Bonum Certa Men Certa

Links 24/01/2023: Tails 5.9 and ArcoLinux v23.02



  • GNU/Linux

    • Unix Men35 Essential Linux Commands That Every User Should Know

      For anyone working with Linux, having a solid understanding of essential commands is crucial for efficiently navigating and managing the system. Knowing how to navigate the file system, view system logs, and interact with system processes can be the key to troubleshooting the problems that you might face.

      In this article, we’ll cover 35 essential Linux commands that can help you troubleshoot many problems, including the common issue when a laptop isn’t turning on. Whether you’re a beginner or an experienced Linux user, understanding these commands is crucial for maintaining the health and stability of your system.

    • Unicorn MediaFebruary Will Be ’Linux Desktop Environment' Month on FOSS Force - FOSS Force

      Our coverage of Linux desktop environments will include everything from “explainer” articles for those new to Linux, as well as articles for more experienced users. We’ll also be conducting a two-part poll to determine which desktop environment our users prefer.

    • Desktop/Laptop

      • Unix MenHow to Leverage the Power of Predictive Analytics on Linux

        Among the many impressive tools and applications of big data, predictive analytics stands apart as one of the most effective. By utilizing statistical models and machine learning algorithms to analyze data in order to make forecasts about upcoming events, businesses are able to gain valuable insights and make decisions that can give them a competitive edge.

        For Linux users, there are many incredible open-source tools available to take full advantage of such advanced analytics. From accessing data straight from databases to creating models and algorithms for forecasting – many of these tools can be accessed using familiar Linux commands and programming languages.

        In this article, we’ll explore how you can begin using predictive analytics on Linux, including which tools you should use and what steps you need to take to get the best out of your data. Let’s get into it.

      • Boiling SteamFramework Laptop Review (Intel 12th Gen Laptop) with Linux: The Definitive Review - Boiling Steam

        The Framework laptop comes from the new company from the same name, which is trying to disrupt the established laptop market by focusing on customization and reparaibility. Both are noble principles I highly value (which is why I typically go for Thinkpads, at least the older versions of Thinkpads as Lenovo is progressively losing its ethos).

        While they do not ship their laptops directly with Linux, Framework has a pro-Linux stance by providing direct documentation on how to install the most prominent distributions on the device. I decided to take their device for a spin with Ubuntu since it was mentioned as having almost perfect compatibility. But first, let’s have a tour at the hardware.

        Note that I got the DIY version of the laptop, which comes with parts to assemble it yourself. Namely the RAM memory sticks, the M2 SSD, and the extension modules (you get USB-A, USB-c, ethernet, HDMI and DP ports as plug-and-play extensions).

    • Audiocasts/Shows

      • EFFPodcast Episode: Don't Be Afraid to Poke the Tigers

        Huang believes that to truly unleash innovation that betters everyone, we must replace our current patent and copyright culture with one that truly values making products better, cheaper, and more reliably by encouraging competition around production, quality, and cost optimization. He wants to remind people of the fun, inspiring era when makers didn’t have to live in fear of patent trolls, and to encourage them to demand a return of the “permissionless ecosystem” that nurtured so many great ideas.€ 

        Huang speaks with EFF's Cindy Cohn and Jason Kelley about how we can have it all – from better phones to cooler drones, from handy medical devices to fun Star Wars fan gadgets – if we’re willing to share ideas and trade short-term profit for long-term advancement.€ 

      • VideoNOHUP - No Hangup Signals when closing terminal - Invidious
      • VideoSteamOS is getting Virtual Reality features! - Invidious
    • Kernel Space

      • LWNLinux 6.1.8
        I'm announcing the release of the 6.1.8 kernel.
        
        

        All users of the 6.1 kernel series must upgrade.

        The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

        thanks,

        greg k-h
      • LWNLinux 5.15.90
      • LWNLinux 5.10.165
      • LWNLinux 5.4.230
      • LWNLinux 4.19.271
      • LWNLinux 4.14.304
    • Graphics Stack

      • [ANNOUNCE] xf86-video-vmware 13.4.0
        A new version of the vmware driver is now available. This is mostly a
        "flush the master branch" release - necessary because the previous
        release tarball no longer builds against current X servers. Please see
        the git shortlog below for details on the commits.
        
        

        Alan Coopersmith (3): Remove obsolete B16 & B32 tags in struct definitions gitlab CI: add a basic build test Build xz tarballs instead of bzip2

        Martin Krastev (2): vmwgfx: Change header inclusion order to avoid xorg headers catching stdbool.h Garbled XvPutImage output for FOURCC_YV12 when using 3D-accel-texture adaptor

        Peter Hutterer (1): Bump the version number to 13.4.0

        Rudi Heitbaum (1): vmwgfx: fix missing array notation

        Thomas Hellstrom (10): vmwgfx: Fix XVideo memory leaks vmwgfx: Fix a memory leak vmwgfx: Use libdrm to obtain the drm device node name v2 saa: Make sure damage destruction happens at the correct location vmwgfx: Fix invalid memory accesses in CloseScreen vmwgfx: Don't exceed the device command size limit v3 vmwgfx: Limit the number of cliprects in a drm dirtyfb command v3 vmwgfx: Limit the number of cliprects in a drm present command v3 vmwgfx: Limit the number of cliprects in a drm present_readback command v3 vmwgfx: Unify style in scanout_update and present functions

        Ville Skyttä (2): Spelling fixes. Man page syntax fix.

        git tag: xf86-video-vmware-13.4.0
    • Applications

      • Trend OceansGStreamer 1.22 is a Major Stable Release, offering Many New Features and Enhancements - TREND OCEANS

        The main highlight of this update is the AV1 video codec, a free alternative to H.26/HEVC that now supports hardware encoding and decoding through VAAPI/VA, AMF, D3D11, NVCODEC, QSV, and Intel MediaSDK.

