Bonum Certa Men Certa

Links 29/03/2023: New Finnix and EasyOS Kirkstone 5.2

  • GNU/Linux

    • Audiocasts/Shows

    • Applications

      • 9to5LinuxOBS Studio 29.1 Promises AV1/HEVC Streaming over RTMP, Lossless Audio Recording

        OBS Studio 29.1 promises new features like support for streaming AV1/HEVC over RTMP for YouTube, support for surround sound for AJA capture cards, new lossless audio recording options for FLAC, ALAC, and PCM (including 32-bit float), as well as support for multiple audio tracks in Simple output recording.

        The upcoming OBS Studio release also promises features like a setting to record in fragmented MP4 and MOV video formats, new settings to select the audio encoder for streaming and recording, and a new option to preload media sources used in Stingers to memory.

      • Make Tech Easier5 of the Best Steganography Tools in Linux

        Steganography is the art and process of putting one type of information inside another in an attempt to hide it. This is often done in situations where an individual wants to preserve secret information inside normal objects.

        This guide shows five of the best steganography tools currently available in Linux. It also shows you how you can hide your first message using these utilities.

      • Linux Links5 Best Free and Open Source Backend Electronic Circuit Simulators

        Electronic circuit simulation uses mathematical models to replicate the behavior of an actual electronic device or circuit. Simulation software allows for modeling of circuit operation and is an invaluable analysis tool.

        Simulating the circuit with SPICE is the industry-standard way to verify circuit operation at the transistor level before committing to manufacturing an integrated circuit. The SPICE simulators help to predict the behavior of the IC under different operating conditions, such as different voltage and current levels, temperature variations, and noise.

        Here’s our verdict captured in a legendary LinuxLinks-style ratings chart.

    • Instructionals/Technical

      • TecAdminFirewalld: Common Firewall Rules and Commands

        Firewalld is a dynamic firewall utility that provides a user-friendly interface for managing firewall rules on Linux systems. It is designed to be easier to use than traditional firewalls like Iptables, while still providing powerful features for securing your network.

      • Red HatHow to configure SOAP web services with Apache Camel

        This article demonstrates how to configure Simple Object Access Protocol (SOAP) web services with the Red Hat build of Apache Camel, Quarkus version. In Apache Camel version 3, the support for the SOAP protocol is still provided by the CXF framework. Therefore, on Quarkus, we will be relying on the camel-quarkus-cxf-soap extension.

        A common REST to SOAP transformation use case

        With the CXF runtime, there is a distinction to make between a SOAP service and the client of a SOAP service.

      • How to install PNPM on Ubuntu 22.04 or 20.04

        PNPM is an efficient alternative to NPM and Yarn package managers for Node.js packages, which works differently than them to manage modules. In this article, we learn how to install PNPM on Ubuntu 22.04 or 20.04 Linux systems. What is the PNPM Nodejs, package manager?

      • What is the difference between vsftpd and ProFTPd?

        FTP is a standard protocol that is used to transfer files widely, and FTP servers like Vsftpd and ProFTPd provide a way to use that protocol and access plus transfer files stored on a remote server.

      • TechRepublicHow to prevent fork bombs on your Linux development servers

        Learn how to protect your Linux server from the fork bomb denial-of-service attack with this video tutorial by Jack Wallen.

      • Make Use OfHow to Create Lightweight Slideshow Presentations in Your Linux Terminal

        Slideshow presentations are an essential and unavoidable part of corporate and academic life thanks to their ability to help you plan and structure the dissemination of information to your audience.

        But snazzy graphics and transition effects can be a distraction from the core information, with the effort you put into making a visually appealing PowerPoint better spent elsewhere.

        Slides is a terminal-based presentation tool for Linux that processes Markdown files—helping you to create and present slideshows without ever leaving your terminal!

      • TecAdminHow to List Manually Installed Packages in Ubuntu & Debian

        Keeping track of the packages you have manually installed on your Ubuntu system is essential for managing your software and maintaining a clean system. This article will guide you through the process of listing manually installed packages in Ubuntu using various command-line tools, such as apt, dpkg, and apt-mark.

      • Peter 'CzP' CzanikSyslog-ng 101, part 13: Updating syslog-ng, syslog-ng 4

        Version 4 of syslog-ng is now available. The good news is that it is fully backwards compatible. If the version string in your configuration is set to a 3.X version, it will work as expected even after updating to version 4. Of course you might run into corner cases, but I had no problems even with complex configurations. Today, we learn about updating syslog-ng, and some of the new features of syslog-ng 4.

        Or you can read the rest the tutorial as a blog at:

      • Peter Czanik: Syslog-ng 101, part 13: Updating syslog-ng, syslog-ng 4

        This is the 13th part of my syslog-ng tutorial. Last time, we learned about sending log messages to Elasticsearch. Today, we learn about updating syslog-ng, and some of the new features of syslog-ng 4.

        Type support in syslog-ng 4

        Version 4 of syslog-ng is now available. The good news is that it is fully backwards compatible. If the version string in your configuration is set to a 3.X version, it will work as expected even after updating to version 4. Of course you might run into corner cases, but I had no problems even with complex configurations.

        The major new feature of syslog-ng 4 is type support. When using the JSON and PatternDB parsers, syslog-ng stores the type information alongside name-value pairs. You can also set type information using rewrite rules.

      • OMG! LinuxHow to Quickly Merge PDF Files on Linux

        PDF files are a common part of digital life so at some point you might want or need to merge multiple PDF files into one, single document.

