Bonum Certa Men Certa

Links 25/03/2022: Parrot 5.0, New Wine, and EasyOS 3.4.4



  • GNU/Linux

    • The New Stack3 Immutable Operating Systems: Bottlerocket, Flatcar and Talos Linux

      For those that don’t know, immutable operating systems have been increasing in popularity recently. An immutable operating system is one in which some, or all, of the operating system file systems, are read-only, and cannot be changed.

      Immutable operating systems have a lot of advantages. They are inherently more secure, because many attacks and exploits depend on writing or changing files. Also, even if an exploit is found, bad actors cannot change the operating system on disk (which in itself will thwart attacks that depend on writing to the filesystem), so a reboot will clear any memory-resident malware and recover back to a non-exploited state.

      Immutable systems are also easier to manage and update: the operating system images are not patched or updated but replaced atomically (in one operation that is guaranteed to fully complete or fully fail — no partial upgrades!) Immutable systems also can claim to be more stable than traditional operating systems, simply by virtue of eliminating many of the vectors that introduce instability into a system — most of which are human. No sysadmins can “just change this one setting to fix things” — with unforeseen impacts that aren’t found until hours later. (I’ve been that sysadmin.) No partially complete terraform or puppet runs that leave systems in odd states…

      On the workstation side, there are approaches to immutable OSes such as rpm-ostree. This attempts to create immutability and image-based deployments in the operating system, but layers a flexible file system architecture on top, so that packages can still be managed and updated by RPM.

      On the server side, there is a spectrum of immutability amongst container-specific operating systems. All support image-based OS updates, and no package manager at all. Some operating systems such as Flatcar Linux make /usr read-only, but allow common runtime modifications such as dynamically loading kernel modules, and overriding systemd configurations.

    • Audiocasts/Shows

    • Kernel Space

      • Web Pro NewsAsahi Linux Shows the M1's Greatest Limitation May Be macOS

        An alpha of Asahi Linux has been released for Apple’s M1, and the reviews are showing the potential it has, and the problems Apple has with macOS.

        The Asahi Linux Project has been working to port Linux to the M1 chip. Asahi is based off of the Arm version of Arch Linux. The team has been working without any assistance from Apple, adding to both the challenge and reward of releasing a working Alpha.

        Most impressive of all, however, is that Asahi is already proving to be much faster than macOS on the same hardware, in some cases as much as twice as fast, according to Lifewire.

      • Asahi Linux is reverse-engineering support for Apple Silicon, including M1 Ultra | Ars Technica

        Apple Silicon Macs have gotten mostly glowing reviews on Ars and elsewhere for their speed, power efficiency, and the technical achievement they represent—the chips are scaled-up phone processors that can perform as well or better than comparable Intel chips while using less power.

        But the move away from x86 hardware has also made the Mac a bit less useful for those who want to run multiple operating systems on their Macs. While you can run ARM versions of Linux and (with caveats and without official support) Windows within virtual machines on Apple Silicon Macs, running alternate operating systems directly on top of the hardware isn't something Apple supports. Apple doesn't distribute drivers for other operating systems, and moving away from x86 CPUs and widely supported Intel and AMD GPUs makes it harder for other developers to step in and provide those drivers.

      • Tom's HardwareAsahi Linux Is The First Linux Distro To Support Apple Silicon | Tom's Hardware

        Asahi Linux for Apple Silicon has launched for the public. It is the first Linux distribution to offer native support for Apple M1 chips. As this is an alpha release, please be aware of the likelihood of easy to stumble upon bugs and some significant missing features. However, this critical milestone now made, “things will move even more quickly going forward,” promises the Asahi Linux development team.

        Asahi isn’t just a beer. It is the Japanese word for ‘morning sun,’ so it is quite an apt name for a pioneering Linux distribution for M1-powered Apple Macs. “We’re really excited to finally take this step and start bringing Linux on Apple Silicon to everyone,” wrote the development team in a blog post. Importantly, installing Asahi Linux on your Mac doesn’t require a jailbroken device. In addition, it won’t affect the security level of your macOS install, so Mac features like FileVault, running iOS apps, and watching Netflix in 4K can continue.

