Bonum Certa Men Certa

Links 29/10/2022: Stable Kernels and Too Many Paid-for Puff Pieces



  • GNU/Linux

    • Server

      • TechTargetOpenShift roadmap preps for Kubernetes multi-cluster sprawl

        Red Hat revealed OpenShift roadmap details this week aligned around a common theme: managing tens of thousands of Kubernetes clusters in locations that range from data centers to embedded edge devices.

      • Silicon AngleOpen-source popularity fuels growing CNCF project and contributor base [Ed: This is a lie. "Disclosure: The Cloud Native Computing Foundation sponsored this segment of theCUBE. Neither CNCF nor other sponsors have editorial control over content on theCUBE or SiliconANGLE." Of course they control it, they want more business.]
      • Silicon AngleDocker CEO provides insight into WebAssembly announcement for developers
      • GoogleKubeflow applies to become a CNCF incubating project

        Google has pioneered AI and ML and has a history of innovative technology donations to the open source community (e.g. TensorFlow and Jax). Google is also the initial developer and largest contributor to Kubernetes, and brings with it a wealth of experience to the project and its community. Building an ML Platform on our state-of-the-art Google Kubernetes Engine (GKE), we have learned best practices from our users, and in 2017, we used that experience to create and open source the Kubeflow project.

        In May 2020, with the v1.0 release, Kubeflow reached maturity across a core set of its stable applications. During that year, we also graduated Kubeflow Serving as an independent project, KServe, which is now incubating in Linux Foundation AI & Data.

        Today, Kubeflow has developed into an end-to-end, extendable ML platform, with multiple distinct components to address specific stages of the ML lifecycle: model development (Kubeflow Notebooks), model training (Kubeflow Pipelines and Kubeflow Training Operator), model serving (KServe), and automated machine learning (Katib).

      • Googleko applies to become a CNCF sandbox project | Google Open Source Blog

        Back in 2018, the team at Google working on Knative needed a faster way to iterate on Kubernetes controllers. They created a new tool dedicated to deploying Go applications to Kubernetes without having to worry about container images. That tool has proven to be indispensable to the Knative community, so in March 2019, Google released it as a stand-alone open source project named ko.

        Since then, ko has gained in popularity as a simple, fast, and secure container image builder for Go applications. More recently, the ko community has added, amongst many other features, multi-platform support and automatic SBOM generation. Today, like the original team at Google, many open source and enterprise development teams depend on ko to improve their developer productivity. The ko project is also increasingly used as a solution for a number of build use-cases, and is being integrated into a variety of third party CI/CD tools.

    • Audiocasts/Shows

    • Kernel Space

      • LWNLinux 5.10.151
        I'm announcing the release of the 5.10.151 kernel.
        
        

        All users of the 5.10 kernel series must upgrade.

        The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • LWNLinux 6.0.6
      • LWNLinux 5.15.76
      • LWNLinux 5.4.221
      • FudzillaLinux's boot needs a better RAM [Ed: Microsoft saboteur, not "Linux expert"]

        Linux expert Lennart Poettering is suggesting that Linux's boot process needs an upgrade by making changes to the intial RAM disk.

        Poettering has been tinkering with a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. What he thinks is the problem is loading the initrd.

        For those not in the know, the initrd is the "initial RAM disk" and it allows Linux distributions to boot on different hardware without needing a custom kernel for every individual machine.

    • Applications

      • Linux LinksBest Free and Open Source Nix Static Site Generators - LinuxLinks

        LinuxLinks, like most modern websites, is dynamic in that content is stored in a database and converted into presentation-ready HTML when readers access the site.

        While we employ built-in server caching which creates static versions of the site, we don’t generate a full, static HTML website based on raw data and a set of templates. However, sometimes a full, static HTML website is desirable. Because HTML pages are all prebuilt, they load extremely quickly in web browsers.

        There are lots of other advantages of running a full, static HTML website.

    • Instructionals/Technical

      • Make Tech EasierHow to Install and Configure Hamachi in Ubuntu - Make Tech Easier

        LogMeIn Hamachi is a zero-configuration Virtual Private Network (VPN) that works with your existing firewall and allows you to access your computer no matter where you are, as long as there is an Internet connection.

        While there is a nice interface for the Windows version, Linux users can only access Hamachi via the command line interface. Nevertheless, with some help from the open-source community, Linux users can now easily install, configure and use Hamachi. This tutorial demonstrates the process for Ubuntu.

      • TechTargetHow to use PuTTY for SSH key-based authentication

        This tutorial on the open source PuTTY SSH client covers how to install it, its basic use, and step-by-step instructions for configuring key-based authentication.

      • Linux HintHow To Install Perl Modules on Debian 11

        Pearl is one of the most simplified high level-programming languages that quite resembles C and C++. Still, it is somehow better because of its rapid development cycle and downloadable pearl modules, which are the same as libraries in Java and C++. You must install the relative function on your system to use a particular function.

