Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by Fedora (python38), openSUSE (nginx, nodejs10, nodejs8, python-Twisted, python-Werkzeug, SDL2_image, SDL_image, and util-linux and shadow), Oracle (firefox and nghttp2), Red Hat (.NET Core, firefox, kernel, libwmf, pki-deps:10.6, and poppler), Scientific Linux (firefox), SUSE (ghostscript, libgcrypt, podman, python-SQLAlchemy, qemu, and webkit2gtk3), and Ubuntu (curl, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, systemd, and tomcat8). 

  • Duty Of Care

    Put differently, when Toyota recalls hundreds of thousands of cars for potential defects in which exactly zero people were harmed, we consider that responsible stewardship of their product.

  • The California Consumer Privacy Act

    Next January, California is set to have one of the strongest laws in the nation, passed last year with unusual bi-partisan support, seeking to add some first-of-their-kind state protections over our personal data. It is called the California Consumer Privacy Act (CCPA) of 2018. It nicely reflects the fact that our state is one of the only states in the country whose constitution in Article 1, Section 1, actually contains an express right of privacy guaranteed to all Californians.

    This past year, since the bill’s passage, Purism has worked tirelessly–and dedicated substantial staff resources–to help make sure the new law is not substantially thrashed by Big Tech’s huge army before the fledgling law can even take effect: an army of highly-paid lobbyists. The stakes for Big Tech are large, but the stakes for consumer privacy, and for Purism’s philosophy of consumer privacy protection and control, are so much bigger.

    To try to stem the extraordinary political muscle of Big Tech in Sacramento, Purism has worked in close collaboration with California’s top privacy protection groups including the ACLU, EFF, Consumers Union, Common Sense Kids Action and the Privacy Rights Clearinghouse, and many others to try to stop the onslaught of Big Tech-sponsored bills seeking to vitiate the new law.

    Our CEO has testified in legislative hearings against the weakening measures, and has recently co-written a powerful editorial published in the Mercury News, the newspaper in the backyard of Big Tech in Silicon Valley, against these bills. As Purism’s legislative advocate, I have met with key California legislators to try to thwart Big Tech’s predictable onslaught against this new law.

  • Equifax Victims Jump Through Hoops To Nab Settlement Money They Won't Get Anyway

    So we've noted that the FTC's settlement over the Equifax hack that exposed the public data of 147 million Americans is a bit of a joke. The FTC originally promised that impacted users would be able to nab 10 years of free credit reporting or a $125 cash payout if users already subscribed to a credit reporting service. But it didn't take long for the government to backtrack, claiming it was surprised by the number of victims interested in modest compensation, while admitting the settlement failed to set aside enough money to pay even 248,000 of the hack's 147 million victims.

More in Tux Machines

Software: Zotero, PulseCaster and Qt Port of SFXR

  • Zotero and LibreOffice

    If you’re working with LibreOffice and need to create a bibliography, this software makes it simple to manage your citations. You can tell how few people use LibreOffice’s Bibliography Database by the fact that a bug that would take 10 minutes to fix has survived since 2002. Instead, those who need bibliographies or citations rely on other software such as Zotero, which can be integrated into LibreOffice with an extension. That robust bug is that the Citation Format in the database table is called the Short Name in the input fields. Even more confusing, the examples give an arbitrary name, when to work with the citation insertion tool in Insert | Table of Contents and Index | Insert Bibliography Entry, it should in a standard form, such as (Byfield: 2016) for the MLA format. Add the fact that a single database is used for all files – an absurdity in these memory-rich days – and the neglect of the Bibliography Database is completely understandable.

  • PulseCaster 0.9 released!

    For starters, PulseCaster is now ported to Python 3. I used Python 3.6 and Python 3.7 to do the porting. Nothing in the code should be particular to either version, though. But you’ll need to have Python 3 installed to use it, as most Linux bistros do these days. Another enhancement is that PulseCaster now relies on the excellent pulsectl library for Python, by George Filipkin and Mike Kazantsev. Hats off to them for doing a great job, which allowed me to remove many, many lines of code from this release. Also, due the use of PyGObject3 in this release, there are numerous improvements that make it easier for me to hack on. Silly issues with the GLib mainloop and other entrance/exit stupidity are hopefully a bit better now. Also, the code for dealing with temporary files is now a bit less ugly. I still want to do more work on the overall design and interface, and have ideas. I’ve gotten way better at time management since the last series of releases and hope to do some of this over the USA holiday season this late fall and winter (but no promises).

