Bonum Certa Men Certa

Links 28/03/2023: Pitivi 2023.03 is Out, Yet More Microsoft Layoffs (Now in Israel)



  • GNU/Linux

    • Server

      • TecMint12 Best Linux Server Distributions of 2023

        Linux is free and open-source, this has emanated from the low total cost of ownership of a Linux system, compared to other operating systems.

        Although Linux operating systems (distributions) are not entirely doing well on desktop computers, they are commanding the stats when it comes to powering servers, mainframe computers as well as supercomputers in data centers around the world.

      • Container JournalTorc Acquires Codealike for Cloud-Native Developer Network

        Torc has acquired Codealike to provide cloud-native application developers in its network with data that improves their skillsets. Torc CEO Mike Morris says Codealike complements other tools that Torc provides, including access to a community of more than 10,000 cloud-native application developers that take on assignments listed...

    • Audiocasts/Shows

    • Applications

      • Converseen Flatpak now with Heif/Heic, PDF, LibRAW Support

        Although Converseen has been available as a Flatpak package for a few months now, it finally now has a series of updates that bring it up to par with the corresponding AppImage and Snap packages in terms of features.

      • 9to5LinuxPitivi 2023.03 Video Editor Brings Back Autoaligner, Adds More Precise Audio Waveforms

        Pitivi 2023.03 has been in development for the past nine months, superseding the Pitivi 2022.06 release, but it doesn’t look like it’s a big update as it only adds a couple of new features and smaller improvements.

        For example, Pitivi 2023.03 makes audio waveforms more precise when you look at them and implements automatic seeking to the start of the timeline when starting playback while the playhead is at the end to save you a click.

    • Instructionals/Technical

      • UNIX CopHow to get the latest stable version of GNOME Web on Linux

        Hello, friends. In this post, you will learn how to get the latest stable version of GNOME Web on Linux. What is GNOME Web? According to the project's website, Web is the web browser for the GNOME desktop and for elementary OS, based on the popular WebKit engine.

      • Titus BarikMigrating from WordPress to Hugo

        There were many reasons I decided to leave WordPress.

      • University of TorontoMoving from 'master' to 'main' in Git with local changes

        One of the things that various open source Git repositories are doing is changing their main branch from being called 'master' to being called 'main'. As a consumer of their repository, this is generally an easy switch for me to deal with; some day, I will do a 'git pull', get a report that there's a new 'main' branch but there's no upstream 'master', and then I'll do 'git checkout main' and I'm all good. However, with some repositories I have my own local changes, which I handle through Git rebasing. Recently I had to go through a 'master' to 'main' switch on such a repository, so I'm writing down what I did for later use.

      • TecAdminSecuring MySQL Database with Limited User Permissions

        MySQL is one of the most popular open-source relational database management systems used by developers worldwide. However, with its popularity comes a significant risk of security threats such as SQL injection attacks.

      • Trend OceansHow to Install an Older Version of a Package in Ubuntu/Debian

        It's not advisable to install an older version of a package on your computer, but what can we do when the latest build removes the feature that we want?

      • TecAdminSecuring MySQL database with Stored Procedures

        Securing your MySQL database is crucial for protecting sensitive data and preventing unauthorized access.

      • Net2How to Install TensorFlow on Ubuntu 22.04

        TensorFlow is an excellent tool for developers looking to create and train advanced models in the field of machine learning.

      • TecMintHow To Restore a Particular Schema from a PostgreSQL Database Backup

        If you intend to restore only one or a few schemas from a PostgreSQL backup file, you can use the pg_restore command, which is used for restoring a particular PostgreSQL database from an archive created by pg_dump in non-plain-text formats.

        In this guide, we will show how to restore a particular schema from a PostgreSQL database backup file using the pg_restore command-line tool.

      • TecMintHow To Install and Use Android Debug Bridge (adb) in Linux

        Android Debug Bridge (adb) is the most used command-line tool that enables communication between a personal computer and a connected Android-powered device or emulator instance over a USB cable or TCP/IP (wirelessly).

        It supports various device actions such as networking, scripting, installing and debugging apps, and file transfer. It also provides access to a Unix shell that can be used to run a variety of Linux commands on a device.

      • OSTechNixGetting Started With XCP-ng Management Console

        In our previous tutorial, we discussed how to install XCP-ng server. Before deploying our first VM, let us get familiar with XCP-ng configuration menu. Allow me to give you a screenshot tour to get started with XCP-ng Management Console.

      • LinuxTechLabHow to Choose a Free VPN for Linux? [Ed: Potentially spammy or promotional.]

        Privacy…we all crave it, right? Whether it's personal space from loved ones or a colleague's prying eyes, we all value it.€ 

        But when it comes to the internet, you can never be careful. Who knows how many eyes are feasting on your search history or previous video watches?€ 

      • Trend OceansHow to Fix an Error Unable to Correct Problems You Have Held Broken Packages

        One of the quite common errors while installing packages on Ubuntu is the “Held broken packages” error, which can be solved very easily with this guide..

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • DedoimedoPlasma, Dolphin, Downloads folder, grouping by date

          There we go, we fixed the little annoyance. I really don't understand why the good ole menu is such a nuisance on the classic, conventional desktop. Now, we also need to remember that the Plasma desktop is highly consistent and extremely customizable. So you can easily change anything you like. But the defaults should be more desktopy, even if they are somewhat less visually pleasing so to speak. Minimalism only works for glass displays and people without a real task at hand.

  • Distributions and Operating Systems

    • Linux Magazine CarbonOS: A New Linux Distro with a Focus on User Experience
      Have you ever run a Windows update, only to have it fail and render your desktop unusable? Many have, which is one of the reasons why some Linux distributions take great pains to ensure it never occurs on the open source operating system.