        In this article, we will discuss the only method used wherein the Pearl Modules could be installed on your system.

      • ID RootHow To Install Virtualmin on Rocky Linux 9 - idroot

        In this tutorial, we will show you how to install Virtualmin on Rocky Linux 9. For those of you who didn’t know, Virtualmin is an open-source web hosting Cpanel used for hosting websites, web applications, databases, and mailboxes. Virtualmin is built on top of Webmin with full integration of user management, monitoring features, software management, ACLs, and security features.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Virtualmin web hosting control panel on Rocky Linux. 9.

      • LinuxiacHow to Install VirtualBox 7 on Ubuntu 22.04 in a Few Easy Steps

        This guide will walk you through the steps to install VirtualBox 7, a full virtualizer app, on Ubuntu 22.04 LTS ‘Jammy Jellyfish.’

        VirtualBox is a free and open-source virtualization software commonly used at the desktop level to create a test environment. It enables you to create and run virtual machines, which are guest operating systems, including Windows, Linux, Unix, and Solaris.

        VirtualBox is available for installation in the Ubuntu 22.04 repositories, but the version is 6.1.38.

      • Linux HintNmap: Scan Ports To Detect Services and Vulnerabilities

        This tutorial explains how to use Nmap to find servers and vulnerabilities behind ports.

        Nmap is one of the most helpful networking tools allowing you to map networks, discover hosts, scan ports, diagnose network problems, detect and exploit vulnerabilities, and more.

        This tutorial focuses on the services version and vulnerabilities detection techniques. Readers unfamiliar with Nmap may prefer to start by reading our Nmap basics tutorial.

        All instructions in this document contain screenshots, making it easy for all readers to understand how they are implemented in the terminal.

      • DebugPointHow to Compile and Create Binary deb Installer from Source Files tar.gz tar.bz2 in Ubuntu

        This simple tutorial will show how to compile source tarballs (*.tar.gz, *.tar.bz2) and create a *.deb installer in Ubuntu.

      • DebugPoint4 Ways to Install deb Files in Ubuntu [Beginner’s Guide]

        This absolute beginner’s guide explains the steps required to install deb (*.deb) files in Ubuntu. This applies to all Ubuntu-based Linux distributions such as Linux Mint, elementary OS, etc.

      • The New StackInstall Dozzle, a Simple Log File Viewer for Docker - The New Stack

        Docker is my go-to container deployment tool. I’ve always found it exponentially easier to use than, say, the likes of Kubernetes. Of course, Docker isn’t suited for every deployment. However, when Docker is apropos, it cannot be beaten for simplicity, reliability, and stability. And then you throw in Docker Swarm and you can scale to meet needs.

        But one thing that can still be rather challenging, even with the likes of Docker, is troubleshooting. With container deployments (especially full-stack applications), there are a lot of moving parts to go wrong, and, when something does go wrong, figuring out the culprit can be a real pain in the keister.

      • H2S MediaHow to install and use Chrome headless on Ubuntu? - Linux Shout

        A headless browser means a web browser without a graphical user interface. This implies the users can access the webpages but in the command line interface, not in a graphical user interface. Headless browsers are particularly used by developers and system administrators for testing web pages. It is because in headless they can understand the rendering of HTML in a better way including styling elements such as page layout, color, font selection, and execution of JavaScript and Ajax which are usually not available when using other testing methods.

        Well, in Google Chrome and FireFox, apart from the Graphical user interface, headless support is also there out of the box.

        Using Google Chrome headless or other browsers we can perform automation testing of web apps, javascript libraries; the interaction of web pages, and even save the website page in PDF or can take screenshots. Headless browsers are also useful in web scraping.

      • Linux HintHow to Use the Bash Case Statement

        The case statement is generally used in Bash when you have multiple choices to select from. Using it instead of nested if-else statements helps keep your Bash scripts easier to read and maintain.

        The Bash case statement has been designed similar to the case statement from JavaScript and C. Unlike the switch statement from C, the Bash case statement stops searching for other matches as soon as it finds one and completes the statements that are written for the pattern.

        In this guide, we will explain how you can use the Bash case statement using two examples and some scenarios in Ubuntu 22.04.

      • Make Use OfHow to Use Siren to Play Music Without Leaving Your Terminal

        Everyone loves music, and despite the advent of streaming, subscription models, and having music available in the cloud, audiophiles still maintain a carefully curated collection of audio files on their local machines.

        If you're a terminal-dwelling Linux user, it's easy to play your tunes while you work, without ever leaving the command line.

