• How To Install Brave Browser on Ubuntu 20.04 LTS - idroot

  In this tutorial, we will show you how to install Brave Browser on Ubuntu 20.04 LTS. For those of you who didn’t know, The brave browser is a free and open-source browser. it’s Fast, speed, security, and privacy by blocking trackers and still based on chromium so you have all the extension and features you might be looking for.

  This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of Brave Browser on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian based distribution like Linux Mint.

• How to install the Eolie web browser on Linux

  Tired of the mainstream web browser choices on Linux and looking for something modern yet elegant and fast? Check out Eolie! It’s a sleek, fancy, and minimalist web browser for the Linux platform that runs great on even PCs with meager system resources.

• How to install Steam on Ubuntu 20.10 - YouTube

  In this video, we are looking at how to install Steam on Ubuntu 20.10.

• How to Secure the SSH Server in Ubuntu 20.04 from Basic to Advanced – Linux Hint

  Just like all other servers, the SSH server is also prone to unauthorized access attempts. Therefore, whenever you wish to use an SSH server, you must have considered securing it first to save yourselves from any unwanted situation in the longer run. Generally, the term “securing a server” is also known as “hardening a server.” This can be done by taking multiple measures. These measures depend upon the level of security that you require.
  The measures of securing the SSH server range from basic to advanced, and as we said earlier, you can pick them up according to the level of security that you need. You can skip any of the prescribed measures if you have sufficient knowledge about the consequences and if you are in a good position to face them. Also, we can never say that a single step will ensure 100% security, or a certain step is better than the other.

  It all depends upon which type of security we actually need. Therefore, today we intend to give you a very deep insight into the basic and advanced steps for securing an SSH server in Ubuntu 20.04. Apart from these methods, we will also be sharing with you some additional tips for securing your SSH server as a bonus. So let us get started with today’s interesting discussion.

• How to install MetaTrader 4 on a Chromebook with Crossover 20

  Today we are looking at how to install MetaTrader 4 on a Chromebook with Crossover 20. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

• Invalid Command SSLEngine - Apache (httpd)

  I’ve been configuring Apache web server recently, it’s been a VPS installed from scratch that needed SSL certificate added.

  My primary webserver of choice is nginx, and so Apache skills are getting rusty.

We are pleased to announce the second pre-release of Xfce 4.16 (a.k.a. xfce4.16pre2), moving us closer to the final release. As you all may have noticed, we are again a bit behind the schedule, but nothing like the 4+ years it took from 4.12 to 4.14, so please hold your excitement a tad longer while we are polishing the rough edges. For now, help yourself with the latest batch of changes:

• Sebastian Kügler: Bringing light to life

  Some of you may be wondering what I have been up to lately since I took a break from my work in the KDE community. Well, it was time for a change, a change towards family, friends and a more local life. The result is a more balanced, a more grown up me. These changes in my life lead to me having a small family and a group of new friends, both of which I spend a lot of time with. They brought more light into my life, one could say.

• If you want to go far, together is faster (II).

  If you work in an environment where Continuous Delivery is the norm, those behind the execution will understand which actions have a positive correlation between throughput and stability. Your job will only be associated to link those actions with the ones you are familiar with in the community health and collaboration space. If not, you work will be harder, but still worth it.

  For our particular case, you might find for instance, that a simple measure to digest the increasing number of commits (bug fixes) can be to scale up the build capacity if you have remaining budget. You might find though that you have problems doing so when reviewing acceptance criteria because you lack automation, or that your current testing-on-hardware capacity is almost fixed due to limitations in the system that manage your test benches and additional effort to improve the situation is required.

  Establishing experiments that consider not just the collaboration side but also the software delivery one as well as translating into production those experiments that demonstrate a positive correlation of the target metrics, increasing all of them, might bring you to surprising results, sometimes far from common knowledge among those focused on collaboration aspects only, but closer to those focused in execution.

• OSI Seeks to Hire Executive Director [Ed: More evidence that the Open Source Initiative is collapsing after Microsoft took over much of it.]

  It is with great pride and excitement that I announce that OSI, as of today, is embarking on a search for an Executive Director.

  This is the culmination of many years of work and dedication on the part of countless individuals, and should be taken as a sign that OSI is maturing as an organization. We are following in the footsteps of many organizations that have come before us: nonprofits often start as a scrappy band of volunteers, which then hire staff for day-to-day operations, and eventually the staff are empowered to lead the organization.

• Transparency

  Technology must be transparent in order to be knowable. Technology must be knowable in order for us to be able to consent to it in good faith. Good faith informed consent is necessary to preserving our (digital) autonomy.

  Let’s now look at this in reverse, considering first why informed consent is necessary to our digital autonomy.

  Let’s take the concept of our digital autonomy as being one of the highest goods. It is necessary to preserve and respect the value of each individual, and the collectives we choose to form. It is a right to which we are entitled by our very nature, and a prerequisite for building the lives we want, that fulfill us. This is something that we have generally agreed on as important or even sacred. Our autonomy, in whatever form it takes, in whatever part of our life it governs, is necessary and must be protected.

  [...]

  As long as the source code that powers computing technology is proprietary and opaque, we cannot truly know whether backdoors exist and how secure we are in our digital spaces and even our own computers, phones, and other mobile devices.

• automake-1.16.3 released [stable]

  This is to announce automake-1.16.3, a stable release.
  
