Init system and system/service manager for Linux systems
POPULARITY
Can't get enough Linux? How about multiple kernels running simultaneously, side by side, not in a VM, all on the same hardware; this week it's finally looking real.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:
Katia, Emmanuel et Guillaume discutent Java, Kotlin, Quarkus, Hibernate, Spring Boot 4, intelligence artificielle (modèles Nano Banana, VO3, frameworks agentiques, embedding). On discute les vulnerabilités OWASP pour les LLMs, les personalités de codage des différents modèles, Podman vs Docker, comment moderniser des projets legacy. Mais surtout on a passé du temps sur les présentations de Luc Julia et les différents contre points qui ont fait le buzz sur les réseaux. Enregistré le 12 septembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-330.mp3 ou en vidéo sur YouTube. News Langages Dans cette vidéo, José détaille les nouveautés de Java entre Java 21 et 25 https://inside.java/2025/08/31/roadto25-java-language/ Aperçu des nouveautés du JDK 25 : Introduction des nouvelles fonctionnalités du langage Java et des changements à venir [00:02]. Programmation orientée données et Pattern Matching [00:43] : Évolution du “pattern matching” pour la déconstruction des “records” [01:22]. Utilisation des “sealed types” dans les expressions switch pour améliorer la lisibilité et la robustesse du code [01:47]. Introduction des “unnamed patterns” (_) pour indiquer qu'une variable n'est pas utilisée [04:47]. Support des types primitifs dans instanceof et switch (en preview) [14:02]. Conception d'applications Java [00:52] : Simplification de la méthode main [21:31]. Exécution directe des fichiers .java sans compilation explicite [22:46]. Amélioration des mécanismes d'importation [23:41]. Utilisation de la syntaxe Markdown dans la Javadoc [27:46]. Immuabilité et valeurs nulles [01:08] : Problème d'observation de champs final à null pendant la construction d'un objet [28:44]. JEP 513 pour contrôler l'appel à super() et restreindre l'usage de this dans les constructeurs [33:29]. JDK 25 sort le 16 septembre https://openjdk.org/projects/jdk/25/ Scoped Values (JEP 505) - alternative plus efficace aux ThreadLocal pour partager des données immutables entre threads Structured Concurrency (JEP 506) - traiter des groupes de tâches concurrentes comme une seule unité de travail, simplifiant la gestion des threads Compact Object Headers (JEP 519) - Fonctionnalité finale qui réduit de 50% la taille des en-têtes d'objets (de 128 à 64 bits), économisant jusqu'à 22% de mémoire heap Flexible Constructor Bodies (JEP 513) - Relaxation des restrictions sur les constructeurs, permettant du code avant l'appel super() ou this() Module Import Declarations (JEP 511) - Import simplifié permettant d'importer tous les éléments publics d'un module en une seule déclaration Compact Source Files (JEP 512) - Simplification des programmes Java basiques avec des méthodes main d'instance sans classe wrapper obligatoire Primitive Types in Patterns (JEP 455) - Troisième preview étendant le pattern matching et instanceof aux types primitifs dans switch et instanceof Generational Shenandoah (JEP 521) - Le garbage collector Shenandoah passe en mode générationnel pour de meilleures performances JFR Method Timing & Tracing (JEP 520) - Nouvel outillage de profilage pour mesurer le temps d'exécution et tracer les appels de méthodes Key Derivation API (JEP 510) - API finale pour les fonctions de dérivation de clés cryptographiques, remplaçant les implémentations tierces Améliorations du traitement des annotations dans Kotlin 2.2 https://blog.jetbrains.com/idea/2025/09/improved-annotation-handling-in-kotlin-2-2-less-boilerplate-fewer-surprises/ Avant Kotlin 2.2, les annotations sur les paramètres de constructeur n'étaient appliquées qu'au paramètre, pas à la propriété ou au champ Cela causait des bugs subtils avec Spring et JPA où la validation ne fonctionnait qu'à la création d'objet, pas lors des mises à jour La solution précédente nécessitait d'utiliser explicitement @field: pour chaque annotation, créant du code verbeux Kotlin 2.2 introduit un nouveau comportement par défaut qui applique les annotations aux paramètres ET aux propriétés/champs automatiquement Le code devient plus propre sans avoir besoin de syntaxe @field: répétitive Pour l'activer, ajouter -Xannotation-default-target=param-property dans les options du compilateur Gradle IntelliJ IDEA propose un quick-fix pour activer ce comportement à l'échelle du projet Cette amélioration rend l'intégration Kotlin plus fluide avec les frameworks majeurs comme Spring et JPA Le comportement peut être