      • Asahi is the first Linux distro to support Apple M1 processors | KitGuru

        The Apple M1 series of processors are still relatively new, limiting new Macs to Apple’s own operating system. That is starting to change this year, with Asahi revealing itself as the first Linux distro to work on M1-powered devices.

        Currently, Asahi Linux for M1 Macs is still in alpha, so the current version is aimed at developers and power users. With that in mind, there will likely be bugs present. Fortunately, installing Asahi will not affect the macOS data, so you can revert if you need to and you don’t need to jailbreak the Mac beforehand either.

    • Applications

      • Make Use OfTaking Screenshots on Linux Compared: 7 Different Desktops

        Each Linux desktop environment comes with its own screenshot utility. Many have similar features, but that doesn't make them equally usable. Whose looks the best? Which is the most powerful?

        Since this is open-source software, some desktop environments reuse the same screenshot tool. Here is a look at what the screenshot experience is like across many of the most popular Linux desktops.

    • Instructionals/Technical

      • HowTo ForgeHow to Install OpenLDAP on Debian 11
      • Linux Made SimpleHow to install Audacity 3.1.3 on a Chromebook

        Today we are looking at how to install Audacity 3.1.3 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • ByteXDLinux Directory Structure and Filesystem Hierarchy - ByteXD

        If you are new to Linux, and just started using it, you might have heard some terms like var, root, bin, etc and many others. Today we will talk about these terms and try to clear your confusion.

        var, root, bin, etc are actually different directories on your Linux distribution. The directory structure in Linux is quite different from the directory structure in Windows. In Windows, we see that most of the programs are being installed in a directory named Program Files and system files are in system32.

        In Linux, the file hierarchy is totally different. There is a “Filesystem Hierarchy Standard (FHS)” maintained by Linux foundation that defines the structure and the content of directories in all UNIX based systems. Because of maintaining this standard, almost all the Linux distros have the same directory structure.

      • ByteXDHow to Install Docker Compose on RHEL 8 (AlmaLinux/Rocky Linux/CentOS) - ByteXD

        Docker Compose is a useful tool for running multi-containers Docker applications. Using Docker Compose, we can configure the application’s services in a YAML file that helps you to create and start all services from the defined configurations. It allows different users to launch, run, communicate and close containers using a just single coordinated command.

      • VituxHow to Install Snipe-IT Asset Management Tool on Ubuntu 22.04 – VITUX

        In order to track the ownership, deployment process, and details of all servers, a powerful IT asset manager is required. This can be achieved by installing and using Snipe-IT, an open-source IT asset management tool.

        In this article, we will discuss the installation of Snipe-IT on an Ubuntu 22.04 server.

      • Ubuntu HandbookHow to Install Kernel 5.13 in Ubuntu 18.04 from the 20.04 Repository | UbuntuHandbook

        For those sticking to the old Ubuntu 18.04, but need higher Linux kernel version for specific hardware support, here’s how to install the Linux Kernel 5.13 from Ubuntu 20.04 repository.

        NOTE: Ubuntu 20.04’s kernel package does install and seems running good in Ubuntu 18.04. But I’m not sure if it will cause compatibility issues. Install it ONLY that you do require it, and use it at your own risk!!

      • ID RootHow To Install Drupal on Fedora 35 - idroot

        In this tutorial, we will show you how to install Drupal on Fedora 35. For those of you who didn’t know, Drupal is an open-source, flexible, highly scalable, and secure Content Management System (CMS) that allows users to easily build and create websites. It is written in PHP programming language and uses MySQL/MariaDB as a backend database. Drupal is available with thousands of add-ons, which makes it highly customizable.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Drupal content management system (cms) on a Fedora 35.