      • It's FOSS14 Rust Tools for Linux Terminal Dwellers

        Rust programming language is constantly getting more famous for its performance-oriented and memory-safe approach.

        You can find plenty of software rewritten in Rust just to make things faster and more robust. As an example relevant to Linux users, System76 chose to build its desktop environment from scratch powered by Rust. So, it is undoubtedly loved by many.

        Let me highlight some of the best Rust-powered Linux terminal tools to save you some trouble.

      • Linux Links9 Best Free and Open Source Mailing List Managers

        An electronic mailing list offers the ability to efficiently distribute information to many internet users. It is similar in some ways to a traditional mailing list.

        Electronic mailing lists are normally automated using dedicated mailing software and a reflector address. Mailing lists are often used as a two-way method of discussion between interested parties, or a one-way dissemination of information where only selected individuals can make posts.

        Mailing lists provide a popular method of information exchange for both Linux developers and users. For example, the Linux kernel mailing list gets a high volume of traffic, acting as a focal point for sharing patches, discussing implementation details, reporting bugs, and new features. Many prominent companies participate in these discussions including Intel, IBM, Oracle, and VMware.

    • Instructionals/Technical

      • VideoA quick terminal tip to to help you be productive :) - Invidious

        #Shorts Here's a quick tip which will help you be more productive in the Linux Terminal!

      • Mount and Unmount File Systems in Linux

        The mount command in Linux is used to mount a file system or removable storage devices like USB flash drives to a specific point in the directory tree, known as the “mount point”.

        This allows files and directories on the file system or storage device to be accessed and managed like any other files on the system. Once you’re done, you can use the “umount” command to detach the mounted filesystem.

        In this article, you will learn how to mount and unmount various file systems using the “mount” and “umount” commands in Linux (with practical examples).

      • Linux CapableHow to Install MyPaint on Fedora Linux - LinuxCapable

        MyPaint is a free and open-source digital painting software for Linux, specifically, and can be easily installed on the Fedora desktop. It offers a wide range of features and benefits compared to its competitors, making it an excellent choice for digital artists and illustrators. Some of the key benefits of MyPaint include its lightweight design, which allows for fast and responsive performance, and its powerful brush engine, which allows for a high degree of artistic control and precision. Additionally, MyPaint offers a wide range of customization options, including support for multiple layers and various file formats, making it a versatile and flexible tool for digital artists.

      • TecAdminHow To Install Python 3.11 on Ubuntu, Debian and LinuxMint

        Python 3.11 is the latest stable version at the time of writing of tutorial. Which comes with multiple new features and security upgrades. This version comes with improved error messages for common mistakes in type hints. A new syntax for variable annotations, to make it more clear when a variable is intended to be used for type hints versus other purposes. Improved the support for type checking and type inference in the standard library and third-party libraries.

        In this tutorial, we will help you to install Python 3.11 on Ubuntu, Debian, and Linux Mint operating systems using PPA as well as compiling it from the source code. This tutorial will also work on other Debian-based Linux systems.

      • ID RootExploring the "chmod +x" Command on Linux - idroot

        Are you tired of struggling to make your scripts and files executable on Linux? Look no further! In this post, we will dive deep into the “chmod +x” command and uncover its true power. From understanding the basic syntax to advanced usage examples, you’ll learn everything you need to know to easily make your files executable. Say goodbye to the frustration of file permissions and hello to streamlined and efficient scripting. Don’t miss out on this essential guide for any Linux user!

      • Red Hat OfficialHow to deploy a web service on OpenShift | Enable Sysadmin

        Learn how to containerize an application, create a deployment, and expose the service using HTTP.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • DebugPointKDE Introduces Fedora Kinoite Nightly for Developers

          Fedora Kinoite is an official Fedora KDE Plasma Spin for containerised applications and container-based software development. It is an immutable Linux distribution where the base packages never change and are identical for all installations. Due to this, it's easier to use it as a development box for complex projects and testing because your codebase runs on identical packages.

          With the success of Kinoite, the KDE team takes the concept further to provide an unofficial Fedora Kinoite Nightly version. This distribution offers Fedora stable packages with nightly versions of KDE Plasma, KDE framework and KDE applications!

  • Distributions and Operating Systems

    • New Releases

      • ArcoLinux v23.02 | ArcoLinux

        When we switched our shell from Bash to Zsh we were not able to login and came back to the sddm login screen.

        It was never the fault of the packages nor the config of Zsh but the way these desktops are started.

    • Gentoo Family

      • Ubuntu PitGentoo vs Arch Linux - Which Distribution Reigns Supreme?

        Gentoo and Arch Linux are two of the most popular open-source operating systems available today. Both distributions offer a wide range of features, flexibility, and customization options that make them ideal for a variety of users. Gentoo is known for its performance-oriented approach, offering advanced package management tools and an extensive software repository. Arch Linux is more user-friendly, with easy installation and configuration procedures as well as reliable updates. Both distributions have their own unique advantages, but which one reigns supreme in the great debate between Gentoo vs arch linux remains to be seen!

    • Debian Family

    • Canonical/Ubuntu Family

      • UbuntuHow digital twins enable data-driven automotive supply chains | Ubuntu

        The automotive industry is facing one of its biggest revolutions since the advent of automation. In this post, we will go through the Industry 4.0 aspects and how OEMs can turn these challenges into opportunities.

