|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All)
(Two Column)
- [$] Testing AI-enhanced reviews for Linux patches
Code review is in high demand, and short supply, for most open-source projects.Reviewer time is precious, so any tool that can lighten the load is worth exploring.That is why Jesse Brandeburg and Kamel Ayari decided to test whethertools like ChatGPT could review patches to provide quick feedback tocontributors about common problems. In atalk at the Netdev 0x18 conference this July, Brandeburg provided an overview of anexperiment using machine learning to review emails containing patchessent to the netdevmailing list. Large-language models (LLMs) will not be replacing human reviewers anytimesoon, but they may be a useful addition to help humans focus on deeperreviews instead of simple rule violations.
- NGINX has moved to Github
The NGINX team has announcedthat official NGINX open-source development has moved away fromMercurial to GitHub, andthe project will now be taking contributionsin the form of pull requests:
Additionally, starting today, we will begin accepting bugs reports,feature requests and enhancements directly through GitHub, under the"Issues" tab. Moreover, we've moved our community forums to the GitHub"Discussions" area, where you will now be ableto engage in conversation, ask, and answer questions.
[...] We understand that changes like these may require adjustment,so to give you more time, we will continue accepting patches andprovide community support via mailing lists until December 31st, 2024.
- Man pages maintenance suspended
Alejandro Colomar, who has been maintaining the Linux man pages for thelast four years, has announcedthat he will have to stop that work.
I've been doing it in my free time, and no company has sponsored that work at all. At the moment, I cannot sustain this work economically any more, and will temporarily and indefinitely stop working on this project. If any company has interests in the future of the project, I'd welcome an offer to sponsor my work here; if so, please let me know.
- The realtime preemption end game — for real this time
Work on realtime preemption for the Linux kernel got its start almost exactly 20 years ago(though it had its roots in earlier work, of course). It is fair to saythat finishing that job has taken a bit longer than anybody involved wouldhave expected. Now, though, Sebastian Andrzej Siewior has posted a briefpatch series making it possible to enable realtime preemption in themainline kernel on three architectures.
With the printk bits merged, PREEMPT_RT could be enabled on X86, ARM64 and Risc-V. These three architectures merged required changes over the years leaving me in a position where I have no essential changes in the queue that would affect them.
Congratulations are due to the many developers who have worked on thisproject for the last two decades.
- Security updates for Friday
Security updates have been issued by AlmaLinux (bubblewrap, flatpak), Debian (libxml2), Fedora (lua-mpack, mingw-python3, python-django, python-django4.2, python3.11, python3.13, and python3.9), Oracle (bubblewrap, flatpak), Red Hat (fence-agents, python-urllib3, resource-agents, and wget), Slackware (expat and mozilla), SUSE (buildah, chromium, firefox, gradle, java-1_8_0-ibm, kubernetes1.26, postgresql16, python-Django, python312-pip, and systemd), and Ubuntu (python-aiohttp).
- Rust 1.81.0 released
Version1.81.0 of the Rust language has been released. Changes include thestabilization of the Error trait in core, some new sortalgorithms, some linting improvements, and more.
- [$] Application monitoring with OpenSnitch
OpenSnitch is an"interactive application firewall". Like other firewalls, it uses aseries of rules to decide what network traffic should be permitted. Unlikemany other firewalls, though, OpenSnitch does not ask the user to create a list of rulesahead of time. Instead, the list of rules can be built upincrementally as applications make connections — and the user can peruse boththe rules that have built up over time, and statistics on the connections thathave been attempted.
- Samba 4.21.0 released
Version 4.21.0 of the Samba Windows interoperability suite has beenreleased. Changes include some authentication hardening, a number of LDAPimprovements, per-user and per-group veto and hide files, group-managedservice accounts, and quite a bit more.
- Security updates for Thursday
Security updates have been issued by AlmaLinux (bubblewrap and flatpak, containernetworking-plugins, fence-agents, ghostscript, krb5, orc, podman, python3.11, python3.9, resource-agents, runc, and wget), Debian (chromium, cinder, glance, gnutls28, nova, nsis, python-oslo.utils, ruby-sinatra, and setuptools), Fedora (kernel), Oracle (bubblewrap and flatpak, buildah, containernetworking-plugins, fence-agents, ghostscript, gvisor-tap-vsock, kernel, krb5, libndp, nodejs:18, orc, podman, postgresql, python-urllib3, python3.11, python3.12, python3.9, runc, skopeo, and wget), SUSE (hdf5, netcdf, trilinos), and Ubuntu (firefox, imagemagick, ironic, openssl, python-django, vim, and znc).
- How Should the FOSS Movement Respond to Proprietary Software?
Long-time FOSS-watcher Bruce Byfield writes that while people "still dream of a completely free alternative, increasingly the emphasis in FOSS seems to be on accepting coexistence with proprietary software."Many, too, have always preferred the permissive BSD licenses, which permits combining FOSS and proprietary software. From some perspectives, Debian's newest [non-free firmware] repository or Nobara's popularity [a Fedora-based distro but with proprietary drivers and gaming applications] is simply an admission of the true state of affairs... On the other hand, the FOSS philosophy may be weakened because it no longer has a strong advocate. Sixteen years ago, the FSF reached a peak of authority in the discussions of 2006-2007 about the structure of GPLv3 — then immediately lost that authority by not reaching a consensus. That was followed by the cancellation of Richard Stallman in 2017, which, deserved or not, had the side effect of silencing free software's most influential representative. Today the FSF that Stallman led continues to function, with Stallman returned to the board of directors, but its actions go unreported, and it seems to speak to a much smaller group of loyalists. The Linux Foundation, with its corporate emphasis, is not an adequate substitution. In these circumstances, there is reason to wonder whether FOSS has lost its way. While the issue has yet to reach the mainstream, Bruce Perens, one of the coiners of the term "open source" in 1998, is already trying to describe what he calls the Post-Open Source era. Not only does Perens believe that FOSS licenses no longer fulfill their original purpose, but they no longer inform or benefit the average user. According to Perens, "Open Source has completely failed to serve the common person. For the most part, if they use us at all they do so through a proprietary software company's systems, like Apple iOS or Google Android, both of which use Open Source for infrastructure but the apps are mostly proprietary. The common person doesn't know about Open Source, they don't know about the freedoms we promote which are increasingly in their interest. Indeed, Open Source is used today to surveil and even oppress them." As a remedy, Perens proposes that licenses should be replaced by contracts. He envisions that companies pay for the benefits they receive from using FOSS. Compliance for each contract would be checked, renewed, and paid for yearly, and the payments would go towards funding FOSS development. Individuals and nonprofits would continue to use FOSS for free. In March 2024, Perens posted a draft Post-Open license. The draft includes a description of the contract-related files to be shipped with FOSS software, a description of the status of derivative works, how revenue is collected, and conditions of termination. The draft has yet to be reviewed by a lawyer, but what is immediately noticeable is how it draws on both contract language and FOSS licenses to produce something different. Byfield concludes that "free licenses are straining to respond to loopholes, and a discussion needs to be had about whether they are adequate to modern pressures."
Read more of this story at Slashdot.