configuré pour garder l'ancien mode ou activer un mode transitoire avec avertissements Cette mise à jour fait partie d'une initiative plus large pour améliorer l'expérience Kotlin + Spring Librairies Sortie de Quarkus 3.26 avec mises à jour d'Hibernate et autres fonctionnalités - https://quarkus.io/blog/quarkus-3-26-released/ mettez à jour vers la 3.26.x car il y a eu une regression vert.x Jalon important vers la version LTS 3.27 prévue fin septembre, basée sur cette version Mise à jour vers Hibernate ORM 7.1, Hibernate Search 8.1 et Hibernate Reactive 3.1 Support des unités de persistance nommées et sources de données dans Hibernate Reactive Démarrage hors ligne et configuration de dialecte pour Hibernate ORM même si la base n'est pas accessible Refonte de la console HQL dans Dev UI avec fonctionnalité Hibernate Assistant intégrée Exposition des capacités Dev UI comme fonctions MCP pour pilotage via outils IA Rafraîchissement automatique des tokens OIDC en cas de réponse 401 des clients REST Extension JFR pour capturer les données runtime (nom app, version, extensions actives) Bump de Gradle vers la version 9.0 par défaut, suppression du support des classes config legacy Guide de démarrage avec Quarkus et A2A Java SDK 0.3.0 (pour faire discuter des agents IA avec la dernière version du protocole A2A) https://quarkus.io/blog/quarkus-a2a-java-0-3-0-alpha-release/ Sortie de l'A2A Java SDK 0.3.0.Alpha1, aligné avec la spécification A2A v0.3.0. Protocole A2A : standard ouvert (Linux Foundation), permet la communication inter-agents IA polyglottes. Version 0.3.0 plus stable, introduit le support gRPC. Mises à jour générales : changements significatifs, expérience utilisateur améliorée (côté client et serveur). Agents serveur A2A : Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Implémentations basées sur Quarkus (alternatives Jakarta existent). Dépendances spécifiques pour chaque transport (ex: a2a-java-sdk-reference-jsonrpc, a2a-java-sdk-reference-grpc). AgentCard : décrit les capacités de l'agent. Doit spécifier le point d'accès primaire et tous les transports supportés (additionalInterfaces). Clients A2A : Dépendance principale : a2a-java-sdk-client. Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Dépendance spécifique pour gRPC : a2a-java-sdk-client-transport-grpc. Création de client : via ClientBuilder. Sélectionne automatiquement le transport selon l'AgentCard et la configuration client. Permet de spécifier les transports supportés par le client (withTransport). Comment générer et éditer des images en Java avec Nano Banana, le “photoshop killer” de Google https://glaforge.dev/posts/2025/09/09/calling-nano-banana-from-java/ Objectif : Intégrer le modèle Nano Banana (Gemini 2.5 Flash Image preview) dans des applications Java. SDK utilisé : GenAI Java SDK de Google. Compatibilité : Supporté par ADK for Java ; pas encore par LangChain4j (limitation de multimodalité de sortie). Capacités de Nano Banana : Créer de nouvelles images. Modifier des images existantes. Assembler plusieurs images. Mise en œuvre Java : Quelle dépendance utiliser Comment s'authentifier Comment configurer le modèle Nature du modèle : Nano Banana est un modèle de chat qui peut retourner du texte et une image (pas simplement juste un modèle générateur d'image) Exemples d'utilisation : Création : Via un simple prompt textuel. Modification : En passant l'image existante (tableau de bytes) et les instructions de modification (prompt). Assemblage : En passant plusieurs images (en bytes) et les instructions d'intégration (prompt). Message clé : Toutes ces fonctionnalités sont accessibles en Java, sans nécessiter Python. Générer des vidéos IA avec le modèle Veo 3, mais en Java ! https://glaforge.dev/posts/2025/09/10/generating-videos-in-java-with-veo3/ Génération de vidéos en Java avec Veo 3 (via le GenAI Java SDK de Google). Veo 3: Annoncé comme GA, prix réduits, support du format 9:16, résolution jusqu'à 1080p. Création de vidéos : À partir d'une invite textuelle (prompt). À partir d'une image existante. Deux versions différentes du modèle : veo-3.0-generate-001 (qualité supérieure, plus coûteux, plus lent). veo-3.0-fast-generate-001 (qualité inférieure, moins coûteux, mais plus rapide). Rod Johnson sur ecrire des aplication agentic en Java plus facilement qu'en python avec Embabel https://medium.com/@springrod/you-can-build-better-ai-agents-in-java-than-python-868eaf008493 Rod the papa de Spring réécrit un exemple CrewAI (Python) qui génère un livre en utilisant Embabel (Java) pour démontrer la supériorité de Java L'application utilise plusieurs agents AI spécialisés : un chercheur, un planificateur de livre