05.07.21

Links 7/5/2021: IPFire 2.25 Core Update 156 and Diffoscope 174 Released

Posted in News Roundup at 10:57 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • Your Microphone NEEDS This Linux Audio App

        RTX Voice-style noise filtering on Linux? WITHOUT any required hardware? That’s the dream. Meet NoiseTorch, an incredible audio utility for Linux that works on ANY application (not just OBS). Let me demo it for you and hear the magic for yourself! WEAR HEADPHONES during this video for the best experience.

      • Building a 10-Node Kubernetes Cluster on Raspberry Pi & Ubuntu Server

        Have you thought about setting up your very own Kubernetes cluster consisting of multiple Raspberry Pi’s? It’s not as hard as it sounds, and in this video, I’ll show you how to set it up. Although this video will show the process of creating a ten node cluster, you don’t have to have 10 nodes – as long as you have at least two, you’ll be all set.

      • Plex Skeptics | Self-Hosted 44

        Plex announces some big plans that make us a little nervous, Alex solves Chris’s tablet performance woes, and we chat about Prometheus.

        Plus, our thoughts on Duplicati alternatives and more.

      • LHS Episode #410: The Weekender LXXI

        It’s time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we’re doing. We’d love to hear from you.

      • Linux Malware goes undetected since 2018?!

        A new Linux malware has been discovered that targets 64-bit Linux installs including IoT devices. Potentially linked to the Torii botnet, this malware’s mysterious origin and obfuscated plugin system makes analysis quite difficult.

      • Distro Digest #1 – Ubuntu 21.04, Fedora 34, elementary OS 6 Beta and more…

        Here’s a brief overview of what some of the Linux distro world has been up to lately…skip to the timestamp of the project you’re most interested in!

    • Kernel Space

      • Graphics Stack

        • Linux 5.13 Yanks A NVIDIA NVLink Driver For Lack Of Open-Source User

          The VFIO changes for the Linux 5.13 kernel aren’t particularly exciting this cycle but one of the changes does raise some eyebrows with the VFIO NVIDIA NVLink2 driver being removed. This driver is being removed as it shouldn’t have been even added in the first place for lack of an open-source client/user exercising it.

          The vfio_pci_nvlink2 driver is being stripped out of the Linux 5.13 kernel. This VFIO NVLink2 driver is used for supporting this NVIDIA interconnect standard on POWER9 systems using Volta-based NVIDIA V100 GPUs.

    • Applications

      • Top 3 ways to Listen Radio in Ubuntu Terminal

        One of the best things about Linux is that a huge part of the things you do can be done through the terminal. The terminal is so versatile that you can even listen to the radio through it. Were you surprised?

    • Instructionals/Technical

      • How To Install PufferPanel on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install PufferPanel on Ubuntu 20.04 LTS. For those of you who didn’t know, PufferPanel is a free, open-source web-based game server management system that allows you to create multiple game servers. With the help of PufferPanel, you can manage multiple different game servers from one central location. It supports Minecraft, Forge, Spigot, Sponge, Source Dedicated Servers, and many more others.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of PufferPanel on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How To Optimize Laptop Battery Life With TLP In Linux – OSTechNix

        There are quite a few tools exists to power saving and battery life extension in Laptops. We already have looked at two tools namely Laptop Mode Tools and Powertop that improves the Linux Laptop battery performance. Today we will discuss yet another Laptop power management utility named TLP. TLP is a feature-rich commandline tool to optimize Laptop battery life in Linux.

        TLP requires zero configuration. The default settings of TLP is well optimized for saving battery power in a Linux laptop. It implements Powertop’s recommendations out of the box. So you just install TLP in your Linux Laptop and forget it. TLP takes care of everything. Even though TLP’s default settings are just enough to provide optimal battery life, it is highly customizable to fulfill a specific requirement.

      • Exploring PKI weaknesses and how to combat them | Enable Sysadmin

        This article is Part 3 out of three in my series about SSL/TLS encryption. Part 1 covers the basics of well-known encryption concepts. Part 2 gives a brief introduction to OpenSSL and PKI. This part broaches the issue of PKI weakness and introduces two countermeasures.

        First, I would like to introduce the term relying party. A relying party is a web browser, email client, chat application, etc., that is trying to validate an x.509 certificate. Most of the time, the relying party achieves that by checking whether a CA in its trust anchors signed the certificate.

      • How to find CPU utilization, what makes the system to hang

        Sometimes it happens that a process crashes and takes all the processing power of your machine. In other cases, a process simply overloads the system. It is even possible for malware to consume the entire computer resource. An example of this could be some crypto applications or bloatware. In this article, we’ll look at how to find which processes take the most CPU resources and how to deal with them.

      • How to install OBS Screen Recording Software on Ubuntu

        Open Broadcaster Software (OBS) is a free and open-source cross-platform streaming and recording program built with Qt and maintained by the OBS Project. Since 2016, the software is now referred to as OBS Studio. There are versions of OBS Studio available for Microsoft Windows, macOS, and Linux distributions (like Ubuntu).

      • Install RawTherapee in Ubuntu (Adobe Lightroom Alternative)

        RawTherapee is a powerful, cross-platform raw photo processing system, released as Free Software (GPLv3). It is designed for developing raw files from a broad range of digital cameras and targeted at users ranging from enthusiast newcomers who wish to broaden their understanding of how digital imaging works to professional photographers.

        RawTherapee provides a powerful suite of tools for you to produce amazing photos and showcase your creativity.

      • Install phpVirtualBox to Manage and Access Virtualbox VM’s

        In previous articles, we have seen how to work with VirtualBox core features that come with the VirtualBox package. We have seen how to create Guest Virtual Machines, Different Networking options, how to protect your VM with snapshots, and how to clone VM, import, and export your virtual machines. This is going to be the last article of this VirtualBox series.

        phpVirtualBox is a web implementation of VirtualBox implemented in AJAX and the user interface is created with PHP. This is an open-source project and is not supported by oracle. phpVirtualBox allows you to use and control VirtualBox in a headless environment.

      • The snap developer’s guide on how to migrate to new bases | Ubuntu

        A couple of weeks ago, we published an article about Ubuntu 16.04 entering Extended Security Maintenance (ESM), and the implications of this change for snap publishers. We talked about the different options available to developers and publishers who still may rely on the older bases in their build process – free Ubuntu Advantage (UA) tokens, Launchpad and Snapcraft Build Service, snapcraft support for ESM base, and others.

        However, for the majority of publishers, migrating away from the ESM base (core) to core18 and core20 offers the highest degree of flexibility. This will allow them to build snaps with the latest builds of snapcraft, enjoy current and future improvements in the ecosystem, and provide their users with the best possible experience. Today, in this guide, we outline several common, practical tips for the migration to newer bases.

      • Ubuntu Install audacity ( 1 click install ) – LateWeb.Info

        Audacity is an easy-to-use, multi-track audio editor and recorder for Windows, macOS, GNU/Linux and other operating systems. developed by a group of volunteers as open source.

      • Is your Ubuntu a 32-bit or a 64-bit OS? [ GUI + Terminal ]

        In this topic we will check the architecture of our operating system. Whether we use 32 bit architecture or 64 bit. In recent years, 32-bit architectures have declined significantly, but there are still many 32-bit computer systems.

        We will check what our architecture is in two ways, first through the graphical environment and then through the terminal in Ubuntu 21.04 Linux.

      • How to get the status of a Linux software raid

        The current status of a Linux software raid is written to the virtual file /proc/mdstat. You can view the status on the shell easily with the cat command…

      • How to Install (Remove) Eclipse IDE in Ubuntu 21.04, 20.04 the official way | UbuntuHandbook

        This simple tutorial shows how to install the latest Eclipse IDE in Ubuntu while the one in Ubuntu Software is always old.

        Eclipse in Ubuntu Software is the containerized snap package and it’s old. Fortunately, an official installer is available for Linux.

    • Games

      • Defend your dungeon in Legend of Keepers: Career of a Dungeon Manager out now

        For the Linux version, one issue encountered is that the intro video is a black screen, which is likely a Unity codec issue – they developer has been made aware of it. It’s quite short anyway and doesn’t break the game, as you can just skip it.

      • David Rosen of Wolfire Games explains why they’re taking on Valve in a lawsuit

        Recently we wrote about how Wolfire Games (Lugaru, Overgrowth, Receiver) engaged in a legal battle with Steam owner Valve in regards to alleged anti-competitive behaviour.

        Wolfire’s David Rosen has now written up a blog post to explain their feelings on why. It’s worth noting that Rosen was one of the original founders of the Humble Indie Bundle, later spun off into its own Humble Bundle company and then sold to IGN. Rosen then, you would think, has a reasonably good grasp on how all this works on the business side. It’s somewhat amusing that the blog post starts with “Dear gamers”, which probably isn’t going to do them any favours in such a legal battle.

      • Railway Empire heads to Japan in the latest expansion pack out now | GamingOnLinux

        Gaming Minds Studios and Kalypso Media have released Railway Empire – Japan, the latest DLC pack for the popular rail-network building and management sim.

        Railway Empire – Japan transports the series to late-1800s Japan where an industrial revolution is booming and the people are crying out for a nationwide railway. After the successful restoration of the Meiji rule, the Land of the Rising Sun’s long-term ambition to develop its own modern, nationwide railway network has become a reality and people from formerly feudal regions are yearning to travel to booming metropolises. Players can lay tracks between mountains and hot springs, using foresight, planning and clever strategy to establish a railway network and facilitate the ‘great commute’, moving Japan into a new industrial age.

      • Aolta is a unique casual adult-themed RPG where you explore a romantically wretched city | GamingOnLinux

        Exploring a romantically wretched city as a strange alien creature, Aolta is a thoroughly weird casual experience for those of you who like games aimed at an adult / mature audience.

        “Aolta is a casual RPG where you play as an eponymous alien who lives in a romantically wretched city. Sit back and enjoy the game world… relax at the night club, stroll down the streets and meet interesting creatures and discover their stories. You can find a job that suites your abilities or you can skip work and resort to foraging. Meet someone to love, become the lord of the local music industry, retire to another planet, and/or maybe get married.”

      • EXsynchronos is a wild and completely bizarre free transhumanism cyberspace metahorror | GamingOnLinux

        Free Game Friday! Fancy trying out something completely bizarre? EXsynchronos from developer Ravee is a true cyberspace adventure and it looks fantastic visually.

        The developer describes it as a “transhumanist action packed cyberspace metahorror” and frankly that’s about as good a description as you’re going to get on this one. It’s a complete visual overload on the senses with puzzles, exploration, platforming and shooter elements, all wrapped in a dense atmosphere. You control a Pr0x (Process Resurrective gh0st eXistence), “one of the most advanced virtual technologies that was ever developed” possessed by a human soul.

    • Distributions

      • Linux for Starters: Your Guide to Linux – Choose a Distro – Part 2

        This is a series that offers a gentle introduction to Linux for newcomers.

        You’ve decided that you want to try Linux but are unsure how to proceed. You are confused by the many hundreds of Linux distributions (distros) available. Which distro should you try?

        There is no ‘perfect distribution’ and there isn’t a magical answer to the question. It’s a decision which will depend on your requirements and personal preferences. The best way we can help is to focus on a few key considerations.

      • New Releases

      • BSD

        • FreeBSD’s Q1 Report

          This report covers FreeBSD related projects for the period between January and March, and is the first of four planned reports for 2021.

          The first quarter of 2021 has been very active in both FreeBSD-CURRENT and -STABLE, with 13.0-RELEASE work starting in January and finishing up mid-April. It provides lots of new features, and there’s even a good chance that some workloads will experience performance improvements.

          The number of entries is slightly down, and this is probably due to a combination of factors like code slush as well as the ongoing issues with COVID-19, but we naturally hope that things will look up next quarter. This combined with a switch-over to AsciiDoctor and a decision to make full use of the status report work schedule to avoid stress, means that the report can now be expected to come out at the end of the first month after the quarter has finished, rather than in the middle.

          This report in particular includes a number of interesting entries, covering everything from the linuxulator, various mitigation work, long-awaited work on OpenBSM, work on kernel sanitizers, and many more things that it is hoped you will enjoy reading about.

          Yours,
          Daniel Ebdrup Jensen, with a status hat on.

        • FreeBSD Is Off To A Good 2021 Start With FreeBSD 13.0, PIE By Default, helloSystem

          The FreeBSD project published their Q1 status report yesterday that outlines the progress they made over the past quarter on advancing this leading open-source BSD operating system.

          Some of the FreeBSD highlights for Q1’2021 included:

          - FreeBSD managed to successfully release the very exciting FreeBSD 13.0.

      • IBM/Red Hat/Fedora

        • Fedora 34 Review – Impressive Performance and Stability with Cutting-Edge Linux

          It has been some time I am using Fedora 34 and I believe it’s time for a Fedora 34 review. Here I put down my experience with Fedora 34 overall in its workstation edition.

        • Ansible emphasizes inclusive language in new release

          During this development cycle, the Ansible project has made significant progress in its goals to make the community and code more welcoming and inclusive. With the release of Ansible Core 2.11, harmful terminology in the Ansible codebase is deprecated and it comes with new replacement terms. These changes will follow our standard deprecation cycle to give users time to adapt.

        • Cost efficient disaster recovery in hybrid cloud environments

          As more and more organizations move from on-premise datacenters to private, public, and hybrid clouds, it is important to understand that high availability is not the same as disaster recovery (DR).

          DR planning is needed to recover systems when natural or human-induced disasters hit the primary datacenter/region. Recent public cloud outages suggest that we must have a DR plan in place, even with the high availability provided by the public cloud providers. DR planning should be part of the initial application design discussions, allowing the deployment architecture to accommodate for unforeseen events.

        • This is the future…

          This new Linux is the future… Rocky Linux

        • Cockpit Project: Testing all the pixels

          The Cockpit integration tests can now contain “pixel tests”. Such a test will take a screenshot with the browser and compare it with a reference. The idea is that we can catch visual regressions much easier this way than if we would hunt for them in a purely manual fashion.

          Preparing a repository for pixel tests

          A pixel test will take a screenshot of part of the Cockpit UI and compare it with a reference. Thus, these reference images are important and play the biggest role.

          A large part of dealing with pixel tests will consequently consist of maintaining the reference images. At the same time, we don’t want to clog up our main source repository with them. While the number and size of the reference images at any one point in time should not pose a problem, we will over time accumulate a history of them that we are afraid would dominate the source repository.

          Thus, the reference images are not stored in the source repository. Instead, we store them in an external repository that is linked into the source repository as a submodule. That external repository doesn’t keep any history and can be aggressively pruned.

          Developers are mostly isolated from this via the new test/common/pixel-tests tool. But if you are familiar with git submodules, there should be no suprises for you here.

        • Fedora Magazine: Contribute to Fedora Kernel 5.12 Test Week

          The kernel team is working on final integration for kernel 5.12. This version was recently released and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week from Sunday, May 09, 2021 through Sunday, May 16, 2021. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

      • Canonical/Ubuntu Family

        • Ubuntu 18.04 Flavors Reach End of Life, Users Urged to Upgrade to 20.04 LTS

          Dubbed Bionic Beaver, Ubuntu 18.04 LTS was released in April 2018 and it is supported by Canonical with software and security updates for at least five years. But while Ubuntu itself receives this long-time support (LTS) of five years, the rest of the Ubuntu flavors only receive three years of support, which ended in May 2021.

          The last maintenance update for the Ubuntu 18.04 LTS (Bionic Beaver) series was Ubuntu 18.04.5 LTS, released in August 2020. From this moment on, there will be no further point releases published for the Bionic Beaver series, but Ubuntu itself will still receive regular updates that you can install via the software repositories.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 6 examples of open source best practices in knowledge-sharing projects

        As someone who has watched my fair share of projects and initiatives come and go, I value the follow-on effects of good knowledge sharing. Even knowledge from bygone projects is available to learn from the past; such is the benefit and the curse of an internet that never forgets—all the practices good, no-longer-good, and never-were-good are out there to be found.

        As the head of Red Hat’s Open Source Program Office (OSPO), I both appreciate and benefit from the myriad ways different communities create and share knowledge about open source.

      • Best Open Source LMS for Creating Online Course and e-Learning Websites

        A Learning Management System (LMS) helps you automate and document the learning programs. It is suitable for both small-scale educational programs and university-level learning programs.

        Of course, even corporate training programs can be hosted using a learning management system.

        While it has a lot of use-cases, having a transparent platform for your Learning Management System should be a benefit for any organization.

        So, in this article, we will be listing some of the best open source LMS.

      • Programming/Development

        • Report from the virtual ISO C++ meetings in 2020 (core language)

          C++ standardization was dramatically different in 2020 from earlier years. The business of the International Organization for Standardization (ISO) committee all took place virtually, much like everything else during this pandemic. This article summarizes the C++ standardization proposals before the Core and Evolution Working Groups last year.

        • Use multiple compilers to build better projects – Red Hat Developer

          For a multitude of reasons, developers usually compile the project they are working on with only one compiler. On Red Hat Enterprise Linux 8, the system compiler for C and C++ is GNU Compiler Collection (GCC) 8, and newer versions are available through the GCC toolset.

          However, there are several reasons why you might also build your project with Clang. Red Hat Enterprise Linux 8 offers the LLVM toolset, which contains Clang.

          In this article, we’ll take a look at why one might use more than one compiler. We’ll focus on a system where GCC is currently the default compiler and consider Clang as the main alternative.

        • Python

          • Patrick Cloke: A new maintainer for django-allauth-2fa

            I’m excited to announce the django-allauth-2fa project has a new maintainer! It can now be found under the valohai organization on GitHub, who have already contributed quite a bit to the package.

          • The quest for faster Python: Pyston returns to open source, Facebook releases Cinder, or should devs just use PyPy?

            Facebook has released Cinder, used internally in Instagram to improve Python performance, while another faster Python, called Pyston, has released version 2.2 and made the project open source (again).

            Python is the world’s second most popular programming language (after JavaScript) according to some surveys; but it is by no means the fastest. A glance at benchmarks tells us that Python 3 computation is often many times slower than compiled languages like C and Go, or JIT (Just-in-Time) compiled languages like Java and JavaScript.

            One reason is that the official implementation of Python, called CPython, is an interpreted, dynamic language, and its creator Guido Van Rossum has resisted optimising it for performance, saying in 2014 that “Python is about having the simplest, dumbest compiler imaginable, and the official runtime semantics actively discourage cleverness in the compiler like parallelizing loops or turning recursion into loops.”

  • Leftovers

    • How Theater Can Help Us Survive

      At a time when we have been deprived of live theater for over a year, I can think of no one as inspiring, no one who proves more vividly why theater matters as it faces an uncertain future than Oscar Castro, a Chilean actor, director, and playwright who died of Covid in Paris on April 25 at the age of 73.

    • On the Spectrum

      We can apply this same concept to what we call rationality. Just as is the case with “sanity,” the notion of rationality covers a lot of territory. It would be a mistake—actually you would have to gloss over a lot of history—to just claim humans are all “homo sapiens” or “wise people” and leave it at that.

      A Spectrum For Rationality

    • Opinion | Tinfoil Nation: On Cyber Ninjas and Bamboo Traces and Watermarks To Tell the Nefarious If Delusional Tale
    • ‘Everyone around is snoring, but Yekaterinburg has awakened’ When the Urals’ largest city declared itself Russia’s street art capital, everyone laughed. Then it became the truth.

      In the last few years, street art has become one of Yekaterinburg’s main attractions. The city’s streets have become a gallery of social commentary and protest art — and local utility companies don’t seem to mind, painting over it much less frequently than in other cities. Strange as it may sound, the current boom is due in large part to local officials, who encouraged and financed an entire street art festival in Yekaterinburg — although not without making some enemies. As the city’s street artists told Meduza special correspondent Andrey Pertsev, at some point they decided, with no real basis, to declare the city Russia’s “street art capital.” And before long, it was.

    • Sports Unions Come Together to Fight for the PRO Act

      The PRO Act is about as important a piece of labor legislation as we’ve seen in some time. It holds the potential to open the door for workers and organizers to step up and reverse 40 years of losses for organized labor. The law, whose initials stand for Protecting the Right to Organize, aims to do just that: protect workers from being harassed or fired if they try to organize a union or if they try to help their already existing union become more active in their workplace. This is seen as the number one legislative priority for organized labor. The bill’s chances of passing the Senate are regarded as slim, but that isn’t stopping the union movement from trying to get it passed. Now the PRO Act has very loud and proud support from another group of “pros,” the major sports unions of the United States: the Major League Baseball Players Association, the NBA Players Association, the NFL Players Association, and the NHL Players Association.

    • Education

      • Key Lessons for Success in Higher Education and Beyond

        Hence, before I voluntarily withdrew from UCLA in Winter of ’88, embarking on a hiatus to become a community organizer and idealistically transform the world, I received the following English grades:

        This doesn’t include a couple of incompletes, where I left with a 2.32 GPA!

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Security

          • IPFire 2.25 – Core Update 156 released

            Another update is available: IPFire 2.25 – Core Update 156. As usual for this time of the year, it is a spring clear release that updates lots of software and brings a new exciting feature: Live Graphs.

            Before we talk about what is new, I would like to as you for your support for our project. IPFire is a small team of people from a range of backgrounds sharing one goal: make the Internet a safer place for everyone. Like many of our open source friends, we’ve taken a hit this year and would like to ask for your continued support. Please follow the link below where your donation can help fund our continued development: [https://www.ipfire.org/donate]((https://www.ipfire.org/donate).

          • Security updates for Friday

            Security updates have been issued by Debian (mediawiki and unbound1.9), Fedora (djvulibre and samba), Mageia (ceph, messagelib, and pagure), openSUSE (alpine and exim), Oracle (kernel and postgresql), Scientific Linux (postgresql), and Ubuntu (thunderbird and unbound).

          • Reproducible Builds (diffoscope): diffoscope 174 released

            The diffoscope maintainers are pleased to announce the release of diffoscope version 174. This version includes the following changes:

            [ Chris Lamb ]
            * Check that we are parsing an actual Debian .buildinfo file, not just
              a file with that extension.
              (Closes: #987994, reproducible-builds/diffoscope#254)
            * Support signed .buildinfo files again -- file(1) reports them as
              "PGP signed message".
            
            [ Mattia Rizzolo ]
            * Make the testsuite pass with file(1) version 5.40.
            * Embed some short test fixtures in the test code itself.
            * Fix recognition of compressed .xz files with file(1) 5.40.

          • Privacy/Surveillance

            • Foreign Intelligence Surveillance Court Rubber Stamps Mass Surveillance Under Section 702 – Again

              Apparently, the Foreign Intelligence Surveillance Court (FISC) didn’t get the memo. That’s because, under a recently declassified decision from November 2020, the FISC again found that a series of overly complex but still ultimately swiss cheese agency protocols — that are admittedly not even being followed — resolve the Fourth Amendment problems caused by the massive governmental seizures and searches of our communications currently occurring under FISA Section 702. The annual review by the FISC is required by law — it’s supposed to ensure that both the policies and the practices of the mass surveillance under 702 are sufficient. It failed on both counts.  

              The protocols themselves are inherently problematic. The law only requires that intelligence officials “reasonably believe” the “target” of an investigation to be a foreigner abroad — it is immaterial to the initial collection that there is an American, with full constitutional rights, on the other side of a communication

              Justice Roberts was concerned with a single phone seized pursuant to a lawful arrest.  The FISC is apparently unconcerned when it rubber stamps mass surveillance impacting, by the government’s own admission, hundreds of thousand of nonsuspect Americans.

            • Surveillance Self-Defense Playlist: Getting to Know Your Phone

              The operating systems (OS) on our phones weren’t originally built with user privacy in mind or optimized fully to keep threatening services at bay. Along with the phone’s software, different hardware components have been added over time to make the average smartphone a Swiss army knife of capabilities, many of which can be exploited to invade your privacy and threaten your digital security. This new resource attempts to map out the hardware and software components, the relationships between the two, and what threats they can create. These threats can come from individual malicious hackers or organized groups all the way up to government level professionals. This guide will help users understand a wide range of topics relevant to mobile privacy, including: 

              This isn’t meant to be a comprehensive breakdown of CPU architecture in phones, but rather of the capabilities that affect your privacy more frequently, whether that is making a phone call, texting, or using navigation to get to a destination you have never been to before. We hope to give the reader a bird’s-eye view of how that rectangle in your hand works, take away the mystery behind specific privacy and security threats, and empower you with information you can use to protect yourself.

              EFF is grateful for the support of the National Democratic Institute in providing funding for this security playlist. NDI is a private, nonprofit, nongovernmental organization focused on supporting democracy and human rights around the world. Learn more by visiting https://NDI.org.

            • Peloton Is Having A Rough Week: Product Safety Recalls And News Of Customer Data Exposure

              Peloton is, as they say, having a rough week. While the company has been something of a pop culture darling for several years, it also got a nice boost from this lovely COVID-19 pandemic we’ve all been suffering through for more than a year now. Still, no company gets through its full lifecycle unscathed and this week has been a week I’m certain the Peloton folks would love to forget. We’ll get started with the less-Techdirt centric part of this, which is that Peloton recently had to recall two of its treadmills after it turns out those treadmills occasionally enjoy eating people, especially very young children.

            • The Biden Administration Wants to Partner with Criminals to Spy on You

              Federal law enforcement agencies are legally and constitutionally  forbidden to monitor the private activities of citizens without first getting warrants based on probable cause to believe those citizens have committed, or are committing, crimes. The feds can browse public social media posts and so forth, but secretly trawling private groups and hacking encrypted chats is off-limits.

              Private companies and nonprofit civic organizations, not being government entities, don’t need warrants or probable cause to access those private discussion areas.  The administration’s bright idea is that through partnership with these non-government entities, they can get around legal and constitutional barriers:  “WE didn’t collect the information. THEY collected the information, then gave it to us.”

    • Defence/Aggression

      • Military-Industrial Complex Exerts Powerful Influence on Biden’s Foreign Policy
      • The US Has Been at War My Entire Life. Will the Wars Ever End?

        Here’s the strange thing in an ever-stranger world: I was born in July 1944 in the midst of a devastating world war. That war ended in August 1945 with the atomic obliteration of two Japanese cities, Hiroshima and Nagasaki, by the most devastating bombs in history up to that moment, given the sweet code names “Little Boy” and “Fat Man.”

      • Chauvin Lost, but the Murderers Won

        But during the time of the trial, the party of murderers gained more votes than that. From the middle of March to the end of April, eight people of color, mostly African American, were killed by the police. They did this in teams, as if they were really serious about what they were doing. If there were at least two cops involved in each of these 8 killings (in some there were more), that makes at least 16 votes for murder against the 12 votes cast by the jury. Murder won, 16 – 12. If this had been an election, the party of murderers would have gained some seats. And the party of human life would remain a minority.

        The murderers win even against the demonstrated voice of the people. For weeks in April, for months in 2020, for years during the 21st century, people have taken to the streets demanding that the police stop murdering people, and especially black people. Not only does it not stop, but the rate of killing goes up, as if to comfort the one taken to court.

      • Peace Activist Interrupts General Dynamics Shareholder Meeting to Blast the Business of War

        CodePink co-founder Medea Benjamin took CEO Phebe Novakovic to task for “personally making $21 million a year through a business model that thrives on conflict, death, and destruction.”

      • Putin’s spokesman comments on reports that the alleged Skripal poisoners are now Kremlin officials

        Putin’s press secretary Dmitry Peskov says he doesn’t have any information about whether or not the Russian nationals known as Alexander Petrov and Ruslan Boshirov now work for the presidential administration.

      • Opinion | Afghan Withdrawal and the Loss of America’s Ultimate Drug War

        Will the nightmare of Saigon’s fall return in Kabul?

      • The True Meaning of the Afghan “Withdrawal”

        For politicians of Joe Biden’s generation that recurring nightmare was Saigon, 1975. Communist tanks ripping through the streets as friendly forces flee. Thousands of terrified Vietnamese allies pounding at the U.S. Embassy’s gates. Helicopters plucking Americans and Vietnamese from rooftops and disgorging them on Navy ships. Sailors on those ships, now filled with refugees, shoving those million-dollar helicopters into the sea. The greatest power on Earth sent into the most dismal of defeats.

        Back then, everyone in official Washington tried to avoid that nightmare. The White House had already negotiated a peace treaty with the North Vietnamese in 1973 to provide a “decent interval” between Washington’s withdrawal and the fall of the South Vietnamese capital. As defeat loomed in April 1975, Congress refused to fund any more fighting. A first-term senator then, Biden himself said, “The United States has no obligation to evacuate one, or 100,001, South Vietnamese.” Yet it happened anyway. Within weeks, Saigon fell and some 135,000 Vietnamese fled, producing scenes of desperation seared into the conscience of a generation.

      • “Nothing to Lose”: Colombians Protest “Fascist Mafia Regime” Amid Deadly Police & Military Crackdown

        At least 30 people in Colombia have been reportedly killed since a nationwide uprising erupted against the government of right-wing President Iván Duque. Protesters are vowing to remain in the streets amid a deadly crackdown by police and military officers. About 800 people have been injured and 87 people are missing in the midst of the demonstrations, which were initially sparked by a now-withdrawn tax reform proposal, but they have since expanded in scope. People in Colombia are also denouncing rampant police brutality and demanding broader social, economic and political reforms. At least 15 people were killed in a massacre in the city of Cali on April 30 after police repeatedly opened fire on protesters. “The country has been a place of repression,” says Emilia Márquez Pizano, sex and gender director with the Colombian nonprofit Temblores, which collects data on police violence in the country. We also speak with Manuel Rozental, a Colombian activist with more than 40 years of involvement in grassroots political organizing and member of the collective Pueblos en Camino. He says “Colombians are fed up” with what he describes as the “fascist mafia regime” of Iván Duque. “They have pushed Colombians into the streets because most Colombians have nothing to lose,” Rozental says.

      • Putin’s Crackdown On Demonstrators Adds A Sadistic Twist: Using Surveillance Cameras To Identify People, But To Arrest Them Only Days Or Months Later

        It’s hardly news that Vladimir Putin is cracking down on supporters of Alexey Navalny, or on the journalists who are brave enough to report on the wave of protests in support of the imprisoned opposition leader. But there are some interesting wrinkles to how this is happening. For example, in a move that will not surprise Techdirt readers, Moscow’s massive facial recognition camera network — supposedly set up to enforce quarantine restrictions, and to catch criminals — has been re-purposed, as Bloomberg reports:

      • President Zelensky says there are still 75,000 Russian troops on the border with Ukraine

        Ukrainian President Volodymyr Zelensky has stated that there are still approximately 75,000 Russian troops near Ukraine’s borders. He also claimed that the Russian forces are withdrawing from the border region too slowly, and that they could still pose a threat to Ukraine.

      • USAID admits to Venezuela regime change fraud
      • US Special Forces trained Mexican drug cartels linked to decapitation, torture, rape
      • Secretary Blinken Faces a Big Test in Ukraine, Where Nazis and Their Sympathizers Are Glorified

        From the moment he was nominated for secretary of state, the media has made much over the Holocaust’s impact on Antony Blinken. Blinken’s stepfather was a famous survivor; his upbringing made the Holocaust an indelible part of Blinken’s identity. Indeed, last month Blinken lambasted America’s callousness during the genocide, going so far as denouncing a World War II–era State Department official for refusing to aid Jews fleeing Europe.

      • Strategic Compass: Secret services help determine EU’s military course

        Member states‘ foreign and defence ministries are today discussing future European Union military capabilities, including how to respond to „cyber threats“. The fodder for this „Strategic Dialogue“ comes from the domestic and foreign intelligence services. MEPs are not allowed to see any of the top-secret documents.

      • Police and State Violence Have Secondary Impacts: Complex and Lasting Trauma
      • Will Guantánamo Ever Be Shut Down?

        Twelve years ago, I had other expectations. I envisioned a writing project that I had no doubt would be part of my future: an account of Guantánamo’s last 100 days. I expected to narrate in reverse, the episodes in a book I had just published, The Least Worst Place: Guantánamo’s First 100 Days, about — well, the title makes it all too obvious — the initial days at that grim offshore prison. They began on January 11, 2002, as the first hooded prisoners of the American war on terror were ushered off a plane at that American military base on the island of Cuba.

        Needless to say, I never did write that book. Sadly enough, in the intervening years, there were few signs on the horizon of an imminent closing of that U.S. military prison. Weeks before my book was published in February 2009, President Barack Obama did, in fact, promise to close Guantánamo by the end of his first year in the White House. That hope began to unravel with remarkable speed. By the end of his presidency, his administration had, in fact, managed to release 197 of the prisoners held there without charges — many, including Mohamedou Ould Slahi, the subject of the film The Mauritanian, had also been tortured — but 41 remained, including the five men accused but not yet tried for plotting the 9/11 attacks. Forty remain there to this very day.

    • Environment

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • Cancel Culture Conundrums

        But what is cancel culture?  Isn’t that a rightwing term used to excuse bigoted behavior and avoid accountability for said behavior?  Yes, that’s how the right uses the concept — as a weapon against the rest of society.

        And that’s all I’ll say about that.  Now to the left.  Cancel culture on the left also exists.  The people claiming otherwise are part of the left’s version of cancel culture.  (Note to anarchists:  when I use the term “left,” this includes you, too.  We can argue about the semantics of that later.)

      • Facebook’s Oversight Board Isn’t Enough. The Government Must Regulate Big Tech.
      • Shoshana Zuboff: Facebook’s Oversight Board Is Not Enough. The Government Has to Regulate Big Tech

        Former President Donald Trump will continue to stay off Facebook after the company’s Oversight Board ruled Wednesday that his ban was justified for creating “an environment where a serious risk of violence was possible.” Trump was banned shortly after the January 6 insurrection at the U.S. Capitol, which he helped foment by promoting baseless claims of election fraud. The Oversight Board also said Facebook should reassess its ban and make a final decision in six months. Shoshana Zuboff, professor emerita at Harvard Business School and author of the book “The Age of Surveillance Capitalism,” says that Facebook’s recent moves follow years of inaction by CEO Mark Zuckerberg. “He showed that he was willing to do just about anything to appease Trump … to keep regulation at bay,” Zuboff says.

      • Devin Nunes’ Favorite Lawyer On The Hook For Over $20k In Sanctions

        Last month we wrote that Rep. Devin Nunes’ favorite lawyer, Steven Biss, who has been filing frivolous, vexatious SLAPP suit after frivolous, vexatious SLAPP suit, was finally facing some sanctions. The specific case did not directly involve Nunes, but rather one of his aides, Derek Harvey, who had filed a ridiculous SLAPP suit against CNN. As we wrote last month, the court had easily tossed the original lawsuit and warned Biss not to file an amended complaint unless he had a credible legal theory. Biss did not have a credible legal theory, but he still filed an amended complaint. And thus, the court issued sanctions, saying that Harvey, Biss and other lawyers would be on the hook for CNN’s legal fees.

    • Civil Rights/Policing

      • South Carolina Poised to Be Fourth State to Allow Death Penalty by Firing Squad
      • Wireless Companies Lobby to Weaken Bill That Would Protect Domestic Abuse Survivors From Threats

        A lobbying group for companies including Verizon and T-Mobile is fighting to neuter the Safe Connections Act, which passed in a Senate committee last week.

      • In Media Framing, Trans Kids Are Problems to Be Solved—Not People With Rights

        As states continue to pass laws that dehumanize and endanger transgender kids, the country’s most influential newspapers have not met the challenge of covering the issue. Across the country, 36 states have introduced or passed 127 bills that discriminate against trans kids, including barring trans kids from playing on the sports team that corresponds with their gender, and criminalizing or impeding providing gender-affirming healthcare for them.

      • Quibbling Over Cruelties: Human Rights Watch, Israel and Apartheid

        The word, and the application of its meaning, is immemorially nasty. The theoreticians, and the broader Boer intellectual milieu, were fearful of Black Africans and British occupation policies which, they argue, also impoverished the “English gold hunger.” This deeply thought through policy of Afrikaans origin speaks to a hatred not merely of Black Africans, but to the logic of British imperialism and its carefree mixing of multiracial labour.  But apartheid has become an expression so singular it resists appropriation, adaptation and application.  This is all good from a historian’s point of view, but, taken in its theoretical idea and its application, the Israeli policy towards Palestinians in certain areas (the Occupied Territories, for instance) suggests that the term varies in application.

        HRW, however, is a touch loose on distinguishing the policy, highlighting that Israeli “authorities have dispossessed, confined, forcibly separated, and subjugated Palestinians by virtue of their identity to varying degrees of intensity.”  It remarks that the Israeli government aims “to ensure that Jewish Israelis maintain domination across Israel and the OPT (Occupied Palestinian Territories).”

      • 36 Civil Society Organizations Urge Biden to Reverse Draconian Sanctions Against Cuba

        “A policy position guided by human rights needs to address how U.S. sanctions towards Cuba severely limit the rights of Cuban citizens to food security, climate justice and dignity.”

    • Internet Policy/Net Neutrality

      • New York AG Reveals Telecom Giants Funded ‘Secret Campaign’ to Flood FCC With Fake Net Neutrality Comments

        “This investigation shows how low the industry will stoop to undermine even the most basic and benign safeguards.”

      • AT&T’s “Harvesting” Scam

        In April 2019, the California Public Utilities Commission (CPUC) undertook an exhaustive examination of the policies and practices of Pacific Bell Telephone Company (dba AT&T California [AT&T]) and Verizon California Inc. (dba Frontier California) and found they ”consistently failed to meet existing service quality metrics.”

        “AT&T appears to have adopted a ‘harvesting strategy’ for its legacy POTS services,” the CPUC noted. It added, “the company has ceased active marketing of POTS, has degraded POTS service quality, and instead relies upon successive price increases and customer inertia to maintain its declining POTS revenue stream. [CPUC/17-18] Ars Technica reports that the study was “written in April 2019 but kept private because data submitted by the carriers was deemed confidential and proprietary.” When it was finally released, it was heavily redacted.

      • Opinion | Lack of Broadband Access Advances Systemic Inequality

        Adults living without broadband face significant barriers in accessing employment, education, and other necessities—but children are also impacted.

      • NY AG Proves Broadband Industry Funded Phony Public Support For Attack On Net Neutrality

        This week New York Attorney General Leticia James unveiled a new report (also see accompanying statement) proving what most people already knew: the broadband industry was behind the use of fake and dead people to generate bogus support for the FCC’s controversial 2017 repeal of net neutrality.

      • Outliving Outrage on the Public Interest Internet: the CDDB Story

        In our previous blog post, we discussed how in the early days of the internet, regulators feared that without strict copyright enforcement and pre-packaged entertainment, the new digital frontier would be empty of content. But the public interest internet barn-raised to fill the gap—before the fledgling digital giants commercialised and enclosed those innovations. These enclosures did not go unnoticed, however—and some worked to keep the public interest internet alive.

        Compact discs (CDs) were the cutting edge of the digital revolution a decade before the web. Their adoption initially followed Lehman’s rightsholder-led transition – where existing publishers led the charge into a new medium, rather than the user-led homesteading of the internet. The existing record labels maintained control of CD production and distribution, and did little to exploit the new tech—but they did profit from bringing their old back catalogues onto the new digital format. The format was immensely profitable, because everyone re-bought their existing vinyl collections to move it onto CD. Beyond the improved fidelity of CDs, the music industry had no incentive to add new functionality to CDs or their players. When CD players were first introduced, they were sold exclusively as self-contained music devices—a straight-up replacement for record players that you could plug into speakers or your hi-fi “music centre,”  but not much else. They were digital, but in no way online or integrated with any other digital technology.

        The exception was the CD playing hardware that was incorporated into the latest multimedia PCs—a repurposing of the dedicated music playing hardware which sent the CD to the PC as a pile of digital data. With this tech, you could use CDs as a read-only data store, a fixed set of data, a “CD-ROM”; or you could insert a CD music disc, and use your desktop PC to read in and play its digital audio files through tinny desktop speakers, or headphones.

      • The Enclosure of the Public Interest Internet

        It’s hard to believe now, but in the early days of the public internet, the greatest worry of some of its most high-powered advocates was that it would be empty. As the Clinton administration prepared to transition the internet from its academic and military origins to the heart of the promised “national information infrastructure” (NII), the government’s advisors fretted that the United States entertainment and information industries would have no commercial reason to switch from TV, radio, and recorded music. And without Hollywood and the record labels on board, the new digital environment would end up as a ghost mall, devoid of businesses or users.

        “All the computers, telephones, fax machines, scanners, cameras, keyboards, televisions, monitors, printers, switches, routers, wires, cables, networks and satellites in the world will not create a successful NII, if there is not content”, former Patent Office head Bruce Lehman’s notorious 1994 government green paper on intellectual property on the Net warned. The fear was that without the presence of the pre-packaged material of America’s entertainment industry, the nation would simply refuse to go online. As law professor Jessica Litman describes it, these experts’ vision of the Internet was “a collection of empty pipes, waiting to be filled with content.” 

        Even as the politicians were drafting new, more punitive copyright laws intended to reassure Hollywood and the record labels (and tempt them into new, uncharted waters), the Internet’s first users were moving in and building anyway. Even with its tiny audience of technologists, first-adopters, and university students, the early net quickly filled with compelling “content,” a  free-wheeling, participatory online media that drew ever larger crowds as it evolved.

      • Introducing the Public Interest Internet

        But on the real internet, one or two clicks away from that handful of conglomerates, there remains a wider, more diverse, and more generous world. Often run by volunteers, frequently without any obvious institutional affiliation, sometimes tiny, often local, but free for everyone online to use and contribute to, this internet preceded Big Tech, and inspired the earliest, most optimistic vision of its future place in society.

        When Big Tech is long gone, a better future will come from the seed of this public interest internet: seeds that are being planted now, and which need everyone to nurture them. 

        The word “internet” has been so effectively hijacked by its most dystopian corners that it’s grown harder to even refer to this older element of online life, let alone bring it back into the forefront of society’s consideration. In his work documenting this space and exploring its future, academic, entrepreneur, and author Ethan Zuckerman has named it our “digital public infrastructure.” Hana Schank and her colleagues at the New America think tank have revitalized discussions around what they call “public interest technology.”  In Europe, activists, academics and public sector broadcasters talk about the benefits of the internet’s “public spaces” and improving and expanding the “public stack.” Author and activist Eli Pariser has dedicated a new venture to advancing better digital spaces—what its participants describe as the “New Public”.

      • ‘Price Too High and Rising’: New Report Blasts Broadband Industry for Fueling Digital Divide

        “The steep price of a high-speed connection is the primary barrier—a hard truth that flies in the face of the wild claims broadband-industry lobbyists make about prices getting better for internet users.”

      • Former FCC Boss Ajit Pai Gets Handsomely Rewarded For Years Of Broadband Policy Falsehoods

        What’s the career penalty for spending four straight years lying repeatedly about the illusory benefits of mindless telecom deregulation? None, apparently.

    • Monopolies

      • Copyrights

        • Movie Tycoon Sues YouTube over Piracy and Exposes Content-ID ‘Caveat’

          Movie tycoon Carlos Vasallo is suing YouTube for widespread copyright infringement. Despite sending over 10,000 takedown notices, pirated copies of his movies continue to appear. YouTube did offer access to its Content-ID system but the movie magnate refused, as that would require him to release the video platform from all possible piracy claims that took place in the past.

        • Triller Wants Google & YouTube To Unmask Jake Paul vs Ben Askren Pirates

          Last week Triller filed a $100m lawsuit against several sites claiming that they illegally streamed the Jake Paul vs Ben Askren fight. The judge says that since Triller has failed to provide evidence that they acted jointly, one or more of the targets could be dropped from the lawsuit. Triller says that evidence will be forthcoming but it needs permission to quickly subpoena Google and YouTube.

        • Cox Sues Rightscorp and BMG over ‘Abusive’ DMCA Notice Campaign

          Internet provider Cox Communications has filed a lawsuit against Rightscorp and BMG, accusing them of sending thousands of DMCA notices to an outdated email address. The ISP argues that the companies intentionally engaged in an abusive and unfair campaign with a goal of fabricating massive copyright infringement claims.

        • Why Is A Congressional Staffer Teaming Up With A Hollywood Lobbyist To Celebrate Expansion Of Criminal Copyright Laws?

          Late last year, we wrote about how bizarre it was that Senator Thom Tillis was trying to force through a felony streaming bill by attaching it to an end-of-the-year appropriations bill. There were so so many problems with this both in terms of what the bill would do, and in the procedural way it was done. First, Tillis got it attached to the “must pass” appropriations bill before he’d even introduced it. That meant that there was no debate and no direct votes on his bill.

Links 7/5/2021: GNU/Linux Preinstalled, Plamo 7.3, LibreOffice 7.1.3

Posted in News Roundup at 12:17 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • StarLabs has Released Another Linux Laptop

        A new 14″ Linux laptop has been released by the company that created the 11″ Star Lite and can be purchased with your choice of Linux distribution.

        StarLabs is not just a research facility in the world of The Flash, it’s also a company that sells Linux laptops. Up until now, StarLabs only had one device for sale, the 11″ Star Lite Mk III, which offered an 11.6″ screen, 1.1GHz quad-core Intell Pentium N5000 CPU, a 240GB SSD drive, 8GB of LPDDR4 onboard memory, and up to 7 hours of battery life.

        The Star Lite was specced to be a low-end machine and started at £399.00. At the moment, the Star Lite is unavailable for purchase. However, the company will soon release the StarBook, which can be spec’d quite a bit beefier than the original, with a 14″ matte IPS display, an 11th gen Intel CPU (either i3-1110G4 or i7-1165G7), up to a 1TB NVMe SSD drive, up to 64GB of DDR4 memory, a full-sized backlit keyboard, and up to 11 hours of battery life. The base-model StarBook can be purchased now at £777.00 and a fully-spec’d model will run approximately £1,552.00.

      • Behind the Scenes of System76: Industrial Design

        The way my brain works lends itself well to engineering, for better or for worse. There’s a lot of really solid engineers who don’t have much creativity, and then there are a lot of people who have great creative ability, but can’t do math. I kind of fluctuate in the middle; I wouldn’t say I’m the best at math or the most creative person in the entire world, but I have enough of each that the combination pushed me towards mechanical engineering. I like working with my hands, and it’s more of a study of how things work in the real world versus computer science, which is a purely digital and nontangible practice.

        During school I worked mainly as a bike mechanic, and that helped me to think about how to build things better. That led me to my first internship at a bike company working in a wind tunnel, which was really fun. Realizing that I could probably never get a job there—or at least one that would pay me enough to live—I started working at an environmental engineering company, where I prototyped scientific sampling systems for R&D that would process materials with all these gasses at really high heat and tried not to die. It was kind of fun making these large-scale systems that were basically just gigantic science experiments, but I didn’t really have the creative outlet I wanted in terms of making something that looks good.

        One of the main things that drew me to System76 was being able to have a solid influence on what tools we were able to use and how we were going to push the design. In the past three years, it’s pretty wild to see what we’ve been able to accomplish coming from a completely empty warehouse to being able to crank out parts.

        I had also previously, while working at these scientific instrument companies, been working with a local company to design and develop a cargo bicycle, so I had that experience as well in terms of consumer product development with overseas manufacturing. I think that helped get me in the door here.

    • Server

      • Prometheus Q&A: How the Kubernetes monitoring tool is evolving

        Prometheus is a time-series event monitoring tool for cloud-native, containerized environments — particularly for use in Kubernetes ecosystems. In fact, because both are based on tools designed for internal use at Google, Prometheus inherently complements Kubernetes and integrates with the orchestration platform.

        But Prometheus has also proven to be complicated to use in the past, with vendors building integrations to abstract the tool’s complexities away for their users. However, that might be changing, as the group overseeing the open source project has spent the past year taking deliberate steps to address some of the tool’s shortcomings and reach a broader audience.

        [...]

        Hartmann: Yes, this is something we have called experimental, but it’s been stable for two or three years.

        We attached a version number to it; we wrote a specification; we wrote the test suite. Now we can start to break it up again, as we have the stable [code] base everyone can test against. Other [ways] we treat the 'experimental' differently: We introduced feature flags … but it's not enabled by default. And it [still] might change -- we [the Prometheus team] will not lock ourselves down to treat everything … experimental as stable forevermore. By doing this, we can do things [we] didn't even consider.

        At the last Prometheus dev summit, … We decided to accept PromQL, which is the language to [manage] all Prometheus data in the complete Kubernetes ecosystem.

    • Audiocasts/Shows

      • If only I needed a new laptop... KDE Slimbook Review

        The guys at Slimbook were nice enough to shower me with laptops to review, and one of these in particular caught my eye: the Slimbook KDE. It's a very, very fancy ultraportable laptop, made in collaboration with the KDE Community, and it's probably one of the best laptops I've ever used, even outside of the Linux world, so let's take a look Become a channel member to get access to a weekly patroncast and vote on the next topics I'll cover...

      • Testing the new Arch Linux Guided Installer

        Many of you have reached out and suggested I try out the new Arch Linux guided installer, I'm granting your wish. In this video, I'll wipe my Thinkpad X1 Extreme and load Arch Linux on it, using the new installer. I'll give you a walk-through of the process, and my thoughts.

      • Ubuntu Podcast from the UK LoCo: S14E09 – Mint Badge Twist

        This week we’ve been debugging DNS and making passively cooled computers. We round up the community news, including the highlights of the 21.04 releases from the Ubuntu flavours, an event and our favourite picks from the tech news.

        It’s Season 14 Episode 09 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

    • Kernel Space

      • A Number Of Exciting RISC-V Improvements For Linux 5.13

        From bringing up the PolarFire ICICLE SoC to adding support for KProbes, FORTIFY_SOURCE, and other new kernel features for the RISC-V architecture, the Linux 5.13 kernel changes are exciting for this open-source processor ISA.

        Among the RISC-V highlights of new material in Linux 5.13 include:

        - Build system improvements including better handling when building the RISC-V Linux kernel with LLVM Clang.

        - Support for KProbes, the kernel debugging infrastructure for monitoring events.

      • Linux 5.13 Adds Support For The Amazon Luna Game Controller - Phoronix

        The input subsystem updates were sent in today for the Linux 5.13 kernel and include support for the Amazon (Luna) Game Controller.

        Amazon's Game Controller (also known as the Luna Controller) is for the company's cloud gaming service. While geared for use with their cloud gaming service, the Luna Controller can work with Windows / PC / Mac / Android outside of Luna via Bluetooth or USB interfaces. The controller retails for $70 USD and can also work with Fire TV devices.

      • Soft unbricking Bay- and Cherry-Trail tablets with broken BIOS settings

        As you may know I've been doing a lot of hw-enablement work on Bay- and Cherry-Trail tablets as a side-project for the last couple of years.

        Some of these tablets have one interesting feature intended to "flash" Android on them. When turned on with both the volume-up and the volume-down buttons pressed at the same time they enter something called DNX mode, which it will then also print to the LCD panel, this is really just a variant of the android fastboot protocol built into the BIOS. Quite a few models support this, although on Bay Trail it sometimes seems to be supported (it gets shown on the screen) but it does not work since many models which only shipped with Windows lack the external device/gadget-mode phy which the Bay Trail SoC needs to be able to work in device/gadget mode (on Cherry Trail the gadget phy has been integrated into the SoC).

        So on to the topic of this blog-post, I recently used DNX mode to unbrick a tablet which was dead due to the BIOS settings get corrupted in a way where it would not boot and it was also impossible to enter the BIOS setup. After some duckduckgo-ing I found a thread about how in DNX mode you can upload a replacement for the efilinux.efi bootloader normally used for "fastboot boot <android-bootimg.img>" and how you can use this to upload a binary to flash the BIOS. I did not have a BIOS image of this tablet, so that approach did not work for me. But it did point me in the direction of a different, safer (no BIOS flashing involved) solution to unbrick the tablet.

      • Graphics Stack

        • AMDGPU Driver Gets Initial Fixes For Linux 5.13 - Polaris 12 32-bit, Suspend/Resume Fix

          With the in-development Linux 5.13 kernel there are some notable AMD Radeon driver additions. But with the 5.13 merge window set to close this weekend, an initial batch of post-feature-work fixes was sent in overnight.

        • GNUstep Releases Early Wayland Support, Many Other Improvements Too

          GNUstep as the free software / GNU implementation of the Apple's Cocoa Objective-C frameworks is out with a new version.

          GNUstep's GUI library and GUI back-end are up to version 0.29 while GNUstep Base 1.28 has been released along with an updated GNUstep Makefile Package for re-implementing the APIs associated with Apple macOS.

          Notable with the GNUstep GUI Backend 0.29 is an "alpha version" of native Wayland back-end support. GNUstep software has worked with XWayland while now there is the preliminary Wayland code in place.

        • [Mesa-dev] [ANNOUNCE] mesa 21.1.0
          Hello everyone,
          
          Mesa 21.1.0 final is now available!
          There are a lot of new features, but I unfortunately didn't have time to
          make a list; I'm sure your favourite news website will pick up the slack :)
          
          The schedule from now on is to have a point release every other week,
          starting with .1 on the 19th.
          
          Cheers,
            Eric
          
        • Open source Linux GPU drivers Mesa 21.1 released

          Developer Eric Engestrom has announced the availability of Mesa 21.1, the latest release for Linux open source graphics drivers powering Intel, AMD and more.

          In the very short announcement, Engestrom mentioned Mesa will now be back to regular releases with a point release for bug fixes "every other week" which will see Mesa 21.1.1 on May 19. If you want stability, it's usually best to wait for at least that first point release.

        • Mesa 21.1.0 Is Released With Variable Rate Shading Support For AMD GPUs, Performance Improvements And New Vulkan Extensions

          Mesa is a sniff army knife of graphics drivers and libraries that are used to provide graphics functionality on all the major GNU/Linux distributions. Mesa 21.1.0 brings Vulkan Variable Rate Shading support for AMD RX 6000 series GPUs, performance increasing graphics optimizations for the OpenGL and Vulkan drivers for both Intel and AMD GPUs, OpenGL 4.6 support in the Zink OpenGL-to-Vulkan translation layer, shader caching for the Lima driver for ARM Mali GPUs and a lot more.

          [...]

          It is almost certain that you are using the Mesa graphics library to render everything graphical if you are using a GNU/Linux distribution with everything other than a Nvidia graphics card. It provides the Vulkan and OpenGL drivers for Intel and AMD graphics cards on x86-64 hardware and a wide variety of other drivers for non-x86 hardware. The latest release is a big one that is packed with interesting features. You wouldn't know from the release-announcement which, due to time constraints, consisted of...

        • Turnip Vulkan Driver Continues Maturing, Correctly Rendering More Games - Phoronix

          Turnip is the open-source Mesa Vulkan driver aligned with the Freedreno effort for Qualcomm Adreno support. Turnip has been in fairly good shape but fixes and other improvements keep flowing in as new Vulkan games/apps continue to be tested on this open-source Adreno Vulkan driver.

          Igalia developer Danylo Piliaiev has written a new blog post outlining some of the latest improvements made to this Mesa driver for allowing more Vulkan-powered software to correctly render on this unofficial Qualcomm Linux 3D driver.

        • Danylo Piliaiev: Turnips in the wild (Part 2)

          In Turnips in the wild (Part 1) we walked through two issues, one in TauCeti Benchmark and the other in Genshin Impact. Today, I have an update about the one I didn’t have plan to fix, and a showcase of two remaining issues I met in Genshin Impact.

          [...]

          The trees and grass are seem to be rendered incorrectly. After looking through the trace and not finding where they were actually rendered, I studied the trace on proprietary driver and found them. However, there weren’t any such draw calls on Turnip!

          The answer was simple, shaders failed to compile due to the failure in a register allocation I mentioned earlier… The general solution would be an implementation of register spilling. However in this case there is a pending merge request that implements a new register allocator, which later would help us implement register spilling. With it shaders can now be compiled!

    • Applications

      • How To Take Screenshot In Linux? — 5 Best Linux Screenshot Tools

        One of the most common things that we do on our computers is taking screenshots. Be it important info on your screen that you’ll later forget or be it a hilarious meme, the captured screenshot images could prove to be really useful.

        We all know how easy it is to take screenshots in Windows, but how easy is it on Linux? In this article, let’s look at how to take a screenshot on Linux. Apart from that, we’ll also be looking at the ten best screenshot tools for Linux if you don’t like the default method. Let’s get started.

      • CuteMaze 1.3.0 released

        Added pausing when menus are shown
        Added resuming by clicking on game
        Added support for Qt 6
        Improved high scores dialog
        Refactored code
        Removed XPM icon
        Translation updates: Dutch, Lithuanian, Romanian

      • Gottet 1.2.0 released

        Added support for Qt 6
        Improved high scores dialog
        Refactored code
        Removed XPM icon
        Translation updates: Chinese (Taiwan), Lithuanian, Romanian

      • Hexalate 1.2.0 released

        Added rotating pieces counterclockwise
        Added support for Qt 6
        Refactored code
        Removed XPM icon

      • The 10 best torrent clients for Ubuntu and other Linux distros [ in 2021 ] + 1 Bonus

        In this article we are going to cover the 10 best torrent clients you can find for Linux. In order to download something via BitTorrent, you need to have a torrent client installed on your system. Torrents are great for downloading large files because they split files into smaller chunks and are downloaded from multiple peers in the torrent “swarm.” BitTorrent is normally associated with video files like movies or TV episodes, it’s also common for Linux developers to offer a torrent download of their distribution.

      • Repo Review: LosslessCut

        LosslessCut is a simple, yet powerful video trimming and splitting tool designed to be very fast and easy to use. As the name implies, LosslessCut manages to retain the original quality of the video you are editing by directly cutting and copying over the data stream, rather than actually re-encoding the whole video. This also means that LosslessCut can export videos much faster than a traditional video editor can.

        LosslessCut has a very polished and well designed user interface. Loading in a video is as simple as dragging and dropping it into the program. LosslessCut can import from a variety of video formats, such as MP4, MOV, MKV, and more. Any videos not directly supported by LosslessCut can easily be converted for editing by clicking on Convert to supported format in the File menu (This is just for preview and editing purposes only; the final video will still be exported in the original format without any quality loss).

        [...]

        Overall, I'd say LosslessCut worked very well during my testing. I did, however, occasionally encounter a few problems when trying to export a video, but for the most part, the program seemed quite stable. LosslessCut's speed and ease of use makes it an excellent tool for any simple video cutting and splitting tasks.

      • A Complete Guide to Default Ubuntu Apps and Their Purposes

        This is a full list of all Ubuntu default applications (or list of Ubuntu components) with their explanations for first time users. This list is sorted alphabetically with app names taken from what appeared or searchable on Activities Menu and their alternative names mentioned if any. You can learn your Ubuntu computer a lot here as you see every app name, its purpose, short guide to use, and some pictures of them. You will also find external guides linked to help you learn certains apps such as Archive Manager and LibreOffice. This guide is based on version 21.04 also known as Hirsute Hippo which is the latest today which can represents all modern Ubuntu versions. I wish you like it!

    • Instructionals/Technical

      • How To Change File & Folder Permissions on Linux Using Chmod

        When working with some files or folders on Linux you might have seen an error saying Permission Denied.

        This is a common error that is associated with the permissions for the specific file/folder.

        In this tutorial, you will learn different ways to change the file and folder permissions for any users or groups on Linux.

        Linux is an operating system that supports multiple users working on the same system. Thus, it is essential to manage the permissions such as who can see or modify the files and folders for every one of them.

        Although permissions and their notations may seem confusing at first, they make sense and are easy to understand once you get the basics. Also, please note that permissions can only be changed by the owner of the file or the system administrator known as root in Linux.

      • GIMP Tutorial: Remove A Background

        Sometimes you are working with a photo and think it would be better if the background was different, or just gone. I found a tutorial that outlined several ways to remove the background from an image. Let's look at a couple of methods.

      • Use Your Phone Camera As A Webcam

        When the Covid Pandemic hit, there was a rush to purchase webcams. The prices skyrocketed and many people were unable to purchase one, either due to short supplies or being priced out of the market.

        Now I may be a little late to the party, but I have found a way to have a webcam that won't break the bank, and won't play havoc on your nervous system trying to get it setup.

        Enter "IP Webcam," developed by Pavel Khlebovich.

      • How to install Microsoft Fonts on Deepin 20.2

        How to install Microsoft Fonts on Deepin 20.2 In this video, we are looking at how to install Fonts, like Arial and Times New Roman on Deepin 20.2.

      • How To Install AWS CLI on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install AWS CLI on Ubuntu 20.04 LTS. For those of you who didn’t know, AWS CLI (Amazon Web Service Command Line Interface) is an open-source command-line utility tool for managing Amazon web services. AWS CLI is a utility tool provided by AWS to manage resources. AWS API is directly accessible through AWS CLI. With AWS CLI you can easily develop shell scripts to manage your resources on the AWS cloud.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of AWS CLI on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Using gLabels: An Update

        It came to my attention recently that since I wrote my previous article on gLabels, it's been nearly 9 years! While I did mention several features of gLabels, my favorite label program, I didn't do an actual tutorial or even review of the program. However, I did another one earlier. This one1s the how-to, but it1s been over 9 years since I wrote that.

        I recently had to do some labels at work (using my Windows 10 laptop) and found myself wishing I had gLabels with me in the town where my meeting was. It would have been MUCH simpler.

        gLabels is my absolute go-to for labels. It is in the PCLinuxOS repo and has been for as long as I can remember (it1s been a while since I registered on the forum in 2006). The current version is 3.4.1. Let me refresh your memory. I'm sure many of you already know this, but I'm going to try to cover details anyway.

        When you open the gLabels window, it's pretty blank, until you choose the label you want to use.

      • How to install the Avidemux video editor on a Chromebook

        Today we are looking at how to install the Avidemux video editor on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to integrate Linux Malware Detection and ClamAV for automated malware detection on Linux servers - TechRepublic

        Jack Wallen walks you through the steps of installing both Linux Malware Detection and ClamAV for a reliable one-two punch of malware and virus prevention.

      • How to Install Ansible on Rocky Linux 8 or Almalinux - Linux Shout

        If you have to manage multiple Linux servers then manually configuring and installing software on each of them is not only a time-consuming but also a labor-intensive task. Thus, Automation or orchestration is used in such environments.

        There are already well know applications available to perform orchestration for server systems/data centers such as Ansible, Puppet, Chef, and few others. Well, here we learn about Ansible and how to use it to centrally manage multiple servers for installing various packages; code deployment, network configuration, cloud management, and much more.

      • How long does your Linux system take to boot? A helpful illustrated guide

        Have you ever checked how long your system takes to boot? Generally, it all occurs within seconds or a few minutes but we do not know the exact time. Regardless of the reason why you want to know it, there is a systemd-analyze utility that can let you know the exact time your Linux system takes to boot.

        In this article, you will learn to find how long your Linux system takes to boot and how to reduce this time if it is booting slowly.

      • Create Ubuntu bootable USB / Live USB from command line - LinuxTechLab

        If you are trying to install a new Ubuntu version or just want to see how a new version of Ubuntu looks like, then the best way to do so is to create and use a Live USB aka Ubuntu bootable USB.

        Not only can we install or test Ubuntu, but we can also use it as a personal operating system that can be used on any Laptop or Desktop without having to make any major changes to the systems.

      • What Are Zombie Processes in Linux and How to Kill Them

        Zombie process. Not everyone has heard of this interesting yet scary word related to the Linux operating system. On a personal computer, zombie processes might not be a threat to a regular user, but when it comes to Linux servers, these processes must be identified and stopped.

        Such processes can cause problems with your system's process table and in turn, tamper with the proper functioning of your machine. Therefore, in this article, we will discuss zombie processes in detail, along with a comprehensive guide on finding and killing zombie processes on a Linux machine.