      • Trend OceansEnable/Disable Auto Update & Upgrade in Unattended Upgrades on Ubuntu - TREND OCEANS

        Unattended Upgrades software helps us auto-update and upgrade system packages in the background without user interaction to keep up to date with the latest features and security patches.

        This feature can be a handful to secure your system with the latest security issues, even ubuntu providing it out of the box with its latest iso.

        Unexpected background updates can be irritating for regular Linux users. At the time of background update, if you try to install any package or attempt to execute the apt command, you will get a similar error as shown below.

      • Configure SSSD for LDAP Authentication on Ubuntu 22.04 - kifarunix.com

        This guide will take you through how to install and configure SSSD for LDAP authentication on Ubuntu 22.04. SSSD (System Security Services Daemon) is a system service to access remote directories and authentication mechanisms such as an LDAP directory, an Identity Management (IdM) or Active Directory (AD) domain, or a Kerberos realm.

    • Games

      • Boiling Steam1700 Games On The Steam Deck, with Valkyria Chronicles 4 as Verified - Boiling Steam

        There are now more than 1700 games working on the Steam Deck – (1703 at the time of writing) in two categories as usual:

        Steam Deck Verified: 912 titles Steam Deck Playable: 791 titles Total: 1703 titles

      • Boiling SteamThe Publisher with the Best Steam Deck Support - Boiling Steam

        So tracking the number of games over time making it on the Steam Deck is fun and all, but let’s check this time what’s the situation with publishers when it comes to Steam Deck Support: namely which publisher has the most games Steam Deck Verified at this stage?

        And the answer is…

      • GamingOnLinuxLooks like Valve are adding a feedback system for Steam Deck Verified (update: it's live) | GamingOnLinux

        UPDATE: shortly after, Valve officially announced this new system and it's live now. Valve confirmed they can already grab data on things like crashes but this new opt-in system is to gather more info on the "overall experience". They also said the "data collected by this system won't directly change the Deck compatibility category for a title". So they're not crowdsourcing the compatibility process but checking to see if their process is working well or not.

      • GamingOnLinuxWine 7.5 is out now with initial OCSP protocol support | GamingOnLinux

        Wine is the compatibility layer that allows you to run games and applications developed for Windows - on Linux (plus also macOS and BSD). A new development release is out with Wine 7.5. It's a major part of what makes up Steam Play Proton and enables a ton of games to work on the Steam Deck. Once a year or so, a new stable release is made.

      • PhoronixWine 7.5 Released With HLSL Compiler Support For Bundled VKD3D - Phoronix

        Wine 7.5 is out as the latest bi-weekly software update for enjoying Windows games and applications under Linux, macOS, and other platforms.

        Wine 7.5 continues the recent trend of converting more components to portable executable (PE) format, with this release bring Wine's ALSA driver now converted.

      • WineHQ - Wine Announcement - The Wine development release 7.5 is now available.

        The Wine development release 7.5 is now available.

        What's new in this release: - ALSA driver converted to PE. - Locale database generated from Unicode CLDR. - HLSL compiler support with the bundled vkd3d. - Initial support for the OCSP protocol. - More cleanups to support 'long' type. - Various bug fixes.

        The source is available from the following locations:

        https://dl.winehq.org/wine/source/7.x/wine-7.5.tar.xz http://mirrors.ibiblio.org/wine/source/7.x/wine-7.5.tar.xz

        Binary packages for various distributions will be available from:

        https://www.winehq.org/download

        You will find documentation on https://www.winehq.org/documentation

        You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.

        Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kate & KWrite on Qt 6 - Kate

          Given the great work others did already on the Qt 6 porting of KDE Frameworks, let’s take a look at Kate & KWrite on Qt 6.

          With only minor patches, both applications now run on the current master state of KDE Frameworks and Qt 6.2.

          Close to all functionality is available, I think the only stripped out part is the hot new stuff upload for snippets and I didn’t test the Konsole part.

