Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Programming Leftovers

  • How the Integrated Gradients method works? - Vincent Lequertier's blog

    For artificial intelligence (AI) transparency and to better shape upcoming policies, we need to better understand the AI’s output. In particular, one may want to understand the role attributed to each input. This is hard, because in neural networks input variables don’t have a single weight that could serve as a proxy for determining their importance with regard to the output. Therefore, one have to consider all the neural network’s weights, which may be all interconnected. Here is how Integrated Gradients does this.

  • Want a piece of GitLab? It's going to cost you: IPO price per share settles at $77

    The one-stop shop approach by DevOps darling GitLab appears to have attracted an Initial Public Offering price of $77, giving the loss-making biz a potential valuation of $11bn GitLab finally filed for an IPO in September and this week upped the estimated price per share to between $66 and $69. The eventual price has turned out to be $77, well above the initial $55 to $60 first estimated. 8.42 million shares of Class A common stock are being sold. Founder and CEO Sytse Sijbrandij is selling another 1.98 million shares, according to the filing. Should that $77 price survive the start of trading today, GitLab's market value will nudge past $11bn.

  • Functional vs. object-oriented programming: The basics

    Committing to a programming paradigm is an important step in any application development effort. While they are hardly the only two options when it comes to overarching development models, the choice between functional programming and object-oriented programming is one that an increasing number of developers face today.

  • There is no 'printf'.

    Pop quiz! What will the following program return?

  • Malicious packages mitmproxy2 and mitmproxy-iframe removed from PyPI directory - itsfoss.net

    The author of mitmproxy , a tool for analyzing HTTP / HTTPS traffic, drew attention to the appearance of a fork of his project in the Python Package Index (PyPI) directory. The fork was distributed under the similar name mitmproxy2 and the non-existent version 8.0.1 (current release of mitmproxy 7.0.4) with the expectation that inattentive users will perceive the package as a new version of the main project ( typesquatting ) and wish to try the new version. In terms of its composition, mitmproxy2 was similar to mitmproxy, with the exception of changes in the implementation of malicious functionality. The changes were reduced to the termination of setting the HTTP header ” X-Frame-Options: DENY “, which prohibits the processing of content inside the iframe, disabling protection against XSRF attacks and setting the headers ” Access-Control-Allow-Origin: * “, ” Access-Control- Allow-Headers: * “and” Access-Control-Allow-Methods: POST, GET, DELETE, OPTIONS “.

  • Perl Weekly Challenge 134: Pandigital Numbers and Distinct Term Count
  • Sourcing vs executing in Bash

    What if, from the shell prompt, I could source the script, to bring the function definitions into my current environment, and then manually invoke the check function on a single pull request?

    Sourcing the script as it is would have the unwanted effect of running checks on all the pull requests, because the last line in the script actually invokes main, as it’s supposed to.

  • Rust-Based Cloud-Hypervisor 19.0 Released With Improved Live Migration, Faster Boot Time - Phoronix

    Cloud-Hypervisor 19.0 debuted this week as the Intel-led open-source VMM focused on supporting modern cloud workloads and written in the Rust programming language while leveraging the Linux's KVM virtualization code or the Microsoft MSHV hypervisor on Windows. Cloud-Hypervisor 19.0 continues to focus on only supporting 64-bit software, providing a minimal attack surface and other security improvements in part by leveraging Rust, and other modern-focused design principals.

  • Dyn async traits, part 6

    A quick update to my last post: first, a better way to do what I was trying to do, and second, a sketch of the crate I’d like to see for experimental purposes.

Proprietary Software and Security Issues

  • Running a recent Apache web server version? You probably need to patch it. Now

    The Apache Software Foundation has hurried out a patch to address a pair of HTTP Web Server vulnerabilities, at least one of which is already being actively exploited. Apache's HTTP Server is widely used, and the vulnerabilities, CVE-2021-41524 and CVE-2021-41773, aren't great. The latter, a path traversal and file disclosure flaw, is particularly problematic. The former was reported to Apache's security team on 17 September and can be exploited by an external source to DoS a server with a specially crafted request. It turned up in version 2.4.49, which was released on September 15, and the Apache crew is not aware of any exploit.