  There have been 62 commits by 15 people in the 35 weeks since 1.16.2.
  Special thanks to Karl Berry and Zack Weinberg for doing so much of the work.
  
  See the NEWS below for a brief summary.
  
  Thanks to everyone who has contributed!
  The following people contributed changes to this release:
  
    Akim Demaille (1)
    Colomban Wendling (1)
    Felix Yan (1)
    Issam E. Maghni (1)
    Jim Meyering (12)
    Karl Berry (23)
    Miro Hron\v{c}ok (1)
    Paul Eggert (4)
    Reuben Thomas (3)
    Robert Menteer (1)
    Robert Wanamaker (1)
    Samuel Tardieu (1)
    Samy Mahmoudi (1)
    Vincent Lefevre (1)
    Zack Weinberg (10)
  
  Jim [on behalf of the automake maintainers]
  ==================================================================
  
  Here is the GNU automake home page:
      http://gnu.org/s/automake/
  
  For a summary of changes and contributors, see:
    http://git.sv.gnu.org/gitweb/?p=automake.git;a=shortlog;h=v1.16.3
  or run this command from a git-cloned automake directory:
    git shortlog v1.16.2..v1.16.3
  
  Here are the compressed sources:
    https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.xz (1.6MB)
    https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.gz (2.3MB)
  
  Here are the GPG detached signatures[*]:
    https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.xz.sig
    https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.gz.sig
  
  Use a mirror for higher download bandwidth:
    https://www.gnu.org/order/ftp.html
  
  [*] Use a .sig file to verify that the corresponding file (without the
  .sig suffix) is intact.  First, be sure to download both the .sig file
  and the corresponding tarball.  Then, run a command like this:
  
    gpg --verify automake-1.16.3.tar.xz.sig
  
  If that command fails because you don't have the required public key,
  then run this command to import it:
  
    gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE
  
  and rerun the 'gpg --verify' command.
  
  Please report bugs and problems to <bug-automake@gnu.org>,
  and send general comments and feedback to <automake@gnu.org>.
  
  ==================================================================
  NEWS
  
  * New features added
  
    - In the testsuite summary, the "for $(PACKAGE_STRING)" suffix
      can be overridden with the AM_TESTSUITE_SUMMARY_HEADER variable.
  
  * Bugs fixed
  
    - Python 3.10 version number no longer considered to be 3.1.
  
    - Broken links in manual fixed or removed, and new script
      contrib/checklinkx (a small modification of W3C checklink) added,
      with accompany target checklinkx to recheck urls.
  
    - install-exec target depends on $(BUILT_SOURCES).
  
    - valac argument matching more precise, to avoid garbage in DIST_COMMON.
  
    - Support for Vala in VPATH builds fixed so that both freshly-generated and
      distributed C files work, and operation is more reliable with or without
      an installed valac.
  
    - Dejagnu doesn't break on directories containing spaces.
  
  * Distribution
  
    - new variable AM_DISTCHECK_DVI_TARGET, to allow overriding the
      "make dvi" that is done as part of distcheck.
  
  * Miscellaneous changes
  
    - install-sh tweaks:
      . new option -p to preserve mtime, i.e., invoke cp -p.
      . new option -S SUFFIX to attempt backup files using SUFFIX.
      . no longer unconditionally uses -f when rm is overridden by RMPROG.
      . does not chown existing directories.
  
    - Removed function up_to_date_p in lib/Automake/FileUtils.pm.
      We believe this function is completely unused.
  
    - Support for in-tree Vala libraries improved.
  
  

• TOP500 Expands Exaflops Capacity Amidst Low Turnover

  The 56th edition of the TOP500 saw the Japanese Fugaku supercomputer solidify its number one status in a list that reflects a flattening performance growth curve. Although two new systems managed to make it into the top 10, the full list recorded the smallest number of new entries since the project began in 1993.

  The entry level to the list moved up to 1.32 petaflops on the High Performance Linpack (HPL) benchmark, a small increase from 1.23 petaflops recorded in the June 2020 rankings. In a similar vein, the aggregate performance of all 500 systems grew from 2.22 exaflops in June to just 2.43 exaflops on the latest list. Likewise, average concurrency per system barely increased at all, growing from 145,363 cores six months ago to 145,465 cores in the current list.

• Daniel Silverstone: Withdrawing Gitano from support

  Unfortunately, in Debian in particular, libgit2 is undergoing a transition which is blocked by gall. Despite having had over a month to deal with this, I've not managed to summon the tuits to update Gall to the new libgit2 which means, nominally, I ought to withdraw it from testing and possibly even from unstable given that I'm not really prepared to look after Gitano and friends in Debian any longer.

• The 20 Best Scala Books For Beginner and Expert Developers

  Scala is an elevated level language that joins object-oriented and practical programming in one succinct. Certain static kinds of Scala help us dodge bugs in complex applications; moreover, its JVM, and JavaScript runtimes let us manufacture elite frameworks with simple admittance to colossal biological systems libraries. In the field of software, Scala is a very unique and multidimensional language. To learn Scala programming is not an easy job for someone new to this field, and therefore, a perfect set of Scala books is inevitably important for accurate guidance.