      • GNOME Desktop/GTK

    • Distributions

      • New Releases

        • CNX SoftwareLakka 4.0 game emulator released with LibreELEC 10.0.2 and RetroArch 1.10.1
          Lakka 4.0 is the latest release of the game emulator based on LibreELEC 10.0.2 and RetroArch 1.10.1 frontend GUI for LibRetro game emulators cores. While Lakka was initially designed for Raspberry Pi boards in a way similar to RetroPie, it also works just fine on many other Arm platforms and PCs.

          Main changes to Lakka 4.0 compared to version 3.7...

        • 9to5LinuxParrot 5.0 Security OS Released with Linux Kernel 5.16, New Hacking Tools, and LTS Support

          Based on the Debian GNU/Linux 11 “Bullseye” (Stable) operating system series and powered by Linux kernel 5.16, Parrot 5.0 is here almost a year after Parrot 4.11 with a new LTS (Long-Term Support) release model, a new architect edition, an experimental Raspberry Pi edition, as well as a plethora of new tools for ethical hackers and penetration testers.

          Meet Parrot Architect Edition, a minimalist ISO image of Parrot OS that only features an installer to let expert users fully customize their installations.

        • Parrot 5.0 Security OS Released
          The ParrotSec team (The company behind Parrot OS) made an announcement regarding the availability of Parrot 5.0 security OS. Parrot 5.0 is powered by Linux Kernel 5.16 and is based on the Debian GNU/Linux 11 “Bullseye”. Parrot 5.0 introduces a new Long Term Support release model.

        • EasyOS Dunfell-series 3.4.4

          EasyOS was created in 2017, derived from Quirky Linux, which in turn was derived from Puppy Linux in 2013. Easy is built in woofQ, which takes as input binary packages from any distribution, and uses them on top of the unique EasyOS infrastructure.

          Throughout 2020, the official release for x86_64 PCs was the Buster-series, built with Debian 10.x Buster DEBs.

          EasyOS has also been built with packages compiled from source, using a fork of OpenEmbedded (OE). Currently, the Dunfell release of OE has been used, to compile two sets of binary packages, for x86_64 and aarch64.

          The latter have been used to build EasyOS for the Raspberry Pi4, and first official release, 2.6.1, was in January 2021.

          The page that you are reading now has the release notes for EasyOS Dunfell-series on x86_64 PCs, also debuting in 2021.

          Ongoing development is now focused on the x86_64 Dunfell-series. The last version in the x86_64 Buster-series is 2.6.2, on June 29, 2021, and that is likely to be the end of that series. Releases for the Pi4 Dunfell-series are still planned but very intermittent. The version number is for EasyOS itself, independent of the target hardware; that is, the infrastructure, support-glue, system scripts and system management and configuration applications.

          The latest version is becoming mature, though Easy is an experimental distribution and some parts are under development and are still considered as beta-quality. However, you will find this distro to be a very pleasant surprise, or so we hope.

        • Barry KaulerEasyOS version 3.4.4 released
        • Barry KaulerOE and woofQ project tarballs used for Easy 3.4.4
      • SUSE/OpenSUSE

        • openSUSE Tumbleweed – Review of the week 2022/12

          Once again we were able to demonstrate the power of OBS and openQA by allowing the GNOME maintainers to bring the shiny new GNOME 42 into a snapshot ‘the day it is published upstream’. GNOME 42 was released on March 23, 2022, and snapshot 20220323 already contains it. But of course, this is not all that happened during the last week. After all, we had a total of 6 snapshots published (0318…0323).

      • Arch Family

      • IBM/Red Hat/Fedora

        • Red Hat OfficialIt’s Red Hat’s 29th birthday!

          Red Hat was founded on March 26, 1993—29 years ago this month, and just over a year after Linux was first unleashed upon the world.

          So much has changed since then. Open source grew from being a little known and largely misunderstood engineering model to being one of the driving forces in modern software development. Linux evolved from a niche passion project for a handful of developers to being one of the most important technologies enabling the internet, artificial intelligence, space exploration, and more.

          But today, we invite you to go back to the beginning and revisit some stories from Red Hat’s early days.

