Language Selection

English French German Italian Portuguese Spanish

June 2022

Videos: Doom Emacs, Wayland, and FSF

Filed under
GNU
Linux
  • Why Do I Choose Emacs Over Vim? It Looks Better! - Invidious

    I spent a couple of hours today playing with my Doom Emacs config. In particular, I focused on some font settings which I think help with aesthetics and with readability. In fact, I think one of the biggest reasons that I use Emacs over Vim is how Emacs renders fonts.

  • Biggest Problem With Wayland Desktop Capture - Invidious

    Wayland is continually imporving and one aspect of that is with desktop capture but right now there's a pretty annoying design flaw with the way this system functions but it can certainly be fixed

  • Fresh in the LibrePlanet archives: LibrePlanet 2022 workshop videos

    In the lead-up to LibrePlanet 2022, the Free Software Foundation (FSF) received more workshop submissions than ever before. And because our LibrePlanet schedule is often chock full of splendid talks already, we thought it best to present the workshops in our very first LibrePlanet workshop series, which ran after LibrePlanet so that they would not conflict with any talks.

  • Translators and free software, a practical introduction to OmegaT

    Professional translators are more than often taught to use proprietary tools in universities and professional groups. OmegaT has existed for 20 years as a professional Computer Aided Translation tool (CAT) and is used all around the world. This workshop will introduce participants to the concepts behind CATs and especially how they are practically put into use in OmegaT: translation memories, segmentation, exchange formats, collaborative work, etc.

  • Software localization (translation) of Web-based projects

    Software localization (translation) of Web-based projects could be a nightmare for many developers. However, this time-consuming process can be solved easily thanks to the free software tool Tolgee. Jan Cizmar will guide you through with his workshop named Web Application Localization Without Tears. He will show you how to manage localization texts in simple UI or how to take the advantage of the in-context localization feature, so you can just click & translate the text easily.

    “The more languages your software knows, the more of a satisfied users you have". However, current software localization in modern JS frameworks and other software is complicated and fairly time-consuming for all involved participants. Thanks to the in-context localization feature of free software project Tolgee, this tool offers easier localization process, more relevant translations delivery and finally less work for developers.

  • Installing Ourselves into LibrePlanet

    Hosted by Cristina Cochior, Karl Moubarak, and Jara Rocha of The Cell for Digital Discomfort

    A workshop session to map out each of our current conditions of connecting and being together, the physical-political, and technological conditions using a diagrammatic methodology.

    The workshop is geared towards installing ourselves into the conference's infrastructural spectralities by sharing, learning from and attuning to each others' conditions for connectivity, online participation and basic computer-mediated mundane day-to-day life. We want to pose this affirmation as an initial trigger: installing is about situating — attuning to our network of (inter-)dependencies and attuning to the dependencies with our local and vernacular but also standardized and planetary networks.

Microsoft Continues to Lose Share in Web Servers

Filed under
Server
  • June 2022 Web Server Survey [Ed: Microsoft is down even further, as usual]

    In the June 2022 survey we received responses from 1,146,976,964 sites across 273,010,403 unique domains and 12,224,786 web-facing computers. This reflects a loss of 8.75 million sites and 583,000 domains, but a gain of 155,000 computers.

    Cloudflare experienced strong growth this month, gaining 2.99 million sites and 85,000 domains, representing a 4.64% growth in its number of sites. Cloudflare experienced a significant outage on 21 June, impacting around half of the total requests made to its network. The outage lasted around an hour and a half and affected a significant number of popular sites. 20.2% of the million most visited sites rely on Cloudflare (up 1,400 sites since last month).

    The three largest vendors by the million most visited sites metric—Apache, nginx, and Cloudflare—all have similar market share, though only Cloudflare gained market share this month. Apache saw the largest loss, dropping 2,190 sites (-0.96%), while nginx lost 280 sites (-0.13%).