      Some developers take this to the next level by using atomic updates, which means every time you go to update the operating system, it is guaranteed to succeed. Should an update fail, the system will automatically roll back the upgrade so everything continues working.

  • Free, Libre, and Open Source Software

    • It's FOSSOpen-Source Model 'Dolly' Claims to be a Cheaper Alternative to ChatGPT [Ed: Chatbots are not news. Pointless, worthless hype intended to help Microsoft distract from mass layoffs. Why does the corporate media celebrate Microsoft wasting a lot of electricity for something people don't want or use? How much has Microsoft paid so far for all those mindless puff pieces?]

      An affordable alternative to ChatGPT? And, open-source? Looks like we're joining the open-source race against ChatGPT.

    • Education

      • Linux GizmosHackerBox leverages dual ESP32 dev boards

        HackerBox is a monthly subscription that combines and delivers various dev kits aimed at hobbyists and students. This month’s HackerBox is based on the wardriver.uk platform and it features two ESP32-WROOM-32U modules, one GSM modem, a MicroSD card, an OLED display and many other components.

      • Raspberry PiMeet Allie Katz: 3D printing expert

        A: Start small and work your way up to bigger and more complex things. Test and calibration prints are a great way to get to know your printer’s capabilities and limitations, but if you find that uninteresting and want to be designing and printing your own things, then try tackling one difficult thing at a time, instead of trying to throw it into a single design. I also recommend reading up on the basics/theory of 3D printing before diving in too far, particularly since there are some amazing, very easy-to-digest primers out there. I highly recommend Billie Ruben’s guides.

    • FSFE

      • Simon JosefssonSimon Josefsson: OpenPGP master key on Nitrokey Start

        I’ve used hardware-backed OpenPGP keys since 2006 when I imported newly generated rsa1024 subkeys to a FSFE Fellowship card. This worked well for several years, and I recall buying more ZeitControl cards for multi-machine usage and backup purposes. As a side note, I recall being unsatisfied with the weak 1024-bit RSA subkeys at the time – my primary key was a somewhat stronger 1280-bit RSA key created back in 2002 — but OpenPGP cards at the time didn’t support more than 1024 bit RSA, and were (and still often are) also limited to power-of-two RSA key sizes which I dislike.

        [...]

        In December 2022 I bought a new laptop and setup a FST-01SZ with my Ed25519 key, and while I have taken a vacation from Debian, I continue to extend the expiration period on the old RSA3744-key in case I will ever have to use it again, so the overall OpenPGP setup was still sub-optimal. Having two valid OpenPGP keys at the same time causes people to use both for email encryption (leading me to have to use both devices), and the WKD Key Discovery protocol doesn’t like two valid keys either. At FOSDEM’23 I ran into Andre Heinecke at GnuPG and I couldn’t help complain about how complex and unsatisfying all OpenPGP-related matters were, and he mildly ignored my rant and asked why I didn’t put the master key on another smartcard. The comment sunk in when I came home, and recently I connected all the dots and this post is a summary of what I did to move my offline OpenPGP master key to a Nitrokey Start.

    • GNU Projects

      • OpenSource.comUse this open source accounting app to run your small business
        GnuCash is a powerful and flexible accounting tool that can be used for small business invoicing and accounting. It has a number of features that make it particularly well-suited for this purpose, including the ability to track expenses and income, generate reports, and manage invoices. Additionally, GnuCash is free and open source, which makes it accessible to small businesses with limited resources. In this article, I discuss the features of GnuCash that make it easy for you to get started using it in your own small business.

        I began using GnuCash a number of years ago for my personal finances but found it could also function as a useful tool for my small business too. I'd been using a proprietary solution for much of the life of my business. I grew tired of being forced to upgrade periodically to get access to my invoices and statements for my small business. Moving to GnuCash gave me the ability to integrate my small business accounting with my personal finances without sacrificing any features.

    • Licensing / Legal

    • Programming/Development

      • RlangR in Finance and Accounting Sector in Korea
      • RlangThere’s a black hole in the number line


      • Elise HeinFighting inter-component HTML bloat

        Note: The examples in this post will be React-specific, but the core idea extends to most JS-based component libraries.

      • RlangHow fast does a compressed file in?

        Benchmarking is the process of measuring and comparing the performance of different programs, tools, or configurations in order to identify which one is the most efficient for a specific task. It is a critical step in software development that can help developers identify performance bottlenecks and improve the overall performance of their applications.

        In this post I create a square matrix and then convert it to a data.frame (2,000 rows by 2,000 columns) and then saved it as a gz compressed csv file. The benchmark compares different R packages and functions, including base R, data.table, vroom, and readr, and measures their relative speeds based on the time it takes to read in the .csv.gz file.

      • Bozhidar BatsovBad nREPL: 10 Things You Hate About nREPL

        Well, nREPL was never meant to be a “real REPL”. It was meant to be a REPL server that makes it easy for people to build development tools (e.g. Clojure editor plugins) upon. And framing requests and responses makes a huge difference there. Sure, it might look appealing to be relying only on eval for everything, but you still need to be able to process whatever you got from eval. It’s also pretty handy to be able to match requests and responses that originated from them.

      • Python

        • TecAdmin10 Python Examples That Will Make You a Better Programmer

          Python is a versatile and powerful programming language, known for its readability and ease of use. As a programmer, learning new coding techniques and best practices is essential for growth and skill development.

