Bonum Certa Men Certa

Links 24/8/2021: GNU Taler 0.8 and Beta of MX Linux 21



  • GNU/Linux

    • Kernel Space

      • Linux Kernel Changes Proposed So Intel TDX KVM Guests Avoid Crashing The Host - Phoronix

        Shortly after Intel's TDX whitepaper was made public last year for better protecting virtual machines, Intel open-source engineers began posting support patches for bringing up Trust Domain Extensions under Linux. That work remains ongoing and now further Linux kernel infrastructure work is pending to better deal with the notion of guest private memory afforded by TDX.

        Intel Trust Domain Extensions (TDX) allow for better hardware isolation between virtual machines and the VMM/hypervisor. TDX introduces a secure arbitration mode, multi-key total memory encryption, remote attestation, and other features. TDX is expected with next-gen Xeon Sapphire Rapids CPUs.

      • HSE 2.0 Open-Source Storage Engine Is On The Way From Micron

        Announced back in April of 2020 was Micron's HSE as an open-source storage engine optimized for solid-state drives and persistent memory. After quickly crossing the v1.0 milestone and working its way up to HSE 1.9 at the end of last year, there hasn't been any updates since. Fortunately, the project is still alive and HSE 2.0 is on the way.

        The Heterogeneous-Memory Storage Engine (HSE) is designed for SSDs and persistent memory and to be useful for HPC, machine learning, IoT, and other key-value store use-cases. HSE is much faster than the likes of RocksDB and MongoDB on modern, speedy storage products -- such as those from Micron.

      • Graphics Stack

        • AMDVLK 2021.Q3.5 Released With Radeon RX 6600 XT Support - Phoronix

          AMDVLK 2021.Q3.5 is out as the newest snapshot for this open-source AMD Radeon Vulkan Linux driver.

          AMDVLK 2021.Q3.5 adds Navi 23 GPU support, adds a setting to override the bin size calculation, and fixes additional Vulkan CTS failures.

          The Navi 23 support is for the Radeon RX 6600 XT that launched earlier this month. The Mesa RADV driver and packaged Radeon Software for Linux Vulkan drivers have already supported this new RDNA2 GPU while AMDVLK has been late to the party in supporting this mid-range graphics card. Thankfully today that changed with this new AMDVLK code drop.

        • AMD's Open-Source Mesa Driver Continues To Be Ruthlessly Optimized For Workstation Performance - Phoronix

          One of the areas where AMD's long-standing "PRO" OpenGL driver has generally held an advantage over RadeonSI Gallium3D has been around workstation software but that has been changing.

          Over the past year there have been AMD developers working on making major optimizations for SPECViewPerf workloads, lowering the driver overhead, and other improvements for workstation OpenGL software.

        • NVIDIA DLSS for Proton + Linux with DirectX 11 / 12 lands in September | GamingOnLinux

          NVIDIA announced today an expansion of RTX and DLSS for plenty of Windows games, and for Linux users there's something exciting coming too: NVIDIA will hook up DLSS with DirectX 11 and 12 with Proton in September.

          What is DLSS? NVIDIA DLSS (Deep Learning Super Sampling) is an AI-powered rendering tech to help increase performance for NVIDIA GPUs using their dedicated Tensor Core AI processors. It helps to boost framerates by rendering frames at a lower resolution and then it's made to look much crispier using deep learning.

    • Instructionals/Technical

      • How to Find the IP Address in Linux

        An IP address is a unique address that identifies a device on the internet or a local private network. Every computer in the network requires its own unique IP address to get identified. There are two different IP addresses: private and public. A computer can be assigned private IPs or public IP or both.

        A public IP is an address that is exposed to the internet. Devices that are assigned public IP can be accessed from the internet. Whereas private IP is accessible to a local internal network.

        In this tutorial, we learn the different ways to find the IP Address of a Linux system.