      • UNIX CopHow To Install CoreFreq on Ubuntu 20.04 | 22.04 LTS

        CoreFreq is a CPU monitoring tool that provides detailed information about your processor's performance, including real-time temperature readings, clock speeds, and utilization statistics.

      • TecAdmin12 Apk Commands in Alpine Linux Package Management

        Alpine Linux is a lightweight, security-oriented Linux distribution designed for routers, firewalls, VPN gateways, and servers. It uses the musl libc library and BusyBox utilities, making it small and efficient.

  • Distributions and Operating Systems

    • New Releases

      • Barry KaulerEasyOS Kirkstone-series version 5.2 released

        Easy version 5.1.1 was released on March 20, 2023, see blog announcement:

        Since then, there has been a complete recompile of the packages, with many version bumps, including Chromium. There have also been improvements to the AppImage Installer, and more apps added. See 5.2 release notes:

        Each category in the AppImage Installer is starting to fill up:

        Download 'easy-5.2-amd64.img' from here:

        Or mirror in Europe by kind courtesy of NLUUG:

        If you don't know how to write a drive image file to a USB-stick, read this:

      • 9to5LinuxFinnix 125 Linux Distro Arrives for Sysadmins with Linux Kernel 6.1 LTS

        Powered by the long-term supported Linux 6.1 LTS kernel series, Finnix 125 is here to introduce several new packages, namely the aespipe AES encrypting/decrypting pipe, iperf3 network performance measurement and tuning tool, ncdu disk utility, and netcat-traditional as the “classic” version of the netcat computer networking utility.

        Finnix 125 also comes with an updated apt update command that will now download both “testing” and “unstable” indices to allow users to install packages that may be hinted out of testing. However, the developer notes the fact that apt pinning is set to “testing” by default.

      • FinnixFinnix 125 released

        Today marks the release of Finnix 125, the original utility live Linux distribution. Finnix 125 includes a number of fixes, new packages and new features:

        • Linux kernel 6.1 (Debian 6.1.0-6)
        • New packages: 2048, aespipe, iperf3 (finnix/finnix#37), ncdu, netcat-traditional, ninvaders, vitetris
        • Note that netcat-openbsd continues to be included and is the default nc
        • apt update will now download both “testing” and “unstable” indices, to allow for installing packages which may currently be hinted out of testing. Apt pinning is configured so testing will continue to be preferred to unstable, however.
        • Updated to memtest86+ 6.10, which now includes a UEFI version which is included in the “Utilities” boot submenu when booting on a UEFI system. Note that this is not signed and will not work with Secure Boot.
        • 7z will invoke the installed 7zr program, unless the user explicitly installs “p7zip-full”
        • Upstream Debian package updates
        • Many minor fixes and improvements
        • Note for people who embed Finnix in other systems: boot=live is no longer needed to be passed as a kernel boot command line.
    • Arch Family

      • Arco LinuxLooking for an Office application on Linux

        Here we show you how easy it is to install either

        * libreoffice-still (stable)

        * libreoffice-fresh (cutting-edge)

        But there is more – follow in the coming years what office tools come and go and install them via pacman or an AUR helper like yay, paru, trizen and others.

    • Fedora Family / IBM

      • Enterprisers ProjectHybrid work: Culture change required

        Hybrid work has set new standards in the workplace. But many companies have not realized the full potential of a hybrid environment, primarily because they are still operating in the mindset of traditional workplace practices.

        Technical infrastructure changes to support remote work will no longer suffice as employees return to the office for part of the week. Now, organizations must ensure employees have a consistent experience regardless of location.

        Ensuring that your company’s culture and technical infrastructure align is critical to improving efficiencies, remaining agile, providing a better customer experience, and enhancing employee satisfaction. This pays off with improved productivity, greater revenue, and talent retention.

        Achieving a cohesive company culture within a hybrid environment requires close collaboration between human resources (HR) and information technology (IT). Working together, these teams can ensure their company gets the most from its investments in employees and IT infrastructure, benefitting the company now and in the future.

        Transitioning from a traditional company culture to one that supports hybrid work is a three-part process:

    • Canonical/Ubuntu Family

      • Linuxiac Ubuntu Cinnamon Joins the Official Flavor Family
        Are you looking for a fresh take on the Ubuntu desktop? The final piece in the Ubuntu mosaic has been added, and Cinnamon is now an official flavor.

        So far, the collection of Ubuntu’s official flavors included representatives of all major desktop environments, including Kubuntu (KDE Plasma Desktop), Xubuntu (Xfce Desktop), Lubuntu (LXQt Desktop), Ubuntu MATE (MATE Desktop), and Ubuntu Budgie (Budgie Desktop). The big missing one was Cinnamon. Well, as of today, that’s no longer the case.

      • Neowin Ubuntu Cinnamon Remix set to become official flavour

        Ubuntu 23.04 is less than a month away from release and there’s a pleasant surprise too because Canonical has decided to make Ubuntu Cinnamon Remix an official flavour in the upcoming release. Not everyone is happy with the heavily tweaked GNOME desktop that Ubuntu comes with normally so community-created flavours are also made available and granted official status by Canonical when the flavour is of good quality.

      • Beta NewsUbuntu Cinnamon becomes an official flavor, making Linux Mint obsolete

        Linux Mint is a fairly popular operating system. But why do so many people use that Ubuntu-based distribution? People may tell you several reasons, but the reality is, many Ubuntu users are just not comfortable with the default desktop environment. Because Unity, and now GNOME, are so radically different from the traditional Windows interface, some people flocked to Linux Mint and its familiar Cinnamon desktop environment. Mate and Xfce are Mint desktop options too, but make no mistake, Cinnamon is the crown jewel of the distro.