          In December 2021, Bob Young—founder and CEO of Lulu.com and co-founder of Red Hat—returned to chat with Chief Architect Adam Clater about the early history of open source software and building what would become the largest open source software company in the world.

        • Red Hat OfficialThe next release of Red Hat Satellite: Same great features, new version number

          Red Hat will release the next version of Red Hat Satellite as Satellite 6.11, rather than 7.0 as previously announced. Our next release is still full of enhancements, but as we got closer to completing the release we determined this release did not warrant a major version increment.

          Red Hat Satellite versions are used mainly to distinguish releases. Generally speaking, Satellite follows a scheme of Major.Minor.Patch version numbers.

        • IBM DeveloperIntroducing StockTrader [Ed: IBM has outsourced to Microsoft's proprietary software prison again]

          The IBM Stock Trader application is a simple stock trading sample, where you can create various stock portfolios and add shares of stock to each for a commission. It keeps track of each portfolio’s total value and its loyalty level, notifying you of changes in level, which affect the commission charged per transaction. It also lets you submit feedback on the application, which can result in earning free (zero commission) trades, based on the tone of the feedback. (Tone is determined by calling the Watson Tone Analyzer, which will be covered in a future article).

          The sample is intended to showcase what one might expect after performing a lift-and-shift of a traditional monolithic, on-premises application to one that has been refactored as Docker(container)-based microservices running within a modern Kubernetes-based environment. It deliberately shows off how to use the traditional Java EE programming models, such as JDBC and JMS, to access traditional system-of-record resources, such as a relational database or a message queueing infrastructure. Note that while the application usually uses IBM Db2 and MQ, it also works great with open source technologies, like Apache Derby as the relational database, and with the JMS server built into Open Liberty, an open-source cloud-native Java runtime.

        • FedoraFriday's Fedora Facts: 2022-12 – Fedora Community Blog

          Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!

        • IBM DeveloperLearn best practices for debugging and error handling in an enterprise-grade blockchain application [Ed: IBM still trying to ride this hype wave from 2-4 years ago]

          Blockchain is a shared, replicated immutable ledger for recording transactions, tracking assets, and building trust. An asset can be tangible (for example, a house or a car) or intangible (for example, intellectual property or patents). Blockchain is built on properties like consensus, provenance, immutability, finality.

          In a traditional business scenario, a transaction that involves multiple organizations is recorded differently by each business. If two organizations disagree on the state of a transaction, then a dispute occurs, which can often be costly and time consuming to resolve. Blockchain introduces the following concepts:

      • Devuan Family

        • MakeTech EasierWhat is Devuan Linux and How to Install It - Make Tech Easier

          Devuan is a Linux distribution that aims to provide a simpler alternative to Debian. Since 2014, the developers of Debian have started to move towards larger and larger frameworks to manage the operating system. Debian’s adoption of the SystemD initialization system (init system) created a ripple effect among its community which prompted the creation of Devuan.

          [...]

          The init system is an integral part of a Linux distribution. It is the first program that the kernel runs after starting up. Aside from that, the init system also manages all the other programs that will run after it.

      • Canonical/Ubuntu Family

        • OMG Ubuntu’Ubuntu Pro’ Settings Pulled from Ubuntu 22.04

          This is a minor change that won’t affect a great many people as, thus far, it was only something those testing the latest daily builds of the upcoming release will have had access to.

          But I felt I should mention it “publicly” since I did make a bit of a hoo-hah about the (overly persistent) Ubuntu Pro notification that appeared every time you logged in.

        • UbuntuUbuntu Blog: The Evolution of the Smart Home: Current Trends [Part 2]

          The smart home industry continues to grow year after year. Devices made available only recently, such as smart speakers, are now ubiquitous. New houses often come with smart features built-in such as smart locks and thermostats. Doorbell cameras have become de rigueur in many neighbourhoods. Despite the innovation, investment, and growth in the space, smart homes have never quite lived up to their promise.

          [...]

