Bonum Certa Men Certa

Links 04/03/2023: Linux From Scratch 11.3 and Mixxx 2.3.4



  • GNU/Linux

    • Linux Magazine's New Issue

    • Server

      • Container Journal3 Miniaturized Kubernetes Distros to Manage Compact Containers

        By now, you are likely well aware of Kubernetes, the comprehensive container orchestration platform. Although many people think the platform is overly complex and not beginner-friendly, this is not necessarily true. Miniaturized Kubernetes distributions (distros) make the platform much more accessible as they do not require a wide range of

    • Audiocasts/Shows

    • Kernel Space

      • André AlmeidaInstalling kernel modules faster with multithread XZ

        My target machine is the Steam Deck, that uses .xz for compressing the modules. Giving that we want gamers to be able to install as many games as possible, the OS shouldn’t waste much disk space. amdgpu, when compiled with debug symbols can use a good hunk of space. Here’s the comparison of disk size of the module uncompressed, and then with .zst and .xz compression: [...]

    • Applications

      • ZDNetLinux desktop powers consider uniting for an app store [Ed: This usually means proprietary if not DRM down the road]

        One reason why there are so many Linux desktops is that there's endless disagreement on what makes the best desktop. Now, GNOME, Debian, and KDE are exploring the idea of uniting, using Flatpak to create a Linux desktop app store.

      • 9to5LinuxMixxx 2.3.4 Open-Source DJ Software Adds Support for Traktor Kontrol S2 Mk1 and Numark Party Mix

        Arriving more than seven months after Mixxx 2.3.3, the Mixxx 2.3.4 update brings controller mapping support for the Traktor Kontrol S2 Mk1 and the Numark Party Mix controllers, and improves sampler and HotCue buttons for the Traktor S3 controller, which was introduced in the previous release, and improves support for the Denon DJ MC7000 and Ableton Push controllers.

        OMixxx 2.3.4 also adds HotCue clear with pad support and improves sliders, knobs, and inverted tempo fader for the Numark DJ2Go2 controller, adds an inverted pitch slider to the Numark N4 controller to match the GUI orientation, and adds support for arbitrary maximums in 7-bit and 14-bit handlers from controller scripts to Potmeters.

      • yewtube Is A Feature Packed Terminal Based YouTube Player - Linux Uprising Blog

        yewtube is a command-line tool to search, browse, and play YouTube videos directly from your terminal, for Linux, macOS, and Microsoft Windows. It uses no API keys, and it can play audio only or audio/video using a third-party media player like VLC, mpv or mplayer, with lots of features on top.

        yewtube is a fork of mps-youtube, which had its last release in back in 2018. This January, yewtube was merged back in mps-youtube, and its development continues at https://github.com/mps-youtube/yewtube. The fork is a year old, and it contains numerous bug fixes as well as some minor new features such as the ability to run yewtube over tor using torsocks, and the ability to set the mplayer cache.

      • Linux Links10 Best Free and Open Source Linux HDR Imaging

        HDR software allows computer graphics to offer the full real world levels of illumination, with darker darks and brighter lights, while at the same time increasing the amount of lighting detail displayed in all areas of the image. While standard image formats utilizes 8, 16 or 24 bits with applied gamma and color space, the HDR image format extends the bit depth up to 96 bit in a linear color space. Additionally, HDR images can be photometrically correct.

        HDR images are normally generated by combining multiple normal images of the same scene taken with different intensity levels, or as the result of creating a global illumination rendering.

        To provide an insight into the quality of software that is available, we have compiled a list of 10 top quality open source HDR applications. Hopefully, there will be something of interest for anyone interested in HDR imagery.

    • Instructionals/Technical

      • KifarunixConnect to Remote Docker Environment on Docker Desktop

        Can docker Desktop connect to remote host? Yes. Follow through this guide to learn how to connect to Remote Docker environment on Docker Desktop. Docker desktop is a GUI based application that enables developers to easily create environments for building their applications.

      • Reconfigurable and embedded Digital SystemsHow to apply patches from the Linux Kernel Mailing List

        The Linux Kernel is under constant development and improvement. Everyday patches are submitted to the Linux Kernel Mailing List (LKML). Some of these patches get accepted and merged into the mainline Linux kernel and become available to the user, other patches never do.

        Sometimes it is useful to get patches from the LKML, for example if you are developing in the kernel or simply because you want to stay at the bleeding edge. Another reason could be that you need patches that were proposed to the LKML but were never merged. This can happen when developing with exotic hardware, for example a driver could have been submitted but never merged because of some reason (e.g., code doesn’t follow the kernel guidelines etc.), however this code might still be of interest to you.

        In this post we will explore how we can incorporate code from the LKML into our kernel.

      • University of TorontoModern email addresses can be in UTF-8

        Specifically, the character in question is Unicode U+2010 Hyphen (also). The email in question was sent to us using this character in a destination address that actually had the ASCII dash; given that the U+2010 version of the address didn't exist, Exim on our external MX gateway rejected it. These days, Exim's logging is in UTF-8, as is pretty much anything you'll use to read the logs, so the result was pretty confusing to disentangle. To all appearances it looked like our email system had temporarily glitched out and decided that some valid local addresses didn't actually exist.

      • Jake BauerStyling External Links

        Long time no see! While I have a few other, longer blog posts still cooking, I figured I’d post about a cool bit of CSS I came across on eli_oat’s site which adds a marker to every link on a site that points to an external domain.

        This means that links which point to pages on the same site (or within the same domain, if configured like that) look like this: paritybit.ca, whereas links which point to any external domain look like this: example.com.

      • Make Use OfHow to Quickly Update Google Chrome on Ubuntu

        Google Chrome isn't available in the official Ubuntu repositories. So how do you go about updating the app once it's installed?

      • Pablo Iranzo Gómez: Automating SSH keys loading for Ansible usage
      • Make Use OfHow to Fix the "ifconfig: command not found" Error in Linux

        If you encounter the command not found error while using ifconfig, here's an easy way to solve it.