- New York Times Calls Telegram 'A Playground for Criminals, Extremists and Terrorists'
The New York Times analyzed over 3.2 million Telegram messages from 16,220 channels. Their conclusion? Telegram "offers features that enable criminals, terrorists and grifters to organize at scale and to sidestep scrutiny from the authorities" — and that Telegram "has looked the other way as illegal and extremist activities have flourished openly on the app." Or, more succinctly: "Telegram has become a global sewer of criminal activity, disinformation, child sexual abuse material, terrorism and racist incitement, according to a four-month investigation."Look deeper, and a dark underbelly emerges. Uncut lumps of cocaine and shards of crystal meth are for sale on the app. Handguns and stolen checks are widely available. White nationalists use the platform to coordinate fight clubs and plan rallies. Hamas broadcast its Oct. 7 attack on Israel on the site... The Times investigation found 1,500 channels operated by white supremacists who coordinate activities among almost 1 million people around the world. At least two dozen channels sold weapons. In at least 22 channels with more than 70,000 followers, MDMA, cocaine, heroin and other drugs were advertised for delivery to more than 20 countries. Hamas, the Islamic State and other militant groups have thrived on Telegram, often amassing large audiences across dozens of channels. The Times analyzed more than 40 channels associated with Hamas, which showed that average viewership surged up to 10 times after the Oct. 7 attacks, garnering more than 400 million views in October. Telegram is "the most popular place for ill-intentioned, violent actors to congregate," said Rebecca Weiner, the deputy commissioner for intelligence and counterterrorism at the New York Police Department. "If you're a bad guy, that's where you will land...." [Telegram] steadfastly ignores most requests for assistance from law enforcement agencies. An email inbox used for inquiries from government agencies is rarely checked, former employees said... "It is easy to search and find channels selling guns, illicit narcotics, prescription drugs and fraudulent ATM cards, called clone cards..." according to the article. The Times "found at least 50 channels openly selling contraband, including guns, drugs and fraudulent debit cards."In December 2022, Hayden Espinosa began serving a 33-month sentence in federal prison in Louisiana for buying and selling illegal firearms and weapon parts he made with 3D printers. That did not stop his business. Using cellphones that had been smuggled into prison, Espinosa continued his illicit trade on a Telegram channel... Espinosa's gun market on Telegram might never have been uncovered except that one of its members was Payton Gendron, who massacred 10 people at a supermarket in Buffalo, New York, in 2022. Investigators scouring his life online for motives for the shooting discovered the channel, which also featured racist and extremist views he had shared. "Operating like a stateless organization, Telegram has long behaved as if it were above the law," the article concludes — though it adds that "In many democratic countries, patience with the app is wearing thin. "The European Union is exploring new oversight of Telegram under the Digital Services Act, a law that forces large online platforms to police their services more aggressively, two people familiar with the plans said."
Read more of this story at Slashdot.
- 1,000 Autonomous AI Agents Collaborating? Altera Simulates It In Minecraft
Altera AI's home page says their mission is "to create digital human beings that live, care, and grow with us," adding that their company builds machines "with fundamental human qualities, starting with friends that can play video games with you." And while their agents can function in many different games and apps, Altera used Minecraft to launch "the first-ever simulation of over 1,000 collaborating autonomous AI agents," reports ReadWrite, "working together in a Minecraft world, all of which can operate for hours or days without intervention from humans."The agents have already started to develop their own economy, culture, religion, and government, with the AI already working on establishing its own systems. The CEO Robert Yang took to X to share the news and introduce Project Sid... So far, the agents have already formed a merchant hub, have voted in a democracy, spread religions, and collected five times more distinct items than before... "Though starting in games, we're solving the deepest issues facing agents: coherence, multi-agent collaboration, and long-term progression," said the CEO. According to the video, the most active trader in their simulation was the priest — because he was bribing the other townsfolk to convert to his religion. (Which apparently involved the Flying Spaghetti Monster...) "We run these worlds every day, and they're always different," the video's narrator says, while pointing out that their agents had collected 32% of all the items in Minecraft — five times more than anything ever reported for an individual agent. "Sid starts in Minecraft, but we are already going beyond," CEO Yang says in the video, calling it "the first-ever agent civilization."
Read more of this story at Slashdot.
- Signal is More Than Encrypted Messaging. It Wants to Prove Surveillance Capitalism Is Wrong
Slashdot reader echo123 shared a new article from Wired titled "Signal Is More Than Encrypted Messaging. Under Meredith Whittaker, It's Out to Prove Surveillance Capitalism Wrong." ("On its 10th anniversary, Signal's president wants to remind you that the world's most secure communications platform is a nonprofit. It's free. It doesn't track you or serve you ads. It pays its engineers very well. And it's a go-to app for hundreds of millions of people.")Ten years ago, WIRED published a news story about how two little-known, slightly ramshackle encryption apps called RedPhone and TextSecure were merging to form something called Signal. Since that July in 2014, Signal has transformed from a cypherpunk curiosity — created by an anarchist coder, run by a scrappy team working in a single room in San Francisco, spread word-of-mouth by hackers competing for paranoia points — into a full-blown, mainstream, encrypted communications phenomenon... Billions more use Signal's encryption protocols integrated into platforms like WhatsApp... But Signal is, in many ways, the exact opposite of the Silicon Valley model. It's a nonprofit funded by donations. It has never taken investment, makes its product available for free, has no advertisements, and collects virtually no information on its users — while competing with tech giants and winning... Signal stands as a counterfactual: evidence that venture capitalism and surveillance capitalism — hell, capitalism, period — are not the only paths forward for the future of technology. Over its past decade, no leader of Signal has embodied that iconoclasm as visibly as Meredith Whittaker. Signal's president since 2022 is one of the world's most prominent tech critics: When she worked at Google, she led walkouts to protest its discriminatory practices and spoke out against its military contracts. She cofounded the AI Now Institute to address ethical implications of artificial intelligence and has become a leading voice for the notion that AI and surveillance are inherently intertwined. Since she took on the presidency at the Signal Foundation, she has come to see her central task as working to find a long-term taproot of funding to keep Signal alive for decades to come — with zero compromises or corporate entanglements — so it can serve as a model for an entirely new kind of tech ecosystem... Meredith Whittaker: "The Signal model is going to keep growing, and thriving and providing, if we're successful. We're already seeing Proton [a startup that offers end-to-end encrypted email, calendars, note-taking apps, and the like] becoming a nonprofit. It's the paradigm shift that's going to involve a lot of different forces pointing in a similar direction." Key quotes from the interview:"Given that governments in the U.S. and elsewhere have not always been uncritical of encryption, a future where we have jurisdictional flexibility is something we're looking at." "It's not by accident that WhatsApp and Apple are spending billions of dollars defining themselves as private. Because privacy is incredibly valuable. And who's the gold standard for privacy? It's Signal.""We also see growth in response to things like what we call a Big Tech Fuckup, like when WhatsApp changed its terms of service. We saw a boost in desktop after Zoom announced that they were going to scan everyone's calls for AI. And we anticipate more of those.""AI is a product of the mass surveillance business model in its current form. It is not a separate technological phenomenon.""...alternative models have not received the capital they need, the support they need. And they've been swimming upstream against a business model that opposes their success. It's not for lack of ideas or possibilities. It's that we actually have to start taking seriously the shifts that are going to be required to do this thing — to build tech that rejects surveillance and centralized control — whose necessity is now obvious to everyone."
Read more of this story at Slashdot.
- GitHub Actions Typosquatting: a High-Impact Supply Chain Attack-in-Waiting?
GitHub Actions let developers "automate software builds and tests," writes CSO Online, "by setting up workflows that trigger when specific events are detected, such as when new code is committed to the repository." They also "can be reused and shared with others on the GitHub Marketplace, which currently lists thousands of public Actions that developers can use instead of coding their own. Actions can also be included as dependencies inside other Actions, creating an ecosystem similar to other open-source component registries."Researchers from Orca Security recently investigated the impact typosquatting can have in the GitHub Actions ecosystem by registering 14 GitHub organizations with names that are misspellings of popular Actions owners — for example, circelci instead of circleci, actons instead of actions, google-github-actons instead of google-github-actions... One might think that developers making typos is not very common, but given the scale of GitHub — over 100 million developers with over 420 million repositories — even a statistically rare occurrence can mean thousands of potential victims. For example, the researchers found 194 workflow files calling the "action" organization instead of "actions"; moreover, 12 public repositories started referencing the researchers' fake "actons" organization within two months of setting it up. "Although the number may not seem that high, these are only the public repositories we can search for and there could be multiple more private ones, with numbers increasing over time," the researchers wrote... Ultimately this is a low-cost high-impact attack. Having the ability to execute malicious actions against someone else's code is very powerful and can result in software supply chain attacks, with organizations and users that then consume the backdoored code being impacted as well... Out of the 14 typosquatted organizations that Orca set up for their proof-of-concept, GitHub only suspended one over a three-month period — circelci — and that's likely because someone reported it. CircleCI is one of the most popular CI/CD platforms. Thanks to Slashdot reader snydeq for sharing the article.