        To put it simply, the first Industrial Revolution relied on steam power, the second one on electricity and the third one on computers. What about the fourth Industrial Revolution everyone is talking about? I would describe it as a data-driven revolution.

        [...]

        In order to build a vehicle today, more than 3,000 parts need to be integrated per vehicle! These parts come from hundreds of suppliers around the world that need to work hand in hand with the OEM.

        From designing the part, to sourcing it, producing it and delivering it, the entire supply chain needs to behave like clockwork. On top of that, there are environmental and social commitments that have to be considered, mainly related to worker well-being, for example.

    • Open Hardware/Modding

      • Electronics WeeklyOh Joy - PicoScope works with Linux Mint

        PicoScopes are display-less PC scopes from UK-based Pico Technology.

        They have real scope performance (and real scope prices to go with that, although you can still get a 10MHz 2204A for ~€£100), and are not be confused with the low-performance PC-based scopes that some companies offer.

        The PC in question has Linux Mint 20, upgraded to 20.1.

        Pico Tech has been working on a Linux version of its pre-release PicoScope 7 software (PicoScope 6 is the current full release version).

      • Linux GizmosLow Power ESP32 board in Feather form-factor available for preorder at $12.50

        ThingPulse launched today the ePulse Feather which implements the ESP32-WROVER-E-N8R8 module enabled with Wi-Fi and Bluetooth 4.2. The compact board includes 8MB Flash, 8MB PSRAM, up to 20x GPIOs, 1x LiPo charger and it consumes about 12-27uA in deep sleep mode.

      • ArduinoUpdate your ESP32 boards over-the-air (OTA) with Arduino Cloud | Arduino Blog

        The Arduino Cloud is Arduino’s integrated platform to develop, deploy, monitor and control IoT devices with minimal effort. It enables makers, IoT enthusiasts and professionals to build easily connected projects based on a wide range of hardware including not only Arduino boards, but also ESP32 and ESP8266 boards. Arduino is committed to making all the Arduino Cloud features available to all the supported hardware and as a result of this effort, ESP32 family of chipsets now support over-the-air (OTA) updates.

        [...]

        One of the facts that have contributed to this popularity is the ability to use the Arduino IDE to code and program the devices. You can find tons of resources describing how to get started. There are thousands of projects that will inspire you and help you create and develop your own ideas. You can reuse the code and sketches even if they have been originally developed for other ESP32 or Arduino boards. It is so easy to get started!

    • Mobile Systems/Mobile Applications

      • MoneyControlIndigenous BharOS is based on early Linux versions: IIT Madras director

        BharOS, the homegrown operating system that was successfully tested by Union ministers Ashwini Vaishnaw and Dharmendra Pradhan on January 24, is based on a Linux kernel, Indian Institute of Technology (IIT) Madras director V Kamakoti told Moneycontrol.

        The Linux kernel is the main component of the open-source Linux operating system developed by Finnish software engineer Linus Tovalds. Android, too, is a derivative of the Linux kernel, Kamakoti said.

        This is important because BharOS is being promoted by the Indian government as an indigenous mobile operating system. On January 24, a Press Information Bureau release described BharOS as a "Made in India operating system", which was an important step towards fulfilling the PM's vision of "strong, indigenous and self-reliant digital infrastructure in India".

  • Free, Libre, and Open Source Software

    • Web Browsers/Web Servers

      • Mozilla

        • Adafruitmozilla.org’s 25th anniversary

          Before the millennium, Netscape was THE web browser to use. We’d laugh at Internet Explorer.

          At 8am on January 22, 1998, Netscape put out a press release announcing that the source code to the web browser would be released to the public at the end of March.

          Jamie Zawinski, one of the founders of Netscape (and of a whole bunch of neat stuff, often still used today) discusses how Mozilla came to be.

    • Programming/Development

      • Alex Ewerlöf[Repeat] We invested 10% to pay back tech debt; Here's what happened

        I kept my feelings to myself. Obviously, the guy who asked me to join the team (one of the senior directors in that cluster) had other plans. Maybe it was a test to see how I would react? I was new to the team and had to build credibility before I could steer any change. Plus, as I often say: “Understand before trying to change.” For all I knew, the code and people are inseparable. You cannot fix cultural issues with technical solutions.

        [...]

        Initially it was hard to defend spending 10% of the team bandwidth on tech debt, but over time the payback was huge: [...]

      • The Music of the Spheres | Fronkonstin

        I love legends. The life of Pythagoras is riddled with them: from the discoverie of consonant intervals in music while walking past a forge to how give death to his disciple Hippasus throwing him overboard a ship after this one proved the existence of irrational numbers. My favorite is the one that heads this post: it is said that Pythagoras could hear the sound of the spheres, the harmony of the universe. No more no less.

      • How to generate data from a model – Part 2 - R-posts.com

        Traditionally, data scientists have built models based on data. This article details how to do the exact opposite i.e. generate data based on a model. This article is second in the series of articles on building data from model.

      • Peteris KruminsAnnouncing OnlineTools.com

        We just bought the premium domain OnlineTools.com and launched Online Tools. Online Tools offers thousands of utilities for getting things done quickly and is used by millions of people every month.

      • KDABIntroducing kdalgorithms - KDAB

        In case you’re wondering, the above simply prints out the vector.

        Further, you might have looked at what C++20 (and especially C++23) offers in this area, but you are unfortunately stuck on C++17 or even C++14 and expect to be for quite a while.

        Finally, you might have tried some of the existing libraries but found that they didn’t work very well with the Qt containers.