• Comparing a new language for tiny machines

  Upstream seemed surprised that I was writing real programs in Cowgol, so I'm led to believe I might be the only one using the language. But that's fine. Let's write a simple program in C and in Cowgol so that we can compare them. Even if you're not going to use Cowgol, comparing programming languages I find to be a fun exercise and it might help you think about your own language choices, no matter what languages you choose to use.

• Perl Weekly Challenge 87: Longest Consecutive Sequences and Largest Rectangle

  These are some answers to the Week 87 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

• macOS Leaks Application Usage, Forces Apple to Make Hard Decisions

  Last week, users of macOS noticed that attempting to open non-Apple applications while connected to the Internet resulted in long delays, if the applications opened at all. The interruptions were caused by a macOS security service attempting to reach Apple’s Online Certificate Status Protocol (OCSP) server, which had become unreachable due to internal errors. When security researchers looked into the contents of the OCSP requests, they found that these requests contained a hash of the developer’s certificate for the application that was being run, which was used by Apple in security checks.[1] The developer certificate contains a description of the individual, company, or organization which coded the application (e.g. Adobe or Tor Project), and thus leaks to Apple that an application by this developer was opened.

  Moreover, OCSP requests are not encrypted. This means that any passive listener also learns which application a macOS user is opening and when.[2] Those with this attack capability include any upstream service provider of the user; Akamai, the ISP hosting Apple’s OCSP service; or any hacker on the same network as you when you connect to, say, your local coffee shop’s WiFi. A detailed explanation can be found in this article.

• Microsoft developing ‘Pluton’ security chip for Windows

  Microsoft will work with Intel, Advanced Micro Devices Inc. and Qualcomm Inc. to help them build Pluton into their personal computer processors. Firmware updates to CPU-integrated Pluton chips will be released by Microsoft as part of Windows updates.

• Microsoft's new 'Pluton' security processor gets buy-in from Intel, AMD

  Advocates of the new security chip, known as Pluton, say it will cut off a key vector for data-stealing attacks: a communication channel between a computing system’s central processing unit (CPU) and another piece of hardware known as the trusted platform module (TPM). In one example of that type of attack, researchers from security company NCC Group in 2018 showed how an attacker could undermine the booting process for “a large number of TPM-enabled computing platforms.”

  The Pluton chip will be built into Windows computers through “future chips” made by AMD, Intel and Qualcomm, Microsoft said. It’s unclear when, exactly, all of that hardware will be on the market. Microsoft would only say that the work is ongoing.

• Apple Reduces App Store Commission for Small Businesses

  Apple has been getting hit by app developers lately for its commission policy of taking 30 percent of all purchases. It has made a change that makes it seem like it will benefit smaller businesses, but critics say it really doesn’t mean much.

• Apple spins better than Warnie as it backs down on AppStore commission

  The fact that even a company valued at US$2 trillion (A$2.7 trillion) has to sometimes heed public sentiment has been aptly illustrated by Apple announcing overnight that it would be lowering its take on apps sold from its App Store to 15% for small businesses that pull in less than a million.

• Nordea [crackers] face prison and hefty fines, court rules [iophk: Windows TCO]

  Ostrobothnia District Court on Tuesday sentenced two men to prison terms as well as fines and compensation payments after finding the pair guilty of [cracking] into Nordea Bank's computer system in an attempt to steal several million euros.

• The M1 Macs

  Apple, in its keynote last week, emphasized that the M1 MacBook Air has no fan. (Intel-based MacBook Airs most definitely do. The defunct 12-inch no-adjective MacBook was Apple’s only fanless Intel Mac.) Apple’s point there was to brag that the M1 runs so cool that a high-performance MacBook could be designed without one. Some Mac users, I think, mistakenly took this to mean that the Air had an advantage over the M1 MacBook Pro, in that the fanless Air would always run silently, if sometimes slower. I think this assumption was wrong: the M1 MacBook Pro is, to my ears, always silent as well. Whatever its active cooling system is doing, it isn’t making even a whisper of noise.

  No Intel-based laptop with vaguely comparable performance to these machines can possibly match that silence. If you care about noise, the game is already over.

• Security updates for Thursday

  Security updates have been issued by Arch Linux (chromium and firefox), CentOS (bind, curl, fence-agents, kernel, librepo, libvirt, microcode_ctl, python, python3, qt and qt5-qtbase, resource-agents, and tomcat), Debian (drupal7, firefox-esr, jupyter-notebook, packer, python3.5, and rclone), Fedora (firefox), Mageia (firefox, nss), openSUSE (gdm, kernel-firmware, and moinmoin-wiki), Oracle (net-snmp), SUSE (libzypp, zypper), and Ubuntu (c-ares).

• We can’t move forward by looking back – Open Source Security

  For the last few weeks Kurt and I have been having a lively conversation about security ratings scales. Is CVSS good enough? What about the Microsoft scale? Are there other scales we should be looking at? What’s good, what’s missing, what should we be talking about.

  There’s been a lot of back and forth and different ideas, over the course of our discussions I’ve come to realize an important aspect of security which is we don’t look forward very often. What I mean by this is there is a very strong force in the world of security to use prior art to drive our future decisions. Except all of that prior art is comically out of date in the world of today.

  An easy example are existing security standards. All of the working groups that build the standards, and ideas the working groups bring to the table, are using ideas from the past to solve problems for the future. You can argue that standards are at best a snapshot of the past, made in the present, to slow down the future. I will elaborate on that “slow down the future” line in a future blog post, for now I just want to focus on the larger problem.