    LiteSpeed gained a significant number of sites with an addition of 2.96 million (+5.89%), and gained 171,000 (+2.21%) domains - the second largest increase this month. The number of web-facing computers using LiteSpeed also showed strong growth, increasing by 4,460 (+3.44%) to a total of 134,000.

    nginx and Apache remain the two largest server vendors, though both saw similar losses of 6.52 million (-1.84%) and 6.18 million (-2.33%) sites this month. Despite this, nginx gained 795,000 (+1.06%) domains and saw continued growth in the number of web-facing computers with 158,000 (+3.44%) computers. Conversely, Apache lost 1.07 million domains (-1.71%) and 25,700 (-0.74%) web-facing computers.

  • So, You Think You Can Design A 20 Exaflops Supercomputer?

    The US Department of Energy has a single 2 exaflops system up and running – well, most of it anyway – and that of course is the “Frontier” system at Oak Ridge National Laboratory and two more slated for delivery, and that is the “Aurora” system at Argonne National Laboratory supposedly coming sometime this year and the “El Capitan” system at Lawrence Livermore National Laboratory, which is due next year. It took a lot of money and sweat to get these machines into the field – in Intel’s case, the sweat to money ratio has been pretty high given the four-year delay and massive architectural changes involved the latest and final incarnation of Aurora.

Gradual Explorations of Filesystems, Paging and L4Re

Filed under
Development
GNU
Linux

A surprising three years have passed since my last article about my efforts to make a general-purpose filesystem accessible to programs running in the L4 (or L4Re) Runtime Environment. Some of that delay was due to a lack of enthusiasm about blogging for various reasons, much more was due to having much of my time occupied by full-time employment involving other technologies (Python and Django mostly, since you ask) that limited the amount of time and energy that could be spent focusing on finding my way around the intricacies of L4Re.
In fact, various other things I looked into in 2019 (or maybe 2018) also went somewhat unreported. I looked into trying to port the “user mode” (UX) variant of the Fiasco.OC microkernel to the MIPS architecture used by the MIPS Creator CI20. This would have allowed me to conveniently develop and test L4Re programs in the GNU/Linux environment on that hardware. I did gain some familiarity with the internals of that software, together with the Linux ptrace mechanism, making some progress but not actually getting to a usable conclusion. Recommendations to use QEMU instead led me to investigate the situation with KVM on MIPS, simply to try and get half-way reasonable performance: emulation is otherwise rather slow.
You wouldn’t think that running KVM on anything other than Intel/AMD or ARM architectures were possible if you only read the summary on the KVM project page or the Debian Wiki’s KVM page. In fact, KVM is supported on multiple architectures including MIPS, but the latest (and by now very old 3.18) “official” kernel for the CI20 turned out to be too old to support what I needed. Or at least, I tried to get it to work but even with all the necessary configuration to support “trap and emulate” on a CPU without virtualisation support, it seemed to encounter instructions it did not emulate. As the hot summer of 2019 (just like 2018) wound down, I switched back to using my main machine at the time: an ancient Pentium 4 system that I didn’t want heating the apartment; one that could run QEMU rather slowly, albeit faster than the CI20, but which gave me access to Fiasco.OC-UX once again.

Read more

New Effect Added to ’Burn My Windows’ GNOME Extension

Filed under
GNOME

Why settle for merely burning application windows on close when you could totally incinerate them instead?

Yes, everyone’s1 favourite over-the-top desktop effect extension is back with an update, and it adds yet another epically excessive window closing animation to its pool: Incinerate.

As you can probably imagine the new Incinerate effect takes your app windows and…

Read more

Mozilla and Firefox: SpiderMonkey, Pocket, and Rust

Filed under
Software
Moz/FF
  • Firefox Nightly: These Weeks In Firefox: Issue 119

    The Firefox Profiler can now sort roots in alphabetical order with a flamgraph. This is especially useful when comparing profiles with the JavaScript filter, as this ensures that the order is consistent.

  • SpiderMonkey Newsletter (Firefox 102-103) | SpiderMonkey JavaScript/WebAssembly Engine

    SpiderMonkey is the JavaScript engine used in Mozilla Firefox. This newsletter gives an overview of the JavaScript and WebAssembly work we’ve done as part of the Firefox 102 and 103 Nightly release cycles.