      • Transition from Thunderbird to Mutt

        If you read my last blog. You might know that I moved my email away from thunderbird to mutt. I thought I will miss thunderbird, nope, not even for a bit. This transition was very smooth. Only things left in thunderbird was my calendar and RSS reader.

      • How To Set Static IP Address And Modifying Routing Table On Linux

        Configuring IP address and routes from the command line is one of the mandatory skill that every Linux administrator should learn. In this article we are going to review how we can assign a static IP address using ip and ifconfig commands. In addition to, we will discuss how we can use ip route command to create a static route and to change the default gateway for the Linux system.

        [...]

        On success, the command will not show any output. However, the IP address configured this way is not permanent and will be lost after a reboot. To make permanent changes to IP address you need to edit configuration file according to your Linux distribution.

      • How To Install Anbox on Linux Mint 20 - idroot

        In this tutorial, we will show you how to install Anbox on Linux Mint 20. For those of you who didn’t know, Anbox is short for Android in a box, Anbox is a free and open-source environment that enables you to run Android applications on your Linux distribution. It offers a compatibility layer by executing an Android runtime environment to execute Android applications. There are other Android for Linux projects as well, like Shashlik or Genymotion. The difference is that these projects rely on an emulator to run the necessary Android environment, which activates an entire emulated system with its own kernel. On the other hand, Anbox runs the Android system directly on the Linux kernel.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Anbox android emulator on a Linux Mint 20 (Ulyana).

      • How to Get Vertical Tabs on Chrome and Firefox Browsers [Ed: Vertical tabs in browsers go way more than a decade back. Microsoft is merely copying (like it did tabs) many years late.]

        But switching over to a new browser does not make sense just for the sake of vertical tabs. Thankfully, there are workarounds by way of extensions that will help you get the vertical tabs in other browsers. Here we show you a few extensions to get vertical tabs on Chrome and Firefox.

      • How To Switch Default Applications on Ubuntu

        This tutorial explains the steps to switch default Ubuntu applications to open with for each purpose you may want. For example, if you prefer to open pictures with another app rather than Image Viewer, you can switch. In other words, this is an app and file format reassociation. Follow the instructions below.

      • How to Format a USB Drive as exFAT on Linux

        ExFAT presents a filesystem, specially designed and optimized for USB flash drives, SD cards, and external drives, which is making it popular for Linux users.

        For purpose of formating a USB disk as exFAT on Linux, need to install the exfat-utils or exfatprogs which can allow us to create, read, write, etc. exFAT filesystem to any device whether is a USB device or hard disk partition.

        In this tutorial we are going to show how to format a USB Drive as exFAT on Linux from terminal and GUI.

      • 3 New SUSE Courses including Rancher

        SUSE Technical Product Training is pleased to announce three new technical product training courses, including the first two Rancher courses, have now been released and are available to be scheduled for customers. The first SUSE certification for Rancher products will also soon be available.

      • Setup A Shared Folder Between KVM Host And Guest

        After creating a new Virtual machine, you may want to share files and folders between the KVM host and the KVM virtual machine. In this brief guide, we will see how to setup a shared folder between KVM host and guest virtual machine using Virt-manager in Linux.

        Before configuring a shared folder, make sure you have installed Virt-manager on your KVM host.

        [...]

        If you already have installed complete KVM Virtualization Package group, you don't need to install Virt-manager separately. Virt-manager is part of the KVM virtualization package group. Otherwise, you may need to install it as shown in the above link.

        Create a new Virtual machine from Virt-manager interface. It is very straight-forward and easy! Don't start the VM yet. We need to create shared folder in our KVM host.

      • Static and dynamic IP address configurations: DHCP deployment

        In my Static and dynamic IP address configurations for DHCP article, I discussed the pros and cons of static versus dynamic IP address allocation. Typically, sysadmins will manually configure servers and network devices (routers, switches, firewalls, etc.) with static IP address configurations. These addresses don’t change (unless the administrator changes them), which is important for making services easy to find on the network.

        With dynamic IP configurations, client devices lease an IP configuration from a Dynamic Host Configuration Protocol (DHCP) server. This server is configured with a pool of available IPs and other settings. Clients contact the server and temporarily borrow an IP address configuration.

      • How to Use the xxd Hex Dumper Utility in Linux

        While most people, even programmers, won't work with bits and bytes on a daily basis, there are ways you can explore files on your Linux system at this level. And xxd is one such utility, a hex dumper.

        Here's how you can use the xxd hex dumper utility to print the content of files in hexadecimal format.

      • How to Check CPU Temperature on a Linux System

        Want to check your CPU temperature to monitor your computer's health and prevent severe component damage? Maybe your Linux system has been overheating and you want to detect which hardware unit is causing the issue.

        This article will explain why CPU temperature monitoring is important and how to check CPU temperature on a Linux machine.

      • How to deploy Samba on Linux as an Active Directory Domain Controller - TechRepublic

        Active Directory (AD) is Microsoft's way of making it possible to create and apply policies to machines associated with a network. It's a tool widely used by businesses and network administrators everywhere.

        Microsoft's solution is not the only means to make this happen; the open source Samba makes it possible to deploy an Active Directory Domain Controller. With this controller, you can then create users, and even set policies.

        I will be writing a series of tutorials on this subject. In this first piece, we'll be deploying the Samba AD on an instance of Ubuntu Server 20.04.

      • 1 click install uTorrent on Ubuntu 21.04 [ with terminal ]

        With over 150 million users uTorrent is the most widely used BitTorrent client outside China; globally only behind Xunlei. The “μ” (Greek letter “mu”) in its name comes from the SI prefix “micro-“, referring to the program’s small memory footprint: the program was designed to use minimal computer resources while offering functionality comparable to larger BitTorrent clients such as Vuze or BitComet.

        uTorrent was controversial for mining cryptocurrency when installed. They had removed the cryptocurrency miner in later versions but it had already done irreversible damage to uTorrent’s reputation.

      • How to Change Color of Specific Folder Icon in Ubuntu 21.04/20.04 | UbuntuHandbook

        Want to make a certain folder different to others in Ubuntu? You can change the icon color and add emblem via Nautilus extension.

        Nautilus, the default file manager in Ubuntu, has an extension called Folder Color. It allows to change the color of selected folder or folders into: Blue, Blown, Green, Gray, Pink, Purple, Red and Yellow.

        You can also add a emblem, e.g., Important, In Process, Favorite, Finished, and New. And reset to default is also available in folders’ context menu.

      • Do Not Miss These 10 Steps in Application Security Assessment

        Contrary to popular belief, application security assessment is an ongoing process and not something you need to do annually. It must also not be done just as a compliance formality.

        While there cannot exist a complete guide to application security that touches all the aspects, here are ten of the things that you need to make sure of in order to keep your applications secure to the maximum possible extent.

      • How To Improve The Security Of Linux Servers?

        Many services nowadays run on servers with different Linux distributions. Compared to server versions of Microsoft operating systems, they are free. They are also generally considered to be more secure, but require deeper knowledge on the part of the system administrator to ensure they are configured correctly. It doesn't matter whether the system runs on your own infrastructure or on cloud solutions from Amazon, Microsoft or others. In this article, I'll give you tips for making your Linux instances more secure. The article also includes practical examples of improving the security of Debian-based operating system distributions.

        Automatic installation of updates

        Many servers become targets and victims of hacker attacks due to a security gap in the operating system used. Administrators are usually reluctant to update systems, as this can cause more harm than good, as deployed applications may stop working after a system update. However, it is extremely important for keeping the operating system secure and therefore automatic installations should always be enabled, especially on critical systems. If it is necessary to use older versions of operating systems, we recommend that these computers be completely isolated from the network. A few commands are all that is needed to enable automatic updates on a Linux system.

      • How To Install uTorrent on Debian 10 - idroot

        In this tutorial, we will show you how to install uTorrent on Debian 10. For those of you who didn’t know, uTorrent is the most popular torrent client available for Linux systems. uTorrent downloads file very fast and efficiently as possible without slowing other online activities.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the uTorrent BitTorrent client on a Debian 10 (Buster).

      • How to customize Bash Terminal prompt on Debian 10

        The bash Linux shell provides many customization options for the prompt that you can use not only to incorporate various features in the prompt but also to differentiate them through different colors.

        In this article, we will use various examples to customize and recolor the prompt of our Terminal application that will enable you to do the same depending on your needs. We have the commands and procedures described in this article on a Debian 10 Buster system.

      • Learn essential Kubernetes commands with a new cheat sheet | Opensource.com

        The cloud runs largely on Kubernetes, Kubernetes largely runs on Linux, and Linux runs best when it has a skilled sysadmin at the controls. Whether you consider yourself a cloud architect or just a humble sysadmin, the modern internet needs users who understand how applications and services can be created within containers, scaled on demand, and monitored and managed judiciously.

        One of the first steps into the brave world of containers is learning Kubernetes and its quintessential command: kubectl.

      • Manage the Postfix mail queue with postsuper, postqueue and mailq commands

        Postfix provides several shell programs to manage the mail queue.

      • Resolve DHCPD and HTTPD startup failures with Ansible

        Last year, I had a problem: HTTPD (the Apache web server) would not start on a reboot or cold boot. To fix it, I added an override file, /etc/systemd/system/httpd.service.d/override.conf. It contained the following statements to delay HTTPD's startup until the network is properly started and online. (If you've read my previous articles, you'll know that I use NetworkManager and systemd, not the old SystemV network service and start scripts).

    • Games

      • Electronic Arts Acquires Canadian Studio Metalhead Software

        The acquisition, of which terms were not disclosed, will see EA Sports grow the franchise as well as develop new gaming and sports experiences.

      • Oddventure is an indie RPG that follows a girl trapped in a cursed fairy-tale world

        This looks absolutely brilliant. Oddventure is an upcoming adventure RPG from Infamous Rabbit and Pineapple Works that follows a girl trapped in a cursed fairy-tale world.

        "Oddventure is a JRPG about the misadventures of Charlie - a nihilistic and rebellious teenage girl with anger issues and social awkwardness. Charlie searches for her troublesome brother Bonzo and ultimately for a way back home. The setting is the Kingdom of Luxia, a land straight from original Grimm Brothers’ fairy tales with a dark, Nietzschean twist."

        [...]

        For Linux fans, it's good news too as they're supporting "PC (Windows, Mac & Linux) and Nintendo Switch" with it being "actively developing and testing the game on all platforms".

      • Conversational deck-building roguelite Griftlands from Klei is now on Linux

        Klei Enterainment deliver again, adding the conversation-based deck-builder Griftlands to their list of Linux supported games. It looks brilliant too and it has received an Overwhelmingly Positive view from users on Steam overall.

        "Griftlands is a deck-building rogue-like where you fight and negotiate your way through a broken-down sci-fi world. Every decision is important, be it the jobs you take, the friends you make, or the cards you collect. Death comes quickly, but each play offers new situations and strategies to explore."

      • Free Game Thursday - check out Office Point Rescue Deja Vu a new retro FPS

        Office Point Rescue Deja Vu is a brand new retro-themed first-person shooter from Magellanic Games, a bigger expanded version of the original from 2020.

        "Terrorists have invaded and taken hostages in the Emeraldalo Corporation's headquaters. Agent Foldon is assigned to infiltrate the building, dispatch the terrorists, rescue any surviving hostages and gather intel."

        Check out our gameplay footage below to get a taste of it. The gameplay was on Easy mode, as I didn't want to spoil any surprises and difficult in the other modes. It gives you a good idea of what to expect though, thoroughly reminding me of some retro arcade shooters that took way too many coins.

      • ComPressure, a complex pipe-building puzzle game is out now

        After a relatively short stint in Early Access, the Zach-like puzzle game ComPressure is officially out now.

        ComPressure has you building complex computation units powered by high pressure steam, which you do by place and moving pipes around to direct this steam where to go. It definitely has a feel like some earlier Zachtronics titles and it's a pretty unique game overall.

      • Go Godot Jam is an upcoming Godot Gamedev Festival between May 6 - June 9

        Learn more about the free and open source Godot Engine during Go Godot Jam, part of the Godot Gamedev Festival running from today May 6 through to June 9.

        Sounds like a fun idea to help show off Godot to even more people. It's packed full of "one month of quality streams and a game jam aimed at celebrating and expanding a vibrant Godot community" and it's entirely open to everyone as this is a free online event.

      • City builder Nebuchadnezzar is getting fire, crime and disease in the next free update

        After launching with Linux support back in February, it seems a lot of people really loved the style but there wasn't enough substance to it. Thankfully the first update addressed some of the issues adding in big freeplay maps, new difficulty modes and a tax/wages mechanic too. Now they've teased the 1.2 update with no current release date which will bring in Fire, Crime and Diseases to add a little more challenge to it.

      • Hook up cities with power to create a sustainable future in the upcoming Green With Energy

        Green With Energy from developer Orbifold Software is an upcoming casual puzzle building game, that sees you become an engineer to design a sustainable power grid.

        Through various contained levels, it acts like a puzzle game that pulls in small elements from a city-builder while you design your grid and place down power structures. It's supposed to be somewhat relaxed while you iteratively design, test and build power grid designs while balancing budget, efficiency, and environmental impact through different levels and biomes.

        [...]

        The developer mentioned Linux will be a first-class platform for it.

    • Desktop Environments/WMs

    • Distributions

      • The Great OS Replacement: How to Find the Best Linux Distribution

        Picking the ideal Linux distribution takes research and planning. Not because Linux is a challenge. Rather, the Linux OS offers a seemingly unending selection of distributions to meet general computing as well as special needs for enterprise, SMBs, and personal use.

        For enterprise and business-focused users, however, one popular choice has fallen into disfavor with CentOS 8 reaching its end-of-life status as a supported platform. But as is usually the case with the Linux infrastructure, ample replacements are available.

        The CentOS community is turning its focus to the Stream fork as a replacement for a directional change by the CentOS sponsors. One major sticking point among CentOS users is that the CentOS community’s rolling releases may not align with most businesses’ infrastructural or organizational needs.

        A rolling release is a Linux distribution that is updated from top to bottom on a regular basis, noted Thilo Huellmann, CEO of Levity AI. All, including user-space applications, the kernel, and daemons, is in a constant state of new.

      • Nitrux Linux Is Demanding an Apology From DistroWatch

        DistroWatch is a popular web portal that tracks new Linux distribution releases, informs the changes briefly and offers a catalog of details for almost every distribution.

        Even though it provides essential information regarding most of the distros, it looks like it does not display correct details for Nitrux Linux. Of course, with tons of information to manage and update — it is highly likely that some information could be outdated or incorrect.

        However, when Uri Herrera reached out to request correction, the maintainer of DistroWatch seems to believe that Nitrux is lying about the information being requested to be modified.

        Hence, Nitrux Linux had to come up with an open letter where they explain more about the incident and demand an apology for making such kind of remarks.

        [...]

        If it isn’t a surprise, this is a simple matter of correcting information while the creator of Nitrux Linux is trying to request the necessary changes.

        Nitrux Linux has always been assumed as a “commercial” distribution in the past just because they had a paywall like Zorin OS’s ultimate edition, which isn’t true either. Nitrux Linux was always a free and open-source Linux distribution with a unique approach.

      • New Releases

      • BSD

        • Bandwidth limiting on OpenBSD 6.8

          I will explain how to limit bandwidth on OpenBSD using its firewall PF (Packet Filter) queuing capability. It is a very powerful feature but it may be hard to understand at first. What is very important to understand is that it's technically not possible to limit the bandwidth of the whole system, because once data is getting on your network interface, it's already there and got by your router, what is possible is to limit the upload rate to cap the download rate.

          OpenBSD pf.conf man page about queuing

      • Screenshots/Screencasts

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

      • SUSE/OpenSUSE

      • IBM/Red Hat/Fedora

        • Optimal flow: Building open organizations where leaders can emerge

          Previously in this series on open organizations and talent management, I’ve discussed the importance of cultivating an organization’s open leaders by getting out of their way and letting them flourish. As someone invested in developing your organization’s next generation of leaders, know that your goal here isn’t to be entirely “hands off”; instead, your goal is to spend time building the systems and processes that help new leaders find their footing and unleash their passion. The truth is that leadership talent rarely develops on its own.

        • Automating the testing process for SystemTap, Part 1: Test automation with libvirt and Buildbot

          Over the past year, I have been implementing an automated infrastructure to test the SystemTap project and to collect and analyze the test results. SystemTap is a scripting language for creating instrumentation to observe a live running Linux kernel and user-space applications. The SystemTap language translator produces Linux kernel modules. These modules depend on internal details of the Linux kernel that vary significantly between different versions of Linux.

          The process of developing the SystemTap project and maintaining it for a wide range of Linux kernel versions requires a strategy to detect and fix unexpected bugs. Bugs can arise not only from changes in the SystemTap project, but also from changes in newer versions of the Linux kernel.

          In order to verify the safety and correct behavior of SystemTap, the SystemTap project includes a test suite based on the DejaGnu framework. However, up to now there was no system for running this test suite each time someone made a commit to the SystemTap Git repository. An infrastructure that automatically runs the test suite and reports new test failures would be very helpful for detecting and fixing bugs as early as possible during the SystemTap development process.

          This article is the first of two articles summarizing the tools that I developed and used to automate the process of testing SystemTap and detecting test failures. For the purpose of these articles, I consider the testing process to consist of seven steps. I describe the implementation for each of these steps and finish by summarizing my key design ideas and outlining potential future improvements.

          The ideas presented in these articles could be useful for other open source projects with complex testing requirements.

        • Fedora Community Blog: Contribute to Fedora Kernel 5.12 Test Week

          The kernel team is working on final integration for kernel 5.12. This version was recently released and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week from Sunday, May 06, 2021 through Sunday, May 16, 2021. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

        • Why Windows and Linux line endings don’t line up (and how to fix it)

          I recently wrote a few automated database-populating scripts. Specifically, I am running Microsoft SQL Server in a container in a Kubernetes cluster—okay, it’s Red Hat OpenShift, but it’s still Kubernetes. It was all fun and games until I started mixing Windows and Linux; I was developing on my Windows machine, but obviously the container is running Linux. That’s when I got the gem of an error shown in Figure 1. Well, not so much an error as errant output.

        • Red Hat Is Hiring More LLVM Compiler Engineers

          Not only does Red Hat continue investing heavily in GCC and the GNU toolchain but it turns out they are ramping up their LLVM compiler talent as well.

          Red Hat already employs prominent longtime LLVM developer and current LLVM release manager Tom Stellard along with other LLVM engineers. But now they are hiring at least another two LLVM engineers to join their ranks.

          Stellard has shared that Red Hat is now hiring a principal software engineer to work on feature development and other user support tasks across the LLVM sub-projects but particularly LLVM itself and Clang. They are also hiring a engineer with compiler linker experience to work on development for BFD and LLD.

        • Red Hat Opens Up StackRox Community

          Red Hat today announced the StackRox community, which is the first step on the path toward to a fully open source, Kubernetes-native security platform.

          Red Hat acquired the Kubernetes security startup earlier this year, and late last month rolled out Advanced Cluster Security for Kubernetes, which is based on StackRox technology. This security technology is also built into Red Hat’s OpenShift Platform Plus, which makes good on Red Hat’s pledge to integrate StackRox’s security technology with its OpenShift Kubernetes platform.

        • Red Hat Makes DevOps a Reality with OpenShift GitOps and OpenShift Pipelines

          Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of OpenShift GitOps and OpenShift Pipelines, new features of Red Hat OpenShift, the industry’s leading enterprise Kubernetes platform. These capabilities help organizations to further reduce friction between development and operations teams by streamlining application development and deployment across the hybrid cloud.

          DevOps methodologies promote a cultural shift by linking the work of development and operations teams into a more unified approach rather than separate silos, helping to bring applications to production more quickly. But many organizations still struggle in fully converting to DevOps, especially as much of the associated tooling is workflow- or software-specific, leading to disparate approaches across teams. OpenShift GitOps and OpenShift Pipelines help better unite application development and IT operations by enabling the teams to work together earlier in the development process while helping to deliver greater security, predictability and visibility throughout the entire application lifecycle.

        • Companies Extend Cloud to the Edge

          Software company Red Hat Inc., an affiliate of International Business Machines Corp. , last week launched an edge-computing platform designed to operate across multiple cloud services.

          “With so much data, we have to get it closer to where it’s needed,” Red Hat Chief Executive Paul Cormier said. “You can’t always take the time on a factory floor to push all that data down the line; you need it right on the production line to make very quick decisions,” he said.

        • Red Hat, IBM Research Launch Open Source Konveyor Project
    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Gazebo: Robotic simulation made easy

        Gazebo is a free open-source robot simulation toolkit which designed to help engineers test algorithms, design their robot virtually, train AI systems with realistic scenarios and more.

        The system features dozens of features and functions, it is also packed by dozens of robotic engineers world-wide.

        Gazebo is getting frequent updates and bug fixes from its active developers' community, which makes it reliable for real-world usage.

      • Web Browsers

        • Mozilla

          • Detroit’s digital divide reminds us how far America has to go for internet equity

            It’s been 13 months since the global COVID-19 pandemic hit America. The result, nationwide shutdowns and a country mourning the loss of more than 550K Americans that have died due to COVID-19.

            For many upper and middle-class Americans, the ever-extending quarantine has meant a slight adaptation, or even a respite, from past routines as they largely shifted to working from home. It has meant signing on to their laptops every day at home while they invested in ring lights and headphones for the optimal Zoom experience. For those with kids, simultaneously juggling work and their children’s Zoom classes has created a new set of challenges to maintain some semblance of normalcy.

            But for millions of others, the pandemic has meant additional uncertainty. Tens of millions of adults remain out of work. Minority communities and urban centers have been disproportionately affected by not only unemployment, sickness and death, but another systematic inequity: lack of high-speed internet access. It has prohibited tens of thousands of students, and their parents, from making the transition from classrooms and workplaces to video-everything.

            In other words, the digital divide has become a chasm.

      • SaaS/Back End/Databases

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 7.1.3 Office Suite Released with More Than 100 Bug Fixes

          Coming five weeks after LibreOffice 7.1.2, the LibreOffice 7.1.3 point release is here to address a total of 105 issues across all core components, including Writer, Calc, Draw, and Impress.

          According to The Document Foundation, about 25 percent of these fixes are focused on improving the document compatibility with the Microsoft Office file formats, such as DOCX, PPTX, and XLSX.

        • LibreOffice 7.1.3 Community available for download

          LibreOffice 7.1.3 Community, the third minor release of the LibreOffice 7.1 family, targeted at technology enthusiasts and power users, is available for download from https://www.libreoffice.org/download/. LibreOffice 7.1.3 includes over 100 bug fixes, with 25% focused on Microsoft Office file compatibility (DOCX, XLSX and PPTX).

          For enterprise-class deployments, TDF strongly recommends the LibreOffice Enterprise family of applications from ecosystem partners, with long-term support options, professional assistance, custom features and Service Level Agreements: https://www.libreoffice.org/download/libreoffice-in-business/.

          LibreOffice Community and the LibreOffice Enterprise family of products are based on the LibreOffice Technology platform, the result of years of development efforts with the objective of providing a state of the art office suite not only for the desktop but also for mobile and the cloud.

          Products based on LibreOffice Technology are available for major desktop operating systems (Windows, macOS, Linux and Chrome OS), mobile platforms (Android and iOS) and the cloud. They may have a different name, according to each company brand, but they share the same LibreOffice unique advantages, robustness and flexibility.

        • LibreOffice Merges Initial Support For Compiling To WebAssembly

          Merged into LibreOffice yesterday is initial support for an EmScripten-based cross-build and compiling to WebAssembly (WASM) for in-browser execution or potentially running on the desktop in a portable manner with the likes of Wasmer.

          Merged to LibreOffice were a number of WASM commits yesterday. This documentation outlines the WASM build steps involved.

          There is also a simple demo application that was added which ends up being a Mandelbrot with the Qt5 tool-kit.

      • FSFE

        • Telecom reform in Austria: consumers must benefit from Router Freedom

          Austria is reforming its telecommunications law to incorporate the new European directives on electronic communications. The Austrian government has now an unique opportunity to leverage router freedom at the legislative level to protect consumers and the market.

          It should go without saying that anyone should be able to freely choose and use a router and modem of their choice for Internet connection, like one does with smartphones and other devices. Router Freedom refers to the right that consumers of any Internet Service Provider (ISP) have to choose and use a private modem and router instead of equipment supplied by the ISP. This right is consolidated in the EU by the Net Neutrality Regulation. However, as part of a major reform of the telecommunications sector in Europe (the EECC directive), new rules are being introduced that may have a negative impact on Router Freedom, because they affect the status of routers being considered as terminal equipment.

          Like other European countries Austria is in a process of implementing the reform of the telecom sector. The Austrian government has proposed the draft (German) of the new Telecommunications Act (TKG) with provisions affecting the ability consumers have to use their own device to connect to the Internet. Austria has with this reform an unique opportunity to leverage consumers' rights by guaranteeing Router Freedom on the legislative level, fostering an open market.

      • FSF

        • Watch and share talks from LibrePlanet 2021: Empowering Users

          We're sorry for the delay in publishing the videos from LibrePlanet 2021 -- we faced some unexpected challenges immediately after the event. But they're here now! We're incredibly proud of the two-day, all-online conference, which was a showcase for the efforts of the free software community, with talks ranging from technical how-tos to personal reflections on activism. If you missed the conference when it happened, we encourage you to watch and share the recordings -- these are wildly talented and dedicated people who fight every day for a freer world, generously sharing their time and insights to advance ideals that are bigger than any of us as individuals.

          We’re proud to be able to share those accomplishments and insights with you through the videos of the LibrePlanet 2021 conference talks released today on our GNU MediaGoblin and PeerTube pages.

        • [Older] Free Software Foundation lending aid to support local free software groups

          As part of its annual LibrePlanet conference, the Free Software Foundation (FSF) announced its plan to provide small grants to local free software groups around the world.

          At the 2021 edition of its annual conference on free software and social justice, LibrePlanet, the FSF formally announced its plan to lend support for local free software groups and meetups through its LibrePlanet network for free software advocacy. These groups raise awareness on issues relating to software freedom, and encourage adoption of free software in local communities. In the case of a free software advocacy group, committed activists might join together to protest the opening of an Apple store selling devices locked with Digital Restrictions Management (DRM), or form a satellite event for future events associated with the LibrePlanet conference. FSF members who are unable to meet in person but want to plan events can use the organization's free "as in freedom" videoconferencing server.

        • GNU Projects

          • Beta testers for MyGNUHealth Personal Health Record

            I am very happy to announce that the documentation for MyGNUHealth beta is now online.
            We would love beta testers both in the desktop (KDE Plasma) and in the PinePhone, so if everything goes well, shortly we will be able to release the first stable release.
            We would like to count with **translators** of the documentation and the application itself. We are working with the KDE community in these areas.

      • Public Services/Government

        • Short Topix: New Crypto Mining Worm Targets, Attacks Windows, Linux

          The city of Dortmund has ushered in the political turning point and begun the exit from the proprietary era. Now it is important that the city finds the appropriate means to implement this process practically, by means of a proprietary exit strategy and to dissolve existing vendor lock-in. For Do-FOSS, the decision of the Memorandum 2020 to 2025 is the result of a functioning democratic local discourse. The practical management work for Free Software has the necessary political backing to succeed.

      • Programming/Development

        • Qt 6.1 Released

          I am happy to announce that Qt 6.1 has been released today. Qt 6.1 is the first minor version update in the Qt 6 series.

        • Qt 6.1 Released With More Modules Ported To Qt6

          Qt 6.1 brings Qt Lottie to the Qt6 world after not making it for 6.0, Qt State Machines for providing SCXML and StateMachine modules in the Qt6 world, the Qt Virtual Keyboard is also now available on Qt 6 with various improvements too, and Qt Device Utilities has been introduced with various networking features. Qt 6.1 also introduces new overflow-safe arithmetic functions to Qt Core, the Vulkan API wrappers for Qt GUI now expose Vulkan 1.1/1.2 core APIs, support for SSL plugins in QtNetwork were added, QNetworkInformation is new for exposing system networking information, and QtQuick3D has a technology preview of instanced rendering support. In a tech preview state for Qt 6.1 is QtQuick3D's 3D particles for 3D scenes.

        • Qt Creator 4.15: What's new in C++ support?

          As announced earlier, we have released Qt Creator 4.15 this week. Let us now take a closer look at some of the improvements to our C++ support that this version brings.

        • Rmw v0.7.09 Is Released

          The handy rmw (ReMove to Waste) shell utility for moving files to a waste folder, instead of immediately deleting them, got another minor bug-fix release today. Filenames now display correctly when using the -vvg option. That's it, that's all there is to rmw v0.7.09.

        • James Hunt: (Lots of) new procenv release(s)

          procenv is now at version 0.55.

        • The 7 Guiding Principles for Developer Engagement [Ed: "Dell Technologies sponsored this post," meaning that "thenewstack" continues to be little but a shilling/spam site of companies that vomit a bunch of puff pieces onto it, including some truly malicious companies and their malevolent front groups; journalism is dead, it's just PR now. This one extensively cites Microsoft-funded Stephen O’Grady of Redmonk]
        • RStudio and APIs

          Data Scientists and analysts work to constantly deliver valuable insights from data. In many cases, these individuals practice a Code First approach, using a programming language like R or Python to explore and understand data. Once an analysis reaches conclusion, it is important to carefully consider what happens next. Perhaps the analysis resulted in a complex machine learning model that can generate valuable predictions on new data. Or perhaps it resulted in some new business logic that can be implemented to improve efficiency. In any case, ensuring the longevity of analysis outcomes increases business value long after the original analysis concludes.

        • Perl/Raku

          • Perl Monthly Report - April

            I had many ups and downs in the month of April. In all these, I have recieved plenty of supporting voices.

          • Paws anyone?

            Gee almost a year since my lat post. I better start posting again or Mohammad will catch up with me ;).

            Been quite a year for every one on this big blue marble. I hope you are all good.

            Ok here is the very short post for today.

          • Config::BINDish Module First Release - LFlat, The Home of Vrurg

            Soon after Test::Async time has came for the first release of Config::BINDish. At first, I didn’t plan the module whatsoever. Then I considered it as a little distraction project to get some rest from an in-house one I was working on lately. But it turned into a kind of a monster which swallowed quite an amount of my time. Now I hope it’s been worth the efforts.

            Basically, the last straw which convinced me to eventually put everything else aside and have this one done was an attempt to develop a model for scalable file hosting. I was stuck, no approach I was considering was good enough. And I decided to change the point of view and try to express the thing in terms of a configuration file. I went on a hunt onto Raku modules site and came back with a couple of already familiar options. Of those I decided that Config::TOML would be the best one for my needs. Unfortunately, very soon I realized that a feature it misses makes my life somewhat harder than I’d like it to be: there was no way to expand a string with an option value.

        • Python

          • 10 Years’ Perspective on Python in Gentoo

            I’m a Gentoo developer for over 10 years already. I’ve been doing a lot of different things throughout that period. However, Python was pretty much always somewhere within my area of interest. I don’t really recall how it all started. Maybe it had something to do with Portage being written in Python. Maybe it was the natural next step after programming in Perl.

            I feel like the upcoming switch to Python 3.9 is the last step in the prolonged effort of catching up with Python. Over the last years, we’ve been working real hard to move Python support forward, to bump neglected packages, to enable testing where tests are available, to test packages on new targets and unmask new targets as soon as possible. We have improved the processes a lot. Back when we were switching to Python 3.4, it took almost a year from the first false start attempt to the actual change. We started using Python 3.5 by default after upstream dropped bugfix support for it. In a month from now, we are going to start using Python 3.9 even before 3.10 final is released.

            I think this is a great opportunity to look back and see what changed in the Gentoo Python ecosystem, in the last 10 years.

        • Rust

          • Announcing Rust 1.52.0

            The Rust team is happy to announce a new version of Rust, 1.52.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

  • Leftovers

    • (Pseudo)Science/PR

      • Data quality for AI [Ed: IBM still trying to use overhyped buzzwords to compensate for its collapse as a company]

        If we were in a movie on AI, the main character of our story would be a data scientist – let’s call her Ria. Ria works in a multinational company, and one Monday morning she receives a request for her help on a project to build an AI model. The project is a high-visibility project and has the possibility of large revenue savings for the company if Ria and her team can build an AI model to solve the problem. Ria is excited and immediately starts asking for data access so that she and her team can get started on the project. Ria and her team analyze the data to find data quality issues, clean the data, build features, and build a model. After several months, Ria and her team are struggling to build a high-accuracy model. With every iteration, they discover more data quality issues, go back to the design table to brainstorm the issue, figure out ways to fix it, and write the code for data remediation. After weeks and months effort, Ria believes that the whole project would have been more streamlined if they had gotten a report on the data quality when they had gotten the data at the beginning. Does this sound familiar?

        Many studies have shown that data preparation is one of the most time-consuming pieces of the machine learning lifecycle. One reason is that the data issues are discovered in a trial and error fashion, new code must be written for every issue found, and someone must keep a manual log of all of the changes applied to the data so that there is a lineage of how the data was changed over the course of building a machine learning pipeline. However, this information, unless explicitly recorded, might not be available.

    • Hardware

      • ‘I can’t fix my tractor’: Senator Tester calls on the FTC to step up on Right to Repair

        In the next few days, the FTC is expected to release the results of an investigation into the anticompetitive practices manufacturers use to block repair. U.S. PIRG and other Right to Repair advocates hope that this report will acknowledge the need to enforce existing laws and create regulations that empower repair markets. If comments by commissioners Wilson and Chopra are any indication, we expect the FTC report to bear good news for our Right to Repair.

    • Health/Nutrition

      • Biden Admin Supports Ending Vaccine Patents. AOC Says "Let's Do Insulin Next."
      • Creative Commons Calls on the EU to Show Clear Support for Waiving COVID Vaccine Patents

        As we all know, there is a global shortage of vaccines. Taking action to ensure more people get access is the right thing to do. Full stop. It will also benefit all of us. If we do not get the world vaccinated at the same time, new variants of the virus will arise, which the current vaccines will not be able to protect us against. The US Government recognises this reality and does not want to jeopardise their hugely successful vaccine rollout without playing their part to help the rest of the world. As Ambassador Tait’s tweet said; “These extraordinary times and circumstances…call for extraordinary measures. The US supports the waiver of IP protections on COVID-19 vaccines to help end the pandemic and we’ll actively participate in WTO negotiations to make it happen.” Notice the choice of words: end the pandemic. 

      • Pharma Stocks Take a Hit as Biden Backs Vaccine Patent Waiver
      • After US Reversal, EU 'Ready to Discuss' Covid-19 Vaccine Patent Waiver

        Growing pressure to waive IP protections comes as a new study estimates the pandemic has actually killed 6.93 million people, more than double the reported number of global deaths.

      • 'No More Excuses': With US Behind Patent Waiver, Canada, UK, and EU Urged to Immediately Follow Suit

        "We urge all world leaders to see the writing on the wall and put peoples' lives ahead of corporate profit."

      • 'Cry No Tears for These Death Profiteers': Pharma Stocks Plunge as Biden Backs Vaccine Patent Waiver

        "It's almost as if the financial interests of the pharmaceutical industry are diametrically opposed to the health and well-being of the planet."

      • “Monumental Moment”: U.S. Backs Waiving COVID Vaccine Patent Rights After Months of Blocking Talks

        The Biden administration has announced it now supports temporarily waiving the intellectual property rights for COVID vaccines, in what the World Trade Organization is calling a “monumental moment.” India and South Africa first proposed the waiver in October, but the United States and other wealthy nations blocked the WTO from even opening negotiations on the proposal. Supporters say the waiver is critically needed to increase the rate of vaccine production for the Global South as COVID-19 rapidly spreads in India, Latin America and other regions where few vaccines are available. Biden’s support for the waiver is “an incredibly pleasant surprise” and “late, but still welcome,” says Achal Prabhala, coordinator of the AccessIBSA project, which campaigns for access to medicines in India, Brazil and South Africa. “The proposal is monumental because what it does is it allows for more vaccines to be manufactured in the world,” Prabhala says. “The whole world faces a crippling shortage of coronavirus vaccines.”

      • Welcome From The Chief Editor

        Not everything that has come out of the coronavirus pandemic has necessarily been negative. Even in areas where lockdowns and isolation have closed restaurants, bars, indoor movie theaters, and other "non-essential" businesses, it has given new life and a resurgence to other business models that were well on their way to extinction.

        I'm talking about drive-in movie theaters. Originally started in Camden, NJ in 1933, they exploded in popularity during the post-WWII years. Then, in the 1950s and 1960s, they peaked at over 4,000 drive-in theaters in the U.S. alone, and some estimates were over 5,000 worldwide. Drive-in movies have also served as a backdrop for scenes in such blockbuster movies, such as Grease and Twister.

        Then came along cable TV and the popularity of home video, first on VHS tapes, and later on DVD. Never mind streaming. That hadn't even been thought of up until that point. The first two were enough, coupled with changing lifestyles, to kill off the vast majority of drive-in theaters.

        [...]

        Fast-forward to 2021, and I am fortunate enough to have at least two drive-in theaters remaining in operation within an hour's drive of me. So, we popped up a couple of batches of popcorn (none of that microwave stuff ... it had to rival movie theater popcorn!), packed some drinks, loaded up the blankets, and headed off to the drive-in theater that's located in the city where I live. We arrived in less than 30 minutes, and we sat in the back of dad's pickup truck. The kids laid on their sleeping bags in the back of the truck with the tailgate down, and mom and dad sat in camping chairs in the back of the truck. The kids got to watch the new Tom & Jerry movie, followed by Goonies, from the back of dad's pickup truck. The sound was broadcast over the FM radio band, played on a couple of portable radios we had brought along. That was a huge improvement over the solitary, tinny-sounding, monaural speaker that we used to hang on the edge of our car windows in the drive-in theater heydays!

        The memories it elicited came flooding back to me. The sounds. The smells. The atmosphere. The dust. The same idiots driving through the parking lot after dark with their lights on. None of it had changed. And I was excited to share the experience with my own children, 50-plus years after my parents had shared that experience with me.

        Until next month, I bid you peace, happiness, serenity, and prosperity! And, if you get the chance, go catch a movie at a drive-in theater!

    • Integrity/Availability

      • Proprietary

        • Fortnite, A Free Game, Made $9 Billion In Two Years

          For years -- years! -- Techdirt has been a place that has argued that offering a product or service for free, where that made sense, could actually be a fantastic business model. While there are lots of examples of that sort of thing these days, you have to understand that this concept was met with derision and scorn by all kinds of industry folks big and small. Some said anyone offering something for free had no clue how to run a business. Others even more absurdly claimed that there was literally no way to compete with "free."

        • How to improve your LinkedIn profile [Ed: Red Hat is boosting Microsoft's proprietary software and surveillance]
        • Windows Defender bug fills Windows 10 boot drive with thousands of files [Ed: Proprietary software is junk and even Microsoft boosters like Lawrence Abrams can see what a piece of garbage Vista 10 really is]

          A Windows Defender bug creates thousands of small files that waste gigabytes of storage space on Windows 10 hard drives.

        • 'Millions' of Dell PCs will grant malware, rogue users admin-level access if asked nicely

          This is made possible by five security vulnerabilities in Dell's dbutil_2_3.sys driver, which it bundles with its PCs. These are grouped under the label CVE 2021-21551, and they can be abused to crash systems, steal information, and escalate privileges to take total control. These programming blunders can only be exploited by applications already running on a machine, or a logged-in user.

        • The End of AMP

          I am hopeful that 2021 will be the beginning of the end for two of my least favorite things – the pandemic and Accelerated Mobile Pages (AMP).

          For the past few months, I’ve been focusing on Google’s Page Experience update due to launch in May and what it means for publishers. The largest and most talked-about item in the update is Google announcing that sites with passing core web vitals will receive a ranking boost on mobile. However, there is another important item in the update – the end of special treatment for AMP pages.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The future of farming could be based on Linux

                The Linux Foundation has just launched an open source digital infrastructure project specifically designed to tackle the challenges of the global agriculture sector.

                The AgStack Foundation looks to promote collaboration among all key stakeholders in the global agriculture ecosystem, including private business, governments, and academia.

                It also hopes to build free and open digital infrastructure for data and applications tailored to enhance the efficiency of agriculture across the world.

              • Linux Foundation Launches AgStack

                According to the announcement, the AgStack Foundation is aimed at improving “global agriculture efficiency through the creation, maintenance, and enhancement of free, reusable, open and specialized digital infrastructure for data and applications.” The AgStack Foundation “will not engage in building software applications” but instead will focus on the community-maintained, free and open source software infrastructure needed to build, manage, and run applications.

              • Linux Technical Advisory Board releases report on UMN patches

                The Linux Technical Advisory Board (TAB) released a new report to show the remediation measures that were undertaken after researchers from the University of Minnesota (UMN) submitted compromised code submissions to the Linux kernel.

                UMN previously submitted many big fixes that were merged into kernel releases as part of an, but the breach of trust between the community and UMN first started when UMN researchers did an experimental research project on “Hyprocrite Commits” that involved intentionally submitting patches that caused issues with the kernel in August last year.

                As a result, Greg Kroah-Hartman, a Linux kernel maintainer, asked the community to stop accepting patches from UMN and began a re-review of all submissions previously accepted from the university after perceiving that they were sending compromised code.

                The university has since retracted the “Hypocrite Commits” paper and Kroah-Hartman posted a final set of reverts this week.

              • Linux Technical Advisory Board Issues Findings On UMN's Shady Kernel Conundrum

                In April, we first reported on Linux Kernel dev and maintainer Greg Kroah-Hartman banned submissions from the University of Minnesota due to new concerning patches. It has also come to light that UMN has done questionable research on the Linux kernel team, and people were already wary. Now, the Linux Technical Advisory Board (TAB) has published its findings of the events and recommendations for the future.

                Over the rather lengthy audit of the situation, the TAB lays out a timeline of events from 2018 up through today detailing what has led to what we now face. Since that original date, UMN had submitted nearly 400 bug-fix patches centering around research papers. Two years later in August, UMN researchers submitted “hypocrite commits” under false identities, which was already concerning. Then in April of this year, new seemingly sketchy patches were being submitted again, and people were concerned, including Greg Kroah-Hartman, who called out UMN.

                After this happened, the TAB kicked off a review and investigation with some interesting findings and recommendations. Interestingly, of the UMN patches submitted, 349 were correct, 39 needed to be fixed, and 47 others either did not matter anymore or fell into other categories, which you can see here. The 39 problematic commits are to be reverted and replaced in due time before the 5.13 kernel release.

              • Linux review board says rogue researchers did not successfully insert buggy patches into kernel

                The Linux Foundation's Technical Advisory Board (TAB) has prepared a report to summarize the “Hypocrite Commits” row after a thorough review of all University of Minnesota (UNM) submissions found that none of the buggy code made it to the mainline Linux kernel.

                Prepared by TAB with patch review help from several kernel developers, the report summarizes the events that led to a call for a review of all submissions from UNM, along with the findings of the review.

                Senior kernel developer Greg Kroah-Hartman asked the community to stop accepting patches from UNM and to review all of their previous contributions after catching UNM researchers deliberately sending compromised code submissions to the kernel.

              • Research scandal sees Linux Kernel ban 'all future contributions' from University of Minnesota

                Anyone sporting a University of Minnesota email has been banned from posting on the open-source Linux Kernel Archives after a group of researchers from the institution knowingly submitted buggy patches in order to gauge community reactions for their research.

                Brought to our attention via a LinusTechTips forum post, it seems it all began with some researchers from the university utilising the Linux Kernel site to gauge its level of security. The way they went about this research, however, has been considered somewhat unethical by the site's standards, resulting in the blanket ban of future contributions from the university at large.

                The researchers had been posting what the maintainer of the site, Greg Kroah-Hartman, identified as 'known-buggy' patches, after which—and without owning up to their machinations—they went on to publish a paper on the topic.

                When the site maintainer confronted them, their response was gold:

                "I respectfully ask you to cease and desist from making wild accusations that are bordering on slander."

              • Here is Linux Advisory Board's ruling on University of Minnesota's "hypocrite commits"

                A couple of weeks ago, we reported that Greg Kroah-Hartman from the Linux kernel development and maintenance team, has banned submissions from the University of Minnesota (UMN) due to some questionable patches that they submitted. The issue received a lot of public attention particularly due to the email exchanges between Hartman and the student researchers being made public. The latter argued that the patches come in the form of "a new static analyzer", but Hartman took issue with the fact that the clearly incorrect patches had been submitted to the kernel without any warning.

                After much back and forth, the department heads for Computer Science at UMN stated that they would investigate the matter further, and soon after, the student researchers published an apology giving more context to their dubious efforts.

                Now, the Linux Technical Advisory Board (TAB) has published its own findings about the matter and its recommendations for the future.

              • LFCA: Learn Cloud Costs and Budgeting – Part 16

                Over the years, there has been an exponential adoption of Cloud services as organizations seek to tap into the numerous benefits offered by the Cloud to streamline their businesses. Most businesses have either integrated their on-premise infrastructure with the Cloud or shifted their core services to the cloud altogether.

        • Security

          • How to hide a backdoor in AI software – such as a bank app depositing checks or a security cam checking faces

            Boffins in China and the US have developed a technique to hide a backdoor in a machine-learning model so it only appears when the model is compressed for deployment on a mobile device.

            Yulong Tian and Fengyuan Xu, from Nanjing University, and Fnu Suya and David Evans, from University of Virginia, describe their approach to ML model manipulation in a paper distributed via ArXiv, titled "Stealthy Backdoors as Compression Artifacts."

            Machine-learning models are typically large files that result from computationally intensive training on vast amounts of data. One of the best known at the moment is OpenAI's natural language model GPT-3, which needs about 350GB of memory to load.

          • Matthew Garrett: More doorbell adventures

            Doorbird sell a chime, a network connected device that is signalled by the doorbell when someone pushes a button. It costs about $150, which seems excessive, but would solve my problem (ie, that if someone pushes the doorbell and I'm not paying attention to my phone, I miss it entirely). But given a shell on the doorbell, how hard could it be to figure out how to mimic the behaviour of one?

            Configuration for the doorbell is all stored under /mnt/flash, and there's a bunch of files prefixed 1000eyes that contain config (1000eyes is the German company that seems to be behind Doorbird). One of these was called 1000eyes.peripherals, which seemed like a good starting point. The initial contents were {"Peripherals":[]}, so it seemed likely that it was intended to be JSON. Unfortunately, since I had no access to any of the peripherals, I had no idea what the format was. I threw the main application into Ghidra and found a function that had debug statements referencing "initPeripherals and read a bunch of JSON keys out of the file, so I could simply look at the keys it referenced and write out a file based on that. I did so, and it didn't work - the app stubbornly refused to believe that there were any defined peripherals. The check that was failing was pcVar4 = strstr(local_50[0],PTR_s_"type":"_0007c980);, which made no sense, since I very definitely had a type key in there. And then I read it more closely. strstr() wasn't being asked to look for "type":, it was being asked to look for "type":". I'd left a space between the : and the opening " in the value, which meant it wasn't matching. The rest of the function seems to call an actual JSON parser, so I have no idea why it doesn't just use that for this part as well, but deleting the space and restarting the service meant it now believed I had a peripheral attached.

            The mobile app that's used for configuring the doorbell now showed a device in the peripherals tab, but it had a weird corrupted name. Tapping it resulted in an error telling me that the device was unavailable, and on the doorbell itself generated a log message showing it was trying to reach a device with the hostname bha-04f0212c5cca and (unsurprisingly) failing. The hostname was being generated from the MAC address field in the peripherals file and was presumably supposed to be resolved using mDNS, but for now I just threw a static entry in /etc/hosts pointing at my Home Assistant device. That was enough to show that when I opened the app the doorbell was trying to call a CGI script called peripherals.cgi on my fake chime. When that failed, it called out to the cloud API to ask it to ask the chime[1] instead. Since the cloud was completely unaware of my fake device, this didn't work either. I hacked together a simple server using Python's HTTPServer and was able to return data (another block of JSON). This got me to the point where the app would now let me get to the chime config, but would then immediately exit. adb logcat showed a traceback in the app caused by a failed assertion due to a missing key in the JSON, so I ran the app through jadx, found the assertion and from there figured out what keys I needed. Once that was done, the app opened the config page just fine.

          • Security updates for Thursday

            Security updates have been issued by Debian (python-django), Fedora (java-latest-openjdk, libopenmpt, python-yara, skopeo, thunderbird, and yara), openSUSE (ceph and openexr), Red Hat (postgresql), SUSE (libxml2), and Ubuntu (exim4 and gnome-autoar).

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

            • First public report on military intelligence: New police-like powers already in use

              No further details of this were provided in the review. However, the wording gives the impression that district courts have not granted permission for all the uses requested by military intelligence or that they have demanded additional justification from the FDF.

              The methods available are specified in the 2019 Act on Military Intelligence. Some of these secret means of obtaining information are similar to those used by police, including surveillance, cyber-intelligence, covert operations, wiretapping and other covert measures.

            • Privacy Implications of Accelerometer Data: A Review of Possible Inferences

              Accelerometers are among the most widely used sensors in mobile devices, where they have a large variety of possible applications. They are commonly regarded as not privacy-intrusive and therefore often less access-restricted than other sensors, such as cameras and microphones. However, based on existing literature, we found that accelerometer data can enable serious privacy intrusions by allowing inferences about a device holder’s location, identity, demographics, personality, health status, emotions, activities and body features.

              Any trait or behavior of a user that results in characteristic movement patterns can potentially be detected through accelera-tion signals. Accelerometers are cheap, low in power consumption and often invisibly embedded into consumer devices. Thus, they represent a perfect surveillance tool as long as their data streams are not properly monitored and protected from potentially untrusted parties such as device manufacturers, service providers and app developers. In current mobile operating systems, third-party apps can access accelerometer data without requiring any permission or conscious participation from the user.

            • With Trump ruling, Facebook's Oversight Board highlights where the power lies

              Now, the board is insisting that Facebook review the matter and make its own decision about the status of Trump's accounts within six months. It is also criticizing Facebook for a vague, ad hoc approach to content moderation and for trying to shirk responsibility for controversial posts.

            • Facebook creates a fork-in-the-road moment for Trump — and the rest of us

              It said the company failed to clearly define the length of Trump's punishment and urged it declare, within six months, whether and when Trump might be reinstated.

              It also faulted Facebook for not examining its own role in fostering unrest.

            • Nest Thermostat bug puts users in endless migration loop - 9to5Google

              If you’re an owner of a Nest Thermostat, you might be encountering a frustrating bug this week. It appears that some Nest Thermostat owners are losing access of their devices through the Google Home app due to an account migration issue.

              Here’s what’s going on. Nest Thermostat owners on Twitter, Reddit, and yours truly are unable to control the device through the Google Home app. When attempting to do so, the app pops up a Nest account migration page that users can’t skip. When attempting this migration process, though, it fails completely. The reason is unclear, but I know in my case I’ve already migrated my Nest account to Google, so that could be the underlying issue for why the migration is failing.

            • Peloton User Accounts Subjected to Data Leaks

              Fitness is supposed to be difficult – it’s how you know it’s working (or at least that’s what we’re told). But it shouldn’t be difficult in this way. A security researcher discovered that the user accounts of Peloton fitness bikes and treadmills were subject to data leaks, and the company took no action initially.

            • After Cookies, Ad Tech Wants To Use Your Email To Track You Everywhere

              Cookies are dying, and the tracking industry is scrambling to replace them. Google has proposed Federated Learning of Cohorts (FLoC), TURTLEDOVE, and other bird-themed tech that would have browsers do some of the behavioral profiling that third-party trackers do today. But a coalition of independent surveillance advertisers has a different plan. Instead of stuffing more tracking tech into the browser (which they don't control), they'd like to use more stable identifiers, like email addresses, to identify and track users across their devices.

              There are several proposals from ad tech providers to preserve "addressable media" (read: individualized surveillance advertising) after cookies die off. We'll focus on just one: Unified Identifier 2.0, or UID2 for short, developed by independent ad tech company The Trade Desk. UID2 is a successor to The Trade Desk's cookie-based "unified ID." Much like FLoC, UID2 is not a drop-in replacement for cookies, but aims to replace some of their functionality. It won't replicate all of the privacy problems of third-party cookies, but it will create new ones.

              There are key differences between UID2 and Google's proposals. FLoC will not allow third-party trackers to identify specific people on its own. There are still big problems with FLoC: it continues to enable auxiliary harms of targeted ads, like discrimination, and it bolsters other methods of tracking, like fingerprinting. But FLoC's designers intend to move towards a world with less individualized third-party tracking. FLoC is a misguided effort with some laudable goals.

              In contrast, UID2 is supposed to make it easier for trackers to identify people. It doubles down on the track-profile-target business model. If UID2 succeeds, faceless ad tech companies and data brokers will still track you around the web--and they'll have an easier time tying your web browsing to your activity on other devices. UID2's proponents want advertisers to have access to long-term behavioral profiles that capture nearly everything you do on any Internet-connected device, and they want to make it easier for trackers to share your data with each other. Despite its designers' ill-taken claims around "privacy" and "transparency," UID2 is a step backward for user privacy.

            • Prism Project: Everyone is in bed with the CIA / NSA!

              The article I wrote about not breeding crows, which came out in the March 2021 issue of PCLinuxOS Magazine, had very good feedback among readers. I had several positive messages, where folks said they enjoyed reading it. One reader, however, asked me for more, and he asked me for sources as well, as well as for evidence.

              Unfortunately, these subjects have no tangible evidence, at least not at the present time. Maybe in 20 or 30 years, with the freedom to access information laws, all the shenanigans will come to light, but I personally doubt it, since there are things that have been hidden for more than 50 years.

              What we can do is present facts, and then connect the dots. And at the end of the article, I will show how connecting the dots works. But for those who want more of the dirty deeds of our Big Tech companies, here is Prism Project, which the hero Edward Snowden revealed, and I bring some details.

              [...]

              Snowden's greatest revelation was about a program called PRISM, under which the National Security Agency (NSA) accesses emails, documents, photographs, and other sensitive user data stored at big companies.

              Microsoft became the first PRISM partner in 2007 and the NSA began collecting large amounts of data from its servers. Other companies joined the program in due course. In 2008, Congress gave the Justice Department the authority to compel a reluctant company to "comply" with PRISM requirements. This means that even companies that were unwilling to join the program voluntarily had to do so at the behest of a court order.

    • Transparency/Investigative Reporting

      • Did Paris Hilton Actually Wear The Infamous ‘Stop Being Poor’ Tank Top? : An Investigation

        With Hilton denying ever appearing in such a shirt – with the images to prove it -- how, exactly did that iconic photo find viral fame online? The answer, like that of many strange things over the past several years, comes down to Republican politics and good ‘ol Photoshop. The actual shirt Hilton wore in the infamous snap actually read “Stop Being Desperate,” an item from a 2005 fashion line designed by her younger sister Nicky Rothschild (neé Hilton) named Chick, Vogue noted.

        Several years later, the image was altered to read “Stop Being Poor," an edit likely inspired by some Statesian left-winger's opinions on the American Health Care Act of 2017, which partially repealed The Affordable Care Act – a.k.a ObamaCare. Although as Know Your Meme noted, a shirt featuring the phrase was available for sale on Amazon roughly two years earlier, providing some precedent for Hilton's fictitious fit.

    • Environment

      • Energy

        • Advert ban tries to wean the Dutch off fossil fuels

          How do you wean the Dutch off fossil fuels? Well, you could always start by banning advertisements that promote them.

        • IS 'blows up' Iraq oil wells, kills policeman: officials

          Jihadists on Wednesday killed a policeman before blowing up two oil wells in Kirkuk, a northern province claimed by both Iraq's federal government and the Kurds, officials said.

          A security official told AFP that "Islamic State group assailants" killed a policeman and "wounded two others".

          The attackers then "blew up wells 177 and 183 at the Bay Hassan field," the oil ministry said in a statement.

    • Finance

      • Clean-Energy Loans Trapped Black Homeowners in Debt. The Legislature Just Started Trying to Fix the Problem.

        Officials in Missouri have begun to examine and are considering measures to rein in programs that make high-interest “clean energy” loans to homeowners in the state, after a ProPublica investigation found the programs disproportionately burden borrowers in predominantly Black neighborhoods.

        The Missouri Senate on Tuesday voted 31-1 on a bill to require that residential Property Assessed Clean Energy programs be reviewed by the state Division of Finance at least every other year. Currently, PACE programs have to submit annual reports to the state, but ProPublica’s investigation found little oversight.

      • Can you mine Doge on your Chromebook?

        Ah, cryptocurrency. The dream of a digital asset that is based not on paper money backed by gold or silver but built on secure transactions and a decentralized network that is open to all. Well, it’s a lot more complicated than that and in the year 2021, there are more cryptocurrencies than any sane person can keep track of. Unless you live under a rock, you’ve probably heard of Bitcoin which is widely considered the first-every cryptocurrency and also birthed the blockchain technology behind most cryptocurrencies. I’ll spare you the long, drawn-out details of how it works because honestly, I’m really not that well-versed in the technology myself. To dumb it down, many cryptocurrencies are built on blockchain tech that utilizes various types of computers and networks to confirm digital transactions. In the process, digital coin, or crypto, is mined as a reward to the miners confirming the transactions. These are called mining rewards. Again, there’s way more to it than that but you can go to Wikipedia or a million other sites to find out more details on how it all works.

    • AstroTurf/Lobbying/Politics

      • Trump Spawned a New Group of Mega-Donors Who Now Hold Sway Over the GOP’s Future

        Wesley Barnett was just as surprised as anyone to learn from news reports that the Jan. 6 Trump rally that turned into a violent assault on the U.S. Capitol was funded by Julia Jenkins Fancelli, an heiress to the fortune of the popular Publix supermarket chain. But Barnett had extra cause for being startled: Fancelli is his aunt.

        Barnett said he was at a loss to explain how his aunt — who isn’t on social media, lives part time in Italy and keeps a low profile in their central Florida town — got mixed up with the likes of Alex Jones and Ali Alexander, the right-wing provocateurs who were VIPs at the Jan. 6 rally in front of the White House.

      • Trump social media: Twitter suspends account sharing ex-president's posts

        A spokesperson for the company said the account, @DJTDesk, violated the ban evasion policy by sharing content "affiliated with a suspended account."

        But the BBC found similar accounts still active on the social media platform.

        Mr Trump was permanently banned from Twitter in January after he voiced support for [insurrectionists] who stormed the US Capitol.

    • Censorship/Free Speech

      • [Old] How Austria Wants To Implement Upload Filters And Ancillary Copyright

        It was a dark day for [Internet] freedom and Europe’s role in global [Internet] policy, when the controversial Copyright Directive was passed in the EU Parliament in 2019. While we still hope to overthrow this directive before the ECJ, we also see it as our task to ensure that the Austrian implementation turns out as Fundamental rights-friendly as possible.

        In December, the competent Ministry of Justice (Green party) ran a preliminary review procedure on a draft for the implementation of the controversial parts of this law. We explain its main points here and also provide a legal analysis. Our first impression: the part on upload filters was drafted by the Green party, whereas the text on ancillary copyright was written by the right-wing conservative party (ÖVP).

      • Mosques call for calm after Prophet Muhammad image shown at Sheffield school assembly

        But a parent, Atif Mohammed said the apology was not enough, until the deputy head who was responsible for the assembly steps down from her position.

      • Father wants to pull children out of school after image of Prophet mistakenly shown in assembly

        This comes just over a month after Batley Primary School saw hundreds of protesters camp outside the school after a teacher showed a cartoon mocking the prophet.

      • Mauritian government’s plan to intercept encrypted web traffic marks ‘death knell for freedom of speech’

        While freedom of speech is guaranteed under Mauritius’s constitution, the government has already introduced an amendment to the ICT Act, imposing prison sentences of up to 10 years for online messages that “inconvenience” the reader. In practice, this amendment has been used to file complaints against journalists and media outlets.

        Now, in the consultation document, the ICTA claims it needs to take further measures thanks to “unacceptable abuses by a minority of individuals or organized groups”.

    • Civil Rights/Policing

      • Republican Gov. Ron DeSantis Just Made it Harder to Vote in Florida

        The new bill introduces a number of restrictions to absentee and mail voting, including limits on collecting votes via dropboxes introduce constraints on where they can be located, who can drop off a ballot, and a requirement that the dropboxes be staffed by an election official. Additionally, it grants new powers to party poll watchers and adds new identification requirements to make even minor changes to a voter’s registration records.

        Republicans, crying voter fraud despite zero evidence it exists on a widespread basis, claim the new changes increase the security of votes. But critics say it will disproportionately affect elderly voters, working class voters, disabled voters, voters of color, and students.

      • New Information Emerges From 2 Christian Murders

        As reported by ICC, “Egypt’s human rights record has greatly worsened over recent years. Whereas during the early 2010s terrorists such as ISIS were the main perpetrators of Christian persecution, today the main perpetrator is the government. Dissent is silenced, human rights activism is suppressed, and truth about violations is clouded.” Nabil and Maryam’s cases show that both possible persecution perpetrators may still be true for Egypt’s Christians.

      • This is becoming a menace in Germany: Young Muslims steal lambs for Eid

        However, the injured party has no illusions that he will ever see his stolen animals again: “The poor sheep have surely already been slaughtered somewhere,” “Bild” quotes the man. This is precisely the real problem here: the theft itself, with a property damage of just 550 euros, is far less serious and alarming than the increasing disregard for animal rights in the name of a medieval religion that is spreading at an ever more breathtaking pace across the Western cultural area and developing increasing dominance (admittedly without it being permissible let alone desirable to call this development what it objectively is: Islamisation).

      • 'They Are Burning Us Alive!' Say Sinai’s Coptic Christians

        Thereafter followed a massive “jihad” on the Copts; the following are some of the more notable examples, all occurring in early 2017, mostly in al-Arish, Sinai: [...]

    • Internet Policy/Net Neutrality

      • Regulating What Canadians See Online: Why Bill C-10 Would Establish CRTC-Approved TikTok, Youtube and Instagram Feeds

        Not only is such an approach unworkable (how do regulators even identify what counts as domestic user generated content), but it would represent an exceptionally heavy-handed regulatory approach where a government-appointed regulator decides what individual user generated content is prioritized in order to further “discoverability”, a term that isn’t even defined in Bill C-10. There is a need for greater transparency of the algorithms used by social media companies, but to turn over the content choices of social media feeds of millions of Canadians to the CRTC is madness and an abdication of the government’s professed support for freedom of expression.

    • Monopolies

      • Melinda Gates Warned Bill About Jeffrey Epstein

        Melinda Gates met with convicted sex offender Jeffrey Epstein alongside her husband Bill in New York City and soon after said she was furious at the relationship between the two men, according to people familiar with the situation.

      • The People v. Bill Gates

        Bill and Melinda Gates have asked for privacy after their divorce announcement, but a storm of attention seems more likely. Interest in their marital arrangements isn’t merely prurient. They are public figures and their personal lives have political ramifications. The urgent question in global health circles is what will happen to their powerhouse foundation in the wake of their split. Large amounts of funding hang in the balance.

        Even before the divorce, public opinion was shifting. A year ago, many people were sympathetic to Bill Gates, and even outraged on his behalf, when he became the target of conspiracy theories spread by QAnon and other groups, suggesting the pandemic was all part of a secret plan to implant microchips in people. More recently, though, as his opposition to waiving patents on vaccines has become better known, it isn’t only the conspiracists who are angry with him.

        People are once again asking – as they did when he was at the helm of Microsoft during its anti-trust legal battles – whether it’s right for one private individual to wield so much economic and political power. For two decades the question seemed to have gone away: after all, how could anyone dislike the world’s most charitable man?