      • ID RootHow To Install Audacious on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install Audacious on Ubuntu 22.04 LTS. For those of you who didn’t know, Audacious is a free advanced audio player for Linux and many other UNIX-compatible systems. It is a lightweight music player as it uses few resources. Enjoy the modern Qt-themed interface or change things up with Winamp Classic skins. Use the plugins included with Audacious to fetch lyrics for your music, display a VU meter, and more.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Audacious audio player on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • Isolating Tmux windows to prevent systemd-oomd from killing the server - ankursinha.in/blog

        I run a number of Tmux sessions, one for each project or context, (via Byobu) to do my work on a daily basis. Tmux uses a client-server architecture, so there's a Tmux server running that all of these sessions connect to. Some time ago, I began noticing that all my Tmux sessions were being killed while I worked. I knew this wasn't a random occurrence. A look at the logs told me that systemd-oomd was killing my Tmux server, and all my sessions and their windows with it---all my vim sessions, all of it.

        This, of course, is far from ideal. What's happening here is that one of the processes occupying a Tmux window consumes lots of CPU/memory and systemd-oomd needs to kill it. However, systemd-oomd does not work on a per-process level. It works on a cgroup level. So, it kills the whole cgroup, taking the Tmux server down.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • DedoimedoPlasma 5.26 review - Pretty reasonable

          As you well know, the Plasma desktop is awesome, and simply the best Linux offering there is. Looks, ergonomics (yup, that ole thing), customization, elegance, speed, all there, all ahead of the competition. And every few weeks, the KDE team unleashes a new version of their desktop unto the world. By and large, these are mostly decent, and usually an improvement over what came before. But not always. This is what makes today's article reasonably interesting. The suspense!

          I fired up KDE neon User Edition - equipped with the stable release of Plasma 5.26 - on my test machine, the triple-boot IdeaPad with a Ryzen processor and associated Vega graphics. I didn't install the distro, and kept my work limited to the live session. But that was more than enough to give me a good glimpse and impression of what this new Plasma 5.26 can do. Let us talk.

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • Programming/Development

      • Mark DominusThe Universe of Discourse : More notes on deriving Applicative from Monad

        A year or two ago I wrote about what you do if you already have a Monad and you need to define an Applicative instance for it. This comes up in converting old code that predates the incorporation of Applicative into the language: it has these monad instance declarations, and newer compilers will refuse to compile them because you are no longer allowed to define a Monad instance for something that is not an Applicative. I complained that the compiler should be able to infer this automatically, but it does not.

        My current job involves Haskell programming and I ran into this issue again in August, because I understood monads but at that point I was still shaky about applicatives. This is a rough edit of the notes I made at the time about how to define the Applicative instance if you already understand the Monad instance.

      • Mark DominusWhat's this search algorithm usually called?

        Is the history of this algorithm lost in time, or do we know who first invented it, or at least wrote it down? I think it sometimes pops up in connection with coin-weighing puzzles.

      • Paper: 'EpiLPS: A fast and flexible Bayesian tool for estimation of the time-varying reproduction number' - Stats and R

        A colleague (and friend) of mine recently published a research paper entitled “EpiLPS: A fast and flexible Bayesian tool for estimation of the time-varying reproduction number” in PLoS Computational Biology.

        I am not in the habit of sharing research paper to which I did not contribute. Nevertheless, I would like to make an exception with this one because I strongly believe that the method developed in the paper deserves to be known, especially for anyone working in epidemiology.

        Below is the motivation behind the article, as well as an illustration on simulated and real data (US hospitalization data). More information can be found in the paper and on the accompanying website.

      • RObservations #40 : Packaging My Route Map Code! Introducting mapBliss. - bensstats

        Around last year I started blogging about Atlas.co and how its possible to imitate their product in R with a some readily available packages and the MapBox API. Recently I managed to take some time and refine and organize the code I had to make the package I call mapBliss.

        I’m really happy with the package so far because it pretty much offers almost all the features for making the type of maps that you can find on Atlas.co and similar sites. In this blog I share some of the features available, basic usage and potential next steps for the development of the mapBliss package.

      • September 2022: "Top 40" New CRAN Packages

        Two hundred and two new packages made it to CRAN in September. Here are my “Top 40” selections in fourteen categories: Computational Methods, Data, Genomics, Machine Learning, Mathematics, Medicine, Pharmacology, Psychology, Science, Social Science, Statistics, Time Series, Utilities, and Visualization.

        [...]

        kimfilter v1.0.0: Provides an Rcpp implementation of the multivariate Kim filter, which combines the Kalman and Hamilton filters for state probability inference. The filter is designed for state space models and can handle missing values and exogenous data in the observation and state equations. See Kim et al. (1999) for details and the vignette for examples.

        SparseChol v0.1.1: Provides a C++ implementation of sparse LDL decomposition of symmetric matrices and solvers as described in Davis (2016). See README for an example.