  • SFXR Qt 1.3.0

    I just released version 1.3.0 of SFXR Qt, my Qt port of the SFXR sound effect generator.

today's howtos

Programming Leftovers

  • post modern C tooling - draft

    Some of the C++ people have pulled off one of the cleverest and sneakiest tricks ever. They required 'modern' C99 and C11 features in 'recent' C++ standards. Microsoft has famously still clung onto some 80s version of C with their compiler for the longest time. So it's been a decade of hacks for people writing portable code in C. For a while I thought we'd be stuck in the 80s with C89 forever. However, now that some C99 and C11 features are more widely available in the Microsoft compiler, we can use these features in highly portable code (but forget about C17/C18 ISO/IEC 9899:2018/C2X stuff!!).

  • Reading and Writing YAML to a File in Python

    In this tutorial, we're going to learn how to use the YAML library in Python 3. YAML stands for Yet Another Markup Language. In recent years it has become very popular for its use in storing data in a serialized manner for configuration files. Since YAML essentially is a data format, the YAML library is quite brief, as the only functionality required of it is the ability to parse YAML formatted files. In this article we will start with seeing how data is stored in a YAML file, followed by loading that data into a Python object. Lastly, we will learn how to store a Python object in a YAML file. So, let's begin. Before we move further, there are a few prerequisites for this tutorial. You should have a basic understanding of Python's syntax, and/or have done at least beginner level programming experience with some other language. Other than that, the tutorial is quite simple and easy to follow for beginners.

  • Python Multiple Inheritance (with Examples)

    In this tutorial, we’ll describe Python Multiple Inheritance concept and explain how to use it in your programs. We’ll also cover multilevel inheritance, the super() function, and focus on the method resolution order. In the previous tutorial, we have gone through Python Class and Python (Single) Inheritance. There, you have seen that a child class inherits from a base class. However, Multiple Inheritance is a feature where a class can derive attributes and methods from more than one base classes. Hence, it creates a high level of complexity and ambiguity and known as the diamond problem in the technical world. We’ll be taking up this problem later in this tutorial.

  • Adding Methods Retroactively

    Imagine you have a "shapes" library. We have a Circle class, a Square class, etc. A Circle has a radius, a Square has a side, and maybe Rectangle has height and width. The library already exists: we do not want to change it. However, we do want to add an area calculation. If this was our library, we would just add an area method, so that we can call shape.area(), and not worry about what the shape is.

Fedora: GSoC, Fedora Program Management, PHP, Fedora Infrastructure, Test Day and EPEL

  • Fedora Community Blog: GSoC summer 2019: Fedora Gooey Karma

    The day GSoC projects list was published I started sorting out all the organizations that I’d enjoy working with. Being a Linux user/enthusiast I filtered down to a bunch of Linux distros and desktop managers. Sorting out all the projects, Fedora-Gooey-Karma seemed to be a project that suited the skills I have. Once I was sure that Fedora Gooey Karma is a project that I would love to work on during the summer, I mailed @sumantro about the project. We talked about the project on mails.

  • Fedora Community Blog: FPgM report: 2019-37

    Here’s your report of what has happened in Fedora Program Management this week. Fedora 31 Beta is go! I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • PHP version 7.2.23RC1 and 7.3.10RC1

    Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests (for x86_64 only), and also as base packages. RPM of PHP version 7.3.10RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux. RPM of PHP version 7.2.23RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

  • Karsten Hopp: Onboarding Fedora Infrastructure

    I'm using / working on Fedora since FC-1 and just recently joined the Infrastructure team.

  • Fedora Community Blog: Fedora 31 Gnome Test Day 2019-09-18

    Wednesday, 2019-09-18 is the Fedora 31 Gnome Test Day! As part of changes Gnome 3.34 in Fedora 31, we need your help to test if everything runs smoothly!

  • EPEL Bug: Bash errors on recent EL-8 systems.

    Last week, I got asked about a problem with using EPEL-8 on Oracle Enterprise Linux 8 where trying to install packages failed due to bad license file. I duplicated the problem on RHEL-8 which had not happened before some recent updates.