        But as I argued a few years ago in No Such Thing As a Free Gift, Gates has long deserved more critical scrutiny than he has received, especially since a lot of the Gates Foundation’s money is channelled to western researchers and pharmaceutical companies, exacerbating inequality between the global north and global south. Gates has also long refused to concede that current patent protections on drugs and vaccines are unfair and biased against the interests of poor nations, making it legally difficult for them to respond to health emergencies even when they have the scientific knowhow.

        Private philanthropy in general can be a threat to democratic accountability and a just society. Reverence for big donors implies that billions of underpaid and exploited people should be satisfied with philanthropic crumbs from a self-appointed aristocracy rather than entitled to economic justice. What’s really needed for a fairer, more equal society is not charity but justice, though Gates has long presumed otherwise.

        [...]

        The rioters were wrong about cholera, but understood all too well that the economic and political system was biased against them. The disease was brought to them by a corporation that had plundered India for the gain of aristocrats and the upper-middle classes, while labourers were paid crumbs to live and die in mills, mines and factories throughout the world. Today, Covid-19 disproportionately afflicts the poor, especially women and men of colour, while the rich have the means to barricade themselves against it.

        Bill Gates, like William IV before him, sits at the apex of a global financial empire. The people who are angry with him, rightly or wrongly, shouldn’t be blamed for appreciating this reality. The blame lies with the billionaires like Gates who pretend the system works fine.

      • Bill and Melinda Gates Foundation crumbles

        Gates is like all of the tech oligarchs. They act like Republicans but, to maintain their monopolies, for protection they fund the Democrats. There is this unholy alliance between them and establishment Democrats. They give money, and Dems act like they are taxing them, all the while giving them tax breaks and deals on the side so the blue collar proletariat does not catch on.

        It is an article of faith with tech titans that you can cheaply buy your protection from Democrats, like a Third World country and the police. And from whom are they paying to be protected? From the government itself.

        This is like Northern hedge funds with their loophole called "carried interest," wherein they can defer and not pay taxes on their management fees indefinitely. The more you know about how these guys work, the more disheartened you are.

        Bill Gates did take a meeting with Donald Trump when Trump was president. It was historic: two of the worst haircuts in the history of man in the same room.

      • Copyrights

        • Victory For Fair Use: The Supreme Court Reverses The Federal Circuit In Oracle vs Google

          This decision gives more legal certainty to software developers' common practice of using, re-using, and re-implementing software interfaces written by others, a custom that underlies most of the internet and personal computing technologies we use every day.

          To briefly summarize over ten years of litigation: Oracle claims a copyright on the Java APIs--essentially names and formats for calling computer functions--and claims that Google infringed that copyright by using (reimplementing) certain Java APIs in the Android OS. When it created Android, Google wrote its own set of basic functions similar to Java (its own implementing code). But in order to allow developers to write their own programs for Android, Google used certain specifications of the Java APIs (sometimes called the "declaring code").

          APIs provide a common language that lets programs talk to each other. They also let programmers operate with a familiar interface, even on a competitive platform. It would strike at the heart of innovation and collaboration to declare them copyrightable.

          EFF filed numerous amicus briefs in this case explaining why the APIs should not be copyrightable and why, in any event, it is not infringement to use them in the way Google did. As we've explained before, the two Federal Circuit opinions are a disaster for innovation in computer software. Its first decision--that APIs are entitled to copyright protection--ran contrary to the views of most other courts and the long-held expectations of computer scientists. Indeed, excluding APIs from copyright protection was essential to the development of modern computers and the internet.

          Then the second decision made things worse. The Federal Circuit's first opinion had at least held that a jury should decide whether Google's use of the Java APIs was fair, and in fact a jury did just that. But Oracle appealed again, and in 2018 the same three Federal Circuit judges reversed the jury's verdict and held that Google had not engaged in fair use as a matter of law.

          Fortunately, the Supreme Court agreed to review the case. In a 6-2 decision, Justice Breyer explained why Google's use of the Java APIs was a fair use as a matter of law. First, the Court discussed some basic principles of the fair use doctrine, writing that fair use "permits courts to avoid rigid application of the copyright statute when, on occasion, it would stifle the very creativity which that law is designed to foster."

05.06.21

Links 6/5/2021: Fedora’s Compiler Policy and Celemony Software GmbH Adopting Free Software

Posted in News Roundup at 6:44 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • BSDNow 401: OpenBSD Dog Garage

        Dog’s Garage Runs OpenBSD, EuroBSDcon 2021 Call for Papers, FreeBSD’s iostat, The state of toolchains in NetBSD, Bandwidth limiting on OpenBSD 6.8, FreeBSD’s ports migration to git and its impact on HardenedBSD, TrueNAS 12.0-U3 has been released, and more.

      • Context in Comprehension | Coder Radio 412

        From adventures in learning, a recipe for great collaborations, to creativity and problem-solving in tech. It’s a deep dive chat with Wes Payne.

      • The Linux Link Tech Show Episode 905

        fedora 34, register.com sucks, realestate

    • Kernel Space

      • Dates for Virtual Linux Plumbers now 20-24 September

        We took a look at all the events that were announced at the same time as OSS, including KVM Forum. The dates 20-24 September still seem to be clear of conference overlaps so we thought we’d grab them for Plumbers before someone else does. We also thought the timezone last year (Atlantic, 1h ahead of US Eastern and 5h behind central European) worked well, so we’ll plan to hold the conference mostly in that timezone (Although Microconference sessions can vary this if participants need. Our conference architecture will be available 24h)

      • Containers and Checkpoint/Restore Microconference Accepted into 2021 Linux Plumbers Conference – Linux Plumbers Conference 2021

        We are pleased to announce that the Containers and Checkpoint/Restore Microconference has been accepted into the 2021 Linux Plumbers Conference! The Containers and Checkpoint/Restore micro-conference brings together kernel developers, runtime maintainers, and developers working on container- and sandboxing related technologies in general to discuss current problems and agree on new features.

      • Linux Plumbers Goes Fully Virtual – Linux Plumbers Conference 2021

        You may have noticed that the Linux Foundation has announced moving OSS+ELC from Dublin to Seattle, WA due to survey results and vaccination rates in Europe. Since we agreed to co-locate with OSS+ELC this year, we’ve been debating following suit or going virtual. Unfortunately, the safety protocols imposed by event venues in the US require masks and social distancing, making it impossible to hold the interactive part of Plumbers (the Microconferences). Since Microconferences are a differentiating feature of plumbers, we felt that rather than lose such an essential element we’d move the entire conference on-line and hope to be back in-person next year.

      • Device Mapper Gets Some Nice Improvements With Linux 5.13

        The kernel’s Device Mapper (DM) code with Linux 5.13 has some improvements worth mentioning this cycle.

        DM-Integrity, which via emulating a block device allows for storing additional integrity information, TRIM/DISCARD is now used to avoid needlessly rewriting of metadata. Additionally, DISCARD is also used to improve hash re-calculation.

      • Some 5.12 development statistics

        By the time the 5.12 kernel was finally released, some 13,015 non-merge changesets had been pulled into the mainline repository for this development cycle. That makes 5.12 the slowest development cycle since 5.6, which was released at the end of March 2020. Still, there was plenty of work done for 5.12. Read on for our traditional look at where that work came from and how it got into the kernel.

        Patches were contributed to 5.12 by 1,873 developers, 262 of whom were first-time contributors; those are typical numbers, especially given the (relatively) small size of this cycle.

      • Preventing information leaks from ext4 filesystems

        A filesystem’s role is to store information and retrieve it in its original form on request. But filesystems are also expected to prevent the retrieval of information by people who should not see it. That requirement extends to data that has been deleted; users expect that data to be truly gone and will not welcome its reappearance in surprising places. Some work being done with ext4 shows the kind of measures that are required to live up to that expectation.

        In early April, Leah Rumancik posted a two-patch series making a couple of small changes to the ext4 filesystem implementation. The first of those caused the filesystem to, after a file is deleted, overwrite the space (on disk) where that file’s name was stored. In response to a question about why this was needed, ext4 maintainer Ted Ts’o explained that it was meant to deal with the case where users were storing personally identifiable information (PII) in the names of files. When a file of that nature is removed, the user would like to be sure that the PII is no longer stored on the disk; that means wiping out the file names as well.

      • Avoiding unintended connection failures with SO_REUSEPORT

        Many of us think that we operate busy web servers; LWN’s server, for example, sweats hard when keeping up with the comment stream that accompanies any article mentioning the Rust programming language. But some organizations run truly busy servers and have to take some extraordinary measures to keep up with levels of traffic that even language advocates cannot create. The SO_REUSEPORT socket option is one of many features that have been added to the network stack to help these use cases. SO_REUSEPORT suffers from an implementation problem that can cause connections to fail, though. Kuniyuki Iwashima has posted a patch set addressing this problem, but there is some doubt as to whether it takes the right approach.

        In normal usage, only one process is allowed to bind to any given TCP port to accept incoming connections. On busy systems, that process can become a bottleneck, even if all it does is pass accepted connections off to other processes for handling. The SO_REUSEPORT socket option, which was added to the 3.9 kernel in 2013, was meant to address that bottleneck. This option allows multiple processes to accept connections on the same port; whenever a connection request comes in, the kernel will pick one of the listening processes as the recipient. Systems using SO_REUSEPORT can dispense with the dispatcher process, improving scalability overall.

        SO_REUSEPORT does its work when the initial SYN packet (the connection request) is received; at that time, a provisional new socket is created and assigned to one of the listening processes. The new connection will first wait for the handshake to complete, after which it will sit in a queue until the selected process calls accept() to accept the connection and begin the session. On busy servers, there may be a fair number of connections awaiting acceptance; the maximum length of that queue is specified with the listen() system call.

      • Toward signed BPF programs

        The kernel’s BPF virtual machine is versatile; it is possible to load BPF programs into the kernel to carry out a large (and growing) set of tasks. The growing body of BPF code can reasonably be thought of as kernel code in its own right. But, while the kernel can check signatures on loadable modules and prevent the loading of modules that are not properly signed, there is no such mechanism for BPF programs; any sufficiently privileged process can load any program that will pass the verifier. One might think that adding this checking for BPF would be straightforward, but that subsystem has some unique characteristics that make things more challenging than one might expect. There may be a solution in the works, though; fittingly, it works by loading yet another BPF program.

        Loadable kernel modules are stored as executable images in the ELF format. When one is loaded, the kernel parses that format and does the work needed to enable the module to run within the kernel; this work includes allocating memory for variables, performing relocations, resolving symbols, and more. All of the necessary information exists within the ELF file. Applying a signature to that file is simply a matter of checksumming the relevant sections and signing the result.

        BPF programs have similar needs, but the organization of the requisite information is a bit more, for lack of a better word, messy. The code itself is compiled as an executable section that is then linked into a loader program that runs in user space and invokes the bpf() system call to load the BPF program into memory. But BPF programs, too, need to have data areas allocated in the form of BPF maps, and they need relocations (of a sort) applied to be able to cope with different structure layouts on different systems. The necessary maps are “declared” as special ELF sections in the loader program; the libbpf library finds those sections and turns them into more bpf() calls. The BPF program itself is then modified (before loading into the kernel) so that it can find its maps when it runs.

        This structure poses a challenge for anybody wanting to implement signed BPF programs. The maps are a part of the program itself; if they are not established as intended, a BPF program might misbehave in interesting ways. But the kernel has no way to enforce any specific map configuration, and thus cannot ensure that a signed BPF program has been properly set up. Additionally, the need to modify the BPF program itself will break signature verification; after all, modifications to BPF programs are just the sort of thing this mechanism is expected to prevent. So, somehow, the kernel has to take a more active role in the loading of BPF programs.

      • UBIFS To Default To Zstd Compressed File-System With Linux 5.13+

        Adding to the growing list of changes for Linux 5.13 is the UBIFS file-system now using Zstd for file-system compression by default.

        Where available, UBIFS on Linux 5.13 and later will use Zstd as its default compressor where as previously it had been LZO. UBIFS as the file-system for un-managed flash memory devices is now comfortable with the state of Zstd and that it’s the superior solution to call it the new default compression method.

      • Graphics Stack

        • Mike Blumenkrantz: Backish

          The truth is that I’ve been taking some time off from zink in a completely futile attempt to make progress on something else while zink-wip continues to land. Inspired by this ticket describing issues getting CS:GO working, I decided to tackle part of Mesa that I haven’t worked on much and that hasn’t seen much work in a long time…

    • Applications

      • Linux Release Roundup: elementary OS, Zorin OS, Kdenlive + More

        It’s been a busy few weeks in FOSS land. A number of well-known software projects have seen new releases, including those rounded up in this recap!

        As always, I rely on readers to feed me news, be it through the on-site tip form, an email to one of the listed addresses, or even using the medium of interpretive dance — just make sure I’m in eye shot before starting, okay?

        [...]

        We’ll start with a biggie: a distro beta release! Bug hunters and app developers alike can go go hands on with a beta build of elementary OS 6, the distro’s next major release.

        This update is based on Ubuntu 20.04 LTS and comes with a number of modest improvements to the Pantheon desktop environment plus updates its associated software stack. There’s also as out-of-the-box Flatpak app support, and a new system installer.

        Monetary sponsors of elementary project get access to daily builds, and the stable version is a ‘pay what you want’ affair. But this beta is, rather notably, available freely. Do note that it won’t be possible to upgrade elementary OS 6.0 beta to the final stable build, though.

      • Compact Text Editors Great for Remote Editing and Much More

        A text editor is software used for editing plain text files. This type of software has many different uses such as modifying configuration files, writing programming language source code, jotting down thoughts, or even making a grocery list. Given that editors can be used for such a diverse range of activities, it is worth spending the time finding an editor that best suites your preferences.

        Whatever the level of sophistication of the editor, they typically have a common set of functionality, such as searching/replacing text, formatting text, importing files, as well as moving text within the file.

        All of these text editors are console based applications which make them ideal for work on remote machines. Textadept also provides a graphical user interface, but remains fast and minimalist.

    • Instructionals/Technical

      • Beautiful 3D Print time-lapses with my Nikon D700 and Octolapse

        What I wanted was a stable and sharp timelapse of the entire process with high enough resolution to use in HD videos I produce for my YouTube channel.

        So how did I get it working with my old but trusty Nikon D700? Read on…

      • How to keep files and directories synchronized across different devices using syncthing on Linux

        Syncthing is defined as a continuous file synchronization program: it can be used to keep files and directories synchronized across different devices or “nodes”. The application uses TLS as encryption method, and it is, together with its protocol, free and open source software. When using Syncthing, our data remains on our device, and is transferred directly to the destination without relaying on a central server (peer to peer). In this tutorial we will see how to install, configure and use Syncthing on Linux.

      • The different types of modern (2021) SSH keys (and some opinions)

        Back in 2014 I wrote about what I knew about the then-current different types of SSH keys. Things have changed around a bit since then, so it’s time for an update.

        Modern versions of SSH support three different types of public key cryptography for common use; RSA, ECDSA, and Ed25519. Both ECDSA and Ed25519 use elliptic curve cryptography, while RSA is based on integer factorization. SSH once supported DSA public key cryptography, but it has been deprecated since the 7.0 release of OpenSSH in 2017 (search for ‘ssh-dss’). OpenSSH supports FIDO/U2F hardware authenticators with ECDSA and Ed25519 keys since OpenSSH 8.2, and supports SSH key certificates for all key types.

      • Stopping cron sending email alert for Linux/Unix jobs

        How do I to disable the email alert send by crontab? When my job is executed and the jobs cannot run normally it will sent an email to root. Why do I receive e-mails to my root account from cron? How can I prevent this? How can I disable email alert sent by cron jobs on a Linux or Unix-like systems?

        The crontab command is used to maintain crontab files for individual users. By default the output of a command or a script (if any produced), will be email to your local email account. To stop receiving email output from crontab you need to append following strings at the end of crontab entry.

    • Distributions

      • Open Letter: DistroWatch

        For the better part of three years, we have remained silent about your ongoing efforts to affect people’s perception of our Linux distribution continuously. We have tried our best not to engage with your evident hostility and disregard to inform your viewers and visitors about correct facts of the Linux distributions you display on your website, especially ours.

        However, we have decided to take a stance. It is today, the 6th of May, that we gallantly demand you to stop.
        We do not accept for one more minute that the information displayed on your website about our product remains erroneous in what is no longer a “mistake” or “oversight” on your part. In addition, we do not accept the way you have chosen to describe our product, including making an absolute wild claim that we did not offer our product to the public before an arbitrary date, even if that is easily refuted.

      • IBM/Red Hat/Fedora

        • Rethinking Fedora’s compiler policy

          Now that the Fedora 34 release is out the door, the Fedora project is turning its attention to Fedora 35, which is currently scheduled for release on October 26. One of the changes under consideration for Fedora 35 is this proposal allowing maintainers to choose whether to build their packages with GCC or Clang. This policy change may give maintainers some welcome flexibility, but it has not proved entirely popular in the Fedora community.

          It is a longstanding practice for distributors to pick a specific toolchain to be used to build the full set of packages. Mixing compilers and linkers always presents the possibility of incompatibilities leading to subtle bugs, which is the sort of outcome distributors tend to go out of their way to avoid. Adhering to that practice, Fedora has long used GCC as its compiler of choice — a practice dating back to the time when there were no other compilers to use in any case.

        • Experience Red Hat Enterprise Linux [Ed: Posted under 'feature', but what it actually ought to say is "ad" or "spam" (for IBM)]
        • Explore what’s in store with Linux, Automation & DevOps [Ed: Techtarget takes money from IBM to post Red Hat puff pieces (see the disclose at the top). Typical IBM, which just like Microsoft commandeers the media with money.]
      • Canonical/Ubuntu Family

        • Ubuntu Touch OTA-17 Arrives May 12 with NFC Support, Available for Testing Now

          Ubuntu Touch OTA-17 is the next major software update for Ubuntu Phone devices, promising support for NFC hardware on various devices, including the Google Pixel 3a and Volla Phone. Besides the obvious benefits, NFC support will also enable developers to add the ability to read or write NFC tags in their apps.

          While UBports devs continue their transition for Ubuntu Touch to the Ubuntu 20.04 LTS (Focal Fossa) base, they added various enhancements to the Ubuntu Touch OTA-17 release. Among these, improved battery life and notifications for the Google Pixel 3a phone, a Macedonian keyboard layout, and automatic screen brightness on the Volla Phone.

        • Our future upgrade wave of Ubuntu 18.04 machines

          Our future issue is that having a lot of 18.04 machines (some of them very critical ones) means that when Ubuntu 22.04 comes out next April, we’ll have a lot of machines to upgrade in less than a year (since 18.04 will stop being supported at the end of April 2023). This is probably more unique machines than we’ve ever had to upgrade in one cycle, even if we assume that the machines users log in to are mostly simple to rebuild. Some of the machines, such as our fileservers, will take extensive testing all on their own.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Events

        • GridGain Announces Keynote Speakers for First Ignite Summit [Ed: Stop calling a bunch of webchats a "summit"]

          GridGain® Systems, provider of enterprise-grade in-memory computing solutions powered by the Apache® Ignite® distributed database, today announced the keynote speakers for the first Ignite Summit, a virtual event taking place May 25, 2021. Experts from Amazon, 24 Hour Fitness, Intel, Banco do Brasil, GridGain and more will discuss the Apache Ignite technology and how organizations are using it to power modern, high-performance applications. GridGain also announced the addition of a pre-conference training day on May 24, 2021, when attendees can get hands-on, technical training from Apache Ignite experts.

      • Web Browsers

        • Mozilla

          • Check the status of Tor services with status.torproject.org

            The Tor Project now has a status page which shows the state of our major services.

            You can check status.torproject for news about major outages in Tor services, including v3 and v2 onion services, directory authorities, our website (torproject.org), and the check.torproject.org tool. The status page also displays outages related to Tor internal services, like our GitLab instance.

          • Firefox’s slow takeover of the address bar’s space

            In the current Firefox 88, and I believe in the next version as well (currently Firefox Beta), part of the address bar is a ‘…’ menu for “Page actions”. Through using the right button on items in this menu, or on the icons on the right side of the address bar, you can add or remove certain icons from the right side, things like the “Bookmark this page” star. If you start up a current Firefox Nightly, you will discover the three dots of the Page Actions menu are gone, as is your ability to remove any icons from the address bar, including both the “Bookmark this page” star and any that may be put there by some of your addons.

          • It’s possible for Firefox to forget about:config preferences you’ve set

            Firefox has a user preferences system, exposed through its ‘Settings’ or ‘Preferences’ system (also known as about:preferences) and also through the more low-level configuration editor (aka about:config). As is mentioned there and covered in somewhat more detail in what information is in your profile, these configuration settings (and also your preferences settings) are stored in your profile’s prefs.js file.

            You might think that once you manually set something in about:config, your setting will be in prefs.js for all time until you go back into about:config and change or reset it. However, there’s a way that Firefox can quietly drop your setting. If you’ve set something in about:config and your setting later becomes Firefox’s default, Firefox will normally omit your manual setting from your prefs.js at some point. For example, if you manually enable HTTP/3 by setting network.http.http3.enabled to true and then Firefox later makes enabling HTTP/3 the default (as it plans to), your prefs.js will wind up with no setting for it.

          • Mozilla Explains: What are deceptive design patterns?

            Deceptive design patterns are tricks used by websites and apps to get you to do things you might not otherwise do, like buy things, sign up for services or switch your settings. Another word used to describe deceptive design patterns is dark patterns*, which was originally coined in 2010 by user experience specialist Harry Brignall, drawing attention to this practice and building momentum around calling it out. Brignall regularly tweets some of the worst examples of deceptive designs online and hands out kudos for honest user experiences.

            Deceptive design patterns show up as tricky color schemes, frustrating mazes, sneaky designs and confusing language. Websites use these techniques to influence your behavior into a direction that benefits them more than it benefits you. Here are examples of deceptive or manipulative designs you might run into.

      • CMS

        • Dark Mode Plugin Repurposed and Renamed to WP Markdown Editor, Change Leaves Users Confused

          Last year, I asked Tavern readers if WordPress should notify end-users when a plugin’s owner changes. The post was not entirely based on theory. There have been some cases of real-world confusion. The consensus from the comments on that post seemed to be that, yes, such notifications would be welcome.

          When I wrote that post, there was already another plugin changing hands. Dark Mode, which had grown in popularity in its earlier years, had a new owner, WPPool. There were no public notifications of this ownership change. A mere GitHub issue filed, a corner of the web that few users venture.

          [...]

          Iceberg is licensed under the GPL version 2, so it is legal for anyone to fork it. However, there does not seem to be any mention of the copyright, and only a few references to the original product remain in the source code.

      • FSF

        • Licensing/Legal

          • Celemony releases ARA SDK under open source license and releases software development kit

            Celemony Software GmbH is placing the ARA Audio Random Access audio interface under open source license as well as releasing a comprehensive software development kit. They say that this will make ARA integration even easier for DAW and plug-in manufacturers. Here’s the story in the company’s own words…

            [...]

            Right now, the fully revised and expanded ARA Audio Random Access Software Development Kit is available under the Apache 2.0 license, which also makes integration into projects with open-source licenses such as GNU GPLv3 possible.

      • Programming/Development

        • [Old] Bringing GNU Emacs to Native Code

          Emacs Lisp (Elisp) is the Lisp dialect used by the Emacs text editor family. GNU Emacs can currently execute Elisp code either interpreted or byte-interpreted after it has been compiled to byte-code. In this work we discuss the implementation of an optimizing compiler approach for Elisp targeting native code. The native compiler employs the byte-compiler’s internal representation as input and exploits libgccjit to achieve code generation using the GNU Compiler Collection (GCC) infrastructure. Generated executables are stored as binary files and can be loaded and unloaded dynamically. Most of the functionality of the compiler is written in Elisp itself, including several optimization passes, paired with a C back-end to interface with the GNU Emacs core and libgccjit. Though still a work in progress, our implementation is able to bootstrap a functional Emacs and compile all lexically scoped Elisp files, including the whole GNU Emacs Lisp Package Archive (ELPA). Native-compiled Elisp shows an increase of performance ranging from 2.3x up to 42x with respect to the equivalent byte-code, measured over a set of small benchmarks.

        • Perl/Raku

          • vrurg: Config::BINDish Module First Release

            Soon after Test::Async time has came for the first release of Config::BINDish. At first, I didn’t plan it whatsoever. Then I considered it as a little distraction project to get some rest from an in-house one I was working on lately. But it turned in a kind of a monster which swallowed quite an amount of my time. Now I hope it’s been worth the efforts.

            Basically, the last straw which convinced me to eventually put everything else aside and have this one done was an attempt to develop a model for scalable file hosting. I was stuck, no approach I was considering was good enough. And I decided to change the point of view and try to express the thing in terms of a configuration file. I went on a hunt onto Raku modules site and came back with a couple of already familiar options. Of those I decided that Config::TOML would be the best one for my needs. Unfortunately, very soon I realized that a feature it misses makes my life somewhat harder than I’d like it to be: there was no way to expand a string with an option value.

        • Rust

    • Standards/Consortia

      • Satellite-navigation systems such as GPS are at risk of jamming

        The original purpose of the GPS and its European (Galileo), Russian (GLONASS) and Chinese (BeiDou) counterparts was to enable suitably programmed receivers on or near the ground to calculate their whereabouts to within a few centimetres, by comparing signals from several satellites. In this role they have become ubiquitous, running everything from the navigation systems of planes, ships and automobiles, both military and civilian, to guiding the application of water and fertiliser in precision agriculture. But global-navigation satellite systems (GNSS), to give their collective name, now do much more than that. By acting as clocks that broadcast the time accurate to within a few dozen nanoseconds, they are crucial to jobs ranging from co-ordinating electricity grids and mobile-phone networks to time-stamping financial transactions and regulating the flow of information in and out of data centres.

  • Leftovers

    • Frances Fox Piven Wants You to Raise Hell

      It is a common lament that American society has become polarized. Most commentators consider this a harmful development. Problems, they argue, should be solved through compromise, bipartisanship, and civil discourse. But polarization is not always negative. One of the key functions of social movements is to elevate controversial issues, force people to choose a side, and make politicians respond.

    • The Hedonist Bard of the Midlife Crisis

      Frederick Seidel is the poet laureate of the enlarged prostate. Most likely he would freely admit it, as the unruly gland appears more than once in the poet’s new Selected Poems, which distills 40 years of appetites shored against the indignities of age. If the lyric poet is traditionally working to “find his voice,” the volume outlines the trajectory of a poet who, with some effort, found his as the bard of perpetual midlife crisis. Seidel’s subjects are his lust for life and our disgust at his lust, and he glories in the dirty details: bespoke Caraceni suits from Milan, Patek Philippe watches, and the Ducati motorcycles that have become his signature. Above all, though, is his lust for lust. Intercourse is Seidel’s inexhaustible subject, from BDSM play to an octogenarian’s attempt to hit on the maître d’ at a Meatpacking District restaurant. No opportunity has been spared to remind you that this guy—this guy fucks.

    • Afghanistan’s Musical Tradition: a Health Check

      That is why Ahmad Soheil Ahmadi spoke with Ms. Farideh Taraneh. Ms. Taraneh is an Afghan singer of renown, who came onto the Afghan music scene many years ago. Since fleeing to Europe, Farideh has developed her talent and become a beloved artist among the Afghan people.

      In this interview, we talked about the current state of Afghan music, women’s post-peace activities with the Taliban, reform or struggle against the Taliban, the younger generation of Afghan musicians, and the potential post-peace future of Afghan music.

    • Science

      • CRISPR Madness: Welcome to the Age of Genetic Chaos

        Dr. He was imprisoned, fined, and fired from his academic position in China for his actions, although it is still not clear to what extent the higher-ups at his institute were aware of them. At a small meeting that I attended in Berkeley in early 2017 where He spoke, he unambiguously stated that “these things are thought of differently in China than in the U.S.” The U.S. scientific establishment uniformly condemned He’s experiments, but when questioned, most scientists, including Doudna herself, and bioethicists (a profession dedicated, with a few exceptions, to getting the public used to what the scientists and bioentrepreneurs have in store for it), left the door open to future manipulation of humans.

        In a recent review in the New York Review of Books of four books on the prospects of using CRISPR and related gene modification technologies for the improvement of human biology (“Editing Humanity’s Future”; April 29), including Walter Isaacson’s paean to Jennifer Doudna, the biotechnology editor and writer Natalie de Souza addresses the safety of such manipulations as a fundamental requirement for moving forward with human applications. But de Souza, in common with the authors of all the books under review, downplays the fact that “safety” means entirely different things when therapeutic alterations of the tissues of a mature body are considered, in contrast to those that are administered at early embryonic stages. The engineering of retinal cells to relieve blindness, for example, a promising, although still uncertain, application of the technique, is not comparable to ridding embryos of genes associated with cystic fibrosis, HIV susceptibility, or sickle cell disease.

      • A NASA Spacecraft Just “Touched” The Outer Layer Of The Sun

        NASA’s Parker Solar Probe just took its closest pass to the Sun yet, veering so close that it “touched” the star’s blisteringly hot outer atmosphere — and gave NASA an unprecedented firsthand look at it.

        The car-sized spacecraft has zoomed past the Sun a few times now, veering closer and closer each time, according to CNET. Each time, it uses nearby Venus’ gravitational pull as a sort of slingshot that helps it travel closer to the Sun and propels it at higher and higher speeds each time.

    • Education

      • Student Debt Is Devastating American Families—Here’s How

        A national poll conducted in September 2020 by the Center for Responsible Lending found that nearly two-thirds of respondents supported some degree of student loan debt cancellation. A series of state-level polls found the same, with a majority of voters in Minnesota, Pennsylvania, and North Carolina supporting debt cancellation. At the federal level, over 75 members of Congress have signed on to a resolution calling for President Biden to use his executive power to cancel $50,000 in student loan debt across the board. And, in February, the Democratic Association of Attorneys General publicly endorsed the same.

        It makes sense. For too many years, working- and middle-class Americans have been borrowing against their futures on the promise that a college education will provide financial stability and give their families the safety and security they need to thrive. We now know that student loan debt does just the opposite. Borrowers find themselves unable to save for retirement, invest in homeownership, build small businesses, or even give their own children a debt-free education.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Malicious Office 365 Apps Are the Ultimate Insiders [Ed: Office 360 itself is malicious]
        • Biden administration, Congress unite in effort to tackle ransomware attacks [iophk: Windows TCO]

          Congress has also been paying greater attention to the threats from ransomware, with members on both sides of the aisle citing attacks in their districts on schools, governments, libraries and hospitals as key motivating factors in taking action.

        • Changing role of the board on cybersecurity

          While it is the network security team that is responsible for preventing such a breach, increasingly, the company’s board is being examined in such cases more often than before. So, how can the board be ready if such an unforeseen event unfolds and how the direction to take corrective measures can come right from the top?

          In our latest report we delve into the changing role of the board on cybersecurity to outline the following recommendations: [...]

        • They Told Their Therapists Everything. [Crackers] Leaked It All [iophk: Windows TCO]

          Vastaamo ran the largest network of private mental-health providers in Finland. In a country of just 5.5 million—about the same as the state of Minnesota—it was the “McDonald’s of psychotherapy,” one Finnish journalist told me. And because of that, the attack on the company rocked all of Finland. Around 30,000 people are believed to have received the ransom demand; some 25,000 reported it to the police. On October 29, a headline in the Helsinki Times read: “Vastaamo [Cracking] Could Turn Into Largest Criminal Case in Finnish History.” That prediction seems to have come true.

        • RTF Report: Combatting Ransomware

          2. The United States should lead by example and execute a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House. This must include the establishment of 1) an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; 2) an internal U.S. Government Joint Ransomware Task Force; and 3) a collaborative, private industry-led informal Ransomware Threat Focus Hub.

        • Tesla Car [Cracked] Remotely From Drone via Zero-Click Exploit

          The attack, dubbed TBONE, involves exploitation of two vulnerabilities affecting ConnMan, an internet connection manager for embedded devices. An attacker can exploit these flaws to take full control of the infotainment system of a Tesla without any user interaction.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Linux buggy patch affair ends with technical advisory board report

                The technical advisory board of the Linux Foundation has asked the University of Minnesota to improve the quality of patches it submits to the kernel project and also follow a “best practices” document to be created by the board.

                [...]

                One subscriber to the Linux Weekly News website, dvrable, was not very impressed with what Kroah-Hartman had done.
                ‘The introduction [of the TAB report] says ‘researchers should trust the developer community will not undermine the researchers’ reputations when mistakes are made’, but then makes no recommendations to achieve this,” he wrote.

                “Greg’s authoritarian tone (‘I will now have to ban all future contributions from your University’, which he shouldn’t have the power to do so), his presumption that he speaks for all maintainers, and his accusations of unethical research remain unchallenged by this report.

        • Security

          • 21 vulnerabilities found in Exim, update your instances ASAP!

            A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the Exim Server.

            They have all been fixed in Exim v4.94.2, and the software maintainers advise users to update their instances as soon as possible, as all versions of Exim previous to version 4.94.2 are now obsolete.

            “Several distros will provide updated packages: Just do the update,” Exim developer Heiko Schlittermann recommended.

          • Kubestriker: A security auditing tool for Kubernetes clusters

            It performs a variety of checks on a range of services and open ports on the Kubernetes platform, helps safeguard against potential attacks on Kubernetes clusters by continuously scanning, monitoring and alerting of any anomalies, allows users to see components of the Kubernetes infrastructure, and visualizes attack paths (how hackers can advance their attacks by chaining misconfigured components in the Kubernetes cluster).

            “Kubernetes has become a popular open-source platform for containerized workflows and a key building block for modern technology infrastructure. According to Gartner, by 2025 more than 85% of global organizations will be running containerized applications in production. This widespread popularity and lack of solid security measures in place have made Kubernetes the perfect target for attackers,” Kubestriker’s creator Vasant Chinnipilli, a security architect and DevSecOps practitioner, told Help Net Security.

          • Privacy/Surveillance

            • Privacy Talks | Interview with ioXt CTO Brad Ree

              Timestamp Links & Questions:

            • What happens to privacy once AIs start hacking systems – and people?

              If that happens, it will have a huge and direct impact on data protection. Over the last few years, we have already seen massive leaks of personal data caused by people breaking into supposedly secure systems through the use of flaws in the code. Once AIs can spot vulnerabilities in code and online systems, the threat to privacy will increase greatly. That’s because AI systems can scan continuously the entire Internet, seeking tell-tale signs of vulnerabilities that even security experts might miss. Once a new vulnerability is found in a piece of code, it can be exploited by AIs instantly on a massive scale, giving adminstrators little time to patch, even assuming that they become aware of the problem.

            • Peloton exercise bikes found exposing user data – company dawdles in its response

              On the same day as I published that article, a little birdie in the infosecurity community privately reached out to me saying that there might be another concern – that Peloton might be leaking personal information about its many customers.

              The news didn’t land well with me as I had just had my own Peloton delivered, at the recommendation of my equally fat brother who had been exercising on one for some months.

              Gulp!

              Now, finally, the news is public.

            • Twitter Unveils Content Deals With NBCUniversal, Billboard

              Twitter is growing its slate of original content deals, unveiling new and expanded partnerships with NBCUniversal, Billboard, MLB and the NHL, among others.

              At its Newfront advertising event Wednesday, the Jack Dorsey-led social media giant announced an expanded deal with NBCUniversal, with an emphasis on news and sports content. On the sports side, NBC Olympics will create original live video shows for Twitter, including Talkin’ Tokyo, which will count Adam Rippon among its hosts.

            • Companies are now allowed to scan your private communications

              The long-term legislation is expected before this summer. Even though a longer, more muted debate is to be expected, the approval of the interim legislation could lead to all the harmful proposals to be assumed as already agreed upon by the European Parliament and Member States. Unless children’s rights groups and other human rights organisations speak out uniformly to protect both privacy and security of children, we risk falling down the slippery slope taken by the EU for issues with similar consequences such as terrorist content, copyright infringement and now CSAM. Unless we halt the regulation now, new “exceptions” to the rule against mandatory monitoring of communications will continue to appear. EDRi warns that at some point, the exception could become the rule. If as a recent poll states: 72% of citizens oppose EU plans to search all private messages for allegedly illegal material and report to the police, there is much to change in current EU policy making.

            • Facebook and Instagram threaten to charge for access on iOS 14.5 unless you give them your data

              Facebook and Instagram are threatening that users will need to pay for their services. But only if users don’t allow the pair to track them from app to app after installing iOS 14.5.

              Following the release of iOS 14.5 all apps must ask for permission before they can track a user between apps and websites. That has companies like Facebook worried about their ad revenue, and they’re trying every trick in the book to make sure people allow them to track them.

            • France’s highest court validates mass surveillance in the long term

              In total disregard of European case law, France’s court ruling ignores the fundamentals of many of the Court of Justice of the EU’s (CJEU) rulings. In October 2020, the CJEU considered that both the French law regulating intelligence services’ access to data (“Loi renseignement”) and the legislation obliging telecom operators to retain all communications metadata (IP addresses, location data, etc.) in a generalised and undifferentiated manner were contrary to fundamental rights. With its ruling, the Conseil d’Etat isolates France in its “security Frexit” and gets the rule of law principles out of the way of French intelligence services.

    • Defence/Aggression

      • Among World Superpowers, US Poses Biggest Threat to Democracy: Global Poll

        Nearly half of respondents in 53 countries surveyed are worried about U.S. foreign policy, and almost two-thirds say economic inequality threatens democracy.

      • Drone Whistleblower Jailed Ahead Of Sentencing In July

        The post was originally published as part of The Dissenter Newsletter.A federal judge ordered drone whistleblower Daniel Hale’s arrest, and United States authorities took him into custody.

        On April 23, Judge Liam O’Grady signed an order suggesting Hale violated the terms of his supervised release. An arrest warrant was issued, and on April 28, he was jailed. 

      • Opinion | Golden Rule Peace Boat Sets Sail from Hawai’i for California

        “We are sailing for a nuclear-free world and a peaceful, sustainable future.”

      • Walden Bello Warns of U.S. Warmongering as Tensions Escalate in South China Sea

        China topped the agenda Tuesday when foreign ministers from G7 nations met in London. This comes as both China and the United States are accusing each other of escalating tensions in the South China Sea. Last week, the Chinese government claimed there has been a 40% increase of activity by U.S. planes in Chinese-claimed areas since Biden took office. Critics increasingly argue Biden’s policies on China are risk sparking a new Cold War. “Trump’s anti-China policy is now also being followed by the Biden administration,” says acclaimed Filipino scholar and activist Walden Bello, co-founder of Focus on the Global South.

      • The Leaked Zarif Tape: What Western Media Heard and What He Actually Said

        On April 25, the Saudi-funded and U.K.-backed “Iran International” released a leaked audio recording of Iran’s foreign minister, Javad Zarif, in conversation with Iranian economist Saeed Laylaz for what appeared to be an oral history project. Immediately, the three-hour-plus conversation generated a great deal of controversy in Iran and plenty of commentary abroad. In the course of the conversation, Zarif spoke about his diplomatic posts, before and during the Rouhani administration, and his future political ambitions (or lack thereof). He ruminated on his relationship with President Hassan Rouhani, the late General Qasim Soleimani, and the leader of the Islamic Republic, Sayyid Ali Khamenei. He also highlighted his political philosophy on Iranian sovereignty and on international relations, as he discussed relations with the U.S., Russia, and Saudi Arabia, among other nations.

      • Opinion | Let’s Finally End the Insanity of Colossal Military Spending During a Global Health Emergency

        Imagine what could be achieved if just a portion of the money spent on military expenditures were pooled into a global fund, and redirected towards ending hunger and massively investing in public health systems.

      • Opinion | More Staff Flee the Republican Attorneys General Association After It Doubles Down on Insurrection

        The group and its members will be forever tied to the Jan. 6 insurrection, especially now that they have apparently doubled down on fanning the flames of Trump’s Big Lie.

      • Opinion | The Apocalypse Must Be Near. I Agree With Henry Kissinger—About Cold War With China

        The US is waging an economic, propaganda, and military cold war against China, heightening tensions and increasing the risk of future confrontations. And it’s getting worse.

      • Yes, Israel Is Obviously an Apartheid State

        The recent Human Rights Watch report “A Threshold Crossed: Israeli Authorities and the Crimes of Apartheid and Persecution” is a valuable piece of scholarship: 213 pages of carefully worded, heavily footnoted evidence martialed in sober, and deliberately uninflammatory, prose. Unfortunately, it won’t make a damn bit of difference.

      • Opinion | Why Human Rights Watch Designating Israel’s Crimes as Apartheid Is a Very Big Deal

        The report reflects the power of decades of work in defense of Palestinian rights.

      • Regavim: The Israeli Faux Environmental Org Converting US Donations into Palestinian Evictions

        In the village of Khan al-Ahmar in the occupied West Bank, dozens of Bedouin families are at risk of losing their homes and becoming refugees again by July. While it is the Israeli government and military that are enacting the demolitions and evacuations, their efforts are largely driven by a pro-settler nonprofit supported by American charities.

      • Raising the alarm The UN suspects Russian military ‘instructors’ of major human rights violations in the Central African Republic

        Russian military “instructors” assisting government forces in the Central African Republic (CAR) are facing allegations of committing major human rights and international humanitarian law violations. Citing eyewitness accounts and internal reports from a UN Working Group on the use of mercenaries, a new investigation from Radio France Internationale describes dozens of abuses allegedly involving Russian servicemen, including extrajudicial killings, rapes, arbitrary detentions, and other crimes. The Russian Embassy in the CAR has dismissed the UN working group’s conclusions as “speculation.”

      • Survivors of Trauma Transform Their Vulnerabilities into Strength

        Psychologist Susan L. McCammon delved into the benefits of students revealing their traumatic experiences of their own volition. Borrowing from Inger Agger and S. B. Jensen, she highlights the “therapeutic value” to “trauma survivors” of providing testimonial evidence. Young people can be encouraged to reframe their traumas in order to place them within a “political and social context” (110) Their traumatic experiences then become stories of strength through enabling them to change their languages, understanding their geographical and spatial spaces, and committing themselves to building a new society based on transformative justice. Subsequently, a trauma survivor transitions from being the wounded and mutilated person to the impactful and constructive raconteur. In verbalizing the hitherto ineluctable brunt that the survivor has borne, she/ he breaks through the walls of self-imposed isolation. “Shame and guilt,” as Cammon observes, “can be expressed and reframed” (ibid.).

        In all my years of teaching in the North American academy, I have realized that students relate best to the materials they study if these materials are corroborated with testimonial evidence and discussed as stories of human interest. Stories about the tumult of war; devastation caused by fanatical hordes of people who lack an ideological foundation; distress that soldiers who are deployed in hostile territories encounter; the strain of readjusting to family and a regular job that returning soldiers, who have witnessed the unspeakable horrors of war, face, became relatable when they are told by those students of mine who are war veterans. Stories about the objectification of women in the domestic and public realms; infantilization of women in churches that do not consider them fit for leadership roles; criminalization of female sexuality and justification of misogynistic control; the raw wounds of women who have been physically and emotionally abused by their intimate partners; the impairment of women who have been treated as mere chattel; the dreadfulness and mutilating effects of child sexual abuse are best understood when related by those students of mine who have either witnessed or borne such traumas. Stories about the harassment and discrimination encountered by the LGBTQ community; denial of the right to a dignified existence faced by members of that community; the damage caused to a person’s sense of self-worth by the denigration of her/ his race or ethnicity; the damage caused by the internalization of stories that “otherize” minorities; the paranoia of Muslim women who fear that their traditional garb will cause them to be marginalized become more palpable when told by those of my students who have been impacted by these realities.

      • Magical Thinking

        Attention must take a special place in history when Nixon’s former secretary of state, Henry Kissinger, is viewed as the voice of reason vis-à-vis China (“Failure to improve US-China relations ‘risks cold war’, warns Kissinger,” Guardian, April 30, 2021) given all of the China-bashing and anti-Asian-American violence of the recent past. Recall that Kissinger was one of Nixon’s most fervent supporters of the Vietnam War and violent debacles in Chile to name a few.

        The call came on a recent afternoon, and I had long since decided not to take direct calls from this childhood friend and former neighbor since I could no longer tolerate his monologues into his slavish dedication to a cult-like sect of a major religious tradition that he continued to follow decades after such a penchant became passé.

    • Environment

      • Faster glacier melting raises hunger threat

        The world’s upland icecaps are in retreat. Faster glacier melting could slow to a trickle streams that once fed foaming rivers.

      • Study Warns of ‘Rapid and Unstoppable’ Sea Level Rise If World Misses Paris Climate Targets

        “Once you put enough heat into the climate system, you are going to lose those ice shelves, and once that is set in motion you can’t reverse it.”

      • The Brazilian Amazon Is Now Releasing More Carbon Dioxide Than It Absorbs
      • Energy

        • ‘Courting Disaster’: Progressives Denounce Biden Plan for Taxpayer Bailout of Nuclear Industry

          “A nuclear bailout is wrong for taxpayers, wrong for ratepayers, and wrong for the climate,” said one expert.

        • Ugandan Farmers Whose Land Will Soon Become a Crude Oil Pipeline Pathway Lose Years of Livelihood

          Three years ago, Alfred Okumu Weki’s land was identified for acquisition by multinational oil companies and the Ugandan government to pave way for new oil infrastructure in the Albertine region of Western Uganda where major oil reserves were discovered over a decade ago. To this day, however, no pipeline has been built. This has left Weki – and others in the community – in a state of constant limbo, unable to plant crops and earn a livelihood from their land due to fear that at any moment construction could begin.

          In 2019, the project’s backers – the Uganda government in partnership with China National offshore Oil Corporation (CNOOC) and Total E&P Uganda – offered Weki 2 million Uganda shillings (US$600) as compensation for losing his land. 

        • New Lawsuit Challenges ‘Fast-Track’ Permits Used for Oil and Gas Pipelines Nationwide

          Five environmental groups have filed a lawsuit in a Montana federal court alleging that the way that the U.S. Army Corps of Engineers issues permits for oil and gas pipelines nationwide violates some of the country’s cornerstone environmental laws.

          This new lawsuit, filed May 3, is the most recent round in a nearly decade-long battle, sparked under the Obama administration, over how regulators approach the environmental impacts from oil and gas pipelines and the extent to which the public gets a say in the permitting process.

        • Investors ‘See Past Greenwash’ as Quarter of Shareholders Refuse to Approve Barclays’ Climate Strategy

          Barclays shareholders have rejected calls to accelerate a phase-out of fossil fuel financing, but a quarter remain unconvinced by the bank’s current approach to tackling climate change.

          Over 100 investors representing more than $4 trillion of funds had filed a resolution with campaign group Market Forces to ask Barclays to set distinct targets in line with the Paris Agreement.

        • Opinion | Calls for Biden to Stop Enbridge Line 3 Continue Unabated

          The Canadian oil company is feeling the heat as Indigenous groups, environmental organizations, and other activists are demanding that the President pull the plug.

        • Tens of Thousands of Premature Deaths Linked to So-Called “Cleaner” Energy Like Fracked Gas: Study

          “If you replace one combustion fuel for another combustion fuel, that is not a pathway to get you to a healthy energy system.”

        • The Biden State Department Nominee Who Worked for Saudi Arabia and Big Oil

          President Joe Biden’s Clean Energy Future Plan takes former President Donald Trump to task for “irresponsible trade policies and consistent siding with oil lobbyists over American growers.” But one of Biden’s own top State Department nominees, Jose Fernandez, previously worked for Saudi Arabia’s Public Investment Fund and oil giants like Chevron, Occidental Petroleum, and the multinational oil and gas company SK E&P, his financial disclosure forms reveal. Once confirmed, Fernandez will be charged with leading the State Department’s environmental and “economic growth” policies abroad.

        • A Land of Perpetual False Dawn

          Quite often when one thinks of light pollution the first image that comes to mind is of poorly shielded lights illuminating city streets. It’s time to expand our thinking. A recent study conducted in Tucson, Arizona showed that municipal street lights account for less than 20% of the light shining into the night sky. In cities, that means that lighting from other sources (Illuminated billboards, parking lots, commercial, private, etc.) contribute to the majority of light at night.

          Beyond large cities, that balance may be different. There, the total levels of light radiating into the night sky are often lower per capita too. A single bright source of artificial light at night may have an outsized effect on a small town. Power plants, shipping depots, or gas flares can match the output of a small town. But there may be no greater single source of light pollution for communities that host them than industrial greenhouses. A single mega-greenhouse can dwarf the light emissions of its host town by orders of magnitude.

      • Wildlife/Nature

        • The Flows Tell the Story: Klamath River Coho Salmon are in Dire Condition

          These are dismal numbers and indicate that Klamath River Coho continue on the slide to extinction. The Shasta and Scott should be the top producers of Klamath River Coho but they are not because of poorly regulated irrigation using surface flows. Irrigation in the Shasta and Scott prevents Coho from reaching the best spawning grounds and kills the juveniles before they can get out to Klamath River. Then disease gets most of them descending the Klamath.

          Meanwhile DFW and the State Water Board allow this to go unchallenged and NMFS is giving Shasta ranchers a Safe Harbor Agreement that allows them to kill Coho salmon.

        • 10-year Anniversary of Northern Rockies Wolf Delisting Comes Amid On-Going Slaughter

          Ten years ago today, federal Endangered Species Act protections were stripped from gray wolves in Idaho, Montana, eastern Washington, eastern Oregon, and northern Utah because of a rider attached to a must-pass budget bill by U.S. Senator Jon Tester (D-MT) and U.S. Rep. Mike Simpson (R-ID).

          This undemocratic move a decade ago—which blocked any judicial review of the rider—opened the floodgates for widespread wolf killing in the northern Rockies, including by hunters, trappers, and state and federal agencies. State “management” of wolves in the northern Rockies has included Idaho Fish and Game (IDFG) hiring a professional hunter-trapper to go into the Frank Church-River of No Return Wilderness to slaughter wolves and IDFG conducting aerial gunning operations to kill wolves in some of the most remote roadless federal wildlands remaining in the lower-48 states.

      • Overpopulation

        • The U.S. Birthrate Has Dropped Again. The Pandemic May Be Accelerating the Decline.

          Births declined by about 8 percent in December compared with the same month the year before, a monthly breakdown of government data showed. December had the largest decline of any month. Over the entire year, births declined by 4 percent, the data showed. There were 3,605,201 births in the United States last year, the lowest number since 1979. The birthrate — measured as the number of babies per thousand women ages 15 to 44 — has fallen by about 19 percent since its recent peak in 2007.

          The declining birthrate is just one piece of America’s shifting demographic picture. Combined with a substantial leveling-off of immigration, and rising deaths, the country’s population over the past decade expanded at the second-slowest rate since the government started counting in the 18th century. The pandemic, which pushed the death rate higher and the birthrate even lower, appears to have deepened that trend.

    • Finance

      • With Tax Dodgers Costing Us $7 Trillion, Ro Khanna Says “Audit the Ultra-Rich”
      • No Worker Shortage: Report Finds Low Wages Make Food Workers Want to Quit
      • Financial Transactions Taxes: The Perfect Way to Pay for Biden’s Infrastructure Package

        We have been told endlessly about Biden’s “massive” or “huge” proposal to spend $4 trillion. At this point, many people probably think that Biden actually proposed a “huge infrastructure” package, with “huge” or “massive,” being part of proposal’s title.

        While it would be helpful if media outlets could leave these adjectives to the opinion section, the bigger sin is using a very big number, that means almost nothing to its audience, without providing any context. In fact, much of the reporting doesn’t even bother to tell people that this spending is projected to take place over eight years, not one to two years, as was the case with Biden’s recovery package.

      • Growing Calls to ‘Audit the Ultra-Rich’ as Yellen Says Tax Dodging Could Cost US $7 Trillion Over 10 Years

        “Imagine what we could do for people with $7 trillion. That’s infrastructure, child care, paid leave, free college, climate action, and other investments in our communities.”

      • US First Quarter GDP: Recovery or Just Another Rebound?

        The first thing for readers to understand is the 6.4% is not really 6.4% for the first three months of 2021. The US is one of the few countries that reports its GDP figures in an ‘Annual Rate’ (AR) percentage. Most other advanced economies do not. Annual Rate reporting takes the actual growth for the period and then multiplies it by four. In other words, a 6.4% annual rate GDP means if the economy continues to grow as it did in the first quarter 2021 than it will amount to a 6.4% for the next twelve months! That means the actual GDP growth for the first quarter was about one-fourth of 6.4%. That actual growth was 1.6% over the previous, fourth quarter of 2020.

        Another obfuscation in the official numbers is that the US sometimes reports the gain for the quarter compared to the same quarter a year ago, and therefore not the previous calendar quarter. What is important is how much the economy grew in the quarter compared to the preceding quarter—and not compared to a quarter twelve months ago.

      • Crypto exchanges say payment gateways blocking their transactions

        According to crypto executives who pleaded anonymity, ICICI Bank was among the last few big lenders providing services to crypto exchanges. However, it had discontinued the current accounts of these businesses two weeks ago, they said. Other large banks are expected to follow suit, they added.

      • The power struggle behind plans to introduce “Britcoin”

        More than the promised boost to GDP, it’s the emerging threat to the UK’s sovereignty from two different directions – China and market-based cryptos – that is pushing the Bank of England towards a central bank digital currency. Whatever the technical obstacles, expect more of this in future.

    • AstroTurf/Lobbying/Politics

      • 350+ Scholars Call for Filibuster Reform Ahead of Town Hall

        “The disconnect between popular support for policies and a government’s ability to enact them ultimately erodes public trust, deepens political cynicism, and delegitimizes that system of government.”

      • Federal Lawsuit Seeks to Remove Confederate Statue at Maryland Courthouse
      • Opinion | The United States a 100 Days Into Biden’s Presidency and 100 Days Without Trump

        Biden’s plans might be the antidote to Trumpism—creating enough decent-paying working class jobs, along with benefits such as childcare and free community college, as to forestall some of the right-wing dyspepsia that Trump whipped into a fury.

      • Virginia Republicans Are Disenfranchising Their Own Voters

        It’s got to be some kind of justice. Maybe the only kind Virginia Republicans can deliver.

      • Interested persons The ‘international experts’ who observed Russia’s constitutional plebiscite arrived on a charter flight. Who paid for their visit remains unclear.

        During Russia’s constitutional plebiscite last summer, a group of “international experts” were flown in to observe the vote. According to a new investigation from Novaya Gazeta and the Dossier Center, these foreign representatives arrived in Moscow on a charter flight and their visit was carefully planned by the Russian Civic Chamber. As it turns out, some of the visiting “experts” are members of European far-right parties. What’s more, it remains unclear who financed their trip.

      • Activists jailed in St. Petersburg for street exhibition in support of political prisoners

        On Wednesday, May 5, a district court in St. Petersburg jailed two activists for staging a street exhibition in support of political prisoners. According to the rights group Apologia Protesta, the court sentenced activist Pavel Krisevich to 10 days in jail, and activist Anastasia Mikhailova to eight days.

      • Republicans Will Punish Democrats for Every Reform They Make

        I am not worried about what Mitch McConnell will do should Republicans take back the Senate in 2022. I am not worried about what Republicans will do should they retake all of government in 2024. I am not worried, because I already know the answer: When Republicans have power again, they will do “the worst.” I don’t waste a lot of time or mental energy contemplating the worst, because history has shown that I am simply not creative enough to imagine what evil Republicans will come up with next. No matter where I think the bottom is, Republicans will always find a new one.

      • Kushner Companies Violated Multiple Laws in Massive Tenant Dispute, Judge Rules

        It’s been six years since Dionne Mont first saw her apartment at Fontana Village, a rental housing complex just east of Baltimore. She was aghast that day to find the front door coming off its hinges, the kitchen cabinet doors stuck to their frames, mouse droppings under the kitchen sink, mold in the refrigerator, the toilet barely functioning and water stains on every upstairs ceiling, among other problems. But she had already signed the lease and paid the deposit.

        Mont insisted that management make repairs, but that took several months, during which time she paid her $865 monthly rent and lived elsewhere. She was hit with constant late fees and so-called “court” fees, because the management company required tenants to pay rent at a Walmart or a check-cashing outlet, and she often couldn’t get there from her job as a bus driver before the 4:30 p.m. cutoff. She moved out in 2017.

      • Cracks in Northern Ireland?

        Arlene Foster, the Democratic Unionist party (DUP) leader and Northern Ireland’s first minister, resigned after 6 turbulent years in that position. Foster would probably have been forced out if she had not resigned. She also resigned from her membership of the Stormont Assembly, and said she was leaving the DUP.

        The main reason given for Foster’s departure is the Brexit deal’s Northern Ireland Protocol negotiated by Boris “BoJo” Johnson with the EU. Party activists blame Foster and her supporters for the hopelessly impractical trade barrier down the Irish Sea confected as part of the Protocol.

      • Opinion | Why the Future Belongs to the Left

        As long as the barbarism of neoliberal capitalism defines the present, the future can only belong to the left.

      • The Republican Rebrand, Exposed

        So don’t fall for the Republican Party’s “working class” rebrand. It’s a cruel hoax. The GOP doesn’t give a fig about working people. It is, and always will be, the party of big business and billionaires.

      • ‘We Need to Mobilize People Who Don’t Want to Pay Tucker Carlson’s Salary’

        Janine Jackson interviewed Free Press’s Tim Karr about defunding Fox News racism for the April 30, 2021, episode of CounterSpin. This is a lightly edited transcript.

      • Facebook Oversight Board Affirms Trump Suspension — For Now

        The decision is long, detailed, and worth careful review. In the meantime, here’s our top-level breakdown:

        Today’s decision affirms, once again, that no amount of “oversight” can fix the underlying problem.

        First, while the Oversight Board rightly refused to make special rules for politicians, rules we have previously opposed, it did endorse special rules and procedures for “influential users” and newsworthy posts. These rules recognize that some users can cause greater harm than others.  On a practical level, every decision to remove a post or suspend an account is highly contextual and requires often highly specific cultural competency. But we agree that special rules for influential users or highly newsworthy content requires even greater transparency and the investment of substantial resources.

      • The Florida Deplatforming Law is Unconstitutional. Always has Been.

        Governor DeSantis is expected to sign it into law, as he called for laws like this. He cited social media de-platforming Donald Trump as  examples of the political bias of what he called “oligarchs in Silicon Valley.” The law is not just about candidates, it also bans “shadow-banning” and cancels cancel culture by prohibiting censoring “journalistic enterprises,” with “censorship” including things like posting “an addendum” to the content, i.e. fact checks.

        This law, like similar previous efforts, is mostly performative, as it almost certainly will be found unconstitutional. Indeed, the parallels with a nearly 50 years old compelled speech precedent are uncanny. In 1974, in Miami Herald Publishing Co. v. Tornillo, the Supreme Court struck down another Florida statute that attempted to compel the publication of candidate speech. 

        At the time, Florida had a dusty “right of reply” law on the books, which had not really been used, giving candidates the right to demand that any newspaper who criticized them print a reply to the newspaper’s charges, at no cost. The Miami Herald had criticized Florida House candidate Pat Tornillo, and refused to carry Tornillo’s reply. Tornillo sued.

      • The Oversight Board’s Decision On Facebook’s Trump Ban Is Just Not That Important

        Today is Facebook Oversight Board Hysteria Day, because today is the day that the Facebook Oversight Board has rendered its decision about Facebook’s suspension of Donald Trump. And it has met the moment with an appropriately dull decision, dripping in pedantic reasonableness, that is largely consistent with our Copia Institute recommendation.

      • Facebook Panel Upholds Platform’s Ban on Former President Donald Trump

        One activist argued that focusing on the Trump ban obscures the more fundamental point that “Facebook’s surveillance capitalist business model is fundamentally incompatible with human rights.”

      • Facebook Board Announces Trump Remains Banned. Trump Starts His Own “Platform.”
      • Facebook’s ‘Supreme Court’ Upheld Its Trump Ban, But It’s Little More Than Judicial Theater

        But all of this — the critical tone, the authoritative language, the multiple citations of U.N. documents — is just very well-executed stage dressing. The oversight board is ultimately a creation of Facebook, funded by Facebook and designed to serve Facebook: as a private, for-profit company, Facebook has little incentive to invest in projects that could cause it more harm than good. The social media giant funneled $130 million into an irrevocable trust to fund the board for at least six years, money that helps pay the board members’ six-figure salaries so they can write lengthy musings that ultimately hold superficial authority: The board’s decisions are “binding,” according to its website, meaning that Facebook “will be required to implement it unless doing so could violate the law.” But required by whom? The board, which Facebook created? In practice, Facebook can take the board’s advice, or not. It could dissolve the board tomorrow. It’s all just regulatory pageantry.

        That’s the rub: There is no current legal process that can hold Big Tech accountable for its moderation policies. Facebook, along with the rest of the tech industry, are almost entirely unregulated. Aside from hardline restrictions around, for example, child pornography, there are virtually no legal repurcussions for any decisions these companies make. For a long time, that meant Big Tech did pretty much whatever it wanted. Now, with mounting public and political pressure to crack down on some of the industry’s worst habits, and in an effort to avoid actual regulations, Facebook has created a version of self-regulation, and this is what that looks like.

      • Facebook has no reason to ever resolve the Trump ban

        But the ruling also went out of its way to avoid settling the long-term question of whether Facebook is allowed to permanently ban leaders like Trump. The board found the initial ban was justified since Trump’s January 6th posts really did incite violence — but it wasn’t enough to justify a permanent ban. So even as the board affirmed the initial ban, it called on Facebook to set a new policy for how and when Trump could regain Facebook access.

      • Trump ban decision shows the limits of a Facebook ‘Supreme Court’

        The Oversight Board has now said that Facebook wasn’t following its own clear rules and that Trump’s account should either be permanently deleted or that a time-bounded ban with a clear end point is needed. It has told Facebook that it has six months to reassess its actions and decide which route to take: reinstate the former president’s account or delete it forever.

      • Facebook Oversight Board Upholds Trump Ban

        Amid concerns that tech giants are too powerful when it comes to the dissemination of speech online, Facebook in May 2020 announced the creation of its oversight board. It’s an independent, global contingent of 20 people, largely academics, and will eventually double in size. Its directive is to determine if Facebook and Instagram content is consistent with the companies’ policies and values and, according to the announcement, it is committed to “upholding freedom of expression within the framework of international norms of human rights.”

      • Oversight Board Upholds Trump’s Ban From Facebook

        In a post to their website’s blog, the Oversight Board condemned Facebook’s actions as shirking responsibility, “In applying a vague, standardless penalty and then referring this case to the Board to resolve, Facebook seeks to avoid its responsibilities. The Board declines Facebook’s request and insists that Facebook apply and justify a defined penalty.”

        The Board insisted that Facebook revaluate the case within six months of Wednesday’s decision.

      • IT minister requesting feedback on future of digital society

        Sufficient availability of connections is the basis for using digital solutions, be it a person’s daily life or a business. Therefore, it is necessary to develop electronic communications, meaning connectivity, so that high-speed communication can reach anywhere in Estonia in an affordable way.

        National cybersecurity must be developed further because if the credibility and security of cyberspace are ensured, Estonia can also move forward on the path of digital development. This area includes ensuring cybersecurity both in the public sector and in the economy more broadly.