      • PhoronixUbuntu Cinnamon Becomes An Official Flavor For Ubuntu 23.04

        Since 2019 there has been Ubuntu Cinnamon as an unofficial remix of Ubuntu paired with Linux Mint's Cinnamon desktop environment.

      • OMG UbuntuUbuntu Cinnamon is Now an Official Ubuntu Flavour

        What's the best way to sample the Cinnamon desktop on top of an Ubuntu base? You may be minded to answer Linux Mint (and that wouldn't be a wrong answer) but with the upcoming release of Ubuntu 23.04 there'll be a new choice to consider.

      • Mike Gabriel: UbuntuTouch Focal OTA-1 has been released

        Yesterday, the UBports core developer team released Ubuntu Touch Focal OTA-1

        (In fact, Raoul, Marius and I were in a conference call when Marius froze and said: the PR team already posted the release blog post; the post is out, but we haven't released yet... ahhhh... panic... Shall I?, Marius said, and we said: GO!!! This is why the release occurred in public five hours ahead of schedule. OMG.)

        For all the details, please study:


        Thanks to all the developers, other contributors and funding providers that helped to reach this massive milestone.

      • Accelerate Your Performance Testing on Ubuntu with k6 and Postman-to-k6

        Performance testing is crucial to software development. It ensures your application can handle high traffic and usage without crashing or slowing down. Many tools are available for performance testing, but two popular ones are k6 and Postman.

      • UbuntuHow to create a VSCode Linux remote environment [Ed: Canonical is shilling proprietary spyware of Microsoft instead of teaching people to use Free software not controlled by a company that attacks Linux from many angles]

        What’s the best way to get a Linux environment in VSCode?

    • Open Hardware/Modding

      • ArduinoA history of robotic pets (and how to make your own)

        Humans have domesticated animals since the dawn of time. Dogs (our oldest furry friends) were owned by humans as far back as 30,000 years ago, and since then we’ve formed bonds with all kinds of different creatures. It was only in the last century, though, that we started to actually build our own pets.

  • Free, Libre, and Open Source Software

    • Web Browsers/Web Servers

      • Mozilla

        • Make Use OfNew Firefox Update Improves Performance for Linux Wayland Users

          It is extremely frustrating when your computer is too slow. Unfortunately, many Linux users had this issue when browsing with Firefox on devices that use the Wayland display server.

          Troubleshooting methods like clearing cookies usually get your web browser running quickly again. But how can this Firefox bug be fixed? And what can you do to prevent browser lag in the future?

    • Programming/Development

      • Xe's BlogHow to use a fork of the Go compiler with Nix

        Sometimes God is dead and you need to build something with a different version of Go than upstream released. Juggling multiple Go toolchains is possible, but it's not very elegant.

        However, we're in Nix land. We can do anything*.

        I got accepted to Gophercon EU and a lot of it involves doing weird things with WebAssembly and messing with assumptions people make about how filesystems work. Given that most of my audience is going to be Go programmers and that I'm already going to be cognitively complicating how core assumptions about filesystems work, I want to show my code examples in Go when at all possible.

        Go doesn't currently support WASI, but there is a CL in progress that adds the port under the name GOARCH=wasm GOOS=wasip1. I wanted to pull this into my monorepo's Nix flake so that I can run gowasi build foo.go and get foo.wasm in the same folder to experiment with.

      • OpenSource.comWhy you should use Python and Rust together

        Python and Rust are very different languages, but they actually go together rather well. But before discussing how to combine Python with Rust, I want to introduce Rust itself. You've likely heard of the language but may not have heard details about how it works.

        What is Rust?

        Rust is a low-level language. This means that the things the programmers deal with are close to the way computers "really" work.

        For example, integer types are defined by bit size and correspond to CPU-supported types. While it is tempting to say that this means a+b in Rust corresponds to one machine instruction, it does not mean quite that!

        Rust's compiler's chain is non-trivial. It is useful as a first approximation to treat statements like that as "kind of" true.

        Rust is designed for zero-cost abstraction, meaning many of the abstractions available at the language level are compiled away at runtime.

        For example, objects are allocated on the stack unless explicitly asked for. The result is that creating a local object in Rust has no runtime cost (though initialization might).

        Finally, Rust is a memory-safe language. There are other memory-safe languages and other zero-cost abstraction languages. Usually, those are different languages.

        Memory safety does not mean it is impossible to have memory violations in Rust. It does mean that there are only two ways that memory violations can happen:

        • A bug in the compiler.
        • Code that's explicitly declared unsafe.

        Rust standard library code has quite a bit of code that is marked unsafe, though less than what many assume. This does not make the statement vacuous though. With the (rare) exception of needing to write unsafe code yourself, memory violations result from the underlying infrastructure.

      • ButtondownEverything's an API

        Hi Everybody,

        April Cools is this weekend! A bunch of people who normally write tech stuff will be writing about a bunch of other topics. If you’ve got a blog and find April Fools to be eye-rollingly trite, come join us! You don’t need to pour your heart and soul into a 10,000 epic, just write something fun and genuine and out of character for you.

        I’ve got a lot on my plate this week, so I’ll keep this newsletter short and sweet. Hyrum’s law:

        With a sufficient number of users of an API, it does not matter what you promise in the contract: all observable behaviors of your system will be depended on by somebody.

        Fair enough, but what do we mean by “API”? We always use “API” to mean the official designated interfaces, but when you get down to it, you can use anything as an interface!

      • APNICThe APNIC Hackathon is back!

        The APNIC Hackathon at APRICOT 2023 produced some impressive results on the topic 'IPv6 Diagnostics Framework'.

