This has been a really great week for Linux releases, starting with the Mozilla Firefox 93 web browser and continuing with the Debian GNU/Linux 11.1 “Bullseye” distribution. Also out this week were new maintenance updates for the KDE Gear and KDE Frameworks software suites for users of the Plasma desktop.
On top of that, the upcoming GNOME 42 desktop environment got a release date, Red Hat Enterprise Linux 8.5 entered beta testing, MX Linux 21 is getting ready for a final release, and users of old Mozilla Thunderbird versions can now finally upgrade to the 91 series via OTA updates.
Apple M1 Linux development reaches a key milestone and boots a useable desktop; Ubuntu reveals a new product, and the secret SUSE project that leaked this week.
Plus, the essential RISC-V code landing in the Linux kernel.
Josh and Kurt talk about the recent Twitch hack and how in the modern age leaking source code almost certainly doesn’t matter. The leaked data however is a big deal. We also discuss a recent Apache httpd update. Some things went right, some things went wrong. Dealing with vulnerabilities is hard.
Linus Torvalds just pushed out the Linux 5.15-rc5 kernel release with things looking smooth for this stage and hopefully leading to an on-time release in just a few weeks.
The 5.15-rc5 kernel prepatch is out for testing. "So things continue to look quite normal, and it looks like the rough patch (hah!) we had early in the release is all behind us. Knock wood."
Suppose you’re running your organization’s crucial apps in the cloud. Specifically, suppose you’re running them them on AWS, and in particular in the “us-east-1” region? Could us-east-1 go away? What might you do about it? Let’s catastrophize!
It’s fairly straightforward to build your own router, and there are a number of tutorials for setting up IPv4 forwarding and NAT rules on Linux1. However, IPv6 is a bit more complicated. There are many BSD and Linux based operating systems like pfSense and OpenWRT, which have web management tools to make setting up IPv6 straight forward. However, if you like to run your own custom Linux distribution on your home router and control everything from the command line, this tutorial will take you through configuring dhcpcd, dnsmasq, unbound, iptables and ip6tables for full IPv6 support on your local network.
Among the changes, it also seems that now Mauritius Telecom is putting every subscriber modem behind a NAT. To keep this part simple, let's say that normally when your home modem receives a public IP address it is connected directly to the Internet and thus is directly reachable to. Being behind a NAT means that the IP address is on the ISP's end and your modem only has a private address on the ISP's network. Therefore, your home modem is not directly reachable. Should you wish to run a server which needs to be accessible from the Internet, you cannot.
I belabour all of this, to share that phrase with five words. This afternoon I’ve been bulk importing all my mail into a clean new Thunderbird profile and exporting them as eml files. I’ll throw this onto my OpenZFS data backup pool, in case I ever want to search them. That’s the great thing about glorified text files and HTML email, the latter of which I still resent having been introduced, and not just because it made using software like the console Alpine email client untenable. But I digest.
We have a sensitive host that absolutely has to be protected with multi-factor authentication. When we first set it up in late 2016, the second factor we chose was touch-required SSH keys held on Yubikeys. Recently, we have been switching this host over to the university's institutional multi-factor authentication. The university's MFA uses Duo, so our sensitive host is set up to use Duo's PAM module.
We want all our network traffic to go through a WireGuard VPN tunnel automatically, both WireGuard client and server are running OpenBSD, how to do that? While I thought it was simple at first, it soon became clear that the "default" part of the problem was not easy to solve, fortunately there are solutions.
This guide should work from OpenBSD 6.9.
To change your hostname on a Linux computer, use the hostnamectl command.
Computers have network addresses, but they're usually difficult for humans to remember. Hostnames are labels intended to help humans refer to a specific computer. Instead of navigating to 192..168.1.4, for instance, you might navigate to ââ¬Å linuxlaptopââ¬Å or linuxlaptop.local.
This simple tutorial explains how to search files and folders on Linux Mint. Mint is a very popular and easy to use computer operating system from GNU/Linux family based on Ubuntu Desktop. This covers its three editions namely Mint Cinnamon, XFCE, and MATE so pick the one suitable to yours. Let's search!
Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads.
Cockpit is a free remote server manager that is lightweight and easy to use for GNU/Linux servers. Cockpit is a web-based graphical interface for servers intended for people new to Linux to the experts such as sysadmins. Cockpit makes Linux discoverable, allowing anyone using the software to perform tasks such as start containers, administer storage, configure networks, and inspect logs.
Podman is an OCI container compatible container engine that is also part of RedHat Linux, but can also be installed on other Linux distributions.