Read more of this story at Slashdot.
- Telegram CEO Durov Fathered Over 100 Kids as an Anonymous Sperm Donor
An anonymous reader shared this report from USA Today:He's the founder of Telegram. He was arrested in France. He also claims to have fathered at least 100 children... The 39-year-old Russian-born billionaire often keeps his personal life out of the spotlight. Something he has shared, however, is that, despite never marrying and preferring to live alone, he's fathered at least 100 children through anonymous sperm donation... Durov noted he plans to "open-source" his DNA so his biological children can find each other more easily. "I also want to help destigmatize the whole notion of sperm donation and incentivize more healthy men to do it, so that families struggling to have kids can enjoy more options," he wrote. "Defy convention — redefine the norm...!" "Sperm donation has allowed many people to have families who otherwise wouldn't be able to," the article points out. But it also adds that the anonymous practice "has drawn several detractors, including from those who've been conceived through it." These people have shared with USA TODAY the mental turmoil of learning they have, in some cases, hundreds of half-siblings... One of the main criticisms of the practice is that the anonymity of the donor makes it difficult or impossible for donor-conceived people to learn about their health and treat genetically inherited medical issues. Even when donor-conceived people have their donor's identity and contact information, there's still no guarantee they'll respond or tell the truth. Also, most sperm banks in the United States aren't legally required to keep records of siblings or cap the number of families that can use a specific donor. As a result, donor-conceived people with many siblings often live in fear of accidentally having children with one of their half-siblings, or even having children with their own father if they were to pursue donor insemination.
Read more of this story at Slashdot.
- ESA Prints 3D Metal Shape In Space For First Time
The European Space Agency (ESA) has successfully 3D printed the first metal part aboard the International Space Station. This achievement marks a significant advancement in in-orbit manufacturing that could enable the production of essential spare parts and tools for future long-duration space missions. "The first metal shape was produced in August, and three more are planned as part of the experiment," notes The Register. "All four will eventually be returned to Earth for analysis -- two to ESA's technical center, ESTEC, in the Netherlands, one to the agency's astronaut training center in Cologne, and the last sample to the Technical University of Denmark." From the report: During a panel discussion following the UK premiere of Fortitude, a film about the emerging commercial space industry, Advenit Makaya, Advanced Manufacturing Engineer at ESA, remarked on the potential for recycling space debris in the process rather than having to rely on raw materials launched to the ISS. Rob Postema, ESA Project Manager for Metal 3D, told The Register that the agency was indeed looking at "circular" solutions in its drive for greater sustainability. However, don't hold your breath for putting bits of space garbage into one end and getting shiny metal parts out of the other: "A timeline is difficult to indicate, some early results are achieved with ground activities, ready to evaluate solutions in space." The printer is overseen from the ground and operated for around four hours per day. The ground team has to check each layer via images and a scan of the surface area; printing a sample can take 10-25 days. However, Postema said: "Through automated control of the printing process as well as continuous operations, this can be substantially reduced." Knick-knacks from orbits are all well and good, but could something more substantial be produced? Yes, although not with this demonstrator, which can print to the outer dimensions of a soft drink can. Postema noted that while the demonstrator could manage smaller parts, either as a single unit or as part of larger structures, "there are definitely opportunities to create 3D shapes and parts with this technology larger than what we have done with this Technology Demonstrator."
Read more of this story at Slashdot.
- Starlink Now Constitutes Roughly Two Thirds of All Active Satellites
"SpaceX deployed its 7,000th Starlink satellite this week, making the vast majority of active satellites around earth part of a single megaconstellation," writes Slashdot reader DogFoodBuss. "The Starlink communications system is now orders of magnitude larger than its nearest competitor, offering unprecedented access to low-latency broadband from anywhere on the planet." According to the latest data from satellite tracker CelesTrak, SpaceX now controls over 62% of all operational satellites. The Independent reports: The latest data from non-profit satellite tracker CelesTrak shows that SpaceX has 6,370 active Starlink satellites in low-Earth orbit, with several hundred more inactive or deorbited. The figure, which has risen more than six-fold in just three years, represents just over 62 per cent of all operational satellites, and is roughly 10-times the number of Starlink's closest rival, UK-based startup OneWeb. SpaceX plans to launch up to 42,000 satellites to complete the Starlink constellation, capable of delivering high-speed internet and phone connectivity to any corner of the globe. Starlink currently operates in 102 countries and has more than three million customers paying a monthly fee to access the network through a $300 ground-based dish. The company expects to launch its service in dozens more countries, with only Afghanistan, China, Iran, North Korea, Russia and Syria not on the current waitlist due to internet restrictions or trade embargos. "Starlink now constitutes roughly 2/3 of all active Earth satellites," SpaceX CEO Elon Musk said on X following the latest SpaceX launch.
Read more of this story at Slashdot.
- Boeing's Starliner Makes 'Picture Perfect' Landing - Without Its Crew
Boeing's "beleaguered" Starliner spacecraft "successfully landed in New Mexico just after midnight Eastern time," reports NPR:After Starliner made a picture-perfect landing, Stich told reporters that the spacecraft did well during its return flight. "It was a bullseye landing," he said. "It's really great to get the spacecraft back...." He said while he and others on the team felt happy about the successful landing, "there's a piece of us, all of us, that we wish it would've been the way we had planned it" with astronauts on board when it landed... Now that Starliner is back on the ground, Boeing and NASA will further analyze the thrusters to see if modifying the spacecraft or how it's flown could keep the thrusters from overheating in the future. Futurism explains why NASA wanted an uncrewed Starliner flight:While attempting to duplicate the issue at NASA's White Sands Test Facility in New Mexico, engineers eventually found what appeared to be the smoking gun, as SpaceNews' Jeff Foust details in a detailed new breakdown of the timeline. A Teflon seal in a valve known as a "poppet" expanded as it was being heated by the nearby thrusters, significantly constraining the flow of the oxidizer — a disturbing finding, because it greatly degraded the thrusters' performance. Worse, without being able to perfectly replicate and analyze the issue in the near vacuum of space, engineers weren't entirely sure how the issue was actually playing out in orbit... While engineers found that the thrusters had returned to a more regular shape after being fired in space, they were worried that similar deformations might take place during prolonged de-orbit firings. A lot was on the line. Without perfect control over the thrusters, NASA became worried that the spacecraft could careen out of control. "For me, one of the really important factors is that we just don't know how much we can use the thrusters on the way back home before we encounter a problem," NASA associate administrator for space operations Ken Bowersox said, as quoted by SpaceNews. Now CBS News reports that "the road ahead is far from clear" for Starliner:The service module was jettisoned as planned before re-entry, burning up in the atmosphere, and engineers will not be able to examine the hardware to pin down exactly what caused the helium leaks and degraded thruster performance during the ship's rendezvous with the station. Instead, they will face more data analysis, tests and potential redesigns expected to delay the next flight, with or without astronauts aboard, to late next year at the earliest. "Even though it was necessary to return the spacecraft uncrewed, NASA and Boeing learned an incredible amount about Starliner in the most extreme environment possible," Ken Bowersox, space operations director at NASA Headquarters, said in a statement. "NASA looks forward to our continued work with the Boeing team to proceed toward certification of Starliner for crew rotation missions to the space station," Bowersox added. In any case, the successful landing was a shot in the arm for Boeing engineers and managers, who insisted the Starliner could have safely brought Wilmore and Williams back to Earth. Steve Stich, manager of NASA's commercial crew program, agreed that if the crew had been on board "it would have been a safe, successful landing." Two details about the astronauts now waiting for their February return flight from the International Space Station. NPR reports that "in case the space station suffers an emergency that forces an evacuation before that capsule arrives, the station's crew had to jerry-rig two extra seats in a different SpaceX spacecraft that's currently docked there." Space.com reports that when the uncrewed Starliner returned, "Among the gear that it carried home were the 'Boeing Blue' spacesuits that Williams and Wilmore wore aboard the capsule. The astronauts have no need for them now. "The suits are not compatible," Steve Stich, manager of NASA's Commercial Crew Program, said during a press conference on Wednesday (Sept. 4). "So the Starliner suits would not work in Dragon, and vice versa."