        This was exactly my situation when I decided to write a few algorithm wrappers. Actually, I was using some other code already but it was GPL, and I wanted to offer something for Qt Widgets and More in an episode on algorithms.

        In the rest of this blog post, I’ll switch between Qt and non-code Qt. KDAlgorithms works just as well with both container libraries. If you’re not familiar with Qt, just mentally replace QVector with std::vector, qDebug() with cout, and you will be just fine.

      • parallel ephemeron tracing -- wingolog

        In our last dispatch we looked at a serial algorithm to trace ephemerons. However, production garbage collectors are parallel: during collection, they trace the object graph using multiple worker threads. Our problem is to extend the ephemeron-tracing algorithm with support for multiple tracing threads, without introducing stalls or serial bottlenecks.

      • TIOBE Index for January 2023

        C++ is TIOBE's programming language of the year 2022. It has won this title because C++ gained most popularity (+4.62%) in 2022. Runners up are C (+3.82%) and Python (+2.78%). Interestingly, C++ surpassed Java to become the number 3 of the TIOBE index in November 2022. The reason for C++'s popularity is its excellent performance while being a high level object-oriented language. Because of this, it is possible to develop fast and vast software systems (over millions of lines of code) in C++ without necessarily ending up in a maintenance nightmare.

      • RlangShow all data in the background of your faceted ggplot

        One of the game-changing features of ggplot2 was the ease with which one can explore the dimensions of the data using small multiples. There is a small trick that I was to share today – put all the data in background of every panel. This can considerably improve comparability of the data across the dimension which splits the dataset into the subsets for the small multiples. Better to show right away what I mean and then explain in details.

    • Standards/Consortia

      • Ruben SchadeRubenerd: The writer of ahiru.pl also uses desktop email

        This is… unfortunately true. I find I need to write HTML email when sending messages to suppliers, landlords, etc. More and more people don’t understand direct URLs or image attachments, or are confused when their HTML email gets converted to plaintext when I reply. I could make a stand, or I could get our shower fixed.

  • Leftovers

    • Science

      • MIT Technology ReviewHow the James Webb Space Telescope broke the universe | MIT Technology Review

        Natalie Batalha was itching for data from the James Webb Space Telescope. It was a few months after the telescope had reached its final orbit, and her group at the University of California, Santa Cruz, had been granted time to observe a handful of exoplanets—planets that orbit around stars other than our sun.

        Among the targets was WASP-39b, a scorching world that orbits a star some 700 light-years from Earth. The planet was discovered years ago. But in mid-July, when Batalha and her team got their hands on the first JWST observations of the distant world, they saw a clear signature of a gas that is common on Earth but had never been spotted before in the atmosphere of an exoplanet: carbon dioxide. On Earth, carbon dioxide is a key indicator of plant and animal life. WASP-39b, which takes just four Earth days to orbit its star, is too hot to be considered habitable. But the discovery could well herald more exciting detections—from more temperate worlds—in the future. And it came just a few days into the lifetime of JWST. “That was a very exciting moment,” says Batalha, whose group had gathered to glimpse the data for the first time. “The minute we looked, the carbon dioxide feature was just beautifully drawn out.”

    • Education

      • TruthOutStrike Suspended After UIC Faculty Union Reaches Tentative Deal
      • Bridge MichiganDid Johnny write this or a robot? AI chatbots rock Michigan schools

        Had the student suddenly improved his writing this much over a short time? Or, was the paper she was looking at written by a computer program?

        Just months ago, the question wouldn’t have occurred to the veteran English instructor. But new artificial intelligence apps have grown in sophistication to the point that they can generate everything from essays and analyses to poems and songs at the click of a button.

      • [Old] Alex EwerlöfI failed 3 job applications, here's what I learned

        Today after 23 years, I have a relatively high level leadership position but it wasn’t always like this. As an introvert in a world that’s optimized for extroverts I had a long and painful learning curve.

        Like most people I’ve failed more interviews than I made. Sometimes I walked out, most of the time, I was rejected. In this post, I will go through my top 3 favorite interview lessons hoping to shorten the learning curve for some of you who may be in the job market.

    • Hardware

      • Bryan LundukeTwo Wild Soviet Personal Computers of the 1980s

        I absolutely love the computers of the old Soviet Union.

        Sure, I never had one: I never lived in the Soviet Union… and I don’t speak a single drop of Russian.

        Just the same, there’s something fascinating and wild about the computer industry of that particular place and time.

        The Soviet-styled, Sci-Fi inspired cases. The (often) knock-off copies of hardware and (also often) stolen ROMs and software. The history, technology, and aesthetics are downright whimsical.

      • CNX SoftwareTerraMaster F4-423 review - A low-power 4-bay NAS tested with Unraid - CNX Software

        Hey Karl here. The timing couldn’t have been more opportune when I was asked to review the TerraMaster F4-423 4-bay NAS. Let me explain why.

        I run Unraid as my OS of choice for my home lab. I have found it easy to maintain and hard to break. My old rig had a 3900X with 3 cores, 6 threads dedicated to docker containers, and the remaining cores running VM’s. It has been a fun and learning experience.

        I have run it with several different VM configurations over the past few years. The majority of the time I ran 2 VM’s. One personal and one work and I would RDP over to the work VM. If I wanted to game I had a third gaming VM and allocated all resources to it. It’s not super convenient and as convoluted as it sounds. But recently I moved back to my company-provided laptop and was liking the idea of running bare metal again.

