January 2021 - wlug - University of Waikato Mail Lists

by Lawrence D'Oliveiro

Seems hackers broke into a secure file-sharing service called Accellion, based in California. The RBNZ was using that to exchange documents with the likes of banks and insurance companies. <https://www.stuff.co.nz/business/123911764/reserve-bank-reveals-more-detail…>

4 days, 23 hours

2
3
0 0

Outlawing Dark Patterns

by Lawrence D'Oliveiro

“Dark patterns” is a term coined to describe user interfaces designed to manipulate people into giving up time, money or personal data that they didn’t intend to. A common example is the obstacle course you often have to go through to cancel a subscription to something online. Another example is the use of countdown timers to rush buyers into hasty decisions. They may not be out-and-out deceptive, but they do come close. Now, the US states of California and Washington are looking to pass laws to restrict this practice. <https://arstechnica.com/tech-policy/2021/01/lawmakers-take-aim-at-insidious…>

2 weeks, 6 days

2
1
0 0

Firefox 85 Hammers the Final Nail Into the Adobe Flash Coffin

by Peter Reutemann

'With Mozilla's release of Firefox 85 on Tuesday, Adobe's once ubiquitous Flash technology is really gone for good. The software had been widely used to expand gaming, video and animation on the web, though Adobe stopped supporting it at the end of 2020. Firefox was the last major browser to support Flash. From a report: Apple, whose late boss Steve Jobs helped sink Flash by banning it from iPhones and iPads, ditched Flash with Safari 14 in September 2020. Google Chrome, the most widely used browser, completely excised it on Jan. 19 with version 88. Microsoft's Edge 88 followed suit on Jan. 21. The schedule of removals shows just how hard it is to advance technology foundations as widely used as the web. Browser makers for years wanted to remove Flash, replacing it with more advanced standards built directly into the web. Jobs' "Thoughts on Flash" letter in 2010 solidified the opposition, and Adobe started recognizing the software's doom by scrapping the Android version of Flash in 2011. It's taken years of effort to drop Flash completely. Adobe took until 2017 to announce that Flash would be completely unsupported at the end of 2020, and still some are willing to jump through lots of hoops to keep Flash around a little longer.' -- source: https://it.slashdot.org/story/21/01/26/1618254 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 weeks, 5 days

2
2
0 0

Google Threatens To Remove Search in Australia as Spat Escalates

by Peter Reutemann

'Google has threatened to disable its search engine in Australia if it's forced to pay local publishers for news, a dramatic escalation of a months-long standoff with the government. From a report: The proposed law, intended to compensate publishers for the value their stories generate for the company, is "unworkable," Mel Silva, managing director for Australia and New Zealand, told a parliamentary hearing Friday. She specifically opposed the requirement that Google pay media companies for displaying snippets of articles in search results. The threat is Google's most potent yet as the digital giant tries to stem a flow of regulatory action worldwide. At least 94% of online searches in Australia go through the Alphabet unit, according to the local competition regulator. "We don't respond to threats," Australia Prime Minister Scott Morrison said Friday. "Australia makes our rules for things you can do in Australia. That's done in our parliament. It's done by our government. And that's how things work here in Australia."' -- source: https://tech.slashdot.org/story/21/01/22/0339236 However, in related news: "Google Agrees To Pay French News Sites To Send Them Traffic" -- source: https://tech.slashdot.org/story/21/01/21/2316209 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

4 weeks

2
1
0 0

TinyPilot KVM Over IP

by Lawrence D'Oliveiro

Just been watching this review <https://www.youtube.com/watch?v=CyEpshm16HY> of the TinyPilot KVM-over-IP box. It’s purchasable from the maker’s website for US$300-plus, which is a fraction of the price of most other KVM-over-IP products. It’s built around a Raspberry π 4, using the camera adapter for HDMI in (no use made of the GPIO connector at all). Of course this means it can only support a connection to a single server machine. The source code is on GitHub if you want to build that yourself. The base product offers insecure HTTP-only access; if you want HTTPS, you have to pay extra for the TinyPilot Pro software licence. For comparison, some reader comments mention an alternative “PiKVM” product -- has anyone heard of this?

4 weeks

2
2
0 0

CERN Gets Its Open Hardware Licence Approved By OSI

by Lawrence D'Oliveiro

CERN wanted to come up with the hardware equivalent of open-source software licences. Such licences don’t really work well with hardware, because they use terms (like “linking” and “system libraries”) that aren’t applicable to hardware. So they worked with the Open Source Initiative (the custodians of the Open Source Definition) to come up with a selection of three licences, allowing for a choice of strong copyleft (GPL-equivalent), weak copyleft (LGPL-equivalent, I guess) and no copyleft at all. It seems these licences could actually be used for a combination of both hardware and software. <https://www.theregister.com/2021/01/29/cern_ohl_approved/>