  • A Pocket collection for your wellness journey, as curated by the team behind ‘The Science of Happiness’ podcast

    Want to live a more fulfilling life? The internet gives plenty of advice. But finding guidance backed by research can get tricky.

    That’s where The Science of Happiness podcast comes in. Co-produced by PRX and UC Berkeley’s Greater Good Science Center, the popular podcast explores science-backed strategies to cultivate a happier life. Its new series, Happiness Break, guides listeners through a practice they can follow for a few minutes during their day.

    Podcast host and psychologist Dacher Keltner is curating Pocket reading lists in hopes of encouraging listeners to go deeper on subjects like fear of failure, gratitude and optimism. We chatted with him about what motivated the Happiness Break, why he thinks wellness audio content have become so popular and how he makes time for his own reading list.

  • Announcing Rust 1.62.0 | Rust Blog

    The Rust team is happy to announce a new version of Rust, 1.62.0. Rust is a programming language empowering everyone to build reliable and efficient software.

  • Rust 1.62.0 released

    Version 1.62.0 of the Rust language has been released. Changes include a new cargo add command, default enum variants, an improved Linux mutex implementation, a number of stabilized APIs, and more.

today's howtos

Filed under
HowTos
  • How to Enable Nautilus Typeahead Search in Ubuntu - OMG! Ubuntu!

    In this post I show you how to get the Nautilus typeahead feature back on all supported versions of Ubuntu.

    GNOME developers retired Nautilus’ type ahead functionality back in 2013. Ubuntu devs continued to patch the feature back in until 2017 when they decided to switch to a more ‘vanilla’ GNOME desktop experience.

    Chances are you’ve long-since adapted to life without it.

    However, in the world of open source anything is possible; if you have an itch, you can scratch it yourself — and one fervent fan of Nautilus typeahead search has done just that.

  • How To Install Terraform on Ubuntu 22.04 LTS - idroot

    In this tutorial, we will show you how to install Terraform on Ubuntu 22.04 LTS. For those of you who didn’t know, Terraform is an open-source infrastructure as a code software tool that enables you to safely and predictably create, change, and improve infrastructure. With Terraform you can manage Cloud Compute, Networking, Load Balancers, DNS, and so on using simple Declarative Programming Language.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Terraform on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

  • How to install Toontown Rewritten on Pop!_OS 22.04 - Invidious

    In this video, we are looking at how to install Toontown Rewritten on Pop!_OS 22.04.

  • How to install WPS Office 2019 on a Chromebook - June Update

    Today we are looking at how to install WPS Office 2019 on a Chromebook and some core fonts like Arial and New Times Roman. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to create a Kubernetes TLS/SSL Secret

    A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in a container image. Using a Secret means that you don’t need to include confidential data in your application code.

    Because Secrets can be created independently of the Pods that use them, there is less risk of the Secret (and its data) being exposed during the workflow of creating, viewing, and editing Pods. Kubernetes, and applications that run in your cluster, can also take additional precautions with Secrets, such as avoiding writing secret data to nonvolatile storage.

    Secrets are similar to ConfigMaps but are specifically intended to hold confidential data.

  • lftp. How to “rsync” with ftp

    I’ve always been in complete control of my own servers¹, this mean they have all the tools I need. Recently they got me in charge of regularly backup a large site. This usually mean that I’m taking filesystem ‘snapshots’. But I’ve only have access to this large site via ftp, and my script needs rsync (and/or ssh). I need a way to do (almost) the same, after a research I’ve found lftp; this article will show you how to “rsync” with ftp.

Vim 9.0 Drops Linux Editing Bombshell With New Scripting Language

Filed under
Software

The popular Linux text editor Vim has a new version available, version 9.0. The new version debuts a revamped scripting language, dubbed Vim9 Script.

Vim 9.0 "Takes a Big Step"

Vim creator Bram Moolenaar announced the new version in a post on Vim's official website. "After many years of gradual improvement Vim now takes a big step with a major release," Moolenaar wrote.

