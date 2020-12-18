Security: Scans, Microsoft Cracked, and Latest Patches
The software supply chain has long been a prime target for cyberattacks, putting servers, IoT devices, personal computers, and connected equipment from surgically embedded devices to avionics at risk of sabotage. These risks will increase dramatically with the global rollout of such new technologies as 5G telecommunications, and new tools will be required to affirm the security and authenticity of software projects. Against this backdrop, in-toto, an open-source tool developed by researchers at the NYU Tandon School of Engineering that provides an unprecedented level of assurance against such attacks, announces it has hit a significant milestone with the release of its first major version.
[...]
In-toto is supported by a grant from the National Science Foundation
Microsoft Corp said on Thursday it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.
Security updates have been issued by Debian (curl, influxdb, lxml, node-ini, php-pear, and postsrsd), Fedora (chromium, curl, firefox, matrix-synapse, mingw-jasper, phpldapadmin, and thunderbird), Mageia (openjpeg2), openSUSE (gcc7, openssh, PackageKit, python-urllib3, slurm_18_08, and webkit2gtk3), Oracle (fapolicydbug, firefox, nginx:1.16, nodejs:12, and thunderbird), Red Hat (libpq, openssl, and thunderbird), and SUSE (curl, firefox, openssh, ovmf, slurm_17_11, slurm_18_08, slurm_20_02, and xen).
Free/Libre Content Management: Snipe-IT, PartKeepr, Hugo and WordPress
Snipe-IT is a free web-based inventory and warehouse management system. It is open-source and self-hosted cloud solution that companies can download and install it on their private hostings.
As it is built to support multiple users and locations, Snipe-IT is a good option for companies with active and dynamic operations like shipping companies.
The system is built with PHP using Laravel PHP framework and it uses several open-source libraries.
PartKeepr is a free open-soure system for managing warehouse and multi-location inventory.
It is built with Symfony2 (PHP Framework) as a web-based system using PHP and MySQL as database backend with support for PostgreSQL as well.
PartKeepr is packed with dozens of asset management tools within a modular tabbed and boxed user-interface that is easy to use and manage.
It offers multiple project management with multiple-locations, asset types, unit managements.
Some years ago I switched my blog from Wordpress to Nikola. I wrote a blog post about the move, but within a year or so, I’d pretty much stopped blogging completely.
More recently I discovered Hugo, and used it for a couple of other sites I own. popeyspades is a simple blog to promote a game server I was running at the time.
Devices: Arduino Uno, LineageOS
LiDAR (or “light detection and ranging”) sensors are all the rage these days, from their potential uses in autonomous vehicles, to their implementation on the iPhone 12. As cool as they are, these (traditionally) spinning sensors tend to be quite expensive, well out of reach for most amateur experimenters. Daniel Hingston, however, has managed to build his own unit for under $40, using an Arduino Uno and a pair of VL53L0X time-of-flight (ToF) sensors.
In the last few months, we’ve talked about various unofficial Android 11 ports for numerous devices. Some of them were expected, as they were fairly new devices with a strong development backing. However, there were quite a few surprising entries, like the port for the Raspberry Pi 4, which was never intended to run Android in the first place. Now, another legendary device, the Samsung Galaxy S II, has received a taste of Android 11 through an unofficial build of LineageOS 18.1.
Meanwhile, independent developers continue to support many phones long after they’ve been abandoned by their manufacturers by releasing custom ROMs that are often based on Android Open Source Project code… and sometimes based on GNU/Linux.
The latest cases in point? A developer has unofficially ported LineageOS 18.1 to run on the Samsung Galaxy S II, which means a smartphone that was launched in 2011 can now run the latest version of Google’s Android operating system. Meanwhile, PostmarketOS reports its Linux-for-phones software can now at least boot on the Acer CloudMobile S500, a smartphone from 2012 when Acer was actually making phones.
Programming With Raku/Perl
If you’re a programmer, there’s a good chance that names are important to you, too. Giving variables and functions is one of the basic tenets of writing good code, and improving the quality of names is one of the first steps in refactoring low-quality code. And if you both are a programmer and are at all familiar with Raku (renamed from “Perl 6” in 2019), then you are even more likely to appreciate the power and importance of names.
This makes the appeal of pointfree programming – which advocates for removing many of the names in your code – a bit mysterious. Given how helpful good names are, it can be hard to understand why you’d want to eliminate them.
Alexander Kiryuhin announced the 2020.12 Rakudo Compiler Release of the Raku Programming Language. JJ Merelo made sure there’s an up-to-date Alpine-Linux docker image, as well as a raku-test image. And Claudio Ramirez made sure there are Rakudo compiler packages for many Linux distributions. Kudos to all involved!
In related joyous news, Jonathan Worthington released a new version of the Comma Complete IDE (the paid version for subscribers only). The free Comma Community IDE version will be released in January 2021.
When I made a libpng module I wanted it to be compatible with libpng as far as possible. I usually use British spellings like "colour" and "grey" but libpng insists on "color" and "gray". (Oddly enough the PNG specification on the web uses "colour" and "grey" though.) So the documentation and examples were fully compatible with Roger Moore and his Aston Martin, but all the code was Tony Curtis-style "color" and "gray". Anyway after a while I have to say it was starting to get old writing colour then color then gray then grey.