et des rédacteurs de chapitres Le processus suit trois étapes : recherche du sujet, création du plan, rédaction parallèle des chapitres puis assemblage CrewAI souffre de plusieurs problèmes : configuration lourde, manque de type safety, utilisation de clés magiques dans les prompts La version Embabel nécessite moins de code Java que l'original Python et moins de fichiers de configuration YAML Embabel apporte la type safety complète, éliminant les erreurs de frappe dans les prompts et améliorant l'outillage IDE La gestion de la concurrence est mieux contrôlée en Java pour éviter les limites de débit des APIs LLM L'intégration avec Spring permet une configuration externe simple des modèles LLM et hyperparamètres Le planificateur Embabel détermine automatiquement l'ordre d'exécution des actions basé sur leurs types requis L'argument principal : l'écosystème JVM offre un meilleur modèle de programmation et accès à la logique métier existante que Python Il y a pas mal de nouveaux framework agentic en Java, notamment le dernier LAngchain4j Agentic Spring lance un serie de blog posts sur les nouveautés de Spring Boot 4 https://spring.io/blog/2025/09/02/road_to_ga_introduction baseline JDK 17 mais rebase sur Jakarta 11 Kotlin 2, Jackson 3 et JUnit 6 Fonctionnalités de résilience principales de Spring : @ConcurrencyLimit, @Retryable, RetryTemplate Versioning d'API dans Spring Améliorations du client de service HTTP L'état des clients HTTP dans Spring Introduction du support Jackson 3 dans Spring Consommateur partagé - les queues Kafka dans Spring Kafka Modularisation de Spring Boot Autorisation progressive dans Spring Security Spring gRPC - un nouveau module Spring Boot Applications null-safe avec Spring Boot 4 OpenTelemetry avec Spring Boot Repos Ahead of Time (Partie 2) Web Faire de la recherche sémantique directement dans le navigateur en local, avec EmbeddingGemma et Transformers.js https://glaforge.dev/posts/2025/09/08/in-browser-semantic-search-with-embeddinggemma/ EmbeddingGemma: Nouveau modèle d'embedding (308M paramètres) de Google DeepMind. Objectif: Permettre la recherche sémantique directement dans le navigateur. Avantages clés de l'IA côté client: Confidentialité: Aucune donnée envoyée à un serveur. Coûts réduits: Pas besoin de serveurs coûteux (GPU), hébergement statique. Faible latence: Traitement instantané sans allers-retours réseau. Fonctionnement hors ligne: Possible après le chargement initial du modèle. Technologie principale: Modèle: EmbeddingGemma (petit, performant, multilingue, support MRL pour réduire la taille des vecteurs). Moteur d'inférence: Transformers.js de HuggingFace (exécute les modèles AI en JavaScript dans le navigateur). Déploiement: Site statique avec Vite/React/Tailwind CSS, déployé sur Firebase Hosting via GitHub Actions. Gestion du modèle: Fichiers du modèle trop lourds pour Git; téléchargés depuis HuggingFace Hub pendant le CI/CD. Fonctionnement de l'app: Charge le modèle, génère des embeddings pour requêtes/documents, calcule la similarité sémantique. Conclusion: Démonstration d'une recherche sémantique privée, économique et sans serveur, soulignant le potentiel de l'IA embarquée dans le navigateur. Data et Intelligence Artificielle Docker lance Cagent, une sorte de framework multi-agent IA utilisant des LLMs externes, des modèles de Docker Model Runner, avec le Docker MCP Tookit. Il propose un format YAML pour décrire les agents d'un système multi-agents. https://github.com/docker/cagent des agents “prompt driven” (pas de code) et une structure pour decrire comment ils sont deployés pas clair comment ils sont appelés a part dans la ligne de commande de cagent fait par david gageot L'owasp décrit l'independance excessive des LLM comme une vulnerabilité https://genai.owasp.org/llmrisk2023-24/llm08-excessive-agency/ L'agence excessive désigne la vulnérabilité qui permet aux systèmes LLM d'effectuer des actions dommageables via des sorties inattendues ou ambiguës. Elle résulte de trois causes principales : fonctionnalités excessives, permissions excessives ou autonomie excessive des agents LLM. Les fonctionnalités excessives incluent l'accès à des plugins qui offrent plus de capacités que nécessaire, comme un plugin de lecture qui peut aussi modifier ou supprimer. Les permissions excessives se manifestent quand un plugin accède aux systèmes avec des droits trop élevés, par exemple un accès en lecture qui inclut aussi l'écriture. L'autonomie excessive survient quand le système effectue des actions critiques sans validation humaine préalable. Un scénario d'attaque typique : un assistant personnel avec accès email peut être manipulé par injection