      • Peter Hutterer: New spamfighting abilities

        As of today, allows anyone with a GitLab Developer role or above to remove spam issues. If you are reading this article a while after it's published, it's best to refer to the damspam README for up-to-date details. I'm going to start with the TLDR first.

      • OpenSource.comHow to use Podman in GitLab Runners

        A GitLab Runner is an application that works with GitLab CI/CD to run jobs in a pipeline on GitLab's infrastructure. They're often used to automatically compile applications after code has been committed or to run tests on a code base. You can think of them as cloud-based Git hooks.

        The main public GitLab instance provides many easily accessible shared runners ready for use in your CI pipeline. You can find a list of shared runners in your repository's Settings -> CI/CD -> Runners on GitLab.

      • Barry KaulerBug fixes for AppImage Installer

        Alfons reported that in the "Other" category, the "Online Information" button didn't work. Fixed.

        Forum member Airdale reported liking Ungoogled Chromium and looked forward to the update feature. I replied that cannot update it:

        I have fixed that also; however, do have a problem with updating at some repositories, so have had to hard-code to download just one version. Last night I discovered this:

      • Jonathan DowlandJonathan Dowland: daily log

        The solution I've adopted for now is another Vim plugin, taskwiki, which synchronises tasks with Taskwarrior3, an external task-management tool.

        If I mark a task as "done", Taskwiki updates all references to that task to reflect the new state. I can also construct queries to list all tasks matching some criteria. I have a special Vimwiki page named "Backlog" which runs the query "all tasks tagged 'redhat' in state 'pending'" (Linked from the boilerplate at the top of every page I write, for quick access):

        = Backlog | +redhat status:pending =
        * [ ] buy milk (still todo)

        Much like the base Vimwiki plugin, Taskwiki is very opinionated, and I've had to tame it by disabling several of its features. I've also hit a couple of mildly frustrating bugs (#368, #425). I might one day have a go at writing an alternative, simpler plugin in Lua (Neovim's native scripting language), but for now it works well enough and I don't have the time.

        There's very little in this current workflow for managing scheduling tasks, and that's probably where the focus should be for my next iterative improvement efforts. I think Taskwarrior, the underlying tool, has some good support for that. I'd particularly like some more visual approaches for managing the backlog, such as something Kanban-style.

      • TecAdminHow to Validate Email Address in JavaScript

        Email validation is a crucial part of any application that requires user registration or input of email addresses. Validating email addresses ensures that the input data is accurate, which helps prevent spam, reduces errors, and ensures that messages are delivered to the correct recipients.

      • Shell/Bash/Zsh/Ksh

        • TecAdmin10 Bash Tricks Every Developer Should Know

          Bash is a popular shell scripting language used in Unix-based operating systems like Linux and macOS. It is widely used by developers, system administrators, and power users for automating tasks and managing systems. Bash offers many powerful features and shortcuts that can make your life easier and improve your productivity.

  • Leftovers

    • Education

    • Health/Nutrition/Agriculture

      • AxiosThe Digital Wellness Lab aims to mediate between TikTok and parents

        As some states try to regulate children's social media use and TikTok emerges as a geopolitical chew toy, a new clearinghouse has emerged for mediating between tech companies and those concerned about their products' impact on kids: the Digital Wellness Lab at Boston Children's Hospital and Harvard Medical School.

      • AxiosSocial media's new pay-for-play rules

        Social media is getting pricier for users who want to unlock special features and privileges.

        Why it matters: Users who once believed they were contributing their time and creativity are now being asked to pay up by cash-hungry platforms.

        Driving the news: Elon Musk on Monday tweeted that beginning April 15, only tweets by verified users will show up in Twitter's default main feed of "For You" recommendations. Verification, formerly a service Twitter offered public figures, is now available only to $8-a-month subscribers.

      • Peru’s authorities seize 2.3 tons of cocaine heading to Turkey

        According to officials from Peru, it was the first time they had such an incident with a Turkey-bound ship.

      • YLECyclists' Federation opposes ministry's proposed blood alcohol limit for bike riders

        Introducing a specific blood alcohol limit would ultimately do more harm than good, the federation says.

      • Matt Brown: Ventilation Monitoring

        The importance of clean, fresh indoor air is one of the most tangible takeaways of the Covid-19 pandemic. In addition to being an effective risk mitigation strategy for reducing the spread of respiratory illnesses, clean, fresh air is necessary to enable effective cognitive performance.

        Monitoring indoor air quality is relatively easy to do, but traditionally has not been a key focus. I believe air quality monitoring should be accessible for any indoor space, and for highly occupied indoor spaces should be provided on a continuous basis.


        Next steps

        Many small businesses and organisations are likely to have poor air quality and opportunities for improvement similar to the example above that are waiting to be found and fixed, and the existing products available are neither focused or ideal for the needs of this market.

        I have spent some time over the past six months building a basic CO2 monitoring service that I have used to deploy ventilation monitoring to our local school, and a few other local businesses. There are a number of challenges that still need to be addressed in order to scale the business up, but I think there is a reasonable chance that I can build a viable business that offers an attractive and useful solution that would accelerate the deployment of ventilation monitoring for small businesses and organisations.

        In an upcoming post, I will explain the foundations of the service that I have built to date, the challenges that need to be overcome and how I plan to evolve the service from the current prototype into a sustainable, bootstrapped business.

    • Proprietary

      • Michael West MediaApple launches buy now, pay later service in US [Ed: Apple trying to become a lender because people lack money to spend on 'i' things]

        Apple Inc has launched its buy now, pay later service in the United States that will allow consumers to pay for purchases over time. The service, Apple Pay Later, will allow users to split purchases into four payments spread over six weeks with no interest or fees, the company said.