      • Make Use OfHow to Run Multiple Commands in Linux at Once

        The Linux terminal is a powerful tool that allows you to perform various system operations using commands. File manipulation, program management, and service automation are some of the operations you can carry out efficiently using shell commands.

        However, when it comes to executing multiple operations, running commands one by one isn't efficient. A faster way to do it is to chain multiple commands in one line. Not only does this speed up the process, but it also saves you time.

        Let's explore all the ways to run multiple commands at once in Linux.

      • Make Use OfHow to Create a Windows Bootable USB on Linux

        Want to make the switch from Linux to Windows? Here's a guide on creating a bootable Windows USB on Linux, covering everything from downloading a Windows ISO to flashing it to a USB drive using WoeUSB and balenaEtcher.

      • Linux Made SimpleHow to install Firefox Developers Edition on a Chromebook
      • Linux Made SimpleHow to install PhpStorm on Linux Lite 6.2
      • Linux Made SimpleHow to install LibreOffice on a Chromebook in 2023
      • Linux Made SimpleHow to install RubyMine on Linux Lite 6.2
      • Julia EvansSome notes on using nix

        Recently I started using a Mac for the first time. The biggest downside I’ve noticed so far is that the package management is much worse than on Linux. At some point I got frustrated with homebrew because I felt like it was spending too much time upgrading when I installed new packages, and so I thought – maybe I’ll try the nix package manager!

    • Games

      • Anbernic RG353P retro handheld has Android & Linux compatibility with dual analog sticks

        Play Android and Linux games on the Anbernic RG353P retro handheld! It can run both with its Android 11 or Linux operating systems. This gives you impressive support and compatibility for your gaming library, emulators, and apps. Additionally, it has a 3.5” IPS 640 x 480 touchscreen display for vibrant gameplay right on the device. With a premium-quality build, it has dual analog sticks as well as dual speakers for high-quality stereo sound. Moreover, it offers Wi-Fi and Bluetooth 4.2 connectivity, and it has a powerful quad-core 64-bit RK3566 processor. This works together with the fast LPDDR4 2GB RAM. Not only that, but it also has a 3,500 mAh battery capacity that delivers up to 6 hours of battery life. You’ll also get an included screen protector and microSD card included. Elevate your gaming setup with this retro gadget!

      • Boiling SteamGodot 4.0 is Out – What You Need to Know, And Why You Should Care

        There is a chance that you do not intend to use games to tell your stories, to convey your messages or to help with training and simulations in your company. [...]

        This new iteration took +3 years of hard work, they added a myriad of technical features: improved performance and multithreading, better shading and lighting, bringing Godot closer to the big engines. You can check the novelties here: https://godotengine.org/article/godot-4-0-sets-sail/

      • LWNGodot 4.0 released

        The waiting is done; version 4.0 of the Godot game engine has been released.

      • Boiling SteamSteam Mystery Fest 2023

        Right after Steam Next Fest, before I could put down my gamepad, Valve presents us Steam Mystery Fest. It focuses on games where you investigate and solve mysteries, detective games of all kinds already released or upcoming.

      • GamingOnLinuxFactorio gets official Wayland support on Linux

        Are you a Wayland user? Do you play Factorio? The latest update should make things a lot smoother for you.

      • GamingOnLinuxDeep Rock Galactic: Survivor is a Vampire Survivors styled spin-off

        Ghost Ship Publishing and Funday Games recently announced a Deep Rock Galactic spin-off named Deep Rock Galactic: Survivor and I need it right now.

      • GamingOnLinuxMeg's Monster is a cute looking unique short JRPG out now

        Japanese developer Odencat just released Meg's Monster, a cute looking short JRPG with a rather interesting twist.

      • GamingOnLinuxSteam Deck OS 3.4.6 Beta adds DOOM Eternal Ray Tracing, Wo Long: Fallen Dynasty fixes

        Valve has updated the Steam Deck Preview update branch to bring with it Steam Deck OS 3.4.6 Beta and it's quite an exciting one. It brings an update to the open source Mesa graphics drivers with Mesa 23.1, mainly focused on the Vulkan side of things but DXR Ray Tracing is coming too but not quite ready yet.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Nate GrahamThis week in KDE: Plasma 6 begins

          As has been reported in various other places already, this week the “master” branch of Plasma-aligned software repos have been ported to Qt 6. Work is ongoing, but the actual change-over is happening very quickly, and adventurous people are able to run Plasma 6 in a usable state already! This builds on years of work to port old code away from deprecated APIs and libraries that was just quietly happening in the background all along, pushed along by people like Nicolas Fella, Friedrich Kossebau, Volker Krause, and many others. It can be fairly thankless and boring-looking work, but it’s incredibly important, and the foundation of how quickly this technical transition has been able to happen. So I find myself feeling quite optimistic about our chances of shipping a solid and high quality Plasma 6 this year!

        • It's FOSSKDE Plasma Gearing Up for its Next Release With Qt6-only Master Branch

          KDE is firing up development for the Plasma 6.0 release in a big way.

          Seeing that KDE Plasma 5.27 was the last major release in the 5.x series and also the last one to use the Qt 5 framework. The upcoming release has a lot to stand up to.

          With a recent notice, a significant development shift was announced that would affect all the upcoming KDE Plasma 6.x releases.

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • Events

    • Productivity Software/LibreOffice/Calligra

      • Start of multi-page floating tables in Writer

        Writer now has the early steps to handle tables that are both floating and span over multiple pages.

        This work is primarily for Collabora Online, but is useful on the desktop as well.

    • Education

      • Rlang7 New books added to Big Book of R

        Welcome to this new edition of Big Book of R additions! Thanks to Lluis Revilla and Gary for submitting books!

        I also wanted to give a special shout-out to Niels Ohlsen (a long-time RStats twitter mutual!) who helped me review book submissions and add these to the collection.

