software every day.
As posted yesterday, I’m a glutton for punishment sometimes
The 2022 State of JavaScript survey of nearly 40,000 developers has identified the most popular, emerging and waning technologies used by JavaScript developers.
The annual JavaScript survey, whose sponsors include Google, highlights new frontend frameworks, such as Solid and Qwik, that are challenging stalwarts like React. It also looks at rendering frameworks, testing tools, mobile and desktop development, and various build tools.
The survey assesses each technology based on their retention ratio and user count. High usage/high retention technologies (a measure of satisfaction based on whether a person would continue to use it or avoid it) are safe to adopt, low usage/low retention are considered ‘harder to recommend’, and high usage/low retention are worth reassessing if used.
The tech world is busy building “AI apps” with wild claims of solving all problems. Meanwhile it’s still basically an unsolved problem to get images and text to line up nicely when making presentation slides.
I’m giving a couple of talks at FOSDEM in February so i’ve been preparing slides. I previously used Reveal.js, which has some nice layout options (like r-stretch and r-fit-text), but pretty basic Markdown support such that I ended up writing the slides in raw HTML.
A colleague turned me onto Remark.js, a simpler tool with better Markdown support and a CLI tool (Backslide), but its layout support is less developed than Reveal.js so I ended frustrated at the work necessary to lay things out neatly.
The GCC development branch which will become GCC 13 is now in regression and documentation fixing mode (Stage 4) until we reach zero P1 regressions and branch for the release.
Brian Duggan wrote a nice blog post about their use of the Raku Programming Language in their solution of 2022 Advent Of Code problems (/r/rakulang comments).
As many of you know, I work at UNAM, Mexico’s largest university. My work is split in two parts: My “full-time” job is to be the systems and network administrator at the Economics Research Institute, and I do some hours of teaching at the Engineering Faculty.
At the Institute, my role is academic — but although I have tried to frame my works in a way amenable to analysis grounded on the Social Sciences (Construcción Colaborativa del Conocimiento, Hecho con Creative Commons, Mecanismos de privacidad y anonimato), so far, I have not taken part of academic collaboration with my coworkers — Economics is a field very far from my interests, to somehow illustrate it. I was very happy when I was invited to be a part of a Seminar on «The Digital Economy in the age of Artificial Intelligence». I talked with the coordinator, and we agreed we have many Economic Science experts — but understanding what does Artificial Intelligence mean eludes then, so I will be writing one of the introductory chapters to this analysis.
In the 1990s, SGI was the go-to vendor for high-end 3D graphics computers, especially for use in scientific visualization, game development, and the burgeoning field of CGI for movies and television.
We would like to share some exciting news about the Servo project. This year, thanks to new external funding, a team of developers will be actively working on Servo. The first task is to reactivate the project and the community around it, so we can attract new collaborators and sponsors for the project.
The focus for 2023 is to improve the situation of the layout system in Servo, with the initial goal of getting basic CSS2 layout working. Given the renewed activity in the project, we will keep you posted with more updates throughout the year. Stay tuned!
For better or worse, we still need passwords, and to protect and organize them, I recommend the open source Bitwarden password manager.
LastPass is perhaps the world’s most popular password manager. It’s also arguably the most broken password manager. There’s a better, safer open source alternative.
But before I dive into Bitwarden, let’s talk a little bit about why LastPass is problematic. Late last year, LastPass CEO Karim Toubba revealed that an August security incident had been much worse than they’d first admitted. Instead of simply losing internal source code and developer documents – bad enough – they’d also lost customer account information and vault data.
Security updates have been issued by Debian (chromium, lava, libapreq2, net-snmp, node-minimatch, and openvswitch), Fedora (jpegoptim, kernel, kernel-headers, kernel-tools, and python2.7), Mageia (ctags, ffmpeg, minetest, python-gitpython, w3m, and xrdp), Oracle (kernel), Red Hat (dpdk and libxml2), Slackware (netatalk), SUSE (apptainer, chromium, libheimdal, python-wheel, python310-setuptools, and SDL2), and Ubuntu (linux-aws, linux-gcp-4.15, maven, and net-snmp).
Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies.
Static Application Security Testing (SAST), or static analysis, is a testing method that analyses your source code to find, track and fix security issues that make your application vulnerable before they become a real problem. It is a low cost way to dramatically increase the quality and security of your application, without needing to compile or run it.
I spent last weekend ranting about the flaws in multiple new web speedtests from cloudflare, speedtest, netflix and others. It’s not fair, scientifically, to not whinge about the flaws (and “features”) in my own network tests. Still, Flent has been the test tool of choice for the core researchers in the bufferbloat effort for 12 years, it’s widely available, and I wish more BOFHs, vendors, CTOs, SREs and sysadmins used it, intelligently, to analyze their devices and networks, and shared new tests of their own to help spot incorrect network behaviors. I’m going to describe multiple features and multiple flaws in using flent for this in this post in detail, but first, a plug!
Ready-to-go phishing kits make it quick and easy for novice criminals to deploy new phishing sites and receive stolen credentials.
Phishing kits are typically ZIP files containing web pages, PHP scripts and images that convincingly impersonate genuine websites. Coupled with simple configuration files that make it easy to choose where stolen credentials are sent, criminals can upload and install a phishing site with relatively little technical knowledge. In most cases, the credentials stolen by these phishing sites are automatically emailed directly to the criminals who deploy the kits.
However, the criminals who originally authored these kits often include extra code that surreptitiously emails a copy of the stolen credentials to them. This allows a kit’s author to receive huge amounts of stolen credentials while other criminals are effectively deploying the kit on their behalf. This undesirable functionality is often hidden by obfuscating the kit’s source code, or by cleverly disguising the nefarious code to look benign. Some kits even hide code inside image files, where it is very unlikely to be noticed by any of the criminals who deploy the kits.
Netcraft has analysed thousands of phishing kits in detail and identified the most common techniques phishing kit authors use to ensure that they also receive a copy of any stolen credentials via email.
A confidential source sent the online news organization, The Intercept, a series of internal documents and communications providing details on what appear to be plans to develop and launch an Iranian mobile network, including subscriber management operations and services, and integration with a legal intercept solution. Some of this communication included representatives of the Communications Regulatory Authority of Iran (CRA). In October 2022, The Intercept shared this material with Citizen Lab researchers for analysis. The following report provides a summary of our analysis of this material and discusses its wider implications.