      • MashableMicrosoft-Owned GitHub Lays Off Entire Engineering Team In India, Impacting 142 Roles - Tech

        The layoffs were not performance-related, and the affected employees have been given two months' pay as severance.


        This is not the first time GitHub has implemented layoffs, as the company announced the cutting of 10% of its workforce just last month. The company has also paused hiring until further notice.

    • Privatisation/Privateering

      • AxiosThe quiet privatization of government health insurance programs [Ed: The privatisation and monopolisation of everything]

        The biggest public health insurance programs have become increasingly privatized over the last decade, even while politicians sparred over whether government-run health care should be expanded to cover more Americans.

        Why it matters: Although privately run Medicare and Medicaid plans are still highly regulated and funded by the government, the commercialization has complicated efforts to rein in medical spending and unleashed fierce partisan fights like the ongoing one over Medicare Advantage.

    • Security

      • LWNSecurity updates for Tuesday []

        Security updates have been issued by Debian (dino-im and runc), Fedora (qemu), Red Hat (firefox), SUSE (chromium, containerd, docker, kernel, and systemd), and Ubuntu (graphicsmagick, linux-azure, linux-gcp, linux-oem-5.14, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, and node-url-parse).

      • IT WireSUSE claims new era of confidential computing through its adaptable Linux platform [Ed: This has nothing to do with security; it's about pacifying companies, via paperwork mostly, about outsourcing all their data to spying firms that are notorious for snooping; "confidential computing" dubbed, founded and led by some of the very worst offenders out there, operating via some openwashing proxy based in California]
      • Data BreachesSo you leaked data on BreachForums, but weren’t the hacker? Can you be prosecuted for leaking?

        In the wake of the arrest of “Pompompurin,” BreachForums’ self-proclaimed owner and moderator, DataBreaches has been contacted by a number of anxious folks who want to know if they are at risk of being arrested for their own actions.

        Obviously, DataBreaches is not a lawyer or any kind of authority and can’t provide any assurances. But nor does this site feel comfortable sitting back while so many forum users from BreachForums and/or RaidForums spout incorrect information about some U.S. laws.

      • Data BreachesIllinois Gastroenterology Group settles class action litigation for undisclosed sum

        There has been a settlement in litigation stemming from a breach previously noted on DataBreaches. Without admitting guilt or wrongdoing, Illinois Gastroenterology Group has agreed to pay an undisclosed sum to settle claims from an October 2021 data breach first disclosed in April 2022. The incident involved unnamed threat actors accessing and exfiltrating data on more than 227,000 patients.

      • Data BreachesA listing about a government victim disappeared from LockBit’s site. But why? (UPDATE1)

        When an entity has been the victim of a cyberattack, they’d be smart not to discuss the attack via their email system or voice system if those systems could be compromised and the attackers could be monitoring them.

        But you’d think that there would be some records made involving incident response, such as notes or resolutions on whether the entity will pay a ransom demand or whom they are notifying, etc. Could all records be on an external counsel’s server so as to protect it from monitoring and perhaps discovery in any litigation? Perhaps.

      • Data BreachesNorwegian data protection authority fines U.S. firm almost $240,000 for failure to notify within 72 hours

        It’s encouraging to see breach notification deadlines taken seriously. The Norwegian Data Protection Authority has imposed a monetary penalty of NOK 2.5 million on Argon Medical Devices for breaching Article 33 (1) of the GDPR. That article requires controllers to notify the regulator of a personal data breach within 72 hours.

      • French CNIL is setting the tone for 2023: patients data and medical research on its radar

        While the French Data Protection Authority (the "CNIL") has consistently emphasized the importance of protecting health data, there will be even more focus for 2023 with more investigations and sanctions in this sector. The CNIL declared patient data as one of its four priority topics for investigations in 2023, and initiated its program with two official warnings issued to organizations conducting medical research (Sponsors) about their GDPR breaches. The CNIL is now more than ever underscoring the significance of compliance with data protection regulations within the realm of medical studies.

        CNIL has always been very attentive to the processing of health data and to their security and confidentiality. It regularly publishes content on its website (practical information sheets, guidelines and binding recommendations), and has also made health data security one of its priority topics for its investigations back in 2020 and 2021. It also regularly supports needs of health data localization within the European Union, for example in guidelines regarding early-access programs and health data warehouses. The CNIL also issues and regularly updates its standards for clinical studies, known as Méthodologies de reference (MR) like MR-001 or MR-003 for research involving human beings or MR-004 for research not involving human beings (e.g., for reuse of health data). The CNIL is now taking its efforts even further, kicking off 2023 with an intensified focus on medical research and patient data protection.

      • Computer WeeklyEthical hackers urged to respond to Computer Misuse Act reform proposals

        The deadline for submissions to the government’s consultation on reform of the Computer Misuse Act is fast approaching, and ethical hackers and security experts need to make their voices heard, says Bugcrowd

      • A hospital went dark after it was hacked. It’s still reeling two years later

        As the second year of the pandemic was nearing an end, employees at Johnson Memorial Health hoped they could catch their breath after dealing with a weeks-long tsunami of COVID-19 hospitalizations and deaths. But on a Friday at 3 a.m., the hospital CEO’s phone rang with an urgent call from the chief of nursing.

        “I remember like it was yesterday,” said Dr. David Dunkle, chief executive officer of the health system based in Franklin, Indiana. “My chief of nursing said, ‘Well, it looks like we got hacked.’”