de prompt pour envoyer du spam via la boîte de l'utilisateur. La prévention implique de limiter strictement les plugins aux fonctions minimales nécessaires pour l'opération prévue. Il faut éviter les fonctions ouvertes comme “exécuter une commande shell” au profit d'outils plus granulaires et spécifiques. L'application du principe de moindre privilège est cruciale : chaque plugin doit avoir uniquement les permissions minimales requises. Le contrôle humain dans la boucle reste essentiel pour valider les actions à fort impact avant leur exécution. Lancement du MCP registry, une sorte de méta-annuaire officiel pour référencer les serveurs MCP https://www.marktechpost.com/2025/09/09/mcp-team-launches-the-preview-version-of-the-mcp-registry-a-federated-discovery-layer-for-enterprise-ai/ MCP Registry : Couche de découverte fédérée pour l'IA d'entreprise. Fonctionne comme le DNS pour le contexte de l'IA, permettant la découverte de serveurs MCP publics ou privés. Modèle fédéré : Évite les risques de sécurité et de conformité d'un registre monolithique. Permet des sous-registres privés tout en conservant une source de vérité “upstream”. Avantages entreprises : Découverte interne sécurisée. Gouvernance centralisée des serveurs externes. Réduction de la prolifération des contextes. Support pour les agents IA hybrides (données privées/publiques). Projet open source, actuellement en version preview. Blog post officiel : https://blog.modelcontextprotocol.io/posts/2025-09-08-mcp-registry-preview/ Exploration des internals du transaction log SQL Server https://debezium.io/blog/2025/09/08/sqlserver-tx-log/ C'est un article pour les rugeux qui veulent savoir comment SQLServer marche à l'interieur Debezium utilise actuellement les change tables de SQL Server CDC en polling périodique L'article explore la possibilité de parser directement le transaction log pour améliorer les performances Le transaction log est divisé en Virtual Log Files (VLFs) utilisés de manière circulaire Chaque VLF contient des blocs (512B à 60KB) qui contiennent les records de transactions Chaque record a un Log Sequence Number (LSN) unique pour l'identifier précisément Les données sont stockées dans des pages de 8KB avec header de 96 bytes et offset array Les tables sont organisées en partitions et allocation units pour gérer l'espace disque L'utilitaire DBCC permet d'explorer la structure interne des pages et leur contenu Cette compréhension pose les bases pour parser programmatiquement le transaction log dans un prochain article Outillage Les personalités des codeurs des différents LLMs https://www.sonarsource.com/blog/the-coding-personalities-of-leading-llms-gpt-5-update/ GPT-5 minimal ne détrône pas Claude Sonnet 4 comme leader en performance fonctionnelle malgré ses 75% de réussite GPT-5 génère un code extrêmement verbeux avec 490 000 lignes contre 370 000 pour Claude Sonnet 4 sur les mêmes tâches La complexité cyclomatique et cognitive du code GPT-5 est dramatiquement plus élevée que tous les autres modèles GPT-5 introduit 3,90 problèmes par tâche réussie contre seulement 2,11 pour Claude Sonnet 4 Point fort de GPT-5 : sécurité exceptionnelle avec seulement 0,12 vulnérabilité par 1000 lignes de code Faiblesse majeure : densité très élevée de “code smells” (25,28 par 1000 lignes) nuisant à la maintenabilité GPT-5 produit 12% de problèmes liés à la complexité cognitive, le taux le plus élevé de tous les modèles Tendance aux erreurs logiques fondamentales avec 24% de bugs de type “Control-flow mistake” Réapparition de vulnérabilités classiques comme les failles d'injection et de traversée de chemin Nécessité d'une gouvernance renforcée avec analyse statique obligatoire pour gérer la complexité du code généré Pourquoi j'ai abandonné Docker pour Podman https://codesmash.dev/why-i-ditched-docker-for-podman-and-you-should-too Problème Docker : Le daemon dockerd persistant s'exécute avec des privilèges root, posant des risques de sécurité (nombreuses CVEs citées) et consommant des ressources inutilement. Solution Podman : Sans Daemon : Pas de processus d'arrière-plan persistant. Les conteneurs s'exécutent comme des processus enfants de la commande Podman, sous les privilèges de l'utilisateur. Sécurité Renforcée : Réduction de la surface d'attaque. Une évasion de conteneur compromet un utilisateur non privilégié sur l'hôte, pas le système entier. Mode rootless. Fiabilité Accrue : Pas de point de défaillance unique ; le crash d'un conteneur n'affecte pas les autres. Moins de Ressources : Pas de daemon constamment actif, donc moins de mémoire et de CPU. Fonctionnalités Clés de Podman : Intégration Systemd : Génération automatique