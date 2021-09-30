Language Selection

today's leftovers

Submitted by Roy Schestowitz on Wednesday 17th of November 2021 09:40:10 PM Filed under
Misc
  • JWM version 2.4.0 compiled

    JWM, Joe's Window Manager, has been in the pups since the very early days. JWM is not just a window manager, it also manages one or more trays and one or more menus.

  • China has now used a major Safari/Webkit zero day vulnerability against Hong Kong activists for at least the second time.

    On GNOME Web (especially in Flatpak), it’s actually quite a bit safer because of advanced Linux sandboxing techniques, and additional hardening options available to the GNU Compiler, which simply either don’t exist or are broken, or fake (report success, do nothing) in Apple’s Clang/LLVM. In many cases, the browser would simply crash rather than arbitrary code execution.

    I really can’t tell you how much I dislike Clang/LLVM. Apple switched over to it from GCC not due to maturity or technical excellence, but to get away from the GNU GPLv3, and now it’s democracy protesters in China who get to pay for that.

    When Fedora’s engineering steering committee was debating switching to LLVM based on anti-GNU FUD coming from Mozilla, I was preparing to apply two patches to Firefox (someone else quickly wrote them to make Firefox build on GCC with the features Mozilla said weren’t possible in GCC 8, to justify their switch to an inferior compiler) and build it under some other name and put it in my COPR repo instead. Now I don’t use Fedora or Firefox.

    If that had been the only thing going wrong with it, I might have groused a little and stayed in the end, but IBM has moved Fedora in a direction where it’s even less stable than Debian Sid!

    And Mozilla has turned into a political party of extremism (wokeness/corporate leftism) and Cancel Culture, and a thrall of Big Tech.

  • Strong passwords, 2FA, and GNOME Authenticator.

    About a year ago, I noticed that I kept getting emails that some of my accounts had been taken over.

    Nothing very important. An old Disney rewards account I signed up for to get free DVDs forever ago, an unused Spotify account from I don’t know when.

    But it got me thinking about security.

    Up until that point, I had dodged bullets. I hated passwords, I used bad practices without even considering it (like reusing weak passwords over and over again), and I decided to clean house.

  • Microsoft brings Windows Media Player back from the dead because their “modern” apps, Groove and Movies and TV, flopped.

    The Microsoft news has taken a break from puffing up Microsoft Fake Linux for Windows and the trojan horse malware, Edge, to ooh and aah over the resurrection of….Windows Media Player.

    I wonder why anyone would want to use Windows Media Player instead of VLC. VLC can do almost anything and Windows Media Player is like the Internet Exploder of media players.

    To get Windows Media Player to do much of anything, you need pirate codec packs that probably come with viruses.

  • Splunk CEO jumps ship, share price slumps despite surging growth
Kernel and Graphics: NVMe, Universal Scalable Firmware, Mesa, and Zink

  • Linux 5.17 To Continue With I/O Optimizations, 5~6% Improvement Pending For NVMe - Phoronix

    The recently-ended Linux 5.16 merge window saw significant I/O improvements driven primarily by maintainer Jens Axboe's recent focus on relentlessly optimizing the block and IO_uring code for record-setting per-core IOPS. As good as those improvements are, Linux 5.17 should be even better. Linux 5.16 saw much of Axboe's work merged around the I/O optimizations in his quest for maximizing the per-core IOPS out of his new Ryzen 9 5950X system with dual Intel Optane NVMe solid-state drives. But there is still more work pending that in turn should be ready for Linux 5.17.

  • Intel Developing Universal Scalable Firmware As Next-Gen Firmware Platform - Phoronix

    Universal Scalable Firmware intends to extend its scope beyond just system firmware but is also planned for use by Intel discrete graphics processors. USF is also designed to offer greater firmware security than the status quo. The key planned features/components right now include a Universal Payload that can work across different operating systems and boot loaders, the Platform Orchestration Layer with simplified ACPI support and interfaces with the Rust programming language and configured with YAML, and the SoC FSP. Intel is hoping USF will reduce development costs, improve firmware quality and security, and push forward other new firmware innovations.

  • Mesa 21.3 Released With Radeon RADV Ray-Tracing, Much Better Zink - Phoronix

    Mesa 21.3 is now out as the latest quarterly feature release to this collection of open-source graphics drivers. Mesa 21.3 as the Q4'2021 update brings a number of exciting improvements and new features like: - Radeon RADV ray-tracing support landed along with experimental shader-based ray-tracing for older Radeon GPUs. Note though that this RADV ray-tracing code hasn't yet been well optimized and the performance is likely to be slow and there may still be various game issues. In any case, at least it's finally maturing now in mainline in experimental form.

  • Copper Aims To Improve Mesa's Zink Efficiency In 2022 - Phoronix

    Following the news from last week of experimental Zink code running Wayland's Weston compositor over this Mesa-based OpenGL-on-Vulkan implementation, developer Mike Blumenkrantz has opened up about some of the ongoing work to improve the efficiency of Zink and making such advancements a reality. In particular, the ongoing Zink Gallium3D improvements by Blumenkrantz and others along with the work of Red Hat's Adam Jackson on the new "Copper" DRI interface extension. The "Copper" effort has been ongoing for a while and should allow for some simplifications to the architecture for how Zink functions and in turn allow for greater efficiency as well as broader platform coverage. With that, the ability to handle Wayland compositors like Weston.

Mesa 21.3 Graphics Stack Is Here with Zink, RADV, and Panfrost Improvements

Mesa 21.3 is here three and a half months after Mesa 21.2 to further improve Linux’s number one graphics stack. It brings many great improvements, starting with official OpenGL ES 3.1 compliance for Collabora’s Panfrost driver, threaded shader compilation for the Iris driver, OpenGL ES 3.2 support for the Zink driver, and support for AV1 videos for the Video Acceleration API (VA-API ). Read more

Security Leftovers

  • Freexian’s report about Debian Long Term Support, October 2021

    Every month we review the work funded by Freexian’s Debian LTS offering. Please find the report for October below.

  • Secure development: New and improved Linux Random Number Generator ready for testing

    The Linux Random Number Generator (LRNG), which relies on several computing functions to act as a source of entropy, is designed to be a drop-in replacement for the long-established /dev/random function. The technology is designed to offer both API (application programming interface) and ABI (application binary interface) compatibility with its /dev/random predecessor, while offering several performance and utility advantages.

  • CISA Adds Four Known Exploited Vulnerabilities to Catalog [Ed: Microsoft is a threat to National Security]

    CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, which require remediation from federal civilian executive branch (FCEB) agencies by December 1, 2021. CISA has evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.

  • How has Abcbot been targeting Linux? [Ed: "This botnet mainly targets systems and web servers with wear passwords, which makes it easier for the botnet to deploy the DDoS attack," so it does not sound like a Linux issue]

    Reportedly, a new kind of botnet called Abcbot has been observed in the dark web world. According to the sources, this botnet has some worm-like propagation features to infect Linux systems. The main target of the botnet is to launch malicious denial-of-service (DDoS) attacks on the devices.

  • GitHub fixes authorisation vulnerability in the NPM JavaScript package registry

Sam Thursfield: Status update, November 2021

I am impressed with the well-deserved rise of Sourcehut, a minimalist and open source alternative to Github and Gitlab. I like their unbiased performance comparison with other JavaScript-heavy Git forges. I am impressed by their substantial contributions to Free Software. And I like that the main developers, Drew DeVault and Simon Ser, both post monthly status update blog posts on their respective blogs. Read more