      • kpcyrd: Writing a Linux executable from scratch with x86_64-unknown-none and Rust

        I recently mentioned on the internet I did work in this direction and a friend of mine asked me to write a blogpost on this. I didn’t blog for a long time (keeping all the goodness for myself hehe), so here we go. 🦝 To set the scene, let’s assume we want to make an exectuable binary for x86_64 Linux that’s supposed to be extremely portable. It should work on both Debian and Arch Linux. It should work on systems without glibc like Alpine Linux. It should even work in a FROM scratch Docker container. In a more serious setting you would statically link musl-libc with your Rust program, but today we’re in a silly-goofy mood so we’re going to try to make this work without a libc. And we’re also going to use Rust for this, more specifically the stable release channel of Rust, so this blog post won’t use any nightly-only features that might still change/break. If you’re using a Rust 1.0 version that was recent at the time of writing or later (>= 1.68.0 according to my computer), you should be able to try this at home just fineâ„¢.

        This tutorial assumes you have no prior programming experience in any programming language, but it’s going to involve some x86_64 assembly. If you already know what a syscall is, you’ll be just fine. If this is your first exposure to programming you might still be able to follow along, but it might be a wild ride.

        If you haven’t already, install rustup (possibly also available in your package manager, who knows?)

      • APNICMitigating DDoS using an anycast playbook

        Guest Post: How to redistribute traffic between anycast sites during a DDoS attack.

      • Linux Kernel Vulnerabilities in Ubuntu Let Hackers Launch DOS Attack & Execute Arbitrary Code [Ed: An account on the machine is needed and a live session is needed too]

        Several security vulnerabilities were recently addressed by Canonical in both Graphviz and the Linux kernel of Ubuntu.

        Recent discoveries include null pointer dereference vulnerabilities in Graphviz and improper handling of indirect branch prediction isolation between L1 and L2 VMs in the KVM VMX implementation of the Linux kernel.

      • CSOHackers changed tactics, went cross-platform in 2022, says Trend Micro [Ed: Microsoft talking points, Microsoft-sponsored platform]

        Payouts from ransomware victims declined by 38% in 2022, prompting hackers to adopt more professional and corporate tactics to ensure higher returns, according to Trend Micro’s Annual Cybersecurity Report.

        Many ransomware groups have structured their organizations to operate like legitimate businesses, including leveraging established networks and offering technical support to victims. There is an increasing level of professionalism from these groups and the adoption of more sophisticated business tactics, Trend said.

      • Privacy/Surveillance

        • Michael West MediaQR codes could unlock lower-cost payments, says RBA [Ed: Australia wants to punish people who pay with cash and reject spyphones that track them around]

          The Reserve Bank has flagged QR code-enabled transactions and other innovative payment technologies€  to trim the cost of paying for things.

    • Defence/Aggression

    • Environment

      • Michael West MediaClimate protesters shut out of banking summit [Ed: Cops protect bankers, not the planet]

        Climate protesters have attempted to crash a banking summit where executives of the country’s biggest banks have been spruiking their decarbonisation agendas. Activists, including survivors of natural disasters, chanted and held banners calling out the big four banks’ continued funding of fossil fuel projects on Tuesday...

    • Finance

    • AstroTurf/Lobbying/Politics

      • AxiosRot of nation's core values quantified by single poll
        Data: Wall Street Journal/NORC poll. Chart: Axios Visuals

        Rarely does one poll stare so deeply into the soul of a nation and tell its story. But a new Wall Street Journal-NORC poll exposes generational and political divides that echo loudly and transformatively across our culture, politics and governance.

        Why it matters: Bill McInturff, the pollster on earlier editions of this survey, told The Journal that the combined toll of political division, COVID and the lowest economic confidence in decades appear to be having "a startling effect on our core values."

      • Michael West MediaTwitter to deny features for non-blue ticks in shake-up

        Twitter is set to scrap features for users who do not pay a monthly fee for a blue tick verification, according to new rules shared by billionaire owner Elon Musk.

      • Mint Press NewsXi’s ‘Chilling’ Remarks: What the New Multipolar World Means for the Middle East and Africa

        If this geopolitical shift continues, the world will, once again, find itself divided into camps. While it is too early to determine, with any degree of certainty, the winners and losers of this new configuration, it is almost certain that a US-western-dominated world is no longer possible.€ 

      • ADFExperts Urge New Approach in Countering Coups

        The recent outbreak of coups in West Africa has cast a spotlight on some shortcomings in transitioning back to democracy. Since 2020, military juntas have swept to power in Mali (2021, 2022), Burkina Faso (twice in 2022) and Guinea. Four failed coup attempts also took place in West Africa in 2022.

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

    • Civil Rights/Policing

    • Monopolies

      • AxiosTech giants caught between escalating U.S.-China tensions

        Apple CEO Tim Cook for the first time since the pandemic traveled to China this weekend, where he touted the company's strong relationship with the country at a business conference organized by the Chinese government.

      • Patents

        • UPC Registry reports on some common issues in use of CMS [Ed: Bristows, a serial liar and pusher for an illegal UPC, wants you to think that UPC issues are merely some CMS bugs. This is an attack on the constitutions and many law firms should be disbarred for lobbying against the laws of many countries.]
      • Dennis Crouch/Patently-OThe Brandeis Brief in Patent Cases

        Louis D. Brandeis was a famous lawyer long before becoming a Supreme Court Justice. In the 1908 case of Muller v. Oregon, Brandeis represented the State of Oregon defending the state’s rule restricting the number of hours that women could work in certain industries.€  In defense of the law, Brandeis filed a brief that presented social science research and empirical evidence to support the argument that long working hours had negative effects on women’s health and family life.