      • Once Woke, Brain Broke: A Tale Of Echo Chambers

        Now I know it’s tempting to blame the rise of these echo chambers on Big Tech. To be sure, they are at least somewhat responsible. But once you get past that initial knee jerk reaction, at some point you’ve got to grapple with whether or not our primitive human brains can actually handle being constantly jacked into a global network filled with information, some true but most not. As it stands right now, the sad truth seems to be that we can’t. But what are we supposed to do about it? Short of a freak occurrence of nature that fries most of the electronics around the world simultaneously, I can’t see anyway to fix this except for figuring out a way to adapt appropriately.

      • Live Updates: Cheney Strikes Back as G.O.P. Leaders Move to Oust Her From House Leadership

        Representative Liz Cheney warned fellow Republicans that their party was at a “turning point” and described a “cult of personality” around Donald J. Trump. The No. 2 House Republican endorsed Representative Elise Stefanik to replace Ms. Cheney in the party’s leadership.

    • Misinformation/Disinformation

      • A Facebook panel will reveal on Wednesday whether Trump will regain his megaphone.

        Facebook’s Oversight Board, an independent and international panel that was created and funded by the social network, plans to announce on Wednesday whether former President Donald J. Trump will be able to return to the platform that has been a critical megaphone for him and his tens of millions of followers.

        The decision will be closely watched as a template for how private companies that run social networks handle political speech, including the misinformation spread by political leaders.

      • Facebook Oversight Board Set to Rule on Trump Ban

        Facebook has scheduled an announcement for 9 a.m. Eastern time Wednesday on whether former President Donald J. Trump can regain his megaphone on the site.

        An independent panel called the Facebook Oversight Board is expected to announce whether the company should keep or lift its ban on the former president. The company indefinitely suspended Mr. Trump’s account on Jan. 7, after he used social media accounts to incite a mob of supporters to attack the Capitol a day earlier.

        Here are key facts to know about the Facebook Oversight Board and its decision: [...]

      • Facebook Oversight Board Upholds Social Network’s Ban of Trump

        But the board also said that Facebook’s penalty of an indefinite suspension was “not appropriate,” and that the company should apply a “defined penalty.” The board gave Facebook six months to make its final decision on Mr. Trump’s account status.

    • Censorship/Free Speech

      • Content Moderation Case Studies: How To Moderate World Leaders Justifying Violence (2020)

        Summary: There is an inherent tension in handling content moderation of world leaders — especially more controversial ones. If those leaders break the rules on social media, some reasonably call for the content, or the accounts, to be removed for violating policies. Others, however, point out that it is important for the public to be aware of what world leaders are saying, rather than removing and hiding the speech.

      • Russia’s censorship agency seeks new fines for Twitter, Google, and Facebook

        Twitter may face another 24 million rubles ($320,880) in fines for failing to remove content prohibited in Russia, while Google and Facebook may face an additional 20 million rubles ($267,400) in fines each for the same violation, the Russian state news agency TASS reported on Wednesday, May 5.

      • Meduza’s crowdfunding website restored in full, following hacker attack

        Meduza has restored direct payments through our support.meduza.io platform. We temporarily disabled new donations via bank cards earlier in the day on May 5, after unknown hackers attacked our crowdfunding website. 

      • Using stolen debit cards, hackers try to discredit and derail Meduza’s crowdfunding campaign

        On May 5, unknown hackers attacked Meduza’s crowdfunding website, which we launched after the Russian authorities designated us as a “foreign agent” media outlet and chased away our advertisers.

      • Listed as a “foreign agent”, Russia’s most popular independent website risks disappearing

        “The authorities’ goal is to kill Meduza,” said Ivan Kolpakov, the editor of what is Russia’s most popular independent news website. Founded in Riga, the capital of neighbouring Latvia, in 2014, Meduza has been reeling ever since the Russian justice ministry added it to its list of “foreign agents” on 23 April. It plans to challenge the decision in the courts.

        Meduza claims more than 13 million unique visitors a month but in the past few days it has had to close its offices in Riga and Moscow, cut staff salaries by between 30 and 50% and stop using freelancers. The site depends mainly on advertising, but has already lost many advertisers and expects more to go soon. In a bid to resist the drastic loss in revenue and keep reporting, it has launched an appeal for donations.

      • Op-ed urges Benin to end Digital Law threat to journalism

        Reporters Without Borders (RSF) is one of the signatories of an op-ed piece published in Benin on World Press Freedom Day calling for an overhaul of the country’s Digital Law, which has been used to throttle free speech and press freedom.

      • European Parliament confirms new online censorship powers

        On 29 April, the Regulation on addressing the dissemination of terrorist content online was approved without a final vote, concluding the last step of the European Union legislative process before the measures it contains can come into effect.

        The procedure for the second reading excluded elected representatives from the final decision over this human rights intrusive legislation. It deprived EU citizens from seeing if the Members of the European Parliament, the only democratically elected body of the EU would have accepted a 1-hour removal deadline for content, forcing platforms to use content filtering, and empowering state authorities to enable censorship.

      • Facebook reverses censorship of WSWS article debunking “Wuhan Lab” conspiracy theory

        Any individual or group who attempted to share the article received a warning, and some individuals, including WSWS reporters themselves, received temporary suspensions for posting the article.

        But after two months of muzzling anyone who attempted to share the article, Facebook sent messages to users declaring, “we’re sorry we got this wrong. We reviewed your post again and it does follow our community standards.”

      • Internet disrupted in Colombia amid anti-government protests

        Network data from the NetBlocks Internet Observatory confirm the disruption of internet service in Cali, Colombia with the incident from approximately 4:30 p.m. Tuesday local time ongoing as of the morning of Wednesday 5 May 2021.

      • Twitter to warn if you’re about to tweet something ‘potentially harmful or offensive’ – says 34% of users WON’T POST after warning

        Twitter is raising concerns with critics by introducing a new feature that prompts you to “pause or reconsider” a tweet the platform may deem “offensive,” and the social media behemoth implies it’s something the users want to see.

        Twitter said in a Wednesday blog post announcement that they have been testing the feature since last year and have now made “improvements” based on “feedback.”

        These “improvements” include “consideration of the nature of the relationship between the author and the replier,” meaning a tweet that could typically be deemed offensive may have less of a chance of being flagged if two users in a conversation often reply to one another on the platform.

      • RTI filed on government use of ‘facial recognition’ in airports, Covid-19 vaccination

        The IFF is also keeping a close watch on free speech violations, and demanded accountability from the Centre over Twitter removing 50 posts from its platform last month on government requests. Most of these posts were related to the government’s handling of the Covid-19 pandemic.

    • Freedom of Information/Freedom of the Press

      • ‘I don’t want to become a political prisoner’: Three ‘foreign agent’ journalists describe life after designation by Russia’s Justice Ministry

        In Russia, you don’t have to be a legal entity to be designated as a “foreign agent” — all you need is a pulse. Last December, for the first time, the Justice Ministry added a handful of individuals to its registry. The authorities named five journalists and activists. The designations imposed the same public accounting requirements on these people that burden Meduza, which was named a “foreign agent” in late April 2020. In other words, they’re now forced to mark anything they write or share online (or in the mass media) with a loud, inescapable notification that they have “foreign agent” status in Russia. The law also demands that these individuals create formal legal entities, in order to report their earnings and spending to the government. Russia’s regulations do not stipulate, however, that each “foreign agent” needs a separate legal entity, and so three “agents” on the Justice Ministry’s list actually created a joint LLC. To learn more about how this status changes ordinary life, Meduza spoke to journalists and “foreign agents” Denis Kamalyagin, Sergey Markelov, and Lyudmila Savitskaya.

      • ‘A great victory’ Russian court drops case against journalist accused of spreading ‘fake news’ about the coronavirus pandemic

        Last May, Russian journalist Tatiana Voltskaya interviewed an ICU doctor who told her about the critical situation facing St. Petersburg’s coronavirus hospitals. After her report came out, state investigators launched an inquiry on suspicion that she had committed a felony — they accused her of spreading fake news about the coronavirus pandemic. Though there wasn’t enough evidence to press criminal charges, Voltskaya and her newsroom were fined for a similar misdemeanor. But with the help of media rights lawyers, Voltskaya appealed the fines in a landmark court case — and won.

      • Zambian Patriotic Front supporters attack 2 journalists

        On May 1, supporters of two factions of the ruling Patriotic Front political party violently clashed at the party’s headquarters in Lusaka, the capital, and unidentified members of the crowd attacked Francis Mwiinga Maingaila, a reporter at the privately owned news website Zambia 24, and Nancy Malwele, a reporter at the independent New Vision newspaper, according to Maingaila, who spoke to CPJ via messaging app, and a Facebook post by the independent broadcaster Phoenix FM.

      • French journalist kidnapped in Mali asks for help in video

        French journalist Olivier Dubois has appeared in a video calling on French authorities to “do everything in their power” to free him from Islamist militants in northern Mali.

      • French journalist kidnapped in Mali appears in video asking for help

        A video was released Wednesday showing Dubois saying he was kidnapped on April 8 by the al-Qaida-linked group JNIM. In the video he calls on his family, friends and authorities to work for his release. The video could not be independently verified.

        Reporters Without Borders Secretary General and Executive Director Christophe Deloire confirmed the kidnapping to The Associated Press, and called for the reporter’s release.

    • Civil Rights/Policing

    • Internet Policy/Net Neutrality

      • Speaking Out on Bill C-10 and the Regulation of User Generated Content

        And don’t forget my column in Macleans on the government’s plans and this week’s Law Bytes podcast featuring Cara Zwibel of the Canadian Civil Liberties Association. I’m grateful for the coverage and hopeful that Canadians will continue to pay attention, knowing that it seems likely that Guilbeault will seek to keep some user generated content regulation in Bill C-10 to go with his forthcoming mandated takedowns, website blocking, and the creation of a social media regulator in a future bill.

    • Digital Restrictions (DRM)

      • Wall Street Journal Editorial Tries To Pretend That Fixing Repair Monopolies Is Bad For Your Health

        So we’ve noted for a long time how efforts to monopolize repair have resulted in a growing, bipartisan interest in right to repair legislation in more than a dozen states. Whether it’s Sony and Microsoft’s efforts to monopolize game console repair, Apple’s tendency to monopolize phone repair (and bully independent repair shops), or John Deere making its tractors a costly nightmare to fix, a sustained backlash has been growing against draconian DRM, rampant abuse of copyright, and other behaviors that make repairing products you own as annoying and expensive as possible.

      • This Motorcycle Airbag Vest Will Stop Working If You Miss a Payment

        In the video, Plummer promotes this as a good option for people who don’t ride year-round and therefore may only need a functioning vest a couple of months a year. But when Motherboard asked Klim about what would happen if, say, the customer forgot to turn the subscription back on and got into a crash, a customer service representative confirmed “then, no, it will not go off.” Likewise, if the customer’s card is declined, they will have a 30-day grace period to update their payment information before the vest stops working, according to Klim communication manager Lukas Eddy.

        “When it comes to missing payments and airbag functionality, In&motion’s payment notifications and 30-day grace period are reasonable—at some point, if a person stops paying for a service, that service has to be suspended, just like your utilities or a cell phone plan,” Eddy wrote to Motherboard in an email. “Further, if someone pauses their subscription and forgets to restart it, they won’t actually be able to get their In&box into ride-ready status when they go to turn it on. If they then choose to ignore the indicators and ride with the In&box inactive, that’s on them and we can expect it not to inflate in the event of a crash.”

    • Monopolies

      • Amazon Is Dictating Personal Hygiene, Nail Length of Contract Drivers
      • Cable’s Broadband Monopoly Continues To Protect It From TV Cord Cutting

        One of the nice things about being a telecom giant in a country with limited competition, feckless politicians and hog-tied regulators is there isn’t much in the way of accountability. As a major broadband provider like Charter or Comcast, you’re allowed to monopolize the telecom market, jack up prices, elbow out competitors, then lobby state and federal government to ensure nobody does anything about it. Hell, thanks to a timid press that can’t call a spade a spade, half the time nobody can even be bothered to point out that you’re a monopoly in the first place.

      • What If The Media And Politicians Tried To Hold A Techlash… And No One Joined Them

        There’s been plenty of talk lately about the “Techlash” which has become a popular term among the media and politicians. However, what if the general public feels quite differently? Vox, which is not exactly known for carrying water for the tech industry, has released a new poll that shows that the public is overwhelmingly optimistic about technology, and thinks that technology has been a force for good in the world. This applies across the board for Democrats, Republicans, and independents.

      • Josh Hawley Wants To Break Up Big Tech And Revisit How Antitrust Matters Are Considered

        Hawley also maintained his longstanding criticisms of Section 230, arguing that its legal protections for companies from what their users post should not extend to any company that utilizes behavioral advertising—an advertising strategy that uses a consumer’s browser history to deliver targeted ads. Many companies argue this improves user experience, while many privacy and consumer rights advocates argue that it is an invasion of privacy and is manipulative.

      • Microsoft to Judge: Apple’s Rules Blocked Our Gaming Service Too

        That was the upshot of testimony Wednesday at Apple’s antitrust trial from Lori Wright, Microsoft’s gaming, media and entertainment vice president, who recounted how her company couldn’t sway the iPhone maker to let Xbox roll out its cloud gaming service through the App Store and tap into iOS users.

      • Microsoft’s feud with Apple over xCloud on iOS got a rival kicked from the App Store

        In 2020, Microsoft was battling to bring xCloud or Xbox Game Streaming to the iPhone and iPad, and the conversations had an unlikely victim: Shadow — a third-party cloud gaming app that lets you stream PC games to an iPhone or iPad.

        Emails between Microsoft and Apple, revealed in the Epic v. Apple trial today, show how the Xbox maker was trying to get xCloud on iOS. Microsoft was trying to figure out how Shadow, Netflix, and other similar “interactive” apps were able to exist in the App Store while Apple was refusing to approve xCloud. Microsoft put forward Shadow as an example of such a service, only to see it suddenly removed from the store.

      • Why Epic is burning its own cash to cook Apple

        The reason Epic’s Fortnite got thrown out of the Apple App Store was that Epic rogue-updated Fortnite to offer a payment mechanism that bypassed Apple’s 30 percent cut of all in-app transactions. Apple booted Fortnite for violating its rules. Epic threw an… epic… hissy fit about this, culminating in the trial starting this week. While Epic has cobbled together an alliance called the Coalition for App Fairness — along with Spotify, Match Group, Basecamp, and Tile — there’s one more tech behemoth in play. Epic Games Store runs on Amazon Web Services. So does Fortnite itself.

        The fight with Apple echoes Epic’s tactics elsewhere. The Epic Game Store is a clear challenge to Valve, which has an iOS-like store called Steam that also takes a 30 percent cut of sales. In a basic act of moral consistency, the Epic Game Store contains — in addition to games by other developers — other game stores. It also takes only a 12 percent cut of sales. Just last week, Microsoft announced it would cut its take on PC games to 12 percent to match Epic, from 30 percent. (It also filed a letter of support for Epic in the current case.)

      • Patents

        • ‘A Transformative, Hopeful Event’: Under Pressure, Biden Backs Covid-19 Vaccine Patent Waiver

          “This has a real potential to help save lives, strengthen the economy, improve international relations, and eventually end this awful pandemic.” 

        • Pressure Grows on Biden to Back WTO Waiver on Vaccine Technology
        • Sanders Applauds Biden for ‘Putting People Over Profits’ by Backing Vaccine Patent Waiver

          “This is exactly the kind of leadership the world needs right now,” said Sanders, a longtime advocate of the move. 

        • Pfizer announces windfall profits as low-income countries denied vaccines

          The mRNA vaccines developed by these two companies are based on a key discovery of the National Institute of Health’s (NIH) Vaccine Research Center, which holds the patent for how the virus’s spike protein is stabilized in the vaccine.

          While several companies have licensed the NIH’s patent, Moderna makes use of the NIH discovery without paying any royalties.

          In other words, without the NIH’s patent, there would be no Pfizer and Moderna vaccines. Yet the US government has declined to use what scientists have called a vast amount of leverage over vaccine makers to ensure an equitable global distribution.

        • ‘Let’s Do Insulin Next,’ Says Ocasio-Cortez After Biden Backs IP Waiver to Boost Covid-19 Vaccine Access

          “We can do it with all lifesaving pharmaceuticals,” tweeted one group.

        • 70% of People in G7 Nations Want Governments to Force Big Pharma to Share Vaccine Recipes

          “Governments need to step in and force pharmaceutical companies to share their intellectual property and vaccine know-how with the world.”

        • Global Health Leaders Hail ‘Monumental Moment’ in Covid-19 Fight as US Supports Vaccine Waiver

          “Countries that continue to oppose the WTO waiver—such as European Union countries, the United Kingdom, Switzerland, Canada, Australia, Norway, Japan, and Brazil—must now take action, too.”

        • Huge News: US Gov’t Agrees To Support Intellectual Property Waiver To Help Fight COVID

          Earlier this week we wrote about the absolutely ridiculous coalition of folks who were lobbying against the US supporting a TRIPS intellectual property waiver to support fighting COVID. As we noted, it was totally expected that Big Pharma would object to it, but the surprising thing was seeing Hollywood and the legacy entertainment industry — an industry that needs COVID to go away to get back to normal — coming out strongly against the waiver as well. They claimed they had to do so since the waiver would apply to copyright as well, but that’s nonsense. The waiver (1) explicitly excluded entertainment products and (2) is expressly limited to “prevention, containment or treatment of COVID-19.”

        • US supports lifting patent protections on COVID-19 vaccines

          “This is a global health crisis, and the extraordinary circumstances of the COVID-19 pandemic call for extraordinary measures. The Administration believes strongly in intellectual [sic] property [sic] protections, but in service of ending this pandemic, supports the waiver of those protections for COVID-19 vaccines,” United States Trade Representative Katherine Tai said in a statement.

          Waiving those protections would theoretically let countries and organizations manufacture patented vaccines without facing repercussions. But they would need to have the expertise and materials on hand to actually produce the vaccines.

        • Big Move: US Supports IP Waiver for COVID Vaccine [Ed: Choose patients over patents]

          In the USA, COVID vaccines have been widely distributed and are now available at no cost almost on-demand for anyone seeking vaccination. Vaccines are not widely available in most other countries and global COVID cases are again at an all-time high.

          And, people around the world don’t really trust that Pfizer, Moderna, and J&J are going to be serving them anytime soon. That is where the TRIPS waiver comes into play.

          [...]

          The U.S. Government is reportedly going to support the waiver proposal, although there are current ongoing negotiations over its actual text and content. Even without a WTO waiver, the US can also act unilaterally to announce that it would not bring any TRIPS cases associated with violations. This is a major change of policy under President Biden and his new U.S. Trade Representative Katherine Tai. In the past, the US has always been on the side of stronger IP rights and more enforcement.

          Trade Secrets + Patents: In the short-run, the big difference is more about trade-secrets than patents. In the longer run, patents may become equally important.

          If we take India as an example, right now there are no patents that have been granted in India tied directly to the COVID response. So, allowing India to waive its promise to enforce patents does not generate any short-term gains. Here, by short-term, I’m really talking about the next two years or so. Hopefully by that time the pandemic will be gone.

          [...]

          Waiver of the requirement does not force the companies to actually conduct any technology transfer — to provide the information to others who want to manufacture. BUT, it does open the door to governments sharing the information and also to a major WIKILEAKS style sharing of data and information. I believe that a whistle-blowing is actually quite likely because so many scientists and business insiders are wanting to do everything they can to spread the vaccine, but don’t believe that it will be permitted by the CEOs and Shareholders.

        • Law School Canons: The Spoils of Discovery

          The first line of class notes I took in Civil Procedure during our discovery module says, “Spoliation – OLD LEGAL DOCTRINE.” I’m not sure why I felt the need to emphasize that spoliation is an old doctrine at the time, but it makes sense now. Oddly, my note reflects the importance of the doctrine and how it has stood the test of time. Zubulake V, the first case in my Civil Procedure discovery module, is a perfect example of the dangers facing a party if they are not diligent about evidence preservation. Zubulake v. UBS Warburg LLC, 229 F.R.D. 422 (S.D.N.Y. 2004) (“Zubulake V”). Sanctions were the “spoils” that Skyline Steel, LLC (Skyline / Plaintiff) sought over PilePro, LLC (PilePro / Defendant) during a “bitter” patent suit between the two companies. Skyline Steel, LLC v. PilePro, LLC, 101 F.Supp 3d 394, 397 (S.D.N.Y. 2015).

          Skyline and PilePro are merchants of sheet pile wall systems and components. Id. at 397-98. Sheet pile walls are structures deployed to retain soil or water and are built out of vertical interlocking sheet sections. E.g., Nucor Skyline. PilePro made accusations that Skyline was infringing PilePro’s patent, U.S. Patent No. 8,856,543, through letters and claims on their website. U.S. Patent No. 8,856,543 (filed Mar. 31, 2008) (issued Oct. 15, 2013) (‘543 Patent); Skyline, 101 F.Supp 3d at 397. In relevant part, the ‘543 Patent covers a two-step method for manufacturing a sheet pile section with an interlock connector. U.S. Patent 8,856,543. First, the preliminary wall is formed with a “material accumulation” at the side with the interlock connector, which is then shaved down by shape-cutting to produce a uniform cross-section throughout the interlock connector. Id. The method claims to be able to make different types of connectors, including a T-carrier, Hoesch claw, and a Larsson hook, through the processes shown in figures 1, 2, and 3, respectively, of the ‘543 Patent (shown below). Id. at figs. 1-3.

          [...]

          Additionally, PilePro was instructed to reimburse Skyline for the costs associated in moving for sanctions. Id. Skyline won the big prize as well: summary judgment on Skyline’s noninfringement claim was granted. Id. at 403.

        • South California judge Bencivengo reveals post-COVID plans [Ed: Well, patent litigation should never be a priority. This shows warped perspective.]

          The Southern District of California judge, who was a patent litigator for 17 years, wants people back in the courtroom – but will keep aspects of remote litigation

        • Covid-19, is waiving patent rights a solution?

          At the World Trade Organization discussions are continuing about temporarily waiving patents rights in response to the COVID-19 pandemic. Late April, rich members of the WTO blocked a proposal backed by over 80 developing countries to waive these rights in an effort to boost production of COVID-19 vaccines.

          [...]

          As the WTO explained on its website, members “remain divided on the fundamental discussion about the impact of IP protection in ensuring rapid and safe access to vaccines and other medical products. Co-sponsors were of the view that the current challenges posed by the pandemic can only be effectively addressed by waiving certain TRIPS obligations. A number of delegations remained unconvinced about the necessity for a waiver at the international level, with some members arguing that a waiver might be counterproductive and undermine ongoing collaborative efforts.”

          Among the latter are Western countries, including Britain, Switzerland, EU member states and the United States, which have large domestic pharmaceutical industries. Their main argument is that IP isn’t the barrier for making available vaccines for people worldwide, but scaling up manufacturing is.

        • Sanofi Wins $17.2M Fees, Expenses After Ditching FCA Suit

          Amphastar Pharmaceuticals Inc. must pay Sanofi-Aventis $17.2 million in attorney fees, expenses and interest in its failed False Claims Act suit against the company’s predecessor alleging the blood thinner Lovenox was improperly patented, a California federal judge ruled Monday.

          U.S. Magistrate Judge Shashi H. Kewalramani awarded the multimillion-dollar figure following Senior U.S. District Judge Marvin J. Garbis’ November 2017 ruling granting fees. The case was dismissed by Judge Garbis at the California district court in July 2015 and a panel at the Ninth Circuit in May 2017, with both courts finding that Amphastar wasn’t an original source of information as required by the…

        • Fauci Stirs Uproar With ‘Agnostic’ Position on Covid Vaccine Patent Waiver

          One observer called Fauci’s characterization of the patent waiver issue “extremely misleading.”

        • Filipino Activist Walden Bello: Global Vaccine Disparity Shows “Irrationality of Global Capitalism”

          The international disparity in vaccine access between rich and low-income countries highlights “the irrationality of global capitalism,” says acclaimed Filipino scholar and activist Walden Bello, who urges the Biden administration to sign on to an effort at the World Trade Organization to temporarily waive intellectual property rules on vaccine technology. He also discusses the COVID crisis in the Philippines.

        • “Millions of Lives Are at Stake”: Pressure Grows on Biden to Back WTO Waiver on Vaccine Technology

          Pressure is growing on the Biden administration to support a temporary waiver on intellectual property rights for COVID-related medicines and vaccines at the World Trade Organization. India and South Africa first proposed the waiver in October, but it was blocked by the United States and other wealthy members of the WTO. Big Pharma has also come out against the proposal and has lobbied Washington to preserve its monopoly control. More than 100 countries have supported the waiver, which they say is critical to ramp up production of vaccines, treatments and diagnostic tests in the Global South. Ahead of the kickoff of two days of WTO important meetings in Geneva, we speak with Lori Wallach of Public Citizen’s Global Trade Watch. “The big problem is simply not enough vaccines are being produced,” says Wallach. “The world needs 10 to 15 billion doses to reach herd immunity, and right now all of the global production together is on track to make 6 billion doses this year.”

        • Software Patents

          • Discovery of Prior Settlement Agreements and Common Interest Privilege

            The Federal Circuit denied MFA’s petition for mandamus on a discovery dispute, and Chief Judge Prost but wrote an interesting short opinion explaining the panel’s reasoning. In the case, MFA has asserted its U.S. Patent No. 9,886,421 that covers a method of displaying “non-standard fonts” on your handheld device when accessing a network-document.

            [...]

            The magistrate judge ordered disclosure, confirmed by the district court, and now the Federal Circuit has refused to act on the mandamus petition (other than denying it). Most appeals are taken after final judgment in a case. Mandamus is a shortcut to get an immediate decision from an appellate court on an interlocutory issue (such as discovery disclosure), but is only rarely granted. The court notes that it will only grant mandamus in cases involving a “clear and indisputable right to relief [where there are] no other adequate means to attain the relief.” Slip op., quoting Cheney v. U.S. Dist. Ct. for D.C., 542 U.S. 367 (2004). Even where those elements are met, the district court also has discretion to decide whether granting the writ is “appropriate under the circumstances.” Id.

            In its opinion, the court did not fully decide the issue of common interest privilege in the settlement context, but noted that the Federal Circuit has previously declined to recognize the form of privilege. See In re MSTG, Inc., 675 F.3d 1337 (Fed. Cir. 2012) (holding that pre-settlement communications were not privileged). The court went on to note that even if common interest privilege were adopted in this context, the parties must still show that the withheld documents are “communications by a client to an attorney made in order to obtain legal assistance from the attorney in his capacity as a legal advisor.”

      • Copyrights

        • Benjamin Mako Hill Receives NSF CAREER Award

          Digital knowledge commons like Wikipedia, [Free] software, and collaborative filtering systems like Reddit produce enormous social and economic value and serve as critical information infrastructure. These online communities rely on “peer production” to aggregate contributions from Internet users into vast knowledge bases, which are then made freely available. Citing a prevalent example, Hill points out that, “Wikipedia is the fifth most visited website in the world. Free/libre open source infrastructure serves as infrastructure that we rely on every time we visit a website. Much of what we love and value about the Internet is because of peer production. Although the term might be unfamiliar to many, peer production is the most important organizational innovation to emerge from the Internet. We should do everything we can to understand its complex dynamics and to help preserve and protect them.”

          As crucial as they are, many knowledge commons are under attack by vandalisms, disinformation campaigns, and a range of special interests. At the same time, many of the (largely volunteer-based) groups that sustain mature communities have been stable or shrinking for years. Hill’s project will address this issue from a variety of angles: Why do peer produced knowledge commons increasingly reject the work of volunteers necessary for their long-term survival? How should communities structure themselves to better manage growth? How should they balance the competing goals of remaining open to contributions while protecting the value of what they have produced?

        • Guest Book Review: Copyright in the Music Industry [Ed: Please do not conflate the actual music industry with a monopolistic cartel that abuses and exploits actual artists]

          Readers may know that this Kat enjoys writing about copyright and music from her postings, and during the first lockdown she penned a book on the topic, titled Copyright in the Music Industry: A Practical Guide to Exploiting and Enforcing Rights.

          Dr Sabine Jacques is Associate Professor in IP, IT & Media law at the University of East Anglia and author of The Parody Exception in Copyright Law (OUP 2019), she has kindly provided the follow review of the book:

          I was particularly looking forward to reading Bosher’s book and I was not disappointed (not least because it comes with its own Spotify playlist to immerse the reader into the exciting world of copyright law)! This small book of 220 pages covers all the areas of copyright law which a musician should care about. The book is divided in 5 parts and comprises no less than 22 chapters.

          Part I lays the foundations starting off with why musicians should care about copyright law in the first place. Often seen as complex, Bosher convincingly summarises the reasons why copyright is essential to the music industry and the principles on which it is built. The second chapter provides a simplified overview of copyright concepts ranging from legal instruments to objects of protection, threshold of protection and formalities. Exploring the copyright protection subsisting in a song, Chapter 3 provides an enjoyable account of the genesis and scope of the different layers of protection from the music sheet, lyrics, melody, sound recordings to the artwork. The foundations being laid, chapters 4 and 5 look at what copyright actually grants in terms of rights and what it does not protect. The reader is also briefly exposed to moral rights, mainly in terms of attribution and integrity rights as well as image rights. Looking at what is not protected by copyright law, Bosher predominantly focuses on fair use and fair dealing exceptions to cover activities such as sampling and musical parodies.

          [...]

          Overall, Bosher’s book comprehensively covers a wide range of issues in a very accessible manner. Whilst predominantly aimed at musicians and music creators, this book is valuable to anyone interested in or working at the intersection between the legal world and the music industry. There is no denying that copyright law is more than just another admin task on a creator’s to-do list and should be seen as a central part of a musician’s workflow. The way in which the author simplifies and debunks common copyright myths makes this contribution a must-read for any music creator who would rather avoid engaging with copyright law. It avoids the usual legal tone to provide the reader with an enjoyable and highly readable copyright guide including numerous well-chosen real-life examples. Accessibility being key, this guide is also available as an audio book.

        • At the Intersection of NFTs and Creative Commons Licenses

          Most of the questions we’ve seen show up on CC’s social media feed relate to the intersection between CC licenses, which enable limitless copying (within the bounds of what the particular CC license’s terms allow, of course), and NFTs, which are designed to create digital scarcity and provide something unique to the NFT’s owner.

        • Court Slams Allarco ‘Pirate Device’ Lawsuit, Refuses to Ban Sales at Staples & Best Buy

          Super Channel operator Allarco claimed that major retailers including Staples and Best Buy are selling and encouraging the use of “piracy devices” that undermine its business. However, the company’s application for an injunction banning sales has now been denied, with the judge slamming Allarco’s application and investigative actions from every conceivable angle.

        • If You’re Going To Defend A Satirical Song From A Copyright Lawsuit, Don’t Try A Bunch Of Stupid Alternative Arguments First

          Australian mining billionaire and former politician Clive Palmer has been hit with a $1.5-million judgement over unauthorized use of the song “We’re Not Gonna Take It” by Twisted Sister. The suit was brought by Universal Music after, as part of a 2019 political campaign, Palmer made videos using a modified version of the song with the lyrics “Australia ain’t gonna cop it, no Australia’s not gonna cop it, Aussies not gonna cop it any more”. Setting aside the rather questionable scansion, it’s a pretty obvious modification of the famous song, giving it at least a chance of qualifying for the fair dealing exception for parody and satire that exists under Australian copyright law. But in a ruling today the court has rejected that argument entirely:

05.05.21

Links 5/5/2021: Mesa 21.1 Released and New Releases of Python

Posted in News Roundup at 5:31 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Star Labs StarBook Mk V laptop for sale with Linux Mint, Ubuntu, Manjaro, and more

        Back in the day, getting a laptop with Linux pre-installed was almost unheard of. For the most part, you had to buy a computer with Windows and then install Linux yourself. This wasn’t bad necessarily, but it did mean that the price of the computer usually included a Windows license you maybe didn’t want. In other words, Microsoft was profiting off of Linux users — just because the consumer bought a Windows PC.

        In 2021, however, there are many computers to be had with Linux pre-installed — thanks to pioneers like System76. Of course, nowadays, big companies like Dell and Lenovo are selling Linux machines too. Today, yet another such laptop hits the market — the Star Labs StarBook Mk V. This 14-inch notebook can be had your choice of several quality Linux distributions pre-installed, such as Linux Mint, Ubuntu, and Manjaro to name a few. And yes, Windows 10 is an option too.

        “The StarBook Mk V features a 14-inch ARC display, a true matte display that prevents glare with an Anti-Reflective Coating. It also features a hard coat rated at 3H to prevent against damage. The Intel Core 11th-generation processors boast outstanding performance. The Iris Xe Graphics provides a 180 prcent improvement in graphical performance,” says Star Labs.

    • Server

      • Oracle’s ‘State of the Penguin’ Updates Penguinistas of Multiple Persuasions [Ed: Microsoft-connected publisher]

        Oracle Linux users in North America are gathering online tomorrow (Thurs. May 6, 10am PT) for the latest edition of the State of the Penguin. Wim Coekaerts, Oracle Software Development SVP and Linux Foundation Vice Chairman, will be leading what promises to be an enlightening conversation about the industry landscape, customer use cases, and the latest Oracle Linux technologies, including containers, KVM, open-source contributions, and developer tools, all to help Penguinistas “explore possibilities and update your plans.”

        Coekaerts’ co-host for the event will be Sergio Leunissen, VP in Oracle’s infrastructure engineering team. Leunissen currently leads initiatives to deliver solutions for developers on Oracle’s operating system and Oracle Infrastructure Cloud, and he’s responsible for Oracle’s presence on GitHub.

        I had the opportunity to talk with Coekaerts about the event last week. He’s widely described as an “industry luminary,” an appellation I found to be something of an understatement. He led the last online State of the Penguin, held six months ago.

      • 2.5GbE Networking on Linux [Ed: Microsoft-connected publisher]

        In a a previous article I discussed using 2.5GbE NICs in my home lab. In that article I used the NICs on Windows 10 systems. In this article I will use the NICs on the same systems but with Linux installed on them. I will first give a quick overview of why I am interested in 2.5GbE networking, discuss my testing systems, test the network performance between a Linux and Windows 10 system, between two Linux systems, and then give you my final thoughts on 2.5GbE networking on Linux systems.

        There are a few factors that got me interested in using 2.5GbE networking in my home lab; Intel release a NIC that supported it, wireless networking speeds, and the availability of routers supporting multigigabit networking.

      • New Ambassador Developer Control Plane Accelerates Kubernetes Adoption Across Entire Cloud Native Software Development Lifecycle

        As development teams adopt Kubernetes, they are challenged not only by a growing list of complex technologies but also an expanded role that now includes shipping and operating the systems they build. Built on major open source Cloud Native Computing Foundation projects including Envoy, Emissary-ingress, Argo, and Telepresence, the Ambassador Developer Control Plane is an integrated solution that manages the cloud native infrastructure that developers use to code, ship, and run applications for Kubernetes environments. Ambassador DCP unlocks developer productivity for local and remote environments, enables rapid human-centric service discovery across organizations, and lets entire teams safely deploy and manage applications for production.

    • Audiocasts/Shows

      • Wayland Is The Future Of Linux, What About Now?

        There’s always some chatter about Wayland but what even is it and what makes it so different from Xorg which the vast majority of people on Linux are still running.

      • Pacstall Is An “AUR” For Ubuntu

        What if you could run Ubuntu but also had access to a community software repository similar to the AUR? Pacstall attempts to become the “AUR” Ubuntu wishes it had.

      • LHS Episode #409: JS8Call Deep Dive

        Hello and welcome to the 409th installment of Linux in the Ham Shack. In this episode, we have an interview with Jordan Sherer, KN4CRD, the creator and developer of JS8Call, an amateur radio weak-signal application for having complete QSOs during poor band conditions. Jordan is also the winner of the 2021 Amateur Radio Software Award so we have the board of ARSA on the show discuss Jordan’s achievement and the efforts of the ARSA board to promote free, open-source software in the amateur radio space. We hope you enjoy!

      • FLOSS Weekly 628: Digital Sovereignty – Dr. Andre Kudra

        Dr. Andre Kudra of esatus.com discusses SSI, or Self-Sovereign Identity. It’s a hot and fast-moving topic with a growing base of hackers, companies, nonprofits, and whole states, provinces and countries. Aaron Newcomb and Doc Searls probe Andre for lots of great intelligence about how SSI puts individuals in full charge of how they present minimized ID credentials safely, and inside a whole new framework. They also talk with Andre about his involvement with the demoscene and retro computing, which are especially huge in Europe. It’s a great discussion on this episode of FLOSS Weekly.

    • Kernel Space

      • Quick hack: Patching kernel modules using DKMS

        Dynamic Kernel Module Support (DKMS) is a framework that is mostly used to build and install external kernel modules. However, it can also be used to install a specif patch to the modules of the current kernel, for example, to apply a specific fix.

        For example, when PipeWire 0.3.20 was released earlied this year, it brought support for the mSBC codec which I had added, and which works natively or through the external programs oFono or hsphfpd, when connected to a Bluetooth Headset through the HFP profile.

        Unfortunately, for kernels 5.8, 5.9 and 5.10, this support does not work with USB Bluetooth chipsets from vendors other than Intel.

        While the fix was simple and has since been backported to the LTS kernels, if you are like me and are running a Linux distribution based on a non-LTS kernel, for example Ubuntu 20.04 with kernel 5.8, you will not be able to benefit from this fix. That is, unless you use DKMS to patch the kernel’s Bluetooth module.

      • Graphics Stack

        • Mesa 21.1 Released With RADV Variable Rate Shading, More Intel Vulkan Improvements – Phoronix

          Mesa 21.1 is available today as the latest quarterly feature release to this collection of open-source OpenGL and Vulkan drivers. There are many features to show with this new release and it even managed to release on-schedule.

          Mesa 21.1 brings a wide assortment of improvements to the many contained open-source user-space drivers, but as usual are dominated by enhancements to the Intel and Radeon driver components, especially the Vulkan drivers given the mature state of the OpenGL drivers these days.

    • Applications

      • Muse Takes the Baton on the Audacity Project

        Congratulations to the Audacity development team and Muse Group. In two significant developments, Audacity version 3 was released in March 2021 – its first major update in many years – and Muse Group announced that it has acquired the Audacity project and will take it forward as a free and open source project.

        Audacity is a free and open source digital audio editing and recording application. Started by Dominic Mazzoni and Roger Dannenberg, it has clocked over 200 million downloads during its lifetime, and has been translated into dozens of languages. Eric Raymond once wrote of Audacity: “The central virtue of this program is that it has a superbly transparent and natural user interface, one that erects as few barriers between the user and the sound file as possible.” High praise, indeed.

      • 12 of the Best Free Graphic Design Software [Ed: Covers Inkscape and GIMP; also here]

        According to Inkscape’s website, the software was created for designers of all kinds including those in marketing and branding, engineering/CAD, web graphics, cartooning and for individual uses. You can get started by downloading the software to your Linux, Windows or macOS device.

        When I first downloaded Inkscape, the interface reminded me of Microsoft Paint. This made it really intuitive to use, and all of the features are available for free. According to the website, those features include object creation, object manipulation, fill and stroke features, operations on paths, text support, rendering and a variety of file formats.

        There are tons of resources available on Inkscape’s website under the “Learn” tab including an FAQ section, tutorials, books/manuals and a guide to how to use Inkscape for animation. Users also have access to Inkscape’s community which includes user support and discussions in the form of chat, forums and more.

        [...]

        If you’re looking for a free alternative to Photoshop, GIMP is a graphic design software worth checking out. While you can’t use the software online, it can be downloaded to Linux, OS X or Windows computers.

        GIMP stands for GNU Image Manipulation Program. It’s a free software that was designed for photo retouching, image composition and image authoring, according to the website. The interface is really similar to Adobe’s Photoshop, so if you’re already familiar with the tools and shortcuts, using GIMP will be easy.

        You can get started by checking out the tutorials online which include beginner basics, photo editing tips, painting guides and more. If you’re ready to try out the software yourself, you can download it here.

    • Instructionals/Technical

      • Everything about Daemons in Linux

        Since the Linux operating system is characterized as a multitasking operating system, a daemon is, by definition, a program that continuously executes as a background process. In short, the execution of this process is not dependent on an active user’s system interaction. A normal system user cannot control the periodic execution of a daemon process.

        The naming convention that defines most daemon processes is the one letter ‘suffix’ d. This naming convention makes it possible to differentiate between normal system processes and daemon-powered processes. For example, sshd is a daemon process responsible for the management of incoming SSH connections. Another daemon process example is syslogd. It is responsible for the Linux system logging facility.

        In a Linux environment, the launch of daemons is at boot time. Since the Linux system is a perfect Unix clone, an init process qualifies as the parent process to a daemon. To start and stop daemons on your Linux operating system, you first need to access the /etc/init.d scripts directory on your OS.

      • How to install Wizard101 on a Chromebook with Crossover 20 in 2021

        Today we are looking at how to install Wizard101 on a Chromebook with Crossover 20. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • How to install LibreOffice on Deepin 20.2

        In this video, we are looking at how to install LibreOffice on Deepin 20.2.

      • How to upgrade ZFS storage pools version on FreeBSD

        hen we update FreeBSD from 12 to 13, we get an updated version of ZFS. FreeBSD 13 released with OpenZFS support with various performance boosts. Sometimes OS patching and minor FreeBSD upgrade can also offer an updated zpool version. In any case, we need to upgrade the ZFS storage pools version to get newer functionality and bug fixes. This page explains how to update the ZFS storage pools version on FreeBSD.

      • How to set up Plex on a Raspberry Pi | Android Central

        The Raspberry Pi’s convenience, versatility, and usefulness simply cannot be understated. With just a few clicks, you can set up just about everything, including the ability to set up Plex on a Raspberry Pi. After you’ve finished loading up your library of movies, TV shows, and even music, you can then download the Plex app on any of your devices and enjoy your favorite content from anywhere. Today, we’re going to show you how you can get everything set up.

      • Manage AWS SQS Queues using aws-cli

        You can perform operations on SQS like list, create, delete Queues and send messages, receive messages from your terminal using aws-cli. In this article, we will see the commands to perform these kinds of operations. Before we proceed, it is assumed that you are familiar with AWS SQS Queue.

        To know in detail about options available for aws-cli, visit the official documentation here.

      • Antoine Beaupré: Building a status page service with Hugo

        The Tor Project now has a status page which shows the state of our major services.

        You can check status.torprojet.org for news about major outages in Tor services, including v3 and v2 onion services, directory authorities, our website (torproject.org), and the check.torproject.org tool. The status page also displays outages related to Tor internal services, like our GitLab instance.

        This post documents why we launched status.torproject.org, how the service was built, and how it works.

    • Games

      • Humble Bundle plan to put the much loved sliders back on bundle pages

        After a bit of an uproar from customers, Humble Bundle have decided to ditch their idea of replacing sliders that let people customize where their money goes.

        In their original blog post, they mentioned the sliders that let you adjust the amount you give to Humble, Developers, Charity and Partners would be replaced with a static two-tier system that was giving a lot more to Developers and Humble. Now though, in a fresh blog post they’re backtracking.

      • Don’t Starve Together season finale out in Return of Them: Eye of The Storm plus big sale

        Return of Them: Eye of The Storm is the final update of the season for Don’t Starve Together and so it’s going off with quite a big bang along with a good discount too.

        “With the three lunar altars now complete, the truth at the center of this ancient mystery will finally come to light…
        They’ve been here all along. Don’t Starve Together: Return of Them – Eye of the Storm is now available for all players. With this conclusion of the Return of them Story Arc, worlds collide as old threats and familiar faces make themselves known.”

        [...]

        A fantastic time to get into a thoroughly enjoyable co-op survival game, from Klei Entertainment who have been a very Linux-friendly developer.

      • The Quest to Build a Portable Steam Machine – Boiling Steam

        There’s something about having a portable Steam machine that fascinates me. Being able to play desktop, non-mobile games on the go is a concept that few seemed to have accomplish. The Smach Zero held a lot of promise, but I haven’t heard anything from the team in a long time, and who knows if the poor backers of the project will ever get their hands on it. There’s the GPD Win, and it looks great, but the thing is just too darn expensive. Finally, while the Aya Neo looks fantastic as well, it’s another big-budget gadget that I personally don’t want to spend that much on.

        I’ve looked into making tablets/gaming handhelds in times past, but often transforming that project into reality requires a lot of tinkering. A lot of tools that need to be used that I don’t have. Soldering, splicing, 3D printing, scripting, hot gluing…the list goes on. Another problem that I had was, while the electronics market is littered with ARM-powered SBCs, especially from the likes of the Raspberry Pi, exploring into the x86 world was relatively untouched, as far as handhelds go. I wasn’t content playing retro games by means of emulation. I didn’t like the fact that I couldn’t play my games on Steam on native hardware; it had to be done through streaming. I wanted something more, and I knew the only way I could do that was use an x86-based computer.

    • Distributions

      • Arch Family

        • Arch: FOSS Activities in April 2021

          Hope people have had a lovely spring. This month has passed quickly! I have put off writing the monthly post because I was busy with a weekend project.

          My master thesis was about how to apply transparency logs and reproducible builds to give package rebuilders the ability to produce tamper evident logs. This is handy since any one package build can easily be proven to be part of the log, and you can very easily fill inn the history from one point in time to another by hashing files in the correct order.

          These days transparency logs has seen a larger adoption with projects like sigstore and trustix. What’s interesting is that kernel.org publishes a transparency log of all the git push operations.

      • Debian Family

      • Canonical/Ubuntu Family

        • Ubuntu Touch OTA-17 brings initial support for NFC and other improvements (coming May 12, available for testing now)

          The UBPorts team is set to roll out the next update to Ubuntu Touch on May 12th. While Ubuntu Touch OTA-17 won’t have as many user-facing changes as some previous builds of the operating system, there are still some goodies baked in, particularly for folks with a couple of specific devices.

          For example, Ubuntu Touch OTA-17 is the first version to support NFC hardware. The feature only works on certain devices, including the Google Pixel 3a and Volla Phone, but it should allow developers to create Ubuntu Touch apps that make use of NFC to read or write NFC tags or communicate with other NFC-enabled hardware like wireless earbuds.

        • Warpinator: Transfer Files Between Your Linux PCs And Android Devices

          Warpinator allow you quickly and easily to transfer files between Linux PCs, Android phones, tablets, and other devices.

          Warpinator is a local network file transfer application developed by Linux Mint. It is written with Python 3 and was released by the Linux Mint project in September of last year. Warpinator also can be installed on many other Linux distributions.

          Server configuration (FTP, NFS, Samba) is overkill for casual file transfers between two computers, and it’s a real pity to use external media (Internet services, USB sticks, external HDDs) just to share files when there’s a local network which could do just that.

    • Devices/Embedded

      • Imago VisionAI artificial intelligent camera supports Tensorflow Lite and AutoML Vision Edge

        Developers and Tensorflow enthusiasts may be interested in a new smart artificial intelligent camera in the form of the Imago VisionAI. The VisionAI offers support for TensorFlow Lite or AutoML Vision Edge and runs on the Debian-based Linux operating system, making it easily programmable to meet the application needs through a Linux SDK with a VisionBox Interface C++ Library and FG camera library.

      • Martian rover has some Linux computers, too

        NASA’s Perseverance rover is equipped with a Linux-driven, Atom-based CompuLab COMEX-IE38 module designed to compress images. The rover also has a Qualcomm 801 Linux system like its Ingenuity copter, which is embarking on a new scouting mission.

        As LinuxGizmos and many other sites reported in February, NASA’s semi-autonomous Ingenuity drone copter is equipped with an embedded Linux computer based on the Qualcomm 801 (formerly Snapdragon 801). Ingenuity, which has since run several successful test flights on Mars, making it the first craft to fly in the atmosphere of an extra-terrestrial planet, uses the Qualcomm 801 via the Qualcomm Flight platform for navigation and camera control and processing.

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Announcing Mozilla Rally – Data@Mozilla

            We wrote recently about how difficult it is to understand the data companies collect from you, and what they’re doing with it. These companies determine how your data is used and who benefits. Cutting people out of decisions about their data is an inequity that harms not only individuals, but also society and the internet. We believe that you should determine who benefits from your data. Today, we’re taking a step in that direction with the alpha release of Mozilla Rally. Rally is now available for desktop Firefox users age 19 and older in the USA.

            Rally is aimed at rebuilding your equity in your data. We allow you to choose how to contribute your data and for what purpose. We’re building a community to help understand some of the biggest problems of the internet, and we want you to join us.

            [...]

            We started Rally as an innovation program, building on earlier experiments with trusted research institutions. We are exploring new products and public interest projects that return equity to communities in the coming months. We are data optimists and want to change the way the data economy works for both people and day-to-day business. We are committed to putting our users first every step of the way, and building a community together.

      • Productivity Software/LibreOffice/Calligra

      • FSF

        • Licensing/Legal

          • Open Source and IoT

            Here is a companion article to my upcoming PLI talk on the special risks and rewards of open source and standards in IoT. It was published on PLI PLUS, the online research database of PLI.

      • Programming/Development

        • Perl/Raku

        • Python

          • Pyston v2.2: faster and open source

            We are proud to announce Pyston v2.2, the latest version of our faster implementation of the Python programming language. This version is significantly faster than previous ones, and importantly is now open source.

          • Pyston 2.2 Released For A Faster Python While Facebook Releases Cinder – Phoronix

            Pyston 2.2 is out today as the latest version of this performant Python implementation. Separately, Facebook has introduced Cinder as a new incubator project providing a speedy Python JIT implementation.

            Pyston 2.2 is out today as the new version of this alternative Python implementation. With Pyston 2.2 the developers claim their implementation is 30% faster now than the stock Python for web server benchmarks. Speed-ups this time around include work on their JIT and attribute cache mechanisms.

          • Python 3.8.10, 3.9.5, and 3.10.0b1 are now available

            This has been a very busy day for releases and on behalf of the Python development community we’re happy to announce the availability of three new Python releases.

          • Python programming language: These three new releases just arrived

            Three new versions of the Python programming language have been released, one of which is a beta release of the upcoming Python version 3.10.

            It what the Python release team called “a very busy day for releases”, Monday, 3 May saw the release of Python 3.8.10, 3.9.5 and 3.10.0b1.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • macOS bugs causing sporadic browsing issues with Safari, Firefox, others

          According to user reports on the Apple Support Communities, the Safari 14.1 update breaks functionality on popular websites like eBay. The issue appears to predominantly affect Safari 14.1 on macOS Catalina and macOS Mojave.

          There are reports from developers about ongoing problems with the latest versions of Apple’s browser, too. Google Chrome developer advocate Jake Archibald reports that localStorage in Safari 14.1 is broken, causing tabs with use the same localStorage for text boxes.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Cloud Native Computing Foundation Welcomes New Relic to Governing Board as a Platinum Member

                A CNCF member since 2018, New Relic is committed to making observability a data-driven approach and daily practice for millions of engineers. The observability company has invested heavily in open standards, open instrumentation, and open collaboration with a number of its own open source projects. Previously a silver sponsor for AdoptOpenJDK, New Relic is a founding member of Eclipse Adoptium, which is becoming the leading provider of high-quality OpenJDK-based binaries.

              • The TAB report on the UMN affair

                The Linux Foundation Technical Advisory Board has issued its report on the submission of (intentionally and unintentionally) buggy patches from the University of Minnesota.

              • Report on University of Minnesota Breach-of-Trust Incident
                On April 20, 2021, in response to the perception that a group of
                University of Minnesota (UMN) researchers had resumed sending
                compromised code submissions to the Linux kernel, Greg Kroah-Hartman
                asked the community to stop accepting patches from UMN and began a
                re-review of all submissions previously accepted from the University.
                This report summarizes the events that led to this point, reviews the
                "Hypocrite Commits" paper that had been submitted for publication, and
                reviews all known prior kernel commits from UMN paper authors that had
                been accepted into our source repository.  It concludes with a few
                suggestions about how the community, with UMN included, can move
                forward.  Contributors to this paper include members of the Linux
                Foundation's Technical Advisory Board (TAB), with patch review help from
                many other members of the Linux kernel developer community.
                
                UMN worked well within the kernel community for many years, submitting
                numerous bug-fixes that were merged into past kernel releases.  Last
                year (2020), one member of the UMN community chose to do a research
                project that involved submitting patches that attempted to intentionally
                introduce flaws in the kernel.  The trust between the kernel community
                and UMN was broken when this project was made public.  The UMN
                developers went quiet for seven months and then started submitting a new
                handful of poor quality patches to the community.  Many assumed that
                trickery was afoot, engendering a reaction that caused a halt to
                acceptance of UMN kernel contributions and forced us to re-review all
                prior submissions.
                
                Due diligence required an audit to identify which authors were involved
                in different UMN research projects, identify the intent of any flawed
                patches, and remove flawed patches regardless of intent.  Reestablishing
                the community's trust in researcher groups is important as well, since
                this incident could have a wide-reaching impact on trust in both
                directions that might chill participation by any researchers in kernel
                development.  The developer community should be able to trust that
                researchers are sending quality patches meant to improve the kernel, and
                researchers should trust the developer community will not undermine the
                researchers' reputations when mistakes are made.  The recommendations in
                this report aim to move beyond this conflict, providing a way to help
                both communities to work together better.
                
                
              • Linux’s Technical Advisory Board reports on the UMN ‘Hypocrite Commits’ patches

                The fire between the Linux kernel community and the University of Minnesota (UMN) is being put out. Thanks to an ill-thought-out Linux security project, two UMN graduate students tried to insert deliberately buggy patches into Linux. Greg Kroah-Hartman, the well-respected Linux kernel maintainer for the Linux stable branch, responded by banning not only them but any UMN-connected developers from contributing to the Linux kernel. Now, UMN has addressed the Linux kernel developer’s community’s concerns. And, in a message to the Linux Kernel Mailing List (LKML), the Linux Foundation Technical Advisory Board (TAB) and volunteer senior Linux kernel maintainers and developers have reported on what they found when they closely and thoroughly examined patches from UMN academics.

        • Security

          • Raft of Exim Security Holes Allow Linux Mail Server Takeovers

            Remote code execution, privilege escalation to root and lateral movement through a victim’s environment are all on offer for the unpatched or unaware.

            A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution (RCE), gaining root privileges and worm-style lateral movement, according to researchers.

          • Understanding DDoS Attacks and How to Prevent Them

            DDoS cyberattacks can happen anytime and devastate any business, but by understanding how they occur and how to prevent them, you can continue to surf the web safely.

            A distributed denial of service (DDoS) attack is a type of cyberattack that hackers often use to breach a network and overload it with unwanted traffic to disrupt services. Once the system is strained to its limit, it no longer accepts legitimate traffic, and services start to fail.

            Think of a DDoS attack as a crowd blocking the way into your favorite coffee shop: It’s tough for you to get in, and it makes it difficult for that business to distinguish a real customer from the rest of the crowd. Because of that confusion, it’s tough for businesses that are targeted by a DDoS attack to serve their customers and distinguish who’s real and who’s not.

          • Identifying the Differences Between VPN Protocols
    • Digital Restrictions (DRM)

      • How a Former Netflix Exec Built a Brazen Bribery Scheme

        NETFLIX’S FORMER VICE president of IT operations was convicted of taking bribes from technology vendors in exchange for awarding them contracts with Netflix, the US Department of Justice announced Friday. The former VP’s illegal scheme forced colleagues to use a variety of products, including one that suffered from “severe” performance problems and another that Netflix employees objected to because they preferred a different product the company was already paying for, the DOJ said.

        [...]

        Two days before registering that company, “Kail signed a Sales Representative Agreement to receive cash payments from Netenrich, Inc. amounting to 12 percent of the billings from Netenrich to Netflix for its contract providing staffing and IT services to Netflix,” the DOJ announcement said. “Later in 2012, Kail began to receive 15 percent of all billing payments that VistaraIT, LLC, a wholly owned company of Netenrich, received from Netflix. From 2012 to 2014, Netenrich paid Unix Mercenary approximately $269,986, and VistaraIT paid Unix Mercenary approximately $177,863. The payments stopped in mid-2014, when Kail left Netflix.”

        Kail also had kickback agreements with the vendors Platfora, Sumo Logic, Netskope, Maginatics, ElasticBox, and Numerify, the DOJ said. For example, Kail “became an advisor and received options for shares in the company Sumo Logic” in June 2012 and then “authorized and signed on behalf of Netflix a vendor agreement between Netflix and Sumo Logic,” the DOJ said, adding:

    • Monopolies

      • Patents

        • Yamaha E01 Electric Scooter Plans Revealed in Patent
        • Software Patents

          • PacSec3, NACAR IP affiliate, patent challenged

            On May 4, 2021, Unified Patents filed an ex parte reexamination against U.S. Patent 7,523,497, owned by PacSec3, an NPE. PacSec3 was formed in 2020 with NACAR IP LLC as its managing member. NACAR IP was also formed in early 2020 with Dynamic IP Deals, LLC (d/b/a DynaIP), a patent monetization company, identified as its managing member. The ‘497 patent has been asserted against F5 Networks, NetScout Systems, Palo Alto Networks, McAfee, Cisco, and Juniper Networks.

          • Another Sovereign Peak Ventures patent challenged

            On May 3, 2021, continuing in the ongoing efforts in the SEP Video Codec Zone, Unified filed a petition for inter partes review (IPR) against U.S. Patent 6,877,038, owned by Sovereign Peak Ventures, a Dominion Harbor entity. The ’038 patent relates to video processing and has been asserted against LG and TCL.

Links 5/5/2021: StarLabs, GNU Zile 2.6.2, Fedora i3 Spin

Posted in News Roundup at 1:30 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • StarLabs’ Latest Linux Laptop Has Landed, Priced from £777

        Their latest 3.1 pound notebook boasts a 14 inch full HD display, 11th-gen Intel Tiger Lake-U processor, and a range of other options.

        Plus like all of their devices it’s available to buy with choice of Linux distribution, including Ubuntu, Linux Mint and Zorin OS. While the StarBook Mk V isn’t the cheapest Linux laptop out there it’s price isn’t astronomical, either.

      • StarBook Mk V Linux Laptop Is Now Available for Pre-Order

        Last month, UK-based Linux hardware vendor StarLabs teased us with a new addition to their light and powerful Linux-powered laptops, the StarBook Mk V, which promised great battery life, a bigger and more beautiful display, as well as newer and more powerful components.

        Now, those in the market for a new Linux laptop can pre-order the StarBook Mk V from StarLabs’ website and fully configure it to their needs. The laptop features a larger chassis that allows for a bigger battery and a true matte 14-inch IPS Full HD display that prevents glare with an anti-reflective coating and damage with a 3H hard coat.

      • Star Labs have now revealed the slick 14″ StarBook Mk V Linux laptop

        Ready to drool over new Linux hardware? Star Labs are ready for you to open your wallets to the 14″ StarBook Mk V. Now this is the type of laptop model I can get into. A screen that’s not too big, a sleek chasis and a reasonable price backed up by some powerful internals along with it being designed for Linux.

      • StarBook Mk V is a Linux laptop with Intel Tiger Lake for $929 and up

        The latest Linux laptop from UK-based Star Labs is a 3.1 pound notebook with a 14 inch full HD display, support for super-speedy storage, and an 11th-gen Intel Tiger Lake-U processor.

        Available with a choice of GNU/Linux distributions including Ubuntu, Linux Mint, Manjaro, MX Linux, Elementary OS, and Zorin OS, the StarBook Mk V is now available for pre-order for $929 and up.

    • Audiocasts/Shows

      • 5 Easy Tweaks to increase your Linux Server’s Security

        In the second episode of my Enterprise Linux Security series, I’ll show you 5 easy tweaks you can make to enhance the security of your Linux server. Ubuntu Server will be shown as the example distribution, but most of these tweaks can be done on any distro with some modifications to the syntax as necessary.

      • Why I Said NO To A Job With Dell’s Linux Team

        A new Linux hardware partnership with @TUXEDO Computers, a story about turning down a job with Dell’s Project Sputnik, a new interview with System76, a new Matrix room… There’s a LOT going on as Linux For Everyone gets ready to kick out a bunch of new content. Pull up a chair for this quick channel update!

    • Kernel Space

      • Linux 5.13 Adds An Intel Cooling Driver To Downclock Your CPU At A Lower Threshold – Phoronix

        Linux 5.13 is introducing the “intel_tcc_cooling” driver for helping to cool newer Intel mobile/desktop CPUs by down-clocking the processor cores when crossing a lower threshold than is set by default.

        This new driver for Linux 5.13 allows setting a lower threshold / offset for the Thermal Control Circuit (TCC) activation temperature. Rather than waiting until the default TCC activation temperature is reached, Intel CPUs support applying an offset (the “TCC Offset”) via an MSR if wanting to set the down-clocking to occur at a lower temperature over the default system critical temperature.

      • Intel Explores Write Protecting Page Tables Using Upcoming PKS Feature – Phoronix

        As an additional security measure for the Linux kernel, Intel engineers are exploring making kernel page tables read-only and to then only allow writing on a per-CPU basis when they need to be modified. This would be handled using the PKS functionality found with future Intel processors.

        For many months now Intel has been working on the infrastructure for Protection Keys for Supervisor support in the Linux kernel. Protection Keys for Supervisor (PKS) is coming with future Intel processors. PKS as the supervisor/kernel equivalent to the existing PKU functionality was initially prototyped as a way to prevent stray writes to persistent memory and safeguarding trusted keys within the Linux kernel. A new proof-of-concept posted on Tuesday would be using PKS for safeguarding page tables.

      • LinuxBoot Pulls In netboot.xyz For Easily Booting Different OS Installers

        The LinuxBoot project that works to replace some portions of modern Linux server firmware with the Linux kernel and other open-source components has now integrated support for the convenient netboot.xyz project.

        The 9elements consulting firm that specializes in cyber security and open-source firmware consulting added support for Netboot.xyz into LinuxBoot.

      • Graphics Stack

        • VMware Prepares Linux Driver For Next-Gen Virtual GPU – Phoronix

          While physical GPUs may be in short supply right now, VMware is preparing for “SVGA v3″ as their next-gen virtual PCI graphics adapter for use within VMware virtual machines for graphics acceleration backed by the host.

          VMware has long provided reliably Linux graphics acceleration to their virtual machines under Linux with their “SVGA” graphics adapter backed by a mainline, open-source driver stack. That’s worked out well and is now being extended for VMware’s forthcoming third iteration of SVGA.

    • Applications

      • 10 Free Open Source Video Editors for Linux [ in 2021 ]

        In this article we are going to check out which are the ten best video editing software’s that can be run in Linux. If you are in video editing then this article is for you.

      • Cawbird Twitter Client Gets Major Release with Many New Features and Improvements

        Four months in development, Cawbird 1.4 is here to adds lots of features, such as support for various text sizes like Normal, Large, X-Large, XX-Large, better counting of ZWJ (Zero Width Joiner) Unicode character emoji, as well as support for deleting draft tweets when pressing the Cancel button via a new confirmation dialog.

        Moreover, Cawbird 1.4 makes threaded tweets more obvious by introducing a new “Reply to” line for self-reply threads in the timeline, displays tweets on your timeline when you follow someone and hides them when you unfollow them, and adds the ability to temporarily show a blocked or muted Twitter account.

      • Top 8 Terminal Emulators for Linux [ in 2021 ]

        Have you ever wanted to change your terminal? Each Linux distribution comes with an already installed one, although the operation of the terminal is the same for every distribution, this does not mean that they are all the same. Each one of them has a different look and feel.

        Of course that is the good thing about Linux you have a huge choice in everything. And with terminals, the choice is really huge, so here in this article we will try to show you eight of the best that exist.

        We must mention that although they are some of the best, people have different tastes and if your favorite terminal is not among those mentioned, we will be happy to add it by writing us a comment bellow with which it is.