  It might be easiest to use an example, I shall pick on CVSS. The vast majority of ideas and content in a standard such as CVSS is heavily influenced by what once was. If you look at how CVSS scores things, it’s clear a computer in a datacenter was in mind for many of the metrics. That was fine a decade ago, but it’s not fine anymore. Right now anyone overly familiar with CVSS is screaming “BUT CVSS DOESN’T MEASURE RISK IT MEASURES SEVERITY”, which I will say: you are technically correct, nobody cares, and nobody uses it like this. Sit down. CVSS is a perfect example of the theory being out of touch with reality.

• Linux Foundation, CNCF Launch Kubernetes Security Specialist Certification

• Christopher Davis: Glade Not Recommended

  If you are starting out with GTK development, you may have heard of a tool called Glade. Glade is a UI designer application for GTK projects, that allows you to create, modify, and preview UI files before writing code. In that sense, Glade is a very useful tool for GTK apps.

  With that said, I must implore that you do not use Glade.

  Why? Glade was built for it’s own format, before the advent of
  GtkBuilder. It does not know certain properties, does not know
  of certain features, and does not know modern GTK practices.

• Ventoy 1.0.29 - Neowin

  Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI files. With Ventoy, you don't need to format the disk over and over, you just need to copy the ISO/WIM/IMG/VHD(x)EFI files to the USB drive and boot them directly. You can copy many files at a time and ventoy will give you a boot menu to select them. Both Legacy BIOS and UEFI are supported in the same way. Most type of OS supported (Windows/WinPE/Linux/Unix/Vmware/Xen...)

• Istio 1.8 focuses on usability and upgrades

  On May 24, 2017, IBM and Google announced the launch of Istio, an open technology that enables developers to seamlessly connect, manage, and secure, and control networks of different microservices — regardless of platform, source, or vendor. The Istio 1.8 release adds new features that make Istio easier to upgrade, clearer information about maturity of each feature, better documentation, and tons of exciting experimental features.

• Announcing Istio 1.7.5

  This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.7.4 and Istio 1.7.5

• Announcing Istio 1.6.13

  This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.6.12 and Istio 1.6.13

• Chat On Telegram From libpurple-Based IM Programs (Pidgin, Etc.) Using The New tdlib-purple

  tdlib-purple is a new libpurple plugin for Telegram, considered the successor of telegram-purple. With this you can chat on Telegram from chat clients that support libpurple, like Pidgin, Finch, Bitlbee, etc. There are binaries for Linux and Microsoft Windows.

  This libpurple plugin supports most Telegram features, from basic things like sending and receiving images and documents, and receiving stickers, to 2FA login, kick users, secret chats (support for this was added recently), and more.
  As for things that are missing, tdlib-purple doesn't support video calls, renaming groups / channels, self-destruct timers, you can't delete messages, send or receive polls, you can't send stickers, and you can't interact with bots beyond plain text messages. The application also opens muted chats and doesn't allow muting chats from the interface.

• 8-MOSFET solid-state power driver works with Raspberry Pi, Arduino, ESP32 and other maker boards (Crowdfunding)

  Using inexpensive relays to switch AC or DC loads work well in most cases, but those relays will be quickly damaged when faced with high DC voltages, fast switching times, or other endurance requirements for which MOSFET’s are better suited, and that’s why MOSFET power supplies are found in 3D printers. Sequent Microsystems has made a habit to provide specialized Raspberry Pi HAT with relays or terminals for resistance temperature detectors that are stackable to supports a larger number for I/O or sensors. The company is now back at it with the 8-MOSFET stackable, DIN-rail mountable board that works not only with Raspberry Pi SBC, but also popular Arduino, ESP32, and other maker boards.

• Box86 is an x86 Emulator for Raspberry Pi and other 32-bit Arm platforms

  Last week, we wrote about Raspberry Pi 4 Vulkan project status and future plans, and one person commented they are currently trying to get dxdk to work Box86, and that CNX Software should write about the latter. Cool, but what does that mean? dxdk is an open-source Vulkan-based implementation of D3D9, D3D10, and D3D11 for Linux, and Box86 is a Linux userspace x86 emulator that works on 32-bit Arm targets like the Raspberry Pi SBC.

• Building A Dashcam With The Raspberry Pi Zero W | Linux Journal

  I've been playing around with the Raspberry Pi Zero W lately and having so much fun on the command line. For those uninitiated it's a tiny Arm computer running Raspbian, a derivative of Debian. It has a 1 GHz processor that had the ability to be overclocked and 512 MB of RAM, in addition to wireless g and bluetooth.

  [...]

  I wanted the camera and Pi Zero W mounted on the dashboard and to be removed with ease. On boot it should autostart the RamDashCam (RDC) and there should also be 4 desktop scripts dashcam.sh, startdashcam.sh, stopdashcam.sh, shutdownshutdown.sh. Also create and a folder named video on the Desktop for the older video files. I also needed a way to power the RDC when there is no power to the vehicle's usb ports. Lastly I wanted it's data accessible on the local LAN when the vehicle is at home.