Read more of this story at Slashdot.
- Malaysia Orders ISPs To Reroute DNS Traffic
The Malaysian Communications and Multimedia Commission, which regulates online and broadcast media in the Asian nation, has instructed internet service providers in the country to redirect DNS traffic that uses third-party servers back to their own DNS servers, according to local media reports. From a report: MCMC in a statement tonight said this is to ensure that users continue to benefit from the protection provided by the local ISP's DNS servers and that malicious sites are inaccessible to Malaysians. As a commitment to protecting the safety of Internet users, MCMC has blocked a total of 24,277 websites between between 2018 to Aug 1, classified into various categories, which are online gambling (39 per cent), pornography/obscene content (31 per cent), copyright infringement (14 per cent), other harmful sites (12 per cent), prostitution (two per cent) and unlawful investments/scams (two per cent). Further reading: MCMC orders DNS redirection for businesses, govts, enterprises by Sept 30, according to Maxis FAQ.
Read more of this story at Slashdot.
- Boeing's Calamity Capsule returns to Earth without a crew
What now for these pod people?
Boeing's Calamity Capsule has returned to Earth, bringing to an end a test mission that did not go entirely according to plan. Not least because the Starliner's crew had to stay behind aboard the International Space Station.…
- FTC urged to stop tech makers downgrading devices after you've bought them
Some brick devices they'd rather not support, kill apps that drive functions, or add post-sale subscriptions
Consumer and digital rights activists are calling on the US Federal Trade Commission to stop device-makers using software to reduce product functionality, bricking unloved kit, or adding surprise fees post-purchase.…
- Google says replacing C/C++ in firmware with Rust is easy
Not so much when trying to convert coding veterans
Google recently rewrote the firmware for protected virtual machines in its Android Virtualization Framework using the Rust programming language and wants you to do the same, assuming you deal with firmware.…
- Trump taps Musk to lead 'government efficiency' task force
Surely this duty will be executed without bias toward NHTSA, FAA, DOJ, NLRB
If Republican presidential candidate Donald Trump wins the election in November, he plans to create a "government efficiency commission" based on ideas from Tesla, SpaceX, and X CEO Elon Musk, who will also lead the body.…
- Cisco merch shoppers stung in Magecart attack
The 'security issue' was caused by a 9.8-rated Magento flaw Adobe patched back in June
Bad news for anyone who purchased a Cisco hoodie earlier this month: Suspected Russia-based attackers injected data-stealing JavaScript into the networking giant's online store selling Cisco-branded merch.…
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]
- Things Linux OS Can Do That Other OS Can�t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter [0]
- Keyhole: a highly effective Windows DRM bypass also present on the Xbox One
The MAS project, a group of people working on an open source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, discovered quite a neat and interesting bug in the code responsible for licensing in Windows. In our ongoing work to bypass Windows licensing checks, we occasionally stumble upon bugs that we choose to keep secret. This decision allows us to preserve potential future activation methods by avoiding bug fixes, while also giving us valuable tools for testing or developing new methods. One such discovery, which we�ve named Keyhole!, turned out to be a highly effective DRM bypass. It gave users the ability to license any Microsoft Store app or any modern Windows edition with ease. ↫ The MAS project There were quite a number of roadblocks to overcome here, such as Microsoft�s code obfuscation tool, called Warbird, which was already done by someone else, after which they could really start digging into the code responsible for handling Microsoft Store and Windows licenses. They then discovered that circumventing the license blocks that hold the actual license information was dead simple � every license block is followed by a signature block covering all the data that comes before it. It turns out that messing with the licensing system was as simple as0 Adding data after that signature block. That was it. As it turns out, data after the signature block isnt checked at all0 and it can even override data that came before it. Whenever two blocks of the same type are stored together, the last one overrides all the others before it. So, if we want to change any license data, we can just make a block for it and put it after the signature block! This method lets us make licenses for anything sold on the Microsoft Store, including Windows, from any other Microsoft Store license. And since there are so many free apps with licenses, we now had the ability to make as many as we wanted for whatever we wanted. This bug essentially punched a hole straight through CLiP�s DRM, so we decided to name it Keyhole!. ↫ The MAS project This opened up a massive hole in Microsoft�s licensing tools and DRM, and allowed the MAS project to pretty much do whatever they wanted. They could even do things that used to be impossible, such as activating Enterprise LTSC with a digital license, or even activating a legitimate KMS server with a generic key!. Sadly, the fun didn�t last long, as right around the same time, Cisco TALOS discovered this same bug, reported it to Microsoft, who then proceeded to fix it. the MAS project also discovered something else incredibly interesting, something which further highlights the seemingly terrible lack of quality assurance and code quality inside Microsoft. They noted that the kernel driver responsible for licensing looked incredibly shoddy, full of what they call odd choices and compromises!. In fact, they soon realised that they had seen this code before: it was a straight-up copy/paste job from the licensing DRM found on the Xbox One. And there�s the same bug that�s in CLiP, but in Xbox code. In fact, we weren�t too surprised to find this, as we found that almost all of CLiP, from the XML format of the licenses to the TLV-based license blocks, is copy-pasted straight from the Xbox One�s DRM system. ↫ The MAS project Code reuse obviously makes sense in some situations, but the fact Microsoft even copy/pasted entire sections of code from the Xbox One straight into the Windows kernel as a kernel driver seems rather irresponsible. Shouldn�t code added to the Windows kernel and installed on billions of devices be vetted a little better than this?
- Xmem and FVWM
So given that, xmem can be useful as a monitoring tool. Fluffy (my main server) runs both squid and apache, and given that fluffy only has 64MB of RAM, things can get a little cramped. If I suddenly see that the whole of xmem turns blue (i.e. the swap file’s thrashing), then I know that something is odd, and I can easily find out which processes are eating up so much RAM. I said earlier that xmem can brighten up one’s desktop. Indeed, as I use`FVWM`in a rather archaic fashion, it seems fitting I should like xmem. 🙂 Here’s a full screenshot showing xmem (plus other applications) in action. ↫ Thomas Adam This is basically just an excuse to show off this awesome FVWM desktop shown off in this short little article about xmem, written by one of FVWM�s core developers. It just looks neat.
