today's leftovers

Installing normal (non-ESR) Firefox on Debian 10 Buster (works on other distributions too) If you enjoyed this video, please click the like button, and share it on your favorite social networking platform (Facebook, Twitter, etc)

Add-Ons Outage Post-Mortem Result The first question that everyone asks is “how did you let this happen?” At a high level, the story seems simple: we let the certificate expire. This seems like a simple failure of planning, but upon further investigation it turns out to be more complicated: the team responsible for the system which generated the signatures knew that the certificate was expiring but thought (incorrectly) that Firefox ignored the expiration dates. Part of the reason for this misunderstanding was that in a previous incident we had disabled end-entity certificate checking, and this led to confusion about the status of intermediate certificate checking. Moreover, the Firefox QA plan didn’t incorporate testing for certificate expiration (or generalized testing of how the browser will behave at future dates) and therefore the problem wasn’t detected. This seems to have been a fundamental oversight in our test plan.

SUSECON 2020 is coming to the Emerald Isle! Get ready! SUSECON 2020 is coming to Dublin, Ireland, March 23-27, 2020 at the Convention Centre Dublin!

We can make it better than it was. Better...stronger...faster. It is not a novel observation that computers have become so powerful that a reasonably recent system has a relatively long life before obsolescence. This is in stark contrast to the period between the nineties and the teens where it was not uncommon for users with even moderate needs from their computers to upgrade every few years. This upgrade cycle was mainly driven by huge advances in processing power, memory capacity and ballooning data storage capability. Of course the software engineers used up more and more of the available resources and with each new release ensured users needed to update to have a reasonable experience. And then sometime in the early teens this cycle slowed almost as quickly as it had begun as systems had become "good enough". I experienced this at a time I was relocating for a new job and had moved most of my computer use to my laptop which was just as powerful as my desktop but was far more flexible. As a software engineer I used to have a pretty good computer for myself but I was never prepared to spend the money on "top of the range" equipment because it would always be obsolete and generally I had access to much more powerful servers if I needed more resources for a specific task.

Security updates for Friday Security updates have been issued by CentOS (dbus), Debian (firefox-esr, python3.4, and redis), Mageia (ffmpeg), Oracle (firefox, libvirt, and qemu), Red Hat (firefox and virt:8.0.0), Scientific Linux (firefox), and SUSE (kernel).

Canonical's GitHub account hacked

Paragon Software Group Releases Free Paragon APFS SDK

Upcoming FSF Talks and Alex Oliva (Linux-libre/GNU) Leaves Red Hat

John Sullivan - "The Free Software Foundation and Debian" (Curitiba, Brazil)

John Sullivan - " 'Just don't buy it': Consumer choices in free software activism" (Curitiba, Brazil)

A giant leap for a man This week, I resigned from the GNU Tools Engineer position I've held at Red Hat since February, 2000. lieN gnortsmrA might boldly put it as "A giant leap for a man, but an insignificant step for humankind." If only I'd quit over an imposition of non-Free Software on me, over the increasingly clouded business, over some great new opportunity to make a difference, it might have ended up being more than a negligible blip within the Free Software community, nevermind the grand scheme of things. Alas, it was just rotten office politics on a global scale, after a misunderstanding blown way out of proportion, that resulted in an unbearable situation for me.

Find lost files with Scalpel

As a system administrator, part of your responsibility is to help users manage their data. One of the vital aspects of doing that is to ensure your organization has a good backup plan, and that your users either make their backups regularly, or else don’t have to because you’ve automated the process. However, sometimes the worst happens. A file gets deleted by mistake, a filesystem becomes corrupt, or a partition gets lost, and for whatever reason, the backups don’t contain what you need. As we discussed in How to prevent and recover from accidental file deletion in Linux, before trying to recover lost data, you must find out why the data is missing in the first place. It’s possible that a user has simply misplaced the file, or that there is a backup that the user isn’t aware of. But if a user has indeed removed a file with no backups, then you know you need to recover a deleted file. If a partition table has become scrambled, though, then the files aren’t really lost at all, and you might want to consider using TestDisk to recover the partition table, or the partition itself. What happens if your file or partition recovery isn’t successful, or is only in part? Then it’s time for Scalpel. Scalpel performs file carving operations based on patterns describing unique file types. It looks for these patterns based on binary strings and regular expressions, and then extracts the file accordingly.