Just when we thought that no new set of stakeholders could be further negatively impacted by the IT Rules, 2021, the government released the proposed amendments to the IT Rules, 2021 in relation to Online gaming. Not only will these proposed amendments significantly increase compliance burden for a diverse range of gaming entities, it also, once again, attempts to expand the scope of the IT Act, 2000, which does not regulate online gaming. After publishing an initial analysis and conducting a members’ briefing call, we have sent our detailed comments to MeitY on the proposed amendments. We list our range of concerns, several of which were incorporated after speaking to stakeholders who will be directly impacted by them, such as online game developers, and online gamers.
Federal Trade Commission chair Lina Khan is ringing in the new year with another step in her effort to reinterpret or reapply the agency’s rules to stop what she sees as systemic anti-labor and anti-competitive actions. This time, she’s going after noncompete clauses, framing them as anti-competitive and therefore under the agency’s purview.
The FTC announced on Thursday that it proposed a rule that would ban the practice of forcing workers to sign noncompete clauses, which forbid employees from working for their employer’s competitors for a certain amount of time after they leave.
“The freedom to change jobs is core to economic liberty and to a competitive, thriving economy,” Khan said in a statement. “Noncompetes block workers from freely switching jobs, depriving them of higher wages and better working conditions, and depriving businesses of a talent pool that they need to build and expand. By ending this practice, the FTC’s proposed rule would promote greater dynamism, innovation, and healthy competition.”
Members of the Industry Patent Quality Charter had criticised the office for failing to engage with their concerns over patent quality
The EPO has agreed to meet with a group of in-house counsel at major corporations to discuss concerns over the quality of patents granted by the office, Managing IP can confirm.
An EPO spokesperson said yesterday, January 10, that the office would meet with members of the Industry Patent Quality Charter (IPQC) to discuss specific examples of where quality did not meet their expectations.
Counsel at companies including Bayer, Siemens, Nokia, Ericsson, and Volvo set up the group last year and pledged to focus on quality over quantity in their own patent filings.
The Center’s post about the Public Domain Day 2023 lists some of the riches that (belatedly) will enter the public domain in the US – notably the Sherlock Holmes stories. It reminds us that these were due to become freely available in 2003, but then copyright was extended and they were locked up even longer. Those 20 years represent lost opportunities for contemporary artists to build on the great works that are now available – for no real reason other than the fact that the copyright industry always wants copyright lengthened and strengthened.
Those 20 years were also a time when unique surviving examples of works – for example, silent films stored on fragile media – could be lost forever. The law often forbids people from making backup copies of this material without permission, underlining that copyright law is the very antithesis of something that preserves culture, as is frequently claimed.
Tried working DX SSB again on 20-meter from Fire Station 42, during the lunck break (21:00-22:00 UTC). Could hear much though in the phone frequencies. Heard a digital signal down at 14.084.50 at around 21:17 UTC. I picked up a phone coversation also on 14.277 MHz at around 21:46 UTC. There was one strong station and some weaker stations, but I was not able to catch a callsign. I heard a few english words such as “propagation” but mostly it was a foreign language conversation. It sounded like french — one of those French pacific islands, perhaps?
I came in to this with no idea what I was in for. What quickly became apparent was just how good the band was. All the musicians involved can play – the organ playing in “Devil’s Eyes” stands out, and there’s some great guitar later on. For me it’s too heavy on the improvisation which is great to watch live, but set down on record it didn’t catch my interest.
The orchestration, the blues rock, the relentlessly sleazy lyrics – none of interested me. So when album closer “Make It Right” came around with its orchestra-backed-ode-to-S&M, I was ready to escape L.A.
Out of loneliness, I tried to get involved in mainstream blogging platforms. I first went to Medium, which attracted me for its so-called “minimalism”. I got quickly lost in an ocean of content that felt very impersonal. The superlative is the rule there (“10 awesome tools to be a better person, etc.”).
Last night I was searching for something on Google related to a post on someone else’s gemlog. On accident autocorrect on my phone filled “gemini” into my full url, to which i clicked search as I was not paying enough attention. The first results found was my site (which is cross host in HTTP) pointing to the gemlog post I was researching. As the gmi to html proxies can work as a full on proxy, apparently Google had scrapped my page enough to index my response and the subsequent links it contained.
The part that was messed up is that the other person’s post shows up under my domain.
It’s the beginning of a new year and I’ve dusted off an old smartwatch to help me with my new year’s goal of exercising and staying active more. I started to feel a bit guilty, relying on Samsung and Google’s proprietary systems to help me track things like heart-rate, time spent exercising, etc.
We all know the dangers of this kind of data. We’ve seen how it can be used to manipulate and market to us. I used to live in Dundee in Scotland, a hub for gaming app development, and I remember meeting people who had PhDs in data science, but whose job was now optimising feedback mechanisms in mobile games to maximise playtime, etc.
Some time around 1993 I retraced the creation and transformation of the Higher Order Calculator program presented in “The UNIX Programming Environment” by Brian W. Kernighan and Rob Pike. I did explore a number of additional features back then, I did use it daily for quite some time. Eventually I replaced it with emacs/calc. However, these days I was playing with redo and I remembered that using bison/yacc to generate C code from a description of the grammar actually produces two files, y.tab.h and y.tab.c in one call — a challenge for any build system. But 30 years later, addresses on my machine are 64 bit wide, and gcc has grown rather picky about acceptable code. So I set out to bring this piece of code to newer times.
I sent a version of this gemlog to ~jsreed5 as an email, but I figured it’d work as a gemlog as well, with some additional thoughts.
[...]
As I stated above, my life this past weekend wasn’t radically different, but it was different. Instead of putting the kids down and immediately sitting on the couch with my spuse, I picked up a book and read on the couch. I ended up finishing Isaac Asimov’s _Foundation_ (the first one), and immediately wanted to go out and get the second one, but it was too late, so I picked up my Kindle and continued reading the Furyck Saga. I also ended up writing in my hardcopy journal, something I haven’t done since July…July! As is always the case when I haven’t written in there, I feel a bit slow and clunky, but the juices started flowing again, and not surprisingly, I write about Gemini, and screen time.
* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.
Earlier today (100% of the stories):
Summary: As was pointed out in IRC for a very long time, linuxsecurity.com, which is owned and controlled by a company that profits from insecurity, keeps relaying Linux-hostile stories (that aren’t even true!); this site jumped the shark a long time ago and today it is shilling Microsoft’s proprietary junk, not just relaying Linux FUD for Microsoft. These things usually get worse before they get any better.
9
This week was quite busy with lots of great announcements, starting with the ability of Linux kernel 6.1 on Ubuntu and the new wallpaper competition for the upcoming Lunar Lobster release, the end of life of the Linux 6.0 kernel series, and a new flavor of the upcoming Unity 7.7 desktop environment with Wayland support.On top of that, System76 teased us with a beefed-up Pangolin Linux laptop, Canonical released more kernel security updates for all supported Ubuntu releases, and MX Linux 21 users finally received the Xfce 4.18 desktop environment. Below, you can enjoy these and much more in 9to5Linux’s Linux weekly roundup for January 15th, 2023.