      • Scrum, agility and the human factor | Mardy

        I've been working in Scrum teams for 15 years now, give or take. Different companies, different approaches, from loosely following the agile principles to a stricter implementation of the Scrum methodology. The only invariant being that in practice Scrum is never followed by the book, but every company and team makes its own adaptations, which makes it hard for everyone to voice statements and critiques that could be considered universally true. That's why I will refrain from taking this road, and instead I'll try to point out a few aspects and behaviours that I've personally noticed during my career, good and bad ones (but of course, since I'm old and bitter, more bad than good).

        Scrum's focus on communication is, in my opinion, where most of its value lies on: it's indeed important that other team members know what you are doing, and that management has an idea of the progress being made. Hence daily standups and the scrum board, and demos and retrospective at the end of each sprint.

        It makes sense, on paper. And in practice as well, if you find yourself in a team which is not really a team but a group of individuals with communication problems. But that should not be the rule, and that's my main criticism of Scrum: it's a very good system for managing poorly skilled developers.

        In a highly skilled team, all of the benefits that Scrum is supposed to bring are already a given: back in 2006-2008, in Nokia, most of our communication was occurring in IRC and mailing lists. The fact that some of our co-workers were remote indeed acted as a push for this choice. The same occurred in my early years at Canonical, where (at least in my team) we had a video conference only once per week: if the communication is already happening in an open (to the team members) place, there's no need for further synchronisation points. And if the managers and product owners are also monitoring these discussions, they know perfectly well how the situation is and can report it further up.

      • Jim NielsenWhat “Work” Looks Like - Jim Nielsen’s Blog

        I recently had a conversation with a long-time colleague, someone I know and respect. I found it interesting that even he, who has worked in software since the 90’s, still felt odd when he wasn’t at his computer “working”. After decades of experience, he knew and understood that the most meaningful conceptual progress he made on problems was always away from his computer: on a run, in the shower, laying in bed at night. That’s where the insight came. And yet, even after all these years, he still felt a strange obligation to be at his computer because that’s too often our the mental image of “working”.

      • Jacob Kaplan MossPerformance "Seasons" Are Useless — Use Anniversary Reviews Instead - Jacob Kaplan-Moss

        I was catching up with a friend yesterday, an engineering manager. He vented for a bit about how swamped he is because he’s in the middle of “performance season”: he’s going to be spending the next few weeks writing performance reviews, reviewing them with his manager and with HR, delivering them to the team, and slogging his way through his organization’s terrible HRIS to record the reviews. And this heavy workload will be made more difficult by a big dose of emotional labor: even if every review is well-received, they’re still stressful to deliver.

      • A Flexible Framework for Effective Pair Programming — Culture (2022)

        Pair programming is one of the most important tools we use while mentoring early talent in the Dev Degree program. It’s an agile software development technique where two people work together, either to share context, solve a problem, or learn from one another. Pairing builds technical and communication skills, encourages curiosity and creative problem-solving, and brings people closer together as teammates.

        In my role as a Technical Educator, I’m focused on setting new interns joining the Dev Degree program up for success in their first 8 months at Shopify. Because pair programming is a method we use so frequently in onboarding, I saw an opportunity to streamline the process to make it more approachable for people who might not have experienced it before. I developed this framework during a live workshop I hosted at RenderATL. I hope it helps you structure your next pair programming session!

      • Shell/Bash/Zsh/Ksh

        • Python Design Patterns

          I’m Brandon Rhodes (website, Twitter) and this is my evolving guide to design patterns in the Python programming language.

      • Rust

        • UbuntubuzzGetting Started to Rust Programming on Ubuntu

          You might want to learn Rust on Ubuntu. Rust is a new computer programming language in the same categories as older ones namely C, C++ and Java. Using it, one can make programs for desktop, laptop, web and server as well as embedded computers. Created by Mozilla in 2010, Rust is now growing to be used to develop many critical software including some you use everyday, such as Firefox's Quantum engine, a FOSS remote desktop called RustDesk, and a new operating system called Redox OS. This tutorial will help you install required tools and write code in Rust. Don't worry to exercise as we also include uninstall steps too. What are you waiting for? Now let's try Rust for sure.

  • Leftovers

    • Blending Modes | Dan Hollick

      Do you just click different blending modes until it sort of looks right?

      Well, that probably won't change after you read this but at least you probably won't use Lighten or Darken again.

    • What’s wrong with medieval pigs in videogames? - Leiden Medievalists Blog

      Our sources on medieval pig-rearing extend far back into the middle ages as pigs are prominently featured in the law codes of early medieval Europe. Here we find ample information on pig husbandry and how the animal was valued in the rural societies of before 1100 CE.

      For example, according to sixth-century Merovingian law, pigs were herded in a sounder that consisted of twenty five to fifty females led by a matriarch. While the animals were grazing, a swineherd kept watch, a task so important that he enjoyed the same kind of legal protection as a blacksmith.

