Language Selection

English French German Italian Portuguese Spanish

Debian

Debian, Chris Lamb, NXIVM sex cult prosecution

Filed under
Debian

NXIVM was operated by Keith Raniere in collusion with his associate/girlfriend, the actress Allison Mack. Debian was officially led by Chris Lamb, while his girlfriend Molly de Blanc had created the infamous Anti-Harassment team, analogous to Scientology's Sea Organization, to promote submissiveness and obedience under the guise of a "Code of Conduct".

[...]

Early in 2018, Alexander "formorer" Wirth had set up Debian's public Git repositories, hosted in the Salsa.debian.org service. Shortly after this, at DebConf18 in Taiwan, Lamb had started the discussions about how to brand volunteers with adverse records in Git / Salsa. A few days before Christmas, this weapon was unleashed on Dr Norbert Preining, who maintains the LaTeX packages used widely in the academic world.

[...]

Just as Debian oligarchs often use nicknames and acronyms, NXIVM's founder, Raniere, had chosen to hide behind the pseudonym Vanguard, taken from an arcade game in which the destruction of one's enemies increased one's own power. It is a remarkable parallel to the style used by some of the worst leaders in Debian over the years.

In fact, every year there are public discussions about who to kick out of Debian. Enrico Zini, one of the Debian Account Managers who is currently engaged in blackmailing a volunteer, asked candidates in the 2006 leadership election to publicly name five people they would expel.

[...]

Lamb, de Blanc and their associates, the Anti-Harassment team and Debian Account Managers, had been making secret findings of misconduct against volunteers and then making veiled threats to disclose these abusive decisions if the volunteers were not submissive enough. Dr Preining called their bluff by releasing a bundle of their nasty emails himself.

Read more

Debian and Ubuntu: DebCamp/DebConfs, Advantech, Web Team and Ubuntu Weekly Newsletter

Filed under
Debian
Ubuntu
  • DebConf5

    This was one of my most favorite DebConfs (though I basically loved them all) and I'm not really sure why, I guess it's because of the kind of community at the event. We stayed in some future dorms of the universtity, which were to be first used by some European athletics chamopionship and which we could use even before that, guests zero. Being in Finland there were of course saunas in the dorms, which we frequently used and greatly enjoyed. Still, one day we had to go on a trip to another sauna in the forest, because of course you cannot visit Finland and only see one sauna. Or at least, you should not.

    Another aspect which increased community bonding was that we had to authenticate using 802.10 (IIRC, please correct me) which was an authentication standard mostly used for wireless but which also works for wired ethernet, except that not many had used it on Linux before. Thus quite some related bugs were fixed in the first days of DebCamp...

  • Advantech releases EPC-C301 for machine vision applications with Ubuntu 18.04 LTS

    Advantech, a leading global provider of intelligent IoT systems and embedded platforms, is pleased to announce EPC-C301, a compact fanless box PC powered by 8th Gen. Intel® Core™ processor. This system features diverse domain-focused I/O and can operate in broad temperature ranges. EPC-C301 integrates Intel® and Canonical technologies, provides Ubuntu and OpenVINO toolkits, and is aimed at accelerating the advancement of AIoT. This powerful system is an excellent choice for machine vision applications, such as automated optical inspection (AOI), and automated plate number recognition (APNR).

  • Design and Web team summary – 4th August 2020

    The web team here at Canonical run two week iterations. Here are some of the highlights of our completed work from this iteration.

    [...]

    I started writing code sometime around 1993 with Qbasic, dabbled in some C, C++, before ultimately ending up working with the various components of the web stack and working with PHP, Perl, Python, Go, Javascript. Day to day I’m working with Juju, JAAS and building the Juju Dashboard.

    Outside of a computer, I enjoy being outside and snow, wake and kiteboarding.

  • Ubuntu Weekly Newsletter Issue 642

    Welcome to the Ubuntu Weekly Newsletter, Issue 642 for the week of July 26 – August 1, 2020. The full version of this issue is available here.

Meet Super Container OS, a Debian-Based Live Distro with a Built-In Container Engine

Filed under
Debian

I told you I love new projects, right? Well, today I have a brand-new distro that I’d like to introduce you to, called Super Container OS, and targeted at developers who want to run containerized apps.