      • Audacity ‘scared and excited’ to be bought and brought under Muse Group’s roof, promises to stay free and open source

        Veteran audio editor Audacity has been purchased by Muse Group, although its new management has pledged to keep the platform free and open source.

        An explanatory video was posted by Martin Keary (aka Tantacrul) at MuseScore, the content of which was confirmed by the Audacity team over the weekend.

        “We’re scared and excited,” the team behind the decades-old platform squeaked. “We hope you are too.”

        Muse Group itself launched last week and the likes of Ultimate Guitar and Tonebridge are among its brands. It also includes MuseClass, still in closed beta, and MuseScore. Keary is head of product for the latter, which was founded back in 2008 and acquired by Ultimate Guitar in 2018.

      • Inkscape 1.1 RC1 Released For This Leading Open-Source Vector Graphics Editor

        The Inkscape 1.1-rc1 release is the last step before officially releasing this first major post-1.0 Inkscape version. Inkscape 1.1 introduces a welcome dialog, a command palette to help with keyboard shortcuts, a new outline overlay mode, a rewritten dialog docking system, support for exporting as JPEG / TIFF / optimized PNG / WebP directly from the editor, and a wide variety of other improvements.

    • Instructionals/Technical

      • Steps to install Spotify in Rocky Linux or CentOS 8 – Linux Shout

        The time has gone when people have to store their favorite music on SD card or CD/DVD discs, in today’s era when everything moving to the cloud then why not our music. There are a bunch of well-known services that allow users to legally stream the latest and old music directly on their smartphone, TV, or PC with help of a dedicated app or browser and internet. And Spotify is one of them. It is already a well-known music streaming service. And if you are looking for a way to install Spotify Linux app on your RedHat RHEL or its derivative Linux OS such as CentOS, AlmaLinux, and Rocky Linux 8.3. Then here are the steps to follow.

      • Pipewire low latency

        Just wanted to leave myself a note here. On QJackCtrl It shows the latency in the bottom right of the Parameters page. If I drop the Frames/Period to 16 (Lowest) the latency drops to 1 msec. For a Jamulus server with a ping time of 22ms I get an overall delay of 44 ms.

      • How To Install Node.js on AlmaLinux 8 – idroot

        In this tutorial, we will show you how to install Node.js on AlmaLinux 8. For those of you who didn’t know, Node.js is a Javascript platform for programming that enables users to build network applications very quickly. It offers users the ability to write websites in JavaScript whose code executes on the server instead of a client’s browser.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Node.js on an AlmaLinux 8.

      • How To Install LibreNMS on Debian 10 – idroot

        In this tutorial, we will show you how to install LibreNMS on Debian 10. For those of you who didn’t know, LibreNMS is an auto discovering PHP/MySQL/SNMP-based network monitoring which includes support for a wide range of network hardware and operating systems including Cisco, Linux, FreeBSD, Juniper, HP, and many more. LibreNMS is a community-supported fork of Observium.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the LibreNMS on a Debian 10 (Buster).

      • How to Rewrite URLs with mod_rewrite for Apache on Ubuntu 20.04

        The mod_rewrite is an Apache module that uses a rule-based rewriting engine. It is used for translating and redirecting the requested URL to a new URL. It allows a URL to be changed dynamically. So the visitor never sees the URL change in the address bar. With mod_rewrite, you can rewrite an unlimited number of rules. This will allow you to rewrite the URL based on environment variables, HTTP headers, and server variables.

        In this post, we will show how to use mod_rewrite to rewrite the URL for Apache on Ubuntu 20.04.

      • How to send commands and states to Linux minions from the Salt controller – TechRepublic

        In a previous how-to, I demonstrated how to get SaltStack installed on a controller and connect it to a minion (see: How to deploy the open-source SaltStack for automated server configuration and management). With SaltStack up and running, it is then possible to send commands to your minions. This can be used within your on-premise or cloud-hosted data center.

        For example, say you have several minions that will host websites and you need to get NGINX installed on them. With SaltStack you can install that web server on every connected minion with a single command.

        For any administrator, having such power can seriously turn a ridiculously busy day into one that’s far more manageable. Instead of having to go around to every one of those servers and install NGINX manually, you can do it from a single terminal interface. That’s the power of SaltStack.

      • How to Install Latest LibreOffice in Linux Desktop

        LibreOffice is an open-source and much powerful personal productivity office suite for Linux, Windows & Mac, that provides feature-rich functions for word documents, data processing, spreadsheets, presentation, drawing, Calc, Math, and much more.

        LibreOffice has a large number of satisfied users across the globe with almost 200 million downloads as of now. It supports more than 115 languages and runs on all major operating systems.

      • How To Install Apache Nifi on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Apache Nifi on Ubuntu 20.04 LTS. For those of you who didn’t know, Apache NIFI is an open-source scalable tool to manage transformation, data routing, and system mediation logic. To put it in layman’s terms nifi simply automates the flow of data between two or more systems. Apache NiFi supports powerful and scalable directed graphs of data routing, transformation, and system mediation logic.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Apache Nifi on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to best set up command aliases on Linux

        Used frequently, bash aliases can make working on the Linux command line a lot smoother and easier, but they can also be complicated and hard to remember. This post examines how you might make your aliases work for you rather than vice versa.

        [...]

        One of the nice things about aliases is that they remain available as you move around in your file system. They don’t depend on your location or what’s in your PATH variable. If you end up with 65 aliases, you might need to check them from time to time just to remember what they do. However, if you have to check very often, they might not be serving you as well as they should.

      • Static and dynamic IP address configurations for DHCP | Enable Sysadmin

        IP address configuration is one of the most critical, if simple, settings on your network devices. Workstations, servers, routers, and other components must have properly assigned IP address settings to participate on the network.

        This two-part article series covers static and dynamic IP address settings and the configuration of a DHCP server. This article (part one) defines network identities, contrasts static and dynamic configurations, and covers the commands needed to manage the settings. Part two covers the deployment of a DHCP server, DHCP scope configuration, and client-side management of dynamic IP addresses.

      • How to install Kubuntu 21.04

        In this video, I am going to show how to install Kubuntu 21.04.

      • How to create Rocky Linux 8 bootable usb drive – Linux Shout

        To try out Rocky Linux 8 on our physical system we either need a bootable USB drive or DVD/CD. However, DVD is not common now, thus USB is the preferred option. And here in this tutorial, we let you know the steps for creating a bootable USB drive for Rocky Linux 8 using Rufus or BalenaEtcher.

      • How to configure Noscript for ordinary users

        The Noscript Security Suite (NSS) is a fantastic, fantastic tool. It comes as an extension for Firefox and various Chromium-based browsers, and what it does is transform the useless, noisy so-called “modern” Internet into a pool of tranquility. And it does so by blocking scripts and other elements on Web pages. Beautiful, elegant. You end up with a fast, quiet experience. No nagging, no overhead. When you do need scripting, you selectively enable it. Works great, but only if you’re a techie.

        Unfortunately, for common folks AKA not nerds, this is not a solution. They can’t be bothered with per-site permissions, figuring out if something is broken when scripts don’t run, or similar. But then, what if you do want to have all the flexibility of non-restricted browsing but still use some of the great powers of Noscript? Well, I think I may have the formula. Follow me.

      • How to accurately match OVAL security data to installed RPMs

        Red Hat publishes security data using the Open Vulnerability and Assessment Language (OVAL). Depending on what you have installed, according to the Red Hat and OVAL compatibility FAQ, you’ll need to scan streams for all products installed on your system. This post aims to answer the question of how to determine which stream to use when scanning a system. We’ll use an operating system and container image as target systems to explore the topic.

        On April 27, 2020 Red Hat started publishing repository-to-CPE mapping data (JSON file) to make this task easier. Then in December 2020 we added support for Red Hat Enterprise Linux update streams such as Extended Update Support (EUS).

    • Games

      • Awesome fast-paced FPS DUSK gets a helpful update with more to come like Steam Workshop

        David Szymanski and New Blood have updated DUSK to include some helpful UI updates, along with 40% off and there’s plenty more to come for this brutal retro FPS.

        For the main menu UI you can now delete saved games (hooray!), and there’s a Continue button now to jump right back in a little easier for your current run. There’s also a Max Loadout button for when you just want to bring on all the toys a little easier without lots of clicking.

      • LightBreak is a very unique looking upcoming story-driven musical game

        With gameplay that looks equal measures confusing and intriguing, LightBreak is a musical game where you get the story by following this music and creating it as you go along.

        [...]

        It’s currently crowdfunding on Kickstarter, with full Linux support planned. Deev Interactive are hoping to raise a minimum of $10,000 USD by June 3, 2021.

      • Free Game Wednesday – check out MannaRites, a retro beat’em’up with modern touches

        Something I’ve been meaning to post about for a while is the beat’em’up MannaRites, a completely free game you can grab on Steam that’s surprisingly great. The developer mentioned in an email to us that it’s free because they’re “just a big fan of beat-em-ups from before and wanted to share my vision of the genre with other fans”.

      • Big screen gaming distribution GamerOS continues picking up the SteamOS slack | GamingOnLinux

        While Valve continue ignoring SteamOS for now, GamerOS continues to mature the big-screen Linux experience with another big release available to download now.

        It’s a genuinely good Linux distribution if you want a console-like experience. Giving you the Steam Big Picture mode, along with their Steam Buddy tool that allows you to install from other sources. GamerOS 24 upgrades some of the main components of Linux including Kernel 5.11.16, Mesa drivers 21.0.3, NVIDIA 465.27 along with upgrades to their compositor, their Steam Tweaks tool and their Steam Buddy tool.

      • Valve’s anti-competitive nature?

        Wolfire Games has taken Valve to court in a class action lawsuit over the allegation of unfair business practices

      • Check out Eudora, a lo-fi real-time strategy game inspired by classics like Dune 2 and C&C

        I’m such a sucker when it comes to traditional styled RTS games so I couldn’t pass up on checking out Eudora. Originally made for the DOS Games Jam back in early 2020, it’s continued to be polished up and is a surprisingly great little free RTS.

        “As was common with games of this era, gameplay focuses on resource collection, power management, and basebuilding (including walls and other base defenses). A clickable minimap is enabled after building the Radar structure.

        Ten buildable units (plus a superweapon ability) can be used to destroy the enemy forces across seven maps, including special stealth and survival scenarios, with some featuring bonus units not normally accessible without cheat codes.

      • After many years, Switchcars is done and has left Early Access

        Switchcars is a very strange game. One where you run along, throw a hook into cars to speed up, pinch all sorts of vehicles and try to outrun strange alien creatures. After being in development for eight years, with at least five of those in Early Access on Steam the 1.1 update is out now and so it’s finally left Early Access.

        This is the biggest update to the game in its history adding in loads of new content including almost 200 new vehicles, a full editor to make your own vehicles and props, a “rally” game mode, a mod manager, new engine sounds plus tons of other improvements and fixes.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • System76 is about to re-define the Linux desktop experience with COSMIC

          It should come as no surprise that System76, the company always finding new ground in the intersection of open source software and OEM hardware, has embarked upon refining and retooling the Pop!_OS Linux desktop experience.

          COSMIC is System76′s way of taking the GNOME desktop environment and tweaking it to better suit the user experience, as defined by their user base. The company polled Pop!_OS users to find out how they work with the desktop. The results of that survey helped guide the company in developing COSMIC.

          What is COSMIC? Simply put, it’s a honed user experience for the GNOME desktop. From what I’ve seen, it looks to be superior in just about every way.

    • Distributions

      • Ampere Hardware & Kali Linux

        When Ampere partnered with Debian, this caught our eye. We were aware that our current ARM cloud provider was soon ending support for arm64 servers (which we use for our build daemons).

        At Kali Linux, one of the things which is important to us, is that we prefer not having to cross-compile our ARM binaries that we ship in our Kali packages.

        [...]

        We reached out to Ampere to see if they would be able to help us out. We soon realised they have the same mindset as we do, ARM is the way forward. When developing Kali Linux, we treat ARM devices as “first class citizens”, just like we do with our “desktop” images (amd64/i386). There are many advantages to ARM, such as using less power (which means they don’t need cooling), lighter (handy when traveling to be on site or mailing devices to be a drop box) and cheaper devices (client doesn’t have to return the device!). These make really small form factor devices – which for doing penetration testing or red team exercises on site, expands the possibilities of where to hide various devices (imagination is the only limitation). This is why we try and give the same user experience regardless of the platform you are using Kali on. This is why we have pre-generated images and build scripts for as many different devices as possible

      • Reviews

        • Zorin OS Review – An alternative to macOS and Windows

          Zorin OS is an Ubuntu-based Linux distro. Its ultimate goal is to provide Windows and macOS users with a Linux alternative. The Zorin OS is powerful, fast, and secure; it is pretty hard for trackers to track activities in your OS. Most users love Zorin due to its privacy prowess.

          Why Zorin OS? This question has been asked by most users, thus, the essence of this tutorial. We are here to give you the ideal review of why you should opt for the Zorin OS.

          This Linux distribution is user-friendly, and hence it does not matter if you are a Linux guru or not. Anyone can use this OS since it is very manageable. The handy preset layouts that are offered with this OS are a good touch. Newcomers can easily try out the macOS layout, Touch Layout, and Windows Layout now by installing Zorin OS and feel homely.

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • thunderbird email updated to 78.10.1

          Mozilla Thunderbird is a free and open-source cross-platform email client, personal information manager, news client, RSS and chat client developed by the Mozilla Foundation. The project strategy was originally modeled after that of the Mozilla Firefox web browser.

        • firefox browser updated to 88.0.1

          Firefox Browser, also known as Mozilla Firefox or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. Firefox uses the Gecko layout engine to render web pages, which implements current and anticipated web standards.

      • SUSE/OpenSUSE

        • SAP Data Intelligence supported on Rancher Kubernetes Engine [Ed: This is what SUSE has done… it has even turned Andreas Jaeger into a booster of proprietary software]

          The SAP and SUSE teams successfully validated SAP Data Intelligence (DI) 3.1 with both Rancher RKE and RKE2 . SAP DI is SAP’s product to provide data integration and machine learning services that allow customer to integrate systems and analyze data to create new insights. The components of SAP Data intelligence run containerized, orchestrated by Kubernetes.

      • IBM/Red Hat/Fedora

        • Introducing the Fedora i3 Spin

          Fedora 34 features the brand new i3 Spin created by the Fedora i3 S.I.G. This new spin features the popular i3wm tiling window manager. This will appeal to both novices and advanced users who prefer not to use a mouse, touchpad, or other pointing device to interact with their environment. The Fedora i3 spin offers a complete experience with a minimalistic user interface and a lightweight environment. It is intended for the power user, as well as others.

        • Detecting memory management bugs with GCC 11, Part 2: Deallocation functions

          The first half of this article described dynamic memory allocation in C and C++, along with some of the new GNU Compiler Collection (GCC) 11 features that help you detect errors in dynamic allocation. This second half completes the tour of GCC 11 features in this area and explains where the detection mechanism might report false positives or false negatives.

          Throughout this article, I include links to the code examples on Compiler Explorer for those who would like to experiment. You will find the links above the source code of each example.

        • Memory error checking in C and C++: Comparing Sanitizers and Valgrind

          This article compares two tools, Sanitizers and Valgrind, that find memory bugs in programs written in memory-unsafe languages. These two tools work in very different ways. Therefore, while Sanitizers (developed by Google engineers) presents several advantages over Valgrind, each has strengths and weaknesses. Note that the Sanitizers project has a plural name because the suite consists of several tools, which we will explore in this article.

          Memory-checking tools are for memory-unsafe languages such as C and C++, not for Java, Python, and similar memory-safe languages. In memory-unsafe languages, it is easy to mistakenly write past the end of a memory buffer or read memory after it has been freed. Programs containing such bugs might run flawlessly most of the time and crash only very rarely. Catching these bugs is difficult, which is why we need tools for that purpose.

          Valgrind imposes a much higher slowdown on programs than Sanitizers. A program running under Valgrind could run 20 to 50 times slower than in regular production. This can be a showstopper for CPU-intensive programs. The slowdown for Sanitizers is generally 2 to 4 times worse than regular production. Instead of Valgrind, you can specify the use of Sanitizers during compilation.

        • Building resilient event-driven architectures with Apache Kafka

          Even though cloud-native computing has been around for some time—the Cloud Native Computing Foundation was started in 2015; an eon in computer time—not every developer has experienced the, uh, “joy” of dealing with distributed systems. The old patterns of thinking and architecting systems have given way to new ideas and new problems. For example, it’s not always possible (or advisable) to connect to a database and run transactions. Databases themselves are giving way to events and Command Query Responsibility Segregation (CQRS) and eventual consistency. Two-phase commits are being replaced with queues and database sagas, while monoliths are replaced with microservices, containers, and Kubernetes. “Small and local” thinking rules the day.

          Now combine this with the fallacies of distributed processing, and suddenly event-driven architecture becomes very attractive. Thankfully, there are tools to make this possible. Apache Kafka is one of those tools.

          Kafka makes event processing possible; Red Hat OpenShift Streams for Apache Kafka makes event processing easy.

        • Kubernetes configuration patterns, Part 2: Patterns for Kubernetes controllers – Red Hat Developer

          This article is the second in a two-part article series on Kubernetes configuration patterns, which you can use to configure your Kubernetes applications and controllers. The first article introduced patterns and antipatterns that use only Kubernetes primitives. Those simple patterns are applicable to any application. This second article describes more advanced patterns that require coding against the Kubernetes API, which is what a Kubernetes controller should use.

          The patterns you will learn in this article are suitable for scenarios where the basic Kubernetes features are not enough. These patterns will help you when you can’t mount a ConfigMap from another namespace into a Pod, can’t reload the configuration without killing the Pod, and so on.

          As in the first article, for simplicity, I’ve used only Deployments in the example YAML files. However, the examples should work with other PodSpecables (anything that describes a PodSpec) such as DaemonSets and ReplicaSets. I have also omitted fields like image, imagePullPolicy, and others in the example Deployment YAML.

        • Join the Build Smart on Kubernetes Challenge

          As the growth of container deployment and microservices accelerates, Kubernetes continues to dominate the enterprise development space. Do you feel like you’re getting left behind and you need to build your skills to catch up? Or are you a leader of the pack, forging new paths for your team? In either case, we have the coding challenge for you. The Build Smart on Kubernetes Challenge helps you build and test applications, and deploy containers with simplicity and security that is built in. Compete against fellow developers and experts in this progressive workshop that consists of three, quick-coding, 15-minute exercises, each exploring a different aspect of the skills or technology needed for cloud-native development. You have the opportunity to earn the Build Smart on Kubernetes Badge to demonstrate your knowledge. Oh, and you can win some great prizes.

        • Community Platform Engineering is hiring [Ed: IBM shows you a picture of an Apple Mac and says it's hiring for Fedora! No wonder they lost volunteers and testers.]

          The Community Platform Engineering (CPE) group is the Red Hat team combining IT and release engineering from Fedora and CentOS. Our goal is to keep core servers and services running and maintained, build releases, and other strategic tasks that need more dedicated time than volunteers can give. See our docs for more information.

        • Hybrid work model: Qualcomm IT, HR execs share 6 priorities for leaders

          Traditionally, the workplace has been where employees have developed a sense of belonging. In addition to getting lots of work done, it’s where we’d connect with others while walking to a meeting, share hopes and hardships over a cup of coffee, and set and achieve career goals and aspirations. As we all know, COVID-19 has forever changed that.

          We’re now in a unique position to reimagine work through new technologies and by reframing the employee experience to imagine something even better than before. At Qualcomm, human resources and IT have partnered to spearhead the future of work. This partnership has provided us with a unique, well-rounded perspective on how we work with our employees, what we need to support them, and has helped us envision what the dynamics of hybrid work will look like in the years ahead.

        • 2nd Annual Open Mainframe Summit: Call For Proposals Now Open
        • Developer Sandbox For Red Hat OpenShift Launched
        • RHEL, RHEL, RHEL, fancy that: Rocky Linux would-be CentOS replacement hits RC1 milestone • The Register

          The Rocky Linux project, kicked off by original CentOS founder Gregory Kurtzer, has released RC1 of its distribution, which aims to be 100 per cent compatible with Red Hat Enterprise Linux.

          Rocky Linux was founded almost at the same moment when Red Hat, along with the CentOS board, stated last December that it was shifting its investment from CentOS Linux to CentOS Stream.

      • Debian Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • How I recognize and prevent burnout in open source

        I’ve attended many open source conferences over the years, and I usually find at least one session that discusses burnout, stress, or work-life balance. I’ve found many of these sessions helpful—not just personally, but I’ve also learned some important lessons for managing open source communities.

        Some of these sessions included heartbreaking stories about individuals who had experienced trauma and severe health issues—both mental and physical—due to stress and burnout. These stories not only made me sad, but they also made me angry that people have had to suffer on their own. Are people in open source doing a poor job of taking care of themselves?

      • Productivity Software/LibreOffice/Calligra

        • 3D Objects: Making a Globe with LibreOffice

          In the dialog box that appears, click on “Bitmap” and then on “Add/Import”. Select the downloaded map, and enter a name for it, that you will use in your collection of bitmaps. The image should be applied to the sphere. If not, select the map from the collection.

          Then, in the “Options” part of the dialog box, select the item “Stretched” from the drop-down list “Style”. Click OK. Your globe is finished!

        • Bibliography improvements in LibreOffice Writer: refer to a specific page

          The bibliography feature in Writer allows authors of e.g. scientific papers to track sources: first you can insert bibliography entry fields, then at the end you can generate a bibliography table automatically.

          Writer recently gained two improvements in this area, and now there is one more: the ability to refer to a specific page of a (potentially long) source.

          First, thanks TUBITAK ULAKBIM who made this work by Collabora possible.

      • FSFE

        • Router Freedom: Greece one step forward – Germany one backward

          EU member states are updating their legislation and implementing rules on Router Freedom. Greece and Germany have taken the first steps. But while Greece has focused on interests of end-users, Germany has moved in the opposite direction. The next months are crucial for Router Freedom in Europe and local participation is paramount.

          Telecommunications law in the EU is passing through complex legislative reforms, involving, among others, supra-national institutions like BEREC, member states’ parliaments and national regulatory agencies (NRAs). Since December 2020, EU member states have started legislative processes to implement the European Electronic Communications Code, or EECC (Directive (EU) 2018/1972), a key component of the reform, which sets new standards for Router Freedom.

          Greece and Germany were the first EU countries to incorporate the EECC into national legislation. Now, the national regulatory bodies of both countries will have to decide on rules that will impact the status of Router Freedom in their jurisdictions. The FSFE has been following closely the new developments and took part in consultative processes. In addition, we have prepared an activity package to help local communities engaging with their national regulatory bodies.

      • FSF

        • FSF Reveals How Stallman Was Re-elected and What Lies Ahead

          No matter what you believe and whether you support RMS (or against the decision of his re-election), it has been a rollercoaster ride in the open-source community.

          An official statement by the FSF on the election of Richard Stallman did not seem to make a difference for folks who were against the decision in the first place. The statement instead focused on affirming that RMS is not going anywhere, and that they needed him, which probably made things worse.

          However, now with an updated FAQ page, it looks like the FSF is finally clearing up the air behind their decision to re-elect Richard Stallman and how recent internal changes will affect the future of the FSF.

        • GNU Projects

          • GNU Zile 2.6.2 Is Released

            Zile is a very minimal Emacs clone that is described in the brief manual page as “Zile Is Lossy Emacs”. Zile developer Reuben Thomas is “happy to announce a shiny new 2.6.2 release of GNU Zile” is exactly one bug-fix. And that’s it.

            [...]

            Zile is, of course, not a complete Emacs clone, it is a minimal one. There are no web browser, calculator, calendar or games included. We leave it up to you to pounder why Emacs has those features and how essential they really are to a text editor.

            The lack of games and other text editor features makes Zile a small ./configure && make compile that produces a decently small 372K binary. You will need the libgee GObject collection library and, for some reason, help2man. You can strip –strip-unneeded zile the binary down to 308K if you want to.

            A really brief test of Zile 2.6.2 reveals that it has some minor issues with modern luxuries like Unicode.

      • Programming/Development

        • Qt Contributors’ Summit 2021

          The Qt Contributor’s Summit 2021 is an online event open to anyone who has contributed to the Qt project. Contributions include code, helping users on the forum or mailing lists, maintaining the wiki, and any other activity that helps move the Qt project forward. The event happens shortly after the Qt 6.2 feature freeze, and we are looking forward to discuss and collaborate on our common vision for the project.

          [...]

          Participation will as always be free of charge, but you do need to register yourself through the KDE and Akademy 2021 registration process.

        • Qt Creator 4.15 released

          We added a locator filter for opening files from anywhere on your disk. This locator filter was already available on macOS using Spotlight. Now it also is available on Linux and Windows, and can be configured to use any external command line tool that returns a list of files. The default setting is using “locate” on Linux and “everything” on Windows.

          Sometimes it is difficult to configure the environment variables that are set when Qt Creator is run, which in turn affects external tools run from Qt Creator. We added a global option for this in Tools > Options > Environment > System > Environment. This adapts the system environment which is then further modified by the kit environment, the build environment, and the run environment.

        • Qt Creator 4.15 Released For This Qt/C++ IDE

          Qt Creator 4.15 isn’t the most exciting feature release but does have some minor improvements in tow. Qt Creator 4.15 adds a locator filter, a user interface for setting environment variables that should be set automatically when running this IDE, a wide variety of C++ support improvements, continued improvements to its Language Server Protocol (LSP), debugging enhancements, and also a option for running applications as root from Qt Creator.

        • GCC, GNU Toolchain Finally Working To Establish CI/CD For Better Reliability – Phoronix

          For a project as large and complex as the GNU Compiler Collection (GCC) one would reasonably have assumed that it would have setup continuous integration / continuous delivery support years ago for helping to ensure the reliability of this widely-used open-source compiler and the GNU Toolchain at large. But that’s actually only happening now in 2021.

          Thanks to Red Hat engineers working on it, the GNU toolchain is working towards CI/CD support for helping to ensure the quality of the toolchain and hopefully catching any regressions immediately compared to the status quo.

        • Jussi Pakkanen: Is the space increase caused by static linking a problem?

          Most recent programming languages want to link all of their dependencies statically rather than using shared libraries. This has many implications, but for now we’ll only focus on one: executable size. It is generally accepted that executables created in this way are bigger than when static linking. The question is how much and whether it even mattesr. Proponents of static linking say the increase is irrelevant given current computers and gigabit networks. Opponents are of the, well, opposite opinion. Unfortunately there is very little real world measurements around for this.

          Instead of arguing about hypotheticals, let’s try to find some actual facts. Can we find a case where, within the last year or so, a major proponent of static linking has voluntarily switched to shared linking due to issues such as bandwidth savings. If such a case can be found, then it would indicate that, yes, the binary size increase caused by static linking is a real issue.

        • 7 Reasons to Use Git for Your Solo Projects

          Recently I had a conversation with someone who was shocked to learn I use Gitit for everything. “What? Even projects where you’re working alone? Why on earth would you do something like that?!” As alarmed as they were that I use Git for solo projects, I was just as surprised to hear that they didn’t and suddenly found myself feeling very self-conscious and questioning my choices. Is it weird to use version control for solo projects? And why do it at all? Some introspection and asking around on Twitter revealed the answers I was looking for: Not only is it not weird, there are lots of great reasons to use version control for your solo projects.

        • Rust

          • Running Rust on Android

            For one of my current clients, we decided to use Rust as our main programming language. There were several reasons behind this decision; apart from the technical merits, there’s also the undisputable fact that Rust is still a relatively new language, fancy and hip – and when you’re a startup, using any technology that came out in the previous decade is just setting yourself up to fail. I mean, it’s logical – how can you innovate without using innovative tech? The fastest way to success is aboard the hype train.

            As one of the product’s selling point was supposed to be “you own your data”, it couldn’t be a purely browser-accessible service, but rather something we’d distribute to the users to run on their own devices. We already had some headless instances running internally, and with a trivial amount of work, were able to make redistributable packages for Windows and Linux. But we knew that being desktop-only would be a serious blocker against adoption – if we wanted this to take off, we’d need mobile versions of the app. This meant we had to figure out how to get our stuff running on Android and, later, on iOS. Seeing how I already had some experience with cross-compiling and build automation, I volunteered to delve into the topic.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • New Relic Joins CNCF Governing Board
              • Linux Foundation launches open source agriculture infrastructure project

                The Linux Foundation has lifted the lid on a new open source digital infrastructure project aimed at the agriculture industry. The AgStack Foundation, as the new project will be known, is designed to foster collaboration among all key stakeholders in the global agriculture space, spanning private business, governments, and academia.

              • Linux Foundation Launches Open Source Digital Infrastructure Project for Agriculture, Enables Global Collaboration Among Industry, Government and Academia [Ed: Will Monsanto et al. (Bayer) be next to buy a seat in the ‘Linux’ Foundation Board (where almost nobody even uses Linux)? Linux Foundation’s role is killing the Linux brand in exchange for money.]
              • Linux Foundation Launches Open Source Digital Infrastructure Project for Agriculture, Enables Global Collaboration Among Industry, Government and Academia [Ed: Linux Foundation milking and turning the "Linux" brand into a generic laughing stock that's beyond meaningless]

                The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the launch of the AgStack Foundation, the open source digital infrastructure project for the world’s agriculture ecosystem. AgStack Foundation will improve global agriculture efficiency through the creation, maintenance and enhancement of free, reusable, open and specialized digital infrastructure for data and applications.

                Founding members and contributors include leaders from both the technology and agriculture industries, as well as across sectors and geographies. Members and partners include Agralogics, Call for Code, Centricity Global, Digital Green, Farm Foundation, farmOS, HPE, IBM, Mixing Bowl & Better Food Ventures, NIAB, OpenTeam, Our Sci, Produce Marketing Association, Purdue University / OATS & Agricultural Informatics Lab, the University of California Agriculture and Natural Resources (UC-ANR) and University of California Santa Barbara SmartFarm Project.

              • Linux Foundation Launches AgStack For Agriculture
              • Open Mainframe Project Launches Call for Proposals for the 2nd Annual Open Mainframe Summit on September 22-23

                The Open Mainframe Project (OMP), an open source initiative that enables collaboration across the mainframe community to develop shared tool sets and resources, today announced plans for its 2nd annual Open Mainframe Summit, the premier mainframe event of 2021. The event, set for September 22-23, is open to students, developers, users and contributors of Open Mainframe projects from around the globe looking to learn, network and collaborate. As a virtual event again this year, Open Mainframe Summit will feature content tracks that tackle both business and technical strategies for enterprise development and deployment.

                In Open Mainframe Project’s inaugural event last year, more than 380 registrants from 175 companies joined the two-day conference that featured 36 sessions. Some of the most popular sessions were the Women in Tech panel, COBOL sessions, new mainframer journey and project overview sessions for Ambitus, Feilong, Polycephaly, and Zowe. The event report can be found here and all of the videos can be watched here.

        • Security

          • Security updates for Wednesday

            Security updates have been issued by Debian (cgal, exim4, and mediawiki), Fedora (axel, libmicrohttpd, libtpms, perl-Image-ExifTool, pngcheck, python-yara, and yara), Gentoo (exim), Mageia (kernel-linus), openSUSE (bind and postsrsd), SUSE (avahi, openexr, p7zip, python-Pygments, python36, samba, sca-patterns-sle11, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server).

          • Drop telnet for OpenSSL | Opensource.com

            Due to telnet’s lack of encryption, it has largely been replaced by OpenSSL for this job. Yet telnet’s relevance persisted (and persists in some cases even today) as a sort of intelligent ping. While the ping command is a great way to probe a host for responsiveness, that’s all it can do. Telnet, on the other hand, not only confirms an active port, but it can also interact with a service on that port. Even so, because most modern network services are encrypted, telnet can be far less useful depending on what you’re trying to achieve.

          • 2FA and Recycled Phone Numbers Are a Security Risk [Ed: 2FA is oftentimes just overhyped junk, as many security experts have long warned]

            Two-factor authorization is supposed to lead to increased security. That extra step is supposed to prevent spammers from breaking into your account. By just learning one access point, they are still required to take an extra step that they most likely do not know.

          • 21Nails: Multiple Critical Vulnerabilities Discovered in Exim Mail Server – Patch Now!

            Qualys submitted this information to our team yesterday to share with the LinuxSecurity community and offer advice on how to secure Linux systems against this dangerous set of bugs. Patches are now available for the 21Nails vulnerabilities, and security teams should apply these updates as soon as possible prevent dangerous remote code exectuion (RCE) and privilege escalation exploits. Bharat Jogi, Senior manager of Vulnerability and Threat Research at Qualys, explained to LinuxSecurity researchers, “Exim Mail Servers are used so widely and handle such a large volume of the internet’s traffic that they are often a key target for hackers. The 21 vulnerabilities we found are critical as attackers can remotely exploit them to gain complete root privileges on an Exim system – allowing compromises such as a remote attacker gaining full root privileges on the target server and executing commands to install programs, modify data, create new accounts, and change sensitive settings on the mail servers. It’s imperative that users apply patches immediately.”

    • Monopolies

      • Copyrights

        • What Google v. Oracle means for open source

          Google v. Oracle has finally concluded in a sweeping 6-2 decision by the US Supreme Court favoring Google and adding further clarity on the freedom to use application programming interfaces (APIs). Software developers can benefit from this decision.

          The open source community has closely followed the litigation between Google and Oracle due to its potential impact on the reuse of APIs. It has been assumed for many decades that APIs are not protected by copyright and are free to use by anyone to both create new and improved software modules and to integrate with existing modules that use such interfaces.

Links 5/5/2021: Windows Security Breaches and GNU Pokology Launched

Posted in News Roundup at 3:51 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • HP EliteDesk 800 G2 Mini Desktop PC – Multiple Operating Systems – Week 5

        This is a weekly blog looking at the HP EliteDesk 800 G2 Mini Desktop PC running Linux.

        This week’s blog looks at some of the ways you can run programs from different operating systems on the HP EliteDesk 800 G2 Mini Desktop PC. We examine hardware virtualization, dual booting, as well as using a compatibility layer.

        This machine was made available by Bargain Hardware. Bargain Hardware retails refurbished servers, workstations, PCs, and laptops to consumers and businesses worldwide. All systems are completely customisable on their website along with a vast offering of clean-pulled, tested components and enterprise replacement parts. They supply machines with a choice of Linux distros: Ubuntu, Debian, and Fedora.

        Our HP EliteDesk has an Intel i5-6500T processor with 4 cores. It uses the Intel Skylake chipset, comes with 16GB of DDR4 RAM and a 256GB Samsung M.2 PCIe NVMe SSD.

      • Go full Retro with this custom Linux terminal for your Chromebook

        I love to tinker. I spend a good portion of my week fiddling around with the Linux container on Chrome OS just to see what I can or can’t do with Crostini. While I’m no Linux guru, I have become fairly handy at navigating the terminal app and living in the “command line.” The Linux terminal on Chrome OS has undergone some upgrades over the past year that have given users some customization options and that’s great but sometimes, you just want to take a step back in time and reminisce a little bit.

        You can find a wide variety of terminals and terminal emulators that can be installed in the Debian 10 container that runs on Chrome OS but today, I stumbled upon one in particular that really took me back. If you got your start in computing on dinosaurs like an Apple II or a DOS PC, you’re probably familiar with the old-school cathode tube displays. Just one look at this antiquated screen drums up enough nostalgia to take me all the way back to grade school and I love it. Cool Retro Terminal is an emulator that gives you that very experience right on your Chromebook.

    • Server

      • In Search of Multi-Modal Data Integration – IT Jungle

        Much of what the company does starts with CDC. It developed its own CDC technology to capture binary data from relational databases, which enables it to get the freshest possible data out of the database. It supports Db2 for i and Db2 for Linux, Unix, and Windows (LUW), in addition to other popular databases, like Oracle, SQL Server, MySQL, and Postgres.

      • Ubuntu Blog: Security and automation in Fintech infrastructure

        A private cloud is an integral part of a hybrid multi-cloud strategy for financial services organisations. It enables financial institutions to derive competitive advantage from agile implementations without incurring the security and business risks of a public cloud.

        Private clouds provide a more stable solution for financial institutions by dedicating exclusive hardware within financial firms’ own data centres. Private clouds also enable financial institutions to move from a traditional IT engagement model to a DevOps model and transform their IT groups from an infrastructure provider to a service provider (via a SaaS model).

      • Oracle Enterprise Manager for Oracle Private Cloud at Customer: Self Service Administrator Tasks made easy with short training videos

        Oracle Private Cloud at Customer is a subscription service that provides local Infrastructure as a Service to customers. It is based on an on-premises installation of the Oracle Private Cloud Appliance, which Oracle maintains and monitors.

        In this week’s Training Tuesday blog, we present a set of free, short training videos that demonstrate the self-service administrator tasks for Oracle Private Cloud at Customer within Oracle Enterprise Manager. The administrator tasks center on supporting the entire lifecycle of a self-service environment including actions such as infrastructure and database-as-a-service setup, managing software libraries, changing admin roles, creating services, providing self-service portal access, resource scaling, and finally service termination and resource clean-up.

        This series of videos provides demonstrations of a number of configuration tasks to enable rapid and managed deployment of servers in a virtualized environment. You learn how to create, deploy, configure, administer, and monitor your virtual machines with Oracle Enterprise Manager Cloud Control.

      • New Relic open sources Pixie, its Kubernetes-native in-cluster observability platform

        The good news is that cloud computing, Kubernetes, and cloud-native computing have combined to make software development faster and more powerful than ever. The bad news is that keeping an eye on all that is harder than ever. That’s why New Relic’s contribution of Pixie, its Kubernetes-native in-cluster observability platform, as a new open-source project to the Cloud Native Computing Foundation (CNCF) under the Apache 2.0 license is good news.

    • Audiocasts/Shows

      • My new OBS Recording PC! Thoughts on components and overall Build

        I felt it was time to build a new recording PC, my existing one had some rough edges that were causing delays in recording. In this video, I talk about the components I chose and some overall thoughts on the build. My choice of operating system might surprise you.

      • Easily Customize DWM With Flexipatch

        Dwm-flexipatch has a different take on dwm patching. You edit a patches file that lists all available dwm patches. You enable the patches that you need and disable the patches that you don’t need. Then “sudo make install” and you have patched dwm that doesn’t require git merges or manually patching.

      • You’ve Got Mail | LINUX Unplugged 404

        It’s episode III, Return of the Email. Everyone says never host your own email, so we’re doin it.

        We just have one last job to complete.

      • Trackma Is The Best Way To Track My Anime

        It’s no secret that I’m a big weeb so I need some way to track my anime and my favourite service is Kitsu but there aren’t that many clients out ther for Linux but recently someone told me about Trackma and I haven’t looked back ever since.

      • mintCast 360 – Uno Reverse Card

        First up, in our Wanderings, I fly like an eagle, Joe goes to Florida, Moss is attacked by the trees, Mike wings it.

        Then, in the News, a Linux Mint update, Ubuntu too! Wenty-1.04, everyone’s favorite: NFTs, and more.

        In Security, meet the new hacking tools, same as the old hacking tools, a reverse Uno card, QNAP, and the University of Minnesota.

    • Kernel Space

      • Linux kernel vulnerability discovered, fixed. Ghostwriter tied to UNC1151. Online ordering platforms breached.

        Researchers at Cisco Talos have discovered an information disclosure vulnerability (CVE-2020-28588) in the Linux kernel. An update is now available that fixes the issue. According to Shachar Menashe, VP Security, Vdoo, a specialist in product security, the vulnerability looks like an easy one to exploit:

        “This newly discovered vulnerability indeed looks very actionable and easy to exploit under the right technical conditions, so we recommend affected vendors to update their kernel or apply the patch. These kinds of vulnerabilities are almost exclusively used as part of a local privilege escalation attack chain to circumvent the Linux kernel randomization (KASLR) mitigation.

      • Turbostat For Linux 5.13 Brings AMD Zen Fix, New Intel CPU Support – Phoronix

        The Turbostat utility that lives within the Linux kernel source tree for reporting on CPU topology and various power/frequency metrics has some useful additions pending for the Linux 5.13 kernel.

        With Turbostat’s development being led by Intel and their significant engineering resources, it’s no surprise they are always punctual in their new enablement support. With Linux 5.13 the Turbostat tool adds support for Alder Lake mobile processors as well as Ice Lake D. There are also fixes/tweaks to existing CPU support.

      • Graphics Stack

        • Mesa Fixes Up The Recent L3 Cache Pinning Rework – Phoronix

          Going on for a few years now has been some Mesa optimizations for AMD Ryzen CPUs and in particular L3 cache optimizations. There is now a fix to re-enable this support after it was mistakenly broken earlier this year.

          Back in March and back-ported to stable with Mesa 21.0.2 was an effort to improve the AMD L3 cache calculation code. This was due to the prior code breaking on dual socket AMD EPYC systems checked, but it turns out that fix was broken itself.

    • Instructionals/Technical

      • How to Sign Users In with IndieAuth

        What You’ll Need

        You’ll need a few tools and libraries to sign users in with IndieAuth.

        An HTTP client.

        A URL parsing library.

        A hashing library that supports SHA256.

        A library to find <link> tags in HTML.

        The ability to show an HTML form to the user.

      • Booting helios4 or ClearFog from SPI – Dennis Gilmore

        Helios4 is a NAS device made by Kobol Innovations, it is a mvebu device and based on the same SoM(System on Module) from SolidRun as is used in their ClearFog devices. While some of the early ClearFog devices do not have SPI flash all recent ones and all Helios4 devices have an onboard SPI flash that can be used to boot from.

        Recently Fedora added SPI and UART u-boot images for the Kobol helios4 and SolidRun ClearFog. Getting your device to boot from SPI is fairly straightforward. There are two things that you need to do, put u-boot on the SPI flash and set the jumpers so the system will boot from SPI.

        [...]

        All the examples are using the helios4, the process works for all supported devices currently: ClearFog, helios4, and turris_omnia, for the ClearFog both the Base and Pro versions work. Please note that some early versions of the ClearFog did not have a SPI flash on the SOM and if you have one of those you will get an error trying to initialise the SPI flash as it does not exist, in that case, you have to boot from a sdcard.

      • Santiago Zarate: How to edit stuff that you’ve already commited to git? (And squash as a bonus)
      • using qemu-user emulation to reverse engineer binaries – Ariadne’s Space

        QEMU is primarily known as the software which provides full system emulation under Linux’s KVM. Also, it can be used without KVM to do full emulation of machines from the hardware level up. Finally, there is qemu-user, which allows for emulation of individual programs. That’s what this blog post is about.

        The main use case for qemu-user is actually not reverse-engineering, but simply running programs for one CPU architecture on another. For example, Alpine developers leverage qemu-user when they use dabuild(1) to cross-compile Alpine packages for other architectures: qemu-user is used to run the configure scripts, test suites and so on. For those purposes, qemu-user works quite well: we are even considering using it to build the entire riscv64 architecture in the 3.15 release.

        However, most people don’t realize that you can run a qemu-user emulator which targets the same architecture as the host. After all, that would be a little weird, right? Most also don’t know that you can control the emulator using gdb, which is possible and allows you to debug binaries which detect if they are being debugged.

      • How to Install and Setup Apache Spark on Ubuntu/Debian

        Apache Spark is an open-source distributed computational framework that is created to provide faster computational results. It is an in-memory computational engine, meaning the data will be processed in memory.

        Spark supports various APIs for streaming, graph processing, SQL, MLLib. It also supports Java, Python, Scala, and R as the preferred languages. Spark is mostly installed in Hadoop clusters but you can also install and configure spark in standalone mode.

        In this article, we will be seeing how to install Apache Spark in Debian and Ubuntu-based distributions.

      • How to Export and Import VirtualBox Virtual Machines

        Exporting and Importing feature is available in all the virtualization software you use. This feature will be very useful when you want to copy and launch a configured VM from one machine to another machine.

        This feature is very useful for me, as I have a lot of virtual machines running on VirtualBox for testing and writing articles, and for VM level protection I can take snapshots and protect my VM.

        But if my Host machine crashes then I have to configure all the VM from scratch. It is a tedious task for me. So once I fully configure any VM I export it and save a copy in my external disk so when I lose the image I can import the image into VirtualBox.

      • Adapting and localizing Tryton and other free, open source accounting software for your country

        I previously wrote a comparison of free, open source accounting software. Most of these applications only come with a generic Chart of Accounts and no support for tax reporting. This makes them suitable for personal finances and small volunteer groups. For many freelance workers, consultants and small businesses, it is now essential to have some basic tax reporting.

        Tryton is one of the few packages that is now addressing these needs. The Tryton modules directory includes five official localizations with a business-ready chart of accounts and tax codes. A discussion in the forum reveals more countries coming soon.

        I had a look at how to add more, starting with Switzerland and I’m sharing my observations here for anybody else who wants to try this. The procedure described here is valid for any accounting software but I give examples with Tryton.

      • How to install Teamspeak on a Chromebook

        Today we are looking at how to install Teamspeak on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • Uninstall or remove a package using the terminal on CentOS

        It is necessary to uninstall the extra software packages from the system because these packages take a lot of space and slow down the speed of your system. If specific software or related packages are not underused then it is the best way to remove or erase it from the system. To do so, It will also create a comfortable working environment. In this article, we will explore how to remove or uninstall packages from your system CentOS 8.0 using the terminal.

      • Guide to upgrade Ubuntu 18.04 / 20.04 to Ubuntu 21.04 – LinuxTechLab

        Though you will not be getting the latest version of GNOME or gtk4, but you can expect them in future releases. Now let’s proceed on the steps involved to upgrade Ubuntu 18.04 / 20.04 to Ubuntu 21.04.

      • Run FossaPup 9.5 in a container in EasyOS

        Running EasyOS, you can now run FossaPup in a container. Click on the “sfsget” icon on the desktop, choose the “puppy/ubuntu/focal” radiobutton, click on the FossaPup entry to select it, then click the “Download” button.

      • How to install Flowblade Video Editor on Deepin 20.2

        In this video, we are looking at how to install Flowblade Video Editor on Deepin 20.2.

      • Josef Strzibny: Passing SSL configuration to Hackney

        If you depend on Erlang’s Hackney library or an Elixir HTTP library built on Hackney, changes are your SSL configuration is wrong.

      • Steve Kemp: Password store plugin: env

        Like many I use pass for storing usernames and passwords. This gives me easy access to credentials in a secure manner.

        I don’t like the way that the metadata (i.e. filenames) are public, but that aside it is a robust tool I’ve been using for several years.

        The last time I talked about pass was when I talked about showing the age of my credentials, via the integrated git support.

    • Games

      • Humble Choice for May is up now with Metro Exodus, Hellpoint, Fury Unleashed + more

        Ready to grab another bundle of interesting games? Humble Choice for May is up now with Metro Exodus being the big headliner game this month.

        Humble Choice (previously Humble Monthly) gives a selection of games for subscribers to claim and keep each month, with it usually having a few big games plus a few smaller across different priced tiers to claim different amounts.

        [...]

        Not a big selection for Linux native titles but looks like a nicely varied selection overall. Some of the others will likely work in some form with Steam Play Proton.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • Marcus Lundblad: Spring Maps

          Since it was a while since the release of GNOME 40, I thought it might be time again for a post.

          Since the 40.0 release there’s just been a bug fix release (40.1) where, among other things, a bug where toggling a place as a favorite and then “unfavoring” it again, made it impossible to select that place again until restarting Maps.

          And in master, leading towards 41 there’s also been some goings-on.

    • Distributions

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • KDE Plasma desktop updated to 5.21.5

          Use Plasma to surf the web; keep in touch with colleagues, friends and family; manage your files, enjoy music and videos; and get creative and productive at work. Do it all in a beautiful environment that adapts to your needs, and with the safety, privacy-protection and peace of mind that the best Free Open Source Software has to offer.

      • SUSE/OpenSUSE

        • Trying out Phosh shell on PinePhone and openSUSE Tumbleweed – FOSS adventures

          During my time with Phosh on PinePhone and openSUSE Tumbleweed, I have stumbled on a couple of issues that made clear that the experience still needed some polish. This is not a critic against the Phosh or the GNOME project. I don’t envy the developers that need to ensure that their app works across many form factors.

          However, I can see that the additional time that the KDE project has spend on polishing their experience has paid off. In this article, I will describe the issues that I encountered and how you can fix them. I like everyone to try out this GNOME based mobile experience. It’s awesome to see FOSS beyond the PC / Laptop.

      • Canonical/Ubuntu Family

        • Linux Mint’s Warpinator app ported to Android (transfer files on a local network)

          Warpinator is a free and open source application designed to make it easy to transfer files between devices connected to the same network. Developed by the Linux Mint team and initially released as part of Linux Mint 20 last year, the application has since been made available as a FlatHub app for other Linux distributions.

          Now a third-party developer has created an unofficial Warpinator app for Android, allowing you to quickly and easily transfer files between Android and Linux phones, tablets, PCs, and other devices.

    • Devices/Embedded

      • Imago “VisionAI” Smart AI Camera supports Tensorflow Lite & AutoML Vision Edge – CNX Software

        The VisionAI camera runs a Debian-based Linux OS, and is programmable to meet the application needs through a Linux SDK with a VisionBox Interface C++ Library, an FG camera library, and support for TensorFlow Lite or AutoML Vision Edge. Imago also provides example programs and a video training course. The Linux distribution is most like the same Debian-based Mendel Linux distribution developed by Google for Coral boards and also supporting TensorFlow Lite and AutoML Vision Edge.

      • [Old] Install Jitsi Meet on Raspberry Pi

        This step by step tutorial explains how to install and configure the free and open source video conference software Jitsi Meet on Raspberry Pi with 64-bit Ubuntu Server 20.04. Although the Jitsi Meet installation is simple, the network configuration is not.

        This tutorial is only for 64-bit Raspberry Pi models and versions, for example Raspberry Pi 4 or 3. It is recommended to use Raspberry Pi 4 with 4GB or more. Please note that Raspberry Pi 0, 2 and other older versions are 32-bit and this tutorial is NOT suitable for them.

      • Five takes on Raspberry Pi 400
      • Open Hardware/Modding

        • AutoStrummer is a DIY device that strums your guitar for you | Arduino Blog

          When playing the guitar, working the fretboard is only half of the equation. The other half is plucking or strumming the strings. But some people, particularly those with disabilities, may find it difficult to do both. To help with the strumming part of the equation, Jacob Stambaugh designed this DIY AutoStrummer device.

          Stambaugh’s AutoStrummer fits into the sound hole of an acoustic guitar, so that it sits over the strings. A guitar pick, attached to an arm actuated by a stepper motor, swings back and forth to strum the desired strings. An Arduino board controls the movement of the stepper motor through a DRV8825 stepper motor driver chip.

    • Free, Libre, and Open Source Software

      • Veteran Linux developer releases research on FOSS foundations

        Veteran Debian developer Martin Michlmayr has released two reports on foundations that support free and open source software, a primer that covers non-technical aspects and a research report that looks at the challenges that such foundations face.

        Asked why he had decided to carry out research on this topic, Michlmayr, a former leader of the Debian GNU/Linux project told iTWire that since funding was available, he thought it would be interesting to look at the role that such foundations played in bolstering open source projects.

        “The background is that the Ford Foundation and Sloan Foundation were funding research projects related to the sustainability of what they call ‘critical digital infrastructure’ (i.e. a lot of the Internet and other technologies rely on open source and it’s not clear who maintains it and ensures that it will stay around),” he said.

      • Web Browsers

        • Mozilla

          • Implementing Private Fields For JavaScript

            When implementing a language feature for JavaScript, an implementer must make decisions about how the language in the specification maps to the implementation. Sometimes this is fairly simple, where the specification and implementation can share much of the same terminology and algorithms. Other times, pressures in the implementation make it more challenging, requiring or pressuring the implementation strategy diverge to diverge from the language specification.

            Private fields is an example of where the specification language and implementation reality diverge, at least in SpiderMonkey– the JavaScript engine which powers Firefox. To understand more, I’ll explain what private fields are, a couple of models for thinking about them, and explain why our implementation diverges from the specification language.

      • Productivity Software/LibreOffice/Calligra

        • Annual Report: LibreOffice Conference 2020

          Normally the conference takes place at a different venue each year, to reflect the international and diverse LibreOffice community. For instance, in 2019 we were in Almeria; in 2018 in Tirana; and in 2017 in Rome. Due to the ongoing coronavirus pandemic, though, we decided to move the conference online in 2020. This wasn’t an easy decision, as face-to-face meetups are important for free and open source software projects, but we focused on making it work.

          We did so with the help of openSUSE, a GNU/Linux distribution project, which also has yearly conferences. There’s a lot of overlap between the openSUSE and LibreOffice projects – both produce free software for end users, and many people are active in both communities – so we decided to join forces and bring as many people together as possible.

          The conference took place from 15 – 17 October, with sessions usually running from 10:00 to 21:00 (UTC). We created multiple Jitsi “rooms” for the various talks and presentations, along with extra rooms for social interaction and general chit-chat.

      • CMS

        • 10 Best Automated Backup Plugins for WordPress in 2021

          As an online business owner and/or site administrator it is important that you are always ahead of probable data damage by having a data contingency plan. On WordPress, this process has been simplified for all levels of users in the form of backup plugins that can enable you to automate full or partial backups which you can easily restore from later on.

        • The Month in WordPress: April 2021

          That was Josepha Haden Chomphosy on the “Your Opinion is Our Opportunity” episode of the WP Briefing Podcast, speaking about the importance of co-development and testing for the continued growth and maintenance of WordPress. This month’s updates align closely with these ideas. Read on and see for yourself.

        • 6 Best WordPress Malware and Vulnerability Scanners

          To keep yourself and your site safe from all such happenings, you must regularly scan your WordPress site for malware and follow other sanitization practices. Preventing the occurrence of such issues will keep you away from unwanted problems and long-term damage to your WordPress site.

      • FSF

        • GNU Projects

          • April GNU Spotlight with Mike Gerwitz: 16 new GNU releases!

            16 new GNU releases in the last month (as of May 01, 2021):
            dico-2.11
            gcc-11.1.0
            gcide-0.53
            gdb-10.2
            gnunet-0.14.1
            gnupg-2.3.1
            guile-3.0.6
            less-581
            libmicrohttpd-0.9.73
            libredwg-0.12.4
            linux-libre-5.12
            mtools-4.0.27
            nano-5.7
            parallel-20210422
            poke-1.2
            rush-2.1.90

          • Pokology: a community-driven website about GNU poke

            We are happy to announce the availability of a new website, https://pokology.org.

            Pokology is a community-driven live repository of knowledge relative to GNU poke, maintained by the poke developers, users and friends.

      • Programming/Development

        • Enrique Ocaña González: GStreamer WebKit debugging by instrumenting source code (2/3)

          In this post I show some more useful debugging tricks.

        • Junichi Uekawa: Wrote a pomodoro timer in elisp.

          Wrote a pomodoro timer in elisp. Why? Because I try to keep my workflow simple, and to keep the simplicity I sometimes need to re-implement stuff. No this is a lame excuse. I have been living in emacs for the past week and felt like it. However writing elisp has been challenging, maybe because I haven’t done it for a while. I noticed there’s lexical-binding, but I didn’t quite get it, my lambda isn’t getting the function parameter in scope.

        • Python

          • K-Means Clustering

            K-Means clustering is an unsupervised machine learning algorithm. If we compare the K-Means unsupervised clustering algorithm with the supervised algorithm, it is not required to train the model with the labeled data. K-Means algorithm is used to classify or group different objects based on their attributes or features into a K number of groups. Here, K is an integer number. The K-Means calculates the distance (using the distance formula) and then finds the minimum distance between the data points and the centroid cluster to classify the data.

            Let’s understand the K-Means using the small example using the 4 objects, and each object has 2 attributes.

  • Leftovers

    • The Broken Bell

      I like, winter nights, to find in a heat lamp That beats and fumes, old memories Rising in the banging Of church bells through snow spray.

      Blessed be the bell of liberty That, ancient, keeps trying to ring, Tossing out his faithful cry Like an old soldier in his bunker

    • A Farewell to “Great Men”

      Apparently, Mike Spies, senior writer for the anti-gun online journal, The Trace, was trying to show LaPierre what it’s like to be taken down by a boom-gun. Spies, the bush sniper, hits point-blank, right between LaPierre’s running lights. Like the elephant in the piece, who wasn’t looking for trouble, LaPierre goes down in a heap. BOOM: By Spies account, the head of the NRA is an incompetent boob, a fumble-thumbs with guns, who misses the kill spot repeatedly at close range; even the old bull seems to look up with one dying eye in wonder. BOOM: Good heavens! the comfortably middle class New Yorker seems to opine, you drove  your organization into bankruptcy!  Of course, had LaPierre not missed his mark (or had he discovered he was being secretly filmed and executed the cameraman on the spot), we never would have seen the snuff film or read the hit piece.

      You come away feeling that New Yorker, using Spies Trace blog entry wholesale for the piece, has an agenda: Gun control pressure is in the air; Biden’s feeling it like a prostate problem.  Guns on the loose in America now number in excess of 400,000,000, so that concern is understandable. But the piece got me thinking. Recently, I finished watching the three-part, six-hour PBS mini-series Hemingway, a Ken Burns and Lynn Novick production.  And I’ll tell you, suddenly I felt like Joan Baez in that old song “Diamonds and Rust” where she answers the phone and she’ll be damned, there comes that voice of Dylan again from “a couple of light years ago.”  (For the record, it didn;t seem to faze Dylan; he hooked up with his old lover shortly thereafter for the Rolling Thunder Revue Tour — the ever-relevant Woody Guthrie number, “Deportee,” a highlight of their mike-sharing.) Except this time, it’s me not Baez, and I find myself considering Hemingway again for the first time in ‘a light year.’

    • A Solitary Trade

      The protagonist of Jhumpa Lahiri’s “Interpreter of Maladies,” the title story in her 1999 debut short story collection, is a multilingual tour guide named Mr. Kapasi who speaks, to varying degrees, English, French, Russian, Portuguese, Hindi, Bengali, Oriya, Gujarati, and Italian. One day, he drives a young Indian American couple and their children to visit a temple on the coast of the Bay of Bengal devoted to the Hindu sun god Surya. On the long drive there, he tells them about his other job as an interpreter in a doctor’s office. The wife, Mrs. Das, becomes fascinated by this, telling him she finds the idea of translating for sick and frightened patients “romantic.” Mr. Kapasi revels in this attention and starts seducing Mrs. Das with stories about “the young woman who had complained of a sensation of raindrops in her spine” and “the gentleman whose birthmark had begun to sprout hairs.” He is thrilled by the notion of a love affair with her, and his head spins with hope: It is a feeling “he used to experience long ago when, after months of translating with the aid of a dictionary, he would finally read a passage from a French novel, or an Italian sonnet, and understand the words, one after another, unencumbered.”

      That Lahiri would compare the sensation of falling in love to feeling at ease in a language should have signaled then that all was not well. The daughter of Bengali immigrants who settled in Rhode Island, Lahiri saw firsthand the way her parents’ accented English was held against them in America. Though she later achieved success as a writer in the language herself, winning the Pulitzer Prize for Interpreter of Maladies, the heavy burden that English imposed on her family remained a source of resentment. “For practically my whole life,” she would later write, “English has represented a consuming struggle, a wrenching conflict, a continuous sense of failure that is the source of almost all my anxiety. It has represented a culture that had to be mastered, interpreted…. English denotes a heavy, burdensome aspect of my past. I’m tired of it.” Yet Bengali, the primary language of her early childhood, created nearly as much uneasiness for her. Like many other heritage speakers, Lahiri is not entirely fluent in her first language. “I don’t know Bengali perfectly,” she has said. “I don’t know how to read it or even write it. As a result, I consider my mother tongue, paradoxically, a foreign language, too.”

    • A Cold Heaven

      Evelyn Waugh liked to tease Graham Greene by remarking that it was a good thing God exists, because otherwise Greene would be a Laurel without Hardy. It is a mark in Greene’s favor that he recounts the jibe in a tribute to Waugh written shortly after his friend’s death in 1966. Throughout his life, the fabulously successful Greene was ever ready to pull his own leg, such as when, in 1949, he entered a New Statesman competition by submitting three parodies of his own writing under pseudonyms. One of the entries was judged good enough to merit a guinea of the six-guinea prize. Greene then wrote a letter to the editor owning up to the prank and regretting that he had not won the contest outright, especially as the money would be tax-free—always an important consideration with Greene.

      It is not insignificant that Waugh’s squib does not work the other way round, even though Waugh was far more firmly, if not indeed fanatically, committed to his faith than Greene ever was; in the course of a private audience at the Vatican, Pope John XXIII is said to have interrupted a tirade by Waugh against the reformist spirit sweeping through the church by observing gently, “But Mr. Waugh, I too am a Catholic.” Ironically, while Greene was known universally, and to his irritation, as the world’s preeminent “Catholic novelist,” Waugh was what Greene wished to be accepted as: a novelist who happened to be a Catholic.

    • Heaven

      Apricots woolly by the hospital bed, a meal of light. The light falls on my mother’s hands. So much sunlight falls and does not get up but its hands pick up the dark and go on. Things are heavy because we try to carry them. My mother said, “in this lifetime, learn to be alone.” I cut my hair in the mirror, attempt poems about the breakfast table with cereal and figs. Good enough. I pour milk, falling through a shitty apartment, a brief depression. I fall in love, mirrored in satsumas, perfumes and midnight. Not enough. I turn the page but I’m still reading the novel my mother wrote me. The room with the view. The wide sargasso sea. A pair of hands tends me. Loneliness is an imaginary thing, but so is the entire country. You try. There are ceilings you hold up like heavens.

    • Movie Sequel
    • An America Neglected Coming from Behind

      Biden, in a contrast of behavior between him and his predecessor as stark as day and night, rapidly got the COVID-19 vaccine into the arms of Americans while proposing a series of programs from rescue to infrastructure-jobs to families totaling $6 trillion. He insisted in a 65-minute speech on the eve of his 100th day in office, “We can do this together.”

      But togetherness depends on cooperation from Senate Republicans. Their view of infrastructure, for example, harks back 50 years.

    • Health/Nutrition

      • As Rich Countries Hoard Vaccines, India and Other Developing Nations Face Uncontrolled Covid Spread

        “I think we haven’t seen the worst of it yet. It is beyond horror, what is happening… Yet, this is not yet the worst.”

      • Opinion | None of Us Are Safe From Covid-19 Until the Global Population Has Access to the Vaccine

        I and many other Mainers have relatives and friends in countries around the world, and we can’t disconnect from those people. But when it comes to this pandemic, we’re all connected—and not just by our common humanity. None of us are safe until we’ve reached a worldwide critical mass of vaccination.

      • About that Salk Institute paper on the “deadly” COVID-19 spike protein

        Those of us who routinely counter antivaccine disinformation on social media have noticed a new antivax trope popping up again and again and again. It’s the claim that the spike protein produced by the mRNA in the Pfizer/BioNTech and Moderna COVID-19 vaccines (and now the adenovirus-based AztraZeneca and Johnson & Johnson vaccines) is highly toxic in and of itself outside of its association with the coronavirus infection itself. The intent is obvious: To portray COVID-19 vaccines as more dangerous than the infection. This new narrative by antivaxxers has led to their pointing to cherry picked studies with exaggerated findings, such as a study purporting to show that spike protein might cause pulmonary hypertension in the future or fantastical claim based on no science that those vaccinated with these vaccines “shed” spike protein, which then, miasma-like, poisons surrounding people to make them sick and, if they are women, screw up their menstrual cycles and even cause miscarriages.