          An open question in the smart home space is what will become of the smart home hub. Some smart home systems today run entirely on WiFi, which has no need for a dedicated hub other than a home’s WiFi router. Using WiFi only typically precludes battery powered devices, however, because WiFi requires a lot of electrical power to operate. Bluetooth uses less energy, but typically has too short of a range to be used for most smart home devices.

          Existing wireless standards like Z-Wave or Thread are low-power protocols with longer range than WiFi, but they require a dedicated hub to function. That hub also needs an internet connection to connect to any backend services associated with the smart home. This adds cost and clutter to smart home solutions compared to systems that work with a pre-existing router.

          There are a few wireless protocols that have gained some adoption recently which try to solve the hub issue as well. LTE Cat-M and NB-IoT both aim to connect IoT devices to cellular networks, while keeping power consumption low enough to allow for long battery life. Additionally, LoRa radios can give many kilometres of range, and several companies have set out to create their own networks based on this new protocol.

        • UbuntuUbuntu Blog: Inclusive Language and its Future at Canonical

          If you follow Canonical’s code and documentation, you may have noticed that we’re slowly changing some common computing terms. You might wonder what has caused these changes. You might ask why Canonical is putting in the effort to make this more inclusive language stick.

        • Ubuntu-MM: Meet ya Linux Foolish Guys

          Internet access, Electronic power, Mental and Physical issues …. all about is because of Military Coup.

          Sometimes feeling guilty, we are selfish ?

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Content Management Systems (CMS)

        • Get Creative with the All-New Pattern Creator

          It’s been less than a year since the WordPress Pattern Directory was launched, and we already have more exciting news to share. The Pattern Creator is live! You can now build, edit, and submit your best block patterns to the Pattern Directory—submissions are open to all with a WordPress.org user account!

      • Programming/Development

        • Perl/Raku

          • PerlPerl Weekly Challenge 157: Pythagorean Means and Brazilian Number

            These are some answers to the Week 157 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

            Spoiler Alert: This weekly challenge deadline is due in a couple of days from now (on March 27, 2022 at 24:00). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

  • Leftovers

    • Where to live?

      For me, this is really important as I hate being in car. It makes me sick, dizzy and angry to be in a car. Car trips ruins my day.

      [...]

      As we work remotely most of the time, we started to ask the question : should we move somewhere else? I’m a water-loving guy and I dream everyday of living near the ocean.

    • TediumQuantel Paintbox History: The Stylus That Revolutionized Television

      For a few years in the early 2000s, I worked for a public-access television station. Part of my job included adding graphics, text, station DOG/bug—the little station logo/ID that typically appears in the lower right corner of a program—to both live and recorded programs. While we used more modern (for the time) software, I’ve always been fascinated by on-screen graphics—especially from the 1970s and ’80s. But there’s one piece of graphics tech I’ve always been interested in exploring. In today’s Tedium, we’re getting a little bit graphic with a look at the Quantel Paintbox.

    • Hardware

    • Integrity/Availability

      • Proprietary

        • ProtocolMicrosoft whistleblower claims he was fired for exposing corruption

          In June 2019, former Microsoft Senior Director Yasser Elabd traveled to Washington, D.C., to meet with members of the Securities and Exchange Commission, the Federal Bureau of Investigation and the U.S. Attorney General’s office to discuss his allegations that Microsoft was ignoring bribery at subsidiaries in the Middle East and Africa.

          The meetings lasted nearly the entire day. Federal agents asked Elabd questions for hours. Elabd’s attorney told him that it was one of the first times they had witnessed the AG’s office send a representative to a whistleblower meeting like his.

          But more than a year later, the SEC still hadn’t made a decision about Elabd’s allegations. The agency kept promising him that the team in charge of his case would make a decision soon about whether they would bring charges against Microsoft. Finally, at the beginning of March 2022, the case agent in charge of Elabd’s whistleblowing report told his lawyer that the SEC was closing the case because it didn’t have the resources to conduct interviews and find documentation abroad during the coronavirus pandemic.