        • OpenSource.comCreate a ChatBot in Mattermost with Python
          ChatOps is a collaboration model that connects people, processes, tools, and automation into a transparent workflow. Mattermost is an open source, self-hosted messaging platform that enables organizations to communicate securely, effectively, and efficiently. It's a great open source alternative to Slack, Discord, and other proprietary messaging platforms. This article outlines the steps to create a ChatOps bot on Mattermost, including the necessary code examples and explanations.

          Prerequisites

          Before starting, ensure that you have access to a Mattermost server, have Python installed, and have installed the Mattermost Python driver using pip.

    • Standards/Consortia

  • Leftovers

    • LatviaMan hit by train in Ogre, Latvia

      On Monday, March 27, in Ogre, a man has been run over by a train at the Jaunogre railway station, the State Police representative Līna Bagdone told Latvian Radio.

    • New York TimesRestoring a Giant Plane: Ukrainian Resilience or Folly?

      Ukraine, with far more pressing needs, plans to rebuild the colossal Mriya cargo plane, a symbol of pride that was destroyed last year in a battle for its airfield.

    • Federal News NetworkJumbled wreckage complicates chocolate factory blast probe

      Investigators looking for the cause of a deadly explosion that leveled part of a Pennsylvania chocolate factory are facing an even more difficult task as they comb through wreckage that was picked apart and moved around during the weekend search for victims and survivors. Seven people were killed and several others wounded in the powerful blast at the R.M Palmer Co. plant in West Reading (REHD'-ing). With the recovery effort now over, attention turned to identifying the cause. Authorities say that task is even more complicated because heavy equipment was used to pick apart the wreckage.

    • QuartzWhat Thoreau had to say about meaningless work
      With talk of quiet quitters and pressure on employers to create a space where we can bring our whole selves to work, work is still work. Some of it’s great. Much of it can feel meaningless.
    • 'Sheltering problems, outbreak risk continue in earthquake zone'

      Failure to meet water and toilet needs and lack of disinfection amid insect density increase the risk of an outbreak in the region, according to the Turkish Medical Association.

    • Nicholas Tietz-SokolskyDifferent topologies for an org chart, wrong answers only

      Traditionally, an org chart is represented as a tree. You start at the top with the root of the tree, probably the CEO. And then everything comes down from there hierarchically.

      It doesn't have to be that way, though! We can imagine other topologies for companies which would work differently. Let's challenge assumptions one by one and see where we end up.

    • Education

      • Federal News NetworkFood for thought: New Mexico OKs meals for all students

        Lines will be getting longer for free breakfast and lunch at New Mexico public schools. Democratic Gov. Michelle Lujan Grisham on Monday signed legislation to provide free school meals to all students regardless of family income. The bill cleared the Legislature during the recent 60-day session. New Mexico and several other states are looking to fill the gap as federal pandemic-era benefit programs lapse and as food prices strain family budgets. Lawmakers set aside more than $22 million in the state budget to help pay for the program. Some say more money will be needed to bankroll the effort over time.

      • NPRA principal is fired, invited to Italy after students are shown Michelangelo's 'David'

        The squabble had been brewing for weeks in the K-12 charter school in Leon County, Fla., after students in a sixth-grade art history class were taught about the Renaissance. Alongside the Michelangelo sculpture, the lesson included images of the paintings "The Creation of Adam" and "Birth of Venus."

      • GannettIs the David statue porn? Come see yourself, Italian museum tells Florida school board

        In a tweet, Florence Mayor Dario Nardella said he would "personally invite" the American educator to the city, home of the statue, to "give her recognition on behalf of the city," adding that "art is civilization and whoever teaches it deserves respect." Confusing art with pornography is "ridiculous," Nardella wrote.

      • Associated PressIs the David porn? Come see, Italians tell Florida parents

        The board of the Tallahassee Classical School pressured Principal Hope Carrasquilla to resign last week after an image of the David was shown to a sixth-grade art class. The school has a policy requiring parents to be notified in advance about “controversial” topics being taught.

        The incredulous Italian response highlighted how the U.S. culture wars are often perceived in Europe, where despite a rise in right-wing sentiment and governance, the Renaissance and its masterpieces, even its naked ones, are generally free of controversy. Sunday’s front page of the Italian daily publication Corriere della Sera featured a cartoon by its leading satirist depicting David with his genitals covered by an image of Uncle Sam and the word “Shame.”

      • New York TimesWhat Killed Penmanship?

        She was recently going through her stack of important reminders when she found a note she had written at least a year ago. Ms. Smith said she remembered thinking at the time that she should rewrite the note so it would be discernible but never got around to it.

        Struggling to decipher it, she posted a photo of the note in a Reddit community where thousands have sought help to decode messy handwriting.

      • GannettBill would encourage Michigan schools to teach cursive handwriting again

        “Teaching cursive in our schools not only has a historical significance but it also promotes discipline, and patience as students learn to form each individual letter and then connect them in words,” said Grand Rapids Catholic Schools Assistant Superintendent Sarah Grey, over email. “It forces students to slow down and be intentional about what they are writing, and encourages them to do it beautifully.”

        Cursive handwriting is a foundational skill for students, Grey added, and teaching it allows students to improve their reading and writing skills.

    • Hardware

      • New York TimesGermany Wants More Chip Makers, but They Won’t Come Cheap

        The global competition to attract semiconductor companies is expected to cost Berlin billions. Some wonder if it’s a good use of money.

      • Ruben SchadeMy 386SX’s working Acer MIO-400 IO card

        I ruffled through my legacy parts box, and found this amazing (and dusty!) ISA Acer MIO-400 KF Multi-IO card. Rather than needing separate cards for printer ports, serial, game ports, floppy drives, and IDE controllers, this integrated them all into one card, with jumpers on the board to tune their settings and enable/disable specific functions: [...]