      • How India Has Creatively Turned Social Media Into a COVID-19 Helpline to Battle the Pandemic

        For many families, who have been left to their own devices, social media platforms like Twitter, Facebook and Instagram are now being used to search for hospital beds, oxygen cylinders and medications for loved ones. These platforms have become the “COVID-19 helplines” for most Indians. Ironically, instead of helping its citizens in their hour of need, the BJP-led government of Prime Minister Narendra Modi is busy trying “to control the narrative” on social media sites like Twitter by asking the company to take down tweets that are critical of its handling of the COVID-19 crisis.

        Even as the crisis continues to engulf the country, the government had distanced itself from any blame for allowing this surge in cases resulting from allowing religious congregations like Kumbh Mela and holding political rallies.

      • Democrats Bankrolled by Big Pharma Are Refusing to Back Covid Vaccine Patent Waiver

        The top Democratic recipients of Big Pharma cash in Congress are echoing industry talking points in opposition to a push to suspend key intellectual property protections.

      • Democrats Funded by Big Pharma Refuse to Back COVID Vaccine Patent Waiver
      • Forgetting Citizenship: Australia Suspends Flights from India

        Not happy with banning flights from India, the Morrison government promises to be savage in punishing returnees who find ways to circumvent the ban (for instance, by travelling via a third country).  Citizens who breach the travel ban can face up to five years’ imprisonment and fines up to AU$66,000.  “We have taken drastic action to keep Australians safe,” explained the Treasurer Josh Frydenberg.  The situation in India was “serious”; the decision had only been reached after considering the medical advice.

        According to a statement from Health Minister Greg Hunt, it was “critical the integrity of the Australian public health and quarantine systems is protected and the number of COVID-19 cases in quarantine is reduced to a manageable level.”

      • As Big Pharma Fights Off Patent Waiver, Pfizer Reports Hundreds of Millions in Profits From Covid Vaccine

        Of the 2.5 billion vaccine doses that Pfizer plans to produce this year, the company has pledged to send less than 2% of its doses to developing countries.

      • A Crisis of Undiagnosed Cancers Is Emerging in the Pandemic’s Second Year

        Teresa Ruvalcaba lay on a bed in the emergency room of Chicago’s Mount Sinai Hospital, her right breast swollen to nearly twice the size of her left, the skin so thick and dimpled that the doctor examining her would note that it resembled an orange peel.

        Ojalá que sólo sea una infección, she thought, as she struggled to catch her breath, not knowing she had a partially collapsed lung. I hope it’s just an infection.

      • Opinion | Covid-19 Vaccinations: A Shot in the Arm for Universal Healthcare?

        The national vaccination program has all the features of a single-payer health care system including no copays, no premiums, no insurance company blocking payment, and universal, affordable healthcare for all.

      • Medicaid Expansion Is a Better Deal Than Ever. But Republicans Still Won’t Do It.

        As a stage 4 cancer survivor, I know a thing or two about being sick. But if Republican legislators and governors refuse to take free federal money that pays for health care to their poorest constituents, it’s their ideology that is truly sick.

      • Sanders Op-Ed Pushes Medicare Expansions, Says Big Pharma Is “Ripping Off” Govt.
      • Local Indian executives rally to send badly needed medical equipment to COVID-ravaged country

        As a devastating second wave of COVID-19 infections began to hit India, Dr. Naresh Ramarajan knew what the country would need: portable oxygen concentrators.

        Ramarajan, an emergency room physician and health-tech entrepreneur in Cambridge, saw firsthand how the equipment — which increases the oxygen level in room air and feeds it to patients through tubes attached to their nostrils — saved lives during the second wave in Los Angeles, where he trained and has on occasion returned to help. The concentrators, which can be used at home, allow hospitals to free up beds for the sickest patients.

    • Integrity/Availability

      • Proprietary

        • NSW Labor takes a hit from Windows Avaddon ransomware

          The NSW branch of the Labor Party appears to have suffered a Windows ransomware attack, with the Avaddon strain having been used to attack the party’s network.

        • Alaska court system forced offline by cyberattack [iophk: Windows TCO]

          The Alaska Court System (ACS) was forced to temporarily disconnect its online servers this week due to a cyberattack that installed malware on their systems, disrupting virtual court hearings.

        • Unidentified cyberattackers force Alaska Court System to disconnect from internet [iophk: Windows TCO]

          A cyberattack has caused the Alaska Court System to disconnect most of its operations from the internet, an act expected to block electronic court filings, disrupt online payments and prevent hearings from taking place by videoconference for several days.

          The Courtview system used to look up court records has been taken offline, as has the court system’s website.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • University of Minnesota researchers issue apology letter to the Linux community [Ed: Older but overlooked at the time]

                The University of Minnesota (UMN) researchers – Kangjie Lu, the Assistant Professor, and Qiushi Wu, Aditya Pakki, the Ph.D. students – have on Saturday issued an open apology letter seeking to bury the hatchet with the Linux community for the things which had led to the events that took place a few days back.

                One of the lead Linux kernel developers and maintainers, Greg Kroah-Hartman put the ban-hammer on the UMN for intentionally putting forward buggy patches into the Linux kernel. The researchers from the UMN were conducting a study related to the security vulnerability of Open-source software, which in this case, is Linux. However, Greg K-H was very unhappy as the researchers seemed to proceed without really seeking permission before doing so, nor before running questionable patches on the Linux kernel even after the research paper was apparently completed.

        • Security

          • The Wages of Password Re-use: Your Money or Your Life – Krebs on Security
          • 21 vulnerabilities in Exim mail server leave web, cloud operations exposed

            Researchers Tuesday released a study that found 21 unique vulnerabilities in the Exim mail server, some of which can be chained together to obtain full remote unauthenticated code execution and gain root privileges.

            In a blog post, the Qualys Research Team said that these vulnerabilities affect numerous organizations because an estimated 60% of internet servers run on Exim. A Shodan search executed by the research found that nearly 4 million Exim servers are exposed to the internet.

            Security pros should also take note that Exim servers hosted in the cloud can be exploited, said Parag Bajaria, vice president of cloud and container security solutions at Qualys.

            “There are many exploits that an attacker can run in the cloud once they have gained root privileges on the VM hosting Exim server,” Bajaria said. “Depending on where the Exim server is located there’s a further possibility of lateral movement. And if the virtual machine that hosts an Exim server has IAM permissions attached to it, then those permissions can be further exploited for data exfiltration and IAM privilege escalation.”

          • Privacy/Surveillance

            • Signal Trolls Facebook by Showing How Data Is Collected for Targeted Advertising

              “You got this ad because you’re a newlywed pilates instructor and you’re cartoon crazy.”

            • Apple hires ex-Google AI scientist Samy Bengio who resigned after colleagues’ firings

              Bengio is expected to lead a new AI research unit at Apple under John Giannandrea, senior vice president of machine learning and AI strategy, two people familiar with the matter said. Giannandrea joined Apple in 2018 after spending about eight years at Google.

              Apple declined to comment on Bengio’s role. Bengio did not respond to a request for comment.

            • Algorithm Agility?

              I’m working on a zero-knowledge proof where there are two or more different public posts with different nonces, the same public key, and signatures. The private key is discarded after the nonces are signed and the posts are generated, and keypairs aren’t allowed to be re-used. In this particular case it’s really hard to imagine a scenario where I’d feel a need to switch algorithms.

    • Defence/Aggression

      • Epic New Documentary Series Exposes Brutality of European Colonialism Worldwide
      • Progressives in Congress Should Unite to Slash Biden’s Military Budget
      • The Right-Wing Outrage Cycle

        Support independent cartooning: join Sparky’s List—and don’t forget to visit TT’s Emporium of Fun, featuring the new book and plush Sparky!

      • Execs at Top Pentagon Contractors Raked in $276.5 Million Last Year, Analysis Finds

        “Congress and the administration should take a closer look at these costs,” says report lead author William D. Hartung, “with an eye towards reducing them and freeing up funds for other needed purposes.”

      • Government Report Documents US Responsibility for Venezuela’s Humanitarian Dilemma

        The US government blames the crisis on the mismanagement and corruption of the Venezuelan government headed by Nicolás Maduro. The Venezuelan government faults the US and its allies for imposing sanctions, unilateral coercive measures illegal under international law.

        An official US Congressional Research Service report issued April 28, Venezuela: Background and US Relations, suggests the Venezuelan government has valid arguments that it is being strangulated by US sanctions. According to the report:

      • Britain Risks Cementing in Power a Corrupt and Incompetent Government in Undeserved Gratitude for the Vaccine
      • Between the Lines: Congressional Report Finds US Sanctions to Blame for Venezuela Crisis

        Venezuela was once one of the most prosperous countries in Latin America. The popular classes enjoyed major advances from the Bolivarian Revolution initiated by Hugo Chávez. Today Venezuela is experiencing an unprecedented economic crisis with severe humanitarian consequences.

      • Biden’s Foreign Policy and Nuclear Weapons: a Dialogue

        Of course, it makes perfect political sense for Biden to tackle these domestic challenges first, and avoid distractions that would arise if the government were to pursue international policies that agitated pro-military Republicans and even so-called moderate Democrats. To get his emergency programs past legislative obstacles in a robust form required mustering as much unity across the political spectrum as possible, yet even with this acknowledgement I feel uncomfortable about what Biden has so far done with respect to foreign policy.  I am worried by the Biden stress on restoring the alliance/deterrence approach to global security as if the Cold War never ended. In slightly veiled language that conveys a militarist spirit Biden expresses these sentiments in a cover letter to his March 2021 Interim National Security Strategy Guidance official document, advancing as “..a core strategic proposition: the United States must renew its enduring advantages so that we can meet today’s challenges from a position of strength.”

        Apparently without forethought Biden called Russia’s leader, Vladimir Putin, ‘a killer,’ and lacking ‘a soul,’ then followed up by rejecting Moscow’s temperate call for a diplomatic meeting between the leaders to address disagreements between the two countries. Biden’s Secretary of State, Antony Blinken and his National Security Advisor Jake Sullivan have followed suit with interactions in their Alaska meetings with Russian counterparts that were calculated to raise tensions. Such postures are all about projecting American strength and conveying to others a dangerous geopolitical disposition that refuses to back down in crisis situations that are certain to arise, and for these important public figures, it means encounters with China and Russia.

      • How the US gov’t cultivated environmental and Indigenous groups to defeat Ecuador’s leftist Correísta movement
      • Yemen: Houthi Advances and Secret Saudi-Iran Talks Prompt Conciliatory Tone from MBS

        Amin Jayyash, a laborer at Yemen’s Sana’a International Airport, is celebrating Labor Day (May Day) as an unemployed man. But, unlike many workers the world over, he did not lose his job due to Covid-19, but because Saudi Arabia has effectively put his employer out of business by restricting nearly all flights to it as part of a six-plus year campaign of total war on Yemen. Amin is among over 5 million Yemeni workers — 65% of the overall workforce — who have lost their jobs as a result of the ongoing war and blockade on the country, according to newly released data from the General Federation of Trade Unions of Yemen.

      • Israeli Man Trying to Take Over Palestinian Home Says ‘If I Don’t Steal It, Someone Else’ Will

        The house is located in an occupied East Jerusalem neighborhood where Palestinian residents have been ordered to vacate by an Israeli court. 

      • “Exterminate All the Brutes”: Filmmaker Raoul Peck Explores Colonialism & Origins of White Supremacy

        A new four-part documentary series, “Exterminate All the Brutes,” delves deeply into the legacy of European colonialism from the Americas to Africa. It has been described as an unflinching narrative of genocide and exploitation, beginning with the colonizing of Indigenous land that is now called the United States. The documentary series seeks to counter “the type of lies, the type of propaganda, the type of abuse, that we have been subject to all of these years,” says director and Haitian-born filmmaker Raoul Peck. “We have the means to tell the real story, and that’s exactly what I decided to do,” Peck says. “Everything is on the table, has been on the table for a long time, except that it was in little bits everywhere. … We lost the wider perspective.”

    • Environment

    • Finance

      • Tax Dodgers Owe US Over $7 Trillion, Says Janet Yellen
      • Biden Picks Warren Ally to Oversee Student Aid, Signaling Shift on Student Debt
      • Opinion | Biden Is Flirting With a Better Economic Paradigm. Young People Need Him to Commit.

        If Biden genuinely wants to serve as a “bridge” to a new “generation of leaders”—as he stated repeatedly during his campaign–then he must leave behind outmoded deficit politics and embrace the THRIVE Act.

      • Tim Cook, Apple, and Runaway Limitless Corporate Greed

        Gelles reports that Boeing, after its criminal negligence brought down two 737 MAX planes and killed 346 people, went into a corporate tailspin. The company laid off 30,000 workers and its sales and stocks plummeted as it reported a $12 billion loss. No matter, the new Boeing boss, David Calhoun, managed to pay himself about $10,500 an hour, forty hours a week, plus benefits and perks.

        “Executives are minting fortunes, while laid-off workers line up at food banks,” writes Gelles. Carefully chosen Boards of Directors rubberstamp lavish compensation packages, as they haul in big money themselves for attending a few Board meetings.

      • In ‘Major Win for Progressives,’ Former CFPB Chief Richard Cordray Tapped to Oversee Federal Student Loans

        “This shows that the administration ready to take bold action and be a true partner to address the student debt crisis,” said Randi Weingarten of the American Federation of Teachers. 

      • Diminishing Returns

        The 2008 financial crisis is widely credited with reviving the American left, from the tent cities of Occupy Wall Street to the proliferating chapters of the Democratic Socialists of America. Yet it is not just street protesters and millennial Marxists who have put capitalism under scrutiny: Liberal pundits and policy-makers have also become analysts of capitalism’s ailments. Since Thomas Piketty’s 2013 breakout hit, Capital in the Twenty-First Century, the publishing industry has churned out new books on capitalism, inequality, and economics at a furious pace. The past two years alone have seen the publication of Piketty’s follow-up, Capital and Ideology; Gabriel Zucman and Emmanuel Saez’s The Triumph of Injustice: How the Rich Dodge Taxes and How to Make Them Pay; Heather Boushey’s Unbound: How Inequality Constricts Our Economy and What We Can Do About It; and Anne Case and Angus Deaton’s Deaths of Despair and the Future of Capitalism, to name just a few. Even capitalism’s erstwhile champions now find themselves on the back foot: None other than globalization’s manic hype man Thomas Friedman has turned to mea culpa, admitting that “we broke the world” by letting capitalism run too rampant. (“We”?)

    • AstroTurf/Lobbying/Politics

      • Facebook Will Announce Tomorrow Whether Trump and His Fascist Posts Can Return
      • Oversight Board Tells Facebook It Needs To Shape Up And Be More Careful About Silencing Minorities Seeking To Criticize The Powerful

        Tomorrow, the Oversight Board is set to reveal its opinion on whether Facebook made the right decision in banning former President Trump. And that will get tons of attention. But the Board came out with an interesting decision last week regarding a content takedown in India, that got almost no attention at all.

      • The Washington Post Thought It Might Be Nice To Provide Free Book Marketing To Insurrectionist Josh Hawley

        Let’s be clear about something. The U.S. doesn’t really do “accountability” particularly well. It’s a major reason why we often repeat the same mistakes over and over again without learning much from history or experience. That’s been made particularly clear by a U.S. press that continues to not only platform the insurrectionists who spread election fraud lies leading to the violent events of January 6, but treats these lies as valid and meaningful opinions. That, understandably, has led to concerns that it’s going to happen again. But worse.

      • Former Ethics Head Blasts “Openly Corrupt” Ted Cruz for “Selling Access”
      • Expand the US House of Representatives

        With every decennial Census for the past century, the United States has become less of a representative democracy. And, if we don’t intervene quickly, it will happen again.

      • Squad & Co: Unite as a Block to Downsize Biden’s Military Budget

        Now that would be a show stopper, particularly if they added, “So we have decided to stand united, arm in arm, as a block of NO votes on any federal budget resolution that fails to reduce military spending by 10-30 percent. We stand united against a federal budget resolution that includes upwards of $30 billion for new nuclear weapons slated to ultimately cost nearly $2 trillion. We stand united in demanding the $50 billion earmarked to maintain all 800 overseas bases, including the new one under construction in Henoko, Okinawa, be reduced by a third because it’s time we scaled back on plans for global domination.”

        “Ditto,” they say, “for the billions the President wants for the arms-escalating US Space Force, one of Trump’s worst ideas, right up there with hydroxychloroquine to cure COVID-19, and, no, we don’t want to escalate our troop deployments for a military confrontation with China in the South China Sea. It’s time to ‘right-size’ the military budget and demilitarize our foreign policy.”

      • Conspiracy Theorist Hired by GOP to Lead Arizona Recount Cost Taxpayers $150,000
      • Russian lawmakers seek to ban people who worked for ‘extremist organizations’ from running for parliament

        A group of Russian lawmakers have submitted a draft law to the State Duma on banning people connected to outlawed “extremist organizations” from running for parliament. 

      • Biden’s First 100 Days and the GOP’s First 100 Days Without Trump

        Two thirds of Americans support Biden’s $1.9 stimulus plan, already enacted. His infrastructure and family plans, which he outlined last Wednesday night at a joint session of Congress, also have broad backing. The $6 trillion price tag for all this would make it the largest expansion of the federal government since Lyndon Johnson’s Great Society. But for most Americans, it doesn’t feel radical.

      • Our Humanity; Our Identity

        The United States of America is that one country where identity politics has become more prominent in recent times. Significant elements within the majority community feel that their power has been eroded not only by the alleged assertiveness of the African-American minority (Barack Obama was president of the USA for 8 years from 2008 to 2016) but also by the growing educational and economic clout of the Asian-American communities. Besides, there is the increasing presence of the Hispanic minority and its demographic implications for the country as a whole. Fear of these changes has been exaggerated and distorted to mobilise White supremacist sentiment.

        A parallel development of sorts has been occurring in parts of Europe. Segments of the White majority have become antagonistic towards minorities many of whom profess Islam. Cultural differences aside, the flow of migrants from West Asia and parts of the African continent— a huge chuck struggling to survive — has intensified resentment and anger on the part of the majority. If anything, heightened unemployment in some of the host societies has exacerbated the situation. The newly arrived migrant often becomes the target of racist attacks.

      • Ranked-Choice Voting Is Already Changing Politics for the Better

        If you’ve been following New York City’s mayoral race, you might have noticed an unusual trend. Candidates have openly discussed their personal second choices. Activist groups have issued joint endorsements of competing candidates. Some of these competing candidates have even appeared together at shared promotional events.

      • Kangana Ranaut’s Twitter account ‘permanently suspended’ after incendiary tweets violating ‘Hateful Conduct’ policy

        Actor Kangana Ranaut’s Twitter account was ‘permanently suspended’ on Tuesday, after she posted a series of tweets in reaction to the recent West Bengal assembly election results.

    • Censorship/Free Speech

      • Trump Shows Why He Doesn’t Need Twitter Or Facebook, As He Launches His Own Twitter-Like Microblog

        In a few hours, the Oversight Board will announce its decision regarding Facebook’s decision to ban Donald Trump from its platform. As we noted back when Trump was removed from Twitter and Facebook, Trump does not lack in ways to be heard. Indeed, we suggested that he could very, very easily set up his own website with tweet-like statements, and it was likely that those would be shared widely.

      • Free Speech Under Threat: The Real Consequences of Steven Guilbeault’s Battle with the Web Giants

        When looking at the shift in the government’s approach, I recently lamented that it has become the most anti-Internet government in Canadian history. That may have once been a badge of honour for Guilbeault, but after the Bill C-10 backlash and the public re-assertion of the importance of free speech online, there may be a significant political cost to being at odds with the views of millions of Canadian Internet users.

      • Riot Shuts Down LoL Fan Server After Getting All Wiseguy With Its Developers

        Way back in 2016, we discussed how Blizzard was very busy shutting down fan-made and hosted World of Warcraft servers, pretending like intellectual property forced it to do so. At the time, these fan servers were hosting WoW’s vanilla experience, mimicking what the game looked like upon first release, rather than then current iteration of the ever-evolving MMORPG. While Blizzard has since come out with a vanilla experience product of its own, at the time, these fan servers were filling a market desire for a product that didn’t exist. Rather than figuring out a way to work with these fans, Blizzard just shut them down.

    • Freedom of Information/Freedom of the Press

      • Opinion | World Press Freedom During the US Tech Boom

        Free Press believes that creating a diverse and thriving news sector in the United States can be achieved by imposing a tax on online-advertising revenues that fuel the platforms and the attention economy.

      • ‘A chronicle of repression’ Journalist Ilya Azar shares a timeline of last month’s crackdown across Russia

        In a post on Facebook, journalist and municipal deputy Ilya Azar compiled last month’s headlines from Mediazona about pressure on activists and journalists across Russia, along with news of new prohibitions the authorities had introduced. “This is a chronicle of repression for just one month and it’s really impressive,” Azar wrote, commenting on what turned out to be a very long list. It included news about repressions from almost every day of the last month, with most days including more than one notable event. Meduza shares an edited translation of Azar’s timeline, expanded to include relevant context. You can read the original list of headlines in Russian here.

    • Civil Rights/Policing

      • Opinion | Will America’s Forever Offshore Prison Ever Be Closed?

        Can Guantánamo ever be shut down?

      • Olympics Committee Accused of Racism for “Black Lives Matter” Ban at Tokyo Games
      • Lawsuit: Cops Trashed An Attorney’s Home In Retaliation For Successfully Defending A Suspect Against Murder Charges

        An attorney in Virginia found out what happens when you make cops angry. According to Cathy Reynolds’ lawsuit, the Roanoke PD targeted her for some extra attention after she successfully defended her stepson from murder charges.

      • Russian lawmakers propose legislation strengthening punishments for involvement in ‘undesirable organizations’

        Russian lawmakers have submitted a bill to parliament on strengthening criminal penalties for leading or being involved in a foreign NGO that’s included in Russia’s list of “undesirable organizations.”

      • World Leaders Join Human Rights Defenders in Condemning Colombia’s Deadly Crackdown on Protesters

        “President Iván Duque’s administration is acting as if it has a license to kill. When the people take to the streets amid a pandemic, it is because their government is more dangerous than a deadly virus.”

      • Women’s Rights in Nicaragua Under Attack From an Unlikely Source

        Extraordinary, then, that Belli has attacked Nicaragua’s National Assembly, because it is proposing to strengthen the laws requiring female representation in politics. Essentially, the law (which is subject to consultation) would require 50% of electoral posts to be held by women. In fact, it is an extension of laws which already exist, requiring (for example) half of the councillors in local municipalities to be female. At national level, more than half of government ministries are headed by women, including key positions such as the interior minister and the education and health ministers, who are all women. Perhaps not surprisingly, over half of public health and education workers are women, but more unusually the police force is over one-third female and has twice been headed by a woman, probably a ‘first’ among Latin American countries.

        While the struggle for women’s equality is far from won, Nicaragua’s achievements have been recognised in the World Economic Forum’s Global Gap Index, which placed it fifth, after Iceland, Norway, Finland and Sweden. Currently in 2021 the same index says Nicaragua has the best performance in Latin America. Many commentators qualify this achievement by pointing out that it also has one of the highest teenage pregnancy rates in the region, a lamentable product of culture and poverty. Femicide and domestic violence also remain significant issues, although at lower levels than in neighbouring countries and much lower than the ‘northern triangle’ countries. Critics point out that abortion, made illegal under the presidency of Enrique Bolaños in 2006, remains illegal, as it is in most of Latin America. However, never have Nicaraguan women or doctors been prosecuted as happens in adjoining El Salvador, and abortion remains available for any woman whose life is in danger.

      • Derek Chauvin asks for new trial

        Chauvin’s legal team specifically cited the court’s rejection of its request to change the hearing’s venue outside Minneapolis.

      • Appeal For Defence Funds

        On Friday I shall be sentenced, very possibly to prison, for contempt of court by “jigsaw identification”. While I do not believe anybody has ever been imprisoned for “jigsaw identification” before, my entire prosecution has been so perverse that I cannot imagine why they have done it unless that is the intention.

    • Internet Policy/Net Neutrality

      • Salesforce Asks Appeals Court To Say It’s Protected Under 230; After Its Own CEO Said We Should Get Rid Of 230

        We were quite perplexed in late 2019 when Salesforce.com founder and CEO Marc Benioff (never one to shy away from expressing his opinions on anything at all) announced that Section 230 should be abolished. It seemed like an extremely poorly thought-out statement from a CEO who was wholly unfamiliar with the issues, but who has sort of relished tweaking the noses of the big consumer internet companies over the past few years (after spending the first decade or so of Software.com’s existence tweaking the noses of enterprise software companies). As we wrote at the time, Benioff didn’t seem to understand 230 at all, and seemed just angry at Facebook.

      • Verizon’s UltraFast 5G Can Only Be Accessed 0.8% Of The Time

        We’ve noted repeatedly how fifth-generation wireless (5G) was painfully over-hyped. To spike lagging smartphone and network hardware sales, carriers, equipment makers, and the lawmakers paid to love them spent years insisting that 5G would change the world, ushering forth amazing new cancer cures and the revolutionary smart cities of tomorrow. But while 5G is an important evolutionary step toward faster, more resilient networks, it’s more of an evolution than a revolution, particularly here in the US, and most of the loftier claims have proven to be a bit hollow.

    • Digital Restrictions (DRM)

      • [Old] BBC Corrupted

        Today the BBC made it official — they have been corrupted by Microsoft. With today’s launch of the iPlayer, the BBC Trust has failed in its most basic of duties and handed over to Microsoft sole control of the on-line distribution of BBC programming. From today, you will need to own a Microsoft operating system to view BBC programming on the web. This is akin to saying you must own a Sony TV set to watch BBC TV. And you must accept the Digital Restrictions Management (DRM) that the iPlayer imposes. You simply cannot be allowed to be in control of your computer according to the BBC.

    • Monopolies

      • Apple may win a court battle but lose a regulatory war

        The devilish details of antitrust law aside, this is the main question before a judge in California in a trial that started on May 3rd. It will be a battle royal between Epic Games, the maker of Fortnite, a popular online video game, and Apple, the world’s most valuable tech firm. Epic accuses Apple of having abused its dominance when it kicked Fortnite off the app store last year after Epic tried to offer a separate payment system. Apple counters that Epic is just trying to avoid paying its commission rate of up to 30% and free ride on the tech giant’s inventions.

        An Epic win would up-end the economics of smartphone apps. Epic, and others, would probably be allowed to use their own payment systems in iPhone apps and perhaps even offer alternative app stores. Both would put pressure on the profitability of Apple’s services business, of which the app store is a large part—estimates put its margins at well above 70%.

      • After $53 Billion in European Sales Last Year, Amazon Paid $0 in Corporate Taxes

        “These figures are mind-blowing, even for Amazon. We are seeing exponentially accelerated market domination across the globe on the back of income that continues to be largely untaxed.”

      • Amazon Q1 2021

        Amazon announced their financial results for the January to March quarter last Thursday. I was reading them when an email popped up asking if I wanted to talk about them on CNBC Squawk, which I did. In preparation, I re-read the report and pulled together a few talking points; here they are.

      • Gaming Executive Sweeney Fumbles with Nintendo Switch at Trial

        Epic has to prove that the App Store is a monopoly that limits choices users have to play games across devices, including billions of iOS devices, to win its antitrust suit. Epic’s lawyers brought in an iPhone and a Nintendo Switch video game console to show it’s easier to play games on smartphones while a user is on-the-go.

      • Patents

        • This Is Biden’s Chance to Vaccinate the World

          On Wednesday, Biden faces a critical juncture. That day, May 5, governments from around the globe will gather at the World Trade Organization. They will ask America to waive the rules that are blocking them from making enough vaccines to protect their people. The rules in question are governed by TRIPS—the WTO Agreement on Trade Related Aspects of Intellectual [sic] Property [sic] Rights [sic]. TRIPS requires governments to guarantee corporations’ patents and other intellectual [sic] property [sic] rights [sic], including monopoly control over the production of vaccines and other medicines.

          Because of these restrictions, not enough doses of the vaccine are being manufactured, despite the incredible industrial capacity of countries like India. This pharma-created shortage will result in the deaths of millions more people from Covid-19. A waiver would loosen corporations’ grip and allow countries and companies around the world to increase supply of the vaccine and treatments. A waiver would save lives.

        • To ‘Crush the Virus,’ Majority of House Dems Urge Biden to Back Vaccine Patent Waiver

          “We need to make public policy choices, both in the U.S. and at the WTO, that put lives first.”

      • Copyrights

        • PIJIP at American University to Steward the Open COVID Pledge

          Last year, Creative Commons joined forces with an international group of volunteer researchers, scientists, academics, and lawyers who sought to spur innovation that could be used in the fight against COVID-19. The result was the OCP, a project that offers simple, public licenses that anyone can use to make their patents and copyrights available to the public to be utilized in the global health crisis.

        • EU Study: Movie Pirates Chat on Reddit and Music Pirates Prefer Twitter

          New research published by the European Union Intellectual Property Office shows that social media networks are regularly used by pirates. An analysis of millions of conversations estimates that 35% of all digital content discussions “could be possibly related to piracy.” Interestingly, not all content niches prefer the same social media platforms.

        • Triller Offers Amnesty to Pirates, Claims VPN Users Aren’t Protected

          Last week Triller filed a $100m lawsuit hoping to make several sites pay for illegally streaming the Jake Paul vs Ben Askren fight. Triller believes that up to two million people viewed the fight illegally so is now inviting people to enter into a $49.99 settlement agreement. VPN services, it is being claimed, will offer no protection to those who used them to pirate the event.

05.04.21

Links 4/5/2021: Taiwins 0.3, KDE Plasma 5.21.5 Released

Posted in News Roundup at 7:19 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • OpenStack Wallaby: OpenStack Charms 21.04

        OpenStack Charms 21.04 release brings native support for OpenStack Wallaby and Ceph Pacific in Canonical’s Charmed OpenStack. Those latest versions of OpenStack and Ceph come with numerous performance improvements, making the open infrastructure stack even more suitable for network and storage intensive workloads. In order to simplify Charmed OpenStack installation on low-end hardware, the OpenStack Charms 21.04 release comes with single-NIC installation capabilities. Charmed OpenStack production environments will benefit from improved stability during upgrades thanks to controlled data plane service restarts.

      • Most Reliable Hosting Company Sites in April 2021 [Ed: GNU/Linux dominating servers, still. FreeBSD with honourable mention.]

        Choopa.com had the most reliable hosting company site in April 2021, heading the table for the fifth time in the past 12 months. The top five sites each responded to all of Netcraft’s requests, but Choopa.com’s average connection time of just 3ms wins it the top spot. The host offers a range of services including cloud hosting, dedicated hosting and colocation in its own primary facility in Piscataway, New Jersey as well as other facilities in Los Angeles, Amsterdam, and Tokyo.

        Second place this month goes to Rackspace, narrowly behind Choopa.com with an average connection time of 6ms. Rackspace has appeared in the top 10 for five consecutive months, four of which placed it in the top three. Rackspace provides a wide variety of cloud services from its global network of over 50 locations across five continents.

    • Kernel Space

      • Here are Collabora’s Contributions to Linux Kernel 5.12

        Linux kernel 5.12 was just released last week, bringing numerous new features and improved hardware support. Among the biggest changes, there’s LTO support in Clang, a new dynamic thermal power management mechanism, initial support for zoned block devices for the Btrfs file system, kernel thread-based NAPI polling, eMMC inline encryption support, and support for the Lenovo IdeaPad platform profile.

        Collabora’s contributions to Linux kernel 5.12 targeted the closing of the gap between hardware support on vendor trees and the mainline kernel tree. For that, they’ve contributed to the ChromeOS EC platform support, power/supply and reset/shutdown subsystems, Mediatek SoC support, and improved the V4L2 (Video4Linux) Async notifier API to be consistent and easier to use.

      • Linux 101: What are the Linux systemd equivalents of runlevels?

        If you’re a Linux admin, you probably remember the old runlevels, which defined a state of initialization the operating system is running in. For example, runlevel 0 was a system halt, runlevel 1 was single-user mode, runlevel 2 was multi-user mode with no network file system, run level 3 was multi-user mode with a text-only interface, run level 4 was user-definable, runlevel 5 was multi-user mode with a GUI and runlevel 6 was reboot.

        That was with sysvinit. Now that most Linux distributions have migrated to systemd, you might be curious as to the equivalent run levels. There isn’t a per-level equivalent, because opts to go with target levels, instead of run levels. Because there are only five targets, it doesn’t quite map out perfectly.

      • Kernel 5.12: Working to close the gap

        While the kernel community has kept an always accelerating pace of development with no slowdown in sight, the release process has reached such maturity that a new release might sound a bit uneventful. But, when we are talking about one of the pieces of software used to fly that helicopter on Mars earlier this year, uneventful is exactly what you want.

        In fact, as the resilience of the release process is proven over and over, more and more companies have been able to drop their vendor trees based on decade old Linux versions, and base their work on the bleeding edge technologies available in the latest versions.

        At Collabora, we are more than ever dedicated to help vendors achieve this goal by closing the gap between hardware support on vendor trees and the mainline tree. In this release we have expanded that effort with our customary contributions all around the kernel, in particular we have paid attention to the Video4Linux APIs and hardware enablement.

      • F2FS Adds New Mount Options With Linux 5.13, Other Improvements – Phoronix

        The Flash-Friendly File-System (F2FS) updates for Linux 5.13 have been submitted in providing the latest features for this flash-optimized file-system.

        One of the new mount options with F2FS for this kernel is “checkpoint_merge”. Under the “checkpoint_merge” option, a kernel thread is used for handling F2FS checkpoints. “Once we start to manage the IO priority along with blk-cgroup, the checkpoint operation can be processed in a lower priority under the process context. Since the checkpoint holds all the filesystem operations, we give a higher priority to the checkpoint thread all the time.”

      • Linux’s Perf Tools Prepares For Intel Alder Lake, Adds New AMD Zen 3 Events – Phoronix

        Linux’s perf tooling for dealing with hardware performance counters and associated monitoring has seen a number of nice updates for the Linux 5.13 kernel cycle.

        As usual, Intel continues to lead on the perf front for exposing their hardware’s many performance counters and ensuring good integration for Linux profiling and analysis. With Linux 5.13 there is now support for hybrid PMUs in preparing for forthcoming heterogeneous processor designs like Alder Lake with a mix of Core and Atom CPU cores.

      • A Fresh Take On Speculative Page Faulting Aims For The Mainline Kernel

        Over the years there have been a number of rounds of patches published for speculative page faulting. The goal has been to support user-space page-faults without holding the memory management semaphores and to ultimately allow for better performance especially with threaded workloads. A fresh take on the speculative page faulting (SPF) functionality was recently volleyed on the kernel mailing list.

        Various kernel developers have been involved with Linux’s speculative page faulting patches in recent years albeit none over the finish line for the mainline kernel but some Android vendors and other third-parties have carried SPF patches in some cases.

      • Graphics Stack

        • Taiwins 0.3 is out
          Hi all,
          
          I am glad to announce that Taiwins 0.3 is released today. It has been
          a year since Taiwins 0.1 release, we have migrated from libweston and
          wlroots. This version, Taiwins has implemented enough compositor
          features. The biggest change in the version is the libtaiwins library
          is finally ready for daily use.
          
          - Multiple backends for hardware abstraction(DRM, X11, wayland).
          - Rendering context with exposed interface for custom rendering.
          - Abstracting xdg-surface , wl_shell_surface and xwayland_surface for
          unified desktop interface.
          - session handling.
          - All essential and many useful wayland protocols.
          - Xwayland support.
          
          With those features supported, libtaiwins now becomes a real
          alternative outsides wlroots and libweston. Besides, I’d like to point
          out some design goals were kept in mind when crafting taiwins since
          day 1.
          
          - split GBM buffer management from DRM mode setting, make it possible
          to implement other   buffer management backends.
          
          - builtin support for multi-GPUs from day one.
          - udev events monitoring for runtime GPU events handling.
          - separate rendering logic from backends, make it possible to work
          with different renderers.
          
          It is a magical thing to be able to use your own created compositor,
          it is certainly not easy, but I think right now the most difficult
          time is behind us. The next version of taiwins will focus on the
          rendering. Features hopefully will land includes:
          
          - xdg-decoration support
          - plane assignment in drm backend
          - video recording feature
          - taiwins shell functionalities
          
          For people who are interested, https://taiwins.org hosts many useful
          documentations and a tutorial on how to use libtaiwins.
          
          https://github.com/taiwins/taiwins/releases/download/v0.3/taiwins-0.3.tar.gz
          
          Cheers,
          Xichen
          
        • Taiwins 0.3 Released As Newest Wayland Compositor Release

          Introduced last year was Taiwins as a compact Wayland compositor. While early on it began using Sway’s WLROOTS library, it ended up writing its own Wayland compositor library (libtaiwins) and recently hit its version 0.3 milestone.

          For those that enjoy trying out niche Wayland compositors, Taiwins 0.3 is out that makes use of its own libtaiwins library rather than WLROOTS and Libweston. It’s now considered “finally ready for daily use.”

    • Benchmarks

      • GCC 11 vs. LLVM Clang 12 Compilers On The AMD EPYC 7763

        For those wondering how the recent releases of the GCC 11 and LLVM 12 (Clang 12) open-source compilers are competing on AMD Zen 3, here are some recently conducted benchmarks looking at that showdown on an AMD EPYC 7763 1P server.

        Now that both Clang 12 and GCC 11 stable are out, fresh stable compiler benchmarks are being carried out on various AArch64 and x86_64 systems. These EPYC 7763 1P tests were wrapped up last month while waiting for that GCC 11.1 stable debut and as a result were using the GCC 11.0.1 20210413 snapshot of the time. Clang 12.0.0 was in its latest release form. Both compilers were running in their release modes.

    • Applications

      • GParted 1.3 Open-Source Partition Editor Improves exFAT Support

        GParted 1.3 comes more than three months after GParted 1.2, which was the first release to introduce support for the exFAT file system. This new release improves exFAT support by adding the ability to read file system usage, as well as to set or update the UUID of exFAT partitions.

        On top of that, GParted 1.3 adds support for resizing open LUKS2 encryption mappings with passphrase, restores the detection of encrypted file systems, improves support for the Reiser4 file system, and addresses various bugs, crashes, and other annoyances to make your disk partitioning tasks easier.

      • 11 Best Free Linux Astronomy Apps (Updated 2021)

        Astronomy is a branch of science that deals with the study of celestial objects (including stars, planets, moons, comets, asteroids, meteor showers, nebulae, star clusters and galaxies) and other phenomena.

        We were introduced to the world of astronomy by the venerable Sir Patrick Moore. For anyone who does not know, Sir Patrick was an amateur astronomer who presented The Sky at Night, the longest-running television programme, for over 54 years, and made an outstanding contribution to astronomy.

        Astronomy is particularly well suited to the layperson. It’s a wonderful hobby which has almost no age limits, it is open to individuals of all financial means, and there is always the potential for an amateur to discover something that has eluded professional astronomers, or to help monitor stars and track asteroids. Even with the unaided eye, there is much to study in the night sky including constellations, shooting stars, planets, and of course the moon, the Earth’s only natural satellite.

      • qBittorrent 4.3.5 Released! To Drop Support for Ubuntu 20.04

        qBittorrent, free and open-source Qt5 based Bittorrent client, released version 4.3.5 a few days ago.

        qBittorrent 4.3.5 is the last release in the 4.3.x series. And it’s going to drop support for Ubuntu 20.04 in the next release since it has an outdated Qt5 libraries.

        Users who prefer qBittorrent can still get updates for Ubuntu 20.04 through the Flatpak package, since it’s a containerised package format bundle with most run-time libraries.

      • QOwnNotes 21.5.0

        QOwnNotes is a open source (GPL) plain-text file notepad with markdown support and todo list manager for GNU/Linux, Mac OS X and Windows, that (optionally) works together with the notes application of ownCloud (or Nextcloud). So you are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device (like with CloudNotes) or the ownCloud web-service. The notes are stored as plain text files and you can sync them with your ownCloud sync client. Of course other software, like Dropbox, Syncthing, Seafile or BitTorrent Sync can be used too.

    • Instructionals/Technical

      • How to install AMD GPU drivers on Ubuntu / Linux Mint – LinuxH2O

        In this quick guide, you will learn how to install AMD GPU drivers on Ubuntu or any of its derivatives like Linux Mint, Elementary OS, Zorin OS, Pop OS, MX Linux, etc.

        Mesa is an open-source project that implements various APIs like OpenGL, Vulkan, VDPAU, etc for interactive 3D graphics. It provides driver support for different hardware manufactures like AMD, Intel, and sometimes Nvidia.

        Mesa drivers are more efficient and up-to date, providing better performance to games and applications on Linux and Unix operating systems.

      • How to install KDE Plasma Desktop on Rocky Linux 8 – Linux Shout

        Rocky Linux 8, a new alternative to CentOS is here and if you want to try it out with KDE Plasma Desktop environment then here are the steps to install it on Rocky. You can also use these steps for AlmaLinux, RHEL, and CentOS 8.

        KDE plasma is known for its Classic Desktop interface arrangements but with modern looks and elements. Thus, if you are using command line Rocky Linux or even the standard GNOME one. Then still we can install KDE Desktop on Rocky using few simple commands. And for that just go through this tutorial.

      • How to install and enable SNAP on Rocky Linux 8 – Linux Shout
      • How to reboot Debian using the command line

        Linux OS has the ability to run without rebooting not for weeks, but for years. But sometimes there is a good reason to reboot your Linux system after a week or two, depending on the situation. Most of the time, there are two main reasons for the reboot. First, the reboot becomes necessary when you install a piece of software that requires a reboot to become functional. Secondly, when you update your system or perform some configurations that also require a reboot. Apart from that, there can be many other reasons for a reboot. Whatever the reason, you should know how to reboot a system so that all changes take effect.

        If you are using a GUI version of Linux or physically accessing your system, rebooting the system is not a problem, but if you are using a headless version of the operating system or accessing it via SSH and only have command-line access. In this case, you should know how to reboot a system from the command line.

      • Install Eclipse IDE on Opensuse leap 15.2 or Tumbleweed Linux
      • How to edit stuff that you’ve already commited to git? (And squash as a bonus)

        So, you’re in the middle of a review, and have couple of commits but one of the comments is asking you to modify a line that belongs to second to last, or even the first commit in your list, and you’re not willing to do…

      • How to Monitor Linux Server and Process Metrics from Browser

        In the past, we’ve covered lots of command-line-based tools for monitoring Linux performance, such as top, htop, atop, glances, and more, and a number of web-based tools such as cockpit, pydash, linux-dash, just to mention but a few. You can also run glances in web server mode to monitor remote servers. But all that aside, we have discovered yet another simple server monitoring tool that we would like to share with you, called Scout_Realtime.

      • How to List USB Devices in Linux

        Nowadays, many computer peripherals such as webcams, mice, scanners, printers, hard drives, USB (Pendrive) now come as USB devices. Once these devices are connected to the Desktop or server it’s important to know the device name or device path. This helps to identify USB devices for the tasks such as formatting.

        In Linux, all device files are stored in /dev directory and must be available to the OS during the system boot.

        In this tutorial, I will show you the various ways to list USB devices on Linux. Most commands mentioned here should work on all Linux distributions.

      • How to Clone Virtual Machine in VirtualBox

        Installing a fresh operating system on VirtualBox is easy and can be done in a short time. After that, there are so many steps like installing packages, hardening the OS, updating drivers, configuring development environments, etc.. have to be done.

        This is ok if you have just one virtual machine to work with. What if you need to repeat the same procedure for 5, 10, or 15 more virtual machines? Do you think it is easy to set up everything manually for all the virtual machines? It is a time-consuming task, right? This is where the cloning process comes into play.

      • How To Install Monitorix on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Monitorix on Ubuntu 20.04 LTS. For those of you who didn’t know, Monitorix is a free, open-source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size can be used on embedded devices as well. Monitorix also is run on most Linux-based operating systems including, CentOS, Debian, Ubuntu, FreeBSD, OpenBSD, and NetBSD.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Monitorix system monitoring tool on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to Add a Directory to PATH in Linux [Quick Tip]

        The PATH variable in Linux stores the path to the directories where it should look for executables when you run a command.

      • How To Extend KVM Virtual Machine Disk Size In Linux

        This brief guide explains what is Virt-size command line tool and how can we expand or extend KVM virtual machine disk size using Virt-resize tool in Linux.

        The other day I noticed that one of my KVM Virtual machine is running out of disk space. I couldn’t install any new applications or couldn’t save files due to low disk space. To fix this issue, I simply increased the size of a KVM virtual machine’s disk using virt-size command. I personally tested the steps given below to increase the disk size of a CentOS 8 KVM virtual machine and it worked as expected.

      • A sudden Hackney SSL’s unknown certificate authority error

        A small report on how upgrading OTP to version 23 brought out unknown certificate authority errors when making requests from HTTP libraries based on Hackney.

      • How to safely remove PPA repositories in Ubuntu – Linux Hint

        Ubuntu is the most common Linux system that assists users in installing the application by using PPA. PPA is abbreviated as “Personal Package Achieve”. Repositories are servers that have a set of packages. PPA is a collection of packages that are hosted on the Launchpad server. Adding PPA means adding a new repository to our system. We can install the application from that repository. PPA repositories are unofficial repositories that are used to connect third-party software to the Ubuntu operating system.

        Ubuntu searches for the application in a package archive that contains most of the applications required by Ubuntu users. Still, newer versions of the same apps that are not as common are not always available in the official repository. A PPA repository can help with this.

        Our system can have numerous repositories installed. The crowded archive of repositories can make the updating process very slow. Therefore, try to keep the required repositories on your system and delete the unwanted or damaged repositories.

      • How to install an FTP server on Ubuntu 20.04 – Linux Hint

        FTP is a protocol that allows us to transfer files between two different servers across a network. It happens between a “server” and a “client” computer. It occurs via ports 20 and 21. Port 21 is used to establish a link between two computers, and port 20 is used to transfer data. At the same time, FTP servers may not be as prominent as they have ever been. They can still be quite helpful, particularly when they are used on the intranet.Companies with an intranet for everyday work have an FTP server that is open to installed files for everyone, and this is simple to do in Ubuntu 20.04.

        This post is covering what the FTP server is and how to install it on Ubuntu 20.04.

      • How to get a hostname/domain name from an IP address in Linux – Linux Hint

        One of the questions that many Linux users ask is how they can retrieve a system’s hostname using its IP address. It may seem an uphill task, but in the real sense, it’s quite easy. Essentially, this is known as the reverse DNS lookup. Reverse DNS lookup queries an IP address to retrieve the hostname or domain of the server. The exact opposite is the Forward DNS lookup which maps the domain name to the IP address.

        In this short guide, we have explored a few ways to performs Reverse DNS lookup and get a domain name from an IP address. For demonstration purposes, I have used Ubuntu 20.04.

      • How to remove blank lines in a file in Linux – Linux Hint

        One of the questions that many Linux users ask is how they can retrieve a system’s hostname using its IP address. It may seem an uphill task, but in the real sense, it’s quite easy. Essentially, this is known as the reverse DNS lookup. Reverse DNS lookup queries an IP address to retrieve the hostname or domain of the server. The exact opposite is the Forward DNS lookup which maps the domain name to the IP address.

        In this short guide, we have explored a few ways to performs Reverse DNS lookup and get a domain name from an IP address. For demonstration purposes, I have used Ubuntu 20.04.

      • How to Copy Remote Files Recursively in Linux – Linux Hint

        When you need to copy remote files in Linux, two popular command-line tools can get the job done for you — i.e., scp and rsync. This tutorial will describe how to use the scp and rsync tools to copy remote files recursively in Linux.

      • How to change ban time fail2ban, even ban forever if desired – Linux Hint

        Fail2ban is an open-source intrusion prevention service that bans IP addresses, making too many logins attempt with the wrong password. By default, the ban period is 10 minutes or 600 seconds. It automatically unbans the IP after 10 minutes to avoid locking out any legitimate system that may have been mistakenly entered the wrong password. If you want, you can easily change (increase or decrease) the default ban time.

        In this post, we will describe how to change ban time in fail2ban. We will also describe how to permanently ban an IP address if you ever need to do so.

      • How can I set the timezone for Crontabs? – Linux Hint

        Crontab, a shortened form of Cron table, is both a command and a text file in UNIX/Linux systems used to determine the scheduling of Cron jobs. What is a Cron job? A Cron job, also widely referred to simply as Cron, is a time-based scheduler that executes tasks in Linux systems at specified times. It runs with the help of the crond daemon Cron jobs are extremely helpful in automating Shell scripts and other commands that need to be executed at regular intervals, which would otherwise be tedious when manually done.

        Usually, Cron jobs run using the local time defined in the system. However, you may prefer to run the Cron job in a different timezone without necessarily changing your server’s time and date.

      • How to Install Steam on CentOS 8? – Linux Hint

        Steam is a very popular and widely used online gaming library among the gaming community. It provides thousands of games to play and lets you communicate with online players. It is available on many platforms and can be used in Linux as well.

        In this post, we will walk through a profound guide on how to install Steam on CentOS 8.

        Let’s start!

      • How to Install TensorFlow on CentOS 8? – Linux Hint

        TensorFlow is a very popular open-source software library built by Google Inc. for machine learning. It is used for implementing machine learning techniques and training deep neural networks, as well as visualizing graphs and data flow charts of complex mathematical equations.

        In this post, we will demonstrate a step-by-step guide on how to install TensorFlow on CentOS 8 in a python-oriented virtual environment.

      • How to Install Go on Linux Mint 20? – Linux Hint

        Go is an open-source and modern programming language that is used to build efficient and reliable software. Since it is a compiled language, therefore, we can easily compile it on any platform and create an executable file.

        Go can be installed on Linux Mint 20 from the base repository and the Go tarball.

      • How to Exclude Directory Rsync? – Linux Hint

        Rsync (stands for remote sync) is a very powerful command-line utility for local and remote file and directories synchronization. It comes preinstalled on most Linux distributions. It is one of the best utilities for backup and keeping files and directories on multiple locations in sync. The best part about rsync is that it minimizes the amount of data that is copied to the remote location by only copying the data that has been changed. There is another great feature of rsync that we are going to discuss today; it is excluding files or directories from sync. This is extremely useful during backups when you don’t want to copy one or more files or directories.

        We will show you how you can exclude a file or directory in rsync using different examples. The examples presented here have been tested on Ubuntu 20.04 LTS, however, these are also valid for other Linux distributions having rsync installed.

      • How to Enable SSH on CentOS 8? – Linux Hint

        Secure Shell, also known as SSH, is a popular tool used for connecting with the server through the client. SSH ensures secure remote connectivity and communication between a server and its client and also provides the file transfer over the remote network connection.

        In this post, we will go through a step-by-step guide on how to enable SSH on CentOS 8 and access its server from a CentOS 8 client machine while remotely using the SSH. Let’s start with the configuration of the CentOS 8 server for remote connection via SSH.

      • How to Delete a Partition in Linux? – Linux Hint

        Your hard drive is usually partitioned into logical volumes called partitions. Partitions help you organize your data and hence allow you to easily retrieve your saved files and folders. You can easily create partitions to make space for data storage as well as delete them.

      • How to Parse and Scrape HTML Using Pyquery – Linux Hint

        “Pyquery” is a third-party Python module that allows you to parse and extract data from “xml” and “html” documents. It is inspired by jQuery JavaScript library and features a near identical syntax, allowing you to use many helper functions and shorthand code to parse and manipulate the document tree. This article will cover a simple guide on Pyquery that will help you get started with the module.

    • Games

      • Portal Reloaded adds ‘preliminary’ Linux and macOS support on Steam

        Portal Reloaded, a very popular community made mod for Portal 2 recently arrived on Steam and as of the latest update the developer added in preliminary Linux and macOS support.

        In this community made mod you play as test subject [4-5-0-9]. Awoken from stasis by an automated AI, you are expected to complete a very special test course. Within the depths of Aperture Science, secluded from the rest of the facility, lies a previously unknown and long forgotten testing track. Mixing up the gameplay from the originals, it adds in a third portal that allows for time travel into 20 years in the future.

      • Enjoy what we do? Please support us if you’re able to

        It’s been some time since we reached out to the community, so here’s a reminder: we are completely funded by readers and we need your support.

        We love what we do here, and we hope to continue doing it for a great many years to come. The industry is always changing, and Linux gaming especially has been through some evolutions over the past few years. We hope to always be reporting at the front of it and we can continue doing so with your help! We don’t aim to be the first to report on things, we’re not wanting a numbers game – we just try to make nice regular content for you to read, that perhaps you won’t find elsewhere.

        Unlike many sites, we don’t have any adverts. Not one single advert and we wish to remain that way, giving you a clean and clear website.

      • Free Game Tuesday – get 100% off on Nubarron, an adventure of an unlucky gnome

        Here’s your quick tip of the day! Until May 9, you can grab a free permanent copy of Nubarron: The adventure of an unlucky gnome on Steam. The developer, Nastycloud, originally tried crowdfunding it on Kickstarter and it wasn’t successful. That was back in 2014 and then surprise – it launched anyway back in early 2020 which we completely missed. Now it’s free for a while!

        “Guide Gnome across the dangers of this twisted fairytale world. Can you break the make the annoying cloud go away? And recover his stolen Lucky Hat? Trust your friends? Find out in this, a casual platformer set in a beautiful painted world full of weird creatures you’ll have to deal with.”

      • GOG are having a big Polish games sale with a discount on the Razer store

        Maybe time for a new game and some extra fancy hardware? DRM-free store GOG.com are offering you 15% off in the Razer store, if you buy from them during the Polish Games Festival. The celebration is going on due to Constitution Day which was on May 3.

      • Katja’s Abyss: Tactics turns Minesweeper into a turn-based tactics game

        What joy! Seeing even more developers try and take on the basic idea of Minesweeper with a fresh spin. Like Bonesweeper, the basics are the same as Minesweeper with you counting squares to find things. In Katja’s Abyss: Tactics, you’re mining for energy but there’s enemies lurking in the mines that can take down your units.

        “So you’re the captain they just promoted at Echo Mining Corp, yeah? Listen, you’ve got the task of leading our crew of brave miners and engineers into the dangerous caves of Montmane. Your goal is to collect potent runoff from volatile Nodes of energy in the walls.

      • Nadir is an upcoming roguelike deckbuilder with ‘artwork burning of infernal fire’

        Polish studio Shockwork Games are working to bring us Nadir, an roguelike deckbuilder with artwork burning of infernal fire aimed at an adult audience due to the themes.

        They actually say it’s a “JRPG” mixed with a deckbuilder, although they’re not situated in Japan, they’re taking some elements from the popular genre. Taking inspiration from the likes of Dante’s Divine Comedy and many more “extraordinary” works. In the game you “control powerful, yet extremely blemished teams of characters, each representing one of the deadly sins”.

      • Sony Interactive Entertainment announced a minority investment in Discord | GamingOnLinux

        What does all this mean for the PC/Linux version? Thankfully, nothing. No changes are planned other than some new integration on PlayStation platforms.

      • Star Wars Jedi: Fallen Order is free on Stadia Pro, Head of Product at Stadia leaves

        May the 4th be with you, if you’re a Stadia Pro subscriber as you can now claim Star Wars Jedi: Fallen Order free. Yes, that’s right. The Stadia team haven’t even announced it, it’s just there on the Stadia store ready to claim!

        A pretty massive game to be giving away, although it wouldn’t be the first since over time Stadia has given away a number of big titles with Stadia Pro.

      • Battle of wits: Antiguans revel in ancient board game

        In addition to its cultural significance, there is another reason Mr Simon is one of Warri’s staunchest advocates. Co-founder of the country’s Warri Academy, he has seen the dividends it reaps in children’s mathematical ability.

        “When you teach kids to play, you don’t just teach them the game but also our history and how it can help them mathematically,” he tells the BBC. “We write a maths problem out for them and show them how Warri can solve it.”

      • Steam Play Proton 6.3-3 is out now with Origin Overlay working, vkd3d-proton v2.3.1

        Ready for another fun week testing out more games? Valve have you covered with the latest update to Proton.

        If you’re not clear on what Proton and Steam Play are, be sure to check out our constantly updated dedicated page. It’s a special compatibility layer for running Windows games and apps from Steam on Linux.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.21.5, Bugfix Release for May

          Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.21.5.

          Plasma 5.21 was released in February 2021 with many feature refinements and new modules to complete the desktop experience.

          This release adds a month’s worth of new translations and fixes from KDE’s contributors. The bugfixes are typically small but important and include…

        • Trinity Desktop R14.0.10 Released For Those Still Loving KDE 3

          For those still having fond memories of the KDE 3.5 desktop, the Trinity Desktop Environment continues to be maintained in 2021 as a long-running fork from KDE 3.5 with security/maintenance fixes and other minor enhancements to the desktop environment.

          The Trinity Desktop has been working to maintain the KDE3 desktop fork now for over one decade. New to this 14.0.10 release are applications of KlamAV and Kompose being included. There are also enhancements to its virtual keyboard support, customizable icon spacing for the KDesktop, and a variety of other mostly small improvements.

        • KDE Plasma 5.21.5 Released as the Last in the Series with More Bug Fixes

          The KDE Plasma 5.21.5 point release is here to improve Wayland support by fixing a crash the occurred in the Plasma Wayland session when dragging a file over the panel and to position maximized GTK app windows to no longer be too high. Not Wayland related, comboboxes in GTK apps now use the correct drop-down arrow icon.

          The new Plasma System Monitor app has been improved again in this point release to no longer crash when selecting a new display style for any of the sensors, as well as to no longer lose the names of processes after modifying columns.

      • GNOME Desktop/GTK

        • Customize GNOME 40 Desktop to Look Like macOS [Guide]

          A quick guide for you to help you customizing the GNOME 40 desktop to look like macOS.

        • GNOME 3.38.6 Desktop Environment Released with Various Bug Fixes

          Coming one and a half months after GNOME 3.38.5, the GNOME 3.38.6 point release is here to update the Epiphany web browser with the ability to allow launching of external URLs when triggered by user action, as well as to update the File Roller archive manager to skip files with symlinks in parents.

          It also fixes a huge CPU consumption bug in the Gedit text editor, which occurred when a folder with content is deleted in the filebrower plugin. In addition, Gedit now uses the current document path when opening a new file to address a regression introduced in a previous version.

        • Jakub Steiner: How to Symbolic Icon

          Unlike application icons, the symbolic icons don’t convey application identity, but rely on visual metaphor to describe an action (what a button in the UI does).

          GNOME has not used fullcolor icons in toolbars and most of the UI in many years. Instead we use symbols, adjusting legibility and their rendering the same way we do with text (recoloring the foreground and background as you can demo switching the dark theme on this blog post).

          But how does one create such an icon? Here’s a walkthrough of the process, using our 2021 tooling. While the actual drawing of shapes still happens in Inkscape, the workflow is now heavily supported by a suite of design tools.

          Before we dive into creation though, let’s start with a more common case: In many cases developers just want to pick and use an existing icon rather than attempting to create it or commission a designer.

    • Distributions

      • Keep multiple Linux distros on a USB with this open source tool

        Giving friends and neighbors a bootable USB drive containing your favorite Linux distribution is a great way to introduce neophyte Linux users to the experience we all enjoy. There are still a large number of folks who have never heard of Linux, and putting your favorite distribution on a bootable USB drive is a great way to break the ice.

        A few years ago, I was teaching an introductory computer class to a group of middle schoolers. We used old laptops, and I introduced the students to Fedora, Ubuntu, and Pop!_OS. When the class was over, I gave each student a copy of their favorite distribution to take home and install on a computer of their choice. They were eager to try their new skills at home.

      • Nitrux 1.4 Is One of the First Distros to Support Linux Kernel 5.12

        Nitrux 1.4 continues the monthly ISO releases and brings support for the recently released Linux 5.12 kernel series in case you want to install the Debian-based distribution on newer hardware that isn’t fully supported by the default Linux 5.10 LTS kernel.

        This makes Nitrux one of the first distros to support Linux kernel 5.12, which can be easily installed over or alongside the default kernel by running the sudo apt install linux-image-mainline-current command in a terminal emulator.

      • A Brief History of Configuration-Defined Image Builders

        When you think of a configuration-defined image builder, most likely you think of Docker (which builds images for containers). But before Docker, there were several other projects, all of which came out of a vibrant community of Debian-using sysadmins looking for better ways to build VM and container images, which lead to a series of projects that built off each other to build something better.

      • Why apk-tools is different than other package managers

        In traditional package managers like dnf and apt, requesting the installation or removal of packages causes those packages to be directly installed or removed, after a consistency check.

        In apk, when you do apk add foo or apk del bar, it adds foo or bar as a dependency constraint in /etc/apk/world which describes the desired system state. Package installation or removal is done as a side effect of modifying this system state. It is also possible to edit /etc/apk/world with the text editor of your choice and then use apk fix to synchronize the installed packages with the desired system state.

        Because of this design, you can also add conflicts to the desired system state. For example, we recently had a bug in Alpine where pipewire-pulse was preferred over pulseaudio due to having a simpler dependency graph. This was not a problem though, because users could simply add a conflict against pipewire-pulse by doing apk add !pipewire-pulse.

        Another result of this design is that apk will never commit a change to the system that leaves it unbootable. If it cannot verify the correctness of the requested change, it will back out adding the constraint before attempting to change what packages are actually installed on the system. This allows our dependency solver to be rigid: there is no way to override or defeat the solver other than providing a scenario that results in a valid solution.

      • [Older] Let’s build a new service manager for Alpine!

        Update (April 27): Please visit Laurent’s website on this issue for a more detailed proposal. If you work at a company which has budget for this, please get in touch with him directly.

        As many of you already know, Alpine presently uses an fairly modified version of OpenRC as its service manager. Unfortunately, OpenRC maintenance has stagnated: the last release was over a year ago.

        We feel now is a good time to start working on a replacement service manager based on user feedback and design discussions we’ve had over the past few years which can be simply summarized as systemd done right. But what does systemd done right mean?

        Our plan is to build a supervision-first service manager that consumes and reacts to events, using declarative unit files similar to systemd, so that administrators who are familiar with systemd can easily learn the new system. In order to build this system, we plan to work with Laurent Bercot, a globally recognized domain expert on process supervision systems and author of the s6 software supervision suite.

      • Haiku activity report – March and April 2021

        Andrew Lindesay continues his work on HaikuDepot, fixing a glitch in redrawing of featured packages. He completed the removal of the custom list class, so HaikuDepot uses standard container classes from C++ or Haiku APIs. This makes the code more similar to other parts of Haiku and easier to maintain.

      • Reviews

        • First Look: elementary OS 6 Enters Beta with New Installer, Dark Theme, and More

          The first major change you’ll notice when running elementary OS 6 is the brand-new installer, which also acts as a first-time setup wizard by letting you choose the default system language, time zone, and keyboard layout. Then, you are prompted by a redesigned screen to select the live mode or to perform a clean or custom install.

          At the first glance, elementary OS 6 will look pretty much identical to the previous release, elementary OS 5. The light theme is enable by default and comes with various enhancements to be more pleasant to the eye, but elementary OS 6 also features a dark theme that looks really gorgeous.

      • EasyOS

        • EasyOS Dunfell-series 2.7.3

          EasyOS was created in 2017, derived from Quirky Linux, which in turn was derived from Puppy Linux in 2013. Easy is built in woofQ, which takes as input binary packages from any distribution, and uses them on top of the unique EasyOS infrastructure.

          Throughout 2020, the official release for x86_64 PCs was the Buster-series, built with Debian 10.x Buster DEBs.