      • How to Install Icinga 2 Monitoring Tool on CentOS 8

        Monitoring is one of the most important components of the server infrastructure and data center. It will help you to detect problems and issues that will occur on your servers so you can solve that issues faster. There are some open-source monitoring tools available out there, and one of the most popular is 'Icinga 2'.

        Icinga is created as a fork of the popular Nagios monitoring tool and now has been rewritten from scratch in C++. As fork from the Nagios project, Icinga has come with additional tools and features, including the icinga director, icinga modules, and icinga plugins. Also, it has support for distributed monitoring that allows you to manage multiple Icinga instances from one dashboard.

        In this tutorial, we will show you step-by-step how to install and configure Icinga2 with Apache2 and MariaDB on CentOS 8 server.

      • How to organize your lists in Linux with Dynalist

        Do you have a habit of creating to-do lists or idea lists on a notepad on your Linux PC? If so, there’s a better way to go about it. Introducing Dynalist: an excellent note-taking editor for Linux. Here’s how to use it on Linux.

      • How to play Splitgate (Beta) on Linux

        Splitgate is a PVP game that the developer says is “Halo meets Portal.” In the game, users can portal with a portal gun while defeating enemies with various weapons. The game is in Beta, so it can be unstable. However, it is free to play. Here’s how to enjoy Splitgate on Linux!

      • How to install SolveSpace on Linux

        SolveSpace is an open-source, parametric 2d and 3d CAD software suite for Linux, Mac, and Windows. SolveSpace has a lot of exciting features that CAD modelers will love. In this guide, we’ll show you how to install SolveSpace on Linux.

      • How To Set Or Change Hostname In Debian 11 Bullseye - OSTechNix

        The other day I upgraded my Debian 10 buster system to Debian 11 bullseye. The upgrade was smooth and easy! Now, I want to update the old hostname in Debian 11 system. In this brief guide, let me explain how to set or change hostname in Debian 11 bullseye system from commandline.

      • How to use RustDesk on Linux

        RustDesk is an excellent, open-source remote desktop application. It is similar to Teamviewer and Anydesk. However, it is better as it allows users to host their own connection server if they choose (it is not required, though). Here’s how to use RustDesk on Linux.

      • How to play Divinity: Original Sin 2 on Linux

        Divinity: Original Sin 2 is an RPG video game developed and published by Larian Studios. It is the sequel for Divinity: Original Sin 1. In the game, players can play solo or with three friends. The game is very similar to Dungeons & Dragons and is known for its in-depth RPG mechanics. Here’s how to play it on Linux.

      • How To Install GlassFish on AlmaLinux 8 - idroot

        In this tutorial, we will show you how to install GlassFish on AlmaLinux 8. For those of you who didn’t know, GlassFish is an open-source application server for the Java EE platform. GlassFish project is initially started by Sun Microsystem and is now sponsored by Oracle Corporation. GlassFish allows developers to create applications for enterprises that are portable, scalable, and that integrate with legacy technologies.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the GlassFish on AlmaLinux 8. You can follow the same instructions for Rocky Linux.

      • How To Enable Hibernation On Ubuntu (When Using A Swap File) - Linux Uprising Blog

        This article explains how to enable hibernation using systemd on Ubuntu when using a swap file (which is default for Ubuntu at least since version 18.04).

        My laptop's battery drains quite fast while it's sleeping. I've tried some solutions / workarounds, like this one (except for me the problem wasn't that the laptop was losing half its energy overnight, but all of it in only a few hours), but to no avail. So I decided to enable the hibernate option (suspend to disk) and use that instead of the default sleep option (suspend to RAM), because it uses less power, so the laptop battery is not drained while not in use, albeit taking a bit longer to wake up from hibernation than from sleep. So here's how to do that.