    • Openness/Sharing/Collaboration

      • Open Access/Content

        • Bruno RodriguesWhat I've learned making an .epub Ebook with Quarto

          Quarto is a tool made by Posit and is an open-source scientific and technical publishing tool. If you know what LaTeX is, then it should be easy for you to grok Quarto. The idea of Quarto is that you write documents using Markdown, and then compile these source files into either PDFs, Word documents, but also books, web-sites, ebooks (in the Epub format) and so on… It’s quite powerful, and you can also use programming language code chunks for literate programming. Quarto support R, Python, Julia and ObsevableJS chunks.

    • Programming/Development

      • GeshanHow to use React fragments, a step-by-step guide for beginners
      • RlangContent Security Policy – Why You Need It

        Heads up! We’re about to launch WASP, a Web Application Security Platform. The aim of WASP is to help you manage (well, you guessed it) the security of your Posit Connect application using Content Security Policy and Network Error Logging. More details soon, but if this interests you, please get in touch.

        This blog post is aimed at those who are somewhat tech literate but not necessarily a security expert. We’re aiming to introduce the concept of Content Security Policy and teach some of the technical aspects.

      • James GSend a Trackback in Two Lines of Code

        You can also specify a title, excerpt, and blog name, although these are optional as per the specification.

      • India TimesUS unveils new cybersecurity strategy, puts onus on Big Tech

        The National Cybersecurity Strategy stressed on rebalancing the responsibility to defend cyberspace by "shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organisations that are most capable and best-positioned to reduce risks for all of us".

      • Daniel StenbergMy hacker station

        My home office was featured over at Hacker Stations where I also detailed stuff in my workplace and offer a few more photos. I have been working exclusively from home for nine years straight now.

      • Brad TauntWhy I Stopped Using an External Monitor

        Over the past year I switched away from a traditional desktop environment to a window manager - dwm to be specific. This also involved changing most of my daily software programs to utilize the full suckless "suite". In doing so, the shift away from floating windows and virtualized desktops happened quickly.

        I continued to use my UHD monitor with this new environment but slowly started running into minor (yet still inconvenient) roadblocks: [...]

      • Perl / Raku

      • Python

        • IdiomdrottningIn defense of ReStructuredText

          That’s right! This post isn’t just an excuse to snipe at RST’s design decisions; I’m trying to make a larger point about overly wanting to improve formats and create layers of specs upon specs upon specs upon specs.

          RST is part of the Python ecosystem just like POD is for Perl and roff is for manpages, and it’s better that it remains that way than trying to change it.

    • Standards/Consortia

      • Ruben SchadeI… like the US Letter paper size

        I’ll admit, I liked it. The dimensions and ratio made no mathematical sense to someone not also used to inches, furlongs, and measuring things by counting chickens or something (it makes more sense than Celsius because poultry doesn’t need a decimal point!), but it was visually pleasing. I can’t explain it, but US Letter looks right.

  • Leftovers

    • The Straits TimesMassive fire hits Hong Kong high-rise construction site
    • Science AlertEaster Island Statue Submerged For 200 Years Has Just Been Discovered

      In a volcanic crater, watching the sky

    • DaemonFC (Ryan Farmer)Thoughts on Microsoft Stabber Joseph Cantrell’s Drug Diary.

      They hired him, he scared the fuck out of everyone that worked with him, then he started responding badly by demanding transfers to another dept that got denied, calling in, using PCP for an entire month, and then stabbing a coworker 13 times.

      The witnesses to the Microsoft Stabber told police that the man he was trying to murder was “screaming like a dog that got hit by a car or something”.

      Some folks asked why the guy wasn’t able to get him off of him.

      Well, just off the top of my head, he was being stabbed 13 times, by surprise, by the result of the Neurodivergent Microsoft Hiring Program, who was on PCP. (He had been on PCP the entire month according to his diary.)

    • AxiosRobots are your new office security guard

      Lower costs mean it's now substantially cheaper for companies to use robots than traditional guards for 24/7 security.

      Robots can check in visitors and issue badges, respond to alarms, report incidents, and see things security cameras can't.

    • Science

    • Education

      • Michigan News126-year-old U.P. university announces it’s closing, won’t enroll students next year

        “I do want to assure you that the leadership team, the Board of Trustees and myself have left no stone unturned in an attempt to avoid this day,” Pinnow said in his letter. “Our efforts have been noble and unceasing and while none of us wanted this day to come, we have also realized that in order to honor Finlandia’s 126 year-old legacy appropriately, we must end its operations with grace and dignity.”

      • QuartzMore than a third of US centi-millionaires are graduates of just 8 universities

        The uber wealthy invest not just in name-brand cars and clothing but also in name-brand degrees.

        [....]

        A considerable proportion of US college enrollments are international students, according to the report. These graduates often remain in the US to launch their careers and go on to lead billion-dollar companies. About 25% of billion-dollar startups in the US have a founder who first came to the US as an international student, according to a report by the National Foundation for American Policy, a nonprofit think tank.

      • uni EmoryEmory announces 4.9% tuition increase for 2023-24 academic year

        Emory University’s undergraduate tuition will increase 4.9% for the 2023-24 academic year, rising from $57,120 to $59,920, according to a March 2 Emory News Center article. In total, the cost of undergraduate tuition, fees, room and board will grow from $74,964 to $79,054 — a 5.5% increase.

    • Health/Nutrition/Agriculture

    • Proprietary

      • BBCZoom boss Greg Tomb fired ‘without cause’

        The businessman had taken up the role in June 2022 and had been active on earnings calls and overseeing the company's sales.

        A spokesperson for Zoom said the tech firm isn't looking for a replacement.

      • John GruberDaring Fireball: Tweetbot and Twitterrific Face the Cliff

        You surely recall that last month, in a fit of pique, Elon Musk spitefully pulled the plug on third-party Twitter clients with no notice whatsoever, in the most chickenshit way imaginable. Twitter didn’t even make it official that third-party clients had been banned until a week of confusion and dread had passed.