          EasyOS has also been built with packages compiled from source, using a fork of OpenEmbedded (OE). Currently, the Dunfell release of OE has been used, to compile two sets of binary packages, for x86_64 and aarch64.

          The latter have been used to build EasyOS for the Raspberry Pi4, and first official release, 2.6.1, was in January 2021.

          The page that you are reading now has the release notes for EasyOS Dunfell-series on x86_64 PCs, also debuting in 2021.

          To try and keep things simple, all three, the Dunfell-series on Pi4 and the Dunfell-series and Buster-series on the PC, all are (approximately) sync’ed at the same version number.

          However, there are differences in the maturity of each. In the case of the Pi4, the hardware still has some issues. For Dunfell-series on the PC, as the packages are all compiled from source, they are not as tested as those in the Buster-series.

        • EasyOS version 2.7.3 released

          I recommend upgrading to 2.7.3, as has fixes for containers, such as for running Slacko.

        • Run Slacko 7.0 in a container in EasyOS

          Today downloaded the Slacko 7.0 ISO, extracted the SFS file from it and converted the SFS to EasyOS-compatible format. The steps are described here:

          https://easyos.org/dev/how-to-run-a-linux-distribution-in-a-container.html

          If you are running EasyOS, click on the “sfsget” icon on the desktop, click the “puppy/slackware/14.2″ radiobutton, and you will be able to download the Slacko 7.0 SFS file, and install it as a container.

        • Fix for local testing of SFS

          I had created a new one locally, at /mnt/wkg/sfs/puppy/slackware/14.2, but the GUI window ignored it.

          Note, my current host system is EasyOS 2.7.2 on my x86_64 PC, that picture above is when running on the Pi4, just putting it here to show what the SFS paths look like.

          The GUI was only showing online paths, so I have fixed the script, /usr/local/sfsget/sfsget, so will also show any extra local ones. Now able to test the new distro — will post about that separately!

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

      • Slackware Family

        • Slackware Releases Version 15.0 Beta: Look Out for These New Features

          Slackware Linux is a distro founded by Patrick Volkerding in 1993, the year he received his computer science degree from Minnesota State University Moorhead. The distro takes its name from a concept from the parody religion Church of the SubGenius, of which Volkerding is a member.

          Slackware is well-known for its attempts to create a true Unix-like Linux distribution. The configuration of the system is done through the command line and plain text configuration files. Slackware’s approach to package management exemplifies its ethos of technical simplicity. The packages are just compressed TAR files and the system leaves the users to manage any dependencies.

          The distro is popular for the glacial pace. The current stable release, 14.2, was released in 2016, an eternity in the fast-moving Linux world. But that doesn’t mean the pace of development has slowed behind the scenes. The changelog for the “current” development version, which will become 15.0, shows a flurry of activity.

      • IBM/Red Hat/Fedora

        • [Fedora] Community Blog monthly update: April 2021

          This is the latest in our monthly series summarizing the past month on the Community Blog. Please leave a comment below to let me know what you think.

        • Peter Robinson: Fedora on the Pinebook Pro

          First thing to note here is that this is not limited to the Pinebook Pro, I’m just using it as the example for 64 bit Rockchip devices with SPI flash on Fedora. This post is focused on devices with SPI but I’ll do a separate follow-up post for other devices including details for writing to eMMC over USB.

          The story of Fedora on the Pinebook Pro, and other Rockchip devices, has been a sordid story of a lack of time, bugs, rabbit holes, more bugs and various other things. Not at all sordid at all really, mostly just a lack of time on my behalf, and nobody else stepping up to assist in a way to benefit all Fedora users, mostly they do one time hacks to sort themselves. Overall the support in Fedora for Rockchip devices has been quite solid for a number of releases. The problem has been with the early boot firmware, notable because without SPI flash it wants to splat itself across the first 8Mb of the disk, and if there was SPI flash it generally wasn’t overly stable/straight forward.

          Anyway we’re now in a place where devices with SPI flash should mostly work just fine, those devices without it will work with a little manual intervention, and while the support isn’t complete, and will need more polish, they’re all details we can polish with little interruption to users by standard package updates. By default users will have accelerated graphics and from my testing on GNOME 40 it’s by all accounts a pretty decent experience!

        • Rocky Linux 8.3 Release Candidate Is Now Ready for Public Testing

          If you’ve been waiting for a CentOS Linux 8 replacement, the wait is almost over, as Rocky Linux now has a Release Candidate you can download and try on your machines to see what the fuss is all about for this free, community-supported and open-source Red Hat Enterprise Linux alternative.

          After AlmaLinux, now Rocky Linux steps up to conquer your server, promising a strong Red Hat Enterprise Linux 8.x base, 100% compatibility with CentOS Linux, as well as with numerous new features and improvements. In fact, Rocky Linux is created by the founder of the CentOS project, Gregory Kurtzer.

        • Rocky Linux release candidate is now available and is exactly what CentOS admins are looking for

          If I didn’t know the new Rocky Linux ISO image was a release candidate (RC), I’d have thought it to be a final release. It’s not, and the developer wants to make sure everyone is aware this first unleashing is not ready for production environments. For all the warnings, the Rocky Linux RC is remarkably stable and gives us a clear view of what’s to come from the original creator of CentOS.

          [...]

          The Rocky Linux RC1 release is available for x86_64 and AArch64 architecture and can be downloaded as a minimal, boot and full installation. Kurtzer opted to go with the same installer as CentOS, RHEL and AlmaLinux (Anaconda), so installation will be instantly familiar to anyone who’s installed any of the aforementioned Linux distributions.

        • Red Hat and IBM Research Launch the Konveyor Project

          Kubernetes, supported by a vibrant open source community, can drive outstanding innovation. To help in Kubernetes adoption, Red Hat and IBM Research have created Konveyor, an open source project aimed at helping modernize and migrate applications for open hybrid cloud by building tools, identifying patterns and providing advice on how to bring cloud-native transformation across IT. Konveyor also supports a growing number of tools, such as Crane, Forklift, Move2Kube, Tackle, and Pelorus, designed to accelerate Kubernetes adoption.

          Across industries, system administrators and developers are often the point teams driving digital transformation, helping the overall business benefit from modernized IT infrastructure, applications and services.

        • MLCommons seeks to simplify sharing ML models with MLCube

          Since the launch of MLCommons, Red Hat has been an active participant in the MLCube project hosted by the Best Practices Working Group. Red Hat employees are contributing to the design and development of this exciting project which aims to reduce friction around creating and consuming machine learning (ML) models.

        • 10 great sysadmin articles you might have missed from April 2021

          April 2021 was a great month for Enable Sysadmin. We published 30 articles and received 549,684 pageviews from over 370k unique visitors. Today, we are looking back at our top ten articles to give readers a chance to catch up on any of the great content they may have missed. In this list, you will see various topics covered and we are confident that some, if not all will be of interest to you.

        • May the Fourth be with you via Podman

          Happy May Fourth, everyone! A few weeks after Star Wars first released, I was lucky enough to see it in a Dolby theatre in Denver, CO. I was hooked, completely, and totally hooked. Over the past decade or so, I’ve built a really nice large screen television with surround sound setup and rarely go to the movies anymore. I wait for them to be streamed or hit Blue-Ray. I make an exception for Star Wars movies. Those I go see at least once at a theatre. Then yes, I buy a copy to watch at home when available.

          [...]

          So after a colleague said I should run it from a container, I thought I’d try doing so. I made a few attempts at getting it to run but ran into issues with Telnet both in the container and on my host. Google to the rescue. I discovered the ascii-telnet-server project.

        • Rocky Linux, AlmaLinux, CentOS & syslog-ng

          Last year, the CentOS project announced a major shift in strategy. Until recently, CentOS Linux has been a rebuild of Red Hat Enterprise Linux (RHEL) sources, each RHEL release was quickly followed by a corresponding CentOS Linux release. While CentOS 7 keeps working this way, CentOS 8 will reach its end of life by the end of this year. The CentOS project is focusing on CentOS Stream. It is a continuous stream of bug fixes and new features.

          Some of the users were not happy about the change, that is how Rocky Linux and AlmaLinux were born.

          As about 80% of syslog-ng Open Source Edition (OSE) installations run on CentOS and RHEL (if we do not count Kindle devices…), support for CentOS Stream and CentOS Linux alternatives is a returning question. From this blog, you can learn about CentOS Stream and CentOS Linux alternatives and how the situation is affecting syslog-ng OSE users.

        • Compliance clarity with Red Hat Insights

          Compliance and security management are interdependent. Compliance depends on security rules for enforcement. Security depends on clear compliance guidelines. Any lack of visibility to the enforcement of security policies as related to specific regulations can expose an organization to risk. With increased regulation, new business processes due to COVID, and reduced budgets, CIOs, compliance officers, system administrators and legal teams are seeking ways to work together to reduce risk.

          Organizations routinely conduct audits to identify gaps as regulations increase, but audits are not the best way to discover issues. Audits create stress for all. Red Hat Insights for Red Hat Enterprise Linux (RHEL) simplifies the management of compliance and security. Insights helps organizations address compliance in a systematic fashion and reduce operational costs. Insights can help enforce a variety of cybersecurity policies, (including PCI-DSS, HIPAA, CIS, etc.) that your organization needs to meet.

        • Event-driven APIs and schema governance for Apache Kafka: Get ready for Kafka Summit Europe 2021

          As a developer, I’m always excited to attend the Kafka Summit, happening this year from May 11 to 12. There are so many great sessions addressing critical challenges in the Apache Kafka ecosystem. One example is how changes to event-driven APIs are leading developers to focus on contract-first development for Kafka.

          In preparation for the upcoming Kafka Summit, this article discusses the journey Kafka users have taken to get on the API bandwagon and how developers are using contracts to describe brokers without losing control of their data in the cluster. A critical component for effective schema governance is having a schema registry such as Apicurio Registry. See the end of the article for information about Red Hat’s sessions during the Kafka Summit Europe 2021.

          [...]

          Implementing an event-driven architecture using Apache Kafka alongside the traditional API approach has brought new challenges and expectations. The conventional code-first workflow (of implementing the code first and then sharing the resulting API specification) includes many bottlenecks that prevent efficient progress. Developers are seeking a new direction for discoverability and access to event-stream endpoints.

        • Red Hat Announces The Open Source StackRox Community

          Red Hat has announced the StackRox community, the upstream project that will work to open source and manage the code that powers Red Hat Advanced Cluster Security for Kubernetes.

        • Introducing the open source StackRox community

          Red Hat is excited to introduce the StackRox community, the upstream project that will work to open source and manage the code that powers Red Hat Advanced Cluster Security for Kubernetes. We believe the StackRox community will help drive significant innovation and benefits for users when it comes to security — an industry that has traditionally been dominated by proprietary solutions. Customers, partners and other interested contributors can learn more about joining the community at stackrox.io.

          Since acquiring StackRox in February 2021, Red Hat has been actively working through the various considerations, both technical and legal, involved in the open sourcing process. At Red Hat, we believe using an open development model helps create more secure, stable and innovative technologies. This commitment to the tenets of open source is the core of our business model today, making our drive to fully open source the StackRox technology another example of how closely we hold the value of open code and development.

        • Custom policies in Red Hat 3scale API Management, Part 2: Securing the API with rate limit policies

          In Part 1 of this series, we discussed the policy framework in Red Hat 3scale API Management—adding policies to the APIcast gateway to customize API request and response behavior. In this article, we will look at adding rate limiting, backend URL protection, and edge limiting policies to the APIcast gateway. We’ll also review which policies are appropriate to use for different use cases.

        • IT job hunt: 3 tips to get a recruiter’s attention

          There’s a skill shortage for tech talent. If you’re a developer or data scientist, you might think that puts you in the driver’s seat for most jobs. While supply and demand play a role, for top IT roles it’s still essential to stand out early in the process. Here are three ways to do that.

        • 4 Artificial Intelligence (AI) skills IT pros must have

          Artificial Intelligence (AI) has arguably become a household term in modern enterprises. By now, most companies have embraced some type of business initiative that includes AI in their digital transformation.

          Artificial Intelligence is a broad term, but much current research and development focuses on machine learning (ML), a subdiscipline whereby machines learn from data as opposed to being explicitly programmed.

          [...]

          The essential question is whether such data has the potential to solve the business problem at hand. While the answer is not always immediately obvious, it begins with a hypothesis stemming from prior analysis or perhaps simply based on intuition. For example, a business experiencing high customer churn might hypothesize that recent changes in commercial activity could predict future attrition.

        • Optimizing the Clang compiler’s line-to-offset mapping

          Recently, I’ve been trying to improve the speed of the Clang compiler for C and C++. When I profile the Clang pre-processing step on a large file, one function quickly stands out:

          clang::LineOffsetMapping::get(llvm::MemoryBufferRef Buffer, llvm::BumpPtrAllocator &Alloc)
          This function basically allocates a vector (through Alloc) that maps line numbers to offsets in a file (loaded in Buffer). That’s a surprisingly standalone function, so it’s easy to extract it in a micro-benchmark and go for an optimization journey. This article is a kind of log book of that trip.

      • Canonical/Ubuntu Family

        • Linux Mint’s ‘Warpinator’ file transfer app arrives on Android

          The process of copying files from one computer to another can be surprisingly difficult, especially without using flash drives or other external storage. That’s why the developers behind the Linux Mint desktop operating system developed Warpinator, an application for copying files over a local network. However, the tool only worked on Linux-based systems, until now.

          Warpinator was released by the Linux Mint project in September of last year, and it can be installed on many other Linux distributions (including the Linux container on Chrome OS) through the Flatpak version. Czechia-based developer Slowscript has now created an Android application using the same protocol (via OMG Ubuntu). The app can be used for copying files to/from a Linux PC with the original Warpinator app, or copying data from other Android devices. In the latter case, it’s an alternative to Google’s own Nearby Share, which only works on devices with Google Mobile Services.

        • Elementary OS 6 Beta Now Available

          Additionally, elementary OS 6 includes Flatpak apps out of the box, and the announcement states that all AppCenter apps in elementary OS 6 and beyond will be built as Flatpaks.

          The elementary OS team also notes that beta releases are not meant for use in production; however, they invite users to begin testing elementary OS 6 now.

        • Elementary OS 6 Beta Is Here: What’s New and How to Download It?

          It has been more than a year since the last major release of elementary OS. Ever since then, its popularity has grown multifold thanks to its unique philosophy and desktop environment. After fastidious development over the past few months, the elementary OS team is finally ready to unveil their major release of 2021.

          Elementary OS 6 Odin is right around the corner and the public beta builds are now available for Linux enthusiasts to download and experience before the stable release.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Nextcloud And OpenProject Join Forces, Announce Integration Features

        The integration between Nextcloud and OpenProject will offers enterprises a data sovereignty and increase in productivity.

        Nextcloud is the worlds’ most deployed on-premises content collaboration platform. It is open-source software that allows you to run a personal cloud storage service. Nextcloud has features that are comparable to other services such as Dropbox.

        OpenProject is a free and open source online project management software with collaboration features. It is being used in the public sector, IT & technology, education and research industry as well as in manufacturing, health care, construction and non-profit.

        Today these two companies announced collaboration and integration features. The OpenProject and Nextcloud integration will improve the productivity of their enterprise users. It combines the strength of market leading content collaboration platform Nextcloud and the leading open source project management software OpenProject.

      • Nextcloud, OpenProject Announce Integration Features

        Nextcloud and OpenProject have announced the results of initial integration efforts, with further work in development. The integration will improve the productivity of enterprise users without requiring them to risk compliance and data leaks by losing control over their content to foreign SaaS providers.

      • Web Browsers

        • Mozilla

          • Pale Moon 29.2.0 does not support legacy Firefox extensions anymore that are not ported

            When Mozilla switched from its legacy add-on system to WebExtensions, Firefox forks such as Pale Moon saw an increase in users who wanted to keep using extensions that Mozilla’s new system did not support anymore. Not all extensions did work, but many did, and users could continue using these extensions.

            The release of Pale Moon 29.2.0 changes the browser’s extension compatibility in a major way, as it removes support for legacy Firefox extensions that are not adjusted to work with the Pale Moon browser. About 230 extensions are currently available for Pale Moon on the official Pale Moon Add-ons website, including popular extensions such as Decentraleyes, uBlock Origin (Legacy), or FoxyProxy.

            According to a forum post by Moonchild, Pale Moon project owner, support for Firefox extensions was always considered temporary by the development team. Classic Firefox extensions may not install at all in Pale Moon or may introduce compatibility issues, and that is one of the main reasons for blocking classic Firefox extensions in Pale Moon 29.2.0.

          • Spidermonkey Development Blog: Private Fields and Methods ship with Firefox 90

            Firefox will ship Private Fields and Methods in Firefox 90. This new language syntax allows programmers to have strict access control over their class internals. A private field can only be accessed by code inside the class declaration.

      • Productivity Software/LibreOffice/Calligra

        • Apache OpenOffice Recommends upgrade to v4.1.10 to mitigate legacy vulnerability

          Who: Apache OpenOffice, an Open Source office-document productivity suite comprising six productivity applications: Writer, Calc, Impress, Draw, Math, and Base. The OpenOffice suite is based around the OpenDocument Format (ODF), supports 41 languages, and ships for Windows, macOS, Linux 64-bit, and Linux 32-bit. Apache OpenOffice delivers up to 2.4 Million downloads each month.

          What: A recently reported vulnerability states that all versions of OpenOffice through 4.1.9 can open non-http(s) hyperlinks, and could lead to untrusted code execution.

        • Apache OpenOffice Vulnerable To One-Click Code Execution

          If you are still relying on Apache OpenOffice in 2021 you might want to really make it a goal this year to transition to the much more featureful LibreOffice, but in any case you’ll want to move at least to OpenOffice 4.1.10.

          Apache OpenOffice 4.1.10 was released today to address a vulnerability affecting all versions of OpenOffice. Due to the way Apache OpenOffice pre-4.1.10 handles non-HTTPS hyperlinks, it could lead to “1-click” untrusted code execution.

      • FSFE

        • NGI0: How the FSFE Helps Free Software Developers Engineer a Better Internet

          With the FSFE in its 3rd and final year of its involvement in the European Commission’s NGI0 Initiative, the feedback of our work in this area has been positive. Today, we give you updates of what the team has been working on with this initiative, and share the feedback from various developers on how we’ve managed to help them.

          What will the Internet of the future look like? The European Commission’s (EC) Next Generation Internet Initiative (NGI) envisions an Internet that is accessible, diverse, and respects the fundamental value of privacy. Here at the FSFE, we believe that Free Software is key to accomplish this vision, so that all people, regardless of their background, are able to use the Internet as an effective tool to achieve their full potential.

          “NGI0 not only made it possible to pursue our goals by supplying funding. I was approached a number of times by professionals whom I learned to respect for their knowledge and concrete support, ranging from security to usability, internationalisation, licensing and copyrighting and putting what we do in a perspective of inclusiveness and diversity. Their help will go a long way to improve our products and I am sure to seek out other partners to the NGI0 project before we’re done.”

          [...]

          Many participating software projects may also have many legal questions pertaining to the various licenses relevant to their work. While the FSFE assists them with the more basic questions, they can also receive guidance and advice on more complex legal issues from ifrOSS. In the last two years, we have provided guidance with inquiries on a variety of topics, including inquiries related to license implementation and compatibility issues, dependency management, managing external contributions, licensing scanning tools, trademark issues, potential licensing violations and hardware licenses.

          “Regarding REUSE, we have learnt a lot. We realise that the idea behind REUSE is simple, clear, and powerful… Nowadays, Free Software projects become more and more complicated, and many components/files of a single project have different license/copyright information. REUSE helps a lot on tracking the status of this information in our project.”

      • FSF

        • The Free Software Foundation reveals how RMS was re-elected and its future [Ed: Steven J. Vaughan-Nichols is a corporate anti-Software Freedom shill because that’s what his sponsors at ZDNet pay for. He used to be credible; now he’s a man with an agenda, and we know whose. Monopolies'…]

          The Free Software Foundation (FSF) re-admitting its founder Richard M. Stallman (RMS) to its board in late March caught everyone, including FSF members and staff, by surprise. Many — both outside and inside the FSF — objected to RMS’s return. Weeks later, RMS offered a defensive non-apology apology for the words and actions that led to his resignation from the FSF. But how RMS returned to the FSF remained a mystery… until now.

        • GNU Projects

          • A redux of the Linux movement in open source pharma [Ed: Truly incredible how they managed to 'miss' GNU and the real movement, the Free software movement. Revisionism in full swing.]

            Thirty years ago, a 21-year-old student at the University of Helsinki put out a message on a bulletin board, “i am doing a (free) operating system (just a hobby, won’t be big or professional..),” and asked for feedback. Little did he know that these few words would be the beginning of a gigantic revolution that would transform digital life around the world. This was the birth of the free operating system that came to be known as Linux, named after the kid, Linus Torvalds, who invented it. It is the basis of all the open-source free software that powers most computers around us. For instance, all the world’s top 500 supercomputers run on Linux. More than 70% of mobile handsets run Android, which is free and open source, developed by Google and inspired by Linux. About 95% of public cloud services use an open-source hosting platform called Kubermetes, also part of the Linux revolution. Linux or its derivatives are in most embedded systems, automotive software, entertainment consoles, gaming, aviation and even high-end applications, including possibly space and defence. The ubiquity of Linux and its descendants is astonishing for something which is essentially free and developed by a community of tens of thousands of developers driven merely by their passion, not monetary gains. The free software is distributed under the Gnu Public License version 2 (GPLv2), whose key condition is that the complete source code be made available to the user, and any modification or improvement done by a user is to be ‘given back’ on the same terms to the open-source community. There are thousands of businesses that run on free software and are profitable. As all adherents to the free software dogma will tell you, it is free as in freedom (to modify) and not as in ‘free beer’. Thus, free software is not anathema to making profits. But the core ideology is allergic to patents and intellectual property rights, which ‘lock up’ knowledge, rather than keep it open for further improvements and creativity. Indeed, one maxim of free software developers is that “given enough eyeballs, all bugs are shallow”, famously articulated by Eric Raymond. That is, all bugs get ironed out if the whole community is working on the software. The beta tester is the most valuable resource, and advocates of free software believe in frequent releases of newer versions, thus making it robust and stable.

      • Programming/Development

        • How (and why) to rid software of insensitive language. [Ed: This is a sort of corporate trolling (against communities) by inherently racist monopolies, looking to deflect from their own bad behaviour]

          I’ve been in the software industry for a long time. As those that work here know, and those that use software can see, it changes quickly. I feel like I’m releasing a new feature or fix every other day. It’s actually one of the amazing things about the software industry, and something that I genuinely love. But as fast as the industry moves there is one area that seems to be out of step with the world – the words and phrases we continue to use when developing and in documentation.

          Some words of course don’t matter, but then there are the words that can evoke a gut wrenching feeling every time they are read or heard. Words like “master”, “slave”, “blacklist”, “dummy”, etc., may mean nothing to you beyond what they are used for in your industry, but to others they could be triggering thoughts and emotions that you might only sympathetically understand. While it’s easy to dismiss these words as “no big deal” because “the usage has no connection to the emotional triggers,” does that really matter? Isn’t it just better to err on the side of avoiding the possibility of triggering further negativity?

        • Qt 6.0.4 Released

          I am happy to inform we have released Qt 6.0.4 today.

          From the Qt 6.0.4 Release Note you can find the list of fixes and the overview of all important changes in the Qt 6.0.4 release. Qt 6.0.4 will be the last release from Qt 6.0 series but don’t worry: Qt 6.1.0 is released soon and we will continue releasing patch releases to the top of it like we did with Qt 6.0.

        • The various ways to check if an integer is even

          But actually, the way most people test whether a number is even is wrong. It’s not your fault, computers think differently than we do. And in most cases, the compiler fixes your mistake for you. But it’s been a long day of talking about Alpine governance, so I thought I would have some fun.

          However, a quick note: for these examples, I am using ML, specifically the OCaml dialect of it. Translating these expressions to your language however should not be difficult, and I will provide C-like syntax for the right answer below too.

        • Python and me, or when in Rome…

          I’ve written in the past somewhat opaquely about certain programming languages and my complaints about them. One that I’m not afraid to complain about by name is Python. You can look in enough of my old posts to see this pattern keeps coming up. It never fails to make my life more interesting than it has to be.

          So, with that said, one of the things I decided we needed at $COMPANY was something that would let us handle SEVs (you know, outages, site events, whatever?) well. What they had already when I arrived was, to put it mildly, cute. It was basically a wrapper around the Jira category they already had to track these things, plus it would blast out mails to extra places when someone commented in the tool. Unfortunately, those mails also tended to start full-on reply-to-all spam fests due to their scattershot nature. *Every person* was getting *every update* to *every SEV*.

        • Linux X86 Assembly – How to Build a Hello World Program in NASM

          A processor understands bytecode instructions specific to that architecture. We as humans use mnemonics to make building these instructions easier than remembering a bunch of binary codes. These mnemonics are known as assembly instructions. This is one of the lowest levels of programming that can be done. This programming is a bit of a lost art and I remember trying to learn about it, there was not much material on the internet regarding it. This series is designed to discuss some basic tutorials and to give examples for people to get started with when it comes to building X86 assembly on Linux-based systems.

        • Shell/Bash/Zsh/Ksh

          • Linux Fu: Mixing Bash And Python | Hackaday

            Although bash scripts are regularly maligned, they do have a certain simplicity and ease of creation that makes them hard to resist. But sometimes you really need to do some heavy lifting in another language. I’ll talk about Python, but actually, you can use many different languages with this technique, although you might need a little adaptation, depending on your language of choice.

            Of course, you don’t have to do anything special to call another program from a bash script. After all, that’s what it’s mainly used for: calling other programs. However, it isn’t very handy to have your script spread out over multiple files. They can get out of sync and if you want to send it to someone or another machine, you have to remember what to get. It is nicer to have everything in one file.

        • Rust

          • Rust programming language: We want to take it into the mainstream, says Facebook

            Facebook has joined the Rust Foundation, the organization driving the Rust programming language, alongside Amazon Web Services, Google, Huawei, Microsoft, and Mozilla.

            Facebook is the latest tech giant to ramp up its adoption of Rust, a language initially developed by Mozilla that’s become popular for systems programming because of its memory safety guarantees compared to fast languages C and C++. Rust is appealing for writing components like drivers and compilers.

          • Rust 1.52.0 pre-release testing

            The 1.52.0 pre-release is ready for testing. The release is scheduled for this Thursday, May 6th. Release notes can be found here.

          • Rust Core Team Update: May 2021

            Hey everyone! Back in August of last year, the core team wrote a blog post titled “Laying the foundation for Rust’s Future.” Ever since then, the Core Team has been doing a tremendous amount of work to help get the foundation going, and prepare the project for the changes that have now occurred because of these events.

            But that also means we’ve been very quiet! This sort of work has largely been focused inward, and not really something that’s visible from the outside, even if you are on a Rust team. However, thanks to these efforts, the Foundation now exists, and is starting to work on its mission. That also means it’s time for the core team to shift the focus of its work.

    • Standards/Consortia

      • Link-o-Rama: FTP is 50, stick with email, FVWM(3) …

        The File Transfer Protocol is now 50 years old. 50. FTP has outlasted quite a few protocols in that time, evolved a great deal, and been used to transfer Heaven only knows how many files. I hope that Abhay Bhushan is basking a bit in the knowledge that his creation is still widely used half a century later.

      • Understanding OpenSSH’s future deprecation of the ‘ssh-rsa’ signature scheme

        More or less a year ago I flailed around about what this meant. Now I think that I understand more about what is going on, enough so to talk about what is really affected and why. Helping this out is that since the OpenSSH 8.5 release notes, OpenSSH has had the current, more explicit wording above about the situation.

  • Leftovers

    • Notes From Below

      In the midst of the Great Depression, a series of ghostly and mysterious thefts flummoxed the Los Angeles Police Department. In November of 1931, $11,000 went missing from a safe at the Owl Drug Company, with no sign of breaking and entering. Then a safe was emptied in a nearby clothing store. Over the next few months, blankets, typewriters, and other items disappeared from stores in the neighborhood without a trace.1

    • ED’S DESK: Town Gripped By Shock-Horror Crime Wave Of Biblical Proportions… Ish

      If you live in Far North Queensland, we’ve got some good news and we’ve got some bad news. The bad news is you’re currently in the grip of a crime wave that defies description… and logical statistical analysis. The good news is that’s just the opinion of some News Corp hacks plus one old man who spends his lunch breaks on a park bench shouting at clouds… because they’re really toxic gas blooms controlled by Vladimir Putin! Over to Ed’s Desk, an occasional New Matilda column where we take an actual news story that got published, and waste 10 minutes of your life trying to fix it.

    • Adjunct Hell

      Not so long ago, there seemed to be something radical in rejecting the future. Looking back, it’s easy to see why. In the 1990s, history was over; the United States and capitalism had won. Strutting conservative televangelists and smug liberal technocrats took turns running the world. Globalization promised more of everything: more productivity, more innovation, more wealth. Economic prosperity and regressive moralism went hand in hand. The nuclear family was once again sacred, and non-normative sexuality remained stigmatized: Don’t ask, but also don’t tell. Conservatives—as well as some liberals—supported any policy that promised to protect children, born and unborn, so they might take advantage of the bright future that awaited them. Meritocracy was supposedly thriving, even as inequality prevailed everywhere.

    • Apollo acquires Verizon’s Yahoo and AOL businesses for $5B

      Private equity firm Apollo Global Management has acquired Verizon’s media group for $5 billion, the two companies announced Monday.

      Verizon Media, which includes properties from the former internet empires of AOL and Yahoo, will be rebranded as “Yahoo,” the announcement said. Verizon said it will keep a 10 percent stake in the company.

      The sale includes online news outlets TechCrunch, Yahoo Finance, Engadget and others. Apollo and Verizon said they expect the sale to close in the second half of 2021.

    • Apollo’s $5 Billion Bet on Yahoo Aims to Go Beyond Advertising

      Along with Yahoo, Apollo is getting AOL, TechCrunch, Ryot, Built By Girls and Flurry. Guru Gowrappan, who headed the division for Verizon, will be chief executive officer of Yahoo. Verizon will keep a 10% stake in the venture.

      Apollo partner Reed Rayman said he hopes to take these primarily advertising-driven media brands and augment them with new products like subscription services and sports betting.

    • Science

      • [Former FSF Board Member] Benjamin Mako Hill: NSF CAREER Award

        In exciting professional news, it was recently announced that I got an National Science Foundation CAREER award! The CAREER is the US NSF’s most prestigious award for early-career faculty. In addition to the recognition, the award involves a bunch of money for me to put toward my research over the next 5 years. The Department of Communication at the University of Washington has put up a very nice web page announcing the thing. It’s all very exciting and a huge honor. I’m very humbled.

        The grant will support a bunch of new research to develop and test a theory about the relationship between governance and online community lifecycles. If you’ve been reading this blog for a while, you’ll know that I’ve been involved in a bunch of research to describe how peer production communities tend to follow common patterns of growth and decline as well as a studies that show that many open communities become increasingly closed in ways that deter lots of the kinds contributions that made the communities successful in the first place.

      • [Curl dev] Daniel Stenberg: Every base is base 10

        Since I consider this picture such an iconic classic and masterpiece, I decided I better host it here in a small attempt to preserve it for everyone to enjoy.

    • Education

    • Hardware

      • New Spectre vulnerabilities discovered on Intel and AMD processors

        The problem with both the original Spectre and these new Spectre vulnerabilities is that they’re built into the hardware. One method could be disabling micro-op cache or halting speculative execution, but as the researchers noted, this fix would “effectively roll back critical performance innovations in most modern Intel and AMD processors, and this just isn’t feasible.”

      • Billions of computers at [cracking] risk: Indian-origin scientist

        However, researchers, led by Ashish Venkat at the University of Virginia’s School of Engineering and Applied Science, UVA Engineering, discovered that computer processors are open to [crackers] again.

        They found a whole new way for [crackers] to exploit something called a “micro-op cache,” which speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process.

        Micro-op caches have been built into Intel computers manufactured since 2011.

    • Health/Nutrition

      • Ted Cruz, Mike Lee Are Only Two “No” Votes on Bipartisan Drinking Water Bill
      • India and Brazil’s COVID Crises Show We Must End the Fiction of Borders
      • West Virginia Community Flooded With Opioids Takes Big Pharma to Court in Landmark Trial

        “After facing this crisis head on for far too long, our day in court is finally here,” said the mayor of Huntington, W.V.

      • Modi is Singularly Responsible for India’s Pandemic Disaster

        Only a few months ago, Indian Prime Minister Narendra Modi was basking in the glow of success at beating the virus and scientific experts were confounded as to why COVID-19 infections and related deaths were falling. India had access to two vaccines, a homegrown one developed by Bharat Biotech, and the Oxford-AstraZeneca vaccine that was being mass-produced at Indian facilities. Mask wearing was reportedly nearly universal, and the Wall Street Journal hailed India’s “proven pandemic strategy.”

        So, what happened?

      • Brazilian Senate Will Question: Bolsonaro on COVID-19 Response

        According to the British Broadcasting Corporation (BBC) News, the Brazilian Senate commission will be investigating whether or not the Bolsonaro administration’s response time to COVID-19 in Brazil has been adequate; whether or not Bolsonaro has minimized the severity of the pandemic; whether or not there has been a lack of procurement of medical equipment to handle the virus; whether or not the promotion of unproven medications such as hydroxychloroquine by Bolsonaro and his administration was appropriate; whether or not President Bolsonaro had allowed the Coronavirus to spread in order to attain herd immunity; and whether or not the Bolsonaro administration committed genocide against the Brazilian Amerindian population by not controlling the deadly variant of COVID-19 and providing adequate support to indigenous peoples.

        In addition, the inquiry by the Brazilian Senatorial Commission may weaken Bolsonaro’s presidency and may lead to criminal procedures and/or impeachment. This is significant since the next Brazilian presidential election is in 2022. What the Commisão Parlamentar de Inquérito (CPI) finds may in fact derail Jair Bolsonaro’s chances for winning the presidency altogether.

      • As Global Pandemic Worsens, U.S. Keeps Blocking Vaccine Patent Waivers Amid Big Pharma Lobbying

        Big Pharma has hired an army of lobbyists to pressure U.S. lawmakers to block an effort at the World Trade Organization to loosen intellectual property rules on COVID-19 vaccines, which would allow countries around the world to ramp up production, vaccinate more people and bring the pandemic to an end sooner. Dozens of countries from the Global South, led by India and South Africa, are demanding a temporary waiver on vaccine patents, but rich countries, including the U.S. under both the Trump and Biden administrations, have opposed the move. Lee Fang, investigative journalist at The Intercept, says there is a “glut” of vaccines going to wealthy countries while much of the rest of the world is left waiting. “These initiatives that are based on voluntary agreements with the pharmaceutical companies have not worked,” he says. Fang also discusses his reporting on the Biden’s administration’s ties to the vaccine makers: White House adviser Anita Dunn is co-founder of the consulting firm SKDK, which works closely with Pfizer; Biden’s domestic policy adviser, Susan Rice, holds up to $5 million in Johnson & Johnson shares; and White House science adviser Eric Lander holds up to $1 million in shares of BioNTech, which co-developed Pfizer’s coronavirus vaccine.

      • Missouri GOP Lawmakers Block Expansion of Medicaid, Despite Voter Referendum
      • Opinion | Big Pharma Patents on Covid-19 Vaccines Must Be Waived to Save the World

        In the long term we must treat public health as a common good, a good upon which all of our virtues depend

      • US Keeps Blocking Vaccine Patent Waivers Amid Big Pharma Lobbying
      • Opinion | Why Canada Must Support the WTO Waiver on Covid-19 Vaccines

        Expanding access to life-saving medical technologies during this pandemic is exactly what the world needs.

      • Opinion | Bayer Goes After Mexico for Glyphosate Ban

        The pressure by the agribusiness industry continues, but we will keep up our fight.

      • Counties Most Vulnerable to COVID Have Been the Slowest to Vaccinate
      • To unblind or not to unblind COVID-19 vaccine trials?

        One longstanding tactic of the antivaccine movement has been the oversimplification of complex questions of science and ethics in such a way as to imply nefarious intent on the part of vaccine manufacturers, public health officials, physicians, and vaccine advocates. The idea, of course, is that somehow we are all “sabotaging” the science in order to cover up evidence of massive harm due to vaccines. This tactic has, in particular, been weaponized in the era of the COVID-19 pandemic, largely because of uncertainty in the science and the fast pace of scientific discovery. More importantly, the fast pace of vaccine development has left open a door to this tactic of oversimplification. An excellent example of this tactic comes in the form of an article published by one of the foremost promoters of antivaccine disinformation and COVID-19 quackery and crankery, “alternative health” tycoon Joe Mercola. His talking point comes in the form of an article entitled “Vaccine Makers Destroy COVID Vaccine Safety Studies”.  His objection? That Pfizer and Moderna going to unblind the clinical studies that led to the emergency use approvals (EUAs) issued for their vaccines.

      • The U.S. never had a shot at herd immunity

        As Mandavilli explains, there’s a lot of reasons that herd immunity is simply unachievable in the current situation, but there is no doubt that “[s]kepticism about the vaccines among many Americans” is playing a major role. She delicately avoids digging in deeper, but anyone who has been paying attention in recent months understands what this means: It’s Republicans.

        The last big poll released on this question was by Monmouth University in mid-April and the news was not good: Nearly half of Republican voters flat-out refuse to get the vaccine. That number has been steadily climbing, in response to a heavy push from Fox News to demonize the vaccine and the spread of anti-vaccination conspiracy theories on social media.

      • Pressure Mounts to Lift Patent Protections on Coronavirus Vaccines [Ed: Previous headline was better: "Biden Confronts Coronavirus Vaccine Patents" (who changed it and why?)]

        President Biden, faced with surging Covid-19 crises in India and South America, is under intensifying pressure from the international community and his party’s left flank to commit to increasing the vaccine supply by loosening patent and intellectual property protections on coronavirus vaccines.

        Pharmaceutical and biotech companies, also feeling pressure, sought on Monday to head off such a move, which could cut into future profits and jeopardize their business model. Pfizer and Moderna, two major vaccine makers, each announced steps to increase the supply of vaccine around the world.

        The issue is coming to a head as the World Trade Organization’s General Council, one of its highest decision-making bodies, meets Wednesday and Thursday. India and South Africa are pressing for the body to waive an international intellectual property agreement that protects pharmaceutical trade secrets. The United States, Britain and the European Union so far have blocked the plan.

      • Covid-19: F.D.A. to Authorize Pfizer Vaccine for Adolescents by Early Next Week

        New York, New Jersey and Connecticut will let most businesses fully reopen in mid-May and New York City will return to 24-hour subway service. But the virus continues to rage across the world: A lack of oxygen has led to a wave of deaths in India on Sunday.

    • Integrity/Availability

      • Proprietary

        • ‘Google Smell’: Amazing New App Helps Your Phone Detect Bullsh*t (And Theft)

          If you’ve been following a battle in the United States between tech giant Google and tech not-so-giant-but-still-bloody-big Oracle, you’ll be disappointed (or not) to know that it’s over. Spoiler alert: Google won. Nathan Mattock and Emma Johnsen from Marque Lawyers* explain why, and what that might mean for Australia.

        • Fortnite made more than $9 billion in revenue in its first two years

          The document doesn’t break down how much Epic specifically profited from Fortnite, but the company reported more than $5.5 billion in profit from the two-year period.

        • Lucas Chess Now Available On Linux, Here Is How To Install It

          One of the most amazing piece of free chess software now has an experimental binary version to Linux.

          Lucas Chess is a free, long standing, chess training and playing program that is suitable for absolute beginners, grandmasters, and anyone in between the two extremes. The program has 61 engines prepared to play from the start, and with very different levels, from 0 to 3300 elo.

        • Crowdfunded “Mi Mini PC” Windows 10 Mobile PC remains undelivered after 3 years

          There were early red flags shorting after the launch of the campaign with the developer making unrealistic claims about a free upgrade from Atom x7 to Core M3-7Y30, and no pictures of an actual prototype.

        • KB5001391 is another Windows update that you should not install, except..

          Microsoft released the Windows update KB5001391 on April 28, 2021 as an optional update for Windows 10 version 2004 and 20H2. The update falls into the C-category of updates for Windows, which means that it includes only non-security fixes and that installation is not mandatory.

          [...]

          The update fixes a number of issues, including a memory usage growth issue in lsass.exe that causes the system to become unusable, a high CPU usage issue caused by race conditions, and an issue with a deadlock in NTFS.

          It is also the update that introduces Microsoft’s News and Interests widget on the Windows 10 taskbar. The feature is being rolled out gradually to all devices that have the update installed.

        • Don’t Ignore Ransomware. It’s Bad. [iophk: Windows TCO]

          My colleague Nicole Perlroth has spent years chronicling the proliferation of cyberattacks, including ransomware. She spoke to me about steps that the U.S. government and individual organizations could take to better prevent it. Nicole tried to be hopeful but she has a discouraging diagnosis of ransomware’s root cause: America has failed to invest in its defense.

        • Pseudo-Open Source

        • Security

          • Despite many false alarms, Linux malware scares still abound

            Despite numerous false alarms from security firms in the past — which have been enthusiastically spread by technology writers — it still appears that all a security firm or group of researchers has to do to gain some headlines is to write a post mentioning Linux and malware in the same sentence.

            On 28 April, a Chinese research group NetLab published details about what it claimed was a “long live secret backdoor with 0 VT detection”. The word Linux was not in the headline, but once one read the first paragraph, there it was in bold text: “A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least 3 years.” [emphais as in original]

            Some basic questions were not answered – and they were asked by someone who posted a response to the blog.

            This user, who goes by the name John Mellor, asked: “Anyone can write an executable to do nefarious things, but what is the entry path onto the system? What compromise is used to install it? Who uses that package and has it misconfigured to allow this executable to be installed? Without this key information, this admittedly excellent analysis of the payload is useless. What is the CVE number?”

          • A Now-Patched Linux Kernel Vulnerability Could Lead To Data Leaks [Ed: Grossly overrated and mostly hyped up (at one time) by Microsoft-connected media, looking to distract from the back doors Microsoft puts in virtually everything]

            Researchers from Cisco Talos spotted a serious information disclosure vulnerability in Linux Kernel.

            Sharing the details in a post, the researchers stated that the bug, CVE-2020-28588, could expose stack memory to an attacker. Hence, exploiting this bug would allow an adversary to exploit the data leak and target more unpatched Linux bugs.

          • Wladimir Palant: Universal XSS in Ninja Cookie extension

            The cookie consent screens are really annoying. They attempt to trick you into accepting all cookies, dismissing them without agreeing is made intentionally difficult. A while back I wrote on Twitter than I’m almost at the point of writing a private browser extension to automate the job. And somebody recommended Ninja Cookie extension to me, which from the description seemed perfect for the job.

            Now I am generally wary of extensions that necessarily need full access to every website. This is particularly true if these extensions have to interact with the websites in complicated ways. What are the chances that this is implemented securely? So I took a closer look at Ninja Cookie source code, and I wasn’t disappointed. I found several issues in the extension, one even allowing any website to execute JavaScript code in the context of any other website (Universal XSS).

          • [Older] Building a security response team in Alpine

            Starting this past month, thanks to the generous support of Google and the Linux Foundation, instead of working on the usual Alpine-related consulting work that I do, I’ve had the privilege of working on various initiatives in Alpine relating to security that we’ve needed to tackle for a long time. Some things are purely technical, others involve formulating policy, planning and recruiting volunteers to help with the security effort.

            For example, my work to replace poorly maintained software with better replacements is a purely technical security-related effort, while building a security response team has social aspects as well as designing and building tools for the team to use. Our security issue tracker has gone live and is presently being tested by the community, and with that work we’re already off to a great start at an organized security response.

            If you didn’t know what Alpine Linux is already, it is a popular Linux system with over a billion installations on Docker alone. By building on efficient building blocks, such as the musl C library and busybox, Alpine maintains a slim installation image size while also providing the conveniences of a general-purpose Linux distribution. As a result, Alpine has been deployed as the base of many Docker images, has been ported to hundreds of devices as the basis of postmarketOS, has been used to build hundreds of appliances with LinuxKit and has been deployed everywhere from 5G networks to solar farms and oil rigs thanks to the work done by Zededa with Project EVE. With all of this growth in the few years, it’s important to rethink a lot of things in the distribution including our approach to security.

          • What3Words Sends Ridiculous Legal Threat To Security Researcher Over Open Source Alternative

            A couple years we wrote about What3Words, and noted that it was a clever system that created an easy way to allow people to better share exact locations in an easily communicated manner (every bit of the globe can be described with just 3 words — so something like best.tech.blog is a tiny plot near Hanover, Ontario). While part of this just feels like fun, a key part of the company’s marketing message is that the system is useful in emergency situations where someone needs to communicate a very exact location quickly and easily.

          • Critical 21Nails Exim bugs expose millions of servers to attacks

            Newly discovered critical vulnerabilities in the Exim mail transfer agent (MTA) software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations.

            The security flaws (10 remotely exploitable and 11 locally) found and reported by the Qualys Research Team are collectively known a 21Nails.

            All versions released before Exim 4.94.2 are vulnerable to attacks attempting to exploit the 21Nails vulnerabilities.

          • An important Exim security release

            There are, it seems, 21 vulnerabilities in the Exim email server that have been fixed in the 4.94.2 release; at least some of these are remotely exploitable for root access. “The current Exim versions (and likely older versions too) suffer from several exploitable vulnerabilities. These vulnerabilities were reported by Qualys via security@exim.org back in October 2020. Due to several internal reasons it took more time than usual for the Exim development team to work on these reported issues in a timely manner.” See this advisory from Qualys for the details.

          • Security updates for Tuesday

            Security updates have been issued by Debian (bind9, chromium, exim4, and subversion), Fedora (exiv2 and skopeo), openSUSE (gsoap), Oracle (bind, kernel, and sudo), SUSE (bind, ceph, ceph, deepsea, permissions, and stunnel), and Ubuntu (clamav, exim4, openvpn, python-django, and samba).

          • Privacy/Surveillance

            • Coalition Mobilizes to Protect Billions of WhatsApp Users From Facebook’s Privacy Invasion

              “We can’t let Mark Zuckerberg continue to get filthy rich off of this exploitation of our personal info. We must reclaim our privacy.”

            • Sechin’s special forces Journalists spent years under FSB surveillance after gaining access to ‘private’ Instagram pics

              For years, the Russian FSB had investigative journalist Roman Anin and his former colleagues from the independent newspaper Novaya Gazeta under surveillance. This began in 2016, after Anin authored a report for the newspaper about a multi-million dollar yacht allegedly belonging to Olga Rozhkova — who was married to Rosneft CEO Igor Sechin at the time. A month ago, FSB agents raided Anin’s apartment in connection with this case. Though he is considered a witness thus far, Anin is convinced that the authorities want to make him a suspect in the investigation. In a new report published by Novaya Gazeta and iStories — the investigative outlet where Roman Anin is now editor-in-chief — the journalist breaks down the case materials, revealing which investigators have been handling the case and how the investigation is connected to Sechin and the FSB.

            • Opinion | More Domestic Spying Power Is Not the Answer

              We are told by some opponents of the far-right that supporters of equality and civil liberties should not be worried about expansions of U.S. surveillance and counterterrorism capabilities.  They are wrong.

            • Apple Was Smart Not To Put a Key Ring Doohickey On Airtags | by Anthony Lawrence | Tony’s Tech Corner | May, 2021 | Medium

              I picked up two Airtags at my local Apple store yesterday. I have keyring holders on order from Belkin, but those won’t ship until June.

              That’s okay. Our Tile trackers died more than a year ago and I’ve been waiting since then for the Airtags, so another few months for the holders won’t kill me.

              Those Tile trackers had a hole for a keyring, but they were not the models with a replaceable battery, which is why they died. Tile does make models with changeable batteries, and the Tile models were everyone’s top recommended brand for years.

    • Defence/Aggression

      • Opinion | Want Fewer Police Shootings? Get Armed Cops Out of Traffic Enforcement

        Removing armed police officers from traffic enforcement and turning it over to civilians should be a major goal of the racial justice movement.

      • National Lawyers Guild Urges Biden to Align US Israel-Palestine Policy With International Law

        “The United States cannot turn its back on the atrocities, including war crimes, enabled by U.S. policies, particularly its decadeslong policy of shielding Israel from accountability.”

      • On World Press Freedom Day, US Report Reveals ‘Startling Extent of Police Violence Against Journalists’

        The Reporters Committee for Freedom of the Press found that as the country faced a wave of demonstrations last year, “journalists covering those protests were arrested and attacked in record numbers.”

      • University of California Pushes to Militarize and Expand Its Police Force
      • 125 Democrats Say Military Aid to Israel Shouldn’t Depend on Human Rights Record
      • The Empire Within

        Not long after the publication and surprise success of her first novel, The God of Small Things, in 1997, Arundhati Roy was invited onto a live radio show in London. The appearance did not go to plan. As she recalled in a 2018 lecture:1The other guest was an English historian who, in reply to a question from the interviewer, composed a paean to British imperialism. “Even you,” he said, turning to me imperiously, “the very fact that you write in English is a tribute to the British Empire.” Not being used to radio shows at the time, I stayed quiet for a while, as a well-behaved recently civilized savage should. But then I sort of lost it, and said some extremely hurtful things. The historian was upset, and after the show told me that he had meant what he said as a compliment, because he loved my book. I asked him if he also felt that jazz, the blues, and all African American writing and poetry were actually a tribute to slavery. And whether all of Latin American literature was a tribute to Spanish and Portuguese colonialism.2Books in ReviewYi Sang: Selected WorksBy Yi Sang; Don Mee Choi, ed.; Jack Jung, Don Mee Choi, Sawako Nakayasu, Joyelle McSweeney, trans.

      • The Cold War Truth Commission Part 2 – The Project Censored Show

        Notes: Medea Benjamin co-founded the organizations Code Pink and Global Exchange. Her books include “Inside Iran” and “Kingdom of the Unjust.” Eric Mann is Director of the Labor-Community Strategy Center in Los Angeles, co-chair of the L.A. Bus Riders’ Union, and the author of “Playbook for Progressives.” Marcy Winograd is Coordinator of Code Pink Congress and a retired school teacher. Mickey Huff teaches History and Journalism at Diablo Valley College in northern California; he’s also the Director of Project Censored and the host of the Project Censored Show. Jeff Cohen is founder of the media-watch group FAIR, and co-founder of RootsAction.org. Rachel Brunke (Witness for Peace Southwest) and Frank Dorrel (Veterans  or Peace) were the hosts of the event.

      • Democratic Senator Under Fire for Invoking January 6 Attack to Justify Opposing Vaccine Patent Waiver

        “He is choosing to support vaccine apartheid to protect the pharma industry that has given tens of thousands to his campaign.”

      • Rape and Ethnic Cleansing in Tigray

        Unleashing this kind of sentiment is a dangerous tactic in a country as ethnically diverse and restive as Ethiopia. The several hundred reported rapes must be an underestimate, though by how much is impossible to tell: many parts of Tigray are even now still impossible to access.

        Abiy Ahmed’s government is overseeing ethnic cleansing, which partly explains the prevalence of rape allegations in the western part of Tigray. A chunk of the region was granted to the Tigrayans by the then Tigrayan-dominated government, which instituted a more decentralized ethno-federalism through its 1995 constitution. The new federal regions, which have the right to secede, were granted revenue-raising powers. This Tigrayan insurance against future federal domination also helped the coalition government they led until 2018 divide and rule Ethiopia according to ethnic groupings, a strategy which may now be unravelling spectacularly in a country where inter-ethnic violence is always looking for a walk-on part.

      • Opinion | Oppression in the Form of Israeli Dates

        It is imperative that we follow in the footsteps of the revolutionaries’ tea boycott, the historic Delano Grape Boycott, and boycott the Israeli date industry, too.

      • A City Wrestles

        On the same day as the Chauvin verdict, Portland police shot and killed Robert Delgado, a man experiencing houselessness, within four minutes of arriving to Lents Park, where he had been carrying a toy gun. This added even more chaos to our already Def-Con 9 situation.

        The damage to a Boys and Girls club wrought by rioters that night in NE Portland made no sense, even in a city dubbed “Little Beirut” by President George H.W. Bush’s Secret Service, after protesters in the late 1980’s and early 1990’s cemented our national reputation as a protest problem child.

      • Black Women Matter
      • Fifth Circuit Strips Immunity From Cops Who Ended A Mental Health Crisis By Restraining A Man To Death

        The Fifth Circuit is the worst place to bring a civil rights lawsuit against law enforcement officers. But that may slowly be changing, thanks in part to the Supreme Court, which has played its own part in making qualified immunity an almost insurmountable obstacle in civil cases. Over the past few months, the Supreme Court has reversed and remanded two cases handled by the Fifth Circuit Court of Appeals, ruling that the lower court’s extension of qualified immunity was the incorrect conclusion.

      • Chicago Police Need “Overhaul” After Foot Chases Led to Alvarez & Toledo Killings Within 48 Hours

        More than 100 people marched alongside the family of Anthony Alvarez in Chicago Saturday, calling for the police officer who shot and killed him to be charged. Newly released video reveals police killed 22-year-old Alvarez while he was running away during a foot chase. Police have not said why they initially confronted and then chased Alvarez, who was killed just two days after Chicago police shot dead another young Latinx male, 13-year-old Adam Toledo. This comes four years after the Department of Justice found foot pursuits by Chicago police were leading to too many deaths. Now Chicago’s mayor and police superintendent say a new police foot pursuit policy is underway. “We need to do a complete overhaul of our Chicago Police Department,” says Luis Gutiérrez, former Democratic congressmember for Illinois. “There is this real sense that Brown and Black lives, they don’t have the value that they should when Chicago police officers confront our youth.”

      • May Day 1971: Daniel Ellsberg on Joining Noam Chomsky, Howard Zinn at Historic Antiwar Direct Action

        This week marks the 50th anniversary of the 1971 May Day protests, when tens of thousands of protesters demonstrated against the Vietnam War in Washington, D.C., and brought much of the capital to a standstill through acts of civil disobedience. The mass demonstrations terrified the Nixon administration, and police would arrest over 12,000 people — the largest mass arrest in U.S. history. Pentagon Papers whistleblower Daniel Ellsberg, who attended the May Day protests, says it was part of a wave of popular discontent about the war that mobilized millions. “There was a movement of young people who felt that what was happening in the world … was wrong, had to change, and they were ready to risk their careers and their lives to try to change it. And we need that right now,” Ellsberg says. He recently spoke with Amy Goodman at an event marking the 50th anniversary of the release of the Pentagon Papers. We play excerpts from that conversation, which also included National Security Agency whistleblower Edward Snowden.

      • Opinion | The Squad and Their Allies Should Unite to Block Biden’s Massive Military Budget

        This is the moment to put a stop to runaway spending on war and the nuclear arsenal.

      • First test in Malta: Frontex drones approaching

        A reconnaissance drone is to track down boats carrying refugees in the central Mediterranean Sea in the future, the main contractor is the Airbus Group. The range of the deployed „Heron 1“ also enables flights off the coasts of North Africa.

      • The Cyber Cold War Is Here [iophk: Windows TCO]

        I’m thinking about vulnerabilities that lurk in your garage (your car), your house (your computer), and even your pocket (your phone). Like those devices of yours, all connected to the Internet and so [crackable], American businesses, hospitals, and public utilities can also be hijacked from a distance thanks to the software that helps run their systems. And don’t think that the US military and even cybersecurity agencies and firms aren’t seriously at risk, too.

        Such vulnerabilities stem from bugs in the programs—and sometimes even the hardware—that run our increasingly wired society. Beware “zero-day” exploits—so named because you have zero days to fix them once they’re discovered—that can attract top-dollar investments from corporations, governments, and even black-market operators. Zero days allow backdoor access to iPhones, personal e-mail programs, corporate personnel files, even the computers that run dams, voting systems, and nuclear power plants.

        It’s as if all of America were now protected by nothing but a few old padlocks, the keys to which have been made available to anyone with enough money to buy them (or enough ingenuity to make a set for themselves). And as if that weren’t bad enough, it was America that inadvertently made these keys available to allies, adversaries, and potential blackmailers alike.

      • Saudi Arabia Is Trying to Sell Its Ultra-Authoritarian Monarchy to Middle America

        In recent months, the Saudi lobby has increasingly moved from K Street to Main Street — traveling widely outside the Beltway in a bid to shore up support for the country’s brutal monarchy.

      • Boko Haram forcefully converting Nigerians to Islam in Niger – Fani Kayode alleges

        According to the former minister, the Boko Haram insurgents are forcefully converting Nigerians to Islam.

      • “Nation is on fire”: Nigerian lawmakers demand action on security crisis

        In the northwest, gunmen have kidnapped more than 700 schoolchildren since December, as militants pillage communities in the region.

        In the northeast, the armed forces are still struggling in a 12-year war with Boko Haram and Islamic State’s West Africa branch. On Sunday, more than 30 soldiers died in an attack, soldiers and a resident said.

        “The nation is on fire,” said Smart Adeyemi, a senator in Buhari’s ruling party. “The president must rise to the occasion and bring in people to save this country or else we will be consumed. We cannot keep quiet any longer.”

      • Fishmongers’ Hall: Prison chaplain ‘conned’ by ‘remorseful’ terrorist

        Jonathan Hough QC, counsel to the inquiry, asked: “Would it have surprised you that, around the time Usman Khan was… engaged in victim awareness, there was intelligence he was trying to radicalise other prisoners?”

        Mr Hough also said that, at the time of his release, there was intelligence that Khan might commit an attack.

    • Environment

      • The Corpus Christi Water Wars

        But the residents living in the shadow of the massive plant will face other dangers. “This is a very dirty manufacturing process,” says Neil Carman, the clean-air director at the Lone Star Chapter of the Sierra Club. Carman was also an inspector for 12 years with the state air-quality regulator that preceded the Texas Commission on Environmental Quality (TCEQ), the agency that granted Exxon SABIC the permits to build the facility. “The people living in the community are going to be exposed to a toxic soup of carcinogens, mutagens that change the DNA, teratogens that cause birth defects and many, many other health effects,” he says. “The people in the area are going to be guinea pigs. It’s a sacrifice zone.”

        Volatile organic compounds, nitrogen, carbon monoxide, sulfide, sulfuric acid mist, and sulfur dioxide will all be released into the air, according to Exxon SABIC’s air quality permit. But TCEQ says that they conducted a review of the possible health impacts on people living nearby and on sensitive subgroups such as children or the elderly and that they expect no adverse short-term or long-term effects. “These concentrations were evaluated against guidelines established by toxicologists that assure no expected health impacts and, where concentrations were higher than the guidelines, toxicologists reviewed the potential impacts to confirm no adverse effects would be expected,” TCEQ says.

      • Only intact forests can stave off climate change

        The world’s forests are supposed to stave off climate change. Left alone, perhaps they could. But they’re not being left alone.

      • What Would a Deep Green New Deal Look Like?

        But the last of these hits a stumbling block.  Creation of all forms of energy contributes to the destruction of nature and human life.  It is possible to increase the global quality of life at the same time we reduce the use of fossil fuels and other sources of energy.  Therefore, a “deep” GND would focus on energy reduction, otherwise known as energy conservation.  Decreasing total energy use is a prerequisite for securing human existence.

        Recognizing True Dangers

      • The Father of Environmental Justice Isn’t Done Yet

        In 1979, Robert Bullard and a team of 10 graduate students spent weeks poring over city records, library archives, and microfiche, searching for landfill locations in Houston, a sprawling, 557-square-mile city that’s home to nearly 1.5 million people. There was no Google or geographic information systems, no iPhones or laptops. To find a landfill, Bullard and his students had to follow the paper trails of permits, deeds, and licenses. The project took over Bullard’s living room and ate up his weekends and holidays.1This story was published in partnership with the Texas Observer.

      • In ‘Critical and Totally Doable First Step,’ EPA Proposes Phasedown of Climate Super-Pollutants

        With this rule to reduce hydrofluorocarbons, “EPA is taking another significant step under President Biden’s ambitious agenda to address the climate crisis,” said the agency’s administrator.

      • Energy

        • Green Groups Sue Army Corps of Engineers Over Nationwide Pipeline Permit

          “There’s simply no justification for allowing destructive and dangerous pipelines to avoid rigorous environmental review.” 

        • Exposing High Seas Crime With Journalism—and Help From Music

          About 100 miles off the coast of Thailand, three dozen Cambodian boys and men worked barefoot all day and into the night on the deck of a purse seiner fishing ship. Fifteen-foot swells climbed the sides of the vessel, clipping the crew below the knees. Ocean spray and fish innards made the floor skating-rink slippery. 

          Seesawing erratically from the rough seas and gale winds, the deck was an obstacle course of jagged tackle, spinning winches and tall stacks of 500-pound nets. Rain or shine, shifts ran 18 to 20 hours. At night, the crew cast their nets when the small silver fish they target — mostly jack mackerel and herring — were more reflective and easier to spot in darker waters. 

        • Environmental groups sue Army Corps of Engineers over pipeline permitting

          A coalition of five environmental groups on Monday sued the U.S. Army Corps of Engineers, saying the corps did not properly analyze environmental impacts when issuing a broad pipeline permit.

          The plaintiffs, which include the Center for Biological Diversity, Sierra Club, Friends of the Earth, Waterkeeper Alliance and Montana Environmental Information Center, filed the lawsuit in federal court in Montana.

          The permit at issue, Permit 12, is a so-called nationwide permit that streamlines the pipeline permitting process. The corps estimates its 2021 version will be used more than 40,000 times over the next five years.

        • Total declares force majeure on Mozambique LNG after insurgent attacks

          French energy group Total declared force majeure on its $20 billion liquefied natural gas (LNG) project in Mozambique and confirmed it had withdrawn all staff from the construction site following insurgent attacks last month.

          Dozens of civilians were killed in the Islamic State-linked attacks in the coastal Mozambique town of Palma, near gas projects that are worth $60 billion and are aimed at transforming the East African nation’s economy.

        • Rich People Are Fueling Climate Catastrophe — But Not Mostly Because of Their Consumption

          Rich people have enormous carbon footprints. But the fundamental problem with their climate impact isn’t what they consume — it’s that they own the means of production, and it’s extremely profitable for them to pollute.

      • Wildlife/Nature

        • Páramos at Risk: The Interconnected Threats to a Biodiversity Hotspot
        • Protecting nature can lower risk of armed conflict, says conservation body

          Over the last 30 years, countries have been more prone to conflict when natural resources like agricultural land and water become scarce or degraded, such as in areas where droughts are frequent, said a report released by the organisation, which brings together governments, green groups and scientists.

        • Hold on! 240-pound fish, age 100, caught in Detroit River

          “Based on its girth and size, it is assumed to be a female and that she has been roaming our waters over 100 years. She was quickly released back into the river” after being weighed and measured, the Fish and Wildlife Service said.

          The typical lifespan is 55 years for a male sturgeon and 70 to 100 years for females, according to the Michigan Department of Natural Resources.

        • 240-pound sturgeon caught in Detroit River among biggest ever recorded in US

          The crew of three — two women and a man all in their 30s — measured and tagged the fish, a female, with a chip similar to what people put in their pets. So if anyone ever caught it again in the next 100 years, they’d know it was the same one.

        • ‘Once in a lifetime’ sturgeon, nearly 7 feet long, caught in Detroit River

          “Lake sturgeon are a threatened species in Michigan. Around the early 1900s is when the lake sturgeon populations really declined,” the 33-year-old Howell resident said. “Overfishing and water quality has also been a problem.”