The Super Container OS developer Harshad Joshi pinged me earlier on Twitter earlier to check out his new distro, which he says it’s a live and installable Linux OS that comes pre-loaded with a container engine powered by Docker and systemd-nspawn.

Based on the Bufferstack.IO computing platform, Super Container OS wants to be the ideal tool for those who want to create, deploy and distribute apps that can run on IIoT Gateways, servers, or even virtual machines.

Now that Container Linux from CoreOS is no more, I guess we need more alternatives. Super Container OS is based on the latest Debian GNU/Linux 10 “Buster” operating system series and aims to make deploying, running and managing containerized applications easier by using OS level virtualization.

Read more

Also: Sylvain Beucler: Debian LTS and ELTS - July 2020

BunsenLabs Linux Lithium Release Hits Stable After Two Years, Based on Debian Buster

Filed under
Debian

After more than two years in development, BunsenLabs Linux Lithium release has finally hit the stable channel today for this OpenBox-based and lightweight Debian GNU/Linux derivative, a continuation of the acclaimed CrunchBang Linux.

The BunsenLabs Team is proud to announce today the official release of BunsenLabs Lithium, a new major release based on the latest Debian GNU/Linux 10 “Buster” operating system series.

As expected, BunsenLabs Linux Lithium is packed with lots of goodies, including the ability to install the distribution on newer computers that use Secure Boot, a new look and feel featuring a brand-new dark theme with custom-colored Papirus icons by default, and more modularity for user to fully customize the distro to their needs.

For example, users can now replace the default Openbox window manager with another desktop environment and keep many of the settings, such as menu item, key bindings, and autostarted apps. Also, the BunsenLabs session now uses jgmenu by default and can coexist with a default Openbox or Xfce sessions.

[...]

The BunsenLabs Linux Lithium release is available for download right now from the official website as a 64-bit live ISO and a minimal, CD-sized 32-bit non-PAE version, which can be extended to full-size by installing the bunsen-meta-all or bunsen-meta-lite metapackages.

Read more

Direct: [STABLE RELEASE] BunsenLabs Lithium Official ISOs

Also: [Debian-Based SparkyLinux] July 2020 donation report

Debian Leftovers

Filed under
Debian
  • Paul Wise: FLOSS Activities July 2020

    This month I didn't have any particular focus. I just worked on issues in my info bubble.

  • Utkarsh Gupta: FOSS Activites in July 2020

    This was my 17th month of contributing to Debian. I became a DM in late March last year and a DD last Christmas! \o/

    Well, this month I didn’t do a lot of Debian stuff, like I usually do, however, I did a lot of things related to Debian (indirectly via GSoC)!

  • DebConf3

    This tshirt is 17 years old and from DebConf3. I should probably wash it at 60 celcius for once...

    DebConf3 was my first DebConf and took place in Oslo, Norway, in 2003. I was very happy to be invited, like any Debian contributor at that time, and that Debian would provide food and accomodation for everyone. Accomodation was sleeping on the floor in some classrooms of an empty school and I remember having tasted grasshoppers provided by a friendly Gunnar Wolf there, standing in line on the first day with the SSH maintainer (OMG!1 (and it wasn't Colin back then!)) and meeting the one Debian person I had actually worked with before: Thomas Lange or MrFAI. In Oslo I also was exposed to Skolelinux / Debian Edu for the first time, saw a certain presentation from the FTP masters and also noticed some people recording the talks, though as I learned later these videos were never released to the public. And there was this fiveteen year old called Toresbe, who powered on the PDP's which were double his age. And then actually made use of them. And and and.

  • Sparky news 2020/07

    The 7th monthly report of 2020 of the Sparky project:

    • Linux kernel updated up to version 5.7.11 & 5.8-rc7
    • added new desktop: NsCDE
    • added to repo: Shutter-Encoder, Lite Editor, Sparky APTus AppCenter
    • Sparky 5.12 Nibiru of the stable line released
    • riot-desktop package changed its name to element-desktop

Updated Debian 10: 10.5 released

Filed under
Debian

The Debian project is pleased to announce the fifth update of its stable distribution Debian 10 (codename "buster"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

This point release also addresses Debian Security Advisory: DSA-4735-1 grub2 -- security update which covers multiple CVE issues regarding the GRUB2 UEFI SecureBoot 'BootHole' vulnerability.

Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old "buster" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.

New installation images will be available soon at the regular locations.

Read more

Also: Debian GNU/Linux 10.5 “Buster” Released with BootHole Patches, 62 Security Updates

Debian 10.5 Released To Address The GRUB2 BootHole Vulnerability, Other Security Fixes

Debian 10.5 Buster point release 20200801 - all of the fixes

Debian 10.5 media testing process started 202008011145 - post 1 of several.

Debian 10.5 media testing - continuing quite happily - post 2 of several

Debian: Ben Hutchings, Chris Lamb, and Jonathan Carter

Filed under
Debian

  • Ben Hutchings: Debian LTS work, July 2020

    I was assigned 20 hours of work by Freexian's Debian LTS initiative, but only worked 5 hours this month and returned the remainder to the pool.

    Now that Debian 9 'stretch' has entered LTS, the stretch-backports suite will be closed and no longer updated. However, some stretch users rely on the newer kernel version provided there. I prepared to add Linux 4.19 to the stretch-security suite, alongside the standard package of Linux 4.9. I also prepared to update the firmware-nonfree package so that firmware needed by drivers in Linux 4.19 will also be available in stretch's non-free section. Both these updates will be based on the packages in stretch-backports, but needed some changes to avoid conflicts or regressions for users that continue using Linux 4.9 or older non-Debian kernel versions. I will upload these after the Debian 10 'buster' point release.

  •        

  • Chris Lamb: Free software activities in July 2020

    As part of being on the board of directors of the Open Source Initiative and Software in the Public Interest I attended their respective monthly meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regarding logistics and policy etc. This month, it was SPI's Annual General Meeting and the OSI has been running a number of remote strategy sessions for the board.

  •        

  • Jonathan Carter: Free Software Activities for 2020-07

    Here are my uploads for the month of July, which is just a part of my free software activities, I’ll try to catch up on the rest in upcoming posts. I haven’t indulged in online conferences much over the last few months, but this month I attended the virtual editions of Guadec 2020 and HOPE 2020. HOPE isn’t something I knew about before and I enjoyed it a lot, you can find their videos on archive.org.

Why has Debian been gripped by vendettas?

Filed under
Debian

Debian Community News and the Uncensored Debian Planet site (follow the RSS feed if you want all sides of the story) have cast a new light on uncomfortable truths about the way free software is produced.

As people dig deeper, they are surprised to find that evidence of cult phenomena is indisputable while accusations against victims lack any evidence whatsoever.

Nonetheless, running an elaborate cult surely takes time and effort. Why would anybody bother to do this?

Credibility of Debian's name

Debian, thanks to the the Debian Social Contract, long history and technical reliability, has built up a reputation for technical competence.

When somebody associated with Debian points out that Google's privacy policy is no more than a modern-day re-write of The Emperor's New Clothes, their concerns are often amplified and widely noticed.

Companies like Google resent this, so they exert influence in various ways to discredit those individuals who speak the truth.

We see exactly the same phenomena in the United States right now where President Trump has been trying to undermine his country's leading expert on pandemics, Dr Anthony Fauci.

Read more

Debian: Former DPL Chris Lamb, Current DPL Jonathan Carter and Steve Kemp

Filed under
Debian

           

  • Chris Lamb: Pop culture matters

    Many people labour under the assumption that pop culture is trivial and useless while only 'high' art can grant us genuine and eternal knowledge about the world. Given that we have a finite time on this planet, we are all permitted to enjoy pop culture up to a certain point, but we should always minimise our interaction with it, and consume more moral and intellectual instruction wherever possible.

    Or so the theory goes. What these people do not realise is that pop culture can often provide more information about the world, humanity in general and — what is even more important — ourselves.

    This is not quite the debate around whether high art is artistically better, simply that pop culture can be equally informative. Jeremy Bentham argued in the 1820s that "prejudice apart, the game of push-pin is of equal value with the arts and sciences of music and poetry", that it didn't matter where our pleasures come from. (John Stuart Mill, Bentham's intellectual rival, disagreed.) This fundamental question of philosophical utilitarianism will not be resolved here.