Since the system is now very mature, the changes and innovations are more likely to be found under the hood, between the release of Kodi 19 in February 2021 the community has nearly 4,000 commits submitted to the developers. On Wiki for newcomers can be found here. alternatives? There are sure to be some. Including Plex or Jellyfin. And if you’re on the go with the Apple TV, you can also take a look at Infuse.
It’s Time! We are pleased to present the latest release of Kodi, v20 “Nexus”.
With over 4,600 commits since v19 “Matrix” was released on February 19th, 2021, this has been a huge effort. Thanks go out to our team members, and everyone in our community who sent a pull request, tested and gave feedback, or provided support to users on the forum. We appreciate your contribution to making Kodi better.
Kodi is a cross-platform open-source media player developed by the Kodi Foundation that offers a plethora of features.
Its previous major release was Kodi 19 ‘Matrix’ which came almost two years ago.
Now, an improved release is here, called Kodi ‘Nexus’. It promises several new features and improvements.
Let’s take a look at those.
KODI is a free and open-source media player software application. It allows users to play and view most streaming media, such as videos, music, podcasts, and videos from the internet, as well as all standard digital media files from local and network storage media.
A new version of Kodi arrives, code-named Kodi 20.0 “Nexus”, bringing modern AV1 media streaming support and more.
While Autodesk develops many high quality applications they are proprietary software. And the vast majority of their products are not available for Linux. This series looks at the best free and open source alternatives.
MotionBuilder is 3D character animation software. The software is designed for virtual cinematography, motion capture, and traditional keyframe animation. Capture, edit, and play back complex animations.
MotionBuilder is available for Linux but it’s proprietary software. We recommend the best free and open source alternatives.
There have been attempts to overcome these shortcomings of string templating systems via adding features like autoescaping. However, these features have the shortcoming that often the kind of escaping needed is context-dependent. For example, the escaping required in an HTML attribute value is different from the escaping required in an HTML element body, which is in itself different from the escaping required for a query string parameter value inside an URL inside an HTML attribute value. Thus, all autoescaping systems are forced to choose between two possible approaches: [...]
Before laying out my question, let me put it into context. It seems that lately attackers are more successful by targeting administrators or developers than attacking the actual deployments and servers. Meanwhile some attacks social engineer employees into credential theft or reset, other attacks go after operational credentials that are used in semi-automated operations or development scripts.
To be clear, I don’t want to focus on the issue of secure online credential management (I hope we all use some form of password manager), or the security of online authentication protocols (even OAuth seems to be lacking), or the security of MFAs, not even the security of cloud API keys that are actively used by unattended running services (if the attacker has compromised the actual server he most likely already has access to all the sensitive data he wants).
What I want to focus on is those credentials that are used mainly for semi-automated operational or development scripts. Like for example AWS secret keys used to deploy or to gain access to the underlying buckets or backups; or passwords used to access the SQL database for maintenance; or other such secrets that are used outside the browser or specialized applications like SSH.
Also, let’s assume we are speaking in the context of a small company with at most 10 employees. Large companies probably have 10 people on the security team tasked only with this topic, thus perhaps this problem is solved in more complex ways.
Using a french keyboard, it can be complicated having to type in US layout through the VNC connections of Cloud VM providers or a virtualisation software console.
Here’re a couple of shell commands that permit installing Slackware Linux using the SSH daemon that ships on the installer image.
The git rebase command allows you to adjust the history of your Git repository. It’s a useful feature, but of course, mistakes can be made. As is usually the case with Git, you can repair your error and restore your repository to a former state. To recover from an unsuccessful rebase, use the git reflog command.
In a previous article, I described how JMeter has built-in support for HTTP, HTTPS, TCP, and other common protocols and has a plug-in extension mechanism.
Through plug-ins, you can support much more than just what’s built-in, including MQTT.
MQTT is a mainstream protocol in the IoT world. Although it is not a protocol type that comes with JMeter, it is extremely common in IoT testing scenarios. In order to support the load testing of the MQTT protocol, EMQ developed a JMeter-based open source testing plug-in for the MQTT protocol.
This article introduces how to use the MQTT plug-in in JMeter.
Transferring text from Ubuntu to Android using a Bash script is a powerful and efficient way to automate the process of transferring text between devices. Bash scripts are a powerful tool that can be used to automate repetitive tasks, and can be used to create simple and complex programs.
Swap the kubectl command for OpenShift’s oc tool to speed up daily tasks and testing in Kubernetes.
Is your computer is getting tired from running multiple kind clusters? Learn how to run remote clusters as if they were local.
Nvidia graphics drivers allow Linux users to enjoy an unparalleled experience running graphical applications and games on their systems. For instance, they provide a stable environment for Nvidia GPUs and keep up with the necessary changes by including support for the newest releases of OpenGL and CUDA. To ensure Linux users can take full advantage of what’s available, this guide walks you through installing such drivers on Rocky Linux 9 or Rocky Linux 8. Whether you’re a gamer who needs better frame rates or a professional designer who relies on computing power, having up-to-date Nvidia drivers will always give you the best experience.
If you’re working on a Rocky Linux system, you may need to install missing Linux kernel headers to build and install specific software. This guide demonstrates installing the missing kernel headers on Rocky Linux 9 and Rocky Linux 8 distributions.
As a system administrator, you may want to look for various information on your workstation or server system, such as how long the system has been running.
This way, you can keep track of the system resources and optimize based on your usage. Unfortunately, the uptime command used to get this information only returns information for the current session.
Surprisingly, you have an external tuptime command-line tool that can offer you historical and statistical uptime information for your Linux system.
Valve released a fresh build of Proton Experimental on January 13th which include a few notable improvements across various games for Steam Deck and Linux desktop.
Story-based games are always people’s favorite gaming genre as they offer a captivating and immersive gaming experience that keeps players engaged for hours. These games combine engaging storylines with challenging gameplay and engaging characters, that’s just perfect for players who love a good narrative gaming story. You are probably on the right track if you are interested in learning about the best story games for Android. Today, we’ll talk about exactly this genre so that you can be introduced to some exciting games to try.
The Atari 2600 was an extremely popular yet very simple game console back in the 1970s. They sold, apparently, over 30 million of them, and, of course, these things broke. We’d get calls from friends and — remember, back then normal people weren’t computer savvy — nine times out of ten, we’d ask them to swap the controllers to show them it was a bad controller, and problem solved. But if you did have to open one up, it was surprising how little there was inside, as [Steve] notes in his recent teardown.