As it’s OCI-compliant, Podman can be used as a drop-in replacement for the better-known Docker runtime. Most Docker commands can be directly translated to Podman commands.
This article describes how to fix this warning “Failed to set locale, defaulting to C.UTF-8” in CentOS 8 /RHEL 8 .
Setting up a backup server to take over a primary server’s operations when it becomes a victim of server downtime issues is a skill set that most Linux users and all Linux administrators need to master. It saves you from having to worry about the “what if” scenarios.
So during a worst-case scenario where some technicalities or server breach attempts might temporarily or permanently bring your primary server down, you can always rely on the presence of a backup server that is configured to function as a twin server environment of the primary/main server.
Python is one of the most popular high-level languages, focusing on high-level and object-oriented applications from simple scrips to complex machine learning algorithms. Python 3.10 is the latest release and is not classed as stable compared the Python 3.9, but the final candidate is expected to be completed on the 4th of October 2021.
Foxit PDF Reader is a free multi-platform PDF reader for Linux, macOS, and Windows. The PDF reader is a small, fast, and feature-rich PDF Reader to view, annotate, form-fill, and sign PDF documents. PDF Reader easily integrates with popular ECMs and cloud storage.
At the end of the tutorial, you will know how to install Foxit PDF Reader on AlmaLinux 8.
Apache, also known as Apache HTTP server, has been one of the most widely used web server applications globally for the past few decades. It is a free and open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features.
In the following tutorial, you will learn how to install Apache Web Server on AlmaLinux 8.
There’s no denying the fact that Linux gaming is getting better each day. Thanks to the Proton compatibility layer, which translates DirectX commands on Windows to Vulkan-understandable instructions on Linux, over 16,000 games in the Steam library can be played on Linux.
Proton is indeed a huge deal for Linux, especially with Valve using the same in its upcoming Steam Deck with Linux. But how exactly can we use Steam Proton to play Windows games on Linux? Read more to find out.
This tutorial will be helpful for beginners to install KODI 19.2 in Ubuntu 20.04, Ubuntu 20.10, Ubuntu 18.04, and LinuxMint 20.2.
KODI formerly known as XBMC Media center is a free and open-source cross-platform software media player. It is managed by a non-profit XBMC foundation and developed by volunteers around the world.
It is now officially available for Android, BSD, Linux,macOS, and Windows operating systems. The latest version of KODI is 19.2 and comes with bug fixes and new features.
Fedora Linux is a community-driven Linux Distribution maintained by Fedora Project. Fedora brings lots of improvements, bug fixes, security patches, new features very often. So it's very important to keep all software up-to-date.
Fedora support package manager such as RPM (DNF), Flatpak, OSTree - default graphical front-ends: GNOME Software.
In this tutorial, we learn how to update Fedora to get the latest Software. There are two methods to update Fedora: GUI and Terminal.
Here we are updating packages (installing security patches, kernel updates, and software updates) not upgrading to a new release.
Calamares is a distro- and desktop-agnostic Linux installer. It’s my day job. It is named for squid, in particular battered squid rings from the Mediterranean sea, Calamares. There’s lots of ways to catch squid and octopuses. One way is to use an octopus trap, and in Japan these have a fairly distinctive shape and are called tako tsubo. There is a specific kind of heart spasm that causes the left ventricle to take on the shape of an octopus trap; this is generally Not Good. Here’s a cute illustration from a squid-lover.
GOAL: Build a lightweight, bootable *.img file that you can flash onto a Raspberry Pi SD card. This will be the shortest, fastest Buildroot tutorial you read, and the tutorial is optimized for speed and simplicity. For a deep dive, see the Buildroot manual.
Pyabr OS was one of the latest distributions to be added to the DistroWatch waiting list. The project refers to itself as a "Python Cloud Operating System", a Linux distribution mostly written in Python. The project, which declares it is developed in Iran with multilingual support, runs on x86_64 computers and 64-bit Raspberry Pi machines.
The project's website mentions that Pyabr is a platform written in Python which offers a desktop and applications which can be run on any Linux distribution while Pyabr OS is a Debian-based operating system that runs the Pyabr software. The operating system can reportedly be installed locally or run from live media like a thumb drive. The desktop environment resembles KDE Plasma but is a custom environment called Baran which the project says is written in Python using the Qt framework.
I was unsure going into this trial how all of this related to cloud computing or services. The term "cloud" gets thrown around on the project's website, but without a clear indication of how this affects the end user. I decided to give the project a test drive and see if I could find out.
The Pyabr OS ISO file is a small download of just 447MB. The live system always stalled early in the boot process for 90 seconds while waiting for systemd to sort out its infamous "A start job is running..." warning. After that, the distribution booted quickly and displayed the Baran desktop which does look a lot like KDE Plasma at first glance due to its shared Qt framework and theme.
