-- Leo's gemini proxy
-- Connecting to gemini.techrights.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Gemini version available ♊︎
Posted in News Roundup at 6:07 pm by Dr. Roy Schestowitz
Choosing the right kind of operating system is important. However, each user has their own preferences. While 76% of the overall users operate Windows, there are over 32 million Linux users around the globe too.
However, what is the key difference between the two that make each of them stand out on their own? We’ve seen a lot of movies and references where most hackers seem to operate Kali Linux for launching hacks. It makes us wonder if it’s that good, then why isn’t it mainstream just like Windows?
Well, that’s what we’re here to check. We’ll be focusing on some key differences between the two so that you can get a better idea. So, without further ado, let’s get started…
We cover events and user groups that are running in Romania. This article forms part of our Linux Around The World series.
In the September 2022 survey we received responses from 1,129,251,133 sites across 271,625,260 unique domains, and 12,252,171 web-facing computers. This month all three metrics have decreased since August, with a loss of 5.82 million sites, 115,512 unique domains and 113,356 web-facing computers.
nginx had the largest increase in web-facing computers, gaining 28,887 (+0.56%) this month. OpenResty had the second largest increase, gaining 6,008 (+3.54%) web-facing computers, along with a gain of 339,813 (+0.86%) domains and 149,893 (+2.35%) active sites. Google showed strong growth in all metrics, with an increase of 5,127 web-facing computers, 211,135 (+8.83%) domains, and 895,225 (+4.71%) active sites.
Within the top million busiest sites, Apache lost 0.21pp of its market share. Despite this, it continues to be the most commonly used web server in the top million. nginx also continued its long-term downward trend, but lost only 0.14pp, further closing the gap between Apache and nginx. The gap now stands at 4,499 sites, a decrease of 13.8% since last month. Meanwhile, Cloudflare’s growth continues, with its market share in the top million increasing by 0.25pp.
Apache also experienced a loss in overall market share, losing 414,684 (-0.94%) active sites and 18,156 computers (-0.49%). The only other developers to lose active sites were Microsoft and nginx, with losses of 58,443 (-1.01%) and (-0.10%) respectively.
LiteSpeed’s market share continues to increase at a steady rate, with it gaining 92,704 (+1.14%) domains and 70,146 (+0.73%) active sites this month.
In this video, I am going to show an overview of EndeavourOS 22.9 Artemis and some of the applications pre-installed.
In this episode, Jay and Joao discuss a handful of cybersecurity events in the news. While none of these stories are super exciting from a technical standpoint, there’s definitely some lessons to be learned.
Joel welcomes Allan.
For many years, the Linux community has claimed that running anti-virus programs is not necessary on Linux. But as Linux gains more popularity, and as more viruses start targeting Linux, is it time that we reconsider the need for AV on Linux?
Huge pages are a mechanism implemented by the CPU that allows the management of memory in larger chunks. Use of huge pages can increase performance significantly, which is why the kernel has a “transparent huge page” mechanism to try to create them when possible. But a huge page will only be helpful if most of the memory contained within it is actually in use; otherwise it is just an expensive waste of memory. This patch set from Alexander Zhu implements a mechanism to detect underutilized huge pages and recover that wasted memory for other uses.
The base page size on most systems running Linux is 4,096 bytes, a number which has remained unchanged for many years even as the amount of memory installed in those systems has grown. By grouping (typically) 512 physically contiguous base pages into a huge page, it is possible to reduce the overhead of managing those pages. More importantly, though, huge pages take far fewer of the processor’s scarce translation lookaside buffer (TLB) slots, which cache the results of virtual-to-physical address translations. TLB misses can be quite expensive, so expanding the amount of memory that can be covered by the TLB (as huge pages do) can improve performance significantly.
The downside of huge pages (as with larger page sizes in general) is internal fragmentation. If only part of a huge page is actually being used, the rest is wasted memory that cannot be used for any other purpose. Since such a page contains little useful memory, the hoped-for TLB-related performance improvements will not be realized. In the worst cases, it would clearly make sense to break a poorly utilized huge page back into base pages and only keep those that are clearly in use. The kernel’s memory-management subsystem can break up huge pages to, among other things, facilitate reclaim, but it is not equipped to focus its attention specifically on underutilized huge pages.
Major highlights of the Mesa 22.2 graphics stack series include the ARB_robust_buffer_access_behavior extension for the D3D12 Gallium driver, GL_EXT_memory_object_win32 and GL_EXT_semaphore_win32 support for the D3D12 and Zink drivers, variablePointers and vertexAttributeInstanceRateZeroDivisor support for the lavapipe software Vulkan rasterizer, and Valhall support for Collabora’s Panfrost driver for Mali GPUs.
FreeDesktop is one of the most important groups in the linux desktop space without them many of the crucial projects we rely on today wouldn’t have any reasonable level of development or funding.
Nvidia is released its new RTX 40 series, and while they have been ridiculed for their (extreme) pricing, they are certainly betting on the current strengths of the brand with more ray-tracing, a new version of DLSS, and upgraded PhysX. There’s a bunch of games (35) that are now being adapted to demonstrate how to best exploit such effects, and there’s also this very nice technical demo, called Nvidia Racer RTX, showing a Re-Volt like game that’s extremely well made…
VK_KHR_dynamic_rendering was an especially nasty extension to implement on tiling GPUs because dynamic rendering allows splitting a render pass between several command buffers.