        The obvious problem for developers of such clients, of course, is that Twitter clients are useless without the ability to connect to Twitter. A less obvious but no less serious problem is that the leading clients, Tapbots’s Tweetbot and The Iconfactory’s Twitterrific, were monetized through annual subscriptions. That left each company with thousands and thousands of customers with months left on those subscriptions, but no functionality.

        Financially, this isn’t a “Huh, yeah, that must kinda suck” situation. It’s more of an “Oh shit, we’re fucked” situation. Twitterrific and Tweetbot weren’t side projects — they were flagship products from small companies. As I mentioned last month, The Iconfactory has a bunch of other great commercial apps (and games). Tapbots does too — Calcbot (a calculator and unit converter for both iOS and Mac) and Pastebot (my personal favorite clipboard history utility for Mac — I’ve been using it for years now). But you don’t need access to Tapbots’s sales figures to surmise that Tweetbot was the company’s sole tentpole.

      • 37signals LLCSaaS startups will have to care about productivity again

        Those days seem to be over, at least for most SaaS startups. Entrepreneurs everywhere are suddenly having to count each hire as a cost rather than a trophy. Getting to profitability is no longer a distant, post-IPO nice-to-have, but a short-term necessity for survival. But how to do that without cutting off the legs of the product team? By using better tools and techniques, that's how.

        I've been talking to a lot of SaaS entrepreneurs lately. Here are the three pieces of advice that I've given them all: [...]

      • Data BreachesAnother ransomware-related lawsuit settles: Preferred Home Care

        As DataBreaches reported in March 2021, this was a ransomware attack claimed by REvil threat actors in January 2021.

      • CBCRansomware group behind Indigo [breach] says it released stolen employee data, but nothing has appeared yet [iophk: Windows TCO]

        On Wednesday night, Canada's largest bookstore chain said it would not agree to payment demands from an online group claiming affiliation with ransomware site LockBit, because it could not guarantee the money wouldn't "end up in the hands of terrorists."

      • CSOBlackLotus bootkit can bypass Windows 11 Secure Boot: ESET

        A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot, according to researchers from Slovakia-based cybersecurity firm ESET.

        BlackLotus uses an old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled, the researchers found.

      • CyberRisk Alliance LLCWindows Secure Boot evaded by BlackLotus malware

        Such evasion of Secure Boot protections is enabled by BlackLotus' exploitation of CVE-2022-21894, which has been addressed by Microsoft in January 2022, and will also allow the deactivation of other security systems, including Windows Defender, Hypervisor-protected Code Integrity, and BitLocker, to facilitate User Account Control evasion, according to an ESET report. BlackLotus then proceeds to distribute a kernel driver that would prevent the removal of bootkit files, as well as an HTTP downloader, which would facilitate payload execution following contact with the command-and-control server, the report showed.

      • Tom's GuideDangerous BlackLotus bootkit can be used to hijack Windows 11 PCs

        Besides running on systems with UEFI Secure Boot enabled, the bootkit can even disable built-in security mechanisms in Windows including BitLocker, HVCI and even Windows Defender. BlackLotus also leaves a kernel driver and an HTTP downloader on infected systems which allows it to communicate with a command and control (C&C) server to retrieve additional malware.

        While updating to the latest version of an operating system can usually keep you protected, this bootkit exploits a vulnerability tracked as CVE-2022-21894 (opens in new tab) which has already been fixed. However, as vulnerable UEFI binaries still haven’t been revoked, BlackLotus can “stealthily operate on systems with UEFI Secure Boot enabled” according to ESET.

      • NeowinBlackLotus bypasses Secure Boot, Microsoft Defender, VBS, BitLocker on updated Windows 11

        It’s capable of running on the latest, fully patched Windows 11 systems with UEFI Secure Boot enabled.

        It exploits a more than one year old vulnerability (CVE-2022-21894) to bypass UEFI Secure Boot and set up persistence for the bootkit. This is the first publicly known, in-the-wild abuse of this vulnerability.

      • CyberRisk Alliance LLCDanish hospitals latest target of DDoS attacks on NATO-backed countries

        A relatively new hacking group known as Anonymous Sudan targeted nine Region H hospitals in Denmark with DDoS attacks late on Feb. 26, bringing down their website for several hours.

    • Linux Foundation

    • Security

      • Dark ReadingLinux Support Expands Cyber Spy Group's Arsenal [Ed: This does not describe an issue with Linux itself, only tries to associate it with something bad]

        An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems.

      • Bleeping ComputerIron Tiger hackers create Linux version of their custom malware [Ed: But they rely on a GNU/Linux machine being compromised in the first place]

        The APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom remote access malware, allowing the Chinese cyberespionage group to target more services used in the enterprise.

      • Hacker NewsSysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics [Ed: Why did it not make headlines when it targeted Windows? And should it not be noted the issue isn't in Linux, whereas Windows has back doors?]

        Cybersecurity company Trend Micro said it observed the equivalent Windows variant in June 2022, nearly one month after the command-and-control (C2) infrastructure was set up.

      • LWNSecurity updates for Wednesday [LWN.net]

        Security updates have been issued by Debian (multipath-tools and syslog-ng), Fedora (gnutls and guile-gnutls), Oracle (git, httpd, lua, openssl, php, python-setuptools, python3.9, sudo, tar, and vim), Red Hat (kpatch-patch), Scientific Linux (git), SUSE (compat-openssl098, glibc, openssl, postgresql13, python-Django, webkit2gtk3, and xterm), and Ubuntu (awstats, expat, firefox, gnutls28, lighttpd, php7.2, php7.4, php8.1, python-pip, and tar).