        The instructions below may work on other Linux distributions, but I only tested this on Ubuntu (it should work in the exact same way on any Debian-based and Ubuntu-based Linux distributions, including Pop!_OS, etc.). On non Debian-based Linux distributions you may need to use different commands for updating GRUB 2 (step 4) and regenerating initramfs (step 6) as these are Debian-specific commands.

      • How to Install Brave Browser on Debian 11

        Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser. Brave is a privacy-focused Internet web browser, which distinguishes itself from other browsers by automatically blocking online advertisements and website trackers in its default settings. Brave has claimed its browser puts less strain on your computer’s performance than Google Chrome, regardless of how much you ask of it. Even with multiple tabs open at once, Brave uses less memory than Google Chrome-like, up to 66% less.

      • How to Install Fail2ban with Firewalld on Rocky Linux 8

        Fail2ban is an intrusion prevention software framework that protects computer servers from primarily brute-force attacks, banning bad user agents, banning URL scanners, and much more. Fail2ban achieves this by reading access/error logs of your server or web applications. Fail2ban is coded in the python programming language.

        The guide will give a rundown on installing Fail2ban on Rocky Linux 8 and some basic setup and tips.

    • Games

      • GOverlay just got an awesome update to make editing MangoHud even easier | GamingOnLinux

        GOverlay, the open source app for managing various Linux gaming overlays just got a fantastic upgrade, with it now having a live OpenGL preview for MangoHud.

        MangoHud is awesome but configuring it by hand is a bit of a nuisance, diving into text files and remembering all the different options. GOverlay gives you simple checkboxes and dropdowns to adjust your overlay and now you only need to tap a button to update a real-time preview. Nothing external needed now and it makes everything even simpler - exactly what we love to see.

      • Aliens: Fireteam Elite is out and works right away on Linux with Proton | GamingOnLinux

        Aliens: Fireteam Elite from Cold Iron Studios is a brand new co-op third-person shooter, which is out officially today and it works right away on Linux with Steam Play Proton. Note: key personally purchased.

        Since I am an absolute fanatic when it comes to the Alien franchise, I couldn't pass up this opportunity. Not only that, we don't get a lot of good online shooters that work on Linux with so many blocked by anti-cheat. Thankfully this is one game that seems to just work. Testing with the latest Proton 6.3-6, everything appears to work out of the box.

      • Office Point Rescue - Out the Office is a wonderful homage to retro shooters | GamingOnLinux

        If you loved going to arcades to play shooters when you were younger, or you loved the classic console first-person shooters you should check out the new Office Point Rescue - Out the Office. Developed by Magellanic Games, it's their first full-length title following on from multiple smaller free retro games released on itch.io.

        This is actually a follow-on from Office Point Rescue - Deja Vu, which acts as the first free chapter so you can get a feel for it by playing that first. This is much bigger though, with a lot more varied content.

        "Continuing on from the terrorist incident at the Emeraldalo Corporation's headquarters, Agent Foldon uncovers schemes and projects far more horrific than could be imagined. All was not what it seemed at, or rather below, EMC's headquarters."

      • Sci-fi colony management sim Stardeus has hit the Kickstarter goal and then some | GamingOnLinux

        Stardeus is an exciting looking game coming from developer Kodo Linija and the good news is that it's managed to hit the funding goal on the recent Kickstarter. Inspired by the likes of RimWorld, Factorio, Dwarf Fortress, Oxygen Not Included, Prison Architect and FTL it certainly has plenty to live up to.

        With 21 days still to go the initial €£12,000 was pretty low and with such a grand idea, it was clear it was going to be a success. There's a demo too available on itch.io and Steam which has certainly helped. It's one thing to have a good idea and a flashy video but if you're a mostly unknown name it can be difficult to pull people in. After over a year in development the developer said part of the reason for the Kickstarter was publicity for the demo to help feedback.

      • Stardew Valley just became an esport with a $40,000 tournament in September | GamingOnLinux

        I still can't quite believe it's real but it really is. The casual farming game Stardew Valley just became something of an esport with a new competition with a $40,000 prize.