For desktop GPUs there are no issues with this. They could just record and execute commands in the same order they are submitted without any additional post-processing. Desktop GPUs don’t have render passes internally, they are just a sequence of commands for them.
On the other hand, tiling GPUs have the internal concept of a render pass: they do binning of the whole render pass geometry first, load part of the framebuffer into the tile memory, execute all render pass commands, store framebuffer contents into the main memory, then repeat load_framebufer -> execute_renderpass -> store_framebuffer for all tiles. In Turnip the required glue code is created at the end of a render pass, while the whole render pass contents (when the render pass is split across several command buffers) are known only at the submit time. Therefore we have to stitch the final render pass right there.
Podman is a container runtime that provides features similar to Docker. It’s part of the libpod library and can be used to manage pods, containers, container images, and container volumes.
Application orchestration is the process of integrating applications together to automate and synchronise processes. In robotics, this is essential, especially on complex systems that involve a lot of different processes working together. But, ROS applications are usually launched all at once from one top-level launch file.
With orchestration, smaller launch files could be launched and synchronised to start one after the other to make sure everything is in the right state. Orchestration can also hold processes and insert some process logic. This is what ROS orchestration should be about.
This way, for instance, you could make your localisation node start only once your map_server made the map available.
Snaps offer orchestration features that might come handy for your ROS orchestration.
In this post, we will demonstrate how to start a snap automatically at boot and how to monitor it. Then, through some examples, we will explore the different orchestration features that snaps offer. We thus assume that you are familiar with snaps for ROS; if you aren’t, or need a refresher, head over to the documentation page.
You can try these four simple steps right now to clean up your Ubuntu installation.
This quick tutorial would help you to clean up old Ubuntu installations and free up some disk space.
If you have been running an Ubuntu system for more than a year, you might feel that your system is slow and lagging despite your being up-to-date.
Over time, there are many apps which you might have installed just to experiment or after reading a great review, but you did not remove them. These are some ways to help you find out some hidden disk spaces that you can free up.
Angular is a component-based framework for building single-page client-side applications. It is based on HTML and TypeScript. Angular is written in TypeScript and provides TypeScript libraries you can import into your applications, with functionality such as routing, form management and client/server communication.
Web application frameworks like Angular improve development efficiency by providing a consistent structure so that developers do not have to rewrite their code from scratch. A framework also provides useful infrastructure and features that can be added to the software without extra effort. Angular also provides developer tools to support initial development, builds, file uploads, code testing and updates.
Kubernetes is the world’s most popular container orchestration platform. It is being used to run workloads of all shapes and sizes, and web applications are no exception. Kubernetes can be an excellent option to run large-scale web apps composed of multiple services, potentially with multiple instances for each service. I’ll cover the basics of Angular and show how to use Kubernetes to deploy and scale Angular applications.
flac2all is a simple utility that allows you to convert high-quality FLAC files to almost any modern audio format. Unlike ffmpeg, this utility automates the process of sorting, tagging and encoding your FLAC audio. flac2all is easy to install and use. Learn how to use this highly versatile program that can act as a front end for all your audio transcoding needs.
GRUB updates have been known to result in Linux computers booting into the BIOS or UEFI settings. The fix for this takes advantage of a useful system recovery trick you really ought to know about.
In this tutorial, we will show you how to install Django on Rocky Linux 9. For those of you who didn’t know, Django is a free and open-source web application framework written in Python. It comes with a set of tools to help one build scalable web applications. Django’s primary goals are simplicity, re-usability, rapid development, and scalability.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Django on Rocky Linux. 9.
A client asked me to find a way to keep running an ancient system (from 10+ years ago) in a new server. The old binary packages didn’t work. I couldn’t even compile those packages for our linux in the new server. Then I though in create a Virtual Machine. So this is how to run a VM headless in QEMU-KVM-libvirt-etc.
The most time-consuming Kubernetes upgrade to date because of dockershim.
Podman also called “Pod Manager” is an open-source tool used for creating and managing containers. It is part of the libpod library that doesn’t rely on the Docker daemon and is compatible with Docker. In this tutorial, I will show you how to install and use Podman on Ubuntu 22.04 server.
Mega is an excellent cloud storage option. With the free tier of the service, you get 20 GB of storage. This amount of storage, while not much, is an excellent place to store your Linux backups.
This guide will show you how to utilize Mega on Linux as the backend for backups using Duplicati. To get started, ensure you have a Mega account at Mega.nz.
This guide explains what is Ansible register and how to capture a task output in Ansible using the register variables in Linux.
Install Unattended upgrades on Ubuntu 20.04 Focal Fossa to update and upgrade it automatically without manually running any command.
Keep your Ubuntu 20.04 server or desktop updated with the help of a tool called Unattended-Upgrades. It allows users to easily download and install security updates and upgrades automatically after a set interval of time without any human interaction.
However, we recommend it only to automate the security updates installation because sometimes you may not want to upgrade every package of the system.
Start creating two-dimensional technical drawings by installing open source QCAD on Ubuntu 22.04 LTS Jammy Jelly Fish using the command terminal.
Looking for a free and open source CAD application on Linux to draw various 2D drawings for interior, machine parts, building structural plans, diagrams, and more, then try QCAD. It is available in both community and professional editions for computer-aided drafting (CAD) in two dimensions (2D).