• Raspberry Pi vs Jetson Nano: The Differences in 2020

• Defeat evil with a Raspberry Pi foam-firing spy camera

• Best Raspberry Pi Cluster Case [Ed: The link there is spammy]

 

• AMDVLK 2020.Q4.5 Vulkan Driver Brings Radeon RX 6000 Series Support

  While it was just two days ago that AMDVLK 2020.Q4.4 was released, AMD has made good on their word to provide punctual AMDVLK open-source Vulkan driver support for their new RDNA 2 "Big Navi" graphics cards and that has resulted in a new AMDVLK release. 

  

• Xilinx Publishes An Open-Source AI Engine Kernel Driver For Linux - Phoronix

  In addition to AMD and Xilinx bringing ROCm to FPGAs, another interesting open-source/Linux milestone for the company being acquired by AMD is their publishing of the AI Engine open-source kernel driver with ambitions for upstreaming it. 

  This is a Linux kernel driver for supporting the Xilinx AI Engine, the acceleration engine providing high compute density for vector-based algorithms. The AI engine allows for custom compute and data movement and can interface with the FPGA fabric. 

  

  

• Linux Support Published For Intel's "Maple Ridge" Thunderbolt Controller - Phoronix

  Announced during the summer was Intel's Maple Ridge controller in the form of the Intel JHL8540 / JHL8340 chips as their first discrete Thunderbolt / USB4 controllers. Linux support for the Intel Maple Ridge controller is now on the way. 

• Radeon RX 6800 "Sienna Cichlid" Firmware Added To Linux-Firmware.Git

  The last piece of the puzzle to the open-source AMD Radeon RX 6800 / RX 6800 XT driver support is now upstream in its respective location.

  The Sienna Cichlid firmware binaries were just merged into linux-firmware.git, the repository where all of the firmware files for hardware devices on Linux are collected and in turn packaged up by the various Linux distribution vendors for shipping as part of their platforms.

  As with prior generations, the Sienna Cichlid firmware is necessary for any level of open-source driver support. Up until now these blobs were not public and for those yesterday wanting launch-day support or in our pre-release testing meant first extracting the firmware files from the Radeon Software for Linux 20.45 package. Or I have also heard of AMD distributing the firmware updates privately and directly to some software distribution partners for updating their packages in a timely manner as well.

• Mesa 20.3-RC2 Released With ACO Fixes, More Intel Updates - Phoronix

  The second release candidate of Mesa 20.3 is now available for testing ahead of its likely stable debut in early December.

  Mesa 20.3 has many new features and improvements as this Q4'2020 feature update while Mesa 21.0-devel is already the version in development on Mesa Git.

• mesa 20.3.0-rc2

  Hi List,
  
  It's that time again. Mesa 20.3.0-rc2 is now available for your
  testing enjoyment. Everything is looking pretty normal commit-wise in
  this release.
  
  Dylan
  

• This Week in Rust 365

• This Week in Glean: Fantastic Facts and where to find them

  We have been working on Glean for a few years now, starting with an SDK with Android support and increasing our SDK platform coverage by implementing our core in Rust and providing language bindings for other platforms, well beyond the mobile space.

  Before our next major leaps (FOG, Glean.js), we wanted to understand what our internal consumers thought of Glean: what challenges are they facing? Are we serving them well?

• Mozilla DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR) Comment Period: Help us enhance security and privacy online

  For a number of years now, we have been working hard to update and secure one of the oldest parts of the Internet, the Domain Name System (DNS). We passed a key milestone in that endeavor earlier this year, when we rolled out the technical solution for privacy and security in the DNS – DNS-over-HTTPS (DoH) – to Firefox users in the United States. Given the transformative nature of this technology and our mission commitment to transparency and collaboration, we have consistently sought to implement DoH thoughtfully and inclusively. Therefore, as we explore how to bring the benefits of DoH to Firefox users in different regions of the world, we’re today launching a comment period to help inform our plans.

• New Release: Tor Browser 10.5a4

  Tor Browser 10.5a4 is now available from the Tor Browser Alpha download page and also from our distribution directory.

  Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release for desktop or Android instead.

• Firefox Nightly: These Weeks in Firefox: Issue 83

  Started investigation into making BrowserNotification look more part of chrome to eventually use as a UI for remote messages (in addition to CFR and what’s new, etc)

• How to use Ansible to configure Vim | Enable Sysadmin

  Using this playbook, you can quickly deploy and update your Vim configuration using Infrastructure as Code principles.

• Finding common ground through open source and conversation

  As Mark Twain once said, "let us make a special effort to stop communicating with each other, so we can have some conversation." We are bombarded with communications all day, from social media and video chats to advertisements and the news. But how much of that communication do you walk away from feeling rejuvenated or inspired?

  For the last five years, Red Hat has produced documentary films as part of our Open Source Stories series, covering education, healthcare, agriculture, the arts, citizen science, sustainability, and more. We’ve delved into stories about how open source can create meaningful change. Open Source Stories began as a conversation so it’s only fitting that in its latest evolution we’re focused on just that, conversation.

  Launching today, "Common Connections," is a series of conversations between makers featured in our films that have never met before. Scholars, CEOs, educators, and engineers will come together to find the common threads in their work, explore the potential for future open source innovation and build unexpected connections.

• What’s new in the world of ChRIS?