  • VoIP Unlimited hit by outage in wake of DDoS claims • The Register

    A British VoIP firm has staggered back to its feet after being smacked with a series of apparent DDoSes a month after suffering a series of sustained attacks it said were delivered by the REvil ransomware gang. In an update at 11:56 UK time, it said it was "continuing to suffer from large scale DDoS attacks. VoIP Unlimited engineers are continuing to mitigate the impact on services."

  • Source Tags & Codes

    The saga of the Missouri governor reflects a failure by the powerful to embrace curiosity—curiosity encouraged by the HTML language he fails to understand.

  • blog.ipfire.org - Feature Spotlight: Weaponising IPFire Location to proactively detect Fast Flux setups

    Thanks to libloc, the free & open source location database, IPFire comes with an accurate, trustworthy database for mapping IP addresses to countries and Autonomous Systems, and vice versa. This allows us to introduce a new feature: Proactive detection of Fast Flux setups, which are commonly used by ne'er-do-wells for hosting questionable and malicious content on compromised machines around the world, switching from one infected PC, IoT device, or router to another within minutes. To the best of our knowledge, this is a unique feature. Contrary to other security mechanisms such as AV scanners, which are often lagging behind, it detects malware, phishing, C&C servers and other nefarious things proactively - before any threat intelligence source in the world even knows about them. Even better, measurements done so far indicate it comes with a near-zero false positive rate in productive environments.1

  • A class of its own, CNCF & Linux Foundation Kubernetes exam [Ed: Adrian Bridgwater publishing spam for Zemlin now over in ComputerWeekly… real journalism is dead. It’s all sponsored.]
  • KubeCon 2021: New Kubernetes Certificate and the future of Kubernetes - Market Research Telecast

    The CNCF, the foundation under the umbrella of the Linux Foundation, which is responsible for the administration of the Kubernetes source code, has the KubeCon North America opened and welcomed visitors again after two years. In autumn 2019, users and developers of Kubernetes and cloud native technologies from their environment met for the last time on site at KubeCon & CloudNativeCon in the USA. The following European edition 2020 at the end of March took place via live streams from living rooms.

  • Citrix has built a browser, and lost a CEO

    According to a regulatory filing, in early October, the company's board appointed Robert M. Calderoni as interim CEO, after David Henshall stepped down from the role.

  • User locked out of Microsoft account by MFA bug, complains of customer-hostile support • The Register [Ed: By Microsoft Tim]

    Konstantin Gizdov, an IT professional, was locked out of his Microsoft account by a bug in the company's Multi-Factor Authentication (MFA), but says support refused to acknowledge the bug or recover his account. Gizdov is founder of KGE Consultancy Ltd in Edinburgh and an Arch Linux Trusted User. His problems began when he received an email informing him that his Microsoft account had been renamed. "I immediately clicked on the 'That was not me' button," he said in a post, after which he managed to contact support.

  • Apple patches 'actively exploited' iPhone zero-day with iOS 15.0.2 update

    If you're using an iPhone, install the iOS 15.0.2 update immediately: Apple has warned that the latest OS upgrade patches an "actively exploited" zero-day. Described as a "memory corruption issue" by Apple, the vuln is present within the IOMobileFrameBuffer kernel extension, used for managing display memory. Malicious applications are said to be capable of triggering an integer overflow in the framebuffer, permitting execution of arbitrary code with kernel privileges. The bug, publicly tracked as CVE-2021-30883, has not yet been published in full although technical descriptions and proofs of concept are already circulating on security-focused areas of the web.

  • Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once [iophk: Windows TCO]

    According to Fortinet’s Global State of Ransomware Report 2021 (PDF), released last week, most organizations report that ransomware is their top most concerning cyber-threat. That’s particularly true for respondents in Latin America, Asia-Pacific and Europe-Middle East-Africa, who report that they’re more likely to be victims than their peers in the U.S. or Canada.