Apart from Linux, we can use it on Windows and macOS as well. It offers Blocks (grouping); 35 CAD fonts; DXF and DWG input and output (in professional version only); Over 40 construction and 20 modification tools; Measuring tools; Command line tools (dwg2pdf, dwg2svg, dwg2bmp, etc.) and more…
As of Ubuntu 12.04, QCAD is no longer included in the sources. Instead, the QCAD package installs the LibreCAD program. LibreCAD uses the same code base as QCAD, but the graphical user interface is ported to Qt4.
Containerd is yet another container runtime engine you can freely install on most Linux distributions and is often considered more efficient and secure than Docker.
The Linux date command displays the current date and time of the system. While writing the shell scripts, I realise that sometimes we are required to find future dates—for example, dates after 10 days, 2 months, or 1 year, etc.
I use Kdenlive when I edit my videos, so I know it’s powerful software, and, best of all, it’s completely free. I bet many of you out there are using it as well, but it looks like it could get better with the help of the community.
If the fundraiser proves to be successful, and I have no doubt that it won’t, Kdenlive will get some cool new features like nested timelines, which lets you open several timeline tabs that each contain a separate timeline where you can insert (or “nest”) one timeline within another to act as a single clip.
Love it or loathe it? Plus: KDE 5.26 here soon, and both desktops still working on mobile support
The third release of GNOME since the big shift of GNOME 40 is coming together – but KDE isn’t getting left behind.
As mentioned in the previous post I’ve been creating these short pixel art animations for twitter and mastodon to promote the lovely apps that sprung up under the umbrella of the GNOME Circle project.
I have made a new version of ExTiX – The Ultimate Linux System. I call it ExTiX 22.9 KDE Anbox Live DVD. (The previous KDE/Anbox version was 21.10 from 211007). I have now included Anbox (Android in a Box – Anbox puts the Android operating system into a container, abstracts hardware access and integrates core system services into a GNU/Linux system. Every Android application will be integrated with your operating system like any other native application). So now you can run Android apps in ExTiX. GAPPS (Google Play Services and Google Play Store) are pre-installed in ExTiX 22.9. The second best thing with ExTiX 22.9 is that while running the system live (from DVD/USB) or from hard drive you can use Refracta Snapshot (pre-installed) to create your own live installable Ubuntu/Anbox system. So easy that a ten year child can do it!
ExTiX 22.9 KDE Plasma DVD 64 bit is based on Debian and Ubuntu 22.04.1 LTS. The original system includes the Desktop Environment Gnome. After removing Gnome I have installed KDE Frameworks 5.92.0 with KDE Plasma 5.24.6. KDE Frameworks are 60 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms.
The YaST Team keeps working on the already known three fronts: improving the installation experience in the traditional (open)SUSE systems, polishing and extending the containerized version of YaST and smoothing Cockpit as the main 1:1 system management tool for the upcoming ALP (Adaptable Linux Platform).
Crystal Linux is the newest Arch-based distribution on the block, and it hopes to offer a new set of features to the end-users. But how is it different from other Arch distributions, like Xero Linux, Garuda Linux, EndeavourOS, and many others available in the market?
Since the distribution market is already saturated, the need of the hour is to try and provide a fresh angle to the available technologies, to make the most out of the current user needs.
Here’s everything you need to know about Crystal Linux.
Red Hat Hybrid Cloud Console uses role-based access controls (RBAC) to restrict network access to services and resources based on user roles.
Role permissions are either assigned or inherited through a role hierarchy and can be as broad—or granular—as needed, based on your requirements.
There are two primary methods available to remotely manage and administer a Red Hat Enterprise Linux (RHEL) system: the command line interface over an SSH connection and the RHEL web console.
The web console provides a web-based graphical interface for managing and monitoring systems that can be used to complete a wide variety of tasks, such as managing storage, users and the firewall, monitoring performance metrics, reviewing log files, installing system updates and more. For more information about the web console, see the Managing systems using the RHEL 9 web console documentation.
If you are using the web console in your environment, it is important that you properly configure it to meet your organization’s security requirements.
The RHEL web console is based on the upstream Cockpit project. Within RHEL, the RPM packages and other components use the Cockpit name, so you will see the names web console and Cockpit used interchangeably.
The HTML of the login page has been adjusted to be more compatible with password managers in popular browsers. Usernames and passwords are more likely to be prefilled or selectable, depending on the password manager and browser.
AnsibleFest is back as an in-person event. Check out some of the event’s top presentations to help sysadmins automate better.
Tru Huynh has decided to step down from the Board of Directors. We thank him for his many years of hard work on the Board and across the entire CentOS project.
[...]
The CentOS Brand v2 is the new visual identity of the CentOS Project. We encorage you to use it abundantly. It was recently approved, and is where we will be transitioning to.
Edge is complex. Once we get past the shuddering enormity and shattering reality of understanding this basic statement, we can perhaps start to build frameworks, architectures and services around the task in front of us. Last year’s State Of The Edge report from The Linux Foundation said it succinctly: “The edge, with all of its complexities, has become a fast-moving, forceful and demanding industry in its own right.”
The automotive industry’s pendulum of innovation continues to swing towards open source. Historically speaking, it has been challenging to accelerate innovation within the automotive space due to lengthy development cycles, stringent safety certifications, and proprietary software. To combat this, automotive leaders are working to modernize and standardize practices in order to bring customers the latest and greatest in features and services while designing for functional safety. As a result, automakers are shifting into high gear as they engage open source communities and organizations like Red Hat to bring greater flexibility, customer engagement and increased innovation to their vehicle designs. Adopting universal open source software, such as Red Hat In-Vehicle Operating System, can help automakers integrate software defined vehicles technologies into their line up more quickly than ever before.
