The first powered aircraft on Mars
<https://www.theregister.com/2021/04/19/perseverance_computing_feature/>
has proved its concept, taken flight for a few seconds, and made a
controlled landing again.
The control system is running Linux on a Qualcomm Snapdragon 801 chip,
not because NASA considered it the best tool for the job, but because
it was the easiest solution available. The hardware “is tuned for use on
Earth, not Mars”, so it is only planned to make brief flights of no
more than 90 seconds at a time, always landing back at the same spot,
and it is not expected to endure beyond the initial 30 days of the
Perseverance mission.
'Long-time Slashdot reader xiando shares news from LinuxReviews:
Linux Kernel Runtime Guard (LKRG) is a security module for the Linux
kernel developed by Openwall. The latest release adds compatibility
with Linux kernels up to soon to be released 5.12, support for
building LKRG into kernel images, support for old 32-bit x86 machines
and more...
The Linux Kernel Runtime Guard is an out-of-tree kernel module you can
install as a kernel module, or, with the 0.9.0 release, build into
your Linux kernel. It does run-time integrity checks to detect
security vulnerability exploits against the Linux kernel.
An Openwall developer also notes in the announcement that "During LKRG
development and testing I've found 7 Linux kernel bugs, 4 of them have
CVE numbers."'
-- source: https://news.slashdot.org/story/21/04/17/2118236
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Debian Project Secretary Kurt Roeckx has announced the results of a
closely-watched vote on what statement would be made about Richard
Stallman's readmission to the Free Software Foundation's board.
Seven options were considered, with the Debian project's 420 voting
developers also asked to rank their preferred outcomes:
- Option 1: "Call for the FSF board removal, as in rms-open-letter.github.io"
- Option 2: "Call for Stallman's resignation from all FSF bodies"
- Option 3: "Discourage collaboration with the FSF while Stallman is
in a leading position"
- Option 4: "Call on the FSF to further its governance processes"
- Option 5: "Support Stallman's reinstatement, as in
rms-support-letter.github.io"
- Option 6: "Denounce the witch-hunt against RMS and the FSF"
- Option 7: "Debian will not issue a public statement on this issue"
While all seven options achieved a quorum of votes, two failed to
achieve a majority — options 5 and 6. ("Support Stallman's
reinstatement" and "Denounce the witch-hunt...") The option receiving
the most votes was #7 (not issuing a public statement) — but it wasn't
that simple. The vote's final outcome was determined by comparing
every possible pair of options to determine which option would still
be preferred by a majority of voters in each possible comparision.
In this case, that winner was still the option which had also received
the most votes:
Debian will not issue a public statement on this issue.
The Debian Project will not issue a public statement on whether
Richard Stallman should be removed from leadership positions or not.
Any individual (including Debian members) wishing to (co-)sign any of
the open letters on this subject is invited to do this in a personal
capacity.
The results are captured in an elaborate graph. Numbers inside the
ovals show the final ratio of yes to no votes (so a number higher than
1.00 indicates a majority, with much higher numbers indicating much
larger majorities). Numbers outside the ovals (along the lines)
indicate the number of voters who'd preferred the winning choice over
the losing choice (toward which the arrow is pointing).
The winning option is highlighted in blue.'
-- source: https://linux.slashdot.org/story/21/04/18/1727209
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Google's Android team supports Rust for developing the Android
operating system. Now they're also helping evaluate Rust for Linux
kernel development. Their hopes, among other things, are that "New
code written in Rust has a reduced risk of memory safety bugs, data
races and logic bugs overall," that "abstractions that are easier to
reason about," and "More people get involved overall in developing the
kernel, thanks to the usage of a modern language."
Linus Torvalds responded in a new interview with IT Wire (shared by
Slashdot reader juul_advocate):
The first patches for Rust support in the Linux kernel have been
posted and the man behind the kernel says the fact that these are
being discussed is much more important than a long post by Google
about the language. Linus Torvalds told iTWire in response to queries
that Rust support was "not there yet", adding that things were
"getting to the point where maybe it might be mergeable for 5.14 or
something like that..." Torvalds said that it was still early days for
Rust support, "but at least it's in a 'this kind of works, there's an
example, we can build on it'."
Asked about a suggestion by a commenter on the Linux Weekly News
website, who said, during a discussion on the Google post, "The
solution here is simple: just use C++ instead of Rust", Torvalds could
not restrain himself from chortling. "LOL," was his response. "C++
solves _none_ of the C issues, and only makes things worse. It really
is a crap language.
"For people who don't like C, go to a language that actually offers
you something worthwhile. Like languages with memory safety and
[which] can avoid some of the dangers of C, or languages that have
internal GC [garbage collection] support and make memory management
easier. C++ solves all the wrong problems, and anybody who says
'rewrite the kernel in C++' is too ignorant to even know that."
He said that when one spoke of the dangers of C, one was also speaking
about part of what made C so powerful, "and allows you to implement
all those low-level things efficiently".
Torvalds added that, while garbage collection is "a very good thing in
most other situations," it's "generally not necessarily something you
can do in a low-level system programming."'
-- source: https://developers.slashdot.org/story/21/04/17/009241
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'FTP (file transfer protocol) celebrated its 50th anniversary this
week. Long-time Slashdot reader sandbagger shares an article
commemorating a half-century of FTP:
Over the years, the FTP protocol got refined with 16 different
revisions(*1) adding support with TCP/IP, a secure extension also
known as FTPS which is leveraging the same tech as HTTPS and more
recent addition like IPv6 support.