    [...]

    In summary, we can simultaneously say that pop culture is not worthy of our time relative to other pursuits while consuming however much of it we want, but deliberately dismissing pop culture doesn't mean that a lot of other people are not interacting with it and is therefore undeserving of any inquiry. And if that doesn't convince you, just like the once-unavoidable millennial pink, simply sticking our collective heads in the sand will not mean that wider societal-level ugliness is going to disappear anytime soon.

  • Jonathan Carter: Free Software Activities for 2020-06

    Hmm, this is the latest I’ve posted my monthly updates yet (nearly by a month!). June was both crazy on the incoming side, and at the same time I just wasn’t that productive (at least since then I caught up a lot). In theory, lockdown means that I spend less time in traffic, in shops or with friends and have more time to do stuff, in practice I go to bed later and later and waste more time watching tv shows and playing mobile games. A cycle that I have at least broken free from since June.

  • Steve Kemp: I'm a bit of a git (hacker?)

    Sometimes I enjoy reading the source code to projects I like, use, or am about to install for the first time. This was something I used to do on a very regular basis, looking for security issues to report. Nowadays I don't have so much free time, but I still like to inspect the source code to new applications I install, and every now and again I'll find the time to look at the source to random projects.

    Reading code is good. Reading code is educational.

    One application I've looked at multiple times is redis, which is a great example of clean and well-written code. That said when reading the redis codebase I couldn't help noticing that there were a reasonably large number of typos/spelling mistakes in the comments...

Tails 4.9, the Amnesic Incognito Live System, Released with Linux Kernel 5.7

Filed under
Security
Debian

Tails 4.9 is a monthly update that’s here to replace last month’s Tails 4.8 release for those who want to install the popular amnesic incognito live system on new computers.

Therefore, Tails 4.9 is just an updated installation media containing various up-to-date components. The most important updated component in this release being the Linux kernel, which has been updated to version 5.7.6.

Tails 4.8 was using Linux kernel 5.6, which is no longer supported, so the inclusion of the latest Linux 5.7 kernel series in Tails is great news for those who want to run the Debian-based distribution on newer hardware.

Read more

Syndicate content

More in Tux Machines

5 tips for making documentation a priority in open source projects

Open source software is now mainstream; long gone are the days when open source projects attracted developers alone. Nowadays, users across numerous industries are active consumers of open source software, and you can't expect everyone to know how to use the software just by reading the code. Even for developers (including those with plenty of experience in other open source projects), good documentation serves as a valuable onboarding tool when people join a community. People who are interested in contributing to a project often start by working on documentation to get familiar with the project, the community, and the community workflow. Read more

5 reasons to run Kubernetes on your Raspberry Pi homelab

There's a saying about the cloud, and it goes something like this: The cloud is just somebody else's computer. While the cloud is actually more complex than that (it's a lot of computers), there's a lot of truth to the sentiment. When you move to the cloud, you're moving data and services and computing power to an entity you don't own or fully control. On the one hand, this frees you from having to perform administrative tasks you don't want to do, but, on the other hand, it could mean you no longer control your own computer. This is why the open source world likes to talk about an open hybrid cloud, a model that allows you to choose your own infrastructure, select your own OS, and orchestrate your workloads as you see fit. However, if you don't happen to have an open hybrid cloud available to you, you can create your own—either to help you learn how the cloud works or to serve your local network. Read more

today's howtos and leftovers

  • Linux commands for user management
  • CONSOOM All Your PODCASTS From Your Terminal With Castero
  • Install Blender 3D on Debian 10 (Buster)
  • Things To Do After Installing openSUSE Leap 15.2
  • GSoC Reports: Fuzzing Rumpkernel Syscalls, Part 2

    I have been working on Fuzzing Rumpkernel Syscalls. This blogpost details the work I have done during my second coding period.