    • Health/Nutrition/Agriculture

      • Elon Musk amplifies dubious claims of “spasms” and “seizures” after COVID-19 vaccines

        I’ve said it before, and I’ll say it again—and likely again and again and again. In the age of the pandemic, everything old is new again when it comes to antivaccine misinformation, disinformation, and conspiracy theories. Indeed, the new COVID-19 conspiracy theories only differ from old antivaccine conspiracy theories in certain details specific to the coronavirus causing the pandemic and the vaccines used to prevent COVID-19; for example, antivaxxers might have built up elaborate “mechanisms” and conspiracy theories based on the rare occurrence of myocarditis after the vaccination, but the message is still that vaccines are killing young people and causing “depopulation,” just as the antivax message about Gardasil was that it was killing girls and young women back in the day. So I’m rather embarrassed to say that it came as a bit of a surprise to me that the latest viral trend seems to be videos of people claiming that COVID-19 vaccines caused them to develop chronic spasms and seizures.

      • Pro PublicaThe Tests Are Vital. But Congress Decided That Regulation Is Not.

        A number of tests used by patients to make major health care decisions have once again escaped regulation by the Food and Drug Administration, following intensive lobbying on behalf of test-makers, professional associations and academic medical centers.

        For years, experts have warned about the dangers of so-called laboratory-developed tests — including certain cancer screenings and diagnostic tests for everything from Lyme disease to autism — reaching patients without FDA oversight.

      • Counter PunchThe U.S. Blockade of Cuba Hurts Medical Patients in Both Countries

        Scientists in Cuba believe that the breakthroughs they have made in the health care and technology sectors should be used to save and improve lives beyond the country’s borders. This is why the island nation has developed important scientific and medical partnerships with organizations and governments across the globe, including with those in Mexico, Palestine, Angola, Colombia, Iran, and Brazil. However, such collaborations are difficult due to the blockade imposed on Cuba by the United States, which has now been in place for the last six decades.

        In a conference, “Building Our Future,” held in Havana in November 2022, which brought together youth from Cuba and the United States, scientists at the Cuban Center of Molecular Immunology (CIM) stated during a presentation that the blockade hurts the people of the United States, too. By lifting the sanctions against Cuba, the scientists argued, the people of the United States could have access to life-saving treatments being developed in Cuba, especially against diseases such as diabetes, which ravage working-class communities each year.

      • Mexico News DailyI applaud the new smoking ban; now on to our other addictions

        We’re all, with few exceptions, addicted to our phones and the apps on them as well, which is its own kind of emergency. If you can imagine not having the option of unlocking it for a peek at what’s going on in the online world every time you’re bored or want a distraction from something dull, painful, and/or seemingly unbearable, then you might realize how painful withdrawal is.

        My point is, let’s take a moment of silence and empathy for those still addicted to nicotine before briefly pivoting over to some of our collective addictions.

    • Proprietary

      • The VergeThe third-party apps Twitter just killed made the site what it is today

        As many people have pointed out over the past week, third-party clients helped make Twitter the platform it is today, innovating parts of Twitter we take for granted and, in the early days, helping form the company’s very identity. They’ve also acted as a safe haven from unwanted changes, helping to keep people tweeting when they were ready to give up on the platform.

    • Linux Foundation

      • OpenSource.comWhat you need to know about software bills of materials

        Modern software development is incredibly complex. Software nowadays is always comprised of a combination of components. These components are typically modules and libraries called by other code or even standalone programs that are used in conjunction with other programs.

        Until a few years ago, the 80/20 rule was valid: in any significant piece of software, 80% of the content should not be yours. It makes no economic sense to try to develop more than 20% of any software because it's likely someone has already built components with the necessary functionality. Instead, focus on developing what gives you a competitive advantage. In recent years, this balance might have even shifted to 90/10.

        That's where the software bill of materials (SBOM) comes in. It's a formal record containing details and supply chain relationships of all the components used in building software. These components can be open source or proprietary, freely available or paid-for, widely available or access-restricted. The information present in an SBOM can be used in a multitude of ways, helping answer various contractual, legal, or technical queries about the software.

        Early efforts for providing SBOMs were mostly spearheaded by the desire for legal compliance. Every software component is under a specific license, which might impose some obligations on its use. In order to be legally compliant, one must satisfy all the obligations of all the licenses. This is straightforward, but not easily accomplished. An obvious first step is to have a record of all components and all licenses, which is exactly what an SBOM is.

      • SOF 2.4.1 is here - Sound Open Firmware

        SOF 2.4.1 is the first release using Zephyr RTOS with native Zephyr device drivers (on some Intel platforms) and Windows IPC. This should be the last “opt-in” intermediary release as code is transitioned to support Zephyr RTOS, topology2, Module API, and IPC abstraction (IPC3/4) support.

    • Security

      • Ariadne Conillpkgconf, CVE-2023-24056 and disinformation | Ariadne's Space

        Readers will have noticed that two maintenance releases of pkgconf were cut over the weekend, 1.9.4 and 1.8.1 respectively, to address CVE-2023-24056, a pkg-config specific variation of the now-classic “billion laughs attack”. While fixing software defects is important, a lot went wrong with how this CVE was reported and the motivations behind its disclosure, and for my own catharsis, I want to talk about this.

      • Pen Test PartnersOSINT your OT suppliers | Pen Test Partners

        There is much talk about supply chain security and reviewing your suppliers for cyber security. But how much information do they intentionally and unintentionally leak about your organisation online?

        We see this particularly in the industrial controls sector as its cyber security maturity is perhaps a few years behind the wider cyber market.

        Fortunately, this is something that you can audit yourselves, without needing to involve the supplier. It can make for useful negotiation points during procurement exercises, particularly if you engage your purchasing teams in the process.