      Furthermore, almost all early medieval law codes presuppose the custom of forest grazing: in Merovingian law, swineherds were granted free passage over any forest road; Longobardic law lists the offense of sending pigs to feed in someone else’s wood; in Anglo-Saxon law, felling a tree that could shelter thirty pigs invoked double the fine of a small tree. Further details on the mast season are found in Early Medieval Irish and Welsh sources; in Ireland, pigs were sent into the forest in August and in Medieval Wales the season ran from September to the start of January.

    • uni MichiganMy week as a ‘gym bro’

      “Gym bro” describes someone whose life centers completely around fitness. Much like a frat bro who lives and breathes for his brothers, a gym bro makes their entire personality gym-related, including what they eat, what clothes they wear and what music they listen to.

    • Hardware

      • Vice Media GroupHow a Redditor Ended Up With an Industrial-Grade Netflix Server

        A Redditor says they’ve managed to get a hold of an old Netflix server for free, and has posted a detailed online look at the once mysterious hardware. The devices were part of Netflix’s Open Connect Content Delivery Network (CDN), and can often be found embedded within major ISP networks to ensure your Netflix streams don’t suck.

      • Dan LangilleUpgrading an NVMe zpool from 222G to 1TB drives

        These arrived on Saturday. They will replace a 220GB zpool which frequently fills up.

        Sometimes the zpool gets too close to full. I tweeted about one incident on March 2021. I held hope that some spare SSDs might be the answer. Eventually, I bought new SSDs after another full incident (I’ve not mentioned them all).

      • SparkFun ElectronicsClearance Mayhem - News - SparkFun Electronics

        SparkFans, do you remember our previous blog, An SIK Special Edition, that calls out the global supply chain shortages we all have been experiencing the past couple of years? Well, we’re not here to tell you it isnt over, but it may be over for some of our products. Our Supply Chain Team and Parts Hunters extended their efforts to stockpile our top-selling products in order to mitigate the effect of supply shortages on our customers.

    • Security

      • Hacker NewsTwilio Reveals Another Breach from the Same Hackers Behind the August Hack

        Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information.

        The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in.

      • Xe's BlogYou should prepare for the OpenSSL 3.x secvuln [Ed: So much hype-building, still no beef. Almost a decade ago someone in Google found and fixed the issue. Then a Microsoft shill coined the term "heartbleed" and stole credit for the bug to go on and on for years smearing Free software.]

        Hoooo boy, 2022 keeps delivering. It seems that the latest way things are getting fun is that the OpenSSL project announced a "CRITICAL" patch coming on tuesday for every release of OpenSSL that starts with 3.0. The fixes will be released as OpenSSL 3.0.7. If you run OpenSSL 3.0.0 through 3.0.6, you should consider yourself vulnerable. I will cover how to check later in the post.

        For people that only have casually followed the OpenSSL project, note that the last time a "CRITICAL" patch was issued was to mitigate the "Heartbleed" vulnerability. I am going to split my analysis into two parts: facts and speculation.

      • Computing UKCritical zero-day bug, first since Heartbleed, identified in OpenSSL [Ed: This is not what zero-day means]
      • SANSUpcoming Critical OpenSSL Vulnerability: What will be Affected?, (Thu, Oct 27th)

        Some here may still remember Heartbleed. Heartbleed was a critical OpenSSL vulnerability that surprised many organizations, and patching the issue was a major undertaking. Heartbleed caused OpenSSL and other open-source projects to rethink how they address security issues and communicate with their users. OpenSSL started to pre-announce any security updates about a week ahead of time.

      • The AnarcatDebating VPN options - anarcat

        I managed setup a HE.net tunnel at home, because I also need IPv6 for other reasons (namely debugging at work). My first attempt at setting this up in the office failed, but now that I found the openwrt.org guide, it worked... for a while, and I was able to produce the above, encouraging, mini benchmarks.

        Unfortunately, a few minutes later, IPv6 just went down again. And the problem with that is that many programs (and especially OpenSSH) do not respect the Happy Eyeballs protocol (RFC 8305), which means various mysterious "hangs" at random times on random applications. It's kind of a terrible user experience, on top of breaking the one thing it's supposed to do, of course, which is to give me transparent access to all the nodes I maintain.

        Even worse, it would still be a problem for other remote nodes I might setup where I might not have acess to the router to setup the tunnel. It's also not absolutely clear what happens if you setup the same tunnel in two places... Presumably, something is smart enough to distribute only a part of the /48 block selectively, but I don't really feel like going that far, considering how flaky the setup is already.

      • Bleeping ComputerMicrosoft links Raspberry Robin worm to Clop ransomware attacks [Ed: When it comes to security, Microsoft is the culprit rather than an expert, but this is a Microsoft-linked site]

        Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm.

        DEV-0950 malicious activity overlaps with financially motivated cybercrime groups tracked as FIN11 and TA505, known for deploying Clop payloads ransomware on targets' systems.