  In the spring of 2018, Red Hat, together with the Massachusetts Open Cloud (MOC) and the Fetal-Neonatal Neuroimaging and Developmental Science Center (FNNDSC) at Boston Children’s Hospital, announced a collaboration to further develop and deploy the ChRIS Research Integration System. ChRIS was originally developed by the FNNDSC’s Advanced Computing Group to bring sophisticated (but often complex and hard-to-use) medical imaging, such as MRI and CT scans, analysis into the front lines to better inform clinical care. It is built on Red Hat OpenShift and Red Hat OpenStack. ChRIS has since evolved into a powerful general purpose, open source distributed data and computation platform.

• A guide to security technologies in Red Hat Enterprise Linux

  Red Hat has a long history of adopting and creating security technologies to harden our core platforms, such as Red Hat Enterprise Linux (RHEL). When other platforms or layered products are used with RHEL, they inherit many of these protections due to that foundation.

• Smart Talks podcast: how can you address racial injustice with technology? [Ed: The company that helped purge races wants “Inclusive Naming Initiative”]

  A person who grew up in the tree-lined suburbs of Los Angeles may not know what it’s like to grow up in the Projects of Compton. An impassioned politician speaking on the topic of armed forces may not know what it’s like to board a military transport aircraft and be deployed to an area of deadly violence. In order to better understand experiences you have not lived through, you first need to start listening to those who have.

• IBM, Red Hat, VMware & Others Form The Inclusive Naming Initiative

  The Inclusive Naming Initiative has been formed by various industry players to make "consistent, responsible choices to remove harmful language" from software.

• Common Connections: Creating the Classroom

• REST API and OpenAPI: It’s Not an Either/Or Question

• Setting Up Amavis and ClamAV on CentOS 8/RHEL 8 Mail Server

  This tutorial shows you how to use Amavis and ClamAV to scan viruses in email messages. Amavis (A Mail Virus Scanner) is a high-performance interface between a message transfer agent (MTA) such as Postfix and content filters.

• How To Install VNC Server on Ubuntu 20.04 – TecAdmin

  VNC stands for “Virtual Network Computing” is a sharing system or set of protocols for sharing desktop. There are many software available to access Linux based desktop remotely including, TigerVNC, TightVNC, Vino, vnc4server and more.

  TigerVNC is a free, open-source and high-performance VNC server used to control or access Linux based desktop remotely. It is a client/server application that allows you to interact with graphical applications on remote machines.

  In this tutorial, we will show you how to install and configure VNC server on Ubuntu 20.04.

• Centos 8 install and get started with MariaDB – Linux Hint

  MariaDB is a backward-compatible open and free-source database management framework that widely works as a binary drop-in MySQL substitution. It is an Oracle MySQL service community based and built branch. It has several threads and is a multi-user SQL database server. It was designed by the several initial creators of MySQL and by other members of the community. MariaDB is the recommended distribution if you are curious about MySQL vs. MariaDB. It should also function smoothly in the replacement of MySQL.

• CentOS 8 add user and group – Linux Hint

  Linux is a multiple user operating system. Multiple users and groups can share resources simultaneously while working on Linux Operating systems. In multiple command-line and GUI apps, each user may have different authorization levels and unique settings. Fortunately, if you are administering a Linux server, you will need to add users and groups. It could be troublesome for you to add users and groups without familiarity.
  This article would clarify how to add users and groups on CentOS 8 Linux distribution by using the command line.

• How to use mtr traceroute Command on CentOS 8

  MTR is known as Matt’s traceroute. It is a simple and cross-platform utility for network diagnostic that is used for most of the command-line systems.

• Installing and Using LastPass on Linux – Linux Hint

  Because security is such a huge concern, it is important to implement procedures that can keep your data secure. In this article, we will discuss password managers, which can be employed to keep your data secure, and we will show you how to install and use the LastPass password manager.

• Automate your tasks with this Ansible cheat sheet | Opensource.com

  Ansible is one of the primary tools in the world of automation and orchestration because of its broad usefulness and flexibility. However, those same traits are the very reason it can be difficult to get started with Ansible. It isn't a graphical application, and yet it also isn't a scripting or programming language. But like a programming language, the answer to the common question of "what can I do with it?" is "everything," which makes it difficult to know where to begin doing anything.

  Here's how I view Ansible: It's an "engine" that uses other people's modules to accomplish complex tasks you describe in a special "pseudo-code" text format called YAML.

• Transitioning from Docker to Podman

  Podman is an excellent alternative to Docker containers when you need increased security, unique identifier (UID) separation using namespaces, and integration with systemd. In this article, I use real-world examples to show you how to install Podman, use its basic commands, and transition from the Docker command-line interface (CLI) to Podman. You’ll also see how to run an existing image with Podman and how to set up port forwarding.

• Making an AppImage in Nitrux

  AppImages are the focus of our Linux distribution. We already include several AppImage-related tools that improve their user experience in our distribution, from desktop integration to sandboxing and management. Also, we include one conversely important AppImage by default, Wine (see Using Wine in Nitrux).

  In today’s tutorial, we will make an AppImage file using a tool called appimage-builder. appimage-builder makes it very easy to create AppImages of your favorite applications. appimage-builder works by using files called recipes; these are simple text files in the YML format that contain the information from which appimage-builder will make our AppImage.

  One of the main features of appimage-builder is building an AppImage from existing, pre-compiled traditional packages like Debian packages, RPM packages, etc. Currently, only Debian packages are supported; however, more package managers will be supported in the future, such as Pacman.

