Experts say the hack, which was addressed quickly, is a prime example of why the cybersecurity of the U.S. water supply remains one of the greatest risks to the country's infrastructure.

In spite of this mic drop moment, the author of Crystalline continued to double down and insist that a symmetric cipher doesn’t need to be indistinguishable from randomness to be secure (which, to severely understate the affairs, is simply not true).

"I think the biggest problem though is all of this has already been pointed out to you repeatedly in other forums and you completely refuse to acknowledge that your cipher fails to meet the absolute most minimum criteria for a secure cipher."

Firebird Project announces the first Release Candidate of Firebird 4.0, the next major version of the Firebird relational database, which is now available for testing on Windows and Linux platforms. This Release Candidate demonstrates the complete set of features and improvements developed for the new release. Release Candidates are generally considered stable enough and may be recommended for testing in "almost-production" environments. Our users are appreciated giving it a try and providing feedback to the development mailing list. Apparent bugs can be reported directly to the bugtracker.

The FLA is a mechanism for assigning copyright – generally copyright over a piece of software – to a fiduciary. Someone you trust. The fiduciary is expected to Do The Right Thing with the copyright that is assigned to it. Unlike a Copyright License Agreement (or Assignment) which some software projects use, the FLA is carefully constructed to keep everything Free Software and to circumscribe what the fiducary may do. In addition, the FLA ensures that you, the original copyright holder, can continue to do all the Free Software things that you could originally do with your software. So what’s the point? Well, unlike a CLA, the FLA was written with preserving-your-Software-Freedom in mind (the FSFE spearheaded this approach) so that you can continue to use your code and release it under whatever license you like, while the fiduciary can also do that, but in a restricted (preserving Freedom) fashion. This allows centralizing – to the fiduciary – some decisions about the software that may be needed in the longer term.

In this occasion, most of the work has gone into improving features already implemented in previous sprints and, thus, presented in former blog posts.

How do I patch or upgrade my SUSE instances in the public cloud? How do I keep all my instances at the same patch level in the public cloud? What options are available in the public cloud? Part 1 of this post will try to address some of these questions. Additional options available will be discussed in Part 2. First, let’s discuss what is available for PAYG instances but not BYOS instances. Included with PAYG instances is access to a highly available and low latency managed software update infrastructure, which allows for high data transfer rates to patch your instance. This comes enabled and ready at instance launch, so you can be assured that the latest packages can be updated or installed. The only part you have to play in this is to ensure the proper security rules, firewalls, or proxies allow the proper communication from your instance to the public cloud update infrastructure. There’s a blog post that can get you up to speed [1].

Exfatprogs 1.1 have been released as the open-source, user-space utilities around the Linux/Android exFAT file-system support maintained by Samsung. The Linux/open-source exFAT file-system support continues to mature on Linux. The Samsung-backed kernel driver is quite stable and reliable at this point in the kernel while Exfatprogs continues to mature for the user-space tooling around dealing with this file-system that is common to today's SD/SDHC cards and other consumer electronic devices.

Programming Leftovers RcppArmadillo 0.10.2.1.0: New Upstream Release Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 823 other packages on CRAN. This release brings us Armadillo 10.2 with a few updates as detailed below in the list of changes. Upstream release 10.2 was made a couple of days ago, but we need to balance new upstream updates with a responsible release cadence at CRAN. As we needed a maintenance release in early January, I opted to wait four weeks with this one which hence gets us 10.2.0 and 10.2.1 at once. As tweeted (with a follow-up) it had yet another very smooth passage at CRAN so we again appreciate the excellent work of the CRAN maintainers and say Thank You!.

Perl 7: A Modest Proposal The widely lauded signatures feature is currently still experimental to facilitate experimentation with several more important features that are needed for it to be considered feature-complete. However, at this point the basic design is well tested and stabilized, and has been unchanged for the requisite two stable releases. I propose that in Perl 7, the signatures feature be declared stable as-is, added to the :7.0 feature bundle, and these further additions to be developed as a separate initiative. The new additions could trigger distinct experimental warnings until stabilized, or be added under one or more new experimental features as appropriate. (Stabilization of the signatures feature has now been proposed by Paul Evans.)

Perl binaries are mismatched - the revenge of the lazy person Which means: that the module (Cwd in this case) is not compatible (Because it’s an XS module) with your current version of perl, installed on your system: Likely it was compiled for a previous version, leadin to those binaries mismatching

Converting a list to a presence/absence table Structured and tidy data is great to work with, because on the command line you can reliably convert one structure into another. [...] The file was created by an (imaginary) ecologist who visited 8 forest plots (p1 - p8) and on each plot recorded tree species. The recording was done with a simple note-taking app on the ecologist's phone. For each plot there's a plot-code line followed by a line with comma-separated, 4-letter species codes. Notice that in "p5" the code "phas" is unnecessarily repeated. Back in her office, the ecologist puts "plots" on her laptop before doing an analysis of the tree data based on presence/absence. Her analytical software, though, wants a tab-separated species-vs-plots table where a "1" in the table will indicate presence and "0" an absence.

How to remove duplicates from Arrays in Javascript In this short tutorial, we will outline 4 methods that help remove duplicate elements from an array in Javascript.

Try Deno as an alternative to Node.js | Opensource.com Deno is a secure runtime for JavaScript and TypeScript.

Spring Boot on Quarkus: Magic or madness? Quarkus is a Java stack tailored for OpenJDK HotSpot (or OpenJ9 on zSeries) and GraalVM, crafted from optimized Java libraries and standards. It is a good choice for building highly-scalable applications while using lower amounts of CPU and memory resources than other Java frameworks. These applications can be traditional web applications, serverless applications, or even functions as a service. There are many documented instances of organizations migrating their applications to Quarkus. In this article, let’s see one such migration path from Spring Boot to Quarkus that is part magic and part madness! The magic will be some hand waving and performing the migration without changing a single line of code. The madness will be trying to figure out how it was done. [...] It was mentioned at the beginning of this post that we wanted to perform the migration without changing a single line of code. Every Spring Boot application needs to have an “application” class that contains a main method and is annotated with @SpringBootApplication. In our project, src/main/java/io/quarkus/todospringquarkus/TodoApplication.java is that class. Quarkus does not require such a class, nor do any of the Quarkus Spring compatibility extensions provide resolution for the @SpringBootApplication annotation nor the SpringApplication class referenced in this class. So, what gives? We didn’t make any code changes whatsoever, yet those classes seem to resolve just fine in Quarkus. You’ll notice a peculiar comment in both pom.xml (for Maven)/build-quarkus.gradle (for Gradle), right above the dependency declaration for the dependency org.springframework.boot:spring-boot-autoconfigure: This dependency is a hack for TodoApplication.java, which isn't required for Quarkus. Point of demo is to NOT have any code changes. This is the key to this part of the trick. This dependency allows both Spring Boot and Quarkus to resolve these classes at build time. The dependency is declared optional in Maven/compileOnly in Gradle, meaning it will never be included in the application binary the Quarkus build produces. It will be included in the binary the Spring Boot build produces because all of the other spring-boot-starter-* dependencies also depend on it, so it’s included transitively.