    • Health/Nutrition/Agriculture

      • MWL“Devotion and Corrosion” Kickstarter wrap-up

        Today, I shipped the physical rewards for the Devotion and Corrosion Kickstarter. These books arrived at my house a couple days after I opened sponsorships on the mail book. Unfortunately, in those intervening days I caught covid. (Zero stars, recommend catching distemper or cercospora leaf rot instead.)

      • Hong Kong Free PressCovid-19: Hong Kong’s epidemic has ended, gov’t advisor says

        Hong Kong’s Covid-19 epidemic has ended, a government advisor has said, adding that there was “no need to worry” even in the event of a rebound.

      • LatviaEmergency services raise alarm over rising number of drug overdoses

        The number of calls to drug-related emergencies has increased significantly in Latvia. New synthetic opioids, which are more dangerous to users, are rapidly spreading to the Latvian market, and overdose is often fatal, Latvian Radio reported March 27.

      • Mexico News DailyAir quality alert puts traffic restrictions into effect in CDMX

        The Environmental Commission of the Megalopolis restricted vehicle usage on Sunday due to high levels of ozone particles.

      • New York TimesNorth Carolina Expands Medicaid After Republicans Abandon Their Opposition

        The state’s Democratic governor signed a bill expanding the health insurance program for low-income people days after the measure cleared the Republican-controlled legislature.

      • Federal News NetworkTrain derails in rural North Dakota and spills chemicals

        A Canadian Pacific train derailed in rural North Dakota Sunday night and spilled hazardous materials. But local authorities and the railroad said there is no threat to public safety. There were no injuries or fire associated with the derailment, which occurred in a rural area outside Wyndmere. Several hundred people live in that town about 60 miles southwest of Fargo. Canadian Pacific spokesperson Andy Cummings said 31 of the 70 cars on the train left the tracks around 11:15 p.m. Sunday. Four cars carrying liquid asphalt and two filled with ethylene glycol spilled part of their loads. But there are no waterways near where the derailment happened and the chemicals were contained at the site. Cummings said the railroad believes a broken rail caused the derailment.

      • Federal News NetworkN. Carolina governor signs Medicaid expansion bill into law

        North Carolina Democratic Gov. Roy Cooper has signed a Medicaid expansion law that was a decade in the making. Cooper celebrated on Monday the passage of expansion legislation from the Republican-controlled General Assembly with the bill-signing ceremony at the Executive Mansion. Cooper has wanted expansion for years, but Republicans came around to the idea recently. North Carolina has been among 11 states who haven’t accepted expansion. Cooper isn't thrilled with a provision in the bill that requiring the legislature to pass a separate state budget law first for expansion to be implemented. The governor said the law will be the "working families bill of the decade” once implemented.

      • Science AlertTuberculosis Deaths Creep Upwards After Falling For Decades in Europe

        Much has changed.

      • Science AlertDeath Toll Rises in Outbreak Linked to Contaminated Eye Drops

        Infections reported across 16 US states so far.

      • Science AlertGiant Study Recommends Exercise as a Serious Treatment For Depression

        This could change things.

      • AxiosAmericans hooked on Chinese apps
        Data: Apptopia; Chart: Axios Visuals

        The standoff between the U.S. government and TikTok underscores a growing problem for policymakers: Chinese apps are booming in America, but most U.S. apps aren't able to operate in China.

        Why it matters: Mobile apps are one of the most powerful vectors for expanding trade and exporting soft power, given how widely accessible they are, how much time is spent on them, and how little regulatory oversight there is online.

      • AxiosPushback grows over mental health impacts of social media

        Social media companies are increasingly being blamed for historically high rates of depression, suicidality and other mental health issues in youths. And now, states and local governments are increasingly pursuing legislation and legal action.

        Driving the news: Utah just passed a law limiting social media for minors and school districts in Seattle and San Mateo County, California, are suing leading platforms, charging they're delivering harmful content to kids.


        "Multiple juries are in. They're all reaching the same conclusion," Jonathan Haidt, a social psychologist at New York University Stern School of Business told the Financial Times. "When social media or high-speed internet came in, [studies] all find the same story which is mental health plummets, especially for girls."

        The big picture: There are nearly 150 product liability lawsuits filed in the U.S. against the social media platforms Facebook, Instagram, TikTok, Snapchat and YouTube, per the Financial Times.

      • James GGrayscale

        I have set myself a challenge to use greyscale mode on my phone for a week. My goal is to reduce usage of my phone and stop procrastinating to the degree that I have been over the last few days. If the experience proves valuable, I shall leave greyscale mode enabled. I will report back in a week to share my progress.

      • Scheerpost‘Shocking and Immoral’: Report Details Private Equity’s Stranglehold on US Healthcare

        The conflict between providers’ obligations to provide the best care and private equity investors’ insatiable appetites for maximized [returns] provides is clear. “You can’t serve two masters,” a doctor who previously worked for private equity-owned U.S. Dermatology Partners toldBloomberg. “You can’t serve patients and investors.”

    • Proprietary

      • Microsoft Israel to lay off dozens as part of global cutbacks

        Microsoft Israel is set to lay off dozens of employees as part of the global cutbacks in the company, Calcalist has learned. Microsoft announced in January that it is laying off 10,000 workers, but this will be the first time that cyber team members in Israel will also be fired.

        The local R&D center is headed by Michal Braverman-Blumenstyk, Corporate Vice President at Microsoft Corporation, General Manager of Israel R&D Center and CTO of Microsoft Security. The center employs around 2,700 people, with around half of them working in cybersecurity.