‘We’ve been partners with Red Hat in a number of different areas for a long time. Really this announcement is focused on OpenShift. And how do we help our customers simplify the deployment of, the management of, the integration of an OpenShift environment on Dell infrastructure,’ says Caitlin Gordon, vice president of product management at Dell Technologies.
When Bruce Perens, Ian Murdock, Tim Sailer and Eric Raymond founded the Open Source Initiative, they decided to take the Open Source trademark away from the Debian community.
Perens initially asked Ian Jackson to transfer it privately. Jackson raised the subject with the rest of the volunteers on the debian-private mailing list.
Thanks to the latest leaks from the Debian-Private (leaked) gossip list, you can now read the thread about how OSI snatched a trademark that was born out of and paid for by the work of the Debian community.
LXC was initially developed by IBM, and was part of a collaboration between several parties looking to add namespaces to the kernel. Eventually, Canonical took over stewardship of the project, and now hosts its infrastructure and employs many of its maintainers. The project includes a C library called liblxc and a collection of command-line tools built on top of it that can be used to create, interact with, and destroy containers. LXC does not provide or require a daemon to manage containers; the tools it includes act directly on container processes.
LXC was the first container implementation to be built entirely on capabilities found in the mainline kernel; predecessors required out-of-tree patches to work. Like Docker, LXC containers are created using a combination of control groups and namespaces. Because LXC was developed in parallel with the effort to add namespaces to the kernel, it could be considered a sort of reference implementation of using namespaces for containers on Linux.
Unlike Docker, LXC does not presume to espouse an opinion about what kinds of processes should run in a container. By default, it will try to launch an init system inside of the container, which can then launch other processes — something that is notoriously hard to do in a Docker container. With the correct configuration, though, it is even possible to run LXC containers nested within another LXC container, or to run the Docker daemon inside of an LXC container.
LXC containers are defined using a configuration file, which offers a great deal of control over how the container is constructed. The lxc-create utility is used to create containers. LXC does not bundle container configurations and images together; instead, the container configuration specifies a directory or block device to use for the container’s root filesystem. LXC can use an existing root filesystem, or lxc-create can construct one on the fly using a template.
This is the second blog in a series focusing on how telecom operators can leverage public clouds to meet their business demands. In a previous blog, we talked about Amazon Web Services (AWS) and how its services made it possible for telcos to shift towards public clouds. In this blog, you’ll get to know about Google Cloud Platform (GCP) and its role in enabling the telecommunications industry to leverage the cloud’s capabilities.
Telcos are evolving each day as per the need of the era, especially with the arrival of 5G. Communication Service Providers (CSPs) rely on traditional network infrastructures and face challenges both in growth and reliability. The question is, how can telcos effectively transform and meet scalability and performance demands?
The answer lies in the adoption of digitisation and cloud-native trends. GCP provides an on-demand platform that can scale as requirements grow. It facilitates high service availability to meet disruptions. It also ensures improved performance with enhanced platform awareness capabilities.
When computer architectures change in the datacenter, the attack always comes from the bottom. And after more than a decade of sustained struggle, Arm Ltd and its platoons of licensees have finally stormed the glass house – well, more of a data warehouse (literally) than a cathedral with windows to show off technological prowess as early mainframe datacenters were – and are firmly encamped on the no longer tiled, but concrete, floors.
For modern corporate computing, Day One of the Big Data Bang comes in April 1964 with the launch of the System/360 mainframe. Yes, people were farting around with punch cards and tabulating machines for 75 years and had electro-mechanical computation, and even true electronic computation, before then. But the System/360 showed us all what a computer architecture with hardware and software co-design, with breadth and depth and binary compatibility across a wide range of distinct processors, really looks like. And by and large, excepting a change in character formatting from EBCDIC to ASCII, a modern computer (including the smartphone in your hand) conceptually looks like a System/360 designed by Gene Amdahl that had a love child with a Cray-1 designed by Seymour Cray.
All makers love lasers and they make great shop tools. Even low-power lasers can engrave a variety of materials. Cutting material requires more power, with the most popular cutting lasers being CO2 with power between 10W-100W. But the small, affordable solid state laser modules can cut some materials, like acrylic, if you get a powerful enough model. If you want an affordable way to use one of those, then the Mokey Laser v1.0 is worth looking at.
Lasers like these can engrave and cut material, which means they can absolutely hurt you — your eyes are especially vulnerable. If you’re going to build something like this, make sure you understand how to operate it safely. It isn’t shown in the video, but you should absolutely use some kind of shielded enclosure that can handle the wavelength and power of the laser you use. Even with such an enclosure, you should wear the appropriate safety goggles.
Even if you’re one of the few people in the world who is consistent about wearing a respirator in the shop, it’s a good idea to run a filtration fan. Not only is that good for your own health and comfort, it can help keep your equipment running well — the last thing you want is something overheating and catching fire because its cooling ducts are clogged. To avoid running a fan when it isn’t needed, Brandon of the YouTube channel Honest Brothers built a system to automatically activate his filtration fan when airborne particulates are present.