While Vim already had a scripting language, Vim9 Script makes some changes to how comments, functions, and variable assignments work. While most users will want to wait until their distribution's package manager updates Vim, Unix/Linux users eager to try the new version can download the source code from the download pageand compile it.

Read more

Security Leftovers

Filed under
Security
  • #StopRansomware: MedusaLocker [Ed: Should stop Windows then, as that's by far the biggest ransomware magnet]

    CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks. Note: this joint #StopRansomware CSA is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

  • Nearly a Million Kubernetes Instances Exposed on Internet

    Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet.

    [...]

    Kubernetes is a very popular container orchestration system. The name comes from the Greek word for “helmsman.” The term “K8s” or “K-eights” is also used to refer to this technology.

    Many organizations manage their applications with Kubernetes using self-contained units called “pods,” which share common resources with other units without being aware of each other. For example, “npm start” or “go run” processes can be managed in pods and share some CPU and RAM.

    K8s is helpful to deploy, manage, and scale containers, which often consist of micro-services and their configuration files. When the workload increases or decreases, Kubernetes can handle the situation automatically.

    As a result, an important security aspect of Kubernetes is access control. Any misconfiguration can lead to unwanted disclosures and attackers could even use them to escape containers and escalate privileges. Besides, Kubernetes provides APIs, CLI commands, and user interfaces that could be attractive for hackers.

    Cyble explained its scan “does not necessarily imply that all exposed instances are vulnerable to attacks or will lead to the loss of sensitive data,” but “emphasizes the existence of seemingly simple misconfiguration practices that might make companies lucrative targets for TAs in the future.”

  • Hacking Linux is Easy with PwnKit [Ed: This is patched, unlike the dozens of Microsoft actively-exploited vulnerabilities that are not even patched; selective media slant]

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added PwnKit as a high-severity Linux vulnerability to its list of actively exploited bugs.

    Recorded as CVE-2021-4034, with a CVSS score of 7.8/10, PwnKit was discovered by Qualys in November 2021 and can be used by hackers to gain full root control over major Linux distributions.

  • A New, Remarkably Sophisticated Malware Is Attacking Routers | WIRED

    AN UNUSUALLY ADVANCED hacking group has spent almost two years infecting a wide range of routers in North America and Europe with malware that takes full control of connected devices running Windows, macOS, and Linux, researchers reported on June 28.

  • ZuoRAT Malware Is Targeting Routers

Second Point Release: Univention Corporate Server 5.0-2

Filed under
GNU
Linux
Debian

With the Point Release UCS 5.0-2, another important step has been taken for further developing Univention Corporate Server towards more accessibility, better usability, as well as the integration of services and their central management. In this blog article, I would like to give you an overview of the most important new features and improvements, such as the integration of Self Services into the UCS Portal, the introduction of service-specific passwords or various performance improvements in the use of DNS and LDAP, as well as an overview of the apps made available for UCS 5.

Read more

Condres OS Plasma 1.0

Filed under
GNU
Linux
Debian

With great pleasure we announce the release of Condres Plasma 1.0 based on Debian 11.

This first release will be followed by a full online calamares based installer, we will integrate the Control Center that was previously available in the old releases on the new Debian based version.

The new implementations will be available (some) in September / October 2022.

Read more

More in Tux Machines

Today in Techrights

Security Leftovers

  • Chinese hackers backdoor chat app with new Linux, macOS malware [Ed: Nowadays the Microsofters in the media are calling "backdoors" things that are simply malware and one has to actually install; of course they like to blame "Linux" (because the user can add malware on top of it). Saying Linux isn't secure because it doesn't prevent you installing malware is like saying bridges are dangerous because you may commit suicide by jumping off them.]

    Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems.

  • Linux Threats: A Black Hat 2022 Hot Topic? (Video) [Ed: Aside from patent trolling, Blackberry reinvented itself as anti-Linux FUD source in recent years. They intentionally overlook back doors (e.g. Windows) and blame everything on "Linux".]

    There are usually a few cyberthreat trends that seem to emerge as important themes at each year’s Black Hat conference. And this year, the increase in Linux threats may be one of them.