  • Treasury: $590M paid out by victims of ransomware attacks in first half of 2021 [iophk: Windows TCO]

    Just over 450 ransomware payments were reported to FinCEN from the beginning of January through end of June, with the amount of suspicious activity reports increasing by 30 percent from last year. The amount paid by victims also massively increased compared to 2020, when $416 million was paid out over the entire year.

  • Ransomware? No fear, Scott Morrison has a plan. An action plan

    Hence the Ransomware Action Plan. It's just like the numerous other plans which Morrison and his ministers have put forth, meaningless jumbles of words, all aimed at that one Saturday before next May when the election will have to be held.

    When something that should necessarily have some gravitas starts out like this: "The world has never been more interconnected and our reliance on the internet to fuel Australia’s prosperity and maintain our way of life has never been greater", you just know that it's weapons-grade BS.

  • Apple to make 10 million fewer iPhones due to microchip shortage

    Chip suppliers such as Broadcom and Texas Instruments have reportedly told the smartphone maker that they won't be able to deliver as many units as they said they could.

  • New Windows 10 KB5006670 update breaks network printing
  • Short URLs come in handy for cybercrooks

    However, there are downsides too. URL shorteners are often used by online fraudsters to trick users into following a link to compromise their systems, swindle money from their bank accounts or even trick them into mine cryptocurrency without the intervention of the user. Recipients could be clicking a malware link (short links) or be directed to a spoofing page where the victim’s sensitive information could be recorded and later used for stealing sensitive data or money.

New Devices With GNU/Linux

  • Alibaba T-head RVB-ICE dual-core RISC-V SBC supports Android 10, Debian 11 - CNX Software

    The very first RISC-V single board computer with a 3D GPU reveals itself with “Alibaba T-head RVB-ICE” SBC available for pre-order for $399 together with a 7-inch display. The board is based on Alibaba T-Head “ICE” dual-core XuanTie C910 RISC-V processor with a Vivante GC8000UL GPU, and follows the announcement of Android 10 being ported to a RISC-V board earlier this year. Besides the dual-core RISC-V processor clocked at 1.2 GHz, the board is equipped with 4GB LPDDR4, 16GB eMMC flash, and offers Gigabit Ethernet, WiFi and Bluetooth connectivity, as well as a 48-pin GPIO header. But it lacks HDMI output, relying on an LCD interface instead, as well as full-size (Type-A) USB ports with only one micro USB 3.0 OTG port, and a USB-C port for serial console.

  • PCIe adapter adds four USB 3.2 ports to Raspberry Pi CM4 IO board

    Waveshare has introduced a non-standard PCIe adapter that adds four USB 3.2 ports to the Raspberry Pi Compute Module 4 IO carrier board in a way that does not take too much height. It’s non-standard as it can not be inserted directly into a typical computer PCIe slot, and Waveshare recommends a PCIe extension cable to connect it to a motherboard. Having said that It looks much better on the IO board.

  • Raspberry Pi 4, Rockchip RK3399 SBC’s get Arm SystemReady IR certification

    The first hardware platforms getting Arm SystemReady IR certification for IoT Edge applications were announced a few months ago with namely NXP i.MX 8 Mini evaluation kit and Compulab IOT-GATE-IMX8 gateway being able to run off-the-shelf operating system images such as Fedora IoT, OpenSuSE Leap 15.3, and Debian 11 thanks to UEFI firmware.

  • OAK-D Depth Sensing AI Camera Gets Smaller and Lighter

    The OAK-D is an open-source, full-color depth sensing camera with embedded AI capabilities, and there is now a crowdfunding campaign for a newer, lighter version called the OAK-D Lite. The new model does everything the previous one could do, combining machine vision with stereo depth sensing and an ability to run highly complex image processing tasks all on-board, freeing the host from any of the overhead involved. [...] Since the vision processing is all done on-board, even a Raspberry Pi Zero can be used effectively as a host.