de fichiers d'unité systemd pour gérer les conteneurs comme des services Linux standards. Alignement Kubernetes : Support natif des pods et capacité à générer des fichiers Kubernetes YAML directement (podman generate kube), facilitant le développement local pour K8s. Philosophie Unix : Se concentre sur l'exécution des conteneurs, délègue les tâches spécialisées à des outils dédiés (ex: Buildah pour la construction d'images, Skopeo pour leur gestion). Migration Facile : CLI compatible Docker : podman utilise les mêmes commandes que docker (alias docker=podman fonctionne). Les Dockerfiles existants sont directement utilisables. Améliorations incluses : Sécurité par défaut (ports privilégiés en mode rootless), meilleure gestion des permissions de volume, API Docker compatible optionnelle. Option de convertir Docker Compose en Kubernetes YAML. Bénéfices en Production : Sécurité améliorée, utilisation plus propre des ressources. Podman représente une évolution plus sécurisée et mieux alignée avec les pratiques modernes de gestion Linux et de déploiement de conteneurs. Guide Pratique (Exemple FastAPI) : Le Dockerfile ne change pas. podman build et podman run remplacent directement les commandes Docker. Déploiement en production via Systemd. Gestion d'applications multi-services avec les “pods” Podman. Compatibilité Docker Compose via podman-compose ou kompose. Détection améliorée des APIs vulnérables dans les IDEs JetBrains et Qodana - https://blog.jetbrains.com/idea/2025/09/enhanced-vulnerable-api-detection-in-jetbrains-ides-and-qodana/ JetBrains s'associe avec Mend.io pour renforcer la sécurité du code dans leurs outils Le plugin Package Checker bénéficie de nouvelles données enrichies sur les APIs vulnérables Analyse des graphes d'appels pour couvrir plus de méthodes publiques des bibliothèques open-source Support de Java, Kotlin, C#, JavaScript, TypeScript et Python pour la détection de vulnérabilités Activation des inspections via Paramètres > Editor > Inspections en recherchant “Vulnerable API” Surlignage automatique des méthodes vulnérables avec détails des failles au survol Action contextuelle pour naviguer directement vers la déclaration de dépendance problématique Mise à jour automatique vers une version non affectée via Alt+Enter sur la dépendance Fenêtre dédiée “Vulnerable Dependencies” pour voir l'état global des vulnérabilités du projet Méthodologies Le retour de du sondage de Stack Overflow sur l'usage de l'IA dans le code https://medium.com/@amareshadak/stack-overflow-just-exposed-the-ugly-truth-about-ai-coding-tools-b4f7b5992191 84% des développeurs utilisent l'IA quotidiennement, mais 46% ne font pas confiance aux résultats. Seulement 3,1% font “hautement confiance” au code généré. 66% sont frustrés par les solutions IA “presque correctes”. 45% disent que déboguer le code IA prend plus de temps que l'écrire soi-même. Les développeurs seniors (10+ ans) font moins confiance à l'IA (2,6%) que les débutants (6,1%), créant un écart de connaissances dangereux. Les pays occidentaux montrent moins de confiance - Allemagne (22%), UK (23%), USA (28%) - que l'Inde (56%). Les créateurs d'outils IA leur font moins confiance. 77% des développeurs professionnels rejettent la programmation en langage naturel, seuls 12% l'utilisent réellement. Quand l'IA échoue, 75% se tournent vers les humains. 35% des visites Stack Overflow concernent maintenant des problèmes liés à l'IA. 69% rapportent des gains de productivité personnels, mais seulement 17% voient une amélioration de la collaboration d'équipe. Coûts cachés : temps de vérification, explication du code IA aux équipes, refactorisation et charge cognitive constante. Les plateformes humaines dominent encore : Stack Overflow (84%), GitHub (67%), YouTube (61%) pour résoudre les problèmes IA. L'avenir suggère un “développement augmenté” où l'IA devient un outil parmi d'autres, nécessitant transparence et gestion de l'incertitude. Mentorat open source et défis communautaires par les gens de Microcks https://microcks.io/blog/beyond-code-open-source-mentorship/ Microcks souffre du syndrome des “utilisateurs silencieux” qui bénéficient du projet sans contribuer Malgré des milliers de téléchargements et une adoption croissante, l'engagement communautaire reste faible Ce manque d'interaction crée des défis de durabilité et limite l'innovation du projet Les mainteneurs développent dans le vide sans feedback des vrais utilisateurs Contribuer ne nécessite pas de coder : documentation, partage d'expérience, signalement de bugs suffisent Parler du project qu'on aime autour de soi est aussi super utile Microcks a aussi des questions specifiques