The latest release of Felen OS is more of a ‘calm before the storm’ release, as stated by the developer. This implies significant updates will be coming in the next release.
This release instead focuses on visual improvements like the addition of new wallpapers, refreshed splash screen, and a new lock screen. The Web Browser Manager now lets you tweak the configuration for Firefox.
Some of the quirky things that you could do with JavaScript included creating roll-over effects (making an image change when mouse pointer is over it), creating an animation that follows the cursor as it moves and, of course, annoying the users with all sorts of pop-up windows for both entertaining and advertising purposes. Annoying pop-ups will be the starting point for my blog post, but I'll be using those to make a more general and interesting point about how programs evolve to become more opaque.
The thing that bothers me is how awful of an experience this is for people with far less experience than me. I've been in this industry for over 20 years. However, other people are attempting to get into web development this year. And they're being told in order to do so they have to learn X, Y, and Z tools…all JavaScript of course. The problem is if they run into major issues—and they do, believe me, they do—they don't know enough to grasp just how buggy and incomplete the tooling is. Instead, they think they must have just made a mistake, or simply haven't learned enough yet. The cognitive load required is staggering.
Tor Browser 10.5.9 is now available from the Tor Browser download page and also from our distribution directory.
This version is a bugfix for Android.
The Python Mauritius User Group (PyMUG) has been around for quite a while. One of its founding members who has been an active community member has put efforts into orgnising a virtual conference about the Flask micro framework.
As of September, Sci-Hub has officially existed for 10 years — a milestone that came as a lawsuit to determine if the website infringed on copyright laws sits in India’s Delhi High Court. Just a few months prior, Elbakyan tweeted that she was notified of a request from the FBI to access her data from Apple. And before that, the major academic publisher Elsevier was awarded $15 million in damages after the Department of Justice ruled that Sci-Hub broke copyright law in the U.S.
Department of Justice ruled that Sci-Hub broke copyright law in the U.S. But that ruling can’t seem to touch Sci-Hub. And Elbakyan remains absolutely unrepentant. She advocates for a future in which scientific knowledge is shared freely, and she’s confident that it’s coming.
Futurism caught up with Elbakyan to hear what’s next. Over email, she explained her vision for the site’s future, her thoughts on copyright law, and more. This interview has been edited and condensed for clarity.
CNA data showed that Cofepris determined that the new seed variety was designed to withstand glyphosate, a herbicide that is the active ingredient in Roundup, which is made by Bayer. Cofepris, which considers the herbicide dangerous, said its rejection was based on a “precautionary principle.”
Mexico has never allowed the cultivation of GM corn on a commercial scale but has permitted the importation of such varieties for decades. Most imports come from the United States and are mainly used as livestock feed. Before a new variety of GM corn can be imported, Cofepris must authorize it.
The comments came as Nick Clegg, Facebook’s vice president of global affairs, appeared on several Sunday shows defending the company following blistering testimony from whistleblower Frances Haugen, a former product manager at the social media platform.
Haugen had leaked documents to The Wall Street Journal, leading to a series on Facebook alleging the company failed to adequately address anti-COVID-19 rhetoric, knew that Instagram was harmful to its younger users and had conducted research on how to attract tweens to its platforms.
If at any point you start receiving too much spam at that email address, delete it.
Researchers from the Slovakian security firm ESET claim to have discovered a new malware family that targets systems that run Linux but...
The Menlo Park, Calif.-based Facebook is also planning to introduce new controls for adults on an optional basis so that parents or guardians can supervise what their teens are doing online. These initiatives come after Facebook announced late last month that it was pausing work on its Instagram for Kids project. But critics say the plan lacks details, and they are skeptical that the new features would be effective.
Google will provide 10,000 "high-risk" users with free hardware security keys, after the tech giant warned more than 14,000 Gmail users that they may have been targeted in a state-sponsored phishing campaign.
In a Twitter thread, Shane Huntley who is director of Google's Threat Analysis Group (TAG), said that the group has sent a batch of government-backed security warnings.
Instagram will introduce new measures to nudge teenagers away from harmful content and encourage them to “take a break,” from the platform, Facebook vice president of global affairs Nick Clegg said on Sunday. Clegg made the remarks on CNN’s State of the Union show less than a week after whistleblower Frances Haugen testified before Congress about internal research that showed Instagram can have a negative effect on the mental health of young people.
Although the typical use case of SSH is to access a remote server securely, you can also transfer files, forward local and remote ports, mount remote directories, redirect GUI, or even proxy arbitrary traffic (need I say SSH is awesome?). And this is just a small set of what’s possible with SSH.
