wlug July 2020

wlug@list.waikato.ac.nz

7 participants
47 discussions

by Lawrence D'Oliveiro

For quite a while now, I’ve been annoyed by the system notification volume going to 100% on my Debian systems, regardless of my attempts to set it to a lower level. For example, when I open the KDE System Settings app, change something, then try to close the window, the sound that accompanies the save/discard/cancel alert is always startlingly loud. I think I have finally found a fix: in your /etc/pulse/daemon.conf, put in a line saying flat-volumes = no (You should find an existing comment “; flat-volumes = yes” that indicates the default.) You can make this new setting take effect in the current session immediately without having to logout or reboot, by executing the following as the currently-logged-in user: pulseaudio -k (This kills and restarts the PulseAudio daemon for your user session.) There are several discussions of the pros and cons of this issue online, going back some years. For example, here <https://bugzilla.redhat.com/show_bug.cgi?id=1265267>. Also a mention about the “flat-volumes” setting in the ever-reliable Arch Linux Wiki here <https://wiki.archlinux.org/index.php/PulseAudio>.

9 months

Random Firefox Tweaks

by Lawrence D'Oliveiro

Been looking at various settings changes you can make in the “about:config” page in Firefox. Here are a couple I have found useful: * keyword.enabled -- set to false to stop Firefox trying to do a search on the contents of the address box if it doesn’t match a URL. This is why I have a search box separate from the address box. * browser.fixup.alternate.enabled -- set to false to stop it helpfully tacking on “www.” and “.com” if the original URL you type doesn’t work. I have occasionally been confused by it complaining about not finding a URL, but showing a different one from the one I typed. By the way, when you first try to view this page, Firefox shows you a warning to ensure you understand the consequences of messing about with settings at this level. It remembers it has shown you this warning by adding the following line to the prefs.js file in your profile: user_pref("browser.aboutConfig.showWarning", false); Firefox seems to overwrite this file when it quits, and reloads it when it is launched again.

10 months, 1 week

NZ Govt Unveils “Algorithm Charter”

by Lawrence D'Oliveiro

The Charter <https://www.theregister.com/2020/07/28/new_zealand_algorithm_charter/> requires Government departments who sign on to it to “maintain transparency” about the algorithms they use, but does not make them reveal the actual details of these algorithms. Nor does it explain what it means by an “algorithm”.

1 year, 1 month

How Qualcomm Shook Down The Cell Phone Industry For Almost 20 Years

by Lawrence D'Oliveiro

A pretty sobering read <https://arstechnica.com/tech-policy/2019/05/how-qualcomm-shook-down-the-cel…>: Qualcomm's first weapon against competitors: patent licensing terms requiring customers to pay a royalty on every phone sold—not just phones that contained Qualcomm's wireless chips. Sound familiar? Judge Koh draws a direct parallel to licensing behavior that got Microsoft in legal trouble in the 1990s. Microsoft would offer PC makers a discount if they agreed to pay Microsoft a licensing fee for every PC sold—whether or not the PC shipped with a copy of MS-DOS. This effectively meant that a PC maker had to pay twice if it shipped a PC running a non-Microsoft operating system. There’s a lot more--the article reads like a catalogue of gangster-like tactics. All of which is perfectly all right under the US interpretation of “Free Enterprise”, of course ... Also, reading the details of how Qualcomm managed to sabotage Intel’s efforts to develop 5G chips, it seems to me that Qualcomm is directly responsible for the situation today where US companies are lagging behind Chinese ones like Huawei in 5G capability.

1 year, 2 months

Allowing PBL'ed IP addresses in Postfix

by David McNab

Hi, Has anyone had experience with configuring Postfix to allow inbound client SMTP connections from NZ-based IP addresses that have been Policy Block Listed (PBL'ed) by their ISP? Spark have PBL'ed most or all of their home and small business fibre/*DSL connection IP addresses. 2degrees have PBL'ed most/all of their cellular data IP addresses. I'm trying to support a user to send email from their cellphone email client. Cheers David

1 year, 2 months

Bug In Grub2 Breaks Secure Boot (Yawn)

by Lawrence D'Oliveiro

Seems a vulnerability has been found in everyone’s favourite bootloader <https://arstechnica.com/information-technology/2020/07/new-flaw-neuters-sec…> which allows a bypass of the “Secure Boot” mechanism in modern UEFI-based machines. But given that so many other bypasses already exist, nobody seems especially worried about this. For example, the article references an attempt by Microsoft to revoke the certification of (an obsolete version of) a secure bootloader from Kaspersky Lab with a vulnerability in it; the revocation caused so many headaches for users that it had to be rolled back.

1 year, 2 months

NoiseTorch

by Peter Reutemann

Hi everyone Angus mentioned NoiseTorch at last night's meeting as a way of avoiding noise from being recorded when using microphones: 'NoiseTorch is an easy to use open source application for Linux with PulseAudio. It creates a virtual microphone that suppresses noise, in any application. Use whichever conferencing or VOIP application you like and simply select the NoiseTorch Virtual Microphone as input to torch the sound of your mechanical keyboard, computer fans, trains and the likes.' -- source: https://github.com/lawl/NoiseTorch Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 year, 2 months

Hackers Stole GitHub and GitLab OAuth Tokens From Git Analytics Firm Waydev

by Peter Reutemann

'Waydev, an analytics platform used by software companies, has disclosed a security breach that occurred earlier this month. From a report: The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers' work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores. When users install the app, Waydev receives an OAuth token that it can use to access its customers' GitHub or GitLab projects. Waydev stores this token in its database and uses it on a daily basis to generate analytical reports for its customers. Waydev CEO and co-founder Alex Circei told ZDNet today in a phone call that hackers used a blind SQL injection vulnerability to gain access to its database, from where they stole GitHub and GitLab OAuth tokens. The hackers then used some of these tokens to pivot to other companies' codebases and gain access to their source code projects.' -- source: https://tech.slashdot.org/story/20/07/27/1918237 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 year, 2 months

meeting suggestions?

by Peter Reutemann

Hi everyone For our first in-person meeting after the lockdown on July 27th, any ideas for topics? Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 year, 2 months

World’s Fastest Computer Is ARM

by Lawrence D'Oliveiro

Looking at the June Top500 list <https://top500.org/lists/top500/list/2020/06/>, the current number 1, Japan’s Fugaku, uses over 7 million A64FX cores and close to 5 petabytes of RAM. Numbers 2 and 3 are based on IBM’s POWER architecture, while number 4 is a Chinese RISC-based machine, which might have some resemblance to the DEC Alpha <https://en.wikipedia.org/wiki/Sunway_(processor)>, or MIPS, or not. It’s not until 5th place does x86 make an appearance.

1 year, 2 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug July 2020