today's leftovers

Misc
  • Ubuntu Weekly Newsletter Issue 685

    Welcome to the Ubuntu Weekly Newsletter, Issue 685 for the week of May 23 – 29, 2021. The full version of this issue is available here.

  • Paul Wise: FLOSS Activities May 2021

    This month I didn't have any particular focus. I just worked on issues in my info bubble.

  • AWS Free Tier, where's your spending limit? 'I thought I deleted everything but I have been charged $200'

    Amazon Web Services has come under fire for lack of hard spending limits on accounts, after some users reported unexpected bills from what they thought were tutorial accounts.

    AWS does not have a freemium business model (unlike, say, GitHub or Dropbox), but it does have "free tier" services that cost nothing to use, within their constraints (which may be severe).

    The company provides these not out of generosity but to enable experimentation, presumably in the hope that this leads in due course to paying customers. There can be bill shocks though, as the company provides no built-in feature that caps spending to zero or even to a specified amount.

    The issue came up earlier this month when cloud architect Forrest Brazeal reported on Twitter about a student who attended a Sagemaker (the AWS machine learning toolkit) tutorial and was sent a $200 bill, saying "I thought I deleted everything but I have been charged $200."

  • Virtuozzo Launches A Mature Linux Distribution VzLinux For The Public

    VzLinux Enterprise Distribution has been used as a basic operating system for Virtuozzo’s OpenVZ virtualization solutions and other commercial products for more than 20 years, and has been used as a guest operating system.

    The Linux distribution is maintained by the open source community, and network hosting service providers and other end customers who deploy the technology can directly enjoy a stable and long-term support system.

  • I've come to like date-based names for log rotation

    One of the divides in Linux distributions is how they set up logrotate, especially including how they have logrotate name the 'rotated' copies of logs. Ubuntu (and I assume Debian) use the traditional approach of numbered old log files, where the most recently rotated log file has a .0 suffix, the next most recent has a .1 suffix, and so on back to however many versions you want to keep. A while back, Red Hat Enterprise and thus Fedora switched to date-based naming, where the suffix is based on the day that the log was rolled and you get names like 'cron-20210530'.

  • Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments

    I don’t know what I did wrong, but I did manage to fix them up afterwards. I suspect that I still had zroot/usr mounted and did not notice.

  • Experimental RADV Code Allows Vulkan Ray-Tracing On Older AMD GPUs - Phoronix

    AMD currently just supports Vulkan ray-tracing with their Radeon RX 6000 series graphics cards while now there is independent work being done on Mesa's unofficial Radeon Vulkan driver (RADV) to allow ray-tracing to work with older generations of GPUs like Vega and Polaris.

    Joshua Ashton who is known for his work on VKD3D-Proton, DXVK/D9VK, and related projects while working under contract for Valve has been experimenting with bringing RADV Vulkan ray-tracing to pre-RDNA2 GPUs.

    While RDNA2 GPUs offer hardware acceleration around BVH ray intersection tests, there isn't much more that is actually new silicon for ray-tracing with these latest consumer GPUs. But the ray intersection tests can also be handled as a SPIR-V shader for any GPU as well, so that is what Ashton has been experimenting with.

  • AMD Announces New Zen 3 Desktop APUs, FidelityFX Super Resolution + More - Phoronix

    Overall, a rather promising keynote for the virtual Computex Taipei event... Now to get our hands on the new hardware for delivering Linux benchmarks of these new wares.

  • Macs & MacOS: Greener Grass?

    Linux and Windows can be installed interchangeably on PCs, leading consumers to find what works best for them. The constant unknown about MacOS brings a certain appeal to it - like standing outside an exclusive club, wondering what’s inside.

    [...]

    By using a Mac, your efficiency is capped by your wallet and what Apple allows. If you like forced microbreaks and workflow (or audio) stutters, MacOS just might be for you.

  • Pouring half your coffee down the kitchen sink would still be cheaper than buying Keurig K-Cups. Would you like a felony with your coffee?

    About half the people I know have a Keurig in their house, even though these things are a disaster for the environment due to little plastic pods with aluminum lids, and coffee that isn’t even good (like Maxwell House) ends up costing over $40 per pound, even as you can buy it in two pound cans for less than $7.

    Some people say “I’m the only one in the house who drinks coffee and I don’t like the waste.”, but that doesn’t hold up financially or environmentally.