        Stardew creator Eric "ConcernedApe" Barone has teamed up with Zach "Unsurpassable Z" Hartman to host the tournament which will be live on Hartman's Twitch channel on September 4 starting at 09:00 PST / 16:00 UTC. It's a celebration of the game and some of the top speedrunners and creators in the community.

        For a game that's supposed to be about chilling-out, doing a little farming and possible a little romance, having a competitive event might seem a little odd but quite probably thoroughly entertaining too thanks to over 100 challenges that have been set for the event. Instead of trying to speedrun through, each team has a few hours to complete as many of the challenges as possible with each worth a different amount of points. There will also be additional challenges thrown in every 30 minutes that teams won't know until they happen.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • OBS builds of KDE/Plasma for Debian/Bullseye – Testing – Unstable

          With the release of Debian/Bullseye last week, we can now support the stable Debian release (Bullseye) as well as Testing and Unstable releases with our build of KDE/Plasma (frameworks, plasma, gears, related programs) on the OBS builds. We used this switch to also consistently support three architectures: amd64, i386, and aarch64.

      • GNOME Desktop/GTK

        • GNOME 41 Beta is Now Available For Linux--Here Are the Updated Packages
          GNOME Project announced that its newest beta version will now soon become available for Linux testers. The GNOME 41 public beta is set to be available on Sept. 2.

          GNOME Project unveiled that the newest beta 41 is now available. Here are the features that Linux users should know. According to a report by 9to5Linux on Tuesday, Aug.24, the release of GNOME 41 was the first update that the project developer created since GNOME 41. The team said that the beta will introduce several improvements, including bug fixes, new features, and applications.

        • GNOME 41 Beta Introduces SIP/VoIP Support with Significant Updates to Applications - It's FOSS News

          While GNOME 40 was a significant upgrade, GNOME 41 is the next version bump with several improvements and new feature support.

          It should be available as a stable release next month. Now, the beta version is available for public testing.

          [...]

          Considering its official release announcements, let me mention a few essential changes.

          Start with GNOME 41; you can now manage your SIP (Session Initiation Protocol) account using the UI.

          You can easily place VoIP calls using the dial pad right from the system.

          Even though this is not something, every user needs, you may want to opt for a SIP account if you need to cut costs with international calls. GNOME 41 will make it easy for you to integrate the account and use it from the get-go.

        • Apple M1 Now Boots Gnome Desktop on Debian Linux

          In an important update from the battle to tame the Apple M1 chip into running Linux natively, as noticed by The Register, graphics developer Alyssa Rosenzweig, along with her Asahi Linux colleagues, has managed to get the Gnome Shell running on the bare metal, albeit without GPU acceleration.

    • Distributions

      • New Releases

        • MX Linux 21 KDE Plasma Edition Is Now Available for Beta Testing with Plasma 5.20 Desktop

          Last week, I told you about the Xfce and Fluxbox beta releases of the forthcoming MX Linux 21 “Wildflower” distribution, which will be based on the recently released Debian GNU/Linux 11 “Bullseye” operating system series and the long-term supported Linux 5.10 LTS kernel series.

          And now, the KDE Plasma edition is ready for testing too, based on the AHS (Advanced Hardware Support) images of MX Linux 21 KDE and available only for 64-bit computers. The KDE Plasma edition ships with the Plasma 5.20 desktop environment series, more precisely the 5.20.5 point release.

        • MX Linux 21 With Fluxbox is a New Edition Available for Beta Testing

          The MX Linux community is preparing for a new release in the MX Linux 21 series. This release will be based on the freshly released Debian 11 “Bullseye” and MX components.

          Unlike previous releases, the Fluxbox edition will be available as a separate ISO file along with the XFCE and KDE desktop editions.

          The new Fluxbox edition is a good addition to the series with a lower resource requirement.