• Review: The Polaris 15 Linux gaming laptop from Tuxedo Computers

• BSD Now 377: Firewall ban-sharing

  History of FreeBD: BSDi and USL Lawsuits, Building a Website on Google Compute Engine, Firewall ban-sharing across machines, OpenVPN as default gateway on OpenBSD, Sorting out what the Single Unix Specification is, Switching from Apple to a Thinkpad for development, and more

• Buku: Take Your Bookmarks Everywhere You Go - YouTube

  I've had my bookmarks seperated from my web browser for quite a long time now but my bookmark manager is an absolute hack, however Buku takes that same idea and implements well, I highly suggest checking this one out.

• The Linux Link Tech Show Episode 881

  digital audio workstation, building a keyboard, star wars, other good things.

• S13E35 – Opposing mirrors | Ubuntu Podcast

  This week we’ve been shapening knives and revisting Morrowind. We round up new from the Ubuntu community and discuss our favourite picks from the tech news.

  It’s Season 13 Episode 35 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

• Feedback: UIs, Mac pains, hardware, teaching and octal

  It's time for more reader feedback, and some responses.

• How to Install Ruby on Debian 10 Linux - Linux Concept

  Nowadays, Ruby is the most popular language, especially for SaaS application development. It has a perfect and elegant syntax structure, and it is the language behind the ultimate robust framework known as Ruby on Rails.

  In this tutorial, we will explain the three different processes to install Ruby on Debian 10 machine.

• How to SSH into a Docker Container [Two Ways]

  You can easily enter docker container but if you want to access it via SSH directly, here's how to configure SSH access to a container.

• How to Use hexdump Command in Linux? – Linux Hint

  Hexdump is a powerful tool in Linux systems that are mostly used by developers and app debuggers. It can convert input files and data into a pleasant and readable format.
  Here’s a real-life example where hexdump may be helpful. If you’re working with binary data, this will be very difficult to understand. For ease, you can quickly turn the binary data into hexadecimal or decimal.

  In this guide, check out how to use hexdump command in Linux.

• How to handle a Linux kernel panic | Enable Sysadmin

  Here is a collection of resources to help you deal with kernel panic events.

• How to Install Rocket.Chat Server with Nginx on Ubuntu 20.04

  Rocket.Chat is a web-based chat application written in JavaScript, using the Meteor full-stack framework. It is an open-source chat collaboration platform that allows you to communicate securely in real-time across multiple devices. It is self-hosted and supports voice and video chat, video conferencing, file sharing and many more. It has client application available for all platforms including, Windows, macOS, Linux, Android and iOS.
  In this tutorial, we will show you how to install Rocket.Chat on Ubuntu 20.04 server.

• How to Increase VirualBox Disk Size [Linux & Windows]

  Running out of space on your virtual machine? Here's step by step tutorial to show you how to increase the disk size for VMs created in VirtualBox.

• How to setup and use backups in Zorin OS

  In this beginner tutorial I will discuss how to setup and use backups in Zorin OS.

• How to install the SonarQube code quality analyzer on Ubuntu Server 20.04 - TechRepublic

  Looking for a way to analyze your code to find issues and vulnerabilities? If so, Jack Wallen thinks SonarQube is exactly what you need. Learn how to install this tool.

• How do I set SELinux to Permissive Mode? – Linux Hint

  SELinux or Security-Enhanced Linux, i.e., the security mechanism of the Linux-based systems operates on Mandatory Access Control (MAC) by default. To implement this access control model, SELinux makes use of a security policy in which all the rules regarding access control are explicitly stated. Based on these rules, SELinux take decisions regarding granting or denying access of any object to a user.
  In today’s article, we would like to share with you the methods of setting SELinux to the “Permissive” mode after walking you through its important details.

• How To Install Wireshark on CentOS 8 - idroot

  In this tutorial, we will show you how to install Wireshark on CentOS 8. For those of you who didn’t know, Wireshark is a free and open-source network protocol analyzer. With Wireshark, you can capture incoming and outgoing packets of a network in real-time and use it for network troubleshooting, packet analysis, software and communication protocol development, and many more.

  This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of the Wireshark network analyzer on CentOS 8.

• Real-time grand strategy game Realpolitiks II will be coming to Linux

  Jujubee S.A. and 1C Entertainment recently released Realpolitiks II into Early Access, and they've confirmed their plans to support Linux with it.

  This modern-day real-time grand strategy game has you assume office of any contemporary country in the world and lead it towards the new century as the shining example of democracy and liberty, or create your own totalitarian dystopia and wage war against all your enemies.

  [...]

  The first game was also on Linux so it will be great to see the series continue to be officially supported by the developer.

  

• Godot Engine 3.2.4 gets a second Beta with lots of improvements | GamingOnLinux

  Godot Engine continues seeing upgrades to the current 3.x series while the work is ongoing to bring Vulkan support the upcoming Godot 4.0. The second Beta of Godot Engine 3.2.4 is out now.

  This has quickly become the most advanced and fully featured free and open source game engine around, and their work on it continues to be seriously impressive.

• Fraymakers aims to be the ultimate customizable Smash-like platform fighting game | GamingOnLinux

  Fraymakers is a brand new platform fighter coming from McLeodGaming, the creators of Super Smash Flash 2 which is the most popular Smash Bros. fan-game on PC.