    • Defence/Aggression

      • Michael West MediaFlaps up and blinkers on: politicians happy with the unknown unknowns of fighting war - Michael West

        When it comes to the powers vested in politicians to send Australians into foreign conflicts, the major parties stand by the cliche: if it ain’t broke don’t fix it. But the system is broken, as war reform advocates have told Zacharias Szumer.

        For advocates of war powers reform, Labor’s recently announced Inquiry into International Armed Conflict Decision Making hasn’t got off to a promising start. The defence minister and defence subcommittee deputy chair have already come out against parliamentary approval for overseas military deployments, the desired reform that advocates are seeking.

        The Minister of Defence, Richard Marles, has said he is “firmly of the view” that the current system is “appropriate and should not be disturbed”. In a letter referring the Inquiry into International Armed Conflict Decision Making to the Joint Standing Committee on Foreign Affairs, Defence and Trade, Marles said the current arrangements “enable the duly elected government of the day to act expeditiously on matters of utmost national importance in the interests of the safety and security of our nation and its people.”

    • Environment

      • Omicron LimitedPlastic recycling remains a 'myth': Greenpeace study

        Plastic recycling rates are declining even as production shoots up, according to a Greenpeace U.S. report out Monday that blasted industry claims of creating an efficient, circular economy as "fiction."

        Titled "Circular Claims Fall Flat Again," the study found that of 51 million tons of plastic waste generated by US households in 2021, only 2.4 million tons were recycled, or around five percent.

        After peaking in 2014 at 10 percent, the trend has been decreasing, especially since China stopped accepting the West's plastic waste in 2018.

        Virgin production—of non-recycled plastic, that is—meanwhile is rapidly rising as the petrochemical industry expands, lowering costs.

        "Industry groups and big corporations have been pushing for recycling as a solution," Greenpeace U.S. campaigner Lisa Ramsden told AFP.

      • Energy

        • Michael West MediaWoodside and Santos super profits, energy bills still to shoot up. What’s the Scam? - Michael West

          Gas companies Woodside and Santos just released record profits. Australia is the world’s biggest gas exporter, and Alinta’s chief has predicted energy bills will rise by another 35%. What’s the scam?

          The scam is “export parity pricing”. Though we are swimming in gas, the gas cartel exports most of it and the price Aussie customers have to cop is the export price, a price rocketing thanks to Putin’s war on Ukraine. The other scam is we are not taxing them enough because of the other scam, fossil fuel political donations and lobbying. Or earmarking supply for local markets for that matter.

          Surging domestic and foreign demand just drove Santos to record sales for both the September quarter and the year to date, while free cash flow topped $1.6 billion for the three months.

    • AstroTurf/Lobbying/Politics

      • Michael GeistCanadian Heritage Minister Pablo Rodriguez’s Credibility Problem, Part One: The Laith Marouf/CMAC Issue

        Canadian Heritage Minister Pablo Rodriguez appeared before the Standing Committee on Canadian Heritage on Friday for one hour and walked away with a serious credibility problem. Rodriguez has already been repeatedly contradicted on Bill C-11, claiming that the bill doesn’t cover user content or algorithms. On both issues, the CRTC Chair (and virtually every expert) say otherwise. Friday’s hearing focused on two issues – the Laith Marouf/CMAC issue of government funding for an anti-semite and Bill C-18, the Online News Act. Given his responses to MP questions, Rodriguez now faces credibility questions on both. This post will focus on his responses to questions about Canadian Heritage funding for CMAC/Marouf and a second post tomorrow will examine his misleading statements on the bill.

        The inclusion of questions on Canadian Heritage funding an anti-semite as part of its anti-hate program appeared to take Rodriguez by surprise. The questions began with Conservative MP Rachael Thomas, who noted Rodriguez’s silence this summer and pressed him on whether he would come to committee to answer questions.

      • Michael GeistCanadian Heritage Minister Pablo Rodriguez’s Credibility Problem, Part Two: Misleading and Missing Data on Bill C-18

        As noted in yesterday’s post, Canadian Heritage Minister Pablo Rodriguez appeared before the Standing Committee on Canadian Heritage last Friday for one hour and walked away with a serious credibility problem. Friday’s hearing focused on two issues – the Laith Marouf/CMAC issue of government funding for an anti-semite and Bill C-18 – and Rodriguez faced credibility questions on both. While yesterday’s post focused on his responses to questions about Canadian Heritage funding for CMAC/Marouf, today’s addresses his misleading statements on the Online News Act.

        I’ve written extensively about some of the problems with Bill C-18. These include process concerns involving blocking dozens of witnesses from appearing before committee, concerns about who benefits based on Parliamentary Budget Officer estimates that the big winners are Bell, Rogers and the CBC, as well as substantive concerns that include the risks to the free flow of information online, risks of increased misinformation, and government intervention in an area that could undermine an independent press. But Rodriguez’s appearance last week raised new concerns about the government using misleading data and apparently having given little thought or study to the full implications of the bill for small media outlets.