          Let’s take a look at what MX Linux 21 with a customized Fluxbox desktop offers.

      • IBM/Red Hat/Fedora

        • Enabling Simple Content Access and registering to Red Hat Insights with Subscription Manager

          Simple Content Access (SCA) allows you to access Red Hat software content without attaching a subscription to a particular system or environment. Separating subscriptions and content management makes it easier for admins to fully utilize their RHEL subscriptions efficiently.

          In this three-part series, we will cover how to enable Simple Content Access and register your systems to Red Hat Insights and how to view your Red Hat Enterprise Linux (RHEL) systems in the Red Hat Customer Portal. We'll also cover how to create custom tags to use tag filtering in Red Hat Insights to support more refined views of your RHEL environments.

        • Building a DevSecOps culture and shifting security left

          There is an old saying that you can pick only two of the following traits: good, fast, and cheap. If you choose a good and fast path, it will be expensive. If you choose good and cheap, it will take time to get it delivered. Lastly, the fast and cheap selection will yield poor quality.

          Over the past decade, companies have embraced DevOps methodologies, and understand the tough selection between the three traits. Tool selection is extremely important to implement a DevOps culture, although it will require more than just the perfect tool.

          Successfully implementing DevOps, as a culture and practice, is predicated on automation. Efficient automation is how a company like Etsy does 50 deployments per day. This speed of development and deployment has some obvious advantages—bugs don’t live in production very long because rapid development and deployment replaces them very quickly with corrected code. You can also introduce new features quickly without having to wait for long development cycles to create a complete package. A new feature can be developed and deployed while other features are being developed alongside.

        • Exploring our bugs, part 2: resolution – Fedora Community Blog

          This is this second part of a series I promised during my Nest With Fedora talk (also called “Exploring Our Bugs”). In this post, I’ll analyzing the bug report resolutions from Fedora Linux 19 to Fedora Linux 32. If you want to do your own analysis, the Jupyter notebook and source data are available on Pagure. These posts are not written to advocate any specific changes or policies. In fact, they may ask more questions than they answer.

        • 4 IT automation myths dispelled | Enable Sysadmin

          If it takes more time to automate a certain task than simply to accomplish the job manually, it is not worth automating.

          You are likely to get resistance from your peers or management about automating tasks based on time savings. In reality, every job you do as an engineer is worth automating, but you have to be cognizant of the time and deliverables. When certain tasks appear to be not worth automating, I have often found that what is actually meant is that it's just not possible to automate it at this time. However, in the future, your objective should be to automate the task—you are likely to get less resistance from your team if you keep this perspective. Just make sure to communicate the automation proposal in a way that meets your immediate goals and improves future effectiveness.

        • Game telemetry with Kafka Streams and Quarkus, Part 1 | Red Hat Developer

          Apache Kafka makes it possible to run a variety of analytics on large-scale data. This is the first half of a two-part article that employs one of Kafka's most popular projects, the Kafka Streams API, to analyze data from an online interactive game.

        • Remote work: 4 misconceptions about workplace re-entry | The Enterprisers Project

          When COVID forced the world to quickly adapt to a remote work environment, many of us thought that we were facing our biggest workforce challenge. But as leaders and employees grapple with how to move forward post-pandemic, we’re quickly realizing that our greatest obstacle may well be re-entry into the workplace.

          From the very beginning of the pandemic, we knew work would never look the same, and discussions surrounding “back to normal” quickly changed to “the new normal.” But as much as we’ve hyped this concept, no one has been able to define it: Employers are struggling to outline what expectations they should have for employees, who in turn are wondering how they will adjust, again, and rework their schedules to accommodate their employer’s expectations.

          On top of all this, many people are reexamining what a successful career looks like and are trading cutthroat, always-on jobs for roles that allow for more flexibility and meaning – a trend that’s becoming known as the “Great Resignation.”