qu'ils ont posé dans le blog, donc si vous l'utilisez, aller voir Le succès de l'open source dépend de la transformation des utilisateurs en véritables partenaires communautaires c'est un point assez commun je trouve, le ratio parlant / silencieux est tres petit et cela encourage les quelques grandes gueules La modernisation du systemes legacy, c'est pas que de la tech https://blog.scottlogic.com/2025/08/27/holistic-approach-successful-legacy-modernisation.html Un artcile qui prend du recul sur la modernisation de systemes legacy Les projets de modernisation legacy nécessitent une vision holistique au-delà du simple focus technologique Les drivers business diffèrent des projets greenfield : réduction des coûts et mitigation des risques plutôt que génération de revenus L'état actuel est plus complexe à cartographier avec de nombreuses dépendances et risques de rupture Collaboration essentielle entre Architectes, Analystes Business et Designers UX dès la phase de découverte Approche tridimensionnelle obligatoire : Personnes, Processus et Technologie (comme un jeu d'échecs 3D) Le leadership doit créer l'espace nécessaire pour la découverte et la planification plutôt que presser l'équipe Communication en termes business plutôt que techniques vers tous les niveaux de l'organisation Planification préalable essentielle contrairement aux idées reçues sur l'agilité Séquencement optimal souvent non-évident et nécessitant une analyse approfondie des interdépendances Phases projet alignées sur les résultats business permettent l'agilité au sein de chaque phase Sécurité Cyber Attaque su Musée Histoire Naturelle https://www.franceinfo.fr/internet/securite-sur-internet/cyberattaques/le-museum-nati[…]e-d-une-cyberattaque-severe-une-plainte-deposee_7430356.html Compromission massive de packages npm populaires par un malware crypto https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised 18 packages npm très populaires compromis le 8 septembre 2025, incluant chalk, debug, ansi-styles avec plus de 2 milliards de téléchargements hebdomadaires combinés duckdb s'est rajouté à la liste Code malveillant injecté qui intercepte silencieusement l'activité crypto et web3 dans les navigateurs des utilisateurs Le malware manipule les interactions de wallet et redirige les paiements vers des comptes contrôlés par l'attaquant sans signes évidents Injection dans les fonctions critiques comme fetch, XMLHttpRequest et APIs de wallets (window.ethereum, Solana) pour intercepter le trafic Détection et remplacement automatique des adresses crypto sur multiple blockchains (Ethereum, Bitcoin, Solana, Tron, Litecoin, Bitcoin Cash) Les transactions sont modifiées en arrière-plan même si l'interface utilisateur semble correcte et légitime Utilise des adresses “sosies” via correspondance de chaînes pour rendre les échanges moins évidents à détecter Le mainteneur compromis par email de phishing provenant du faux domaine “mailto:support@npmjs.help|support@npmjs.help” enregistré 3 jours avant l'attaque sur une demande de mise a jour de son autheotnfication a deux facteurs après un an Aikido a alerté le mainteneur via Bluesky qui a confirmé la compromission et commencé le nettoyage des packages Attaque sophistiquée opérant à plusieurs niveaux: contenu web, appels API et manipulation des signatures de transactions Les anti-cheats de jeux vidéo : une faille de sécurité majeure ? - https://tferdinand.net/jeux-video-et-si-votre-anti-cheat-etait-la-plus-grosse-faille/ Les anti-cheats modernes s'installent au Ring 0 (noyau système) avec privilèges maximaux Ils obtiennent le même niveau d'accès que les antivirus professionnels mais sans audit ni certification Certains exploitent Secure Boot pour se charger avant le système d'exploitation Risque de supply chain : le groupe APT41 a déjà compromis des jeux comme League of Legends Un attaquant infiltré pourrait désactiver les solutions de sécurité et rester invisible Menace de stabilité : une erreur peut empêcher le démarrage du système (référence CrowdStrike) Conflits possibles entre différents anti-cheats qui se bloquent mutuellement Surveillance en temps réel des données d'utilisation sous prétexte anti-triche Dérive dangereuse selon l'auteur : des entreprises de jeux accèdent au niveau EDR Alternatives limitées : cloud gaming ou sandboxing avec impact sur performances donc faites gaffe aux jeux que vos gamins installent ! Loi, société et organisation Luc Julia au Sénat - Monsieur Phi réagi et publie la vidéo Luc Julia au Sénat : autopsie d'un grand N'IMPORTE QUOI https://www.youtube.com/watch?v=e5kDHL-nnh4 En format podcast de 20 minutes, sorti au même moment et à propos de