      • Michael GeistMaking Sense of the Indifference to Bill C-18’s Cutting Out Small Media Outlets While Giving Hundreds of Millions to Bell, Rogers and the CBC

        Bill C-18, the Online News Act, appeared to be headed to clause-by-clause review this week. But the mounting attention on the bill – notably Facebook’s revelation that it would consider stopping news sharing in Canada if the bill passes in its current form – may have persuaded MPs to add several additional hearings, including one on Friday that will feature both Facebook and OpenMedia. The Facebook issue adds to the growing concerns with the bill, particularly the exclusion of many small media outlets due to restrictive eligibility criteria and a Parliamentary Budget Officer estimate that over 75% of the benefits – hundreds of millions of dollars – will go to broadcast giants such as Bell, Rogers, Shaw, Corus, and the CBC. Newspapers will be left fighting over the remaining scraps, if they’re eligible for anything. Indeed, as many small media outlets have noted, eligibility requirements to have QCJO status or regularly employ at least two journalists means that many small weeklies or digital startups will fall outside the system.

        Canadians might think that excluding small news outlets while promising big payments for Bell, Rogers, and the CBC would be a government concern, but apparently it is not. When asked about the issue before the Heritage committee, Canadian Heritage Minister Pablo Rodriguez said that “small media are more interested in the other programs that exist than in C-18.” This remarkable acknowledgement – along with the admission that the department has not even studied the implications of changing the eligibility requirements to address small media concerns – suggests that the risky approach is no accident or simply a case of indifference.

      • The AtlanticBob Woodward Thinks You Should Listen to His Trump Tapes - The Atlantic

        Bob Woodward has a new Donald Trump book out. It’s called The Trump Tapes: Bob Woodward’s Twenty Interviews With President Donald Trump. It’s an audiobook with recordings of the Trump interviews that Woodward conducted for the second of Woodward’s three earlier Trump books. Two days before the release of Woodward’s The Trump Tapes, Woodward’s home base, The Washington Post, published a Woodward essay, adapted from Woodward’s The Trump Tapes, on the importance of Woodward’s The Trump Tapes. Woodward has never before released “raw interviews or full transcripts of my work,” Woodward reveals in the Post essay adapted from Woodward’s The Trump Tapes. But Woodward has taken this unprecedented step in his new audiobook because Woodward’s The Trump Tapes is “central to understanding Trump as he is poised to seek the presidency again,” Woodward explains in the Post essay adapted from Woodward’s The Trump Tapes. “You cannot separate Trump from his voice,” Woodward explains. “Trump’s voice magnifies his presence.”

        For example, Woodward goes on in the Post essay adapted from Woodward’s The Trump Tapes, just listen to the way Trump, in answer to a Woodward question that Woodward asked while reporting the second of Woodward’s three earlier Trump books, says in Woodward’s The Trump Tapes, “No.” On the printed page of the second of Woodward’s three earlier Trump books, Trump’s “No” is “a simple declaration.” But in the new Woodward audiobook, Trump’s “No,” Woodward tells us in the Post essay adapted from Woodward’s The Trump Tapes, “leaves no doubt about the finality of his judgment.” Listening to all 11 hours and 29 minutes of Woodward’s The Trump Tapes, Woodward reveals at the end of the Post essay adapted from Woodward’s The Trump Tapes, “leaves no doubt” that Trump is engaged in “an effort to destroy democracy.”

      • CoryDoctorowBeing good at your job is praxis

        Office manager: "$75 just to kick the photocopier?"

        Photocopier technician: "No, it's $5 to kick the photocopier and $70 to know where to kick it."

        The trustbusters in the Biden administration know precisely where to kick the photocopier, and they're kicking the shit out of it. You love to see it.

        [...]

        They knew where to kick the photocopier and boy did they kick it – hard.

        The White House action has Tim Wu's fingerprints all over it. He's the brilliant, driven law professor who's gone to work as Biden's tech antitrust czar. But Wu isn't alone: he's part of a trio of appointees who are all expert photocopier kickers. There's Jonathan Kanter at the DoJ and Lina Khan at the FTC.

        [...]

        But despite this, state-level attempts to pass R2R bills have been almost entirely crushed by a coalition of monopolists, led by Apple, including John Deere, GM, Wahl Shavers, Microsoft, Google, and many other giant corporations who want the power to tell you your property is beyond repair and must be condemned to an e-waste dump...

    • Monopolies

      • Copyrights

        • Fujimoto’s Five Books are now Public Domain - Origami by MichaÅ‚ Kosmulski

          Yesterday, during an online event dedicated to Shuzo Fujimoto, I was happy to announce that his children, Hitoshi Fujimoto and Shumi Okada, being his heirs, have agreed to release his five self-published books to the Public Domain. This means that you can now copy, distribute, and use the contents of these books without any restrictions (certain limitations may still apply in some jurisdictions).