          The Detroit River provides a perfect habitat for spawning — indeed that’s probably what the massive fish was doing when her day was interrupted. Sturgeon need rocky shoals, which are plentiful in the river as well as the Upper St. Clair River and St. Mary’s River in the Upper Peninsula. The U.S. Fish and Wildlife Service has partnered with other agencies to restore this habitat in seven locations in recent years.

        • 240-pound sturgeon caught in Detroit River likely a century old

          Officials believe the fish has been roaming the Detroit River and surrounding waters for more than 100 years, hatching in the Detroit River around 1920.

    • Finance

      • Housing and the Rising GDP

        Productivity Growth Looks Strong

        The strong growth in the quarter also implies that the pick-up in productivity growth seen in 2020 is continuing. After growing at just a 1.0 percent annual rate for the prior decade, productivity increased by 2.5 percent from the fourth quarter of 2019 to the fourth quarter of 2020.

    • AstroTurf/Lobbying/Politics

      • America Hacks Itself

        Maybe when I say that what comes to mind are all the potholes on your street. Or the dismal state of public transportation in your city. Or crumbling bridges all over the country. But that’s so twentieth century of you.

        America’s most urgent infrastructure vulnerability is largely invisible and unlikely to be fixed by the Biden administration’s $2 trillion American Jobs Plan.

      • Liberty for Whom?

        “Give us liberty and give them death,” said David Duke at a rally for the Ku Klux Klan in Baton Rouge, La., in 1975. His thunderous words were a play on the famous quotation from Patrick Henry, “Give me liberty or give me death.” Henry’s statement was intended to express his commitment to the well-known American ideal of freedom, which he and his peers took to be at stake in their forthcoming revolutionary struggle with the British Empire. But when Duke gave this speech as the Grand Dragon of the Knights of the Ku Klux Klan, he had in mind another ideal with deep roots in American history: racial domination.

      • Biden Raises Refugee Cap to 62,500—While Admitting US Will Fall Short

        “This erases the historically low number set by the previous administration of 15,000, which did not reflect America’s values as a nation that welcomes and supports refugees.”

      • The Squad & Co: Unite as a Block to Downsize Biden’s Military Budget

        Imagine this scenario: A month before the vote on the federal budget, progressives in Congress declared, “We’ve studied President Biden’s proposed $753 billion military budget, an increase of $13 billion from Trump’s already inflated budget, and we can’t, in good conscience, support this.”

      • Chris Hedges: Don’t Be Fooled By Joe Biden

        Don’t be fooled by Joe Biden. He knows his infrastructure and education bills have as much chance at becoming law as the $15-dollar minimum wage or the $2,000 stimulus checks he promised us as a candidate. He knows his American Jobs Plan will never create “millions of good paying jobs – jobs Americans can raise their families on” any more than NAFTA, which he supported, would, as was also promised, create millions of good paying jobs. His mantra of “buy American” is worthless. He knows the vast majority of our consumer electronics, apparel, furniture and industrial supplies are made in China by workers who earn an average of one or two dollars an hour and lack unions and basic labor rights. He knows his call to lower deductibles and prescription drug costs in the Affordable Care Act will never be permitted by the corporations that profit from health care. He knows the corporate donors that fund the Democratic Party will ensure their lobbyists will continue to write the laws that guarantee they pay little or no taxes. He knows the corporate subsidies and tax incentives he proposes as a solution to the climate crisis will do nothing to halt oil and gas fracking, shut down coal-fired plants or halt the construction of new pipelines for gas-fired power plants.  His promises of reform have no more weight than those peddled by Bill Clinton and Barack Obama, who Biden slavishly served and who also promised social equality while betraying working men and women.

      • If You Don’t Op-Ed, Will You Get Enough?

        Today’s readers may not realize that “op-ed” is shorthand for placement “opposite the editorial” page in the layout of unfolded newsprint.  Yet while some of its format is specific to what one book title called “The Vanishing Newspaper” as early as 2004, the op-ed’s essentials deserve better than to silently crumble like the yellowing journalism of last week’s newspaper.

        The format might seem to exemplify what Noam Chomsky calls mainstream media’s efforts “to strictly limit the spectrum of acceptable opinion, but allow very lively debate within that spectrum — even encourage the more critical and dissident views.” Chomsky’s own views were among the most critical and dissident solicited by the Times, an offer he declined because his academic background made “it enormously more difficult to write 700 words than 7000.”

      • GOP Still Wants to Pretend the Preservation of Slavery Wasn’t a Major Reason for the American Revolution

        This time it is President Joe Biden’s desire to bring America’s history of slavery out of the shadows using, in part, the 1619 Project. Naturally, Biden’s desires did not sit well with Senate Minority Leader Mitch McConnell who has asked Education Secretary Miguel Cardona to order schools to stop teaching the New York Times’ Pulitzer-Prize winning history project.

        McConnell and his colleagues objected to one specific mention in the 1619 Project that suggests the American Revolution was fought, in part, to maintain slavery.

      • The Center Cannot Hold in Spain, but Can the Left Take Advantage?

        One week was all it took for one of Spain’s five major national political parties to collapse. On March 10, Ciudadanos, a center-right party, thought it could shore up its flagging base with a sly move to grab power in a regional parliament. Together with the center-left Socialist Party, it presented a no-confidence vote in the coastal region of Murcia to try to oust the conservative—and deeply corrupt—Partido Popular (PP) from power. The move backfired. Within a week, the feud between the PP and Cuidadanos blew up their alliances across the country, torpedoing several regional governments, while numerous Ciudadanos deputies decamped to the PP. Seeking an opportunity to consolidate power, Isabel Díaz Ayuso, the right-wing PP governor of Madrid known for refusing to impose a lockdown, called for snap elections in the region home to the Spanish capital.

      • Sanders Accuses McConnell of Hypocrisy and Corruption in Scathing KY Speech
      • At Kentucky Rally, Sanders Blasts McConnell for ‘Working Overtime’ to Reward the Rich and Block Progress

        “If Senator McConnell and Republicans in the Senate continue their strategy of obstructionism, it means passing a progressive agenda through the Senate with 51 votes.”

    • Misinformation/Disinformation

      • Trump’s Facebook account should never be reinstated because we know what he’d use it for

        With so few on-camera appearances, how did the Big Lie permeate so quickly? Well, while Trump wasn’t appearing on camera, he did remain online. He posted to his personal social media accounts more than 2,200 times between the election and the insurrection: using the Trump Twitter archive, I counted more than 1,520 tweets on his personal account and, with help from Media Matters and use of the Newswhip tool, found at least 757 Facebook posts.

        And, of the 29 tweets used as evidence by House impeachment managers who tried Trump before the Senate on charges of “incitement of insurrection against the Republic he swore to protect,” 22 of them appeared in identical forms on Facebook.

    • Censorship/Free Speech

      • Rep. Lauren Boebert Decides To Streisand Parody Site Making Fun Of Her, Threatens To Take Legal Action Against It

        Rep. Lauren Boebert is one of the new crew of elected Republicans who claims to be “pro-Constitution” and “pro-freedom” but when you get down into the details, it seems that the only part of the Constitution that matters to her is the 2nd Amendment. The website for her campaign proudly states that she’s “Standing for Freedom” and is “Pro-Freedom, Pro-Guns, Pro-Constitution.”

      • Activists in Russia say military conscription is a weapon for silencing dissent

        While military service is mandatory in Russia, with more than 250,000 men between the ages of 18 and 27 conscripted each year, many Russians get out of it through medical or educational exemptions. Some also simply ignore the summons or pay bribes.

        But for those harbouring opposition sympathies, avoiding service is a more complicated endeavour.

        The opposition and rights activists say conscription in recent years has become another weapon in the authorities’ arsenal in their drive to silence dissent.

      • Facebook Bans Redfish For Commemorating Nazi Defeat

        Russia’s multimedia agency Ruptly on Friday informed that Facebook deleted its Redfish page for posting archive photos commemorating the defeat of the Fascist regime in Italy and remembering the atrocities of the Holocaust.

        “Facebook deleted our page, mentioning that our posts violate its community standards. Yet another left-wing media is being censored when the far-right-wing is rising worldwide,” Redfish tweeted.

    • Freedom of Information/Freedom of the Press

      • Two theories Why did the Russian authorities designate Meduza as a ‘foreign agent’?

        As you may have learned from the crowdfunding banners now adorning this website, the Russian authorities designated Meduza as a “foreign agent” on April 23. Our new status in Russia has chased away advertisers and deprived us of revenue, endangering Meduza’s continued existence. We asked the Justice Ministry why it believes we are “foreign agents,” and officials sent a formal response (translated below) that explains almost nothing. Why did the Justice Ministry act now? Why did it target Meduza? And who ordered this? Meduza correspondents spoke to sources with knowledge of the Kremlin’s inner workings and found two plausible theories.

      • Detained Australian journalist in China warned family should not raise her case

        Australian journalist and CGTN news anchor Cheng Lei (成蕾), who was detained in China last August for allegedly leaking national secrets, has met virtually with Australian diplomats.

        According to ABC News, the mother of two is being held in a Beijing prison without charge and has repeatedly been denied access to a lawyer. In February, Chinese Foreign Ministry Spokesperson Wang Wenbin (汪文斌) confirmed that Chinese authorities had arrested Cheng for allegedly funneling state secrets abroad.

      • Killing Hong Kong’s Free Press Will Harm Its Economy

        The Chinese government is making a high-stakes bid to force Hong Kong—long an outpost of freedom—into abject political and civic submission while sustaining the territory’s status as a global hub for finance and a gateway to the mainland’s vast markets.

        But key features of Hong Kong’s cosmopolitanism—its free press, provisions for access to government data, and international media presence—are facing dire pressure and constraints, interrupting the flow of news and information that commerce and culture depend on. Beijing has concluded Hong Kong’s traditionally diverse, freewheeling, and professional media sector threatens the drive to bring the territory’s venerable legal, political, and educational institutions—and its restive population—to heel.

        As corporations weigh their responsibilities in relation to social justice and democracy in the United States, banks and businesses contemplating a future in Hong Kong should consider the moral and practical implications of remaining in a city where press freedom and professional journalism are being systematically snuffed out to enable a determined clampdown on democracy and freedom.

      • US Government Marks World Press Freedom Day By Ignoring Their Attacks On Press Freedom

        Secretary of State Antony Blinken marked World Press Freedom Day by calling attention to governments that are “becoming less transparent” and “more repressive.”“Some governments incarcerate journalists, harass them, target them for violence,” Blinken stated. “Some use other, more subtle [methods] like mandating professional licenses for journalists and using endless bureaucracy to keep them out of reach, or imposing high taxes on newsprint to push independent media out of business.”Blinken’s comments entirely ignored press freedom in the United States and instead focused on countries like China, Russia, Pakistan, Venezuela, Turkey, Hungary, and “third world countries” in Africa and Central Asia. Yet, he could have been describing his country.In 2020, 416 journalists were assaulted. One hundred and thirty-nine journalists were arrested or detained. One hundred and nine journalists had their equipment damaged. Thirty-one journalists or news organizations were subpoenaed, according to the U.S. Press Freedom Tracker curated by the Freedom of the Press Foundation and several other leading press freedom organizations.On average, the police kill about three men per day (or 1,000 people each year). Only a small fraction of these killings result in uprisings, but when they do, journalists face repression from local police forces and city governments that decline to intervene.Journalist Linda Tirado lost an eye in 2020 while covering the uprising after George Floyd was murdered.After Kim Potter, a white police officer in Minnesota, killed a 20 year-old black man named Daunte Wright, journalists were attacked with “crowd control” munitions. A CNN team complained of assault and harassment. Two reporters with the Minnesota-based social media news outlet Neighborhood Reporter were detained.Several Minneapolis Star-Tribune journalists were assaulted by police: reporter Andy Mannix was hit by a “less-lethal” munition in his foot, photojournalist Mark Vancleave’s hand was injured by a rubber bullet, and photojournalist Carlos Gonzalez was pepper-sprayed.During the first 100 days of President Joe Biden’s administration, the White House has failed to take any meaningful action that would bolster First Amendment rights and improve press freedom in the United States. The Knight First Amendment Institute put forward a “First Amendment agenda” for the Biden administration in December. Of the 12 items, just three were completed.Biden’s administration released the report from the Director of National Intelligence’s office on the role of Saudi Arabia’s Crown Prince Muhammad bin Salman in the murder of journalist Jamal Kashoggi.Sanctions on International Criminal Court investigators were lifted on April 2. They were levied by former President Donald Trump in retaliation for an inquiry into war crimes in Afghanistan, and violated the First Amendment by “impeding U.S. citizens and residents from engaging in protected advocacy and association,” according to the Knight Institute.A Trump executive order targeting “diversity training” in the workplace, which encouraged “viewpoint-based discrimination” when federal contracts were awarded, was overturned as well.However, the Biden Justice Department continues to target journalists and their sources with the U.S. Espionage Act.Attorney General Merrick Garland has allowed the extradition case to proceed against former WikiLeaks editor-in-chief Julian Assange.Assange has been detained at the Belmarsh high-security prison in London for more than two years, and every reputable press freedom organization recognizes the case poses a distinct threat to journalism.For example, Reporters Without Borders international campaigns director Rebecca Vincent pointed out, “If the U.S. government is successful in securing Assange’s extradition and prosecuting him for his contributions to public interest reporting, the same precedent could be applied to any journalist anywhere. The possible implications of this case simply cannot be understated. It is the very future of journalism and press freedom that is at stake.”“It is clearly politically motivated and intended to make an example of Assange and create a chilling effect on media around the world,” Vincent added.Furthermore, instead of abandoning the prosecution launched under Trump, the Biden Justice Department secured a guilty plea from Daniel Hale, a former military contractor and drone whistleblower.Hale helped expose the targeted assassination program, including drone warfare. He pled guilty on March 31 to one charge of violating the Espionage Act, when he provided documents to Intercept co-founder Jeremy Scahill and anonymously wrote a chapter in Scahill’s book, The Assassination Complex: Inside the Government’s Secret Drone Warfare Program.Astonishingly, prosecutors refused to dismiss additional charges and cancel the trial altogether. Hale is set to be sentenced in July, and if prosecutors are not pleased with the severity of the sentence, they can continue to target an unemployed military veteran already coping with mental health problems.NSA whistleblower Reality Winner and FBI whistleblower Terry Albury remain in prison after the Trump administration prosecuted them under the Espionage Act. NSA whistleblower Edward Snowden lives in exile in Russia as the government maintains their prosecution, even seizing profits from his memoir and any speaking engagements.The Biden administration has done nothing to rein in policies that allow Customs and Border Patrol (CBP) agents and Immigration and Customs Enforcement (ICE) officers to engage in suspicionless searches of travelers’ electronic devices in violation of both the First and Fourth Amendments.On February 9, 2021, the First Circuit appeals court overturned a district court decision and claimed “reasonable suspicion is not required before a border agent can conduct a basic search,” according to the Knight Institute, which filed the lawsuit. They also contended “probable cause is not required before a border agent can conduct an advanced search.”Between 2006 and June 2018, according to a report from the Committee to Protect Journalists (CPJ), “37 journalists were stopped collectively for secondary screenings more than 110 times.”“Many of the 37 cases identified for this report were among journalists who travel to the Middle East or report on terrorism or national security—all factors that increase the likelihood of being stopped,” CPJ added. “Arabs, Muslims, and individuals of Middle Eastern or South Asian descent face increased scrutiny at the border, according to the ACLU and other civil liberties organizations.”Canadian journalist Ed Ou traveled to the U.S. to cover the protests at Standing Rock in October 2016. He was questioned about his interest in indigenous groups. An officer even said “covering a protest is not a valid reason to come into the country.”Ou worked in authoritarian countries previously and secured all his electronics before traveling to those countries.  However, he was not prepared to do this in a “liberal democracy like the U.S., which claims to protect press freedoms and freedom of expression.”In another lawsuit by the Knight Institute, the Biden administration is defending a prepublication review system former government employees, especially those who work in security agencies, must submit to in order to publish books. It frequently employs arbitrary and politically driven censorship to suppress content that could embarrass the U.S. government.

        Mark Fallon, a former Naval Criminal Investigative Service employee, is a plaintiff, and he waited almost eight months for a review of his book about torture policies under President George W. Bush to be completed. A letter had to be sent to six senators. Numerous requests for updates were sent. Fallon went to the press, and the ACLU and Knight Institute got involved before a review was completed.

      • Opinion: Journalists are never truly free in Pakistan

        The world knows of press freedom in Pakistan through statistics and reports of censorship on content.

        I know of press freedom in Pakistan through lived reality because I have watched fantastic journalistic pieces be deleted and authors being told to steer clear of topics that clash with companies’ interests — for example investigations of how powerful fashion houses exploit their laborers.

      • Zimbabwe court quashes criminal charges against journalist

        Zimbabwe’s High Court on Wednesday quashed charges of communicating false information levelled against journalist and government critic Hopewell Chin’ono, saying the law used by police to arrest him in January no longer existed.

        Chin’ono, who has a large social media following, has been critical of President Emmerson Mnangagwa’s rule, accusing his government of corruption and mismanagement.

    • Civil Rights/Policing

      • Confirming GOP Fears, Poll Shows For the People Act Is Popular With Republican Voters

        Still, as long as Senate Republicans refuse to support the bill, passing electoral reforms depends on eliminating the filibuster, which conservative Democrats have yet to endorse.

      • Critics Decry Unconstitutional Abortion Ban in Lubbock, Texas
      • With Just a Few Migrant Families to Reunite, ACLU Calls for Citizenship and No Future Separations

        “We are happy that the first four families will be reunified this week, but this is only the beginning of a very long process involving more than 5,500 children.”

      • Russian LGBTQ activist and artist Yulia Tsvetkova goes on hunger strike

        Over the weekend, artist and LGBTQ rights activist Yulia Tsvetkova, who is facing charges for the criminal distribution of pornography over drawings she posted on social media, announced a hunger strike.

      • Ignorance Does Not Lead to Freedom

        Foreign terrorists did not manipulate them. They earnestly believed as President Donald Trump told them that day and for weeks beforehand, that Congress was about to trample on their freedom and liberty. Most of them could have been your white neighbors.

        Thomas Jefferson in a letter to a friend pointed out that the lack of an educated populace leads to the expectation that they can be both ignorant and free in a state of civilization and open to demagoguery.  Jefferson wrote they expect “what never was and never will be.” That unrealistic expectation is at the crux of why our nation’s schools must teach civics so that as adults, they understand what is possible in a democracy and the principles that sustain it.

      • The Biggest Bust Ever: Direct Action Lessons From Three Days in May of 1971

        That bust was the last gasp of three days of mass protest activity, in Washington, D.C. over the Vietnam War. It resulted in the largest number of civil disobedience-related detentions in U.S. history—12,000 in all, including a record-breaking single-day total of 7,000 people arrested on May 3, 1971.

        To conduct this unprecedented round-up—later found to be unlawful—President Richard Nixon deployed far more law enforcement and military personnel than the Trump Administration used, in the same city, last year.  Organizers of the May, 1971 anti-war actions had publicly announced their intention to shut-down the nation’s capital–by blocking its streets, bridges, and buildings. But that plan was thwarted by nearly 20,000 local, state, and federal police officers, National Guard members, U.S. Marines, paratroopers from the Army’s 82nd Airborne Division, and the Sixth Armored Cavalry from Fort Meade in Maryland.

      • Levada Center: Russians name Putin’s address and the Navalny protests as April 2021’s most memorable events

        According to survey results from the independent Levada Center, 17 percent of respondents named Vladimir Putin’s State of the Nation address as the most memorable event of April 2021. 

      • How NYPD’s Vice Unit Got Prostitution Policing All Wrong

        In recent months, the city and state of New York have moved to decriminalize prostitution. State lawmakers repealed a law that made “loitering” to sell sex a crime. District attorneys in Manhattan, Brooklyn and Queens announced that while they would continue to prosecute pimps, sex traffickers and “johns” who pay for sex, they would be referring men and women involved in prostitution to social service agencies. The DAs dropped thousands of cases of unlicensed massage, prostitution and loitering dating back to the 1980s.

        The changes came after a ProPublica series on prostitution arrests in New York City that began with a basic question: What are the costs (or possible benefits) to society of sending police officers out to arrest people for prostitution? As with many investigative stories, this one began with a specific tip about an undercover cop who was purportedly entrapping women and a few men into offering to sell sex. We didn’t know his name, just that he was referred to in court proceedings as Undercover 157. (In a statement, the NYPD defended the undercover officer as a veteran “with approximately 1,800 successful buys and no complaints against him at the NYPD or with the Civilian Complaint Review Board,” later clarifying this meant no active complaints.)

      • Afghan Women’s Problems Don’t End With the Taliban

        The intelligence assessment shows that women’s rights in Afghanistan face threats not only from the Taliban, which are on the offensive and could form part of the next Afghan government or take outright control, but also from broader Afghan politics and public opinion.

      • Inside Pakistan’s ‘Conversion Factory’ For Hindu Brides

        But to his critics, Mitha’s clout has a nefarious edge: He runs what his critics call a notorious “conversion factory” targeting primarily young women from Pakistan’s Hindu minority who are married off to Muslim men and converted to Islam simultaneously — often under alleged coercion.

        And few feel empowered to challenge him.

        “We couldn’t stop them. My wife tried to stand in front of our daughters, but they pointed their guns, so she backed off,” Hari Lal, who alleges his two teenage daughters were kidnapped by men linked to Mitha’s seminary in March 2019 and forcibly converted, told RFE/RL’s Radio Mashaal.

      • Stop religious pressure on Orang Asli in Pahang, Siti Kasim begs authorities

        In a nine-minute video uploaded on her Instagram, Siti claimed that the villagers had been coerced into embracing Islam in the 1990s, adding that they knew nothing of the faith and were not practising Muslims.

        She said the villagers told her that they had been under the impression that they would be evicted from their village if they did not embrace Islam.

        The villagers, she said, now want to go to court to renounce Islam, but have been facing pressure not to do so.

      • Pakistani Christian Accused of Blasphemy Tortured into False Confession

        In Pakistan, false accusations of blasphemy are widespread and often motivated by personal vendettas or religious hatred. Accusations are highly inflammatory and have the potential to spark mob lynchings, vigilante murders, and mass protests.

        Since Pakistan added Section 295-B and 295-C to the country’s blasphemy laws in 1987, the number of blasphemy accusations have skyrocketed. Between 1987 and 2017, 1,534 individuals in Pakistan have been accused of blasphemy. Out of that 1,534, 829 accusations (54%), were made against religious minorities. With Christians only making up 1.6% of Pakistan’s total population, the 238 accusations (15.5%) made against Christians is highly disproportionate.

      • Some Muslims want the land of a Christian family, so they attack, loot property and destroy

        Salina Baska, one of the victims (picture 1), filed a complaint against the attackers, but the police refused to help her. Instead, they asked the victims for money. So far no one has been arrested in connection with the incident.

        “Muslims destroyed our mud house (picture 2),” said the 38-year-old ethnic Santal. “They stole our tin roof, took the rice, food, everything of value. They also beat me and my husband with a stick, even my children.”

        Her family has been living on land that belonged to her ancestors. But the attackers bought land next to them and now want to take over their neighbours’ land.

    • Internet Policy/Net Neutrality

    • Digital Restrictions (DRM)

      • Netflix IT exec forced employees to use products from vendors that bribed him

        Netflix’s former vice president of IT operations was convicted of taking bribes from technology vendors in exchange for awarding them contracts with Netflix, the US Department of Justice announced Friday. The former Netflix VP’s illegal scheme forced colleagues to use a variety of products, including one that suffered from “severe” performance problems and another that Netflix employees objected to because they preferred a different product the company was already paying for, the DOJ said.

      • Roku Users Lose Access To YouTube TV As Dumb Contract Fights Shift From Cable TV To Streaming

        For decades now, cable TV consumers have been subjected to idiotic cable TV “retransmission feuds” that black out content consumers pay for as broadcasters and cable operators bicker over rates. And while streaming TV was supposed to remedy many of the dumber aspects of the traditional cable TV model, that’s not really happening. The names and gatekeepers are simply shifting.

    • Monopolies

      • After Prosecutions Dove to 25-Year Low Under Trump, Will Biden DOJ Crack Down on Corporate Crimes?

        “President Biden’s DOJ should ramp up enforcement to show that corporate criminals are not above the law,” says author of new study.

      • Moderna Offer of Vaccines for Global South ‘Not a Substitute for Patent Justice,’ Advocates Say

        “We can’t count on the benevolence of Big Pharma corporations” to end the pandemic, said one organization.

      • Amazon’s profit soars 220 percent as pandemic drives shopping online.

        “In just 15 years, AWS has become a $54 billion annual sales run rate business competing against the world’s largest technology companies, and its growth is accelerating,” Jeff Bezos, Amazon’s founder and chief executive, said in a statement. Mr. Bezos plans to step down as chief executive later this year and transition into the role of executive chairman.

      • Hollywood Lobbyists So Afraid Of Any Public Benefit From ‘Intellectual Property’ That They’re Trying To Block COVID Vaccine Sharing

        Throughout the COVID pandemic, it’s been truly shameful to watch how patent maximalists have tried to insist that we just need more patents to deal with COVID — even though the incredible breakthroughs that brought such quick development of vaccines were not due to patents, but rather the free and open flow of information from a bunch of researchers and scientists who didn’t care about whether or not information was locked up for profit, but did care about saving millions of lives.

      • Magical Properties

        Back in the Paleolithic Were people appealing To one another, as casually As we do today, for a light? Or was it far more fraught — Perhaps they feared or thought That their fire, their heat, Would somehow be deprived;

        Or do you suppose They resented those Who wanted to take With little exposure to danger What they’d risked burning alive In lava to obtain;

      • Patents

        • CJEU sets August deadline for observations from European Commission, EU member states and parties on standard-essential patent licensing questions in Nokia v. Daimler

          In November 2020, the Dusseldorf Regional Court decided to refer to the Luxembourg-based Court of Justice of the European Union (CJEU) two sets of legal questions: one about the component-level licensing of standard-essential patents (SEPs) and another about the application of the Huawei v. ZTE SEP injunction framework. Nokia brought an interlocutory appeal, which was going nowhwere and ultimately withdrawn.

          Another procedural milestone was reached on April 29. The CJEU provided translations of the preliminary reference to the European Commission, other EU institutions, the EU member states, the three non-EU member states of the European Economic Area (Iceland, Liechtenstein, Norway), and the parties and intervenors so they can file observations.

          Under the court’s procedural rules, the parties normally have two months plus an automatic 10-day extension “on account of distance” (which appears a bit anachronistic in the Digital Age, as it would almost be enough for service by stagecoach). Currently, due to the COVID-19 pandemic, there’s an additional automatic extension by one month. All in all, this means the filings will be due on August 8 (a Sunday, so this may practically mean August 9).

          Unlike in the United States, where a diversity of stakeholders may file amicus curiae briefs, the CJEU will accept submissions only from the types of entities listed further above. Therefore, companies who are not parties to or intervenors to this case must persuade governments to file observations supporting their positions.

        • Dublin based designer named finalist in European Inventor Award

          Spanish designer and entrepreneur Dr Carmen Hijosa, now living in Dun Laoghaire, has been named a finalist for the European Inventor Award 2021 for her sustainable alternative to leather. Co-founder of Chesneau Leather Goods in Kilkenny in 1977 and a director of design at the company for 15 years, she then worked as a textile consultant for the World Bank who asked her to consult on the Philippine leather industry.

        • Transferring safely from ship to rig on the high seas in no time [Ed: EPO puff pieces are beginning to appear, costing the institution millions of euros though it helps EPO managers distract from their crimes and corruption (these publishers are paid for puff pieces; won't cover the scandals about the palm that feeds)]

          Moving from a ship on the high seas to a wind turbine or any other offshore rig is often a challenge, to say the least. The ship moves in all directions because of the waves. And the passenger pods that are transferred by crane are like a toy tossed in the wind. Dutch inventor Jan van der Tempel has developed a solution to this problem. This gangway, which resembles a passenger boarding bridge (PBB) for airplanes, is able to offset all the movements of a ship. This makes transferring for offshore personnel safer and faster. For his invention, Van der Tempel has now been nominated for the prestigious European Inventor Award 2021 from the European Patent Office (EPO) in the Industry category.

        • SME tech saves seabirds from death: Ben and Pete Kibel named European Inventor Award 2021 finalists [Ed: EPO wasting lots of money seeding press releases that falsely conflate the criminals who govern the Office with scientists who actually accomplished something]

          The European Patent Office (EPO) announces that British brothers Ben and Pete Kibel have been nominated as finalists in the “SMEs” category of the European Inventor Award 2021 for their invention of a simple, low-cost device that prevents the accidental deaths of seabirds during longline fishing.

        • European Inventor Award 2021 finalists announced [Ed: Way to distract from EPO crimes while literally wasting millions of euros, quite likely in direct violation of the rules of the Organisation]

          The European Patent Office (EPO) today announced the 15 inventors and inventor teams shortlisted as finalists for the 2021 edition of the European Inventor Award. The annual innovation prize, now in its 15th year, recognises outstanding inventors who have made an exceptional contribution to technology, society, and economic growth.

          The 2021 European Inventor Award winners will be announced at a ceremony beginning at 19:00 CEST on 17 June 2021, which has this year been reimagined as a digital event for a global audience. The ceremony will be open to the public and held in an extended reality format.

        • Software Patents

          • Supreme Court Requests View of Solicitor General in American Axle v. Neapco [Ed: Michael Borella and other software patent profiteers try to push the Trump-stacked SCOTUS to overturn Alice and weaken patent quality]

            Today, the Supreme Court requested the views of the Solicitor General in its consideration of American Axle’s certiorari petition, which asks the Court to reverse the Federal Circuit’s decision in American Axle & Mfg. v. Neapco Holdings LLC. That decision is noteworthy on several grounds. It is an application of the Federal Circuit’s fractured jurisprudence on subject matter eligibility under 35 U.S.C. § 101 to a traditionally patent-eligible subject matter — a method of producing shaft assemblies in a driveline system for trucks having reduced vibration during use. The case was the occasion for the full Court to illustrate the deep divisions among the Judges, with half of them voting to rehear the case en banc and the other half refusing to do so. Moreover, the decision not to grant rehearing en banc was accompanied by several opinions from various combinations of the Judges concurring or dissenting from the decision. And those opinions (as well as Judge Moore’s dissent from the panel opinion) contained sharp rhetoric regarding not only the panel decision but the pattern and scope of the Court’s attempts to consistently and coherently explicate the broad principles enunciated by the Supreme Court in Mayo Collaborative Services v. Prometheus Laboratories and Alice Corp. v. CLS Bank International (which, to be fair, may itself have been a Herculean task).

          • Shopify Joins the Open Invention Network

            Open Invention Network (OIN), the largest patent non-aggression community in history, announced today that Shopify has become a licensee and community member of OIN. As a leading global commerce platform providing trusted tools to start, grow, market, and manage a retail business of any size, Shopify is reinforcing its commitment to open source software (OSS) as an enabler of its growing business.

            “Shopify’s platform provides not only the tools to build an online store, but also a full suite of merchant solutions, including payment processing through Shopify Payments and loans through Shopify Capital, among others. Ecommerce platforms, fintech, and financial services companies should all take note of Shopify’s growth and leadership, which has been built upon open source software going back to its launch,” said Keith Bergelt, CEO of Open Invention Network. “We appreciate Shopify’s participation in joining OIN and demonstrating its commitment to innovation and patent non-aggression in the Linux System.”

      • Trademarks

        • How to reconcile sustainability and eradication of counterfeit goods in the fashion industry? [Ed: Well, "sustainability" is some nonsense and a buzzword, there are no "sustainability standards"]

          While fashion brands and retailers are committing to sustainability standards with increasing strength, the environmental and social impact of counterfeit goods is being neglected. This is particularly striking, giving that the range of such products is widening and the urgency to effectively manage the storage and disposal of fake fashion products escalates.

          [...]

          Primarily, counterfeiting is extremely attractive for organized crime. This form of criminality, over the past several years, has proven to be increasingly profitable while receiving little interest from law enforcement and policy makers. Experts have highlighted a rising tendency by organized crime to introduce counterfeit products into the legitimate supply chain, in view of selling them as originals and reaching a wider customer base. Of course, this aspect relates to organized crime’s efforts to extend its control over legal economy in various sectors, directly and indirectly. Counterfeiting provides huge funds to organized crime which can be reinvested in various activities, both licit and illicit.

          On a different note, the growth of e-commerce represents one of the greatest and most challenging opportunities for the fashion industry as far as counterfeiting is concerned. On the one hand, online stores are connecting millions of people around the world, creating new opportunities for the biggest brands as well as for the small and medium ones. On the downside, the positive effects of digital progress are tarnished by the inadequate governance of the web environment. In particular, the main threats emerge when it comes to tackling illicit conducts, the impact on the goods transportation method, and the relative ease of the dissimulation of identities and supply chains.

          It is one of the goals of the EU Customs Policy to keep pace with the proliferation of counterfeit products, especially in the wake of the pandemics, in parallel with a rise in the level of successful enforcement interventions. As larger amounts of infringing goods will be detected by authorities, the urgency to effectively manage the storage and disposal of such products increases.

        • EUTM data: German carmakers bolster electric vehicle portfolios [Ed: Max Walters does puff pieces with Campinos. So why not cover the EPO abuses? Fluff pays more than exposing corruption. Nowadays in so-called ‘journalism’ you get promoted not for accuracy, exclusivity, or positive impact but for sucking up to the rich and powerful while mastering the use of their buzzwords and euphemisms. Guess who rewards them and pays their salaries…]

          In this fourth exclusive data-led article, Managing IP looks at trademark filing trends in Germany – where major brands remain strong

      • Copyrights

        • Red Hot Chili Peppers to Sell Song Catalog to Hipgnosis for Upwards of $140 Million

          The Chili Peppers’ catalog was largely written by the band’s key members since 1989 —singer Anthony Kiedis, bassist Flea, drummer Chad Smith and guitarist John Frusciante, who recently returned for his third stint with the group. As reported by Billboard, the catalog is administered by Moebetoblame Music, under the guidance of lawyer Eric Greenspan, managing partner of the law firm Myman, Greenspan, Fox, Rosenberg Mobasser, Younger & Light LLP. Sources say Greenspan shopped the deal for the band. It also reported that the group’s catalog generates $5 million to $6 million in net publishers’ share.

        • VidCon Taps Nicole Leo as Director of Creator Partnerships (Exclusive)

          Additionally, Leo will oversee all talent relations for the tech conference and its digital events worldwide. She will be based in ViacomCBS’s Hollywood office and report to Colin Hickey, vp of operations.

        • U.S. Requests Lower Sentence for ‘Cooperative’ Member of Scene Piracy Group

          Jonatan Correa was part of the piracy Scene group SPARKS that presumably caused Hollywood millions in losses. After pleading guilty, he now faces a prison sentence of 12 to 18 months. However, the U.S. Government is asking a New York federal court to issue a lower sentence since Correa didn’t have a financial motive. In addition, he has been cooperative since his arrest.

        • The Pirate Bay Co-Founder Peter Sunde Acted Illegally, Court Rules

          The Helsinki Court of Appeal has confirmed that Peter Sunde, the co-founder and former administrator of The Pirate Bay, violated the rights of various record companies. According to the Court, Sunde helped to distribute copyrighted recordings via the torrent site between 2005 and 2009.

        • CC Search to Join WordPress

          Our teams are still finalizing details and timing, and we’ll be sharing updates with you as we get closer to the finish line.

05.03.21

Links 3/5/2021: Sparky 5.15, Bill Gates Divorce, Netflix Fraud

Posted in News Roundup at 6:47 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • Xinitrc, Xprofile And More, What Do They All Do

        On our Linux systems there are all of these files with X at the start of there name like xinitrc and xprofile but what are they actually used for and how do some of them which seem very similar actually differ.

      • Destination Linux 224: Linux Kernel Bans UMN & Interview with Neal Gompa of Fedora Project

        This week’s episode of Destination Linux, we are going to talk with Neal Gompa, a DevOps Engineer by day and a Linux systems aficionado and developer by night about Fedora Linux 34 as well as Fedora KDE. Then we’ll check out the latest release of the open source video editor, Kdenlive 21.04 and in our Community Feedback we’ll talk about the situation around the Linux Kernel banning the University of Minnesota from contributing. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

      • Late Night Linux – Episode 123 – Late Night Linux

        Whether there’s any point trying out random distros, and your feedback about AMD hardware, slow phones, messaging services, cryptocurrencies, and KDE.

    • Kernel Space

      • Microsoft is working towards running Linux as ARM64 Hyper-V guest [Ed: Microsoft boosters delighted to help Microsoft hijack the word "Linux" for PR, selling proprietary software and spying]
      • Linux 5.13 To Allow Zstd Compressed Modules, Zstd Update Pending With Faster Performance

        Adding to the variety of places where the Linux kernel supports making use of Zstd compression, kernel modules moving forward can now enjoy size reductions with Zstd.

        Linux already supports optional Gzip and XZ compression of kernel modules while beginning with Linux 5.13 there is support added for Zstd. In user-space, KMOD 28 already supports dealing with Zstd-compressed modules. The compressed modules are suffixed .ko.zst.

      • IO_uring Squeezes More Performance With Linux 5.13 – Phoronix

        Merged as part of the block subsystem changes for the Linux 5.13 were the usual assortment of enhancements to the exciting IO_uring. With this next kernel there is yet even better performance out of this morning Linux I/O interface.

        The IO_uring updates for Linux 5.13 include support for multi-shot mode for POLL requests, more efficient reference counting, no longer the need to have a manager thread for each ring, and a wide variety of smaller technical fixes and improvements.

      • Graphics Stack

        • Mesa 21.x Seems To Muck Up Gamers’ Trust Factor For Counter-Strike: Global Offensive – Phoronix

          Those moving to Mesa 21.x releases for the latest open-source GPU driver support on Linux are seemingly finding their Valve “Trust Factor” matchmaking system scores dropping for Counter-Strike: GO, leading to numerous upset Linux gamers with AMD Radeon GPUs.

          Back in January for Mesa 21.0 there was the CS:GO whitelisting for OpenGL threading with a focus on improving the performance for the RadeonSI Gallium3D driver with modern AMD Radeon graphics cards. Unfortunately, that appears to be lowering the Trust Factor for the game. Valve’s Trust Factor is their matchmaking system in use for Counter-Strike: Global Offensive for finding gamers to compete against with similar scores. Cheating and other opaque inputs go in to calculating the Trust Factor value for a particular game.

        • Wayland-Protocols 1.21 Released With XDG_Activation, Staging Replaces Unstable

          Released on Friday was a new version of Wayland-Protocols, the collection of protocol specifications for Wayland.

          With Wayland-Protocols 1.21 the XDG_Activation protocol has been introduced. This protocol is for transferring focus between top-level surfaces such as from a launcher to launchee.

    • Applications

      • BoM says issues with textmode browser lynx fixed; no mention of others

        The Australian Bureau of Meteorology says it has fixed the issues that prevented users of the textmode browser lynx from accessing its website.

        Many sight-impaired readers use lynx and other text-based browsers and a speech-to-text engine like festival to read these pages.

        In a statement sent in response to a query from iTWire, the BoM said: “The Bureau has now resolved an issue that inadvertently caused problems with the Lynx web-browser. The issue was caused with use of a tool that detects and stops screen scraping activity on the Bureau’s website.

    • Instructionals/Technical

      • How to install Opera In Ubuntu 21.04 [ Using the terminal ]
      • How To Install GlassFish on Debian 10 – idroot

        In this tutorial, we will show you how to install GlassFish on Debian 10. For those of you who didn’t know, GlassFish is an open-source application server and the reference implementation of Java EE. GlassFish 5 release supports the latest Java Platform: Enterprise Edition 8. It supports Enterprise JavaBeans, JPA, JavaServer Faces, JMS, RMI, JavaServer Pages, servlets, etc.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the GlassFish on a Debian 10 (Buster).

      • Linux Running Too Slow? Here’s How to Find the Cause – Make Tech Easier

        There’s nothing more frustrating than installing Linux on your PC and the whole system still feeling sluggish. After spending money building, purchasing or upgrading a machine, you expect it to be snappy. However, that’s not always the case, and with Linux, you can do quite a bit of investigating to check out what’s wrong. Today, we show you how to find the cause of your Linux machine running too slow.

      • How to Install .NET 5 on Ubuntu Linux [Ed: Helps Microsoft monopoly]

        Want to download and install .NET 5 on your Ubuntu machine but can’t figure out how? This guide will take you through the complete process of installing .NET 5 (Dotnet 5) on Ubuntu Linux 20.04 (LTS). Dotnet 5 is the latest version in the .NET Core family and it supports even more application types and platforms than its predecessor.

        Although this article will focus on installing .NET 5 on Ubuntu Linux, Dotnet 5 is also supported on other Linux distros such as CentOS, Red Hat Enterprise Linux, Alpine, etc.

      • How to install Wii Funkin’ on a Chromebook

        Today we are looking at how to install Wii Funkin’ on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

      • Linux hdparm Command Tutorial – Linux Hint

        In Linux-type systems, the “hdparm” command tool is used to provide the interface for kernel-supported devices. It is to display the drive disk statistics and set hardware parameters and testing performance.
        This utility allows the user to perform DMA settings, set hardware parameters like cache settings, acoustic and power management.

        The operations of the “hdparm” command-line utility work properly with the latest kernel devices. But some of the options still support old disk drives.

      • How to install Chrome browser on Rocky Linux 8 – Linux Shout

        Chrome browser is not new to anyone, we all have used it now and then on our Desktop or smartphones. However, if you have just installed Rocky Linux to test it out and want to install Google Chrome browser in it then here are the steps to follow.

      • Use a 8×8 LED Matrix With Raspberry PI and Python

        A very simple electronic component, 8×8 Led Matrix with Raspberry PI (and Python) can display nice and simple images whose application limit is only your fantasy

        In this tutorial I’m going to show you how to setup and wire a 8×8 Led Matrix with Raspberry PI and Python, explaining code.

        8×8 LED matrix is a small display composed of 8 LED row, each one including 8 LEDs, thus forming a LED matrix (as per its name) . All its LED are usually monochromatic (only 1 colour). It appears as in following picture:

      • Finding the fingerprint of a given certificate
      • [Short Tip] Add a path entry to Nushell

        Adding a path in nushell is pretty straight forward: the configuration is done in ~/config/nu/config.toml in the [path] section.

      • How to configure and manage firewalld rules in Linux

        The firewall is essential for controlling the flow of network traffic in and out of the Linux server.

        It enables users to control incoming network traffic on host machines by defining a set of firewall rules.

        It must be enabled on production servers facing the Internet, to protect those servers from unauthorized access.

        This is one of those security features that ensures your system security at network level.

        In this guide, we’ll show you how to add, remove, enable, and disable firewalld rules & zones.

      • How to install Mattermost on Rocky Linux 8 – Linux Shout

        Mattermost enables the communication between individuals and groups. Communication can take place as a chat, video call, or normal telephone call. The exchange of data and links is also possible. Mattermost can be seen as a direct competitor of MS Teams or Slack in this regard. If you are cloud users such as AWS, Google, Azure, and others pre-built open-source images are available with them to install and deploy Mattermost on the cloud as quickly as possible. After installation, its web interface can be accessed using the browser or Mobile & Desktop Apps on Windows, Linux, and Mac, iOS, and Android.

        Under the name Omnibus, Mattermost released package, a complete stack of the free messaging system, can be installed with just a few commands. In addition to Mattermost itself, the administrator can set up PostgreSQL as a database, Nginx as a proxy web server, and Certbot to issue and renew SSL certificates in no time at all. However, Omnibus is only for Debian based system and will not work on RHEL or its derivatives, hence we have to set up Mattermost on Rocky Linux step by step.

      • How To Install Flameshot on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Flameshot on Ubuntu 20.04 LTS. For those of you who didn’t know, Flameshot is an open-source screenshot and annotation tool designed for Linux, macOS, and Windows systems. This apps has a varied set of markup tools available, which include Freehand drawing, Lines, Arrows, Boxes, Circles, Highlighting, Blur. Additionally, you can customize the color, size, and thickness of many of these image annotation tools.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Flameshot open-source screenshot tool on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • LFCS – Managing Software – Ubuntu | Linux.org

        With any Linux system, managing the system software is a major part of keeping the system working properly, Ubuntu is no exception. In my previous article, I covered this information for CentOS, this article will cover the Ubuntu side of Managing Software.

        There is a lot of information in this article, so make sure you have a fair understanding of everything as well as how it works together.

    • Games

      • Arcade top-down hack & slash Battle Axe is out now | GamingOnLinux

        Little over a year after the successful Kickstarter campaign, Battle Axe, an arcade styled hack and slash inspired by the likes of Golden Axe and Gauntlet. Created by veteran pixel artist Henk Nieborg of Bitmap Bureau and music from the legendary VGM composer Manami Matsumae.

        “For as long as you and your people can remember, your homeland of Mercia has been held in the tyrannical clutches of the malevolent sorceress, Etheldred. Some months ago, a party of mercenaries was dispatched to attempt to put a stop to Etheldred and her evil cohorts, but regrettably none of them have ever returned…”

    • Distributions

      • Screenshots/Screencasts

        • Elementary OS 6.0 Beta

          Today we are looking at Elementary OS 6.0 Beta It uses Linux Kernel 5.8, based on Ubuntu 20.04 LTS, and uses about 600MB of ram when idling. It is fast, lean but still in Beta as the name says (so keep it in mind).

        • Elementary OS 6.0 Beta Run Through

          In this video, we are looking at Elementary OS 6.0 Beta.

      • IBM/Red Hat/Fedora

      • Debian Family

        • Sparky 5.15

          There is a next point release of Sparky 5.15 “Nibiru” of the stable line ready to go. This release is based on Debian stable 10 “Buster”.

      • Canonical/Ubuntu Family

        • Ubuntu 16.04 LTS moves to paid Extended Support Maintenance

          Canonical has announced that Ubuntu 16.04 LTS has reached the end of its normal support lifecycle and has now been moved onto the Extended Support Maintenance track. This allows personal users to run Ubuntu 16.04 ESM on up to three machines and for enterprise customers to pay for the continued support. Extended Support Maintenance (ESM) will last until April 2024.

          With Ubuntu 16.04 LTS reaching end of life status in April, it will no longer receive security updates, therefore, anyone still running it needs to upgrade to Ubuntu 20.04 LTS or Ubuntu 18.04 LTS. For systems in enterprise environments, this may be easier said than done so Canonical offers ESM.

          With Ubuntu 16.04 ESM, customers will be provided with security updates for high and critical CVEs (Common Vulnerabilities and Exposures) in the Ubuntu base OS and scale-out infrastructures such as Ceph and OpenStack. At the time of writing, only 64-bit x86 machines are supported by Canonical’s ESM scheme.

        • Linux Mint’s File Transfer App is Now Available for Android

          Linux Mint’s Warpinator file transfer tool is now available for Android devices, including Chromebooks.

          The tool makes it super-easy to fling files from computer to computer over your local network, no third-party hosting required.

          A desktop app is included in Linux Mint 20 and up, and is available for other Linux distros via Flathub.

          Now Android is in the on the action thanks to the efforts of an independent developer and their work on an open source port to the popular mobile platform.

          Mint devs say the app “works very well” already, despite being a relatively young project. The Play Store description states that is “fully compatible with the original protocol and allows for easy transfer of files between Android and Linux devices”.

          “When we made Warpinator we solved a need we had within Linux Mint and made the software available for all Linux distributions, but although we wouldn’t spend the resources to make it work on other OSes […] we wanted to use simple and open technologies to make it possible for this software to be developed by others,” says Mint’s lead Clement Lefèbvre.

        • Ubuntu Weekly Newsletter Issue 681
        • Ubuntu Weekly Newsletter Issue 681

          Welcome to the Ubuntu Weekly Newsletter, Issue 681 for the week of April 25 – May 1, 2021. The full version of this issue is available here.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open Source audio editor Audacity is now part of MuseGroup

        Audacity is one of the most popular free cross-platform open source audio editors. It can be downloaded and used on Windows, Mac OS and GNU/Linux machines, and is regularly updated and quite accessible.

        Audacity, as an open source project, is maintained by a group of contributors. Anyone may download the source code of the program and compile it, or contribute code to the project.

        We have followed the development of the audio editor for years, and even published a few tutorials here on this site. Did you know that you may use Audacity to merge Mp3 or Wav files, or to generate and save white noise audio files?

        The first mention of Audacity dates back to 2008 when we published a tutorial on creating ringtones using the software and YouTube. Ringtones, at least in the original form, have faded away.

      • qBittorrent 4.3.5

        The qBittorrent project aims to provide a Free Software alternative to µtorrent. qBittorrent is an advanced and multi-platform BitTorrent client with a nice user interface as well as a Web UI for remote control and an integrated search engine. qBittorrent aims to meet the needs of most users while using as little CPU and memory as possible. qBittorrent is a truly Open Source project, and as such, anyone can and should contribute to it.

      • Glucosio: an ads-free Libre diabetes manager for Android devices and iOS

        Diabetes is a life-altering disease, which require a daily follow-up and management discipline for patients.

        Google Play Store and Apple App Store have dozens of diabetes management applications, but they either come with a cost, populated with ads or with limited features to force the customer to buy the full package.

        Here, we offer a wonderful alternative for android which comes completely free, without ads and even is released as an open-source project under GPL V3.0 license.

      • Web Browsers

        • Mozilla

          • Mozilla Localization (L10N): Mozilla VPN Client: A Localization Tale

            On April 28th, Mozilla successfully launched its VPN Client in two new countries: Germany and France. While the VPN Client has been available since 2020 in several countries (U.S., U.K., Canada, New Zealand, Singapore, and Malaysia), the user interface was only available in English.

            This blog post describes the process and steps needed to make this type of product localizable within the Mozilla ecosystem.

      • Productivity Software/LibreOffice/Calligra

      • FSF

      • Programming/Development

        • Jussi Pakkanen: “Should we break the ABI” is the wrong question

          The ongoing battle on breaking C++’s ABI seems to be gathering steam again. In a nutshell there are two sets of people in this debate. The first set wants to break ABI to gain performance and get rid of bugs, whereas the second set of people want to preserve the ABI to keep old programs working. Both sides have dug their heels in the ground and refuse to budge.

          However debating whether the ABI should be broken or not is not really the issue. A more productive question would be “if we do the break, how do we keep both the old and new systems working at the same time during a transition period”. That is the real issue. If you can create a good solution to this problem, then the original problem goes away because both sides get what they want. In other words, what you want to achieve is to be able to run a command like this:

          prog_using_old_abi | prog_using_new_abi

          and have it work transparently and reliably. It turns out that this is already possible. In fact many (most?) people are reading this blog post on a computer that already does exactly that.

        • Qt Developer Conference

          We at KDAB are pleased to announce an event we’re planning to host in Berlin this fall, September 28-30. Save the dates for KDAB’s Qt Developer Conference — a conference from Qt developers for Qt developers!

          Qt Desktop Days, May 2021 — Cancelled

          Before we tell you more about Qt Dev Con, we’d like to let you all know, or confirm what you may have already heard, that the Qt Desktop Days conference that we were planning for this month has been cancelled. This was due to the dates of the event coinciding with those of a couple of other big events. We’d like to try to give you all a better chance to attend more conferences, rather than having to miss out on one or two of them. Therefore, the desktop aspect of Qt development will be integrated into our Qt Developer Conference in the fall, instead.

        • Perl/Raku

          • Rakudo Weekly News: 2021.18 Double Comma

            Jonathan Worthington has just announced a new release of Comma (the IDE for the Raku Programming Language), both the paid version as well as the free Community Edition! With a lot of new pod related features, support for meta-class methods (handy if you’re using Red), and a nice bunch of bug fixes and other improvements.

            If you like the Comma Community Edition, consider buying the Comma Complete Edition with additional features: it will pay for further development of the free version as well as for future complete editions!

          • TPF made me wait 301 hours to learn my punishment
  • Leftovers

    • Bill Gates is getting divorced [ He tweeted ]

      After a tweet we know that mr. Bill Gates is divorcing his wife Melinda Gates.

    • Science

      • Anumeracy is bad, and I just met it

        The graph above represents the membership of an organization, from 2011 to 2021. I saw it by chance, because someone posted it online, worrying that the organization may never recover for such a steep loss. He wrote, more or less: “a 10% decrease in membership in one year! If this is confirmed, it’s a meltdown!”

    • Health/Nutrition

      • What can policymakers learn from the UK’s RECOVERY trial to improve clinical research for COVID-19 and beyond?

        In early March 2020, Oxford University scientists Martin Landray and Peter Horby recognized the crucial role well-designed clinical trials would play in combating the emerging pandemic and avoiding the mistakes of past health crises, where “everyone runs around like headless chickens with scientists and doctors acting alone, each testing different treatments in small numbers of patients; creating lots of noise, but no answers.” Landray and Horby consequently focused on four “keys” to the RECOVERY trial: size, speed, randomization, and simplicity. Without an easy way to enroll patients in a randomized trial, doctors would be left to make individual choices about experimental treatments and would not be able to generate good evidence of whether those treatments actually worked.

        Broadly speaking, RECOVERY is a “platform” trial, a clinical trial “defined by the broad goal of finding the best treatment for a disease by simultaneously investigating multiple treatments . . . [where the] focus is on the disease rather than any particular experimental therapy.” (In other instances, “platform” trials are called “master protocol trials,” “basket trials, or “umbrella trials.”)

        To achieve its aims, RECOVERY was designed to make randomizing treatments fast and simple for doctors. It is “multi-armed” with a single control, meaning that instead of inefficiently testing each intervention against its own control group, only a single control is needed to test multiple interventions. It is also “adaptive,” meaning that the trial design is modified based on interim data analyses, such as by randomizing fewer patients to less promising treatments and shutting down treatment arms that have been shown to be ineffective, such as hydroxychloroquine, lopinavir/ritonavir, and azithromycin. The RECOVERY trial can also add arms; for example, this fall it added aspirin, colchicine, and Regeneron’s antibody cocktail. Thus far, the trial has investigated 13 products, with positive results reported for dexamethasone and tocilizumab.

    • Integrity/Availability

      • Proprietary

        • Ransomware Hits Scripps Health, Disrupting Critical Care, Online Portal

          Scripps Health in San Diego was hit by a ransomware attack over the weekend, forcing the health system into EHR downtime. Some critical care patients were diverted and the online patient portal has been taken offline, according to local news outlet San Diego Union-Tribune.

          Monday appointments were also postponed due to the cyberattack, which disrupted operations at two of Scripps’ four main hospitals and backup servers that reside in Arizona. Providers and other clinicians are leveraging paper records, as telemetry has been impacted at most care sites. Access to medical imaging also appears to be down.

          Reports say all four hospitals in Encinitas, La Jolla, San Diego, and Chula Vista were placed on emergency care diversion for stroke and heart attack patients, who were diverted to other medical centers when possible. All trauma patients were also diverted.

        • Spotify’s Redesigned Desktop App is Now Available on Linux

          Spotify announced a redesign of its desktop app at the end of March, and the revamp has finally found its way to my Linux desktop — and maybe yours, too!

          The UI rejig improves the music streaming client’s core navigation, in particular access to search. In older versions of the client the ‘search’ feature appeared and disappeared depending on the view. Now it’s in the sidebar, in all views.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

        • Security

          • Security updates for Monday

            Security updates have been issued by CentOS (bind, GNOME, java-1.8.0-openjdk, java-11-openjdk, nss and nspr, xstream, and xterm), Debian (bind9 and libimage-exiftool-perl), Fedora (ansible, babel, java-11-openjdk, and java-latest-openjdk), Gentoo (chromium, clamav, firefox, git, grub, python, thunderbird, tiff, webkit-gtk, and xorg-server), Mageia (kernel, nvidia-current, nvidia390, qtbase5, and sdl2), openSUSE (Chromium, cifs-utils, cups, giflib, gsoap, libnettle, librsvg, netdata, postsrsd, samba, thunderbird, virtualbox, and webkit2gtk3), Red Hat (bind), Scientific Linux (bind), and SUSE (containerd, docker, runc and xen).

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • RotaJakiro Linux Backdoor Malware Escaped Detection Since 2018 As It Continued Stealing Data

              Researchers from Qihoo 360’s Network Security Research Lab (360 Netlab) have caught a new malware in the wild. Though it isn’t really a new malware, rather it successfully stayed under the radar for three years.

              Identified as RotaJakiro, the researchers have observed it serving as a backdoor malware targeting Linux devices. The backdoor mainly steals data from the infected machines, alongside installing various plugins.

              Overall, the researchers have found 4 different samples of the same malware in the wild – all with zero VirusTotal detections. However, they analyzed the latest malware variant to study RotaJakiro.

              Briefly, RotaJakiro is a unique malware in that it uses rotates encryption and exhibits different behavior for root/non-root accounts. It uses numerous encryption algorithms during its operation. For instance, it relies on AES to encrypt resource information. Whereas, it uses XOR, AES, ROTATE encrypt ion, and ZLIB compression to communicate with its C&C.

    • Digital Restrictions (DRM)

      • Netflix VP convicted for fraud

        A federal jury convicted former Netflix vice president of IT Michael Kail on 28 fraud and money laundering counts.

        Kail, who was indicted in 2018, used his position to create a “pay-to-play” scheme where he approved contracts with outside tech companies looking to do business with Netflix in exchange for taking bribes and kickbacks.

        According to the Department of Justice’s press release, Kail accepted bribes or kickbacks from nine different companies totalling more than $500,000 as well as stock options.

        Netflix sued Kail after he exited the company in 2014 to take a role as Yahoo’s CIO, accusing him of fraud and breaching his fiduciary duties.

        One FBI agent says that Kail “stole the opportunity to work with an industry pioneer from honest, hardworking, Silicon Valley companies”.

      • NetFlix executive Michael Kail convicted of fraud, money laundering

        A federal jury has convicted a former Netflix executive on charges that he rigged agreements with smaller companies so that they would make kickbacks to him when they received payments from Netflix for new products and services.

        Michael Kail, 49, of Los Gatos, who led Netflix’s information technology operations from 2011 to 2014, created and controlled a company called Unix Mercenary LLC, which had no employees or location, for the purpose of receiving more than $500,000 plus stock options from nine companies, according to statement released Friday by the United States Attorney’s Office in San Jose.

    • Monopolies

      • Patents

        • Judge Newman Again Stands As Sole Ally To PTAB Bias Claim [Ed: Patent litigation 'industry' lobbyists still trying to brew phony 'scandals' over PTAB in order to shore up fake patents such as software patents, shielding them from scrutiny]

          The Federal Circuit on Monday considered for the second time whether Patent Trial and Appeal Board judges are financially motivated to institute patent challenges, and while the panel majority again seemed unpersuaded, Judge Pauline Newman voiced serious concern over the patent judges’ bonus structure.

          The court’s longest-serving judge said Article III judges like herself aren’t given bonuses based on how many cases they decide and questioned why administrative patent judges should be financially rewarded for their productivity.

        • Invention of a Slave: 2021 Redux

          Tormasi is also a patentee. His U.S. Patent No. 7,324,301 covers a computer hard-drive that allows for “simultaneously and independently” reading and/or writing on different carrier surfaces within the drive.

          [...]

          Capacity to Sue: Under the Federal Rules of Civil Procedure, a plaintiff’s capacity to sue is determined “by the law of the individual’s domicile.” For Tormasi, that is New Jersey. New Jersey has a statute on point: “Every person who has reached the age of majority . . . and has the mental capacity may prosecute or defend any action in any court.” N.J. STAT. ANN. § 2A:15-1 (2013). However, New Jersey’s Prison Administrative Code sets forth regulations that prohibit prisoners from “operating a business … without the approval of the Administrator” N.J. ADMIN. CODE § 10A:4-4.1. Tormasi does not have the Adminstrator’s approval. The courts found that this non-statutory administrative rule was sufficient to limit the state statute — superseding his right to file a lawsuit in his personal capacity. It seems to me that rule eliminating a party’s right to file a civil lawsuit probably should have been a bit more direct.

        • Supreme Court offers Hope on Eligibility Case [Ed: Dennis Crouch, who is admittedly funded by the patent lobby (e.g. those working to undermine patent quality and cancel Section 101), is at it again]

          The Supreme Court today called for the views of the Solicitor General (CVSG) in this important patent eligibility case. “The Acting Solicitor General is invited to file a brief in this case expressing the views of the United States.”

          In a pair of briefs filed in 2019, then Solicitor General Noel Francisco argued that the Court should hear a new eligibility case to clarify its precedent: “the Court’s recent decisions have fostered uncertainty concerning those substantive Section 101 standards.”

        • USPTO hiring hundreds of new patent examiners [Ed: Dennis Crouch reaffirms his longstanding position as USPTO mouthpiece. He moreover gets funded by litigation giants that push for software patents, patents on nature etc.]

          The United States Patent and Trademark Office (USPTO) is seeking soon-to-be graduates and professionals with backgrounds in graphic design/art, as well as engineers with backgrounds in biomedical, computer, electrical, and mechanical engineering to apply for hundreds of entry-level patent examiner positions in Alexandria, Virginia.

        • Orrick Herrington & Sutcliffe launches patent practice with Hengeler counsel [Ed: What on Earth is this? JUVE is once again doing ads in ‘article’ clothing….]
        • Software Patents

          • Shopify joins the Open Invention Network Linux patent protection group | ZDNet [Ed: IBM-led front group that, along with other companies, seeks to basically legitimise software patents]

            Shopify is a leading global e-commerce company. Its software tools are used by 1.7-million real businesses in more than 175 countries to start, grow, market, and manage retail businesses. Shopify, like so many other companies, owes its success to open-source software.

            “At Shopify, we’ve built our platform on Ruby on Rails. We view open-source software as a key foundation for our business,” said Robert Guay, Shopify senior counsel of intellectual property. “By joining the Open Invention Network, we have committed to patent non-aggression in core Linux and adjacent open-source software. We believe that this commitment will promote innovation and help enable entrepreneurs and developers to build on open source foundations without focusing on the threat of litigation. We strongly encourage all forward-looking e-commerce platforms, retailers, and other companies to do the same.”

            With more than 1.58 million websites running on Shopify’s software, the company is a business-to-business powerhouse. Indeed, it’s Canada’s largest publicly traded company.

            That’s in no small part because, as Keith Bergelt, OIN’s CEO, observed: “Shopify’s platform provides not only the tools to build an online store, but also a full suite of merchant solutions, including payment processing through Shopify Payments and loans through Shopify Capital, among others. Ecommerce platforms, fintech, and financial services companies should all take note of Shopify’s growth and leadership, which has been built upon open-source software going back to its launch.”

          • $1,500 Awarded for 21st Century Garage prior art

            Unified is pleased to announce the PATROLL crowdsourcing contest winner, Preeti Dua, who received a cash prize of $1,500 for her prior art submission for U.S. Patent 6,526,460. The ‘460 patent, formerly owned by Intellectual Ventures, is owned by 21st Century Garage, LLC, an NPE. The ’460 patent generally relates to a vehicle communications system, in particular for a motor vehicle, having a plurality of equipment units for transmitting, receiving, acquiring and/or processing data for executing applications.

          • BCS Software reexamination request granted

            On April 30, 2021, the USPTO granted Unified’s request for ex parte reexamination, finding substantial new questions of patentability on all challenged claims on U.S. Patent 7,302,612, owned by BCS Software LLC. The ’612 patent relates to a high-level operational support framework for monitoring, assessing, and managing the health of applications (or components/objects) in a distributed computing environment. The ‘612 patent has been asserted against Hewlett Packard, Elster Solutions (Honeywell), Landis+Gyr, and Itron.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts