Language Selection

English French German Italian Portuguese Spanish


today's leftovers

Filed under
  • 2020-03-23 | Linux Headlines

    Folding@home’s processing power continues to surge in the fight against COVID-19, Audacious switches to QT5, UBports and Volla join forces, and MythTV rolls out modern decoding improvements.

  • F2FS File-System Adding Zstd Compression Support In Linux 5.7

    Being introduced by Linux 5.6 is optional F2FS transparent data compression support that was implemented with LZO and LZ4. Now for the Linux 5.7 kernel there is Zstd compression support on the way.

    Flash-Friendly File-System (F2FS) maintainer Jaegeuk Kim today merged a patch from a Huawei engineer for supporting the Zstandard compression algorithm with this file-system level compression support. On Linux 5.7 and later it means setting compress_algorithm=zstd when mounting an F2FS file-system can enable this Zstd compression capability.

  • Microsoft discloses new Windows vulnerability that’s being actively exploited

    The flaw involves the Adobe Type Manager Library, which helps Windows render fonts. “There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane,” according to Microsoft. The vulnerability has a severity level of “critical,” which is the company’s highest rating.

    There isn’t currently a patch available to fix the flaw, though Microsoft’s advisory notes that updates to address security vulnerabilities are usually released as part of Update Tuesday, typically scheduled for the second Tuesday of every month. That means, in theory, the next Update Tuesday is scheduled for April 14th.

  • macOS, Windows 10 and Ubuntu Hacked at Pwn2Own 2020

    macOS, Windows 10 and Ubuntu were some of the software that fell to exploits on day 1 of Pwn2Own 2020. A total of $180,000 was up for grabs for 9 bugs in 3 categories, and hackers were able to defeat the security mechanisms in three of the most popular desktop operating systems out there.

    Due to coronavirus, the annual Pwn2Own event was held virtually, instead of in Vancouver, Canada. The hackers had prepared exploits in advance and sent them to organizers to demonstrate in a live presentation to all participants.

  • HashiCorp Accelerates Multi-Cloud Transformation Efforts

    HashiCorp got its start primarily as a DevOps vendor with the popular Vagrant open-source tool for building and distributing development environments. In recent years, the company has expanded significantly, with a key focus on the cloud with multiple tools including Consul for service discovery, Nomad for orchestration and Terraform for enabling infrastructure as code.

    "The practical reality for most companies is that they will adopt multi-cloud in some capacity," Armon Dadgar, co-founder and CTO of HashiCorp, told ITPro Today. "So the day-to-day reality and the challenge for companies becomes how to operationalize that."

  • Best website builder software [Ed: Too much of this is proprietary exploiting Free software]

    Website builders are tools that allow the creation of web pages without programming knowledge. These are helped by a visual editor (WYSIWYG) to add content and adapt the design. Typically these are online tools such as Wix, Jimdo or Weebly, but there are also offline tools that can be used.

  • Chef’s COVID-19 Preparedness

    The novel coronavirus (COVID-19) and its impact on individuals, families, and businesses is real and significant. We respect the unique and essential role that Chef plays in the day-to-day operations of many businesses. During these extraordinary times, we want to share how we are prepared to continue to provide service to you in the coming weeks and months.

today's leftovers

Filed under
  • State of KPhotoAlbum

    So far, this goal is doing quite well. A visible indicator of this is the new website, which is not just good-looking, but visually in line with other KDE project websites.

    On a personal note, I went to FOSDEM this year. Unfortunately, my time with other KDE people was very limited (to put it mildly), as I was occupied with FSFE topics. I did, however, say hello at the KDE booth, and was very touched by the warm welcome there. Bhushan immediately recognised me and handed me a KDE nametag, and I had a nice chat with Nicolas about some Purpose issue I was having.


    The KDE community has decided on three goals to focus on for the next couple of years.

    We already have some ideas on how to improve KPhotoAlbum regarding the Consistency goal. If you have further suggestions and ideas we would love to hear them!

  • Windows Store Monthly Statistics [Ed: Windows 'Store' is a failure. Just like WSL.]

    A nice stream of new users for our software on the Windows platform.

    If you want to help to bring more stuff KDE develops on Windows, we have some meta Phabricator task were you can show up and tell for which parts you want to do work on.

  • Who really coined the term 'Open Source'?

    Today, in 2020, “Open Source” is a well understood, widely used concept. Everyone who works within the software development world understands what it means. But… who coined the term? Who is the first person to actually use the phrase “open source” in reference to software? Let's dive into some of the (sometimes conflicting) statements from multiple people… and what the reality actually looks like. Was it Eric S Raymond or Bruce Perens?

  • Cloud Foundry Foundation Announces KubeCF is New Incubating Project

today's leftovers

Filed under
  • Are cloud platforms breaking down organizational barriers in the digitalization of banking?

    What if all your cloud plans and transformation efforts are technically brilliant, but fail spectacularly because your organization couldn't adapt and excel at using them? Culture is an important part of the transformation of the bank, but it's the hardest to get right and often overlooked.

    For a number of banks, the question of whether cloud platforms are breaking down organizational barriers is a mixed bag. Advancements in build and deployment automation have made it easier to create and deliver software more quickly and with less organizational friction, and cloud platforms have changed the way software is built and delivered.

    However, breaking down outdated software delivery practices and processes, and improving overall productivity remains a nagging issue for banks, and creating a culture focused on automation is not an easy task. Too often banks enthusiastically depoy new technology platforms with the promise of increased efficiency and productivity, only to be disillusioned by the fact that many of the same old problems still remain.

  • Check Out Ubuntu France’s Fantastic Focal Fossa Tee

    The fabulously fervent folks in the Ubuntu France community have fashioned Ubuntu’s latest mascot animal into a first-rate new t-shirt design.

    Not that that particular activity is new; the Ubuntu France team has created custom artwork to ‘showcase’ the past few Ubuntu releases — as you may well know if you follow this site over on Twitter:

  • How Open-Source Projects Are Driving Innovation In Tech

    I got a chance to deeply understand the world of OSS (Open Source Software) while I was at Docker, which is one of the most popular and used open source projects. I have to confess that I fell in love with this method of writing and consuming software.

today's leftovers

Filed under
  • FLOSS Weekly 570: xs:code

    Open Source That Makes Sense. xs:code helps you pay open source developers to maintain and improve their code – so you don't have to.

    Xs:code was started with one goal in mind – empowering developers on both sides of the equation. Both open source developers, and developers who use open-source when developing for companies and R&D teams. Xs:code truly believes that creating a sustainable way to develop and use open source, is a mutual interest of developers, and commercial companies alike.

  • Open Source Software: Mitigating the Risks to Reap the Rewards

    Initially developed by Richard Stallman in 1983 and popularized by Linus Torvalds in the early 1990s, open source software has evolved tremendously over the last 37 years. Although it started out as a niche practice, it became more mainstream in the 2000s. Its value was initially verified by Sun Microsystems’ $1 billion acquisition of MySQL in 2008, and more recently by IBM’s purchase of Red Hat for $34 billion last year. Now the most popular open source software, GNU/Linux runs on nearly 70% of web servers and is maintained by more than 15,000 unique programmers around the world. However, there remains an ongoing debate within the tech industry on both the pros and cons of open source software. We’ve taken a look at a couple of each and discussed below.

  • Covid-19: Bootlin proposes online sessions for all its courses

    Like many of us, due to the Covid-19 outbreak, you may be forced to work from home, to limit your contacts with other people and fight the spread of the disease. To take advantage from this time confined at home, we are now proposing all our training courses as online seminars. You can then benefit from the contents and quality of Bootlin training sessions, without leaving the comfort and safety of your home. During our online seminars, our instructors will alternate between presentations and practical demonstrations, executing the instructions of our practical labs.

  • Activities you can do at home this week!

    At the Raspberry Pi Foundation, our mission is to put the power of computing and digital making into the hands of people all over the world. We know that a lot of families around the globe are navigating school closures and practicing social distancing right now to keep their communities healthy and safe.

  • Arrows gallery

    For the LibreOffice 7.0 release I work on galleries. One which is ready for testers is a new/updated arrows gallery.

  • Icon gallery

    I submit a new gallery for LibreOffice called Icons. It show some usefull [sic] icons/symbols which can be used in all LibreOffice apps. If you search for app icons they area already available in the GUI widget prototyping extension.

  • RSS: The Original Federated Social Network Protocol

    So what is RSS? The acronym has a bit of a checkered history. Currently RSS stands for Rich Site Summary, originally RDF Site Summary, but it is often known by the more common term Really Simply Syndication. Which ever name you call it by, RSS is a standardized format for listing the most recent updates for a website. The majority of websites and blogs publish a feed of updates, either in RSS format or its close cousin, the Atom Syndication Format (ATOM). YouTube channels, Podcasts, most web comics, and many news sites expose all their updates in one of these standardized formats. Most RSS readers support scanning websites to find their feeds, in formats such as RSS 0.9, 1.x, 2.x or ATOM. RSS readers poll websites regularly, and display updates from websites users are subscribed to.

  • DDoS botnets have abused three zero-days in LILIN video recorders for months

    Digital video recorders are devices installed on company networks that aggregate video feeds from local CCTV or IP camera systems and record it on various types of storage systems, like HDDs, SSDs, USB flash drives, or SD memory cards.

  • Multiple botnets are spreading using LILIN DVR 0-day

    The LILIN 0-day vulnerability is made of 3 parts: hard-coded login credentials, /z/zbin/dvr_box command injection vulnerabilities and /z/zbin/net_html.cgi arbitrary file reading vulnerabilities, /z/zbin/dvr_box provides Web services, and its web interface /dvr/cmd and /cn/cmd have a command injection vulnerability. The injected parameters have been: NTPUpdate, FTP, and NTP.


    LILIN users should check and update their device firmwares in a timely fashion, and strong login credentials for the device should be enforced.

    The relevant malicious IPs, URLs and domains should be blocked and investigated on users’network.

today's leftovers

Filed under
  • Chrome OS to shrink Linux disk image for Chromebooks with limited storage

    Linux apps bring a lot to the table for Chromebook users. The ability to have installable applications for which there isn’t a web-based alternative is huge and it could play an integral part in launching Chrome OS to a new level of usability and consumer popularity. Apart from the learning curve involved in navigating Linux apps, another problem that users will face is disk space.

  • Google develops Linux tool that tackles USB keystroke injection attacks

    Google has developed a tool for Linux machines that combats USB keystroke injection attacks by flagging suspicious keystroke speeds and blocking devices classified as malicious.

    Keystroke injection attacks can execute malicious commands via a thumb drive connected to a host machine, by running code that mimics keystrokes entered by a human user.

    In a post on the Google Open Source blog, Google security engineer Sebastian Neuner explained Google’s tool uses two heuristic variables – KEYSTROKE_WINDOW and ABNORMAL_TYPING – to distinguish between benign and malicious inputs.

    Measuring the time between two keystrokes, KEYSTROKE_WINDOW can generate false positives if users hit two keys almost simultaneously, although accuracy rises along with the number of keystrokes logged.

  • AMD SEV-ES Guest Support Updated With More Improvements, Rebased

    Back in February came patches for AMD SEV-ES "Encrypted State" support as building off the Linux kernel's existing support for Secure Encrypted Virtualization in conjunction with AMD EPYC processors. The SEV-ES enablement work has now been revised.

    The SEV "Encrypted State" patches sent out this morning are for enabling Linux to run as a guest under an SEV-ES enabled hypervisor. The encrypted state portion of SEV is about protecting the guest register state from the hypervisor, beyond the memory encrypted afforded by SEV. The CPU register state becomes encrypted by SEV-ES and cannot be accessed or modified by the hypervisor in order to fend off control-flow attacks and other similar attacks.

  • Mesa 20.1 Aiming For Release At The End Of May

    This should come as little surprise to regular Phoronix readers and those that follow the Mesa release cadence, but Mesa 20.1 as the next quarterly feature release now has a release calendar putting its debut towards the end of May.

    May 20 is the target date for releasing Mesa 20.1.0 as the next feature release date. As usual, it's towards the end of the second month of the quarter. However, what tends to occur most often is that due to blocker bugs, Mesa feature releases usually get dragged well into the third month of the quarter before seeing their debut.

  • Daniel Stenberg: curl: 22 years in 22 pictures and 2222 words

    curl turns twenty-two years old today. Let’s celebrate this by looking at its development, growth and change over time from a range of different viewpoints with the help of graphs and visualizations.

    This is the more-curl-graphs-than-you-need post of the year. Here are 22 pictures showing off curl in more detail than anyone needs.

    I founded the project back in the day and I remain the lead developer – but I’m far from alone in this. Let me take you on a journey and give you a glimpse into the curl factory. All the graphs below are provided in hires versions if you just click on them.

    Below, you will learn that we’re constantly going further, adding more and aiming higher. There’s no end in sight and curl is never done. That’s why you know that leaning on curl for Internet transfers means going with a reliable solution.

  • Forking Great: the Arc GTK Theme Lives!

    A fork of the Arc GTK theme is available on GitHub and it picks up exactly where the theme’s previous authors left off.

    Why is this news? Well, you may recall I wrote about the dire state of Arc’s maintainer-ship a few weeks back. To put it bluntly: there isn’t one.

    But a number of you got in touch with me after I published that post to let me know about a new, actively maintained, albeit unofficial, continuation.

    And boy I am glad that you did!

    This isn’t a stale fork of the Arc theme code, either. This is an actively maintained branch with lots of bug fixes and other finesse to bring the theme as up-to-date as possible.

  • Friends of GNOME Update March 2020

    Welcome to the Friends of GNOME Update, March 2020 edition! We have some exciting things in the works and a shiny new GNOME release.

  • Bunker Up: Remote Work with a Bastion Host
  • Paragon Software and Sagemcom Partner to Offer Solutions for Linux Systems

    Paragon Software, a file systems and storage management provider, and Sagemcom Broadband, are partnering to embed Paragon into Sagemcom’s Linux-based series of routers.

    “We are pleased to partner with Sagemcom Broadband to empower end-users with full access to exFAT-formatted data from Linux systems,” said Konstantin Komarov, CEO of Paragon Software Group. “Paragon is known for reliability and quality, and through its OEM reach, it is leading the way for greater interoperability. exFAT is the ideal system to integrate into routers and to provide streamlined file transfers, enabling a more powerful customer experience. The alliance with Sagemcom marks an important milestone in our business and underscores our position as a leader in the file system and storage market.”

  • Open Source Goes Mainstream – How Sharing Is Shaping The Future Of Music [Ed:Openwashing buy reducing the brand "open source" to just about nothing at all]

    Open source developments in music are leading the industry in a new direction. An increasing number of creators, for example, are building custom instruments and software, then choosing to make the products open source, or sharable in source code format, which allows other creators to produce derivative works free of charge for non-commercial use.

    “While open sourcing has been happening on a small scale among academics for some time, it converted over the past few years and is now growing mainstream,” says Ajay Kapur, professor and director of music technology at the California Institute of the Arts (CalArts), pointing to a new movement of electronic artists seeking to create unique sounds and names for themselves on social media. “It’s been really amazing, there has been so much open source stuff happening in the industry driven by the maker movement.”

  • COVID-19 Themed Multistage Malware

    More and more countries are closing their borders and ask citizens to stay at home. The COVID-19 virus is everywhere and also used in campaigns to lure more victims who are looking for information about the pandemic. I found a malicious email that delivers a multi-stage malware.

    It spoofs a World Health Organisation email and pretends to provide recommendations to the victim: [...]

  • EU Considering Enacting Right-To-Repair To Return Power To Consumers, Protect The Environment

    Right-to-repair laws are still a work in progress, mainly due to industry opposition. The wants and needs of millions of device/vehicle owners don't amount to a hill of beans in this world full of interloping industry leaders, as noted DIY repairman/nightclub owner Rick Blaine once sourly noted.

Today's leftovers

Filed under
  • Layout the DVA | BSD Now 342

    OpenBSD Full disk encryption with coreboot and tianocore, FreeBSD 12.0 EOL, ZFS DVA layout, OpenBSD’s Go situation, AD updates requires changes in TrueNAS and FreeNAS, full name of FreeBSD’s root account, and more.

  • Solus + Visual Studio Code | Choose Linux 31

    We try out Solus and are all impressed by this independent distro. Then Ell and Drew sing the praises of Visual Studio Code - a text editor that's packed full of features.

  • Whonix VirtualBox - Point Release!

    Whonix is being used by Edward Snowden, journalists such as Micah Lee, used by the Freedom of the Press Foundation and Qubes OS. It has a 7 years history of keeping its users safe from real world attacks. [1]

    The split architecture of Whonix relies on leveraging virtualization technology as a sandbox for vulnerable user applications on endpoints. This is a widely known weakness exploited by entities that want to circumvent cryptography and system integrity. Our Linux distribution come with a wide selection of data protection tools and hardened applications for document/image publishing and communications. We are the first to deploy tirdad, which addresses the long known problem of CPU activity affecting TCP traffic properties in visible ways on the network and vanguards, an enhancement for Tor produced by the developers of Tor, which protects against guard discovery and related traffic analysis attacks. Live Mode was recently added. We deliver the first ever solutions for user behavior masking privacy protections such as Kloak. Kloak prevents websites from recognizing who the typist is by altering keystroke timing signatures that are unique to everyone.

  • openSUSE's board turmoil

    Like many larger free-software projects, openSUSE has an elected board that is charged with handling various non-technical tasks: organizing events, dealing with conduct issues, managing the project's money, etc. Sitting on such a board is usually a relatively low-profile activity; development communities tend to pay more attention to technical contributions than other types of service. Every now and then, though, board-related issues burst into prominence; that is the case now in the openSUSE project, which will be holding a special election after the abrupt resignation of one-third of its board.

    The openSUSE project has, in fact, just held a board election that closed on January 31. There were four candidates for the two available seats; in the end, Simon Lees was returned to the board for another term and Sarah Julia Kriesch won the other seat. The discussion over the course of the election was perhaps a bit more contentious than usual, with Kriesch in particular stirring things up by claiming to be the driving force behind the in-progress openSUSE foundation effort and seemingly overlooking the existence of openSUSE contributors in China (something she later apologized for). That all settled down, though, and it appeared that the new board was set to get to work after the announcement of the results on February 1.

  • Whiskey Lake thin Mini-ITX board has PCIe golden finger

    Avalue’s Linux-ready “EMX-WHL-GP” is a thin Mini-ITX board with 8th Gen Whiskey Lake CPUs, triple displays, 3x GbE, SATA with power, 2x M.2, PCIe, and optional -20 to 60°C support.

    Avalue announced an industrial thin Mini-ITX board that runs Linux or Win 10 on Intel’s 8th Gen Whiskey Lake U-series processors. The EMX-WHL-GP has much in common with its 6th or 7th Gen EMX-KBLU2P thin Mini-ITX model, but adds a third GbE port and a PCIe golden finger interface among other enhancements.

  • Building a split mechanical keyboard with a Raspberry Pi Zero controller

    Looking to build their own ergonomic mechanical split keyboard, Gosse Adema turned to the Raspberry Pi Zero W for help.

  • The reckless, infinite scope of web browsers

    Since the first browser war between Netscape and Internet Explorer, web browsers have been using features as their primary means of competing with each other. This strategy of unlimited scope and perpetual feature creep is reckless, and has been allowed to go on for far too long.

    I used wget to download all 1,217 of the W3C specifications which have been published at the time of writing1, of which web browsers need to implement a substantial subset in order to provide a modern web experience. I ran a word count on all of these specifications. How complex would you guess the web is?

    The total word count of the W3C specification catalogue is 114 million words at the time of writing. If you added the combined word counts of the C11, C++17, UEFI, USB 3.2, and POSIX specifications, all 8,754 published RFCs, and the combined word counts of everything on Wikipedia’s list of longest novels, you would be 12 million words short of the W3C specifications.2

    I conclude that it is impossible to build a new web browser. The complexity of the web is obscene. The creation of a new web browser would be comparable in effort to the Apollo program or the Manhattan project.


    The major projects are open source, and usually when an open-source project misbehaves, we’re able to to fork them to offer an alternative. But even this is an impossible task where web browsers are concerned. The number of W3C specifications grows at an average rate of 200 new specs per year, or about 4 million words, or about one POSIX every 4 to 6 months. How can a new team possibly keep up with this on top of implementing the outrageous scope web browsers already have now?

    The browser wars have been allowed to continue for far too long. They should have long ago focused on competing in terms of performance and stability, not in adding new web “features”. This is absolutely ridiculous, and it has to stop.

  • Firefox 76 Enabling VA-API Wayland Acceleration For All Video Codecs

    With the upcoming Firefox 75 there is VA-API GPU-based video acceleration working on Wayland. While this built off FFmpeg, the initial code was limited to supporting H.264 while for Firefox 76 that is being extended.

    There has been the bug report to track VP9 decode support using VA-API. That was done by Red Hat's Martin Stránský who has been leading this Wayland and VA-API work.

    As of Wednesday, support was merged so VA-API on Wayland uses all video formats available. Up until now (and for Firefox 75) there was code limiting the support to the H.264 codec while for Firefox 76 those limitations are set to be cleared.

  • The Unicode Standard Now Includes CC License Symbols

    The latest Unicode Standard adds 5,930 characters, including 4 new scripts, 55 new emoji characters, and the following CC license symbols:

  • African WhatsApp Modders are the Masters of Worldwide Adversarial Interoperability

    Since the earliest days of consumer computing, computer users have asserted their right to have a say in how their tools worked: whether it was Gopher delivering easy new ways to access services that had originally been designed for power users who could memorize obscure addresses and arcane commands; or toolkits like Hypercard and Visual Basic, which let everyday people automate their work; or Scratch, which lets kids design games and apps that come from their imaginations, rather than an app store.

    This ability to adapt your tools is especially urgent when those tools are designed by people who live very different lives from your own. The disability rights movement's rallying cry of "Nothing about us without us," crystallizes generations of discontent with the high-handed attitude of distant “experts” who built systems and tools without truly working together with those who use and are affected by them. Technologists are especially notorious for this high-handedness: —like the Honeywell 316, a $10,600 "kitchen computer" for storing recipes that was offered for sale in the 1969 Nieman Marcus catalog. It was designed for women by men, but no women wanted or needed a kitchen computer, and they didn't sell a single one. Despite this ghastly failure, early computer vendors continued to market their wares to women by advertising the ability to store and retrieve recipes.

  • Uber open-sources Piranha, a tool that automatically deletes stale code

    Uber today made available in open source Piranha, a tool that automatically deletes stale and unused code from app codebases. The company says it eliminates the need for engineers to engage in the task of code removal themselves, which often prevents them from working on newer features.

  • Amazon is looking to bring Target and Walmart into an open source technology group

    The e-tailer, which formed an open source organization called Dent last year, is now looking to bring Target and Walmart into the fold, per The Wall Street Journal.

    But Target and Walmart reportedly don’t plan to participate at this point. Dent has access to some of the technologies that enable Amazon to operate its Go stores, which feature autonomous checkout, and already works with technology solutions firm Marvell Technology Group and networking software provider Cumulus Networks. The open source nature of Dent means that firms that download Amazon’s software can use it as they like without collaborating directly with Amazon.

today's leftovers

Filed under
  • Behind the Scenes: LINUX Unplugged | Jupiter Extras 64

    We share what goes into making LINUX Unplugged special, and have a laugh at some of our bad ideas from show past.

  • OpenType, Harfbuzz, Qt : Not exactly a love story

    As far as ideas go there are a couple of approaches one is to follow the way Scribus does, which offloads the rendering to something like cairo which could handle this in a much better way. That would also require us to develop a couple of intermediate data structures that could hold the info, but that is not the biggest challenge. The problem here is the text editor dialog cause then you got relay what is being displayed on the canvas to the text editor dialog. And there you have to draw the cursor. Unfortunately drawing the cursor will be the biggest challenge here.

    The other way is to write a new Text Engine and hook it up into Qt's API, which is to follow the following interface of QTextLayout if I going the right way. That way we won't have to worry about the text editor widget stuff. But I haven't explored this route that much and probably unaware of the challenges.

    As a basis for both, I do have a basic proof of concept ready, which could be taken for a ride from here. It uses libraqm which a thin wrapper over HarfBuzz, FriBidi and FreeType.


  • Ask Lunduke - Mar 16, 2020 - GPL'd code in a book?



    Ask Lunduke is a weekly podcast where the community can ask any question they like… and I (attempt to) answer them. This episode of Ask Lunduke is available two ways: At Patreon to all Patrons of The Lunduke Journal. At LBRY, for a small cost in LBC. Topics on Ask Lunduke this week: If you had to give up all of my computing devices… which would you miss the most?


  • Cybersecurity Firm Hired By Voatz To Audit Its System Finds Voatz Is Full Of Vulnerabilities

    Mobile voting app Voatz is still a mess. Two years ago, West Virginia decided to give the app a spin to allow some voters to vote from home during the midterm elections. Nobody in the security world thought this was a good idea. The only people who did feel this was a safe, secure way to collect votes were state legislators and Voatz itself. Some early poking and prodding by security researchers immediately found problems with Voatz's handling of votes, including out-of-date SSH and unproven facial recognition tech that was supposed to verify voters by matching their selfies to their government IDs.


  • TSA Admits Liquid Ban Is Security Theater



    Interesting context:


    The TSA can declare this rule change because the limit was always arbitrary, just one of the countless rituals of security theater to which air passengers are subjected every day. Flights are no more dangerous today, with the hand sanitizer, than yesterday, and if the TSA allowed you to bring 12 ounces of shampoo on a flight tomorrow, flights would be no more dangerous then. The limit was bullshit. The ease with which the TSA can toss it aside makes that clear.

  • In These Uncertain Times, We Are Here to Help

    As COVID-19 continues to impact the world, SUSE is committed to your success no matter the circumstances.

    During this time, we have established a Business Continuity Committee and have in place the right infrastructure and processes to stay up and running for you. Our Global Services teams are on standby to assist you, as always, via chat, email or phone. We are transforming our flagship event, SUSECON 2020, to a purely virtual one – so you can still access keynote content and digital resources.

today's leftovers

Filed under
  • Linux Action News 149

    Solid releases from GNOME and Firefox, bad news for custom Android ROM users, and a new container distro from Amazon.

    Plus Mozilla and KaiOS team up to bring the modern web to feature phones, and the surprising way Microsoft is shipping a Linux kernel.

  • Neofetch update 7.0 can show more information – bupskel and ArcoLinux Tweak Tool

    Content of the video

    we no longer have the ArcoLinux version in neofetch
    we learn why bupskel can be interesting
    do a bupskel before and after the update and then do a meld with these two new folders
    first do a skel to get the new config in your home directory
    or only copy/paste over the content of
    new : memory expressed in percentage
    new : show de version
    new : used disk in percentage
    we show you how to display the logo of another distro with neofetch –ascii_distro …
    we show you the difference between the three neofetch files in ~/.config/neofetch
    sysinfo still shows your ArcoLinux version
    cat /etc/lsb-release will also show your version
    we will show you how to use a logo

  • Open Source Alternative To Salesforce : Crust CRM

    Ireland based Crust Technologies is building a full open source alternative to Salesforce CRM. Crust CEO, Niall McCarthy explains why he created his company around open source solitons to take on Salesforce.

  • EY Launches Baseline Protocol, an Open Source Initiative for the Public Ethereum Blockchain [Ed: A "protocol" is not "open source"; quit openwashing.]

    EY announced the launch of the Baseline protocol, a new package of public domain blockchain tools that will allow enterprises to build and deploy procurement and other business processes securely and privately on the public Ethereum blockchain. EY developed the Baseline protocol in cooperation with ConsenSys and Microsoft.

  • Aiven increases access to managed Apache Kafka by providing it on AWS Marketplace

    Aiven, a startup that combines the best open source technologies with cloud infrastructure, announced today that its products will be available in the AWS Marketplace, starting with Aiven for Apache Kafka. This enables customers who use AWS to simplify their procurement process when purchasing Aiven products.

today's leftovers

Filed under
  • Intel Tiger Lake Gen12/Xe Graphics Driver Support Considered Stable With Linux 5.7

    Over the past year we have seen a steady flow of Intel Tiger Lake "Gen12" graphics enablement for the Linux kernel, their first generation also adopting the Xe Graphics branding as part of their discrete GPU initiative. With the Linux 5.7 kernel this spring will be the first release where the Gen12 graphics support is there by default as a sign of stability.

    While a lot of Tiger Lake enablement work on the graphics side has flown into recent kernel releases, it hasn't been exposed by default. Only if running i915.force_probe= as a Linux kernel parameter has that Gen12 graphics support been exposed. But with Linux 5.7, that flag will no longer be needed.

  • Best Wallpaper Changers For Linux Operating Systems

    These are the list of the automatic wallpaper changer for Linux based operating systems. Let’s check out some of the amazing and easy to use Linux wallpaper changers.

  • Hey Linux sysadmin, which backup technology do you use?
  • How the Raspberry Pi Foundation is responding to the novel coronavirus

    In this blog post, I want to share an update on how the Raspberry Pi Foundation is responding to the novel coronavirus and what it means for our work to support people all over the planet to change their world through technology.

  • Wio Terminal Features Microchip SAMD51 MCU, Dual-Band WiFI & Bluetooth WiFI, and 2.4″ LCD

    Seeed Studio has now introduced its own Arduino & MicroPython compatible SAMD51 platform with Wio Terminal also integrating an RTL8720DN dual-band WiFi 4 and Bluetooth 5.0 chip, and 2.4″ LCD display. There are also Grove connectors to add sensor modules, and a 40-pin header to use the device like a Raspberry Pi HAT.

  • LinuxFest Northwest 2020 cancelled by Wuhan Corona Virus

    I received word that LinuxFest Northwest – originally scheduled for April 25th and 26th in Bellingham, WA – has been cancelled due to the Wuhan Corona Virus. This is the official announcement just sent over by conference organizers: “With an abundance of precaution and care for the well-being of all LinuxFest presenters, sponsors, attendees, volunteers, and their loved ones, we have unanimously elected to not hold LFNW in-person at Bellingham Technical College this year.