4 weeks

1
0
0 0

Cloning SSD's

by Ian Stewart

FWIW: My recent experiences with copying SSD's... I recently installed Ubuntu Mate from USB stick to a 120GB SSD. I then updated with all the latest patches. This took about 30 minutes. I then tailored my preferences of Firefox, Terminal, Pluma, etc. Created a Guest account. Installed the NZ dictionary, and added some applications. This took me another 30 minutes. I then needed to do this to 5 more computers. So, to prepare six computers would have taken me a total of about 6 hours. I considered using the utility "dd" to copy a clone of my master disk. Looking through stackoverflow<https://unix.stackexchange.com/questions/144172/full-dd-copy-from-hdd-to-hdd> I found the suggestion to use "cat". I.e. Boot Ubuntu from a USB stick and assuming sda is my master disk and sdb is the clone, then issue the command... $ sudo sh -c 'cat /dev/sda >/dev/sdb' I found this copying took about 15 minutes. However, it didn't give me any progress report during the copying sequence. I then... $ sudo apt install pv ...pv stands for "Pipe Viewer". For the next SSD drive to be cloned I issued the command... $ sudo sh -c 'pv /dev/sda >/dev/sdb' ...which then provided a progress bar that updated every second. With Samsung SSD 120GB drives I found the operation took 13 minutes 13 seconds with a transfer rate of 153MB/s. I later had built another master SSD on a Kingston 120GB SSD and cloned this to another Kingston 120GB SSD which took 10 minutes and had a transfer rate of 200MB/s. I found with the system still powered on, I could unplug the cloned SSD and plug in another blank SSD and start another cloning. Probably not a recommended practice. After booting the clone, I edited /etc/hostname to make each clone unique. Maybe there's something else I should change??? In summary, allowing for a bit of time to physically move the SSD's between machines, I was effectively completing the installation/updating/tailoring at a rate of three PC's an hour. I dunno if this was the right way or the best way, but, so far, the masters and all the clones seem to be working OK. cheers, Ian.

4 weeks, 1 day

2
1
0 0

Intel Iris Xe Video Cards Now Shipping To OEMs: DG1 Lands In Desktops

by Peter Reutemann

'Ryan Smith, writing at AnandTech: Following plans first unveiled last year during the launch of their DG1 GPU, Intel sends word this morning that the first Iris Xe video cards have finally begun shipping to OEMs. Based on the DG1 discrete GPU that's already being used in Intel's Iris Xe MAX laptop accelerators, the Iris Xe family of video cards are their desktop counterpart, implementing the GPU on a traditional video card. Overall, with specifications almost identical to Xe MAX, Intel is similarly positioning these cards for the entry-level market, where they are being released as an OEM-only part. As a quick refresher, the DG1 GPU is based on the same Xe-LP graphics architecture as Tiger Lake's integrated GPU. In fact, in broad terms the DG1 can be thought of as a nearly 1-to-1 discrete version of that iGPU, containing the same 96 EUs and 128-bit LPDDR4X memory interface as Tiger Lake itself. Consequently, while DG1 is a big first step for Intel -- marking the launch of their first discrete GPU of the modern era -- the company is planning very modestly for this generation of parts. The first DG1 GPUs were shipped in the fall as part of Intel's Iris Xe MAX graphics solution for laptops. At the time, Intel also indicated that a desktop card for OEMs would also be coming in 2021, and now, right on schedule, those desktop cards have begun shipping out.' -- source: https://hardware.slashdot.org/story/21/01/28/1649204 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 month

1
0
0 0

ProtonMail, Threema, Tresorit and Tutanota Warn EU Lawmakers Over 'Anti-Encryption' Push

by Peter Reutemann

'Four European apps which secure user data via end-to-end encryption, ProtonMail, Threema, Tresorit and Tutanota, have issued a joint-statement warning over recent moves by EU institutions that they say are setting lawmakers on a dangerous path to backdooring encryption. From a report: Last month the EU Council passed a resolution on encryption that's riven with contradiction -- calling for "security through encryption and security despite encryption" -- which the four e2e app makers believe is a thinly veiled call to backdoor encryption. The European Commission has also talked about seeking "improved access" to encrypted information, writing in a wide-ranging counter-terrorism agenda also published in December that it will "work with Member States to identify possible legal, operational, and technical solutions for lawful access." Simultaneously, the Commission has said it will "promote an approach which both maintains the effectiveness of encryption in protecting privacy and security of communications, while providing an effective response to crime and terrorism." And it has made it clear there will be no 'one silver bullet' as regards the e2e encryption security 'challenge.' But such caveats are doing nothing to alleviate the concerns of e2e encrypted app makers -- who are convinced proposals from the Council of the EU, which is involved in adopting the bloc's laws (though the Commission usually drafts legislation), sums to an push toward backdoors. "While it's not explicitly stated in the resolution, it's widely understood that the proposal seeks to allow law enforcement access to encrypted platforms via backdoors," the four app makers write, going on to warn that such a move would fatally underline the security EU institutions also claim to want to maintain. "The resolution makes a fundamental misunderstanding: Encryption is an absolute, data is either encrypted or it isn't, users have privacy or they don't," they go on. "The desire to give law enforcement more tools to fight crime is obviously understandable. But the proposals are the digital equivalent of giving law enforcement a key to every citizen's home and might begin a slippery slope towards greater violations of personal privacy."' -- source: https://yro.slashdot.org/story/21/01/28/1724250 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 month

1
0
0 0

Rocky Linux gets a parent company, with $4m Series A funding

by Peter Reutemann

'Gregory Kurtzer, co-founder of the now-defunct CentOS Linux distribution, has founded a new startup company called Ctrl IQ, which will serve in part as a sponsoring company for the upcoming Rocky Linux distribution. Rocky Linux is to be a beneficiary of Ctrl IQ's revenue, not its source—the company describes itself in its announcement as the suppliers of a "full technology stack integrating key capabilities of enterprise, hyper-scale, cloud and high-performance computing."' -- source: https://arstechnica.com/gadgets/2021/01/rocky-linux-gets-a-parent-company-w… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 577-5304 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

1 month

1
0
0 0

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug January 2021