In just a few days time, Google’s Stadia game streaming service will finally shut down for good. But not for any technical reason, mind you. Microsoft has managed to demonstrate that streaming modern games over home and even mobile Internet connections is viable with their immensely popular Game Pass Ultimate service, and NVIDIA is making similar inroads with GeForce Now. No, like so many of Google’s failed experiments, they’ve simply decided they don’t want to play anymore and are taking their proverbial ball home back with them.
Logging out and back in again, and subsequent reboots from this point, and everything seemed fine. However, I noticed the shadows around windows were no longer present. I had some subtle wobbly windows effects turned on before as well, and these types of effects have stopped as well.
MX Linux 21.3 “Wildflower” has been released over the weekend bringing bug fixes, kernel, and application updates. Notably, MX Linux is now based on the latest Debian 11.6 base and comes with Xfce 4.18 which was released in December. As a point release, MX-21 users needn’t bother reinstalling MX Linux to get this update, instead, you can just apply all the available updates.
For those just hearing about MX Linux, it’s rated first on Distrowatch’s page hit rankings, meaning it’s one of the most looked-into distros by Linux users. It offers Xfce, KDE, and Fluxbox editions and aims to offer a good feature set while not bogging the computer’s resources down. Its Debian base also makes it a very stable choice.
On the tech@ mailing list, Theo de Raadt (deraadt@) has issued a request for testing of patch(es) for execute-only (xonly) binaries on amd64. The message is quite long, but well worth reading in its entirety for those interested. Selected highlights include: [...]
If you’ve had the occasion to visit a museum, you might have used a touchscreen monitor with useful information and insights of the items on display. Or if you’ve attended a public library, you might have used a workstation with a browser or a software aimed to the consultation of the book’s catalog. Or even in public places like train stations or public squares, you might have spotted big screens or televisions where you can see advertisement videos, or interacted with them in order to obtain information and services. These devices are kiosks. They are locked down environments, generally running a full screen application.
Under the hood there is usually a small PC (maybe a fan-less device or a so called industrial PC, capable of staying powered on without issues for long periods of time) or perhaps a Raspberry Pi. Many times they are powered by Linux!
If you have a large collection of eBooks, you probably use Calibre – it’s simply the best bit of cross-platform software for managing your library. It runs rock-solid on Linux.
In case you thought IBM AIX had a future, IBM’s legacy proprietary Unix, IBM apparently doesn’t. The Register reported Friday that IBM has moved the entire AIX development group to IBM India, apparently their Bangalore office, and placing 80 US-based developers into “redeployment.” That’s a fairly craven way of replacing layoffs with musical chairs, requiring the displaced developers to either find a new position within the company (possibly relocating as well) within some unspecified period, or retire. About a third of IBM’s global staff is on the Indian subcontinent. IBM didn’t publicly announce this move and while it’s undoubtedly good news for IBM India it seems bad news for AIX’s prospects: the technologies IBM thinks are up and coming IBM tends to spend money on, and so an obvious cost-cutting move suggests IBM doesn’t think AIX is one of those things.
SRE (site reliability engineering) is a field defined by its constant evolution – from Google’s in-house secret recipe to the hottest new practice for the biggest enterprises to a diverse and holistic mentality practiced by companies of all sizes.
In our State of SRE survey, we predicted that the skillsets and responsibilities of people in the SRE position would become more diverse in 2022. Indeed, we’ve seen SREs fill more roles beyond development and operations, with some SREs focusing entirely on process, strategy, or culture. This expansion of SRE has led to an even more significant potential for what the field can accomplish. We’re excited to speculate on what 2023 will bring for SRE.
Cloud optimisation enables organisations to significantly lower their cloud spending while ensuring the desired performance and necessary compliance. It’s a process that every business should adopt when choosing cloud infrastructure as a foundation for their applications. It’s been proven that applying cloud optimisation best practices leads to a total cost of ownership (TCO) reduction of two-thirds under certain circumstances.
But let’s step back for a second. How exactly does cloud optimisation help you avoid high costs? What exactly does it involve? And finally, why should you care about your cloud spending at all? These are all critical questions. Questions that deserve good answers. Let’s answer them as best as we can.
“Canonical’s solution was a third of the price of the other proposals we’d received. The solution is also proving to be highly cost-effective, both from CAPEX and OPEX perspectives.”
The enclosure support wall mounting, but Aetina also offers a DIN rail mounting kit upon request. All four models of the embedded system look to be identical with just different NVIDIA Jetson Orin NX or Orin Nano modules. There’s no mention of the OS used, but we can safely assume the embedded computer will run Ubuntu 20.04-based NVIDIA JetPack, and the company also tells us their AIE platforms support their EdgeEye platform for real-time remote monitoring of edge devices.
Aetina says the Jetson Orin NX-based systems should become available in February 2023, while the Jetson Orin Nano embedded computers will be available in March. More details may be found on the product page, and the press release also includes additional information about other larger Jetson Orin Nano and Orin NX systems with an extra M.2 B-Key for LTE/5G function expansion.
This month, Vecow introduced the ECX-3000 which is a Workstation-grade fanless embedded system compatible with 13th/12th Gen Intel processors and Intel 600 Series Chipset. This rugged embedded system is equipped with up to 8x 2.5GbE LAN ports with 4x PoE, 5G connectivity, Wi-Fi6 and extensive storage support.
The first thing I did was research to see what is out there. I wanted to know what other people have tried or if there are commercially available products that can do this sort of thing. I came across a video on the Lock Picking Lawyer YouTube channel. He demonstrated a safe combination auto dialer that appeared to be a commercial product, but if you look closely at the chuck, you’ll see some 3D-printed parts. I did some digging and found a similar device with a price tag of $6k for sale! I really liked the simplicity of this design but, Levy isn’t going to fork over that kind of cash to open his safe. My plan is to replicate the design and features of this commercial product. I will also publish the CAD, code, and other design files as open source if others want to build their own and improve on my prototype.
As expected, Sipeed has now launched the Sipeed M0S IoT module based on Bouffalo Lab BL616 RISC-V microcontroller with 2.4 GHz WiFi 6, BLE 5.2, and Zigbee connectivity along with the “Sipeed M0S Dock” development board.
The M0S is a tiny module (11×10 mm) with a 320 MHz wireless MCU, a ceramic antenna, and castellated holes for I/Os, and the Sipeed M0S Dock places the module on an easy-to-use board with a USB Type-C port, a BOOT button, and a 12-pin 2.54mm pitch header.