  • Sonos Backs Off Plan To Brick Older, Still Functioning Speakers

    Back in January, Sonos took some well earned heat for a new product "recycle mode" that effectively bricked older smart speakers the company was no longer interested in supporting. They're now backtracking from the effort after significant backlash.

today's leftovers

Filed under
  • A look over what's on sale this weekend for Linux gaming fans

    Is it Friday already? Apparently it is. If you're stuck in across this weekend, we've rounded up some of the best deals going on for Linux gamers. First up, a reminder: AMD currently have a big sale going on some Ryzen processors, see here for more on that one. For the rest, I'll highlight a few and link to the full sale on each store.

  • Preview: Check out our footage from 'Resolutiion' - it's got some serious style

    After playing it, I have a great many questions that need answers and I am thoroughly looking forward to the full game where some of that will hopefully be answered. Perhaps my biggest question right now is: where the hell did that giant kitty come from and why is it tunnelling through the desert?

  • OSM-MR#8 Hackfest: the highlights

    The Canonical team is getting back from the OSM-MR#8 Hackfest with a lot of excitement and a fresh view on the OSM (Open Source MANO) project. Although due to the Coronavirus COVID-19 complication around the world the leadership group re-organised the Hackfest in the last moment to be fully remote, many people joined and we’ve seen a lot of new faces. We are now looking forward to hosting all of you in London, during the week of 1-5 of June.

  • What is “Support”?

    The first one is related to development and maintenance. This is where the Ubuntu Studio development team comes in. That scope is rather limited since most of the software included in Ubuntu Studio isn’t maintained or packaged by the development team, but rather other teams within Debian and Ubuntu. This includes the lowlatency kernel, which is maintained by the Ubuntu Kernel Team, and the desktop environment, which is maintained by the Xubuntu team.

    This support also deals with the length of time of the maintenance and upkeep of said components. For LTS releases it’s 3 years; for standard releases it’s 9 months.

  • The Last Hurrah Before The Server Recession

    Excepting some potholes here and there and a few times when the hyperscalers and cloud builders tapped the brakes, it has been one hell of a run in the last decade for servers. But thanks to the coronavirus outbreak and some structural issues with sections of the global economy – let’s stop pretending economies are national things anymore, because they clearly are not – this could be peak server for at least a few quarters. Maybe a few years.

    We started The Next Platform in 2015, but our experience in the systems market goes back to the aftermath of the 1987 stock market crash that eventually caused a recession in the late 1980s and early 1990s that really didn’t get resolved until the dot-com boom came along and injected a whole lot of hope and cash into the tech sector and then into every other sector that needed to become an “e-business.” When we think about transition points in IT, we think that the Great Recession was the point in time when a lot of different industries pivoted. And thus our financial analysis usually goes back to the Great Recession (when we are able to get numbers back that far) because we want to see how what is going on now compared to the difficult time we were going through then.

  • Data Sharing and Open Source Software Help Combat Covid-19

    On February 27, a teenager in the Seattle area was diagnosed with Covid-19. Shortly after, researchers at the Seattle Flu Study shared genomic data about his strain of the virus with other researchers on an “open science” site. Armed with that data, researchers involved with a second open science project determined that the teenager’s strain was a direct descendent of a strain of Covid-19 found in an unrelated patient in the Seattle area on January 20. The discovery was a key link in concluding that the virus had been spreading in the Seattle area for weeks.

    The way researchers connected those dots highlights the role of open science projects in tracking the evolution of Covid-19 and other diseases. Sharing data and working collaboratively across the web, scientists are quickly analyzing genetic samples, helping to shape the public response. But the rush to interpret the data also creates new risks.

    Viruses like Covid-19 spread by making copies of themselves. Each time they replicate, there's a chance that an error will be made, making the latest copy slightly different from the previous one. Emma Hodcroft, a postdoctoral quantitative genetics researcher at the University of Basel in Switzerland, likens these errors, known as mutations, to typos in the virus's DNA.

  • Niko Matsakis: Async Interview #7: Withoutboats

    Hello everyone! I’m happy to be posting a transcript of my async interview with withoutboats. This particularly interview took place way back on January 14th, but the intervening months have been a bit crazy and I didn’t get around to writing it up till now.

  • Mozilla does not respect user requests to stop tracking telemetry data

    A Firefox system add-on called telemetry-coverage may still be sending your IP address data to Mozilla even if you explicitly turn off telemetry data – which has privacy implications most people aren’t aware of as Mozilla stores telemetry data with a unique identifier tied to your specific Firefox client. All Firefox clients come with preinstalled system add-ons that function just like add-ons that a user would install themselves from the Add-ons store, except they’re there by default. A Mozilla employee commented on the SuperUser forum attempting to defend this action...

  • 10 Open-Source Datasets For Text Classification

    One of the popular fields of research, text classification is the method of analysing textual data to gain meaningful information. According to sources, the global text analytics market is expected to post a CAGR of more than 20% during the period 2020-2024. Text classification can be used in a number of applications such as automating CRM tasks, improving web browsing, e-commerce, among others.