    Comparing Great Value Donut Shop in a can to the K-Cups, the result is you’re wasting $100 per person in your house per year that drinks coffee if you use K-Cups, assuming you just start your morning with it.

    [...]

    Some people figured out how to jury rig a bypass, which might be a felony under the DMCA, but that seems a bit extreme (and inconvenient, regardless).

    Boycott Keurig.

    Still other people, confronted with the ridiculousness of the Keurig system, go further, to compare it with buying coffee at Starbucks. Which is even dumber and more pointless.

  • Russell Coker: Some Ideas About Storage Reliability

    When people ask for advice about what storage to use they often get answers like “use brand X, it works well for me and brand Y had a heap of returns a few years ago”. I’m not convinced there is any difference between the small number of manufacturers that are still in business.

    One problem we face with reliability of computer systems is that the rate of change is significant, so every year there will be new technological developments to improve things and every company will take advantage of them. Storage devices are unique among computer parts for their requirement for long-term reliability. For most other parts in a computer system a fault that involves total failure is usually easy to fix and even a fault that causes unreliable operation usually won’t spread it’s damage too far before being noticed (except in corner cases like RAM corruption causing corrupted data on disk).

    Every year each manufacturer will bring out newer disks that are bigger, cheaper, faster, or all three. Those disks will be expected to remain in service for 3 years in most cases, and for consumer disks often 5 years or more. The manufacturers can’t test the new storage technology for even 3 years before releasing it so their ability to prove the reliability is limited. Maybe you could buy some 8TB disks now that were manufactured to the same design as used 3 years ago, but if you buy 12TB consumer grade disks, the 20TB+ data center disks, or any other device that is pushing the limits of new technology then you know that the manufacturer never tested it running for as long as you plan to run it. Generally the engineering is done well and they don’t have many problems in the field. Sometimes a new range of disks has a significant number of defects, but that doesn’t mean the next series of disks from the same manufacturer will have problems.

    The issues with SSDs are similar to the issues with hard drives but a little different. I’m not sure how much of the improvements in SSDs recently have been due to new technology and how much is due to new manufacturing processes. I had a bad experience with a nameless brand SSD a couple of years ago and now stick to the better known brands. So for SSDs I don’t expect a great quality difference between devices that have the names of major computer companies on them, but stuff that comes from China with the name of the discount web store stamped on it is always a risk.

    [...]

    I think that NVMe isn’t very different from other SSDs in terms of the actual storage. But the different interface gives some interesting possibilities for data loss. OS, filesystem, and motherboard bugs are all potential causes of data loss when using a newer technology.

    [...]

    Filesystems like BTRFS and ZFS are needed to cope with storage devices returning bad data and claiming it to be good, this is a very common failure mode.

  • What is a supply chain attack?

    CYBERSECURITY TRUISMS HAVE long been described in simple terms of trust: Beware email attachments from unfamiliar sources, and don't hand over credentials to a fraudulent website. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: What if the legitimate hardware and software that makes up your network has been compromised at the source?

  • Top 10 Cybersecurity Tools to Watch Out for in 2021

    Kali Linux is known as the most common and reputed cybersecurity tool. It is basically an operating system that contains at least 300 different tools for security auditing. The tool facilitates the organizations to scan their networks to detect all the vulnerabilities in the system. The primary benefit that Kali Linux provides is the various levels of cybersecurity knowledge. The tool is readily available for use.

today's howtos

  • LFCA: Learn the Basic Concepts of DevOps – Part 21

    DevOps has been a trending topic for quite a while now and has managed to draw the attention of technology professionals and enterprises alike. As a beginner, it can be challenging wrapping your head around the concept of DevOps, and in this topic, we will flesh out the basic concepts of this internet buzzword. To start off, DevOps is a portmanteau of two words: Development and Operations. It is a set of practices and tools that promote collaboration between development teams (Devs) and operations (Ops). The goal of DevOps is to streamline the software development lifecycle, minimize failure rates, scale up the frequency of deployments, and achieve high-quality software.

  • Pi IoT In C Using Linux Drivers - The SPI Driver
  • TSDgeos' blog: How i ended up fixing a "not a bug" in Qt Quick that made apostrophes not being rendered while reviewing an Okular patch

    But in Okular we don't use Qt Quick you'll say! Well, we actually use Qt Quick in the mobile interface of Okular, but you're right, this was not a patch for the mobile version, so "But in Okular we don't use Qt Quick!"