      • James GObservations designing information retrieval systems built on generative AI

        Using the information gathered through testing -- both by myself and with others asking questions -- I refined my information architecture, changed the prompts sent to accompany queries, and made other changes to help improve the quality of answers. The architecture of how this bot is built is outside of the scope of this post. Rather, I would like to focus on some interesting results both I and the people who tested the bot have observed. I list the common themes in bullet point form below.

      • Terence EdenReddit is Dropping AMP

        Long time readers will remember that I resigned from the Google AMP Advisory Committee having been a long time critic of the project.

      • Daniel Miessler6 Phases of the Post-GPT World

        We’ve all seen the non-stop stream of news from OpenAI. First we see GPT-4, where you have the announcement on Tuesday morning and you basically have thousands of companies launched by sundown.

        And then we see chatgpt plugins drop, which are basically ways of implementing entire businesses as plugins! This is what I said when Brockman dropped the web search plugin.

    • Security

      • NVISO LabsOneNote Embedded URL Abuse
        Whilst Microsoft is fixing the embedded files feature in OneNote I decided to abuse a whole other feature. Embedded URLs. Turns out this is something they may also have to fix.

        [...]

        In my previous blogpost I described how OneNote is being abused in order to deliver a malicious URL. In response to this attack, helpnetsecurity recently reported that Microsoft is planning to release a fix for the issue in April this year. Currently, it’s still unknown what this fix will look like, but from helpnetsecurity’s post, it seems like Microsoft’s fix will focus on the OneNote embedded file feature.

        During my testing, I discovered that there is another way to abuse OneNote to deliver malware: Using URLs. The idea is similar to how Threat Actors are already abusing URLs in HTML pages or PDFs. Where the user is presented with a fake warning or image to click on which would open the URL in their browser and loads a phishing page.

      • Barry KaulerApps running as spot extra secure in Puppy

        I watch what Dima (dimkr in the forum) is doing on woof-CE with great interest. In particular, the steps that he has implemented to enhance security for applications running as user 'spot'.

        See his summary here:

        https://forum.puppylinux.com/viewtopic.php?p=70405#p70405

      • Security WeekMicrosoft: No-Interaction Outlook Zero Day Exploited Since Last April [iophk: Windows TCO; Ed: Lies, decoys, and distraction. Microsoft is trying to offload blame to those who exploit the holes while Microsoft sits on its hands, making bug doors in everything it makes]

        Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes on organizations to start hunting for signs of compromise.



        [...]

        The vulnerability, tracked as CVE-2023-23397, was flagged in the ‘already exploited’ category when Redmond shipped a fix earlier this month and Microsoft’s incident responders have pinned the attacks on Russian government-level hackers targeting organizations in Europe.

      • Silicon AngleFortinet’s Threat Report finds attackers are retooling and leveraging more wiper malware
        One of the outcomes of war in the modern age is that it can lead to a new class of destructive tools in the hands of cyber threat actors.

      • Silicon AngleFBI warns business email compromise attacks are now targeting commodities

        BEC attacks, an attack method that involves fraud enabled by social engineering, are not new. A report in September found that one-third of all cyberattacks now involve BEC, but typically, such attacks aim to steal money. The FBI warning details that those behind the attacks are now also targeting tangible goods.

        According to a March 24 announcement by the FBI, criminal actors are impersonating the email domains of legitimate companies to initiate the bulk purchase of goods from vendors across the U.S. The email messages sent to vendors appear to come from known sources of business, which vendors assume are legitimate business transactions, so they fulfill the purchase orders for distribution.

      • Bruce SchneierHacks at Pwn2Own Vancouver 2023

        An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: [...]

      • Privacy/Surveillance

        • Scoop News GroupExecutive order sets up guardrails for US use of commercial spyware

          To date, the United States has identified devices associated with 50 U.S. personnel in ten countries across several continents that are confirmed or suspected of being targeted with spyware, a senior administration official told CyberScoop during a press call Monday. The official did not rule out additional instances and said that investigations are ongoing.

          In examining the issue, the White House found that “commercial spyware vendors were aggressively marketing, seeking to make inroads across the U.S.’s many law enforcement and intelligence components, sometimes obfuscating their business ties and practices,” according to a senior administration official.

        • The Wall Street JournalU.S. State-Government Websites Use TikTok Trackers, Review Finds

          A review of the websites of more than 3,500 companies, organizations and government entities by the Toronto-based company Feroot Security found that so-called tracking pixels from the TikTok parent company were present in 30 U.S. state-government websites across 27 states, including some where the app has been banned from state networks and devices. Feroot collected the data in January and February of this year.

          The presence of that code means that U.S. state governments around the country are inadvertently [sic] participating in a data-collection effort for a foreign-owned company, one that senior Biden administration officials and lawmakers of both parties have said could be harmful to U.S. national security and the privacy of Americans.

        • NYPostTikTok is tracking data on dozens of state government websites: report

          Canadian cybersecurity company Feroot Security found at least 27 state government websites have web-tracking code placed by Beijing-based ByteDance Ltd., which runs TikTok, according to an exclusive report from The Wall Street Journal.

          The report — which surveyed more than 3,500 companies, organizations and government entities in January and February — is the latest to reveal how the US unknowingly shares data with subsidiaries of the Chinese Communist Party.

        • TechRadarTikTok trackers found on multiple US government websites

          While tracking pixels - or web beacons - are typically used for collecting data to better target audiences with relevant ads, concerns have been raised about the information collected and how it may be used by the Chinese company and other entities in the country.

        • Essel GroupTikTok trackers embedded in US state-government websites

          According to a new report from a cybersecurity company, more than two dozen state governments have placed web-tracking code made by TikTok parent ByteDance Ltd. on official websites.