We’ve seen our share of custom PCBs here on Hackaday, but they aren’t always pretty. If you want to bring your PCB aesthetics up a notch, [Ian Dunn] has put together a guide for those wanting to get into PCB art.
I have really enjoyed experimenting with the gopher protocol—and bending Jekyll to my will to actually serve up my phlog—but in the move to managed hosting for my personal website, gopher simply didn’t make the cut. If Cloudflare ever decides to support non-HTTP protocols in their Pages product, then I may come back to it some day. But for now… it’s time to say farewell.
As I reported during the beta stage, Mozilla Firefox 109 implements a new Unified Extensions button in the toolbar that acts as a container for all your installed (and enabled) add-ons, making your toolbar tidier and easier to manage add-ons from one place.
All the add-ons that are listed in the new Unified Extensions button will have a settings icon next to them so you can more easily access their options, pin them on the toolbar, remove or report them, as well as to manage them in the built-in Add-Ons Manager.
On December 2022, the faculty of engineering from the University of Entre Rios, represented by the dean Diego Campana and the head of the school of Public Health, Fernando Sassetti, formalized the agreement with the president of the Lejeune foundation in Argentina, Luz Morano.
Sure, that may not happen anytime soon. But it does not hurt to be optimistic about supporting new projects.
[...]
Now, I have stumbled upon another editor, “ecode”. The project’s author mentions that it takes inspiration from editors like Lite XL.
The field of automation AI is rapidly growing and there are several popular programming languages that are used to develop AI and machine learning applications. These languages include Python, Java, C++, R, and JavaScript. Each language has its own strengths and weaknesses and is suitable for different types of AI projects.
The trend that I particularly see over the next years is the increasing integration of programming languages, such as the introduction of C++ in R, or using Java or Python through R for the past years, and integrating packages from other languages (such as Rust) in R rather than writing everything in R.
Description: R users sometimes hear about the fabulous advantages of Python for advanced data science and modelling. While these claims are regularly exaggerated, it never hurts to be able to use more tools. This workshop will teach you to use Python together with R in the same project. That way, you can keep using the data science tool chain you already know and like in R (e.g., data processing and plotting), while employing tools from the Python world where needed, for example, for modelling. The workshop will include unsupervised machine learning with scikit-learn and BERTopic. We use the excellent reticulate package in a quarto+RStudio workflow to accomplish this, yet the knowledge is transferable to other tools.
I would know, because I re-implemented it on my own feed here recently, and have had a few emails from people claiming it broke their readers! In the case of a few parsers, the title for the entire channel was overwritten with the title of that textInput block, suggesting they’re incorrectly parsing any title in a channel header.
Local publication Vlast reported on January 16 that the restaurant chain Delicious, Full Stop, which replaced McDonaldʼs in Russia, had applied for the registration of its trademarks in Kazakhstan. This, according to the Ministry of Justice.
What better way to ring in the new year than with [iSax Laboratories]’ charming little project that replaces a doorbell with a Maneki-Neko cat figurine to ring a physical bell?
Thanks to Home Assistant, automating the various systems that run your home is easier than ever. But you still need to make a connection between those systems and your Home Assistant setup, which can be tricky if the manufacturer didn’t have this use case in mind. When [Simon] wanted to automate his home heating system, he discovered that most Home Assistant-enabled thermostats that he could find didn’t support his two separate heating zones connected to a single boiler. The easiest solution turned out to be to design his own.
Baroness Beeban Kidron, who has campaigned for social media reform, said the Telegraph investigation showed that “social media platforms were wilfully disregarding harms to children”.
“These platforms have fuelled anxiety and depression among a staggering number of young people, and in some cases cost them their lives”, she added.
A 9.8 severity vulnerability in Control Web Panel, previously known as CentOS Web Panel, allows an attacker to remotely execute arbitrary shell commands through a very simple mechanism. Although readily patched, security organizations are reporting it is under active exploit.
That last action was their undoing. This is what gets me about these sorts of attacks: they’re always brought down by greed. Once you tell enough people about a scheme, word of it will make its way to the top. They would have earned less keeping the number of cabbies who knew about it to a minimum, but they may have continued to get away with it for years.
If you’re keen to keep your online activities to yourself then Tor is a great option and well worth adding to your privacy toolkit.
Tor is a custom browser, which comes complete with clever open-source technology that uses some very smart tricks to protect your web anonymity.
The film director discusses his documentary “MLK / FBI” on J. Edgar Hoover’s sickening surveillance of the civil rights hero.
He was questioned under section nine of the Terrorism Act 2006, which created an offence “of making or possessing a radioactive device or possessing radioactive material with the intention of using it” in the commission or preparation of an act of terrorism.
The use of the section is incredibly rare.
Operations by armed groups, violent extremists and criminal networks forced the closure of more than 10 000 schools, with millions of children affected, and some 7 000 health centres.
These non-state groups are fighting among themselves for supremacy and control of resources, she said, which is pushing States to the margin and causing untold misery to millions who have fled elsewhere to safety.
War is a language of lies. Cold and callous, it emanates from dull, technocratic minds, draining life of color. It is an institutional offense to the human spirit. The Pentagon speaks the language of war. The President and the Congress speak the language of war. Corporations speak the language of war. They sap us of outrage and courage and the appreciation of beauty. They commit a carnage of the soul.
Take for example the recent report issued by the Center for Strategic & International Studies (CSIS) entitled “The First Battle of the Next War: Wargaming a Chinese Invasion of Taiwan.” This “Think Tank” conducted 24 iterations of wargames whereby China invades Taiwan. The U.S. and its allies respond. The result each time: No one wins. Not really.
Small bands of protesters, or no antiwar protesters are like poison to a war resister. When the recent New York Times obituary of Dr. Willard Gaylin appeared, there was absolutely no mention of his landmark work (War Resisters in Prison, 1970) with war resisters during the Vietnam War. Singer-songwriters who wrote anthems to antiwar protest go silent about today’s wars or nearly choke on questions about the meaning of an old song measured against today’s endless wars. Banners hung from telephone polls in communities depicting soldiers from past wars also tell part of the story of militarism. Where are the banners hoisted to teachers, social workers, and the average Jane or Joe trying to survive through hard work? The death threats against protesters who assembled in front of the federal building in Providence, Rhode Island at the start of the war in Afghanistan in 2001 are yet another reminder, as were the nightly segments on local news programs about soldiers who had died since the beginning of that war. Tributes to those who died in war is not negative, but measured against power structures in the US that refused to accept the Taliban’s offer to turn Bin Laden over to the US, casts the entire war in a different light. The composition of the forces that answered the 2001 attacks was the subject of much debate regarding its socio-economic nature. No historical context for the US role in Afghanistan was ever presented in the mass media.