    Check out 10 open-source datasets, which can be used for text classification. The Amazon Review dataset, for instance, consists of a few million Amazon customer reviews (input text) and star ratings (output labels) for learning how to train fastText for sentiment analysis. The size of the dataset is 493MB.

  • Bill Gates steps down from Microsoft board to focus on philanthropy [Ed: disclosure missing. Bill Gates repeatedly pays the BBC]

    Microsoft co-founder Bill Gates is stepping down from the company's board to spend more time on philanthropic activities.
    He says he wants to focus on global health and development, education and tackling climate change.
    One of the world's richest men, Mr Gates, 65, has also left the board of Warren Buffett's massive holding company, Berkshire Hathaway.

  • Windows Users Stream More Pirated Video than Others

    New research published by researchers from the Technology Policy Institute suggests that the more pirated video people watch online, the less legal video content they stream on average. Interestingly, the same data also reveal that, on average, Windows users pirate more video than those who use other operating systems.

Syndicate content

More in Tux Machines

today's leftovers

  • Mesa 20.0.3 Released With Latest Open-Source Graphics Driver Fixes

    While many of you are users of Mesa Git for experiencing the bleeding-edge graphics drivers especially if you are a gamer wanting peak performance, for those on the Mesa stable series the Mesa 20.0.3 update has now shipped. Mesa 20.0.3 is the latest bi-weekly point release for back-porting the fixes to this Q1'2020 stable series.

  • Adrien Plazas: A Coloring API for GTK

    This week we had the Design Tools Hackfest 2020, virtualized because of COVID-19, where we discussed that recoloring API. We came up with something I think is interesting enough to discuss more widely.

  • [Former Canonical manager] Dustin Kirkland: Coordinated Launch Cycles at Apex

    I joined Apex Clearing last year, having spent the previous 20 years as a software engineer, product manager, and executive, mostly around open source software, including Ubuntu, OpenStack, and Kubernetes. Albeit IBM, Canonical and Google differ from fintech on many levels, these operating systems and cloud infrastructure technology platforms share a number of similarities with Apex's software-as-a-service platform. Moreover, there also exists some literal overlap: we’re heavy users of both Ubuntu and Kubernetes here at Apex. Ubuntu, OpenStack, and Kubernetes all share similar, predictable, time-based release cycles. Ubuntu has released every April and October, since October of 2004 – that's 32 major software platform releases, on time, every time, over 16 years. Ubuntu has set the bar for velocity, quality, and predictability in the open source world. OpenStack’s development processes have largely mirrored Ubuntu’s, with many of the early project leaders having been ex-Ubuntu engineers and managers. OpenStack, too, has utilized a 6-month development cycle, since 2010, now on its 20th release. Kubernetes came along in 2014, and sought to increase the pace a bit, with quarterly release cycles. Kubernetes is a little bit looser with dates than Ubuntu or OpenStack, but has generally cranked out 4 quality releases per year, over the last 6 years. I’ve been involved in each of these projects at some level, and I’ve thoroughly enjoyed coaching a number of early stage start-ups on how to apply these principles to their product development methodologies.

  • Ulrike Uhlig: Breaking the chain reaction of reactions to reactions

    Each of these interactions is embedded in larger society, and, as said above, we learn these roles from childhood. Therefore, we perpetually reproduce power structures, and learnt behavior. I doubt that fixing this on an individual level is sufficient to transform our interactions outside of small groups, families or work places. Although that would be a good start. We can see that the triangle holds together because the Victim, seemingly devoid of a way to handle their own needs, transfers care of their needs to the Rescuer, thereby giving up on their autonomy. The Rescuer is provided by the Victim with a sense of autonomy, knowledge, and power, that only works while denying the Victim their autonomy. At the same time, the Persecutor denies everyone else's needs and autonomy, and feels powerful by dismissing others. I've recently mentioned the importance of autonomy in order to avoid burnout, and as a means to control one's own life. If the Rescuer can acknowledge being in the triangle, and give the Victim autonomy, by supporting them with compassion, empathy, and guidance, and at the same time respecting their own boundaries, we could find even more ways to escape the drama triangle.

GNOME 3.36 and 3.38

Launched three weeks ago on March 11th, the GNOME 3.36 “Gresik” desktop environment brings numerous new features and performance enhancements, including refreshed login and unlock screens, a more polished GNOME Shell, and a new Extensions app for managing GNOME Shell extensions. GNOME 3.36 also revamps the calendar popover with a built-in Do Not Disturb feature, reorganizes the Power off / Log out options to be more accessible, adds a password peeking feature to most auth dialogs, and redesigns many panels of the GNOME Control Center. Read more Also: GNOME 3.38 Desktop Environment Slated for Release on September 16

Today in Techrights

21 Important Penetration Tools in Kali Linux

Kali Linux uses many kinds of penetration tools to assess the security situation of your devices and networks. Whether you are looking to advance your career as an ethical tester or find the vulnerabilities of your systems, these powerful tools yield excellent results. Almost all of them should be accessible from the main Kali Linux terminal. Note: if you are an ethical tester, you must have the necessary permissions to access another person’s device, unless you’re testing on your own devices. Read more