        Why make the hackers life easy?

      • Terence EdenBook Review: If It's Smart, It's Vulnerable - Mikko Hyppönen

        This is a curious book. It starts out as a look at the security of everyday objects, but quickly becomes a series of after-dinner anecdotes about various security related issues. That's not a bad thing, as such, but a little different from what I was expecting.

      • OSI BlogWhat is the Cyber Resilience Act and why it’s important for Open Source - Voices of Open Source

        The Cyber Resilience Act (CRA) is an interesting and important proposal for a European law that aims to drive the safety and integrity of software of all kinds by extending the “CE” self-attestation mark to software. And it may harm Open Source. The proposal includes a requirement for self-certification by suppliers of software to attest conformity with the requirements of the CRA including security, privacy and the absence of Critical Vulnerability Events (CVEs).

        [...]

        The Open Source Initiative assumes the Act is not intended to negatively impact the communities that make Open Source software or burden the non-profit foundations that support them.

      • Kev QuirkI Was Nearly Phished | Kev Quirk

        I nearly fell for a run of the mill phish recently. Just goes to show that they can get anyone.

        Just to give you some context before we get into this, I’m a senior leader at Bank of America, where I work in the information security team.

        The team I run is in the identity space and one of the things we’re interested in is phishing attacks. So although I’m no expert, I do like to think of myself as a person who knows a thing or two about phishing attacks.

      • Privacy/Surveillance

        • EngadgetUS law enforcement has warrantless access to many money transfers | Engadget

          Your international money transfers might not be as discreet as you think. Senator Ron Wyden and The Wall Street Journal have learned that US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general's office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas. The program covers data for numerous Caribbean and Latin American countries in addition to Canada, China, France, Malaysia, Spain, Thailand, Ukraine and the US Virgin Islands. Some domestic transfers also enter the data set.

          The program exists to help agencies collect evidence of fraud and money laundering, as transfer services aren't required to know customers like banks. This has led to busts for drug cartels and other criminals, TRAC director Rich Leber explained to The Journal. The $500 threshold exists to prevent the system from collecting most data for immigrants remitting money to family in their home countries. Money transfer apps like Apple Cash, Cash App, PayPal, Venmo and Zelle haven't provided data to TRAC, Wyden says.

        • CES gives great consumer advice | Stop at Zona-M

          Instead, they make pearls like ”$200 travel mugs with location-sharing capabilities and irreplaceable batteries”. And that’s just one example from the iFixit list of CES 2023 worst products.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • Michael West MediaRex Hex: PM’s office backflips, refuses to release Albo's diaries - Michael West

        After telling Rex Patrick his PM’s Diary FOI request would be processed for $1,344, and after Rex paid the deposit, the Prime Minister’s Office has backflipped and is now refusing to process the request for 29 pages on the grounds that doing so “would substantially and unreasonable interfere with the performance of the [Prime] Minister’s functions”. What’s the scam?

      • Michael West MediaThe Secret Diary of a Prime Minister - Michael West

        A fee of $1,344 to process a Freedom of Information request for PM Anthony Albanese's diary is "outrageous" says Rex Patrick.

        [...]

        Ministerial diaries should be released, albeit it is expected that on rare occasions some redactions might be necessary. Not only is the making of ministerial diaries public ‘of interest to the public’, more importantly it’s ‘in the public interest’.

        Ministers work for you. Everything they do, they do for public purpose. It’s appropriate that members of the public can look at ministers’ diary to see what they are (or aren’t) doing, who they are (or aren’t) meeting with, how much time they are spending on the job and how much time they spend at their office versus out in the field versus overseas.

    • Environment

      • Energy/Transportation

        • JURISTEnvironmentalists petition for review of US approval of Texas deepwater oil port

          The environmental activist groups filed the petition under Administrative Procedure Act 5 U.S.C. €§ 702 and Deepwater Port Act 33 U.S.C. €§ 1516. Both statutes provide that an aggrieved party may seek judicial review in the US Court of Appeals of an agency’s decision within 60 days of the decision. Specifically, the environmental activist groups sought judicial review of the MARAD’s decision to license the Sea Port Oil Terminal for transportation of domestically produced crude oil to the global market. The environmental activist groups alleged that MARAD “failed to adequately assess the devastating oil-spill risk and species harms from [the terminal’s] construction and operation.”

        • CCL provides input to USDA about how to allocate IRA climate-smart agriculture funds | Citizens’ Climate Lobby

          In last year’s passage of the Inflation Reduction Act (IRA), Congress included about $20 billion earmarked for natural climate solutions. The United States Department of Agriculture (USDA) is responsible for deciding how those funds should be allocated to meet the climate goals outlined in the text of the IRA, which include projects that will “reduce, capture, avoid, or sequester carbon dioxide” in American forests and farms.

          Eagle-eyed CCL volunteer Matthew Mayers noticed that USDA was requesting public input regarding how to achieve those goals in practice, and CCL staff jumped on the opportunity to provide comments on this issue related to our healthy forests policy agenda.

        • Fortune[Old] The ‘end of crypto’? Not so fast

          It’s hard to argue. In a decade of covering crypto, I’ve seen no end of scams and disasters—most notably the catastrophic Mt. Gox hack of 2014 and the casino-rama frenzy of the 2017 ICO era—but nothing this bad. The FTX collapse not only blew up tens of billions of dollars in value but deeply damaged trust in an industry that only two weeks ago seemed poised to enter the mainstream of American finance.