  • Puma graceful restarts

    How to configure Puma 5 application server for graceful restarts, and what is the difference between regular, hot, and phased restarts? Application restarts are necessary when things go wrong or whenever we need to push a new application version. But a regular restart isn’t usually anything more than stopping and starting the server again. To keep clients connected or even keep serving requests, we need a better strategy.

  • How to Check TLS/SSL Expiration Date Using OpenSSL

    TLS/SSL certificates are used for encrypting websites or web applications. They provide much-needed privacy and confidentiality to users who are interacting with the webserver via a browser or on command-line. Different SSL certificates have different validity periods with the maximum being 397 days ( 1 year, 1 month, and 2 days) from 1, September 2020. Let's Encrypt provides validity of up to 90 days.

Free/Libre Games: 0 A.D. Alpha 25 and OpenTTD

  • Free and open source RTS 0 A.D. Alpha 25 to release in June with feature-freeze imminent

    Wildfire Games have given an update on the status of 0 A.D. Alpha 25, which they've now confirmed the Feature Freeze will begin on June 6 to focus on getting it release ready. We now know that on June 6 it will enter a Feature Freeze, meaning no more features will be pulled into the code and instead they will switch to bug fixing and optimization. Then on June 13 a "Commit and String Freeze" will happen, as they focus on getting out Release Candidate builds to move onto 0 A.D. Alpha 25 releasing at the earliest June 20, but it can be pushed to June 30 depending on bugs found during the RC phase.

  • Play OpenTTD with HD graphics

    It's been a few years since I wrote about OpenTTD in any great detail. But something magical happened a few weeks back. OpenTTD is now available through Steam, which makes it accessible to a huge number of gamers who might not necessarily discover it otherwise. But then, if you're a hardcore tycoonist, and at least 9,000 years old, then Transport Tycoon Deluxe is an inseparable part of your life and soul. The Steam announcement dropped me into my train-building mood, and I started playing it again. But standard OpenTTD doesn't look amazing on 2K and 4K monitors. So I went back to yet another something I've written about many years ago - 32bit high-def graphics for this lovely game. And I decided to revisit the topic, and see if I can get OpenTTD to look great in 2021. Hence, this article.

Security Leftovers

  • What Is AES Encryption, Examples of How the Advanced Encryption Standard Works

    If you’ve ever wondered about how things are kept secure on the Internet, especially considering that there are several malevolent agents that constantly attempt to break in data vaults, cryptography is one of the answers that best fits the question. As you may know, cryptography is merely one of the methods used to protect information and communications, but that doesn’t mean it’s simple by any means. In fact, it’s a technology that undergoes constant development to ensure that the standards it relies on are always top of the line. An example of such a standard is AES, an acronym that you probably encountered before, especially if you constantly use communications apps such as WhatsApp, Signal, or Telegram, or VPN software. In this article, we’re going to focus on AES and help you understand it better.

  • Security updates for Monday

    Security updates have been issued by Debian (hyperkitty, libxml2, nginx, openjdk-11-jre-dcevm, rxvt-unicode, samba, and webkit2gtk), Fedora (exiv2, java-1.8.0-openjdk-aarch32, mingw-python-pillow, opendmarc, php-symfony3, php-symfony4, python-pillow, runc, rust-cranelift-codegen-shared, rust-cranelift-entity, and rxvt-unicode), openSUSE (curl, hivex, libu2f-host, libX11, libxls, singularity, and upx), Oracle (dotnet3.1 and dotnet5.0), Red Hat (docker, glib2, and runc), and Ubuntu (lz4).

  • Chris Lamb: Free software activities in May 2021

    The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

Updates for JingOS and Phosh, notes on PinePhone keyboard hacking

Developers at Purism have released a new version of the Phosh user interface for Linux phones, bringing bug fixes, usability improvements, and several other changes to this phone shell used by multiple smartphone Linux distributions including some versions of postmarketOS (which recently celebrated its fourth birthday, by the way). Meanwhile, the folks at Jingling have released a new build of JingOS, their Linux distribution for tablets (and eventually smartphones). The developer of the most promising Linux kernel patches for the PinePhone has begun digging into the schematics and software for the upcoming PinePhone keyboard, and it looks like it’ll be a pretty hackable device. Here’s a roundup of recent mobile Linux news. Read more