- Windows App SDK 1.6 released
We are proud to announce that version 1.6 of the Windows App SDK is now available! Whether you’re looking for the incredible performance boost and footprint reduction of Native AOT support, enhancements for deploying your package, or quality of life improvements for controls like PipsPager and RatingControl, WinAppSDK 1.6 offers a raft of new features, performance boosts`and structural changes that enable you to make your native Windows apps better than ever before.` The Windows App SDK provides`a rich set of APIs and tools to help you build beautiful and fast Windows desktop apps, including any C++ Win32 or C# .NET app. You can harness the modern controls and polish of WinUI 3, which ships as part of the WinAppSDK, or if you have an existing app that uses Win32 such as WPF, you can take advantage of only the parts of the SDK that you need. The WinAppSDK also stays up to date with frequent and OS-independent releases so your app can always access the latest innovations. ↫ Duncan MacMichael at the Windows Blogs There�s actually quite a few nice and welcome updates in version 1.6, most prominently the aforementioned Native AOT. This stands for native Ahead-Of-Time (AOT) compilation, and, as the name suggests, compiles your application ahead of time for the architecture it�s going to run on. This reduces the size of the application package and greatly improves the startup time. Another welcome improvement is that the embedded Edge WebView2 SDK is no longer hard-coded, but a NuGet reference, so developers can choose to use any version of the webview they want, preferably the newest version. There�s a lot more in here, so if you�re a Windows developer trying to use the latest set of tools from Microsoft � this one�s for you.
- A Windows Control Panel retrospective amidst a concerning UX shift
Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now`officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all. Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer? ↫ Maya Posch I like the Windows Control Panel, and approaches like it. They�re easy to use, they allow you to have multiple settings panels open at the same time, they can be easily extended by third parties � for better or worse � and they make it easy to find things with colourful, recognisable icons. The current Windows Settings application is a massive regression, as is the change from macOS� iconic and incredibly user-friendly System Preferences to the new System Settings application. KDE also moved to a sidebar design I�m not a fan of, and GNOME has had a similar unpleasant, monochrome sidebar, too. It�s not big enough of an issue to make a huge deal out of, and the KDE sidebar settings application is at least marginally usable, but I really do wish someone would have the guts to undo this general trend, because it�s getting harder and harder to find the settings I want at a glance, and not allowing you to open multiple settings panels at the same time is a huge loss. And a small note: this article uses the Windows 3.x Control Panel as its starting point, but both Windows 1.x and 2.x had a Control Panel as well. It�s an old concept, for sure.
- The Internet Archive just lost its appeal over ebook lending
The Internet Archive has lost its appeal in a fight to lend out scanned ebooks without the approval of publishers. In a`decision on Wednesday, the Second Circuit Court of Appeals ruled that permitting the Internet Archive’s digital library would “allow for widescale copying that deprives creators of compensation and diminishes the incentive to produce new works.” The decision is another blow to the nonprofit in the`Hachette v. Internet Archive`case. In 2020, four major publishers — Hachette, Penguin Random House, Wiley, and HarperCollins —`sued the Internet Archive`over claims its digital library constitutes “willful digital piracy on an industrial scale.” ↫ Emma Roth If you�re a library and scan books and offer a lending service, you�re committing willful digital piracy on an industrial scale!. If you scan the entire goddamn internet without any regard for licensing or copyright and regurgitate chunks of it on command, you�re a visionary, a revolutionary, a genius. Make it make sense.
- Porting systemd to musl libc-powered Linux
A. Wilcox, the original creator of Adélie Linux, has ported systemd to musl, the glibc alternative. I have completed an initial new port of systemd to musl. This patch set does not share much in common with the existing OpenEmbedded patchset. I wanted to make a fully updated patch series targeting more current releases of systemd and musl, taking advantage of the latest features and updates in both. I also took a focus on writing patches that could be sent for consideration of inclusion upstream. The final result is a system that appears to be surprisingly reliable considering the newness of the port, and very fast to boot. ↫ A. Wilcox I absolutely adore Adélie Linux as a project, even if I don�t run it myself, since they have a very practical approach to software. Systemd is popular for a reason � it�s fast and capable � and it only makes sense for Adélie to offer it as a potential option, even when using musl. Choice is a core value of the open source and Linux world, and that includes the choice to use systemd, even for a distribution that has traditionally used something else. The port is already quite capable, and Wilcox managed to replace OpenRC on her system with systemd in-place, and it booted up just fine, and it also happened to boot in about a third of the time OpenRC did. It�s not ready for prime time yet, though, and most services are not yet packaged for systemd, an effort for which Adélie Linux intends to rely on upstream and cooperation with systemd experts from Gentoo and Fedora. They�re also working together with systemd, musl, and others to make any switching a user might want to do as easy as possible. A beta or anything like that is still a ways off, but it�s an impressive amount of progress already.
- Android 15 is released to AOSP
Today we�re releasing Android 15 and making the source code available at the`Android Open Source Project`(AOSP). Android 15 will be available on supported Pixel devices in the coming weeks, as well as on select devices from Samsung, Honor, iQOO, Lenovo, Motorola, Nothing, OnePlus, Oppo, realme, Sharp, Sony, Tecno, vivo, and Xiaomi in the coming months. We�re proud to continue our work in open source through the AOSP. Open source allows anyone to build upon and contribute to Android, resulting in devices that are more diverse and innovative. You can leverage your app development skills in`Android Studio`with`Jetpack Compose`to create applications that thrive across the entire ecosystem. You can even`examine the source code`for a deeper understanding of how Android works. ↫ Matthew McCullough at the Android Developers blog While it�s great that we�re still getting open source Android releases, the reality of it is that Google has eroded so much away from the Android Open Source Project that AOSP has become effectively useless. Back in the olden days, AOSP was a complete mobile operating system, but those days are long behind us. Google has moved so much from AOSP over to proprietary frameworks, applications, and cloud services that running that it�s no longer a complete package, which is a huge shame. Still, AOSP plays an important role for the custom ROM community and the various companies and communities making privacy-first, de-Googled Android versions, and for that reason alone it�s good that it still exists, even in its gutted state. Android 15�s AOSP release will surely find its way to LineageOS, /e/OS, GrapheneOS, and the countless other alternatives to butchered Android OEM versions and people seeking a more private smartphone experience. As for when Android 15 will hit Pixels � that�s going to be a few weeks from now, later than usual after the source release.
- Programming the Convergent WorkSlate�s spreadsheet microcassette future
That�s the 1983 Convergent WorkSlate, a one-of-a-kind handheld system from some misty alternate history where VisiCalc ruled the earth. Indeed, even the software! packages Convergent shipped for it — on microcassette, which could store voice memos and data — were nothing more than cells and formulas in a worksheet. The built-in modem let you exchange data with other Workslates (or even speak over the phone to their users), and it came with a calculator desk accessory and a rudimentary terminal program, but apart from those creature comforts its built-in spreadsheet was the sole centre of your universe. And, unlike IAI and the`Canon Cat, I�ve yet to find any backdoor (secret or otherwise) to enable anything else. That means anything`you`want to program has to be somehow encoded in a spreadsheet too. Unfortunately, when it comes to actually programming the device it turns out the worst thing a spreadsheet on an 8-bit CPU can be is Turing-complete (so it�s not), and it has several obnoxious bugs to boot. But that doesn�t mean we can�t make it do more than balance an expense account. Along the way we�ll examine the hardware, wire into its peripheral bus, figure out how to exchange data with`today�s`future, create a simple game, draw rudimentary graphics and (with some help) even put it on the Internet with its very own Gopher client — after we tell of the WorkSlate�s brief and sorrowful commercial existence, as this blog always must. ↫ Cameron Kaiser The amount of knowledge, skill, and sheer passion Cameron Kaiser displays in every one of these articles he writes is astonishing, and I�m incredibly grateful websites like OSNews can benefit from the work of people far, far smarter and more skillful than I�ll ever be. The code for the projects detailed in the article is available on GitHub, and more technical information can be found on Kaiser�s website.
- Apple helped nix part of a child safety bill. More fights are expected.