      • Wildlife/Nature

        • WileyMuseum specimens of a landlocked pinniped reveal recent loss of genetic diversity and unexpected population connections

          The use of museum specimens allowed us to directly investigate genetic patterns in the endangered Saimaa ringed seal population through more than a 100 years. Although erosion of the initial genetic diversity has continued throughout the isolation, we observed 20th-century loss of haplotypes and relatively drastic fluctuations in haplotype frequencies, demonstrating a genetic effect of the human-induced population collapse. Combining newly generated and already published data from multiple ringed seal populations additionally allowed us to investigate broad phylogeographic patterns in ringed seals. In apparent contrast with the traditionally held view of the Baltic origin of the population, the Saimaa ringed seal mtDNA variation shows enigmatic affinities to North American ringed seals. These results add to the growing body of evidence which calls for a re-evaluation of the deep history of the Saimaa ringed seal population. Future data on still-unsampled populations, for example, in the Arctic Ocean, as well as genomic data and ancient DNA could provide keys to understanding the origin and demographic history of the Saimaa ringed seal. Lake Saimaa may harbor a ringed seal population that is even more unique than previously thought, which calls to strengthen the conservation efforts of this population further.

        • The RevelatorRekindling the Practice of Cultural Burning: An Act of Climate Hope
      • Overpopulation

    • AstroTurf/Lobbying/Politics

      • Ruben SchadeRubenerd: Contrasting thoughts around Twitter API access

        The recent Twitter API access issues are an illustrative case study in how people discuss issues online. One camp is horrified that longstanding third-party applications are being denied access. The other group says they’re entirely in their right to do so.

      • Petros KoutoupisYou Can Now Find Me On Mastodon - Random [Tech] Stuff

        It is now official, you can now find me on Mastodon. Now that the future of Twitter continues to be uncertain, I figured that I would give Mastodon a go and so far the experience has been mostly positive. My only real issue is finding people to follow but that should get easier as my server federates with others.

      • The HillSpotify cutting hundreds of jobs in latest round of tech layoffs

        Music streaming service Spotify announced Monday that it is slashing hundreds of jobs in the latest round of layoffs in the tech sector.

        Spotify said it would cut 6 percent of its staff, or about 600 workers, based on its last earnings report.

      • Stacey on IoTLet’s see what the Davos set has to say about the IoT

        Nothing in the 49-page report will surprise readers of this newsletter, but I want to highlight a big area where I wish we’d stop talking about the problem and actually do something about it. The report notes the two biggest governance gaps in the IoT: privacy practices and the ethical use of the technology, followed by cybersecurity. I’m optimistic we’re well on our way to closing the governance gap when it comes to cybersecurity, but we’re completely failing users when it comes to privacy, and that will hobble the IoT.

        Eighty-two percent of respondents indicated they lacked confidence in the protection of privacy and the responsible use of data generated from connected devices. That means more than four out of every five people aren’t ready to trust connected devices or the ethics of those producing or deploying them.

      • TruthOutPoll Finds Most New Yorkers Want George Santos to Resign From House Seat
      • TruthOutRuben Gallego Announces Senate Run Against Kyrsten Sinema in 2024
      • TruthOutLula’s New Government Is Taking Steps to Combat Racism in Brazil
      • Misinformation/Disinformation/Propaganda

        • FuturismEmployees at TikTok Apparently Have a Secret Button That Can Make Anything Go Viral

          A new Forbes investigation has revealed that TikTok's algorithm isn't nearly as democratic as the app and its parent company, ByteDance, have been happy to let users believe.

          Per the report, TikTok employees have access to a secret "heating" feature, which is essentially a big red button for virality. Hit that button, and content gets boosted — unbeknownst to the TikTok users who might be consuming the "heated" videos.

    • Censorship/Free Speech

      • The NationHarvard Changed Its Mind on Ken Roth—Not on Allowing Free Speech About Palestine

        Cambridge, Mass.—Over the past several weeks, Harvard University has been at the center of a national debate on bias, censorship, and academic freedom. As first reported in these pages, Dean Douglas Elmendorf of the Harvard Kennedy School (HKS) blocked longtime director of Human Rights Watch (HRW) Kenneth Roth from a fellowship at the Carr Center for Human Rights. Why? Alleged “anti-Israel bias.” The Kennedy School’s rejection was a part of broader backlash against HRW’s work documenting Israel’s abuses of Palestinian rights, invoking the all-too-familiar rhetoric used against any who dare criticize the Israeli government. For an institution supposedly committed to veritas—a motto displayed prominently across the Harvard campus—it seems the truth of Israeli apartheid is not welcome. While HKS claims to value difficult conversations and openly opines about topical issues such as the war in Ukraine, the unwillingness to engage the reality of Israeli apartheid reveals intellectual strong-arming against Palestinian narratives.1

    • Freedom of Information / Freedom of the Press

      • Jacobin MagazineWikiLeaks Has Been Persecuted Mercilessly for Revealing the Secrets of US Empire

        Maurizi begins her masterful book Secret Power: WikiLeaks and Its Enemies by recounting these episodes, capturing the immense excitement and potential that accompanied WikiLeaks as it published what no one else dared to. At a time when many were skeptical of corporate media’s ability to challenge entrenched power, Wikileaks’ defiance of powerful corporate and state actors was inspiring — especially coming as it did at a time when the democratizing and liberatory potential of the internet dominated the conversation, rather than its deleterious impact on democracy and the human psyche as it does today.

        Maurizi has very likely produced the definitive version of the WikiLeaks story, and it’s a page-turner to boot. But the book is not merely a history of WikiLeaks’ war on secret power and secret power’s subsequent war on WikiLeaks. Maurizi was the media partner for nearly every WikiLeaks disclosure. (She was also the Italian partner for the Snowden disclosures). Through intertwining her own experiences as a journalist with the larger history of WikiLeaks, Maurizi debunks misinformation about WikiLeaks.