  • Gemini* and Gopher


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
LinuxSecurity (Guardian Digital, Inc) Sloppy With Its 'Linux' Slop
This kind of stuff is killing the World Wide Web and ruins human knowledge
 
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024
[Meme] Chin-dropping and Jaw-dropping (Considerable Drop in Patent Validity and Quality)
This drop is very much intentional
Gemini Links 10/10/2024: Untruth, SSH, Gopher, and More
Links for the day
Geminispace Beyond 4,100 Capsules
4,000 was less than 8 weeks ago
Links 10/10/2024: TikTok's Legal Problems, WeblogPoMo Challenges
Links for the day
[Meme] European Patent Convention and Vienna Convention Became Only Fictions (Laws and Constitutions Are Now Works of Fiction in Europe)
A political crisis and blunder
Almost a Thousand EPO Staff Protesting to EPO Member States That the Office Illegally Grants Software Patents and Other Invalid European Patents
"The outcome confirms that the concerns about the EPO’s ability to grant legally sound patents remain"
Loss of Technical Merit(ocracy)
"buzzword diplomas"
Junk Science
science is being compromised for business purposes
[Meme] Dismantling .io (Stick a Fork, the Hype is Done)
NVIDIA is an excellent new example of hype driving up fictional "value"
UNIX is 55 This Year, It is 6 Years Older Than Microsoft
It should be noted that the surviving co-creator of UNIX, Ken Thompson, 'moved' to GNU/Linux (Debian) in recent years
This Year, for the First Time Since August 2019 (Bill Gates MIT Scandal, Jeffrey Epstein Bribes), libreplanet-discuss Was Inactive an Entire Month
The MIT injustice remains and recent "libreplanet" events were held in a venue that's not MIT and far less prestigious than MIT (the "Wentworth" imitation)
[Meme] Different Ending for Jurassic Park
UNIX in old movies
Evolution of Hype
Passing fads and rebranding
Groklaw Will Hopefully Come Back
Sites should be able to run for decades with hardly any human role/interaction, but that's not where we are...
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 09, 2024
IRC logs for Wednesday, October 09, 2024
World Wide Web: Only Criminals Would Want Real Security and Vouch for Themselves When They Use Encryption
In "modern" browsers, the podlock icon probably does not mean what users might think it means
[Meme] OSI Digging Its Very Own Grave (With Microsoft)
The very latest blog post from OSI is a hoot
Gemini Links 09/10/2024: YouTube Woes, Post-Truth Slop
Links for the day
Geminispace is More Trustworthy (and Private) Than the World Wide Web
Unlike the Web, Geminispace does not route the lion's share of traffic through a collective of spying companies
Nothing Will Be Secure and Robust to Failure Until Microsoft Windows is Eradicated and/or Disconnected From the Internet
Every system has limited capacity, Windows botnets push things to their limits
GNU/Linux Took Off at the BSDs' Expense (Amid Telecom Lawsuit) and the Rivalry Persists Because Microsoft is Negligible in the Server Space
UNIX or POSIX is the future
Links 09/10/2024: Samsung's Fall, Tensions Growing Near China
Links for the day
Gemini Links 09/10/2024: Retroware and gmlgcd 2.0
Links for the day
Links 09/10/2024: Microsoft's Surface Duo 2 Officially Dead, X/Twitter Shutdown in Brazil, and "OpenAI Is A Bad Business"
Links for the day
Technology: rights or responsibilities? - Part III
By Dr. Andy Farnell
[Meme] Bill Gates With a Side of "Linux"
Linux Foundation is trolling us with Bill Gates
Once Again Linux Foundation Makes It Clear It's Being 'Absorbed' by Bill Gates
Linux Foundation devotes about 2% of its budget to Linux
Links 08/10/2024: Australian Fines for Twitter (X), Fake Patent Courts Still Not Scuttled
Links for the day
World Wide Slop
If it quacks like a duck...
IBM is a Boys' Club
If IBM collapsed, the Red Hat engineers who work on GNU and Linux would simply work elsewhere (on the same projects)
The Miserable State of GAFAM
Looking for government handouts
Microsoft is Acting Like a Company That's Running Out of Money (But Still Pretends to be Wealthy in Order to Attract or Retain Shareholders)
Azure has had mass layoffs every year since 2020, yet Microsoft keeps telling shareholders that "clown computing" is growing
Dr. Andy Farnell's Article on Societal Disorganised Attachment and the Role of Social Control Media
The article is quite long and typos were still being fixed as recently as last night
Smear Alert: Linus Torvalds Asking for Better Commit Messages Makes Linus a (Grammar) Nazi
Maybe the "mainstream media" is looking for clickbait or maybe it's actively looking to make a scandal - a phony controversy with which to make the job of coordinating Linux unpleasant
Gemini Links 09/10/2024: Climate Doom and Clagrange
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 08, 2024
IRC logs for Tuesday, October 08, 2024