Fifty years after its inception, FTP is still going very strong with
millions of FTP server still being exposed on the internet which is
fairly amazing considering the bad press it gets... '
-- source: https://tech.slashdot.org/story/21/04/17/2143200
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Slashdot reader LeeLynx shares news from The Register about a
Slackware 15 beta release (following the debut of February's alpha),
"nearly five years after the distribution last saw a major update."
(And nearly 28 years after its initial release back in 1993...)
Created by Patrick Volkerding (who still lays claim to the title
Benevolent Dictator For Life), the current release version arrived in
the form of 2016's 14.2... The Linux kernel has been updated to
5.10.30 (at time of writing) with 5.11.14 available for testing.
Desktop fans may be pleased to see, among the many updates, KDE Plasma
hitting 5.21.4 as well as updates for old faithfuls, such as Mozilla
Firefox and Thunderbird.
The beta itself dropped on 12 April (with the 5.10.29 kernel) and
Volkerding noted: "I'm going to go ahead and call this a beta even
though there's still no fix for the illegal instruction issue with
32-bit mariadb. But there should be soon."
Tinkering has continued since, judging by the change log, although the
beta tag brings hope there will be a release before long.'
-- source: https://linux.slashdot.org/story/21/04/18/007214
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Just Security:
Huawei's plans for 6G and beyond make U.S. concerns over 5G look
paltry: Huawei is proposing a fundamental internet redesign, which it
calls "New IP," designed to build "intrinsic security" into the web.
Intrinsic security means that individuals must register to use the
internet, and authorities can shut off an individual user's internet
access at any time. In short, Huawei is looking to integrate China's
"social credit," surveillance, and censorship regimes into the
internet's architecture...
To avoid scrutiny of New IP's shortcomings, Huawei has circumvented
international standards bodies where experts might challenge the
technical shortcomings of the proposal. Instead, Huawei has worked
through the United Nations' International Telecommunications Union
(ITU), where Beijing holds more political sway...
Huawei dominance on New IP and 6G would not only create a less free,
less interoperable internet, it would pave the way for authoritarian
governments to gain expanded say over future changes to the internet
for years to come.'
-- source: https://tech.slashdot.org/story/21/04/17/2041239
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
Hi everyone
Due to ANZAC day being observed on Monday 26th, our next WLUG meeting
is a week early on the 19th (ie next week!):
'Home automation (aka smart home) is now widely available through a
range of consumer products. But often, these devices are only
accessible through closed-source apps and also tend to "phone home".
Let's have a look, together with Peter Reutemann, at Home Assistant
(https://www.home-assistant.io/), an open-source home automation
framework that puts local control and privacy first.'
-- source: https://www.meetup.com/WaikatoLinuxUsersGroup/events/274861049/
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'"FreeBSD, the other Linux, reached version 13," writes long-time
Slashdot reader undoman. "The operating system is known for its stable
code, native ZFS support, and use of the more liberal BSD licenses."
Phoronix highlights some of the major new improvements:
FreeBSD 13.0 delivers on performance improvements (particularly for
Intel CPUs we've seen in benchmarks thanks to hardware P-States),
upgrading to LLVM Clang 11 as the default compiler toolchain, POWER
64-bit support improvements, a wide variety of networking
improvements, 64-bit ARM (AArch64) now being a tier-one architecture
alongside x86_64, EFI boot improvements, AES-NI is now included by
default for generic kernel builds, the default CPU support for i386 is
bumped to i686 from i486, and a variety of other hardware support
improvements. Various obsolete GNU tools have been removed like an old
version of GNU Debugger used for crashinfo, obsolete GCC 4.2.1 and
Binutils 2.17 were dropped from the main tree, and also switching to a
BSD version of grep. '
-- source: https://tech.slashdot.org/story/21/04/15/2034216
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'The Electronic Frontier Foundation (EFF) today announced it has
enhanced its groundbreaking HTTPS Everywhere browser extension by
incorporating rulesets from DuckDuckGo Smarter Encryption. According
to the digital rights group's press release, HTTPS Everywhere is "a
collaboration with The Tor Project and a key component of EFF's effort
to encrypt the web and make the Internet ecosystem safe for users and
website owners." From the press release:
"DuckDuckGo Smarter Encryption has a list of millions of
HTTPS-encrypted websites, generated by continually crawling the web
instead of through crowdsourcing, which will give HTTPS Everywhere
users more coverage for secure browsing," said Alexis Hancock, EFF
Director of Engineering and manager of HTTPS Everywhere and Certbot
web encrypting projects. "We're thrilled to be partnering with
DuckDuckGo as we see HTTPS become the default protocol on the net and
contemplate HTTPS Everywhere's future."
EFF began building and maintaining a crowd-sourced list of encrypted
HTTPS versions of websites for a free browser extension -- HTTPS
Everywhere -- which automatically takes users to them. That keeps
users' web searching, pages visited, and other private information
encrypted and safe from trackers and data thieves that try to
intercept and steal personal information in transit from their
browser. [...] DuckDuckGo, a privacy-focused search engine, also
joined the effort with Smarter Encryption to help users browse
securely by detecting unencrypted, non-secure HTTP connections to
websites and automatically upgrading them to encrypted connections.
With more domain coverage in Smarter Encryption, HTTPS Everywhere
users are provided even more protection. HTTPS Everywhere rulesets
will continue to be hosted through this year, giving our partners who
use them time to adjust. We will stop taking new requests for domains
to be added at the end of May. '
-- source: https://yro.slashdot.org/story/21/04/15/2047229
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/