The first half of this video provides detail on building the fan itself, including an explanation of filtration fundamentals and what particulates different standards can handle. If you don’t have an interest in building a fan from scratch and would prefer to buy something off the shelf, you can skip ahead. The important thing to take away before Brandon gets to the low-voltage section is that the fan receives AC mains voltage and you’ll switch it on via a relay.
Smelling is crucial to our everyday living. But how well do we really understand the role that smells play in our day-to-day? Ask someone who temporarily lost their sense of smell because of COVID-19. They’ll probably tell you about how incredibly boring eating became all of a sudden, and how their roomies saved them from eating a foul-smelling, spoiled block of cheese that had zero mold on it.
T-Watch-Keyboard-C3 is a device that looks like a miniature PC replica comprised of an ESP32-C3 powered keyboard, and the TTGO T-Watch ESP32 programmable device with a 1.54-inch touchscreen display.
Firmware debugging is uniquely challenging, because most conventional software debugging tools aren’t available. With coreboot’s specialized tooling, support from the amazing community, and a little bit of creativity, we fixed a regression in coreboot 4.17 that caused reboot loops on the Librem Mini.
I was on vacation for a while, then after my return I mainly focused on getting the new Audacity packages successfully built. In the meantime, Google was not idling and released version 105.0.5195.125 of the Chromium sourcecode. There’s 11 vulnerability fixes in this release, some of them rated high enough that it is again recommended to upgrade your browser as soon as possible.
I did not forget the un-googled variant of course for which the same recommendation is valid.
FontForge is the long standing libre font development tool: it can be used to design glyphs, import glyphs of many formats (svg, ps, pdf, …), write OpenType lookups or integrate Adobe feature files, and produce binary fonts (OTF, TTF, WOFF, …). It has excellent scripting abilities, especially Python library to manipulate fonts; which I extensively use in producing & testing fonts.
[...]
The merge request has landed in FontForge master branch this morning. There’s a follow up pull request to update the Python scripting documentation as well. I want to thank Fredrick Brennan and Jeremy Tan for the code reviews and suggestions, and KH Hussain and CVR for sharing the excitement.
This functionality added to FontForge helps immensely in reusing the definitive Malayalam OpenType shaping rules without any modification for all the fonts! 🎉
I’m a sloppy typist. When I write several words in a row, like for example when creating complete sentences for something like a blog post, one or two of the words end up slightly misspelled.
Sure, many editors and systems have runtime spellchecks these days and they make it easy to quickly fix typos, but not all systems are like that and there are also situations where there are many false positives due to formatting or just the range of “special” words. They also rarely yell at me when I overuse the word “very” or start sentences with “But”.
LibreOffice’s presentation tool, Impress, includes a bunch of features for home and office use. But one thing that’s missing is recording and playback for audio comments in presentations.
On the LibreOffice subreddit, we became aware of some useful tutorial videos created by Steven Davids. These cover various components of the suite, and show how to achieve common tasks.
 We are excited to put a spotlight on Moodle for this interview. Moodle Learning Management System (LMS) is a learning platform designed to provide educators, administrators, and learners with a single robust, secure, and integrated system to create personalized learning environments. Moodle LMS is written in the PHP programming language. Licensed under the GNU GPLv3, Moodle LMS is free software.
Moodle is being used as a platform to manage online learning by hundreds of thousands of organizations, in every education sector, across nearly every country globally, and in over 140 languages.
GNU Parallel 20220922 (‘Elizabeth’) has been released.
[...]
If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.
As I sit pondering my peas at the dinner table, my thoughts are unnaturally drawn to the similarity between these pulses and Perl. A famous poet once said that “For a hungry man, green peas are more shiny than gleaming pearls”. From these green orbs on my plate, the mind drifts to a recent virtual conversation regarding logos, branding, rebirth and innovation in Perl. One wonders whether such heated debates are important, relevant and what it might mean for Perl in the future. The Camel (from the O’Reilly Book on Perl) has long been the image associated with the language, along with the Onion (Origin perhaps from Larry Walls’ “state of the onion” presentation). Personally it is not something that I feel passionately about. “Perl, with any other logo would be just as quirky” as Will Shakespeare is reported to have said. But The Camel is the popular, recognisable standard “logo” with some, as yet to be tested, copyright and trademark “issues”
Any way I took it myself to analyse the situation and have finally come to the conclusion that we may be looking at the “problem” the wrong way. Perhaps we are looking at the bigger picture when we should seeing the picture bigger. Maybe, just maybe, that picture of a camel doesn’t symbolise Perl, but in fact IS Perl…Perl code, that is. I know it is possible to make pictures that aren’t valid perl code. But perhaps over the decades of use we have come to accept an illusion as a reality. When one gives such an illusion a “True” value, one also blurs the distinction between the Virtual Image and a Real Image.. You see a Virtual Image is an image that APPEARS to represent something, but only a Real Image can be projected.
At least 350,000 open source projects are believed to be potentially vulnerable to exploitation via a Python module flaw that has remained unfixed for 15 years.
On Tuesday, security firm Trellix said its threat researchers had encountered a vulnerability in Python’s tarfile module, which provides a way to read and write compressed bundles of files known as tar archives. Initially, the bug hunters thought they’d chanced upon a zero-day.
Oracle has announced the general availability of Java 19, an incremental release that will be supported for six months, reports Sean Michael Kerner.