        • EDRIProtect My Face: Brussels residents join the fight against biometric mass surveillance

          The newly-launched Protect My Face campaign gives residents of the Brussels region of Belgium the opportunity to oppose mass facial recognition. EDRi applauds this initiative which demands that the Brussels Parliament ban these intrusive and discriminatory practices.

        • EDRISummer Academy For Global Privacy Law 2023

          The Brussels Privacy Hub is proud to announce its 2023 Summer Academy for Global Privacy Law, after 7 years of successful editions.

        • New York TimesBiden Acts to Restrict U.S. Government Use of Spyware

          The president signed an executive order seeking to limit deployment of a tool that has been abused by autocracies — and some democracies — to spy on dissidents, human rights activists and journalists.

        • Silicon AngleBiden administration bans government use of commercial spyware that may pose a security risk
          President Joe Biden signed an executive order today banning government agencies from using commercial spyware deemed to present a national security risk to the United States.

    • Defence/Aggression

    • Environment

      • Energy/Transportation

        • H2 ViewSany sets out hydrogen roadmap in China

          Sany has set out its ambitions to create a comprehensive hydrogen industry chain covering green production, storage, transportation and refuelling equipment.

        • H2 ViewGentari signs MoUs to accelerate energy transition in India

          Gentari has signed Memorandum of Understanding’s (MoU) with Tata Motors, MoEVing Urban Technology and Gati KWE.

        • Silicon AngleCFTC sues cryptocurrency exchange Binance and founder Changpeng Zhao

          The U.S. Commodity Futures Trading Commission today sued Binance and its founding Chief Executive Officer Changpeng Zhao, as well as former Chief Compliance Officer Samuel Lim. The CFTC is the agency responsible for regulating the derivatives market.

        • QuartzUS regulators sued Binance for encouraging customers to buy unregistered crypto commodities

          The US Commodity Futures Trading Commission (CTFC) is suing Binance, alleging that the popular crypto exchange illegally sold crypto derivatives—for currencies including bitcoin, ethereum, litecoin, tether, and binance USD— to retail investors.

        • LatviaGasoline price in Latvia down to pre-war level on Monday

          In Latvia, the price of band 95 gasoline has decreased to the level seen before Russia's invasion of Ukraine last February, according to LETA's information March 27.

        • Federal News NetworkCalifornia lawmakers OK potential fines for high gas prices

          California lawmakers have approved the nation's first penalty for price gouging at the pump. The state Assembly passed a bill on Monday that would empower state regulators to punish oil companies for profiting from price spikes. The bill now heads to Gov. Gavin Newsom, who has said he will sign it into law. The bill is in response to a price spike last year that saw the average price for a gallon of gasoline hit $6.44 in California. The oil industry says the bill will decrease supply and cause prices to increase. The bill also requires oil companies to disclose more data on their pricing.

        • LatviaLatvia's electric vehicle stock continues to grow [Ed: Car sales have collapsed. This is a way to distract from that and spin it. In face, EVs are still a small proportion of the whole.]

          In 2021, there was a substantial increase in the number of electric passenger vehicles in the€ EU€ compared with 2020 (+76%), and Latvia's growth rate in that regard was close to the EU average (+75%), according to Eurostat data published March 24.

        • Copenhagen PostQuarterly meter readings! Gas consumers to get a more accurate picture of how much they owe

          From June, customers will be able to determine the true extent of what they owe

        • BBCCrewless container ships appear on the horizon

          "We have situational awareness - cameras on the side, front and stern of the ship," the captain explains. "It can decide whether to change its path because something is in the way."

          The captain's job will move onto dry-land, to a remote operation centre more than 80km (50 miles) away, where several ships could potentially be monitored at the same time. If necessary, humans will be able to intervene by sending commands to alter the speed and course.

        • Interesting EngineeringMaritime Cybersecurity: Protecting ships and crews from digital threats

          Both in academia and the maritime industry as a whole, cybersecurity is a hot concern. Recently, a collaborative team taught a brand-new cyber security course at The Norwegian University of Science and Technology (NTNU) in Lesund. A new course titled "Maritime digital security" has just been added to NTNU in Lesund's maritime industry program.

          Participants in the workshop have studied digital risks for the past two months. They have conducted a realistic practice run of a cyber attack on a ship in motion and evaluated the risk of current digital threats. The main emphasis is on resilience development and risk management of cyberattacks.

        • Interesting EngineeringYou can carry this new electric moped in your trunk

          With dimensions of 1160*560*860MM, an 800MM wheelbase, a 590MM seat height, and a curb weight of 81.5 pounds (37 kg), the M One that was unveiled is described as a casual mini moped. The vehicle is powered by a 48V20Ah lithium battery pack and has a hub motor with a 400W rated power and a 1KW maximum output power. The battery has a 1-kilowatt-hour capacity, and the vehicle's top cruising distance is 60 miles (100 kilometers).

        • VoxHow to save America’s public transit systems from a doom spiral

          When Covid-19 arrived three years ago, most transit passengers stopped riding, shrinking transportation agencies’ fare revenues. Today, ridership remains far below pre-pandemic levels. Unless they can quickly find new sources of funding, big transit systems will be forced to drastically curtail service, which would drive away still more passengers and place those systems in an even deeper financial hole.

      • Wildlife/Nature

      • Overpopulation

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • DaemonFC (Ryan Farmer)I’m Back After WordPress.com Deleted My Blog Over the Weekend.

        Automattic (WordPress.com) refuses to say what led to the ban, but it’s quite obvious through my history of posts about Apple’s censorship, proprietary software, the Microsoft Stabber, etc. that there are probably outfits that would rather that I just go away and not come back.

        Automattic says that there’s no robot going around killing blogs without human review, but beyond this, I have no idea and I’ll never be able to prove anything.