      • LWNSecurity updates for Thursday [LWN.net]

        Security updates have been issued by CentOS (git), Debian (spip), Fedora (epiphany), Mageia (binwalk, chromium-browser-stable, crmsh, emacs, libraw, libtiff, nodejs, pkgconf, tar, and vim), Oracle (kernel and systemd), SUSE (emacs, kernel, nrpe, and rubygem-activerecord-4_2), and Ubuntu (c-ares, git, postgresql-12, postgresql-14, and sox).

      • Security WeekWhite House Cybersecurity Strategy Stresses Software Safety [Ed: But they have no intention of banning Microsoft? Because the aim is back doors for the US government?]

        Some say the White House cybersecurity strategy is largely aspirational. Its boldest initiatives — including stricter rules on breach reporting and software liability — are apt to meet resistance from business and Republicans in Congress.

      • Security WeekIndustry Experts Analyze US National Cybersecurity Strategy

        Feedback Friday: Industry professionals commented on various aspects of the new national cybersecurity strategy, its impact, and implications.€ 

      • CISACISA Releases Three Industrial Control Systems Advisories

        CISA released three Industrial Control Systems (ICS) advisories on February 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

      • CISACISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks

        Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.   As detailed in the advisory, the CISA red team obtained persistent access to the organization’s network, moved laterally across multiple geographically separated sites, and gained access to systems adjacent to the organization’s sensitive business systems. This cybersecurity advisory highlights the importance of early detection and continual monitoring of cyber assets.

      • CISACISA Releases Decider Tool to Help with MITRE ATT&CK Mapping
      • CISACisco Releases Security Advisory for Cisco IP Phones | CISA

        Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

      • CISAFBI and CISA Release #StopRansomware: Royal Ransomware [Ed: Stop Microsoft Windows]

        Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023.

      • Security WeekOrganizations Warned of Royal Ransomware Attacks [iophk: Windows TCO]

        FBI and CISA have issued an alert to warn organizations of the risks associated with Royal ransomware attacks.



        [...]

        The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert to warn organizations of the increasing threat posed by the Royal ransomware.

      • CISACISA Releases Five Industrial Control Systems Advisories

        CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

      • Qubes Canary 034

        Editor’s note: An earlier version of this post mistakenly contained the text of an older canary. This has been corrected below.

      • Security WeekThousands of Websites Hijacked Using Compromised FTP Credentials

        Cybersecurity startup Wiz warns of a widespread redirection campaign in which thousands of websites have been compromised using legitimate FTP credentials.



        [...]

      • Unix MenWays to Enhance the Security of Your Linux Server

        Security has always been the cornerstone of any Linux software. Since Linux is open-source software, people can audit code to find and patch any vulnerabilities, making it more secure than closed software. Due to its increased security and strong default permissions structure, most companies rely on Linux software for their server security.

        Like any other operating system, Linux isn’t completely immune to security breaches. As such, any undetected vulnerability in the operating system can jeopardize your company’s valuable information. The first step to strengthening your server’s security is finding a reliable Security Program Management (SPM) and Governance platform to assess your program’s security and mitigate potential risks. Besides utilizing Security Program Management, here are a few best practices you must adopt to maintain your Linux servers running safely...

    • Defence/Aggression

      • The Age AUUS, Russia hold highest-level talks since Ukraine invasion

        The short encounter on the sidelines of the G20 came as relations between Washington and Moscow have plummeted over Russia’s war with Ukraine.

      • YLEParliament approves Finland's Nato membership, 184-7

        Six MPs from the Left Alliance, one of the governing parties, voted against joining Nato.

      • QuartzEricsson has to pay a $206 million fine for failing to come clean on corruption

        In 2019, Ericsson had entered into the DPA to resolve previously disclosed Foreign Corrupt Practices Act (FCPA) violations relating to conduct in several countries between 2000 and 2016. The company was accused of “paying bribes, falsifying books and records, and failing to implement reasonable internal accounting controls,” according to the SEC. (There is no new criminal or illegal misconduct that has been tacked on since.)

      • VOA NewsUN Nuclear Chief in Iran After Near Weapons-Grade Uranium Find

        A confidential IAEA report seen Tuesday by AFP said uranium particles enriched up to 83.7% — just under the 90% needed to produce an atomic bomb — had been detected at Iran's underground Fordo plant about 100 kilometers (60 miles) south of the capital.

      • The NationMeet the YouTube Bros Who Might Help Trump Win in 2024

        There couldn’t be a more “politics in 2023” story than this: A group founded by Canadian bros who got famous posting prank videos on YouTube could now become a potent political force for Donald Trump’s reelection campaign. And if Democrats don’t know who they are, they’d better learn fast. Meet NELK.

      • Atlantic CouncilIran’s nuclear program is advancing. So too should negotiations.

        Although the spike could be an accident, as Iran claims, Tehran has recently threatened to pursue 90 percent enrichment to build leverage over the United States. The particles could indicate that Iran is experimenting with near-weapons grade enrichment without informing the agency, as required, to increase pressure or shorten the path to nuclear weapons down the road.

      • The HinduHijab not allowed in examination centres, says Karnataka Education Minister

        Talking to reporters in Bengaluru on March 3, Mr. Nagesh said, “We have made it clear that all students should come to the examination centres in uniforms. Hijab is not a part of the uniform. Hence, those who wear a hijab will not be allowed to appear for the exams.”

      • ME ForumFacebook: Where Jihadist Hate Thrives

        More evidence on how social media works to promote Islamic radicalization — while suppressing its victims — recently emerged. According to a Feb. 20, 2023 report, "bombshell findings" by the Tech Transparency Project (TTP) allege that

        Facebook created over 100 pages for ISIS (Islamic State), as well as pages for other terror organizations, including the group behind the 9/11 attacks on the U.S., Al-Qaeda.

        TTP reported that Facebook creates the pages based on its algorithm, automatically generating them when users add the terror groups to their profiles. The platform's so-called ban on the groups apparently did little to prevent the automatic process that generated the terror group pages.

    • Transparency/Investigative Reporting

      • CNNWhy did this cop turn up dead?