The latest Java Development Kit (JDK) provides updates with seven JDK Enhancement Proposals (JEPs), Kerner explains, which mainly advance three projects…
While the Rust language has appeal for kernel development, many developers are concerned by the fact that there is only one compiler available; there are many reasons why a second implementation would be desirable. At the 2022 Kangrejos gathering, three developers described projects to build Rust programs with GCC in two different ways. A fully featured, GCC-based Rust implementation is still going to take some time, but rapid progress is being made.
The idea of being able to write kernel code in the Rust language has a certain appeal, but it is hard to judge how well that would actually work in the absence of examples to look at. Those examples, especially for modules beyond the “hello world” level of complexity, have been somewhat scarce, but that is beginning to change. At the 2022 Kangrejos gathering in Oviedo, Spain, two developers presented the modules they have developed and some lessons that have been learned from this exercise.
After my last post on dyn async traits, some folks pointed out that I was overlooking a seemingly obvious possibility. Why not have the choice of how to manage the future be made at the call site? It’s true, I had largely dismissed that alternative, but it’s worth consideration. This post is going to explore what it would take to get call-site-based dispatch working, and what the ergonomics might look like. I think it’s actually fairly appealing, though it has some limitations.
The Rust team is happy to announce a new version of Rust, 1.64.0. Rust is a programming language empowering everyone to build reliable and efficient software.
[...]
Rust 1.64 stabilizes the IntoFuture trait. IntoFuture is a trait similar to IntoIterator, but rather than supporting for … in … loops, IntoFuture changes how .await works. With IntoFuture, the .await keyword can await more than just futures; it can await anything which can be converted into a Future via IntoFuture – which can help make your APIs more user-friendly!
Version 1.64.0 of the Rust language has been released. Changes include the stabilization of the IntoFuture trait, easier access to C-compatible types, the availability of rust-analyzer via rustup, and more.
↺ OpenCL 3.0.12 Released With Command Buffers Mutable Dispatch Extension and Enhanced Layers Support
The OpenCL 3.0 specification and SDK for heterogeneous parallel computation are regularly updated with bug fixes, improved documentation, and functional enhancements. The OpenCL 3.0.12 maintenance release on 15 September 2022, included significant new functionality.
“Rapidly transforming, but not fully transformed – this is our overarching conclusion on the market, based on the fourth edition of our State of AI in the Enterprise global survey,” said Becoming an AI-fueled organization, the fourth survey conducted by Deloitte since 2017 to assess the adoption of AI across enterprises. “Very few organizations can claim to be completely AI-fueled, but a significant and growing percentage are starting to display the behaviors that can get them there.”
AI is increasingly viewed by workers as a trusted assistant. “Within just the last 18 months, AI capabilities have advanced considerably, maturing from what was often experienced as a bothersome critic – telling workers what to do or pointing out their mistakes – to more frequently serving as a copilot, independently executing on insights and trends surfaced through the power and speed of cloud- based data hosting and computation.”
These conclusions are similar to those of Stanford’s 2022 AI Index report, which found that AI was becoming more affordable and higher performing, with lower training costs and faster training times across a number of AI tasks including recommendation engines, image classification, object detection, and language processing. This has led to the widespread commercial adoption and increased real-world impact of AI systems.
Sharkisha Cummins found herself struggling simultaneously with depression and the difficulty of communicating with her white therapist.
“There were just too many ways that I just wasn’t (being) heard or seen or validated,” says Cummins, the married Black mother of two small children. “She was a nice lady, (but) she just didn’t understand.”
Security updates have been issued by Debian (e17, fish, mako, and tinygltf), Fedora (mingw-poppler), Mageia (firefox, google-gson, libxslt, open-vm-tools, redis, and sofia-sip), Oracle (dbus-broker, kernel, kernel-container, mysql, and nodejs and nodejs-nodemon), Slackware (bind), SUSE (cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer, go1.18, go1.19, kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, libconfuse0, and oniguruma), and Ubuntu (bind9 and pcre2).
The desire for software supply chain integrity and transparency has left many organizations struggling to build in software security measures like signatures, provenance, and SBOMs to legacy systems and existing Linux distributions.
This has prompted Chainguard to produce Wolfi, a new Linux ‘(un)distribution’ and build toolchain, that’s been designed from the ground up to produce container images that meet the requirements of a secure software supply chain.
It’s called an (un)distribution because it isn’t a full Linux distro designed to run on bare-metal, but a stripped-down one designed for the cloud-native era.
Software supply chain security is unique – you’ve got a whole lot of different types of attacks that can target a lot of different points in the software lifecycle. You can’t just take one piece of security software, turn it on, and get protected from everything.
The ecosystem’s push for software supply chain integrity and transparency has left organizations struggling to build software security measures like signatures, provenance, and SBOMs into legacy systems and existing Linux distributions.
Recently, the U.S.’s most prestigious security agencies (NSA, CISA, and ODNI) tried to add to the conversation and released a 60+ page recommended practice guide, Securing the Software Supply Chain for Developers.
There are many Linux distributions designed expressly for containers. Even Microsoft has one, Common Base Linux (CBL)-Mariner. Others include Alpine Linux, Flatcar Container Linux, Red Hat Enterprise Linux CoreOS (RHCOS), and RancherOS. Now Chainguard, a cloud-native software security company, has a new take on this popular cloud-friendly kind of Linux: Wolfi, an “undistribution.”
I asked Chainguard CEO and founder Dan Lorenc at Open Source Summit Europe in Dublin what he meant by an “undistrbution.” He explained, “We call it an undistribution because that’s technically correct. Inside of a container, you have everything but Linux, right? So, even though it’s based on Linux, it’s not really correct to call it a Linux distribution.”