Kim Carver, a legislator in the US state of Louisiana, added a provision to a child safety bill forcing Apple and Google to enforce age restrictions on downloads in their application stores. In other words, it would force Apple to make sure minors could not download gambling and casino applications � i.e., 99% of mobile games � that make up the vast majority of Apple�s services revenue. It would also make application stores play a role in enforcing age restrictions on social media applications, which makes sense because Apple and Google know the age of every one of their users. Well, it turns out Apple was not happy. They sent out an absolute army of lobbyists � including a guy known for lobbying on behalf of truck-stop casinos, in case you were wondering about the type of people Apple uses for lobbying � to kill this specific provision. Carver�s provision would have breezed through the Louisiana senate, but it needed a key committee approval before being put up for a vote. And it�s this committee that Apple started heavily influencing and pressuring. Carver began hearing rumblings that Apple was making inroads with the committee—his amended bill might be in trouble. Uncertain on how to proceed, he approached the chairwoman of the committee, Sen. Beth Mizell, for advice. He declined to describe the substance of the conversation to The Wall Street Journal, but in the end, he promised not to object if she removed the app store provisions or support restoring them on the Senate floor. “I made the choice to take the win that we could get,” Carver said. ↫ Jeff Horwitz and Aaron Tilley at The Wall Street Journal This is not the first time Apple has pressured legislatures to drop bills it didn�t like. A famous case is the state if Georgia, which intended to pass a number of application store bills to open up the App Store in much the same way the European Union did with the DMA. Apple went absolutely mental in Georgia, including threatening to cancel a $25 million investment in a historically Black college in Atlanta!. Apple won. The way these sleazebag companies get away with such blatant corruption is by using third-party lobbyists, which technically are not employed by the companies in question, so no matter how low and sleazy these lobbyists go, the companies they lobby for can wash their hands in innocence and absolve themselves from any responsibility for the various financial and legal threats levied at underfunded, understaffed local legislatures. Spending a few millions on a local development project or whatever is peanuts for Apple, but a massive boon for a small community somewhere, so Apple pulling out means nothing to Apple, but would massively affect such a community. It�s not surprising local legislatures fold. Circling back to the age restriction provision itself � telling stores what they can and cannot sell is an entirely normal thing to do, and happens all the time all over the world. It�s why in, say, The Netherlands, supermarkets are only allowed to sell light! alcohol like beer and wine, with hard alcohol moved to separate liquor stores that have to be separate from the supermarket, so age restrictions are easier to enforce. There�s also just an infinite number of things you�re just not allowed to sell, period. As always, Silicon Valley believes it�s a very special snowflake to whom regular, normal, widely accepted rules do not apply. Why shouldn�t a store selling gambling applications and similarly addictive and damaging applications have to do the absolute bare minimum to protect minors? Imagine the massive outcry if a Costco or Walmart was found to sell massive amounts of hard liquor to children � why should Silicon Valley companies be treated any differently?
- Pitch deck gives new details on company’s plan to listen to your devices for ad targeting
For years now, people believe that their smartphones are listening to their conversations through their microphones, all the time, even when the microphone is clearly not activated. Targeted advertising lies at the root of this conviction; when you just had a conversation with a friend about buying a pink didgeridoo and a flanel ukelele, and you then get ads for pink didgeridoos and flanel ukeleles, it makes intuitive sense to assume your phone was listening to you. How else would Google, Amazon, Facebook, or whatever, know your deepest didgeridoo desires and untapped ukelele urges? The truth is that targeted advertising using cross-site cookies and profile building is far more effective than people think, and on top of that, people often forget what they did on their phone or laptop ten minutes ago, let alone yesterday or last week. Smartphones are not secretly listening to you, and it�s not through covert microphone activation that it knows about your musical interests. But then. Media conglomerate Cox Media Group has been pitching tech companies on a new targeted advertising tool that uses audio recordings culled from smart home devices. The existence of this program was`revealed`late last year. Now, however, 404 Media has also gotten its hands on additional details about the program through a leaked pitch deck. The contents of the deck are creepy, to say the least. Cox’s tool is creepily called “Active Listening” and`the deck`claims that it works by using smart devices, which can “capture real-time intent data by listening to our conversations.” After the data is captured, advertisers can “pair this voice-data with behavioral data to target in-market consumers,” the deck says. The vague use of artificial intelligence to collect data about consumers’ online behavior is also mentioned, with the deck noting that consumers “leave a data trail based on their conversations and online behavior” and that the AI-fueled tool can collect and analyze said “behavioral and voice data from 470+ sources.” ↫ Lucas Ropek at Gizmodo Looking at the pitch deck in question, you can argue that it�s not even referring to smartphones, and that it is incredibly vague � probably on purpose � what active listening! and conversations! are really referring to. It might as well be simply referring to the various conversations on unencrypted messaging platforms, directly with companies, or stuff like that. Smart devices! is also intentionally vague, and could be anything from one of those smart fridges to your smartphone. But you could also argue that yes, this seems to be pretty much referring to listening to our conversations! in the most literal sense, by somehow � we have no idea how � turning on our smartphone microphones, in secret, without iOS or Android, or Apple or Google, knowing about it? It seems far-fetched, but at the same time, a lot of corporate and government programs and efforts seemed far-fetched until some whisteblower spilled the beans. The feeling that your phones are listening to you without your consent, in secret, will never go away. Even if some irrefutable evidence came up that it isn�t possible, it�s just too plausible to be cast aside.
- Unlocking the Secrets of Writing Custom Linux Kernel Drivers for Smooth Hardware Integration
by George Whittaker Introduction
Kernel drivers are the bridge between the Linux operating system and the hardware components of a computer. They play a crucial role in managing and facilitating communication between the OS and various hardware devices, such as network cards, storage devices, and more. Writing custom kernel drivers allows developers to interface with new or proprietary hardware, optimize performance, and gain deeper control over system resources.
In this article, we will explore the intricate process of writing custom Linux kernel drivers for hardware interaction. We'll cover the essentials, from setting up your development environment to advanced topics like debugging and performance optimization. By the end, you'll have a thorough understanding of how to create a functional and efficient driver for your hardware.
Prerequisites
Before diving into driver development, it's important to have a foundational knowledge of Linux, programming, and kernel development. Here’s what you need to know:
Basic Linux Knowledge
Familiarity with Linux commands, file systems, and system architecture is essential. You'll need to navigate through directories, manage files, and understand how the Linux OS functions at a high level.
Programming Skills
Kernel drivers are primarily written in C. Understanding C programming and low-level system programming concepts are crucial for writing effective drivers. Knowledge of data structures, memory management, and system calls will be particularly useful.
Kernel Development Basics
Understanding the difference between kernel space and user space is fundamental. Kernel space is where drivers and the core of the operating system run, while user space is where applications operate. Familiarize yourself with kernel modules, which are pieces of code that can be loaded into the kernel at runtime.
Setting Up the Development Environment
Having a properly configured development environment is key to successful kernel driver development. Here’s how to get started:
Linux Distribution and Tools
Choose a Linux distribution that suits your needs. Popular choices for kernel development include Ubuntu, Fedora, and Debian. Install essential development tools, including:
GCC: The GNU Compiler Collection, which includes the C compiler. Make: A build automation tool. Kernel Headers: Necessary for compiling kernel modules.
You can install these tools using your package manager. For example, on Ubuntu, you can use:
sudo apt-get install build-essential sudo apt-get install linux-headers-$(uname -r)
Go to Full Article
- Linux Filesystem Hierarchy: Your Guide to Understanding Its Layout
by George Whittaker Introduction
Navigating the Linux filesystem hierarchy can be a daunting task for newcomers and even seasoned administrators. Unlike some other operating systems, Linux follows a unique directory structure that is both systematic and crucial for system management and operation. Understanding this structure is essential for efficient system administration, troubleshooting, and software management. In this article, we’ll dive deep into the Linux filesystem hierarchy, exploring each directory's purpose and significance.