        Much of this story hinges on why he didn’t want the medal. But by any reasonable standard, he deserved it.

      • ReutersDow said it was recycling our shoes. We found them at an Indonesian flea market

        To that end, the news organization cut a shallow cavity into the interior sole of one of the blue Nikes, placed a Bluetooth tracker inside, then concealed the device by covering it with the insole. The tracker was synched to a smartphone app that showed where the shoe moved in real time.

        Within weeks, the blue Nikes had left the prosperous city-state and were moving south by sea across the narrow Singapore Strait to Batam island, the app showed. Reuters decided to put trackers in an additional 10 pairs of donated shoes to see if wayward pair No. 1 had been a fluke.

        It wasn’t.

      • Press GazetteIsabel Oakeshott’s ‘massive betrayal’ was action of a journalist who turned whistleblower

        At a personal level, many journalists would not do what she has done for reasons of sheer professional survival. How would sources trust them in future? And how would they get future ghostwriting work?

        But in these particular circumstances it is difficult not to see how, ethically speaking, she is anything but a whistleblower who has acted in the public interest.

        She was working with Hancock on a project and felt that vast swathes of public interest information had been kept back from the historical record.

    • Environment

      • CS MonitorClimate activists too radical? They point to suffragettes as a comparison.

        “[Suffragettes] were also treated very harshly, and they also heard arguments that it isn’t democratic what they’re doing – that no one ‘voted’ for the right to vote,” says Ms. Rüge. “But they started the change. I can vote in a few weeks in Germany.”

        “History shows that civil disobedience can work, although it’s unpopular. Whether this [climate activism] will work, no one knows,” says Reinhard Steurer, a professor of climate politics at Vienna’s University of Natural Resources and Life Sciences. “We don’t have the mass protests anymore, because society is fed up with the climate crisis and wants to be left alone. So you can either put your head into the sand, or try other things, and that’s what these small groups are doing. They’re trying to wake up society.”

      • The Register UKHubble images photobombed by space hardware on the up

        Using deep learning algorithms to scan historic images taken by the Hubble Space Telescope between 2002 and 2021, researchers found 2.7 €±Ã¢â‚¬â€°0.2 percent of images with a typical exposure time of 11 minutes contained at least one satellite trail.

      • New YorkerWhy S.U.V.s Are Still a Huge Environmental Problem

        The move toward bigger and heavier vehicles, it seems pretty obvious, is incompatible with the goal of reducing global emissions. The I.E.A. report noted that the average S.U.V. consumes about twenty per cent more oil than the average medium-sized car does to drive the same number of miles. Oil use translates directly into CO2, so the average S.U.V. is also releasing twenty per cent more carbon per mile driven.

      • Science NewsHalf of all active satellites are now from SpaceX. Here’s why that may be a problem

        SpaceX launches Starlink satellites roughly once per week — it will launch 51 more on March 3. And they’re not the only company launching constellations of internet satellites. By the 2030s, there could be 100,000 satellites crowding low Earth orbit.

        So far, there are no international regulations to curb the number of satellites a private company can launch or to limit which orbits they can occupy.

      • Space6 types of objects that could cause space debris apocalypse

        In just the past month, the goings-on in near-Earth space have twice made headlines and prompted experts to call for action. On Jan. 27, space debris researchers looked on in horror as two huge pieces of space junk ⁠— a decades-old upper stage of a Russian rocket and a long-defunct Russian satellite — came within 20 feet (6 meters) or so of each other. The incident, described as a close call "worst case scenario," could have spawned thousands of dangerous debris fragments that would have stayed in orbit for centuries. Then, a report released on Feb. 6 revealed that in early January a mysterious Russian satellite broke apart into 85 fragments large enough to be tracked from Earth.

        Both of these incidents happened in areas that experts refer to as bad neighborhoods (opens in new tab), regions of low Earth orbit too high above the planet to benefit much from the cleaning effects of its atmosphere. Both of these incidents involved objects that are at the top of space debris experts' list of hazards. Here we review what type of stuff the experts fear the most.

      • Energy/Transportation

        • QuartzIs nuclear fusion power the future of renewable energy?
        • Neil SelwynAlgorithmically Embodied Emissions

          AI is an environmental disaster in many different ways. One less obvious issue is what Jutta Haider and Malte Rödl term "Algorithmically Embodied Emissions". This describes the ways that the algorithmic outputs of many everyday AI procedures (search, recommender systems etc) promote and normalize high-carbon practices.

        • Deutsche WelleEU delays vote on combustion engine ban as Germany hesitates

          Sweden, the current holders of the rotating EU presidency, on Friday delayed a vote scheduled for next week among EU government leaders on the bloc's plans to halt the sale of new internal combustion engine cars from 2035.

          The reason for the sudden delay to the move towards electric cars appeared to be hesitancy within Germany's coalition government. One party in the government, the neoliberal Free Democrats (FDP), are calling for an exemption for petrol and diesel cars using synthetic fuels or "e-fuel."

        • Renewable Energy WorldThe U.S. battery energy storage boom is just getting started

          Project developers energized a record 4,221 MW of large-scale battery storage capacity last year, an increase of 29% from 2021, according to the analysis from S&P Global Market Intelligence. Only about 42% of planned capacity additions came online in 2022.

        • ReasonHow To Save American Mass Transit

          Supporters of fare-free transit do have a point that ending fare collections can increase transit ridership. But it's important to understand that not all ridership gains are created equal. Transit is often sold to the public as a solution to social costs related to the use of private automobiles, such as traffic congestion and pollution. Fare-free transit may entice those who were already dependent on transit, as well as people who would have otherwise walked or biked. But it likely won't draw many new riders who can drive their own cars. This means that while fare-free transit can provide private benefits for riders, it is unlikely to meaningfully increase the social benefits often touted by transit advocates to justify additional government subsidies.

        • Bruce SchneierNick Weaver on Regulating Cryptocurrency

          Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing regulations. His conclusion: [...]