          So Elabd decided to try a different route to share what he knows. Today he published an essay on the whistleblowing website Lioness that accuses Microsoft of firing him after two decades with the company because he asked questions about what he saw as bribery within the contracting services Microsoft uses to sell software to government and public bodies in countries in the Middle East and Africa.

          “We are committed to doing business in a responsible way and always encourage anyone to report anything they see that may violate the law, our policies, or our ethical standards. We believe we’ve previously investigated these allegations, which are many years old, and addressed them. We cooperated with government agencies to resolve any concerns," Becky Lenaburg, Microsoft's vice president & deputy general counsel for compliance and ethics, wrote to Protocol.

        • Microsoft is using illegal bribes in the Middle East and Africa. Why is the SEC turning a blind eye?

          I was recruited by Microsoft in 1998, and I helped bring the company’s products throughout the Middle East and Africa for the next 20 years. I was successful and received many promotions. But eventually, I noticed something strange: many employees younger than me, in lower positions, were driving luxury cars and purchasing homes sometimes worth millions of dollars. For my part, I could not afford to buy a home, let alone anything else luxurious, despite my career success. I wondered, naively, whether these colleagues had families with money—but if so, why would they be working on a Microsoft sales team?

          I put the thought out of mind as Microsoft’s business in the Middle East and Africa boomed. I established contracts in the public sector in Ghana, Nigeria, Zimbabwe, Qatar, Egypt, Ethiopia, Kenya, and many other countries. I sold licensing and solutions to Saudi Arabia’s Ministry of Health, Ministry of the Interior, and National Guard. The Sub-Saharan Africa team I built generated $1 million in 2002; a year later, our revenue was over $15 million. This is, of course, a tiny amount compared to the $4 billion Microsoft now banks in the region, with its near monopoly.

          To accomplish this kind of growth in such a short time, Microsoft has long utilized a network of partners known as Licensing Solution Partners, who are authorized to engage with large public customers because they possess certain technical and business competencies. Together with these partners, Microsoft brings e-health solutions to hospitals and GPS and digitized services (such as online tax payments) to government agencies. The partner then takes a share of Microsoft’s licensing sales revenue, usually 10–15 percent.

          One way Microsoft closes deals using these partners is to create a business investment fund to pay for training or pilot projects that could cement longer-term deals. As the director of public sector and emerging markets for the Middle East and Africa, I had oversight of the requests for these funds.

          In 2016, a request came through in the amount of $40,000 to accelerate closing a deal in one African country. When I looked through the submission, I immediately knew something was wrong. The customer did not appear in Microsoft’s internal database of potential clients. On top of that, the partner in the deal was underqualified for the project’s outlined scope, and he wasn’t even supposed to be doing business with Microsoft: he had been terminated four months earlier for poor performance on the sales team, and corporate policy prohibits former employees from working as partners for six months from their departure without special approval.

          I brought these issues up with the Microsoft services architect who wrote the request, asking why she didn’t take the work in this case to our very capable in-house team, Microsoft Services. She said our in-house daily rate is very expensive, and she needed a less expensive team to handle the pilot.

          Still suspicious, I escalated the issue to my manager, and then to the human resources and legal departments. I took the business investment fund very seriously, and wondered why we would be giving money to a partner who could not achieve the desired results. The legal and HR teams put a stop to the $40,000 spend, but to my surprise, did not look deeper into the Microsoft employees who were orchestrating the fake deal.

        • Adjusting for Monterey: Fullscreen is a Bust

          Last week I posted that I was adjusting my workflow to use MacOS Native Fullscreen. Well, that was a bad idea. I ran into too many problems making it just not worthwhile.

        • Apple plans to offer the iPhone as as Disservice (iaaD), ensuring you never own even the hardware.

          Apple plans to offer the iPhone as as Disservice (iaaD), ensuring you never own even the hardware.

          Dave Ramsey offers simplistic financial advice to “consumers”, but his advice on “extended warranties” is dead on. People should refuse to buy “extended warranties”.