sa conf à Devoxx https://www.youtube.com/watch?v=Q0gvaIZz1dM Le lab IA - Jérôme Fortias - Et si Luc Julia avait raison https://www.youtube.com/watch?v=KScI5PkCIaE Luc Julia au Senat https://www.youtube.com/watch?v=UjBZaKcTeIY Luc Julia se défend https://www.youtube.com/watch?v=DZmxa7jJ8sI Intelligence artificielle : catastrophe imminente ? - Luc Julia vs Maxime Fournes https://www.youtube.com/watch?v=sCNqGt7yIjo Tech and Co Monsieur Phi vs Luc Julia (put a click) https://www.youtube.com/watch?v=xKeFsOceT44 La tronche en biais https://www.youtube.com/live/zFwLAOgY0Wc Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 15 septembre 2025 : Agile Tour Montpellier - Montpellier (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 22-24 septembre 2025 : Kernel Recipes - Paris (France) 22-27 septembre 2025 : La Mélée Numérique - Toulouse (France) 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 23-24 septembre 2025 : AI Engineer Paris - Paris (France) 25 septembre 2025 : Agile Game Toulouse - Toulouse (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 30 septembre 2025-1 octobre 2025 : PyData Paris 2025 - Paris (France) 2 octobre 2025 : Nantes Craft - Nantes (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-7 octobre 2025 : Swift Connection 2025 - Paris (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 7-8 octobre 2025 : Agile en Seine - Issy-les-Moulineaux (France) 8-10 octobre 2025 : SIG 2025 - Paris (France) & Online 9 octobre 2025 : DevCon #25 : informatique quantique - Paris (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16 octobre 2025 : Power 365 - 2025 - Lille (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 17 octobre 2025 : Sylius Con 2025 - Lyon (France) 17 octobre 2025 : ScalaIO 2025 - Paris (France) 17-19 octobre 2025 : OpenInfra Summit Europe - Paris (France) 20 octobre 2025 : Codeurs en Seine - Rouen (France) 23 octobre 2025 : Cloud Nord - Lille (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 5-6 novembre 2025 : Tech Show Paris - Paris (France) 5-6 novembre 2025 : Red Hat Summit: Connect Paris 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 6 novembre 2025 : Agile Tour Aix-Marseille 2025 - Gardanne (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19-21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1-2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4-5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9-11 décembre 2025 : APIdays Paris - Paris (France) 9-11 décembre 2025 : Green IO Paris - Paris (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) 4 septembre 2026 : JUG SUmmer Camp 2026 - La Rochelle (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/
Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:
There's drama about the latest RISC-V patches in the kernel, SparkyLinux and Kaisen Linux have updates, and GCC is looking to drop some architectures. Nvidia ships a driver update, ffmpeg and OnlyOffice adds AI, and distros are shipping the soft reboot. For tips we have SystemD-Manager-TUI for managing Systemd, a step-through of auditing a downloadable install script, the timeout bash command, and an interesting question about how to get colors back in grep output. You can find the show notes at http://bit.ly/4mEkufi and have a great week! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.
EL SECRETO para DOMINAR Systemd en Linux (¡FÁCIL Y RÁPIDO!) | Adiós systemctl
EL SECRETO para DOMINAR Systemd en Linux (¡FÁCIL Y RÁPIDO!) | Adiós systemctl
En este episodio de “Podcast de Tecnología e Informática con Tomás González” nos ponemos la bata de técnicos curiosos y nos lanzamos a descubrir systemd, el misterioso proceso PID 1 que manda en casi todas las distribuciones modernas de Linux.Sin comandos, sin terminal y sin jerga críptica: lo explicamos con analogías, anécdotas geek y ejemplos de la vida diaria para que cualquier estudiante de informática —incluso si jamás oyó hablar de SysV init— entienda:Por qué nació systemd y cómo relegó al viejo SysV init.Qué hace exactamente cuando pulsas el botón de encendido: targets, dependencias y arranque en paralelo.El mundo de las units (services, timers, sockets…) explicado como piezas de LEGO.Cómo journald se convirtió en la caja negra de tu sistema y por qué algunos lo aman y otros lo odian.Un vistazo amigable a cgroups, la jaula que mantiene a raya los procesos glotones.Las polémicas que sacudieron la comunidad Linux y las ventajas que lo han convertido en estándar de facto.¿Systemd es un héroe moderno o un pulpo que lo acapara todo? Ponte los auriculares, sirve tu café y descúbrelo con nosotros en este viaje entretenido al corazón del arranque de Linux.
