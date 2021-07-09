Software and Programming Leftovers
The presented release of the project is QEMU 6.2 . As an emulator, QEMU allows you to run a program compiled for one hardware platform on a system with a completely different architecture, for example, to run an application for ARM on an x86-compatible PC. In virtualization mode in QEMU, the performance of code execution in an isolated environment is close to the hardware system due to the direct execution of instructions on the CPU and the use of the Xen hypervisor or the KVM module.
The project was originally created by Fabrice Bellard to enable x86-built Linux binaries to run on non-x86 architectures. Over the years, support for full emulation has been added for 14 hardware architectures, the number of emulated hardware devices has exceeded 400. In the preparation of version 6.2, more than 2300 changes were made from 189 developers.
While CUPS 2.4 was recently released as the first big update in years and since OpenPrinting took over upstream development, CUPS founder Michael Sweet continues concurrently developing PAPPL as a modern, open-source printer appication framework. Wednesday marked the release of PAPPL 1.1.
Another user guide was published by the LibreOffice documentation team on December 8: the LibreOffice 7.2 Base Guide, for the database component. It is available in free PDF or ODT from the LibreOffice website, or in a low-cost printed copy from Lulu.com.
Given the very few changes in Base since LibreOffice 6.4, the team decided to just rebrand the previous book, as part of an effort to produce a complete set of books for v7.2. If you want printed copies and already have the Base 6.4 book, you could choose to save some money by not buying this one.
REPL is Clojure’s superpower. For a long time, I’ve been enjoying Sublime Text but was unable to match it with Clojure. This ends today: I’m happy to present my new Sublime Text plugin, Sublime Clojure.
Feature deprecations are often controversial, but many projects find it necessary, or desirable, to lose some of the baggage that has accreted over time. A mid-November request to get rid of three Python standard library modules provides a case in point. It was initially greeted as a good idea since the modules had been officially deprecated starting with Python 3.6; there are better ways to accomplish their tasks now. But, of course, removing a module breaks any project that uses it, at least without the project making some, perhaps even trivial, changes. The cost of that is not insignificant, and the value in doing so is not always clear, which led to higher-level conversation about deprecations.
Debian and Canonical/Ubuntu Leftovers
The other day, we discovered that an important package on one of our Ubuntu servers had wound up in what the package system considered an odd state. The only relatively obvious sign of this was that 'apt-get -u upgrade' reported that there was work to do despite not having any packages to install or upgrade (unfortunately I didn't save the specific output). This state was sticky because for reasons beyond the scope of this entry, the package's postinstall script was reporting an error.
Installation of Pi-Hole was as easy as any console-based tool I’ve ever used. I didn’t think I needed the web-based GUI, and wasn’t sure how well it’d run with the A+’s limited resources, but I opted to install it anyway.
It’s been a month or so now, and the A+ has been sitting on top of my bhyve box with just a USB power lead and the Wi-Pi module, filtering our DNS. It works a treat, and the GUI uses very little memory. I suspect these were the sorts of use cases the A+ was designed for.
Open Hardware/Modding: PinePhone, Pine64, and PCB
As far as news is concerned, we are happy to let you know that the PinePhone Pro Explorer Edition and PinePhone Pro keyboard production is steaming ahead with units available soon.
Since the Raspberry Pi was introduced, hundreds of clones have adopted the Pi's form factor (from the diminutive Zero to the 'full size' model B). Often they have better hardware specs, and yet they remain a more obscure also-ran in that generation of Single Board Computer (SBC).
So when I saw Radxa's CM3 and Pine64's SOQuartz, I wanted to see if either would be—as they advertised—'drop in, pin-compatible replacements' for the Raspberry Pi Compute Module 4.
It’s a forward-looking project, complete with USB-C connector, future-proofing it for some time until yet another connector standard comes along. When plugged in, like many similar projects, it blinks some APA102 LEDs in a festive way. The PCB joins in on the fun, with white silkscreen baubles augmented by golden ones created by gaps in the soldermask.
An ATTiny167 is the brains of the operation, using the Micronucleus bootloader in a similar configuration to teh DigiSpark Pro development board. It relies on a bit-banged low-speed USB interface for programming, but the functionality is largely transparent to the end user. It can readily be programmed from within the Arduino IDE.
Proprietary Microsoft Blunders
The opening of a malicious Microsoft Excel file attached to a phishing email led to the cyber attack that crippled the national health service earlier this year, according to a report on the incident published on Friday.
The file was opened at a HSE workstation on March 18th, with the email having been sent to the “patient zero workstation” two days earlier.
The HSE's failure meant that, until mid-September, many doctors nationwide lost access to patient information, clinical care and laboratory systems. With email and networked phones turned off, hospitals were reduced to using pen and paper, faxes, personal mobile phones and face-to-face planning — in the midst of a national rollout of COVID-19 vaccinations. Tens of thousands of appointments and procedures, particularly for cancer patients, were cancelled.
On 14th May 2021, the HSE was subjected to a serious criminal cyberattack, through the infiltration of IT systems using Conti Ransomware. With over 80% of IT infrastructure impacted and the loss of key patient information and diagnostics, this resulted in severe impacts on the health service and the provision of care. The HSE employed the assistance of An Garda Síochána, the National Cyber Security Centre, Interpol and the Irish Defence Forces.
Ireland Health service manager (HSE), which operates the country’s public health system, was hit by Conti ransomware on May 14, 2021. A timeline in the report (above) states that the first infection of the “patient zero” workstation occurred on March 18, 2021, when a employee on a Windows computer opened a Microsoft Excel document in a phishing email that had been sent two days earlier.
Less than a week later, the attacker had established a reliable backdoor connection to the employee’s infected workstation. After infecting the system, “the attacker continued to operate in the environment for a period of eight weeks until the detonation of Conti ransomware on May 14, 2021,” the report states.