IN THE WAKE of alarming incidents like Russia’s massive 2017 NotPetya malware attack and the Kremlin’s 2020 SolarWinds cyberespionage campaign—both pulled off by poisoning wells for software distribution—organizations around the world have been scrambling to get a handle on software supply chain security. In general, and for open source software in particular, stronger defense rests in knowing what software you’re actually running, with a crucial focus on enumerating all the little pieces that make up the whole and validating that they are what they should be. That way, when you pack a box of software heirlooms and store it on a shelf, you know there isn’t a live microphone or a Tupperware full of deviled eggs sitting in the box for years.
Creating a system to generate a manifest of what’s inside every box in every basement and garage is a massive effort, but a new tool from security firm Chainguard aims to do just that for the software “containers” that underly almost all digital services today.
On Thursday, Chainguard launched a Linux distribution called Wolfi that is designed specifically for how digital systems are actually built today in the cloud. Most consumers don’t use Linux, the famed open source operating system, on their personal computers. (If they do, they don’t necessarily know it, as is the case with Android, which is built on a modified version of Linux.) But the open source operating system is widely used in servers and cloud infrastructure around the world, partly because it can be deployed in such flexible ways. Unlike operating systems from Microsoft and Apple, where your only choice is whatever ice cream flavor they release, the open nature of Linux allows developers to create all sorts of flavors—known as “distributions”—to suit specific cravings and needs. But the developers at Chainguard, who have all been working in open source software for years, including on other Linux distributions, felt that a key flavor was missing.
From software signing, to container images, to a new Linux distro, an emerging OSS stack is giving developers guardrails for managing the integrity of build systems and software artifacts.
Docker, Inc. plans to embed the ability to dynamically generate a software bill of materials (SBOM) using the Docker Build command that developers use to build Docker images from a Dockerfile.
Company CEO Scott Johnston says when it comes to building cloud-native applications, existing SBOM tools can’t keep pace with the rate at which developers are ripping and replacing containers. Docker, Inc. will address the need to provide more visibility into what components are being used to construct an application for no additional cost, he adds.
Typically, an urgent security release of a project is not for a two-year-old CVE, but such is the case for a recent Python release of four versions of the language. The bug is a denial of service (DoS) that can be caused by converting enormous numbers to strings—or vice versa—but it was not deemed serious enough to fix when it was first reported. Evidently more recent reports, including a remote exploit of the bug, have raised its importance—causing a rushed-out fix. But the fix breaks some existing Python code, and the process of handling the incident has left something to be desired, leading the project to look at ways to improve its processes.
Python integers can have an arbitrary size; once they are larger than can be stored in a native integer, they are stored as arbitrary-length “bignum” values. So Python can generally handle much larger integer values than some other languages. Up until recently, Python would happily output a one followed by 10,000 zeroes for print(10**10000). But as a GitHub issue describes, that behavior has been changed to address CVE-2020-10735, which can be triggered by converting large values to and from strings in bases other than those that are a power of two—the default is base 10, of course.
The fix is to restrict the number of digits in strings that are being converted to integers (or that can result from the conversion of integers) to 4300 digits for those bases. If the limit is exceeded, a ValueError is raised. There are mechanisms that can be used to change the limit, as described in the documentation for the Python standard types. The value for the maximum allowable digits can be set with an environment variable (PYTHONINTMAXSTRDIGITS), a command-line argument (-X int_max_str_digits), or from within code using sys.set_int_max_str_digits(). It can be set to zero, meaning there is no limit, or any number greater than or equal to a lower-limit threshold value, which is set to 640.
CISA has added one new vulnerability to it’s Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational technology (OT) and industrial control systems (ICSs). Control System Defense: Know the Opponent is intended to provide critical infrastructure owners and operators with an understanding of the tactics, techniques, and procedures (TTPs) used by malicious cyber actors. This advisory builds on NSA and CISA 2021 guidance provided to stop malicious ICS activity against connect OT, and 2020 guidance to reduce OT exposure.
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. For advisories addressing lower severity vulnerabilities, see the BIND 9 Security Vulnerability Matrix.
CISA has released three Industrial Control Systems (ICS) advisories on September 22, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
In this Help Net Security video, Igal Lytzki, Incident Response Analyst at Perception Point, discusses a recent Remcos RAT malware campaign and more broadly, the threat that email-based threats and phishing pose to organizations.
India’s Department of Telecommunications (DoT) is jeopardising two crucial aspects of a safe and open internet — encrypted communications, and unhampered access — as outlined in the Draft Telecommunication Bill published yesterday, September 21, 2022. The DoT must immediately review and amend all provisions that risk the rights of people in India.
Through the Bill, the government seeks to consolidate and replace the existing framework governing the telecommunications sector in India, including the Indian Telegraph Act, 1885. In addition to conventional phone calls and SMS services, the Bill also seeks to regulate over-the-top (OTT) applications, including WhatsApp, Signal, and Facetime. These OTT platforms offer end-to-end encryption (E2EE) for calls and messages, and enable privacy and security.
“India’s Draft Telecommunication Bill is yet another attack on end-to-end encryption, and people’s fundamental rights and freedoms, following the invasive IT Rules, 2021,” said Namrata Maheshwari, Asia Pacific Policy Counsel at Access Now. “E2EE is crucial not only for people’s privacy, free expression, and safety, but also to protect democratic principles. The Bill, and any framework impacting encrypted communications services, must categorically prevent measures to break, weaken, or circumvent encryption.”