The disappearance of antiwar protest during Barack Obama’s so-called troop surge in Afghanistan is yet another of the endless reminders of unbridled militarism. The list is endless, but points to the mass acceptance of war and the preparations for war, a phenomenon that Martin Luther King, Jr. spoke eloquently about in his “Beyond Vietnam” speech at Riverside Church in 1967. Recall what the late historian Howard Zinn said about Barack Obama and militarism: “I wish President Obama would listen carefully to Martin Luther King.” It is all familiar and war has become normalized with the trillion dollar outlays for war in the Biden administration and the disappearance of criticisms of war in the mass media about the war in Ukraine.
It was the guacamole’s fault!
That’s the guy’s defense, anyway — that plus his right to carry four handguns, an AR-15 and a 12-guage shotgun into a supermarket in Atlanta. Oh yeah, and he was wearing body armor. This was in March 2021, barely a week after an actual mass shooting at several massage parlors in Atlanta, in which eight people were killed. And it was only two days after a mass shooting at a grocery store in Boulder, Colorado, where 10 people were killed.
A year to the day before his assassination, Martin Luther King publicly and decisively denounced not only the US war in Vietnam but the militarism that enabled the war and undermined American society. King’s Beyond Vietnam sermon, delivered on April 4, 1967, at New York’s Riverside Church, was as predictive as it was powerful and prophetic. Its meaning and value exist today as much as they did nearly 55 years ago.
King rightfully tied together the overarching and commanding militarism of the US with the economic, societal and cultural demons plaguing America. Much as President Dwight Eisenhower had done in his farewell address six years earlier, King set about to make clear the insidious nature of the reality of that militarism through not only overseas warfare and a controlling military-industrial complex but the demeaning and diminishing effects it had on the American people. King understood and communicated the war in Vietnam as “a far deeper malady within the American spirit.” The shameful and hideous deaths it brought overseas were the substance of America’s wreckage. He summarized his purposes in opposing the war in Vietnam as an attempt to save America’s soul.
The MLK tributes are sure to pour on the anniversary of the civil rights hero’s death, but don’t expect them to acknowledge his anti-militarist ideals.
Russia’s February 2022 invasion of Ukraine has created the largest refugee crisis in Europe since World War II. While millions of Ukrainian refugees have since returned home, almost 2.9 million moved to Russia, according to October 2022 figures, and roughly 7.9 million were registered across Europe between February and December 27, 2022. Besides Russia, Poland (1.5 million), Germany (1 million), and the Czech Republic (474,731) have welcomed the largest numbers of Ukrainian refugees, while Italy, Spain, France, Romania, and the UK have also accepted more than 100,000 each.
There is little reason to suggest many Ukrainian refugees will return home soon. A June survey by polling group Rating, for example, found that 24 percent of Ukrainian refugees wanted to return but were waiting for a certain time, 48 percent said they would return after the end of the war, and 8 percent said they would not go back to Ukraine. A German government-backed survey from December 2022, meanwhile, found that around 37 percent of Ukrainian refugees wanted to settle in the country permanently or at least for the next few years.
The furore over Prince Harry’s much-criticised remarks about his role as a helicopter pilot in the war in Afghanistan in 2012 reveals more about his critics than they do about him. Much of the abuse is hysterical or attention-grabbing, but it stems also from British amnesia about the failed wars in Afghanistan and Iraq.
In his book, Harry writes that “Afghanistan was a war of mistakes, a war of enormous collateral damage – thousands of innocents killed and maimed and that always haunted us”’
Russian President Vladimir Putin said he considers the dynamics that have developed in the combat zone in Ukraine to be “positive,” according to an interview the president gave to journalist Pavel Zarubin, for the “Moscow. Kremlin. Putin” program on network Russia 1. Putin’s words were a response to Zarubin’s observation that “there’s news from Soledar.”
Three people have been killed and 16 wounded, according to the latest tally, by ammunition detonating at a Russian base at the Tonenkoye farm, in the Korochansky district of the Belgorod region. Interfax reports, citing emergency services, that an additional eight people are missing.
Russian and Belarusian air force units have begun joint exercises on Belarus’s territory, the Belarusian Defense Ministry reported on Monday.
“This is a betrayal of present and future generations… Germany is one of the biggest polluters in the world and needs to be held accountable,” Thunberg said on a podium, after she marched with a cardboard sign saying in German “Lützi stays,” using a shortened name of the village.
First things first, I’ll explain why any of this would make any sense. You cannot just rent a field, fill it with solar panels (assuming the farmer lets you, and planning permission is granted), and make a pile of money. Its not that simple. (And trust me: none of that is simple). The main problem you face is the grid connection. Basically solar farms go in fields, so we are already limited to relatively rural locations. This means that the land is large enough, and also its not going to upset too many people. Our site is surrounded by fields and hills and generally…nothing, so there were zero objections. This is all good news.
Alexander Brazhnikov, executive director of the Russian Association of Cryptoindustry and Blockchain told Vedomosti that the Central Bank of Iran is considering the creation of a stablecoin with the Russian Federation as a means of payment in foreign trade transactions.
Part 1: The context of extreme financial devaluations
The World Economic Forum is meeting in Davos this week. The gathering of many of the wealthiest corporate elites and state leaders compels consideration of directions global capitalist chaos may take us in 2023. What lessons did we learn from the devaluation of so many economic assets – including the lead plutocrats’ own wealth – in 2022, amidst so much geopolitical, environmental and socio-economic suffering?
I’m fortunate to be able to attend this week of public programming, alongside Brigitte Vézina, CC’s Director of Policy and Open Culture. We recognize the privilege of representing CC, and look forward to a week of learning, listening, and partnership. While we are in Davos, CC’s CEO Catherine Stihler is participating in this year’s launch event of the Morgridge Acceleration Program, for which she is one of twelve selected mentors.
UPDATE It is astonishing how many people are incapable of comprehending the following phrase from the article below…
There are few contemporary novelists who have explored the dark undercurrents of American society with more insight and pathos than Russell Banks, who died earlier this month.
The same day, Redmond-based Microsoft confirmed reports that it won’t renew its lease at the 26-story City Center Plaza in Bellevue when that lease ends in June 2024.
The announcements come as the continued popularity of remote work and a tech slowdown with massive layoffs have both cut into demand for office space in Seattle and elsewhere.
As the tech sector goes through ‘soft market’ changes in the office leasing space, major companies such as Facebook parent Meta and Microsoft are separately vacating their buildings in Seattle and Bellevue in Washington, according to the Seattle Times.