        • uni YaleThe Death of Cryptocurrency: The Case for Regulation [PDF]

          Not only is the technology that underlies cryptocurrency not novel, these technologies are deployed in ways that will inevitably result in unstable products that are fundamentally at odds with the stated goals of the cryptocurrency and decentralized finance raison d’être: They do not work as currency or a store of value. They are neither trustless nor decentralized. They cannot create a new paradigm for the web, finance, and micropayments. They are less secure in practice and more prone to widespread fraud than our current financial system, and frequently result in irreversible consumer harm that could have been mitigated using traditional financial processes.

          This paper argues that the very nature of cryptocurrency technology ensures that current cryptocurrency projects cannot actually succeed at their purported goals. Until and unless the cryptocurrency community develops new objectives, or significantly alters cryptocurrency technology to meet existing objectives, this mismatch between existing means and desired ends will forever relegate cryptocurrency to the novelty, speculative space that it currently occupies—good for a news headline but not for sea change in the financial system.

      • Wildlife/Nature

        • LatviaInterim council elected for Latvian State Forests

          State JSC Latvian State Forests (Latvijas Valsts meži, LVM) elected its interim council on March 3 following the resignation of the entire council, said Agriculture Ministry.

        • LatviaLatvian State Forests loses its council

          One of the largest state companies – Latvian State Forests (Latvijas Valsts meži, LVM), had four people on its council just days ago. Now, the whole council, including its chairman, have€ handed in€ their resignations, Latvian Television reported March 2.

        • Science AlertDogs Living in The Chernobyl Exclusion Zone Are Genetically Distinct, Study Shows

          >How does the radioactive zone change animals?

        • uni StanfordThe Importance of Paruroctonus Scorpions for Desert Conservation

          The deserts of the southwestern United States are well known for their high levels of biodiversity and endemism. An abundance of mountain ranges breaks this landscape into a series of isolated lowland valleys, many of which contain sand dune or wetland systems harboring unique species. Following leads from the citizen science database iNaturalist, our work in two of California’s desert valleys, the Carrizo Plain and the Fremont Valley, uncovered two formerly unknown species of scorpion which we recently described as Paruroctonus soda and Paruroctonus conclusus.

      • Overpopulation

    • Finance

    • AstroTurf/Lobbying/Politics

      • El PaísEricsson to pay $206M for breaking US deal in bribery case

        Swedish telecom equipment maker Ericsson has agreed to plead guilty to U.S. foreign corruption violations and pay more than $206 million for breaking a deal with the Justice Department over charges of bribery and falsifying records in countries from China to Kuwait.

      • USANATIONAL CYBERSECURITY STRATEGY [PDF]

        The Administration will work with Congress and the private sector to develop legislation establishing liability for software products and services. Any such legislation should prevent manufacturers and software publishers with market power from fully disclaiming liability by contract, and establish higher standards of care for software in specific high-risk scenarios. To begin to shape standards of care for secure software development, the Administration will drive the development of an adaptable safe harbor framework to shield from liability companies that securely develop and maintain their software products and services. This safe harbor will draw from current best practices for secure software development, such as the NIST Secure Software Development Framework. It also must evolve over time, incorporating new tools for secure software development, software transparency, and vulnerability discovery.

        To further incentivize the adoption of secure software development practices, the Administration will encourage coordinated vulnerability disclosure across all technology types and sectors; promote the further development of SBOMs; and develop a process for identifying and mitigating the risk presented by unsupported software that is widely used or supports critical infrastructure. In partnership with the private sector and the open-source software community, the Federal Government will also continue to invest in the development of secure software, including memory-safe languages and software development techniques, frameworks, and testing tools.

      • TruthdigDawn of the Fediverse

        Yet as today’s brand names grew, they made a fateful decision: They rejected interoperability, choosing to remain sealed off from each other. Facebook and Twitter built walled gardens to keep us locked into their services, unable to slide into other applications and platforms. The format ensured the [Internet] of today was dominated by behemoths. A few networks to rule them all.

        This was always a business decision, not a technological one. Had they wanted to, it was possible for emergent networks to “interoperate” and allow users on Facebook to make “friends” with users in other social media networks. But doing so would have limited the benefits of the “network effects” that proved so profitable to the Big Social Media corporations. If they could build features that manipulated people into spending more time on their network, and thus create more ad impressions, they did.

      • The Register UKArm swans off to Nasdaq despite UK gov pleas to IPO in London

        The move follows months of speculation about whether Arm, which is owned by Japanese investment outfit SoftBank, would list on both New York's Nasdaq and the London Stock Exchange, although there was never any doubt that if it came down to a choice between the two it would be New York; SoftBank stated in June last year that it intended to list Arm on the Nasdaq.

      • Scoop News GroupEPA issues water cybersecurity mandates, concerning industry and experts

        The water sector has been aware of the issue for years and have not shied away from regulations. A 2021 study by the American Water Works Association called for cybersecurity regulations similar to those of the electric grid with industry creating minimum cyber rules with oversight from the EPA.

      • Andre FrancaRe: De-brand

        Well, basically it is the accumulation of capital that could be better distributed and the excess of power that it brings. Just see the soft power that characters like Jeff Bezos, Bill Gates, or maybe the king of some Arabic country you want to name have.

      • Bert HubertThe EU's new Cyber Resilience Act is about to tell us how to code

        The extremely short version: The EU is going to task a standardisation body to write a document that tells everyone marketing products and software in the EU how to code securely. This to further the EU Essential Cybersecurity Requirements. For critical software and products, EU notified bodies (which until now have mostly done physical equipment and process certifications) will do audits to determine if code and products adhere to this standard. And if not, there could be huge fines.

      • International Business TimesPM Rishi Sunak might face pressure to follow EU, US in banning TikTok

        By a vote of 24 to 16, the US lawmakers approved the legislation giving the administration new powers to ban the ByteDance-owned TikTok, which an estimated 100 million Americans use, and other applications deemed security risks.