      • Dennis Crouch/Patently-OBye Bye Functional Claims

        Oral arguments from Amgen v. Sanofi suggest the potential of a blockbuster Supreme Court decision further derogating functional claim limitations (all of which are also genus claims).€  A key question is whether the court will include limiting language that that directs impact primarily upon the “unpredictable arts.”

        At oral arguments, the Supreme Court was quite hostile to the patentee counsel Jeffrey Lamken and his attempt to defend Amgen’s functionally claimed genus of antibodies.€  I believe that Lamken took the wrong turn by first repeatedly telling the court that the claim covered only about 400 antibodies, before eventually admitting that a scope covering millions of yet unidentified antibodies.€ 

    • Trademarks

      • TTAB BlogTTABlog Test: Which of These Three Section 2(d) Refusals Was/Were Reversed?

        The Board has affirmed 36 of the first 38 Section 2(d) refusals that it reviewed this year. Here are three more. At least one was reversed. How do you think these three cases came out? [Results in first comment].

        In re 77 Enterprises LLC, Serial No. 87639234(March 24, 2023) [not precedential] (Opinion by Judge Marc A Bergsman) [Section 2(d) refusal of 77 SPORTBAR for “bar and restaurant services, namely providing of food and beverages for consumption on the premises; restaurant and sports bar services with televisions on premises,” in view of the registered mark 77 SOCIAL CLUB and design for “catering services; restaurant and bar services."]

  • Gemini* and Gopher

    • Personal

      • Eating your info vegetables

        I agree that it can often be worthwhile getting into some things that might take a bit of an effort.

        For non-fiction, How to Read a Book is still good. Even though it came out in 1972, it’s core message of reading & synthesizing is still relevant, even more relevant, in today’s hypertext world.

        That book has a chapter on fiction, too, a good one, but nothing beats Comme un roman for ridding ourselves from the chore parts of fiction and cultivating a breezy love of reading for pleasure.

      • US Paper Sizes Rant

        Instead we use a weird mix of sizes that have no relation to any other. The ISO sizes are consistent, so that, for instance, an A5 page is the same size as half an A4 page, but has the same aspect ratio, so if you reduce an A4 page down to A5 size, it fits perfectly. Reduce an 8 €½ ×11 inch page to 5€½ ×8 and you leave a large part of the page empty! So stupid!

        I have a tendency to print stuff on 5€½ ×8 size pages (that’s an almost standard US size, sometimes called Statement, Digest, Halfletter, etc.) as pamphlets, and resizing 8€½Ãƒâ€”11 pages to do that just looks ugly. It's maybe enough to make me pay the extra cost for A4 paper…

    • Technical

      • Making a Simple Podcast TUI with MPV, FZF and Podget

        If you've read any of my glog posts about my Pinephone you may remember that I have a custom terminal interface that consists of various command line programs and scripts that do all the common things I typically do on the Pinephone. A podcast client is one thing that I hadn't totally settled on a solution for yet. I was using Castero, which is quite nice, but wanted something simpler that just downloaded all the new episodes at once.

        Over the last few weeks I was mulling and searching for an easy way to make a simple terminal file select menu to launch my podcasts but I hadn't found anything that was quite what I had in mind. Then ~lettuce goes and posts a great little thing on using fzf to make simple little terminal menus and it gave me an idea. Fzf is already installed because it is a depency of ytfzf, the youtube/peertube TUI program I already use. So thanks lettuce for that inspiration.

* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.