  What sounds like it really could end up being the ultimate platform fighter, Fraymakers will feature over 80 high-resolution custom animations per character as they've "spared no detail or expense". They're also releasing it alongside FrayTools, their custom tool they're using to build all parts of the game as they want it to be highly customizable. It's also going to have an all-star cast, as they've teamed up with several other developers to include some well known characters.

• Revolution simulator Mesmer is out now from the developer of Teslagrad | GamingOnLinux

  Rain Games, creator of Teslagrad and World to the West recently released a new title called Mesmer, which is a unique social survival game where 'every encounter matters' they say.

• X4: Foundations gets a 4.0 Beta with the 'biggest free update so far' | GamingOnLinux

  Egosoft are continuing to expand their absolutely massive space simulator X4: Foundations, with a Beta now available for the free 4.0 update that will release properly early in 2021.

  It's an absolutely massive update both in terms of features and technical overhauls, so they're quite right to say that it's the "biggest free update so far" and shows just how committed they are as a studio to make X4 the best in the series.

  This update will bring in at least one major graphical upgrade with volumetric fog, although they said there will be several other wide-ranging visual improvements. The way they've implemented it sounds great too, and it sure does look good with soft layers of fog throughout space that will interact with light directly too. When you think about fog, it's not exactly sounding exciting but for a space game it really can liven things up.

 

• Cyberpunk 2.5D adventure Encodya releases on January 26, 2021 - plus new trailer is up | GamingOnLinux

  After a successful crowdfunding campaign back in September 2019, Chaosmonger Studio have announced that their cyberpunk point and click adventure Encodya will release on January 26, 2021. In an announcement done by their publisher Assemble Entertainment, they confirmed the release date will include Linux, macOS and Windows at the same time across the GOG and Steam stores.

  Encodya follows a nine-year-old orphan and her clumsy robot guardian. Set in the year 2062, with parts of it inspired by Blade Runner, Studio Ghibli and Monkey Island it's looking pretty great.

  "One day, the little girl discovers that her father left her an important mission: to finish his plan to save the world from grayness! Tina and SAM embark on an incredible adventure across different realities full of bizarre robotic creatures and grotesque human beings. Through puzzles and exciting dialogues, they’ll find out the true meaning of being alive."

Besides working on the Ubuntu Touch mobile OS, which was discontinued by Canonical a few years ago, UBports Foundation also works on other cool things to make it easier for users to migrate to a Linux phone from Android or iOS.

One of these is the UBports Installer or the official Ubuntu Touch Installer, which lets you install Ubuntu Touch on any of the supported devices without minimal effort. The best part is that you don’t even need Linux to use the Ubuntu Touch Installer since it works on macOS and Windows computers too.

• Inside the EPO During Corona: Sending Staff Home to Justify Cutting Their Benefits and Maybe Even Key Allowances
• Inside the EPO During Corona: Acting Chairperson of the Central Staff Committee of the EPO Suggests Involving Staff Representatives in Corona Task Force
• Inside the EPO During Corona: There's No Rule of Law Anymore and That Takes Its Toll on 'Low-Level' Staff
• Nettle and Sequioa for Encryption (as GnuPG Alternative)
• IRC Proceedings: Wednesday, November 18, 2020
• Techrights in an Age of Repeated Lockdowns Reality
• Dolby Patents Are Being Used in Patent-Trolling Activity Against GNU/Linux, But Dolby is Said to Be a GPL Violator
• Links 19/11/2020: Kali Linux 2020.4 and Regolith 1.5 Released
• Organisations Are/n't the Problem
• Links 18/11/2020: NASA and GNU/Linux, Fedora KDE Plasma Spin for 64-bit ARM

CentOS Linux developer and maintainer Johnny Hughes announced today the availability of a new version of the microcode_ctl package that provides Intel CPU microcode updates in the CentOS Linux 7 release to address recent security vulnerabilities.

Being derived from the sources of Red Hat Enterprise Linux, CentOS Linux gets its updates from the upstream repositories. Now, you’re probably already aware of the recently discovered security vulnerabilities affecting some Intel processors, so you’re wondering when the patches will land in CentOS Linux 7. Well, the time is now!

• Google Fixes One of the Most Awkward (Yet Funny) Android Auto Bugs

• Google Pay Redesigned on Android and iOS

• Google is rolling out end-to-end encryption for RCS in Android Messages beta

• An Android Tablet in a Custom Dash Is How You Forget the Android Auto Nightmare

• Android chat app with 100 million installs exposes private messages

• Android's secret voice control superpowers

I'm announcing the release of the 5.9.9 kernel.

All users of the 5.9 kernel series must upgrade.

The updated 5.9.y git tree can be found at:
	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.9.y
and can be browsed at the normal kernel.org git web browser:
	https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

thanks,

greg k-h

Also: Linux 5.4.78

Linux 4.19.158

Linux 4.14.207

Linux 4.9.244

Linux 4.4.244

Arch Linux is one of the most popular Linux distributions that’s made a name for itself for its customizability and software repositories that are replete with bleeding edge software. Arch adheres to a rolling release model, which means you can install it once and keep updating it till eternity.

For all its advantages, Arch remains one of the most cumbersome distros to configure and install. In fact, even though the installation process is one of the best documented ones, it’s elaborate and involved enough to scare away everyone except hardcore geeks.