        "TikTok is a national security threat ... It is time to act," Representative Michael McCaul explained. The lawmaker is the Republican chair of the committee who sponsored the bill.

      • USAFACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy

        This Strategy sets out a path to address these threats and secure the promise of our digital future. Its implementation will protect our investments in rebuilding America’s infrastructure, developing our clean energy sector, and re-shoring America’s technology and manufacturing base. Together with our allies and partners, the United States will make our digital ecosystem: [...]

      • TechReflectHow I predicted the rise of Twitter, barely used it, and amassed 35,000 followers

        I also didn’t predict that random people would email me every few months, wanting to buy my username. My highest offer so far has been $10,000. But I’ve come to enjoy not using my account at all.

      • Scoop News GroupNew cyber reality: With great interdependence comes great liability

        For more than a decade, government leaders have grappled with an insurmountable reliance on digital technologies and communications without an aggressive approach to security. Technology vendors have pushed their products to market under the guise that liability shifts once products are delivered, bolstering their position in the marketplace with security by design or after-market protections. Security products and partnerships offer a complex add-on tapestry to backstop the black hole that is identifying and mitigating every potential threat or exploit.

        In security consulting, there’s an adage suggesting a 60/40 rule when analyzing sectors’ willingness to sink costs into impending regulation without a forcing mechanism. Sixty percent of companies will likely wait and see how 40% of leading companies respond. For cybersecurity regulations, it’s more likely 80/20. The national cybersecurity strategy released Thursday decidedly states that’s not good enough. While there’s clearly room for improvement at every level, companies already taking cybersecurity seriously should not be panic-stricken by the new strategy document.

      • The NationYuh-Line Niou on the Politics of Clothing

        All over Twitter and social media, people posted about Marjorie Taylor Greene’s State of the Union outfit, which looked like a Cruella de Vil costume. There were articles about it in news outlets from The Washington Post to The Guardian. People wondered if it was real fur, what she meant by it, and whether she was just, as usual, promoting white… ness? Apparently it was a comment on President Biden and the Chinese balloon, but her obvious goal was to get media attention, and it worked.

      • The NationFix the Courts by Investigating Federalist Society Sleaze

        In August of 2018, Leonard Leo, at the time vice president of the Federalist Society, spoke at the Koch Summit in Colorado Springs and gloated over the ongoing right-wing takeover of the courts. As CNBC reported at the time, Leo “told a small group of financiers that the Trump administration was looking to overhaul a large chunk of the federal court of appeals by the end of the year.” Addressing some of the wealthiest donors to the Republican Party, including Charles Koch, Leo did a victory dance. He crowed that “by the end of this year my prediction is that basically 26 percent of the federal appellate bench will have changed under the Trump administration.”1

      • Federal News NetworkOil for Charles III’s coronation consecrated in Jerusalem

        Two senior clergymen in Jerusalem have consecrated the holy oil that will be used to anoint King Charles III during his May 6 coronation, as the Anglican Church seeks to underscore the monarchy’s long history and the royal family’s links to the Middle East.

      • Federal News NetworkPompeo, Haley take veiled jabs at Trump in CPAC remarks

        Leading Republicans took veiled jabs at Donald Trump at an annual gathering of conservatives as they urged a party course correction ahead of the 2024 presidential contest. But their refusal to call him out by name underscored the risks faced by potential and declared challengers worried about alienating Trump’s loyal base.

      • AntiWarOn False Hopes and Broken Promises: Behind the Scenes of the UN Statement on Palestine

        Rarely does the Palestinian ambassador to the United Nations make an official remark expressing happiness over any UN proceeding concerning the Israeli occupation of Palestine.

      • AntiWarThe Coming Battle for the Liberation of Cuba

        The US loudly proclaims that large, belligerent powers should listen when the world is united against their hostility toward their smaller neighbors. The world is united against the US. In thirty consecutive votes since 1992, the UN General Assembly has overwhelmingly condemned the US embargo of Cuba.

      • AntiWarLiving on a Deadline in the Nuclear Age. Some Personal News From Daniel Ellsberg

        Dear friends and supporters, I have difficult news to impart. On February 17, without much warning,

      • Misinformation/Disinformation/Propaganda

    • Censorship/Free Speech

      • Internet Freedom Foundation#5 questions to ask the Grievance Appellate Committee

        The three Grievance Appellate Committee(s) (GAC), constituted under Rule 3A of the notified IT Amendment Rules, 2022, become functional today, i.e. March 01, 2023. As part of our series #5Questions, here are 5 questions that are worth raising with the GAC, to help secure user rights and protect online freedom of speech.

    • Civil Rights/Policing

    • Digital Restrictions (DRM)

      • uni EmoryAI DJ Spotify service creates new music experience, sparks debate

        Despite Spotify's established status as the world’s most popular music-streaming service, the company still proves itself as an innovative brand, keeping its product relevant among the sea of competitors. Spotify announced on Feb. 22 that they were rolling out a new feature: an AI DJ.

    • Monopolies

  • Gemini* and Gopher

    • Personal

      • a wave from a usually-overlooked corner

        i don't really have much to introduce, frankly—i'm fairly nondescript on- and off of the internet, and i'm mostly fine with that. i tend to think of interests as things that people "wear" to mesh with other people, and the non-mandatory things i cast emotional energy into aren't really mesh-able. though i would say the closest thing i have to an interest is "other people's interests". in longer words: to the degree i can manage do it, i love being able to see what other people do, and how they do it.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Early Retirement Age: Linus Torvalds Turns 55 Next Week
Now he's almost eligible for retirement in certain European countries
Gemini Links 22/12/2024: Solstice and IDEs
Links for the day
BetaNews: Microsoft Slop is Your "Latest Technology News"
Paid-for garbage disguised as "journalism"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 21, 2024
IRC logs for Saturday, December 21, 2024
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024