A soft market is a phase in the economic cycle characterised by more sellers than buyers and low prices.
The Seattle Times said on the same day, Redmond-based Microsoft confirmed reports that it won’t renew its lease at the 26-story City Center Plaza in Bellevue when that lease ends in June 2024.
The ongoing work-from-home and layoffs have cut into demand for office space in Seattle and other tech cities in the US.
According to the report, the announcements by the two tech giants has brought more bad news to the office market in Seattle which is already struggling due to sluggish return of remote office workers. In downtown Seattle, the total office vacancy now stands at a low 25 per cent. The non-vacant offices are half empty because of remote work. Since last summer, the area has only seen 40 per cent of the workers present before the pandemic, a cellphone location data from Placer.ai by the Downtown Seattle Association stated.
To quickly recap the site’s journey from unknown startup to breakout among “alt-tech” apps: Rumble debuted in 2013, with founder and CEO Chris Pavlovski, a Canadian tech entrepreneur, envisioning it as a refuge for small-time creators left in the dust as YouTube prioritized its most successful influencers. For about seven years the site hosted innocuous viral fodder and aggregated news. Today, the landing page maintains sections for both cute animal videos and conventional broadcast reports, though barely anyone watches the clips shared from One America News Network, Newsmax, and Breitbart, let alone Reuters. Viewers are more drawn to stuff like conservative comedian Jeff Ahern making fat jokes about lingerie models in a segment titled “How Victoria’s Secret’s Push To Become Woke Made It A Joke.”
The Ukrainian parliament on June 19 passed a bill to ban Russian-language music as lawmakers pushed through a number of bills aimed at protecting Ukrainian culture and the country’s information space from Russian influence.
From the Dept. of Horrible Chutzpah
During the fight over the new House Speaker election, Congress member Chip Roy (R-TX), who voted against the anti-lynching act last March, had the immoral temerity to quote Dr. Martin Luther King, Jr. He did so as he explained how he was positioning himself to the hardliner right of rightwing Kevin McCarthy (R-CA).
I love MLK Day but hate when politicians parrot Dr. King’s prose while doing their damnest to keep his dream unrealized. His family knows and deals with this best.
Over the holiday break, I rewatched the ’60 Minutes’ interview with Coretta Scott King from Christmas Eve 1968. Mrs. King opened her home to Mike Wallace and the world only eight months after her husband’s assassination. She inspired millions, using her grief to grow the movement by letting people mourn with her.
Rebecca Gordon reminds us that this country does remain all too exceptional, even if in ways that couldn’t be more unnerving.
In his daily video address on Sunday, Ukrainian President Volodymyr Zelensky switched to Russian to speak to Russian citizens about the missile strike that destroyed a residential building in Dnipro on Saturday.
During its daily briefing, the Russian Ministry of Defense reported that Russian troops hit Ukrainian military command and energy targets during a massive strike on the country on January 14.
Mixed martial arts fighter Georgiy Gagloev, from Beslan in the North Caucasus, was found dead in a train en route from Vladikavkaz to Moscow. TASS reports, citing sources from the sports world, that Gagloev was found during a stop in Rostov-on-Don.
One country gaining notice for how it is strengthening its digital defenses is Ghana. It is one of a handful of African countries with a national cybersecurity strategy able to track and respond to digital threats, including disinformation. The West African country jumped 40 places in the Global Cybersecurity Index in just three years, ahead of Ireland and New Zealand.
The strength of Ghana’s approach is a commitment to civic unity and freedom of expression – democratic principles that face rigorous challenges around the world as countries come to grips with the free flow of information via social media. In Ghana, cybersecurity policy is under civilian leadership and oversight. Businesses and the banking sector participate in monitoring and responding to threats. Judges and prosecutors have been specially trained to assess digital evidence.
Nigerian authorities are struggling to stem rising violence in the north and central regions where armed groups target rural communities, killing thousands and abducting people to ransom. Security forces are often outnumbered and outgunned and suspects are seldom detained, residents said.
The attacks sometimes target religious figures such as clerics. In July last year, Rev. John Mark Chietnum was killed after he was kidnapped in the northwestern Kaduna state.
President Volodymyr Zelensky has signed into law a controversial bill that expands the government’s power to control the media, endangering press freedom and media pluralism in the country. The International Federation of Journalists (IFJ) joins its Ukrainian affiliates, the National Union of Journalists of Ukraine (NUJU) and the Independent Media Trade Union of Ukraine (IMTUU), in calling on the government to revise the new legislation and to start a broad inclusive dialogue with journalists’ unions and the media sector.
The law expands the authority of Ukraine’s state broadcasting council, meaning that it will be able to regulate all media in Ukraine. Under previous legislation, enacted in 2019 under the Zelensky government, the council has the power to issue licenses, conduct inspections, and impose sanctions on television and radio companies, Ukra News reported.
Both the European Federation of Journalists and the Committee to Protect Journalists have opposed the measure, and in September Ukraine’s own National Union of Journalists called the law “the biggest threat to press freedom in (Ukraine’s) independent history.”
Earlier in July, the European Federation of Journalists denounced the law, writing that “it proposes to give arbitrary and disproportionate regulatory powers to the national regulator, the National Council of Broadcasting, which would have authority not only over audiovisual media, but also over print and digital media.”
House Minority Leader Hakeem Jeffries joined New York Gov. Kathy Hochul and other state Democrats at a Bronx rally Saturday, just days ahead of what is sure to be a contentious confirmation hearing in which progressive lawmakers opposed to LaSalle’s appointment to lead the state Court of Appeals could be decided.
After publishing the first two editions of the Confessions of an Economic Hit Man trilogy, I was invited to speak at global summits. I met with heads of state and their top advisors from many countries. Two particularly significant venues were conferences in the summer of 2017 in Russia and Kazakhstan, where I joined an array of speakers that included major corporate CEOs, government and NGO heads such as UN Secretary-General António Guterres, Indian Prime Minister Narendra Modi, and (before he invaded Ukraine) Russian President Vladimir Putin. I was asked to speak on the need to end an unsustainable economic system that’s consuming and polluting itself into extinction — a Death Economy — and replace it with a regenerative one that was beginning to evolve — a Life Economy.
The German Federal Constitutional Court has published a decision today confirming that the EPO’s appeal system provides independent and effective judicial relief, as required by the German constitution for courts of international organisations.
Pirate streaming app PikaShow made powerful enemies in 2022, including Disney, Star India, and the MPA. PikaShow’s response was to sponsor the Afghan national cricket team and advertise itself on broadcast TV. According to police in India, a college student was arrested last week on suspicion of monetizing pirated TV streams via the PikaShow app.
Pirate sites are increasingly hard to find in search engines. Google has taken a series of steps to demote or remove problematic domains and it doesn’t appear to be alone. Several of the most visited pirate sites have virtually no results in Bing either. According to the search engine, this isn’t the result of an ‘editorial decision’.
* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.
Summary: The EPO is protected by the German government [1, 2] no matter what it does; even the “elite” courts won’t intervene
Summary: Using stock photography that gives a false impression of lawfulness, the EPO gloats about Bundesverfassungsgericht (Germany’s Federal Constitutional Court) refusing to even hold the EPO accountable!
AS we noted here some weeks ago, the German Constitutional Court was intentionally not ruling on complaints regarding the EPO, quite likely for political/corporate reasons. We’ve already seen under both Benoît Battistelli and António Campinos that the German government protects EPO management no matter how many crimes it commits. 4 years ago there was also concern about Stephan Harbarth, who demonstrated commercial and political interference inside the German Constitutional Court. Here’s what the EPO rushed to publish some days ago. It was very, very short. It said:
The German Federal Constitutional Court has published a decision today confirming that the EPO’s appeal system provides independent and effective judicial relief, as required by the German constitution for courts of international organisations.
This is a lie. It did not rule. It made an excuse to dismiss the complaint. Carefully constructed lies and misleading statements from the EPO… is that patented yet?
“The German government harbours one heck of a “patent mafia” at this point.”Anyway, this shows that Germany’s constitutional court, the FCC, isn’t functioning either. It’s captured by corporate interests. Just shills in robes?
As one German explained in our IRC channel this morning: “the mine that Luetzerath is being demolished for, also expanded over another village 30 years ago and that one was demolished because the German government bows to corporate interests.”
Looking elsewhere in the “news” page of the EPO, there are other types of propaganda so far this year. Here’s the gist as an annotated screenshot:
EPO workers can hopefully relate to the stupidity of those statements. This is the poor management of the EPO showing the best it has got. Yes, Peru. Nothing wrong with Peru per se, but to the EPO it is irrelevant.
Incidentally, the decision from the FCC was mentioned (before and after) in the comments SUEPO links to at the top of the page, SUEPO.org. To quote:
Concerned observer
JANUARY 10, 2023 AT 2:02 PM
“It is unfortunate that the EPO seems to prefer silence to transparency when it comes to what’s happening at the organization”.Well, that is putting it mildly. On the occasion in question, silence served the purpose of the EPO avoiding answering (or even commenting upon) the question of whether the President had indeed used foul language at the GCC meeting. However, it seems that there are other occasions where the EPO is happy to comment, albeit by providing reports that everyone outside of the EPO’s management struggles to reconcile with their understanding (or recollection) of events.
So why does the EPO make such deliberate attempts to evade scrutiny and/or to paint a misleading picture? Apart from the obvious reason (namely, that it suits the management’s agenda to do so), the sad truth is because they can. Frankly, concepts such as transparency, proper regulatory oversight and even the rule of law mean very little to an international organisation that has decided to set its face against such things.
Concerned observer
JANUARY 11, 2023 AT 4:49 PM
I await with interest to lean what the German Constitutional Court (BVerfG) makes of the complaints relating to the EPO. The cases in question have been pending before the BVerfG for periods ranging from about 6 to about 12 years. However, it seems that the BVerfG is FINALLY ready to publish its decisions (on 12 January):https://www.bundesverfassungsgericht.de/DE/Presse/Senatsbeschl%C3%BCsse/Senatsbeschl%C3%BCsse_node.html
Whilst I am not a gambler, I would wager that the BVerfG’s decisions will essentially conclude that there is nothing to see here … most likely on the basis of (alleged) insufficient substantiation of the legal grounds raised in the complaints.
In any event, the German government will of course already know the outcome of the complaints. Given that there have been no signs of frantic diplomatic efforts to patch up defects in the EPC, I think that it is safe to conclude that the BVerfG’s decisions will not force Germany to withdraw from that Convention. Thus, for me, the only point of interest in the decisions will be the extent to which it (plausibly) argues that the current set-up of the Boards of Appeal is acceptable. My guess is that the BVerfG’s reasoning on this point, if any, will be about as convincing as the Dutch Supreme Court’s argument that access to the ILO-AT serves as an adequate guarantee of the right of EPO staff to COLLECTIVE bargaining.
Misma
JANUARY 12, 2023 AT 11:49 AM
In any doubt about compliance of the EPO boards of appeal with ECHR 6.1 ‘independent tribunal’, i would encourage the complainants to escalate to the ECHR.Germany has a tradition to protect the EPO.
Concerned observer
JANUARY 13, 2023 AT 7:12 PM
The ECtHR also has a tradition to protect (other) international organisations.Concerned observer
JANUARY 12, 2023 AT 1:31 PM
Spooky! It is almost as if I have a crystal ball:https://www.bundesverfassungsgericht.de/SharedDocs/Entscheidungen/DE/2022/11/rs20221108_2bvr248010.html
Whilst there is still a lot for me to digest in the decision, a particularly noteworthy point is that the complaint filed by a UK legal entity was deemed inadmissible, but only because the BVerG did not issue their decision prior to Brexit. As Brexit happened nearly 7 years after the relevant complaint was filed, this result seems more than a little harsh on the UK-based complainant!
If I understand the decision correctly, it also seems to conclude that LEGAL entities based outside of the EU are not entitled to protections provided by Germany’s Basic Law … INCLUDING the protection that is supposed to guarantee equality before the law. No doubt there is much more to this than meets the eye. However, it does seem to be a curious conclusion, especially if one considers its potential implications (eg with respect to enforcement of rights guaranteed under the ECHR).
It’s hard not to be cynical. ECHR should also look into the mischief of Team UPC, basically seeking to break laws, violate constitutions and conventions, then blackmail Techrights to stop criticism of these abuses. The German government harbours one heck of a “patent mafia” at this point. █
Dr. Roy Schestowitz
Guest Editorial Team
Community: Get involved
RSS Feed: subscribe to the RSS feed for regular updates
Site Wiki: You can improve this site by helping the extension of the site's content
Site Home: Background about the site and some key features in the front page
IRC Channels: Come and chat with us in real time
Design by Beccary and Weblogs.us · Valid XHTML · Valid CSS · Hosting by Schestowitz · Part of Bytes Media
 | |
Content is available under CC-BY-SA
Editors • About the Site • Comes vs. Microsoft • Using This Web Site • Site Archives • Credibility Index • OOXML • OpenDocument • Patents • Novell • News Digest • Site News • RSS