In this post, I’ll cover different tunneling features as supported by OpenSSH, which helps achieve security use cases such as remote web service access without exposing port on the internet, accessing server behind NAT, exposing local port to the internet. OpenSSH is the most widely used open-source SSH server. It comes pre-installed by default with the vast majority of Linux distributions.
This matters for more than just a CA popularity count. One of the eternal arguments around either changing the rules for TLS certificates and CAs, or dealing with an issue with a CA, is how many people and TLS certificates will be affected. In the past traditionally there were all sorts of arguments and back and forth numbers and so on (from browsers, from CAs, etc). Today, for many questions we can go out and measure through the CT logs to count at least how many TLS certificates would be affected. How many TLS certificates would be affected is not the same thing as how much traffic or how many people would be affected, of course. But it's a start, which is more than we used to have to work with in the open.
However, Taliban political spokesman Suhail Shaheen told The Associated Press there would be no cooperation with Washington on containing the increasingly active Islamic State group in Afghanistan. IS has taken responsibility for a number of recent attacks, including a suicide bombing Friday that killed 46 minority Shiite Muslims and wounded dozens as they prayed in a mosque in the northern city of Kunduz.
UnidosUS, formerly known as the National Council of La Raza, said in a statement its decision came "amid revelations on the role that the platform has played in intentionally perpetuating products and policies that harm the Latino community and undermine democratic ideals."
Islamic State group influence in Africa has grown yearly since 2014, according to a 2021 Sky News report. By 2019, at least 22 African countries had seen suspected IS-linked activity, even if no affiliate was based there. By 2020, eight countries had seen an increase in such violence. Those eight represent West Africa’s Sahel, the current epicenter of Islamic State group violence on the continent, and the Democratic Republic of the Congo (DRC) and Mozambique.
Cyclone did to Afghanistan what Operation Timber Sycamore has done more recently to Syria: triggered a refugee crisis of millions, reduced developed areas of the country to rubble, killed hundreds of thousands of people, and empowered far-right Islamists. But how strong was a left presence in Afghanistan before Cyclone? Could secular anarchists, communists, and socialists have formed a progressive alliance against hard-line Islamists? This article explores the CIA’s records.
"In less than two years the Philippine government filed 10 arrest warrants against me -- it was pretty bleak at different times," Ressa said.
Nonetheless, she was defiant in her defence of her battle for freedom of expression and independent journalism.
"This is the best time to be a journalist," Ressa said as she smiled. "The times when it's most dangerous are the times when it's most important."
Businesses, as a rule, do not like being forced to do anything. They prefer to make voluntary gestures—just enough to keep governments off their backs. Right now they are throwing around promises to cut carbon emissions to “net zero” like confetti, on the grounds that such vows attract investors, employees and customers. It is a step in the right direction. And yet some of those pledges are paper-thin. Of more than 4,200 firms in the G20 club of big economies that have disclosed their climate ambitions, only a fifth have committed to so-called science-based targets that would keep the world on track to meet the Paris agreement’s goal. That requires firms to start slashing emissions within years, not decades. For big emitters this poses an instant threat to profitability. It strains credulity to think that altruism is enough to convince firms to act. Governments will have to apply the thumbscrews.
Tens of thousands of people marched through the streets of Brussels on Sunday to demand Belgium's elected leaders and others from around the world finally dispense with proclamations, broken promises, and half-measures and instead "act" on the climate emergency.
"We need a Belgian Green New Deal and we propose more than 100 concrete solutions to make it happen.”
Organizers for climate justice are making final preparations Sunday ahead of five days of planned actions this week to confront President Joe Biden over the urgent need to declare a climate emergency, ditch fossil fuels, and move swiftly to create a green energy economy that can create millions of new jobs in the process.
"The fossil fuel industry has brought devastation to our homelands and it's time that we bring this fight to Biden’s doorstep."
Before we try to answer this question, it’s important to note that the best low-tech alternative for a high-tech solar panel is often not a low-tech solar panel but direct use of solar energy. That is, putting solar energy to use without converting it to electricity first. For example, a clothesline and a solar thermal water boiler are much more efficient, sustainable, and economical than an electric tumble dryer and a water boiler powered by solar PV panels. Direct use of solar energy can happen with local materials, relatively simple manufacturing technologies, and short supply lines.
Nevertheless, in this article, I take the question literally: can we build low-tech photovoltaic devices, which convert sunlight into electricity? In a previous article, we have seen that history offers inspiration for building more sustainable wind turbines. Can history also inspire us to make more sustainable solar cells?