  • #StopRansomware: Zeppelin Ransomware [Ed: Ransomware is predominantly a Microsoft Windows problem]

    CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service (RaaS), against a wide range of businesses and critical infrastructure organizations to encrypt victims’ files for financial gain.

  • CISA Adds Two Known Exploited Vulnerabilities to Catalog

    CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. 

  • Cisco Releases Security Update for Multiple Products

    This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

today's leftovers

  • Portable Computer Pre-History: Portable Before Laptops

    Portability is relative. When former Texas Instruments employees Rod Canion, Jim Harris and Bill Murto created a portable version of the IBM PC in 1982, it was a hulking device that weight 28 pounds and was roughly the size of a sewing machine. If you sold a desktop computer that weighed 28 pounds in 2018, you’d be laughed off the block. But the device, called the Compaq Portable, was revolutionary for its time and thrust the company that made it into the mainstream. It wasn’t too long before then that a portable computer was so embarrassingly large that you would probably break your legs if you used it as a laptop. Tonight’s Tedium ponders a time when portable computing meant something just a little bit bigger.

  • Fedora Sway OSTree Spin name

    The Fedora Sway SIG is working to create an immutable version of the Sway Spin (also work in progress) using OSTree. Those immutable spins of Fedora are becoming more common following Silverblue and Kinoite’s success. As it often happens, one of the most challenging things to do in creating something is to come up with clever names. This task is made even more complex by the relatively small amount of people active in this conversation. For this reason, during the last SIG meeting, it was decided to socialize this decision so that more people could suggest their ideas.

  • Output requirements.txt packages pinned to latest version
  • How to install OpenSCAD on a Chromebook

    Today we are looking at how to install OpenSCAD on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • Stupid SMP Tricks: A Review of Locking Engineering Principles and Hierarchy: paulmck — LiveJournal

    Daniel Vetter put together a pair of intriguing blog posts entitled Locking Engineering Principles and Locking Engineering Hierarchy. These appear to be an attempt to establish a set of GPU-wide or perhaps even driver-tree-wide concurrency coding conventions. Which would normally be none of my business. After all, to establish such conventions, Daniel needs to negotiate with the driver subsystem's developers and maintainers, and I am neither. Except that he did call me out on Twitter on this topic. So here I am, as promised, offering color commentary and the occasional suggestion for improvement, both of Daniel's proposal and of the kernel itself. The following sections review his two posts, and then summarize and amplify suggestions for improvement.

  • Ubuntu Unity 22.04 Quick overview #linux #UbuntuUnity - Invidious
  • FOSS Force Open Source News Quiz (8/12/22) - FOSS Force

    How closely did you follow the news about Linux and free and open source software this week? You can get an idea about how well informed you are (and have some fun in the process) by taking our Open Source News Quiz. Once you’re done, scroll down to the comments section and let us know how you did!

elementary Blog: Updates for July, 2022

Firstly, thank you so much for your patience this month! I’ve been out sick with COVID for about 3 weeks, so I haven’t been able to contribute much or organize releases this month. I want to give a special thanks to our volunteer community who has continued to make improvements and move forward on projects in my absence. I’m excited to catch up and get back to work to make the most of the rest of this month. Having said that, this is going to be a very brief updates post. [...] A ton of energy in the community has gone into Gtk 4 porting for OS 7 and beyond. The team is making steady progress on porting System Settings and we landed the Gtk 4 port for Sideload. We’ve also uncovered some style issues and gaps in style constants, so if you’re working on porting your app to our Flatpak Platform 7, know that we’ll be releasing some fixes soon. I want to give some special acknowledgment to Owen Malicsi who has taken a lot of ownership over Gtk4 porting. Owen started contributing to elementary to improve his development skillset in preparation for college, and he’s done an amazing job both in successfully porting components to Gtk 4 as well as identifying blockers and creating discussions around refactoring for Gtk 4 paradigms. I’m super proud of his growth and contribution and we wish him well in his studies! Thanks Owen! Read on