      • TruthOutProsecution of Assange Would Lead to End of the First Amendment, Advocates Warn
      • The DissenterLawsuit Against Alleged CIA Spying On Assange Visitors Will Be Revised
    • Civil Rights/Policing

      • JURISTUniversity of Tehran institutes disciplinary procedures for students refusing to wear hijab

        Under the new disciplinary procedures, students will be notified of an infraction in three progressive steps. The first violation results in sending the violating student a text message reminding them to follow the appropriate dress code. A second violation results in the university contacting the student’s family about the offending behavior. The consequence of a third violation is a meeting with the disciplinary committee. A student is granted clemency when they admit wrongdoing. Alternatively, when the student does not admit fault, they are punished according to the law.

      • NPRLooking for Amazon alternatives for ethical shopping? Here are some ideas

        Armed with those principles, here are some ideas of where you can shop next. This is not a comprehensive list but rather resources for customers seeking Amazon alternatives.

      • BBCLiveLiveAfghan women share what their lives are really like under the Taliban

        Since seizing power in 2021, the ultra-conservative rulers have restricted women’s lives, closing most secondary schools to girls

        Women have been banned from going to university, stopped from entering parks and gyms and must observe strict dress codes

        About half the population face acute hunger and 97% are in poverty but in December the Taliban also banned female aid workers from doing their jobs

    • Monopolies

      • Copyrights

        • Torrent FreakCourt Dismisses Copyright Troll's Piracy Lawsuit Over Suspension

          Malibu Media, the adult entertainment company that previously demanded hefty settlements from thousands of pirates, now finds itself in rough waters. A federal court in Texas has just dismissed one of its last remaining piracy lawsuits after Malibu failed to resolve a corporate suspension due to tax issues. The end of an era?

        • Torrent FreakHSI Agent Details U.S. Pirate Site Domain Seizure Mechanism in Affidavit

          Last month, the U.S. seized dozens of domains for illegally streaming World Cup 2022 matches. The tournament began in November, but according to a Special Agent's affidavit, Homeland Security received information on sites illegally streaming World Cup matches in September. HSI affidavits filed in support of the December 2022 domain seizures reveal how that process played out.

        • Torrent FreakPopular TV Streaming Service USTVGO Shuts Down

          Popular live TV streaming portal USTVGO appears to have shut down its service. A brief message on the site says "Sorry, we are closed," leaving millions of users with plenty of unanswered questions. While the reason for the sudden decision is unknown, rightsholders and anti-piracy outfits already had USTVGO on their radar.

        • Walled CultureThe first lawsuit against generative AI seems doomed to fail because it misunderstands the technology - Walled Culture

          Back in October last year, a Walled Culture post noted that generative AI programs were likely to have a massive impact on both copyright and creation. When programs can produce free texts, images and sounds that are “good enough” for most everyday purposes, copyright becomes largely irrelevant. Creativity is impacted too, but not just in the obvious, possibly negative way. The free availability of an endless supply of AI generated works will make truly original, human creations more valuable. But of course, many artists don’t see those positives. Obsessed as they are with ownership and its infringements, they have responded to generative AI in the only way they know: by bringing a lawsuit.

          [...]

          This admits that generative AI images may not even look like the input data, but still tries to claim that they represent some kind of infringement because they are “derived” from the training images, even though they do not copy them, as Guadamuz notes, they analyse them. By the logic of this lawsuit, artists who look at other works, and dare to think about how they are put together, are also infringing by virtue of the “input” those creations provide for other, non-copying works.

          What’s sad about this lawsuit is that it represents a further instance of copyright-obsessed creators reflexively fighting against exciting new developments in technology. It comes from a misplaced sense of ownership of intangible creative elements that belong to the artistic commons, and thus to everyone. It’s yet another result of copyright’s malign influence on creativity and creators.

  • Gemini* and Gopher

    • Personal

      • Miniseries, Film, and Television as Art Forms

        In which I discuss miniseries as an art form in comparison with feature films and television shows; and then digress into contrasting films and television in general.

        Written on a MacBook Pro in Neovim while listening to the Bugsnax Original Soundtrack (2021) by Seth Parker.

      • 🔤SpellBinding: CDENOYV Wordo: BOSSA
      • Paragraph

        I remember being kinda frustrated in school, in the first few grades of school, over how they couldn’t give a rule for when to break paragraphs. For sentences, the capital letter at the start, period at the end was easy enough (although what a sentence is isn't entirely clear even to linguists xbar mp s np vp foo bar frotz), but for paragraphs they couldn’t say anything. It was more a “know it when I see it”; great, what does that help us?

        Now that I know a li’l bit more, I think one reason for why they couldn’t is because sentence division is on the syntax layer while paragraph division is on the semantic layer. My guideline is that a paragraph should start and end “being about the same thing”, unlike a DJ segueing from talking about one song to another. Introduce a new concept? New paragraph.

    • Technical

      • Capsule of the day - 2023-01-24

        Links are selected randomly from a list of known host from the lupa crawler[1]. The links are not manually curated and I'm not responsible of the content of these capsules. If some offensive capsules are listed here automatically, please alert me so I can manually remove them.

      • I Too Was Nearly Phished

        Kev's story is a good reminder that even the careful can get phished. It also reminded me of a pretty good phishing attempt that came my way several months ago and I think the biggest reason I didn't fall for it was dumb luck.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day