The Root Directory (/)
At the pinnacle of the Linux filesystem hierarchy is the root directory, denoted by a single forward slash (/). This directory is the starting point from which all other directories branch out. Think of it as the base of a tree, with all other directories extending from it.
The root directory is essential for the operating system’s overall structure, providing the foundation upon which the entire filesystem is built. All files and directories, regardless of their location, can ultimately be traced back to the root directory.
Key Directories and Their Purposes
Understanding the primary directories within the Linux filesystem is crucial for effective navigation and management. Here’s a detailed look at each significant directory:
/bin
Purpose: The /bin directory houses essential binary executables that are necessary for the system to function correctly, even in single-user mode. These binaries are crucial for basic system operations and recovery. Examples: Common commands found here include ls (list directory contents), cp (copy files), and rm (remove files). These utilities are used by both system administrators and regular users.
/sbin
Purpose: Similar to /bin, the /sbin directory contains system binaries, but these are primarily administrative commands used for system maintenance and configuration. These binaries are typically used by the root user or system administrators. Examples: Commands such as fsck (filesystem check), reboot (reboot the system), and ifconfig (network interface configuration) are located here.
/etc
Go to Full Article
- Unlocking Linux Networking: Essential Insights on TCP/IP, DNS, DHCP, and Routing
by George Whittaker Introduction
Networking is a fundamental aspect of modern computing, underpinning everything from small home offices to large enterprise data centers. For Linux system administrators and network engineers, a strong grasp of networking principles and practices is essential to manage and troubleshoot complex network systems effectively. This guide delves into the core components of Linux networking: TCP/IP, DNS, DHCP, and routing, offering detailed insights and practical examples to enhance your understanding and skills.
TCP/IP FundamentalsDefinition and Importance
TCP/IP, or Transmission Control Protocol/Internet Protocol, is the backbone of the internet and most private networks. It provides a set of rules that enable computers to communicate over long distances and different networks. Understanding TCP/IP is crucial for any networking professional as it lays the foundation for understanding how data moves across the network.
TCP/IP Components
The TCP/IP model comprises four layers, each with specific protocols and functions:
Link Layer: This layer handles protocols related to the physical network hardware, such as Ethernet. Internet Layer: The core layer where the Internet Protocol (IP) operates, handling packet routing across network boundaries. Transport Layer: Here, TCP and UDP (User Datagram Protocol) ensure data is transmitted reliably (TCP) or quickly (UDP). Application Layer: It includes protocols used by applications to communicate over the network, like HTTP, FTP, and SMTP.Configuring TCP/IP in Linux
Linux offers various tools and files for configuring and managing TCP/IP settings:
Go to Full Article
- Linux Distribution deepin 23 Officially Released
by George Whittaker Introduction
"We don't consider simply adding or removing a few upstream applications, modifying the language, wallpaper, or adjusting the application layout to be a genuine version update of an operating system. We aspire that every major version update contains a wealth of features truly needed by users and innovative content to push the boundaries of what a Linux desktop distribution can achieve, making it as powerful as commercial operating systems like Windows and macOS."
— Liu Wenhuan, Founder of the deepin Community
On August 15, the internationally renowned open source community deepin held an online event themed "Born with AI, Remarkably Different," officially releasing the open source operating system deepin 23. This release brings significant updates, including the new DDE Vision, AI For OS, the "Linyaps" application ecosystem, and the "deepin IDE" integrated development environment.
"In the past 20 years, deepin has achieved significant innovations and breakthroughs in the field of open source operating systems. We have not only led the development of domestic open source distributions but also demonstrated forward-thinking in the transition to independently developed desktop environments," said Zhang Lei, Chairman of the deepin Community, in his opening remarks.
As a gift for the community's 20th anniversary, deepin 23 has undergone three years of development, with over 200 product optimizations and new features, 9 version iterations, 51 internal tests, and 8 self-developed development tools. Every innovation has been aimed at making deepin 23 better.
Root Community Growth, Full-Stack Independent OS Development
To truly control the development, upstream community leadership, and supply chain security of the operating system, the China server OS root community, represented by the Euler community under the OpenAtom Foundation, and the China desktop OS root community, represented by the deepin community, were established in 2022.
A Linux OS root community is one that builds its OS from the Linux kernel and other open source components, without relying on upstream distributions, and has significant contributions from external individuals and companies. The first step taken by the deepin community was to build a new repository independently and develop tools based on the deepin root community, making it easier and more effective for developers to contribute. These efforts are collectively known as "independent upstream" within the community.
As the first distribution based on the root community, deepin 23 has achieved independent modules at every level of the OS, providing superior development tools for global open source enthusiasts.
deepin 23 is equipped with the Linux 6.6 LTS kernel, and from the repository to the application layer, the OS core components adopt many self-developed solutions:
Go to Full Article
- Optimizing DebOS for Optimal Power Management
by George Whittaker Introduction
In an era where energy efficiency and sustainable computing practices are becoming increasingly important, mastering power management within your operating system is more crucial than ever. DebOS, a robust and versatile operating system, offers a range of features designed to help you manage power efficiently, whether you’re using a laptop, desktop, or server. This guide will walk you through the intricacies of DebOS’s power management capabilities, providing practical insights and advanced techniques to ensure you make the most of its features.
Understanding DebOS
DebOS is a cutting-edge operating system renowned for its stability, security, and flexibility. Built on a solid foundation of open-source principles, DebOS is designed to offer extensive customization options while maintaining robust performance. One of its standout features is its power management capabilities, which are tailored to help users maximize efficiency and extend the life of their hardware.
DebOS excels in power management thanks to its integrated tools and configuration options. It provides granular control over various power-related settings, enabling users to optimize power consumption based on their specific needs. Whether you're looking to conserve battery life on a laptop or manage energy use on a server, DebOS offers a range of solutions to fit different scenarios.
Compared to other operating systems, DebOS offers a more transparent and customizable approach to power management. While many systems provide basic power-saving options, DebOS allows for deeper control and automation, making it a powerful choice for users who require more advanced features.
Power Management Basics
Power management involves controlling the power consumption of a computer system to optimize performance and efficiency. It encompasses various strategies and settings aimed at reducing energy use, extending battery life, and minimizing environmental impact. Effective power management is not only beneficial for conserving energy but also for enhancing the longevity and reliability of your hardware.
Typical power management features include:
Go to Full Article
- Navigating Visualization Trends with Plotly and Ubuntu
by George Whittaker Introduction
In the ever-evolving world of data science, data visualization has emerged as a crucial tool for transforming raw data into actionable insights. As we navigate through 2024, the landscape of data visualization continues to shift, driven by advancements in technology and changes in user expectations. Among the tools leading this transformation are Plotly and Ubuntu, both of which are redefining how we interact with and analyze data. This article delves into the trends in data visualization, explores the capabilities of Plotly, and demonstrates how to leverage Ubuntu as a powerful platform for creating sophisticated visualizations.
Understanding Data Visualization Trends
Data visualization has come a long way from static charts and graphs. Today, the field is characterized by several key trends:
Interactive Visualizations: Modern data visualization emphasizes interactivity, allowing users to engage with data dynamically. Interactive dashboards and plots enable users to drill down into data, explore different views, and uncover insights that static charts might obscure.
Real-Time Data Visualization: With the rise of IoT and streaming data, real-time visualization has become increasingly important. Businesses and organizations need to monitor and respond to live data, making real-time dashboards and alerts essential tools for decision-making.
AI and Machine Learning Integration: AI and machine learning are transforming data visualization by automating insights and enhancing predictive analytics. Advanced algorithms can identify patterns and trends that would be difficult to discern manually, providing deeper and more accurate insights.