Recent Techrights' Posts

Washington's WARN Site/Portal (That Excludes Many Microsoft Layoffs) is Now Down for Many Hours, Microsoft Causes Major Outages and Incidents Worldwide (Even Deaths)
The mass layoffs (lots of them in Azure since 2020) probably worsen resilience and security some more
UEFI 'Secure Boot' Once Again Bricking PCs and Fake Security Models Are Perishing in Geminispace
Let's Encrypt has just fallen again
1901 Days in High-Security Prison (and 8 More Years in Severe Confinement) for the 'Crime' of Exposing War Crimes and Corruption
Julian Assange clip = Microsoft Lobbying (Openwashing)
Here's the latest pair of blog posts
In Northern Mariana Islands, Where Julian Assange Pled Guilty 4 Weeks Ago, Windows Remains Second to Android, and GNU/Linux Still Grows in Oceania
It was the first month ever that statCounter saw more Web requests there from Android than from Windows
Good News About GNU/Linux, Geminispace, FSF, and Backlash Against Microsoft
here are a few quick takes
Backlash and Negative Press After Microsoft Tells Diversity, Equity, and Inclusion (DEI) People to DIE
Follow-up stories
Links 19/07/2024: Microsoft Breaks Down and Amdocs Has 1,500-3,000 More Layoffs
Links for the day
[Meme] Conservative (and Fake) Nuclear Physicist Bill Gates
Didn't even graduate from college, media treats him like a world-renowned expert in nuclear energy
The Gemini Capsule of Tux Machines Turns 2 in Six Days
Many people actually use Gemini, some participate in it by creating their own capsule (or capsules)
GNU/Linux Rises to 4% in Saudi Arabia, Says statCounter, Windows Has Fallen to 11% (Android Exceeds 60%)
Microsoft might soon fall below 10% in KSA (Saudi Arabia)
IRC Proceedings: Thursday, July 18, 2024
IRC logs for Thursday, July 18, 2024
GNU/Linux news for the past day
GNU/Linux news for the past day
If GitLab Gets Sold (Datadog and Google Named Among Potential Buyers), It'll Prove Our Point About GitLab
Beware the bait on the hook
Hot Summer: Microsoft Flirting With the "5% Windows" Club in Afghanistan
The share of Windows in Afghanistan has fallen to almost 5% (1 in 20 Web requests)
[Meme] Nothing Says "Independence Day" Like...
Firing DEI on Independence Day period
Links 18/07/2024: Hardware, Conflicts, and Gemini Leftovers
Links for the day
Links 18/07/2024: Retroactively Pseudonymised Litigant and Alberta’s Energy ‘War Room’
Links for the day
Gemini Links 18/07/2024: A Welcome to Gemini and Politics of Assassinations
Links for the day
Red Hat's Official Site Yesterday: Promoting 'Secure' Boot in Machines You Don't Own or Control Anyway
"To be clear, CentOS Linux no longer exist"
Fabian Gruenbichler & Debian: former GSoC student added to keyring
Reprinted with permission from Daniel Pocock
Links 18/07/2024: ORG Complaint to ICO About Facebook, Korean Double Agent Unmasked
Links for the day
Joel Espy Klecker & Debian on Joe Biden's health and Donald Trump's assassination
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 17, 2024
IRC logs for Wednesday, July 17, 2024
Links 18/07/2024: Hostname Pedantry and Retro Coding
Links for the day
Fedora Week of Diversity (FWD) 2024 Attracting 0.01% of the IBM Staff "Was a Success"
They expect volunteers (unpaid slaves) to do the PR for them...
African's Largest Population (Nigeria) Approaching 80% Android "Market Share" Amid Steady Monthly Increases While Microsoft Has Mass Layoffs in Nigeria
Microsoft- and Apple-sponsored Western (or English-speaking) media chooses to ignore that or treat it as irrelevant (a racist disposition in its own right)
[Meme] The Warlord's Catspaw
Thugs that troll us
Microsoft Misogyny Will be the Fall of Microsoft (Covering Up for Misogynists is a Huge Mistake and Highly Misguided Short-term Strategy)
Microsoft's undoing may in fact be its attitude towards women
Microsoft's Bing Falls to Fourth in the Europe/Asia-Based Turkey, Share Halved Since LLM Hype, Now Only 1% (Sometimes Less)
Turkey (Eurasia) is another example of Microsoft failing with LLM hype and just burning a lot of energy in vain (investment without returns)
Red Hat Keeps Behaving Like a Microsoft Reseller (for Proprietary Stuff!), Microsoft Employees as Authors in
In some ways this reminds us of Novell
Links 17/07/2024: New Attacks on the Press, European Patents Squashed Even at Kangaroo Court (UPC)
Links for the day
Gemini Links 17/07/2024: Proponents of Censorship and New Arrivals at Gemini
Links for the day
Links 17/07/2024: School Budget Meltdown and Modern Cars as Tracking Nightmares
Links for the day
This Should Certainly be Illegal, But the Person Who Helped Microsoft Do This is Still Attacking the Critics of It
perhaps time for an "I told you so post"
Censorship as Signal of Opportunity for Reform
It remains sad and ironic that Wikileaks outsourced so much of its official communications to Twitter (now X)
[Meme] A Computer With an Extra Key on the Keyboard Isn't Everyone's Priority
(so your telling me meme)
The World Wide Web Has Been Rotting for Years (Quality, Accuracy, and Depth Consistently Decreasing)
In the past people said that the Web had both "good" and "bad" and that the good outweighed the bad
Comoros: Windows Plunges to Record Low of About 6% in Country of a Million People (in 2010 Windows Was 100%)
Many of these people earn a few dollars a day; they don't care for Microsoft's "Hey Hi PC" hype
Africa as an Important Reminder That Eradicating Microsoft Doesn't Go Far Enough
Ideally, if our top goal is bigger than "get rid of Microsoft", we need to teach people to choose and use devices that obey them, not GAFAM
Billions of Computers Run Linux and Many Use Debian (or a Derivative of It)
many devices never get updated or even communicate with the Net, so exhaustive tallies are infeasible
The Mail (MX) Server Survey for July 2024 Shows Microsoft Collapsing to Only 689 Servers or 0.17% of the Whole (It Used to be About 25%)
Microsoft became so insignificant and the most astounding thing is how the media deliberate ignores it or refuses to cover it
[Meme] Microsoft is Firing
Don't worry, Microsoft will have some new vapourware coming soon
More DEI (or Similar) Layoffs on the Way, According to Microsoft Team Leader
What happened shortly before Independence Day wasn't the end of it, apparently
Windows Down From 98.5% to 22.9% in Hungary
Android is up because more people buy smaller mobile devices than laptops
Microsoft Windows in Algeria: From 100% to Less Than 15%
Notice that not too long ago Windows was measured at 100%. Now? Not even 15%.
[Meme] Many Volunteers Now Realise the "Open" in "OpenSUSE" or "openSUSE" Was Labour-Mining
Back to coding, packaging and testing, slaves
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 16, 2024
IRC logs for Tuesday, July 16, 2024
Microsoft Windows "Market Share" in New Zealand Plunges to 25%
Android rising
[Meme] Ein Factory
A choice between "masters" (or "master race") is a false choice that results in mass exploitation and ultimately eradication (when there's little left to exploit)
Links 17/07/2024: Open Source Initiative Lies and Dark Net Thoughts
Links for the day
SUSE Goes Aryan: You May Not Use the Germanic Brand Anymore (It's Monopolised by the Corporation)
Worse than grammar Nazis
Media Distorting Truth to Promote Ignorance
online media is rapidly collapsing
Gratis But Not Free as in Freedom: How Let's Encrypt is Dying in Geminispace
Let's Encrypt is somewhat of a dying breed where the misguided CA model is shunned