The Department of Telecommunications (DoT) under the Ministry of Communications (MoC) has released for public consultation the draft of the Indian Telecommunication Bill, 2022. According to the accompanying explanatory note, the Bill aims to create a comprehensive framework for the regulation of telecommunications in India. In doing so, it repeals the Indian Telegraph Act, 1885, Indian Wireless Telegraphy Act, 1933, and The Telegraph Wire (Unlawful Protection) Act,1950. Comments on the draft from relevant stakeholders have been invited till October 20, 2022. The comments can be sent to naveen.kumar71@gov.in.
Access Now is outraged by the brutal death in police custody of 22 year-old Mahsa Amini, and subsequent violent — and lethal — crackdown on protests and protesters including escalating internet shutdowns across the country. Read the #KeepItOn coalition’s joint statement.
Citing arbitrary “national security” reasons, and following the uproar around the death of Mahsa Amini who was detained by the so-called “morality police” for allegedly breaking hijab rules, authorities have systematically disconnected people from social media platforms, and now from internet access entirely.
“Iran’s go-to move is to block internet access,” said Felicia Anthonio, #KeepItOn Campaign Manager at Access Now. “But history has shown us over and over that cutting people off when they need a platform for expression most only causes more harm. Authorities in Iran must reinstate full internet access across the country.”
Today, the Senate Judiciary Committee marked up the “Journalism Competition and Preservation Act.” The bill proposes creating a “safe harbor” from antitrust law, allowing news companies to band together to negotiate compensation terms for their content with the largest digital platforms. The bill also allows publishers to restrict Google and Facebook from linking to their news stories, ultimately limiting the public’s access to credible information online.
Public Knowledge, along with dozens of other organizations, warns that the JCPA will do nothing to help preserve local journalism and, in fact, will likely compound some of the biggest problems in our information landscape today: consolidation and declining quality of information. The markup follows a letter sent by 21 organizations warning Senate lawmakers against adopting the bill.
Walking along the Devon coast at low tide in the autumn of 1895, geographer Vaughan Cornish (1862–1948) watched two sets of waves interact on the shore. As one set rippled across the flat strand, the other rounded a shoal and broke onto the beach. After colliding, each set then continued on its separate path, which brought to his mind how waves of light can pass through each other unaffected. Cornish’s casual association, between the behavior of light and water, speaks to how immersed he and his contemporaries were in a world of invisible waves. British and continental science in the 1890s was wrangling with gravitational waves, magnetic waves, sound waves, and mysterious new emanations — cathode rays, x-rays, and uranium radiation. And yet, the common ocean wave possessed its own secrets, having undergone only the barest scientific scrutiny in the two centuries since Newton’s Opticks.
The right is engaging with a straw doll of what the left is.
This is how right-wingers genuinely see the world:
Climate change is a hoax, representation is pandering, the owner class are role models.
I couldn’t fault anyone who bought into that worldview for going right wing. It doesn’t surprise me. It just breaks my heart.
It feels like this is inevitable on any open platform. Reactionaries love to be heard.
This has inspired me to set up my own feed aggregator, and abandon non-curated content sources. Such open platforms (like Antenna) inevitably attract reactionaries and grifters. I give it a year before Antenna begins to develop its very own Nazi problem like the rest of the “Free Marketplaces of Ideas”.
This is a book I’ve been wanting to read for a while. It’s one that if briefly described to someone who has never heard of it, they might raise a confused eyebrow. This is a story written by a German missionary that takes place in India during the time of the Buddha with a main character named Siddhartha but he isn’t the Buddha (his name was also Siddhartha before ascending to Buddha-dom). At it’s heart, though, this is the story of a man and his search for wisdom.
I think ew0k killed his own idea by releasing Antenna. Antenna is great, especially since you can filter out specific feeds fairly easily, but if someday the community is willing to put collective effort into something less centralized, we could start with the above.
On one level, this doesn’t bother me. I’m using the web version of Lookout (I assume that’s the Lookout 365 for The Enterprise tenant they mention, at least, I hope so). I also don’t check work email on my phone—never have, and I don’t have plans on starting that any time soon either.
But on another level, this is concerning. Even though Microsoft announced this three years ago, it comes across as locking email down into a more centalized, proprietary system. I do have to wonder how long until Google decides that only certain clients can connect with Gmail? You know, for “enhanced security” or a “better experience.” I don’t use Gmail, but I do have concerns about my ability to run my own email server and general interoperability with the large email providers like Google and Microsoft.
I recently had to replace a 32″ Vizio SmartTV, and the only 32″ TV I found at Cosco was another Vizio. I didn’t have any expectations against these Vizio TVs, as a matter of fact I have been using other Vizio TVs so far simply because the price and the sizes we needed at the given moments.
However something different there was and not only for the Vizio brand but, apparently, the newest Smart TVs are becoming smarter with more sophisticated, android like, interfaces; just to make your life worsen — assuming that any fellow Geminaut thinks those web-spy-interfaces atrocious nevertheless.
Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter. Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages. Permalink Send this to a friend
----------
➮ Sharing is caring. Content is available under CC-BY-SA.
-- Response ended
-- Page fetched on Thu Jun 13 14:32:22 2024