Customization and Personalization: Users expect data visualizations to be tailored to their specific needs and preferences. Customizable charts and personalized dashboards allow users to view data in the most relevant way, improving the overall user experience.
Introduction to Plotly
Plotly is a robust and versatile data visualization library that has gained popularity for its ability to create interactive and visually appealing charts.
What is Plotly?
Go to Full Article
- Fortifying Web Applications on Debian Servers
by George Whittaker
In the rapidly evolving digital age, web application security has become a cornerstone of IT strategies across industries. As cyber threats grow more sophisticated, the necessity of robust security measures has intensified, particularly for web applications running on Linux-based servers like Debian. This guide aims to explore the depths of web application security, focusing particularly on how to fortify applications hosted on Debian servers.
Understanding the Risks
Web applications are frequently targeted by cybercriminals due to their accessibility and the valuable data they often process. Recognizing common vulnerabilities is the first step in defense:
Common Web Application VulnerabilitiesSQL Injection: Malicious SQL statements are inserted into an entry field, allowing attackers to manipulate databases. Cross-site Scripting (XSS): Malicious scripts are injected into websites viewed by other users, hijacking user sessions or defacing websites. Cross-site Request Forgery (CSRF): Users are tricked into performing actions they did not intend, typically in web applications where they are authenticated. Security Misconfiguration: Poorly configured permissions, outdated software, and default settings can leave applications vulnerable. Sensitive Data Exposure: Inadequate protection of sensitive data like passwords, credit card numbers, and personal information can lead to breaches.Specific Challenges on Debian Servers
Debian's popularity and extensive use in server environments make it a prime target for attacks. Specific challenges include managing the complex dependencies of package management and maintaining security with frequent updates.
Debian Server Configuration for Security
Securing a Debian server involves multiple layers of defense, from initial setup to ongoing management.
Go to Full Article
- Evaluating Ubuntu Server and Oracle Linux: Which Operating System Excels in Database Management?
by George Whittaker Introduction
In the realm of enterprise computing, selecting the optimal operating system (OS) for database management is critical to performance, security, and scalability. Two prominent contenders in this field are Ubuntu Server and Oracle Linux. Both offer unique benefits and are tailored to different kinds of enterprise needs. This article provides a comparison of both operating systems, focusing on their capabilities, performance, and suitability for database workloads.
Overview of Ubuntu Server
Ubuntu Server, developed by Canonical Ltd., is a free, open-source Linux distribution based on Debian. Widely recognized for its ease of use and robust performance, Ubuntu Server hosts websites, file servers, and, importantly, database servers. It supports major database systems like MySQL, PostgreSQL, and MongoDB, making it a versatile choice for various applications.
Key Features Relevant to Databases:Stability and Updates: Ubuntu offers Long Term Support (LTS) versions that receive updates for up to five years, ensuring long-term stability. Community and Commercial Support: A vast community and options for professional support from Canonical cater to businesses of all sizes. Compatibility and Flexibility: Extensive compatibility with popular database management systems and cloud environments.Overview of Oracle Linux
Oracle Linux, crafted by Oracle Corporation, is tailored for enterprise environments, offering a robust platform especially optimized for Oracle's own products, like Oracle Database. It stands out for its deep integration with Oracle's applications and is engineered for performance in demanding environments.
Key Features Relevant to Databases:Optimized for Oracle Products: It provides a seamless environment for Oracle software, reducing compatibility issues and optimizing performance. Kernel Options: Oracle Linux users can choose between the Red Hat Compatible Kernel (RHCK) and Oracle's Unbreakable Enterprise Kernel (UEK), which is specifically tuned for Oracle products. Support Structure: Oracle offers comprehensive support services, which, while costly, provide significant value in enterprise settings.Performance
Performance is a key differentiator when assessing the suitability of an OS for database workloads:
Go to Full Article
- Delivering Enterprise-Grade Linux for Edge-to-Cloud Deployments with eLxr
by Mark Asselstine
The eLxr project has launched its initial release of a Debian-based distribution that incorporates the intelligent edge capabilities of Debian, with plans to expand these for a streamlined edge-to-cloud deployment approach. eLxr is an open source, enterprise-grade Linux distribution designed to address the specific challenges of near-edge networks and workloads.
What Is the eLxr Project?
The eLxr project is a community-driven effort dedicated to expanding access to cutting-edge technologies for both enthusiasts and enterprise users seeking dependable and innovative solutions that scale from edge to cloud. The project produces and maintains an open source, enterprise-grade Debian-based distribution called eLxr that is user-friendly and fully honors the open source philosophy.
The eLxr project's mission focuses on accessibility, innovation, and maintaining the integrity of open source software. Developing these advancements in an enterprise-grade Debian-based distribution ensures that users benefit from a freely available Linux distribution.
By emphasizing ease of adoption alongside open source principles, eLxr aims to attract a diverse range of users and contributors who value both innovation and community-driven development, fostering collaboration and transparency and the spread of new technologies.
The eLxr project is implementing a robust strategy for building on Debian's ecosystem while also contributing back to it. As "Debian citizens," eLxr contributors submit innovations and improvements upstream, actively participating in the community's development efforts. This approach not only enhances eLxr's own distribution but also strengthens Debian by expanding its feature set and improving its overall quality.
The ability to release technologies at various stages of Debian's development cycle and to introduce innovative new content not yet available in Debian highlights eLxr's flexibility and responsiveness to emerging needs. Moreover, the commitment to sustainability ensures that contributions made by eLxr members remain beneficial to the broader Debian community over the long term.
A Unified Approach for Intelligent Deployments at the Edge
Modern technology demands agility and responsiveness to rapidly changing requirements and operational challenges. By integrating cutting-edge technologies from open source communities and technology companies into its distribution, the eLxr project enables users to leverage innovations that may not yet be widely distributed or easily accessible through other channels.
Go to Full Article
- Leveraging modprobe and lsmod for Effective Linux System Management
by George Whittaker Introduction
Linux, renowned for its robustness and flexibility, owes much of its adaptability to kernel modules. These modules are critical components that extend the kernel’s capabilities without requiring a reboot, facilitating dynamic modification of the system’s functionality. In this article, we will delve into two pivotal tools—modprobe and lsmod—that are essential for managing these modules effectively. Understanding and utilizing these tools can greatly enhance system administration and customization.
Understanding Kernel Modules
Kernel modules are pieces of code that can be loaded into the kernel upon demand, providing additional functionality as required. They are essential for extending the system's capabilities, allowing hardware and software integration without altering the kernel's core structure. Common examples include device drivers for graphics cards and network interfaces, file system managers, and system utilities.
Modules streamline system performance and efficiency by only being loaded when needed. This modular nature ensures that the kernel remains lightweight and responsive, as unnecessary components are not loaded into the system memory permanently.
Exploring lsmod
lsmod is a simple yet powerful utility that lists all currently loaded kernel modules in the system. It provides insights into which modules are active, helping administrators understand the system's current state.
lsmod reads the contents from /proc/modules, which contains information about all the loaded modules. It displays the module name, size, and the count of instances that are using it, along with a list of any modules that depend on it.
Using lsmod: Practical Examples
To use lsmod, simply type lsmod in the terminal. The output will look something like this:
Module Size Used by nf_conntrack 139264 2 nf_nat,nf_conntrack_netlink iptable_filter 16384 1 ip_tables 28672 1 iptable_filter x_tables 40960 3 iptable_filter,ip_tables,ipt_REJECT
This output tells us which modules are loaded, their size, and their dependencies, providing a clear snapshot of the module landscape at any given moment.
Managing Kernel Modules with modprobe
modprobe is a more sophisticated tool compared to lsmod. It not only lists modules but also intelligently handles loading and unloading modules and their dependencies.
Go to Full Article
|