Twelve years ago, during the International Year of Astronomy that marked the 400th anniversary of Galileo's first use of a telescope, I wrote "The Value of a Pale Blue Dot"—a reflection on how astronomy has revealed a vast universe filled with an unimaginable number of stars, thus shrinking the significance of our sun and our planet. The "pale blue dot" refers to how the Earth appears in a 1990 photograph taken by the Voyager spacecraft as it reached the outer limits of our solar system. The essay suggests that the knowledge gained from astronomy "forces us to acknowledge that our place in the universe is not particularly significant."
Ten years ago, the Occupy Wall Street movement was born with protests in Manhattan’s financial district. Its aim was to draw attention to the huge gap that had grown between the super-rich and average Americans in the age of global neoliberalism.
The U.S. added just 194,000 jobs in September, down from the 366,000 added in August and far below the million-plus in July (before the Delta variant took hold). This is being described in the media as a disappointment or a problem, but a closer look reveals something quite different.€
Closing our staggering wealth gap is crucial to the survival of both our economy and our democracy.
Facebook has recently taken a harsher tone toward whistleblower Frances Haugen, suggesting that the social network giant could be considering legal retaliation after Haugen went public with internal research that she copied before leaving her job earlier this year.
U.S. law protects whistleblowers who disclose information about potential misconduct to the government. But that protection doesn't necessarily cover taking corporate secrets to the media.
Facebook still has to walk a fine line. The company has to weigh whether suing Haugen, which could dissuade other employees who might otherwise speak out, is worth casting itself as a legal Godzilla willing to stomp on a woman who says she's just doing the right thing.
Facebook did not respond to emailed questions.
"Facebook should not get a free pass on choices it makes to prioritize growth and virality and reactiveness over public safety. They shouldn’t get a free pass on that because they're paying for their profits right now with our safety," Haugen told the panel.
Facebook’s chief spokesman said the company is willing to subject itself to greater oversight to ensure its algorithms are performing as intended and aren’t harming users.
Nick Clegg, Facebook’s vice president for global affairs, defended the company’s business practices against accusations from a whistle-blower that it had put profits ahead of users’ well-being.
Websites can always choose not to work with Mastercard. But given that the company handles about 30% of all card payments made outside China, to do so would be costly. Visa, which manages a further 60% of payments, is also taking a firmer line on adult sites. And the trend goes beyond porn. In the shadier corners of the web, and in industries where the law is unclear or out of date, financial firms are finding themselves acting as de facto regulators.
Since the turn of the century, “payments have become a tool of domestic and international policy,” says Aaron Klein of the Brookings Institution, a think-tank. After the 9/11 attacks of 2001 America introduced new anti-money-laundering rules and more targeted sanctions. This system—a “21st-century precision-guided munition”, as a former head of the CIA called it—obliges financial firms to block payments to the individuals on a list which today runs to 1,604 pages.
Yahoo! News (9/26/21) published a bombshell report detailing the US Central Intelligence Agency’s “secret war plans against WikiLeaks,” including clandestine plots to kill or kidnap publisher Julian Assange while he took refuge in the Ecuadorian embassy in London.
As Colorado and other states eliminate Columbus Day as a holiday, it might seem as if our society has begun to repudiate the legacy of a slave trader/explorer who fed Spain's lust for gold by trafficking in, and annihilating, native peoples. In truth, we continue to celebrate it.
It's somehow fitting irony as Indigenous Day approaches on Oct. 11 — once known by another name — that a new Columbus is about to pump oil through Line 3, the last tar sands pipeline. That is the colonial-like corporation Enbridge.
The growing adoption of new artificial intelligence (AI) technologies has raised questions as to whether patent laws are equipped to deal with new innovations. The Court of Appeal has handed down a highly anticipated judgment concerning an appeal filed by Stephen Thaler, owner of an AI-machine named "Dabus". While not moving the law forward, this decision appears to affirm the fact that legislative change is likely to be necessary.
...IBM will walk through an invention disclosure to discuss strategies and best practices for protecting, licensing, and enforcing IP rights covering AI.
Almost ten years after Megaupload was taken down the lawsuits against the site and its founder Kim Dotcom are still pending. The criminal case in the US awaits the outcome of the New Zealand extradition process and two civil cases, filed by the RIAA and MPA, were this week put on hold until April 2022, but they will likely start much later.
The U.S. Supreme Court has denied to hear the case of Paul Hansmeier, one of the attorneys behind the Prenda law firm, who's serving a 14-year prison sentence for his involvement in a piracy honeypot scheme. Meanwhile, court records show that Hansmeier's former colleague John Steele is already making plans for his release.