      • Turkey's popular social network applies to top court against ban

        Access to EkÅŸi Sözlük has been blocked for over a month now.

      • YLEPolice remove Erdogan effigy from Helsinki protest
        The demonstration took place in front of the Turkish embassy on Sunday, and was attended by less than 100 people.

        [...]

        Although the right to demonstrate in Finland is enshrined in the constitution, the Criminal Code prohibits defamation.

        Aside from the Erdogan effigy, police said the demonstration passed off peacefully and was allowed to continue after it was removed.

    • Freedom of Information / Freedom of the Press

      • YLESomali journalist: Immigrants talked about, but not heard, during Finnish elections

        Yle TV1 will host a series of minority language election discussions this week, beginning on Monday at 3pm with a show in Easy Finnish. The English language discussion will be broadcast on Thursday at 3pm.

      • Two journalists detained while covering attack on theologian

        A group of people attempted to attack those who gathered outside of the home of the theologian who had been attacked. The police detained the journalist filming the incident.

      • CPJIndian journalist Jaspal Singh arrested in Haryana

        Police arrested Singh after a first information report was filed earlier that day by the Ratia Sadar police station in the state’s Fatehabad district, which opened an investigation into Singh and an unnamed journalist based on a complaint by the son of a local official, according to those sources and a copy of the report reviewed by CPJ.

      • Hindustan TimesTV journalist held in Haryana’s Fatehabad on MLA’s son’s complaint

        The police arrested Fatehabad-based TV journalist Jaspal Singh after booking him under Section 67 of the Information Technology Act, 2000, Sections 384 (extortion) and 500 (defamation) of the IPC and various sections of the SC/ST Act on the complaint of BJP MLA from Ratia Lakshman Napa’s son Sumit Kumar on Saturday.

    • Civil Rights/Policing

      • New York TimesNY to Pay Broadwater $5.5 Million After Wrongful Conviction for Sebold’s Rape

        Anthony J. Broadwater spent 16 years in prison after being wrongly convicted in the assault in Syracuse, N.Y., which Ms. Sebold, a well-known novelist, described in her memoir “Lucky.”

      • Copenhagen PostBrexit reprieve for late submissions: Brits handed new deadline by which to apply for residence in Denmark

        31 December 2023 the new date by which applications need to be received

      • CS MonitorSafety for refugees: President Carter’s legacy lives on in rural Georgia

        Thanks to legislation signed by President Carter in 1980, a Christian group rooted in faith and compassion has hosted thousands of refugees in rural Georgia.

      • Mexico News DailyFrom Canada to Cabo part 5: Becoming immigrants

        In part five of her series, Christina Whiteley shares tips on immigration requirements if you decide to make Mexico your new home.

      • ACLUThis Law Could Criminalize Everyday Conversations About Immigration

        At rallies across the country, community members have been chanting “Sí, se puede!” to demand that the U.S. fulfill its moral obligation to undocumented immigrants by expanding their access to life-saving medical care, job-loss benefits, driver’s licenses, and much more. However, this political advocacy — critical to our democracy’s debate about our immigration policies — could constitute a crime under federal law.

      • Three police officers arrested for torture of child in Diyarbakır

        A 14-year-old child was hospitalized after being beaten by officers in the Kurdish-majority city.

      • Atlantic CouncilThe future of women in India: Barriers, facilitators and opportunities

        This issue brief describes cross-cutting themes, a proposed theory of change, and recommendations that emerged from the Atlantic Council and US Department of State expert convening, “Future of Women and Work in South Asia” on how to foster cross-sectoral collaboration and catalyze knowledge sharing to support women’s economic empowerment in South Asia.

      • New York TimesWho Is Itamar Ben-Gvir?

        The influence of Itamar Ben-Gvir, a rising far-right lawmaker, was underscored when he said he would agree to a delay of the divisive judicial overhaul.

      • New York TimesNetanyahu Attempts Another Juggling Act, Maybe His Toughest Yet

        Israel’s prime minister, who has long thrived by pitting one force against another, is caught between his far-right coalition and public anger over the government’s plan to weaken the judiciary.

      • EDRIRepression is really something different than prevention

        In 2021, a 17-year-old boy in the Netherlands was arrested for inciting of riots. The boy had called for people to come to Utrecht with fireworks as a protest against the corona policy and the fireworks ban. The boy received a so-called "online area ban" from the municipality, even though the mayor does not have a legal basis for such an order. He was no longer allowed to make statements online that could lead to disorder in the city. Local rules do not provide majors the authority to curtail the freedom of expression as prevention, online or otherwise.

      • About 60,000 refugees returned to Syria after Turkey quakes, says minister

        The defense minister refuted the allegations that there was a new refugee influx from syria to Turkey after the February earthquakes.

      • Second hearing to be held of case over suspicious death in prison

        It was claimed that Yılmaz Ekinci committed suicide by hanging himself on an iron part of the door in the cell which is 1 meter and 20 cm high from the floor. Ekinci's then-prison mate is now a witness in the case over Ekinci's death.

      • Police prevent automotive workers' march from Ä°stanbul to Ankara

        Workers of Mata Automotive, a firm manufacturing parts for high-end car brands such as Bentley and Jaguar, demand improved working conditions and a 25 percent additional pay rise.

      • New York TimesPaul Rusesabagina, ‘Hotel Rwanda’ Dissident, Lands in Qatar

        His release ended more than two and a half years of captivity, during which he was tried on terrorism charges and sentenced to 25 years in prison.

      • The Register UKEarth is running out of places for stargazers to do dark deeds in the name of science

        Artificial light emitted from buildings, streetlights, and reflected from satellite constellations are making the night sky brighter for earth-bound skywatchers. The Milky Way was visible to pretty much everyone less than 100 years ago, but is now drowned out by human-made light to most, according to the International Dark Sky Association.