      • Canonical/Ubuntu Family

        • Icons Look too Small? Enable Fractional Scaling to Enjoy Your HiDPI 4K Screen in Ubuntu Linux

          A few months ago, I bought a Dell XPS laptop with a 4K UHD screen. The screen resolution is 3840×2400 resolution with a 16:10 aspect ratio.

          When I was installing Ubuntu on it, everything looked so small. The desktop icons, applications, menus, items in the top panel, everything.

          It’s because the screen has too many pixels but the desktop icons and rest of the elements remain the same in size (as on a regular screen of 1920×1080). Hence, they look too small on the HiDPI screen.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Intel Releases OSPray Studio 0.8

        One year ago to the day Intel announced OSPray Studio as a scene graph application for rendering glTF assets and other 3D models. OSPray Studio is built off their OSPray ray-tracing engine that they've been working on for years. These Intel efforts are all part of their oneAPI initiative and today happens to mark a shiny new feature release.

      • FSF

        • GNU Projects

          • Drop-in replacements for Core Utilities

            The GNU Core Utilities or coreutils is a package of GNU software containing implementations for many of the basic tools, such as cat, ls, and rm, which are used on Unix-like operating systems.

            Every day, we use many command-line tools to manage our systems, and perform basic tasks. Many of the programs provided by coreutils are staples in our daily life. Over the years, these tools have been updated and ported to other systems, but they still retain many of their original traits.

            Alternative implementation packages, with a slightly different scope and focus, or license. For example, GPLv2-licensed BusyBox and BSD-licensed Toybox are available for use in embedded devices. There also a project called uutils-coreutils which seeks to write cross-platform CLI utilities in Rust. It aims for high compatibility with coreutils. Adoption of the tools hasn’t spread to production environments. There’s also an alternative to coreutils using software from FreeBSD but compatibility is low, user adoption is very low, and like uutils-coreutils it’s missing many commands.

          • 2021-9: GNU Taler v0.8 released

            We are happy to announce the release of GNU Taler v0.8.

            We have addressed over 400 individual issues, our bug tracker has the full list.

      • Programming/Development

        • Solve the repository impedance mismatch in CI/CD | Opensource.com

          An impedance mismatch in software architecture happens when there's a set of conceptual and technical difficulties between two components. It's actually a term borrowed from electrical engineering, where the impedance of electrical input and output must match for the circuit to work.

          In software development, an impedance mismatch exists between images stored in an image repository and its deployment descriptors stored in the SCM. How do you know whether the deployment descriptors stored in the SCM are actually meant for the image in question? The two repositories don't track the data they hold the same way, so matching an image (an immutable binary stored individually in an image repository) to its specific deployment descriptors (text files stored as a series of changes in Git) isn't straightforward.

        • Arm Posts New GCC Compiler Patches Due To New Vulnerability Affecting ARMv8-M TrustZone - Phoronix

          Made public on Monday was CVE-2021-35465 as a new security vulnerability affecting various Arm products. For unmitigated (ARMv8-M) hardware, Arm has posted a series of GCC compiler patches for working around the issue.

          CVE-2021-35465 is this new Arm processor vulnerability affecting a subset of their designs -- particularly ARMv8-M and ARMv8.1-M products for micro-controllers and other embedded use-cases for TrustZone and more.

        • Shell/Bash/Zsh/Ksh

          • Choosing and changing your Linux shell

            There are quite a few shells on Linux system and more that can be easily added. This post examines some of the more popular shells, how they differ and the files that contribute to their configuration.

            The default shell on most Linux systems is bash. Unless you make an effort, any user accounts added to the system will be assigned bash as their login shell. Bash has been around since 1989 and was meant to replace the Bourne shell (sh). In fact, if you take a look at /bin/sh, you'll probably find that it's nothing more than a symbolic link to /bin/bash.