          They’re essentially a way to pay a “service company” that you may not actually get to honor any claims, or worse, the manufacturer itself, a portion of the device’s cost, in order to get a “service plan”.

          The reason I say paying the manufacturer is worse is because it essentially tells the manufacturer that it’s fine to produce junk that breaks a lot, and even if you are buying it through the store, it signals to the store that it’s fine to carry products that are unreliable because they’ll only make more money when customers bet against the reliability of the device they are there to purchase.

          Ramsey advises not to buy them because devices tend not to break down within the extended service period, and by the time one thing you buy has a problem, you’ll have paid for so many plans that you’ll be out more money than had you declined all of the plans, and have to fix one thing yourself out of the money that you saved by turning down the plans. And that’s _if_ you can get anyone to honor the plans. Half the time, they come up with some total bullshit reason why they don’t have to, or never even respond to your claim.

        • Windows CentralRecent Windows updates create thorny situation for Windows 7 recovery discs
        • Pseudo-Open Source

        • Security

          • The New StackNSA on How to Harden Kubernetes – The New Stack

            The National Security Agency (NSA) has issued guidelines on how to make Kubernetes environments more secure.

          • LWNSecurity updates for Friday [LWN.net]

            Security updates have been issued by Debian (tiff), Fedora (nicotine+ and openvpn), openSUSE (bind, libarchive, python3, and slirp4netns), Oracle (cyrus-sasl, httpd, httpd:2.4, and openssl), Red Hat (httpd and httpd:2.4), Scientific Linux (httpd), SUSE (bind, libarchive, python3, and slirp4netns), and Ubuntu (firefox).

          • Honda Civics vulnerable to remote unlock, start hack
          • CISACISA Adds 66 Known Exploited Vulnerabilities to Catalog | CISA

            CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

          • Fileless Malware on Linux: Anatomy of an Attack [Ed: Peddling Microsoft talking point under the name "Linux security"]
          • Istio / Support for Istio 1.11 has ended

            As previously announced, support for Istio 1.11 has now officially ended.

            At this point we will no longer back-port fixes for security issues and critical bugs to 1.11, so we heartily encourage you to upgrade to the latest version of Istio (1.13.2) if you haven’t already.

          • Bleeping ComputerEmergency Google Chrome update fixes zero-day used in attacks

            Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild.

            "Google is aware that an exploit for CVE-2022-1096 exists in the wild," the browser vendor said in a security advisory published on Friday.

          • Bleeping ComputerPublic Redis exploit used by malware gang to grow botnet

            The Muhstik malware gang is now actively targeting and exploiting a Lua sandbox escape vulnerability in Redis after a proof-of-concept exploit was publicly released.

            The vulnerability is tracked as CVE-2022-0543 and was discovered in February 2022, affecting both Debian and Ubuntu Linux distributions.



Recent Techrights' Posts

'LaunchLibre' and Introducing People to Software Freedom While They're Still Young
announcement from "carmenmaris"
Small Codebase is Typically Safer (More Aftermarket Snakeoil Means More Holes)
Rust is just more code
 
Links 28/12/2024: BRICS-Controlled Social Control Media Defended by GOP, "Paper Passport Is Dying"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 27, 2024
IRC logs for Friday, December 27, 2024
Links 28/12/2024: Having Bosses, Ada's Dependent Types
Links for the day
Happy Birthday to Linus Torvalds (55)
he's not the "git" which bashers and haters say he is
With 5 Days Left (Sans Time Extension, Which is Expected) FSF Has Already Raised 60% of the Money It Sought
Technically 59.6485%
Links 27/12/2024: Ongoing Demise of Real Healthcare, Gemlog Cleanup, Fingers Point to Russia After Passenger Plane Crash
Links for the day
Spending Christmas Pasting Microsoft's Chatbot Garbage - Anti-Linux and Anti-BSD FUD - Into LinuxSecurity.com (Under the Guise of 'Article')
In 2025 we need to tackle this problem
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024