      • [Old] arXivWhitening the Sky: light pollution as a form of cultural genocide [PDF]

        Light pollution is actively destroying our ability to see the stars. Many Indigenous traditions and knowledge systems around the world are based on the stars, and the peoples’ ability to observe and interpret stellar positions and properties is of critical importance for daily life and cultural continuity. The erasure of the night sky acts to erase Indigenous connection to the stars, acting as a form of ongoing cultural and ecological genocide. Efforts to reduce, minimise, or eliminate light pollution are being achieved with varying degrees of success, but urban expansion, poor lighting design, and the increased use of blue-light emitting LEDs as a cost-effective solution is worsening problems related to human health, wildlife, and astronomical heritage for the benefit of capitalistic economic growth. We provide a brief overview of the issue, illustrating some of the important connections that the Aboriginal and Torres Strait Islander people of Australia maintain with the stars, as well as the impact growing light pollution has on this ancient knowledge. We propose a transdisciplinary approach to solving these issues, using a foundation based on Indigenous philosophies and decolonising methodologies.

      • [Old] Kalmback Media CoLight Pollution Threatens Millennia-old Indigenous Navigation Methods

        Now, a group of scientists and other space stakeholders is working to preserve these stories. The Satellite Communications (SATCON) workshop, which is organized by the National Science Foundation and the American Astronomical Society, aims to mitigate satellites’ effects on our sky-viewing experiences.

        Aparna Venkatesan, a cosmologist at the University of San Francisco, served as a co-chair at the 2021 event. While she and her colleagues sought to consult Indigenous scientists on sustainable space practices, they acknowledged that it wasn’t an all-encompassing discussion. “Everyone who spoke at the meeting was very clear that they were not speaking for their whole tribe, or for all sovereign tribes and nations or just the U.S. alone,” says Venkatesan.

        She sees space as an ancestral global commons, as described in her 2020 article published in Nature Astronomy. But the task of regulating space is a complicated one. Astronomers and entrepreneurs should be careful not to appropriate Indigenous perspectives to serve their bottom line, she adds.

      • [Old] The ConversationThousands of satellites are polluting Australian skies, and threatening ancient Indigenous astronomy practices

        Each of these companies is taking to the skies to increase internet access across the globe. But even if they deliver on this, sky gazers — and especially Indigenous peoples — are left to wonder: at what cost?

      • Copenhagen PostI should Cocio! The criminal world’s equivalent of being caught with chocolate milk moustaches

        The manufacturers, who tended to carry out their transactions in the same carpark, signalled their presence to business partners, including the Dutch duo, by placing a bottle of Cocio on the roof of their car.

        The NSK were able to find out about this by cracking encrypted messages sent and received by the drug-importing Dutchmen and their colleagues.

    • Internet Policy/Net Neutrality

    • Monopolies

  • Gemini* and Gopher

    • Personal

      • March Update

        I'm a little bit late with my update this month. It's been a pretty crazy month to be quite honest, so this is a slightly longer entry than usual.

        I'll start with the good news. First off, I've got a new job (yay!). It's at a nearby prominent heritage site, which is a really big deal for me and has pretty much been my main goal since graduating from Uni in 2021. I'm so beyond excited and can't wait to start next month. Plus, I'm finally leaving my current job which is uh...worse than ever, to be quite honest. I won't go into it too much but let’s just say that place is a sinking ship and I can't be out of there soon enough. They're not even planning on hiring a replacement for me. They're just expecting everyone else to work harder and pick up the slack - like what?

      • None Dare Call It Conspiracy

        This book was written over 50 years ago by Gary Allen, and while it was written from a US centric point of view I still found it an interesting take on what happens in the world.

        When reading books (or, listening in this case) I try to have an open mind and find what might be applicable or relevant to my world and life.

      • Angelic Glow

        You know...I'm becoming myself again.

      • Duck Season Wabbit Season

        Just once in life I would like to get involved in a super heated "duck season", "'wabbit season" style argument with someone where I manage to pull it off and get my way by, in the heat of the moment, reversing position to trick the other person into also reversing their position.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Microsoft's GitHub is Losing Traffic, Based on an Extensive Web Survey, and Its Future is Uncertain
Remember that Microsoft keeps close to its chest the operations and finances of GitHub (because it's embarrassing!)
[Meme] Shoestring Budget With Record Profits (Because Hundreds of Thousands of Fake European Patents Get Granted)
Record profits? EPO staff does not benefit!
 
Links 14/10/2024: Keeping Multiple Blogs, Wrestling With Misinformation
Links for the day
[Meme] Class of Microsoft
"Everything started with Microsoft DOS!"
History Education and Rejecting Creation Myths
The creator of Linux isn't the creator of GNU/Linux
How to Follow Our Updates About EPO (or Everything Else for That Matter)
follow us via RSS feeds
EPO Administration: Wait Several Months or Until Next Year for Clarifications
"After the intranet announcements of 18 September and 27 September and recent emails from CIGNA concerning opting into the VECOZO network, colleagues have been contacting us with queries and requests for guidance."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 13, 2024
IRC logs for Sunday, October 13, 2024
Unrest at the European Patent Office as School Costs Eat Away the Income
"Letter to the administration on the Education Allowance - DISDH - German School"
Gemini Links 13/10/2024: ArcMenu, Emacs decide-mode, Midnight Pub Mass-Deletion Option
Links for the day
Links 13/10/2024: Science, Politics, and Some Gemini
Links for the day
Links 13/10/2024: Writing, Remembering John Wheeler, Voice Cloning
Links for the day
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024