  • Leftovers

    • The lazy audiophile

      Whenever I mention that next to my regular headphones, I also use a pair of Bluetooth headphones, people swear at me, claiming that it substantially degrades sound quality. Yes, that is right. And to add insult to injury, I even use active noise canceling, which changes the original sound even more. But who cares when it is just background music, so I can concentrate on my work when people are talking around me? It does its job: keeps the noise out. Of course I switch to my studio headphones as soon as I want to focus on the music itself. But when it comes to background music, Bluetooth is a lot more comfortable.

    • Integrity/Availability

      • Proprietary

        • CloudChomp Adds Discovery for Secure Shell for Linux Machines

          CloudChomp, Inc., a leader in AWS cloud migration planning and discovery solutions and an Advanced Technology Partner in the Amazon Web Services (AWS) Partner Network (APN), announces their latest release which includes support for Secure Shell (SSH), a secure cryptographic protocol. SSH will be the primary data collection standard for stand-alone Linux machines and will supplement the data collected from vCenter for Linux machines to include application discovery and application dependency mapping.

        • Security

          • 13 million malware attacks on Linux seen in wild [Ed: It's hardly about the "Linux" kernel and these "attacks" are not successful one]

            Cryptominers, web shells and ransomware are the most common varieties of malwares targeting Linux systems, thanks to its prevalence as the backbone of most public cloud services

          • Report Details Linux Threat Landscape [Ed: Of course "FOSSlife Team" had to amplify this marketing/sales pitch as well
          • Linux cloud environments face an onslaught of malware attacks [Ed: Mayank Sharma the latest to parrot this self-promotional FUD of an insecurity firm]
          • New Linux malware family evades antivirus detection [Ed: Mayank Sharma seems to have chosen a focus on "Linux" fear-mongering rather than news; pushing AV nonsense, which is proprietary software]

            Cybersecurity researchers have uncovered severalmalicious Linux binaries that have successfully managed to sneak past most antivirus products.

          • 38 million records exposed, Microsoft Power Apps blamed

            Thousands of web apps left sensitive data exposed online due to misconfigured settings for Microsoft Power Apps. Thirty-eight million records appeared online, including social security numbers, COVID-19 vaccination statuses, home addresses, and phone numbers. American Airlines, J.B. Hunt, Microsoft, and several government bodies are among the affected organizations. UpGuard notified 47 entities regarding the data exposure and reached out to Microsoft about it as well (via WIRED).

            The data leaks came as a result of organizations using Microsoft's Power Apps. These can be used to create websites and to manage data, but if misconfigured can result in security risks. Power Apps can be used to manage data that organizations would like to have public, such as the locations of vaccination centers, as well as data that should remain private, such as Social Security numbers. The default settings for Power Apps left data publicly accessible until a recent change from Microsoft.



Recent Techrights' Posts

Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
 
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024
Gemini Links 19/12/2024: Fast Year Passes and Advent of Code Ongoing
Links for the day
Twitter is Going to Fall Out of Top 100 Domains as Clownflare (DNS MitM) Sees It
evidence of Twitter's (X's) collapse
[Meme] Making Choices at the EPO
Decisions, decisions...
'Dark Patterns' or a Trap at the European Patent Office (EPO)
insincere if not malicious E-mail from the EPO's dictators
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
Large and Significant Error Correction in South America?
Windows now has less than half what Android achieved in terms of "market share"
IBM's Leadership Ruining Lives of People Who Thought Working for IBM Would be OK
Nobody gets fire-lined for buying IBM?
The United States' Authorities Ought to Become Enforcers of the General Public License (GPL) for National Security's Sake
US federal agencies ought to pursue availability of code and GPL compliance (copyleft), not bans
The Problem of Microsoft Security Problems is Microsoft (the Solution is to Quit Microsoft) and "Salt Typhoon" Coverage Must Name CALEA Back Doors
Name the holes, not those who exploit them.
A "Year of Efficiency"
No, we don't mean layoffs
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024