  • Single board computer features AMD processors and graphics

    The IB952 offers hardware-based security and high-speed peripheral support.

  • The Pi 400 As A PC Peripheral | Hackaday

    The Raspberry Pi 400 all-in-one computer is a neat little unit that is powerful enough to take on most humdrum computing tasks while doing an excellent job of freeing up valuable desktop space. But what about those moments when both the Pi and a PC are needed on the same desktop? How can the Pi and the bulky PC keyboard share the same space? [Gadgetoid] may have the answer, with a clever bit of software that presents the Pi’s mouse and keyboard as peripherals on its USB-C power port. If your PC has a high-power USB socket that can run the Pi then it can use the small computer’s input devices just as well as the Pi itself can. It’s fair to say that the Pi 400’s keyboard is not it’s strongest point, but we can see some utility in the idea.

  • Simply NUC® Launches Cypress Long-Life Mini PC Powered by Latest AMD® Ryzen™ Embedded Processors

    Offering a variety of operating systems, Cypress can support custom needs on Windows 10, Ubuntu, and Fedora.

  • Simply NUC® Launches Cypress Long-Life Mini PC Powered by Latest AMD® Ryzen™ Embedded Processors

Open Hardware/Modding and Circular Electronics Initiative

  • This wizard-themed book nook diorama features a face detection system, LEDs, and an ePaper display | Arduino Blog

    The fantastical world of wizards and magic is one that can be explored by reading a book, and what better way to represent this than building your very own interactive diorama within a reading corner? Well, that is exactly what Andy of element14 Presents created when he combined a small display, computer vision, and LED lights into a fun bookshelf adornment, which would accompany readers on their journeys. To begin, Andy had to figure out how to get a computer vision system into a space that is no larger than a shoebox, and for this task, he settled on using the Portenta H7 board plus its Vision Shield to gather images and classify them. His attempts to integrate a string of NeoPixels and an ePaper display module with MicroPython were unsuccessful, so this required a switch to only using C with TensorFlow Lite and some custom functions to take the framebuffers from the camera and determine if a face is present.

  • PocketView is an LED display that shows info through clothes and other fabrics | Arduino Blog

    hen receiving a notification on your phone, it can be a tedious process to take the device out of a pocket, unlock the screen, and then read the message. In order to make viewing simple information much faster, University of Waterloo researchers developed a small pocketable display that can shine images and text through fabric. This means seeing the current time or directions can be done far more quickly since all the user has to do is look down. The technology driving this system consists of an Arduino Pro Mini board, an HC-05 Bluetooth module for receiving data from a host phone, an 8×8 RGBW NeoPixel matrix, and a single 420mAh LiPo battery cell for power. All of these components were assembled into a single unit and placed within a 3D-printed enclosure that can easily fit into the user’s pocket.

  • Ecodesign Directive: FSFE calls for Device Neutrality and Upcycling of Software

    As contribution to the revisal of the EU ecodesign directive and to help understand the impact of software obsolescence, the FSFE publishes a study on the sustainability of software. The findings of the study culminate in five core demands for a more sustainable digitisation, covering the interplay of devices, software, and infrastructure. In the European Union we currently see a strong desire to make digitisation more sustainable with the European Commission aiming at making products more resource-efficient as well as circular economy methods applicable. The ecodesign directive from 2009 shall be updated in this regard with the "Sustainable Products Initiative" (SPI) that aims "to make products placed on the EU market more sustainable". The SPI will then serve as the main European product policy instrument, in the electronic sector additionally complemented by the "Circular Electronics Initiative" (CEI).

  • Sousaphone sound-reactive lights

    It is just a Teensy 4.0 I had lying around, together with an audio board, a basic lav mic, and a spare 74XX245 from my grab bag held together with hot glue and proto wire. It drives a cheapo 300 LED RGB strip that is VHB’d to the bell. I think the LEDs will only last a few more transport sessions, but with any luck I’ll make a slightly more polished revision with better longevity in the not too distant future.