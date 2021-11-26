Programming Leftovers
EasyOS has VLC video player available via the package manager, however is it the CLI (commandline) application only. It was compiled in OpenEmbedded.
Now that Qt5 has been compiled in OE, VLC can be compiled with its Qt5-based GUI.
It is quite a big package, don't know if will include it builtin in the next release of Easy, but it will be available via the package manager.
So far in this introductory series to the Python programming language, we’ve learned some pretty cool basic Python tricks. We’ve learned what makes the language special, learned about the Python console and used variables, and learned how to accept input from users.
With that knowledge, we’ve created a couple of interesting little programs that illustrate how these features work in Python, but the applications themselves don’t do much outside of proving to your friends and family that you can learn a programming language.
Security updates have been issued by Debian (apache-log4j2, libextractor, libpcap, and wireshark), Fedora (grub2, kernel, libopenmpt, log4j, mingw-binutils, mingw-python-lxml, and seamonkey), Mageia (golang, lapack/openblas, and samba), and openSUSE (go1.16, libaom, log4j12, logback, and runc).
In 2022, security will be Linux and open-source developers job number one | ZDNet [Ed: Back doors have crept into proprietary software at all levels, but SJVN/ZDNet participates in the phony narratives wherein the problem (security-wise) is the alternative to such software]
But with great power also comes great responsibility as Spider-Man knows. And, as many developers recently found out when multiple security vulnerabilities with the Apache Java logging open-source library log4j2 were discovered, also comes great headaches.
The log4j2 problems are as bad as bad can get. By the National Vulnerability Database (NVD) scale, it's rated as 10.0 CVSSv3 which is perfectly awful.
Its real trouble isn't so much with open-source itself. There's nothing magical about open-source methodology and security. Security mistakes can still enter the code. Linus's law is that given enough eyeballs, all bugs are shallow. But, if not enough developers are looking, security vulnerabilities will still go unnoticed. As what I'm now calling Schneier's law, "Security is a process, not a product," points out constant vigilance is needed to secure all software.
The annual meeting of the Chaos Computer Club, Germany’s giant hacker group, is online again this year. While those of us here are sad that we don’t get to see our hacker friends in person, our loss is your gain — the whole thing is online for the entire world to enjoy.
This year’s Congress has gone entirely decentralized, with many local clubs hosting their own video streams and “stages”. Instead of four tracks, there are now six or seven tracks of talks going on simultaneously, so prepare to be overwhelmed by choice. You can find the overall schedule here, so if you see anything you’d like to watch, you’ll know when to tune in.