  • Holger Levsen: DebConf7

    DebConf7 was also special because it had a very special night venue, which was in an ex-church in a rather normal building, operated as sort of community center or some such, while the old church interior was still very much visible as in everything new was build around the old stuff. And while the night venue was cool, it also ment we (video team) had no access to our machines over night (or for much of the evening), because we had to leave the university over night and the networking situation didn't allow remote access with the bandwidth needed to do anything video. The night venue had some very simple house rules, like don't rearrange stuff, don't break stuff, don't fix stuff and just a few little more and of course we broke them in the best possible way: Toresbe with the help of people I don't remember fixed the organ, which was broken for decades. And so the house sounded in some very nice new old tune and I think everybody was happy we broke that rule.

Programming Leftovers

  • Podcast: COBOL development on the mainframe

    Nic reached out when COBOL hit the news this spring to get some background on what COBOL is good for historically, and where it lives in the modern infrastructure stack. I was able to talk about the basics of COBOL and the COBOL standard, strengths today in concert with the latest mainframes, and how COBOL back-end code is now being integrated into front ends via intermediary databases and data-interchange formats like JSON, which COBOL natively supports.

  • What I learned while teaching C programming on YouTube

    The act of breaking something down in order to teach it to others can be a great way to reacquaint yourself with some old concepts and, in many cases, gain new insights. I have a YouTube channel where I demonstrate FreeDOS programs and show off classic DOS applications and games. The channel has a small following, so I tend to explore the topics directly suggested by my audience. When several subscribers asked if I could do more videos about programming, I decided to launch a new video series to teach C programming. I learned a lot from teaching C, and in the process, I came across some meaningful takeaways I think others will appreciate. Make a plan For my day job, I lead training and workshops to help new and emerging IT leaders develop new skills. Outside of regular work, I also enjoy teaching as an adjunct professor. So I'm very comfortable constructing a course outline and designing a curriculum. That's where I started. If you want to teach a subject effectively, you can't just wing it. Start by writing an outline of what topics you want to cover and figure out how each new topic will build on the previous ones. The "building block" method of adding new knowledge is key to an effective training program.

  • Google's Flutter 1.20 framework is out: VS Code extension and mobile autofill support
  • Google Engineers Propose "Machine Function Splitter" For Faster Performance

    Google engineers have been working on the Machine Function Splitter as their means of making binaries up to a few percent faster thanks to this compiler-based approach. They are now seeking to upstream the Machine Function Splitter into LLVM. The Machine Function Splitter is a code generation optimization pass for splitting code functions into hot and cold parts. They are doing this stemming from research that in roughly half of code functions that more than 50% of the code bytes are never executed but generally loaded into the CPU's data cache.

  • Modernize network function development with this Rust-based framework

    The world of networking has undergone monumental shifts over the past decade, particularly in the ongoing move from specialized hardware into software defined network functions (NFV) for data plane1 and packet processing. While the transition to software has fashioned the rise of SDN (Software-defined networking) and programmable networks, new challenges have arisen in making these functions flexible, efficient, easier to use, and fast (i.e. little to no performance overhead). Our team at Comcast wanted to both leverage what the network does best, especially with regards to its transport capacity and routing mechanisms, while also being able to develop network programs through a modern software lens—stressing testing, swift iteration, and deployment. So, with these goals in mind, we developed Capsule, a new framework for network function development, written in Rust, inspired by Berkeley's NetBricks research, and built-on Intel's Data Plane Development Kit (DPDK).

  • This Week in Rust 350
  • Firefox extended tracking protection

    This Mozilla Security Blog entry describes the new redirect-tracking protections soon to be provided by the Firefox browser.

  • Karl Dubost: Browser developer tools timeline

    I was reading In a Land Before Dev Tools by Amber, and I thought, Oh here missing in the history the beautifully chiseled Opera Dragonfly and F12 for Internet Explorer. So let's see what are all the things I myself didn't know.

  • Daniel Stenberg: Upcoming Webinar: curl: How to Make Your First Code Contribution

    Abstract: curl is a wildly popular and well-used open source tool and library, and is the result of more than 2,200 named contributors helping out. Over 800 individuals wrote at least one commit so far. In this presentation, curl’s lead developer Daniel Stenberg talks about how any developer can proceed in order to get their first code contribution submitted and ultimately landed in the curl git repository. Approach to code and commits, style, editing, pull-requests, using github etc. After you’ve seen this, you’ll know how to easily submit your improvement to curl and potentially end up running in ten billion installations world-wide.