Spin up, share, nuke. We each build a throwaway server, and then rate each others' setups.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:💥 Gets Sats Quick and Easy with Strike📻 LINUX Unplugged on Fountain.FMTUI ChallengeTUI Challenge ScorecardSelf-Hosted 150: The Last One — Before hitting the road, we test the limits of local-first file sharing, debate what self-hosting really is, and share our all-time favorite apps.Pick: ws4kp — A web-based WeatherStar 4000Pick: ytdl-sub — Lightweight tool to automate downloading and metadata generation with yt-dlp.
Coming up in this episode * Oh GNOME! * Mozilla, Don't Watch * And a few high notes The Video Version! (https://youtu.be/FdHulOnBwEo) https://youtu.be/FdHulOnBwEo 0:00 Cold Open 1:07 Dash To Panel Needs Your Help! 27:21 Firefox's New Terms Of Use 51:33 Mark / Contact Button 1:00:34 Scott / Contact Button 1:03:22 Dan / Matrix 1:06:09 chraist / Matrix 1:08:07 bgt lover / Matrix 1:10:00 MarshMan / Discord 1:13:58 Next Time! 1:18:45 Stinger Dash to Panel Maintainer Quits Dash to panel maintainer quits (https://www.theregister.com/2025/03/14/dashtopanel_maintainer_quits/) The GitHub issue (https://github.com/home-sweet-gnome/dash-to-panel/issues/2259)
More from The Lunduke Journal: https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe
Mike McGrath joins the program and we get an update from Red Hat. This week we dig into week 2 of Steve's Desktop Linux struggle. -- During The Show -- 01:00 Hex OS - Craig Self host Files Pictures Home Assistant Jellyfin Wants a GUI Like the idea of ZFS Snapshots Go simple You should know how to fix things Cockpit 11:25 News Wire Wordpress 6.7 - wordpress.org (https://wordpress.org/documentation/wordpress-version/version-6-7/) Postgres 17.1 - postgresql.org (https://www.postgresql.org/docs/release/17.1/) Peazip 10.1 - github.io (https://peazip.github.io/changelog.html) DigiKam 8.5 - digikam.org (https://www.digikam.org/news/2024-11-16-8.5.0_release_announcement/) Systemd 256.8 - github.com (https://github.com/systemd/systemd/releases/tag/v256.8) Linux 6.12 - lwn.net (https://lwn.net/Articles/997958/) GNU-Linux 6.12 - phoronix.com (https://www.phoronix.com/news/GNU-Linux-Libre-6.12) Quadruple Workqueue Concurrency - phoronix.com (https://www.phoronix.com/news/Linux-6.13-Workqueues) Q4OS 5.7 - q4os.org (https://q4os.org/blog.html) RHEL 9.5 - github.io (https://peazip.github.io/changelog.html) 12:33 Mike McGrath Interview Drama around RHEL source code Fedora and Streams Accelerators How does Red Hat keep up Xorg and Wayland Remote Desktop on Wayland ELS 32bit Package Mode vs Image Mode RHEL AI Low power computers/systems Micro DNF UBI OS Tree Bootstrap/Build kit Red Hat AI Licensing What does open source mean to you? 33:43 Steve's Desktop Adventure Issues with desktop going to sleep Build on your knowledge base NixOS Local Flatpak Cache Flatpak size Ansible Why multiple files Outside and inside chroot Cinnamon Desktop -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/416) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)
From Nextcloud Breakup to Blissful Reunion: Chris's journey back to a smarter setup. Plus, Jellyfin's game-changing features and a beloved self-hosted app get the upgrade we've all been waiting for.
Guests Jan Lehnardt | Alba Herrerías Ramírez Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard Littauer engages with Jan Lehnardt and Alba Herrerías Ramírez from Neighbourhoodie, a consultancy company based in Berlin and the Canary Islands. The discussion delves into Neighbourhoodie's work on sustaining open source projects, their collaboration with the Sovereign Tech Fund for enhancing open source project's bug resilience, and the technical and ethical facets of their consultancy services. Insights are shared into their past and current projects, including PouchDB, CouchDB, and their contributions to humanitarian causes, emphasizing their focus on creating a sustainable impact in the open source community. Press download now to hear more! [00:01:55] Jan explains the origin of Neighbourhoodie, which began with the Hoodie open source project, how the company evolved, the decline of the Hoodie project due to timing and resources, and how CouchDB and PouchDB continued to thrive. [00:04:27] Richard asks about the company's name and its novelty domain, and Jan gives an overview of Neighbourhoodie's size and slow and steady growth, and their focus on a positive work environment. [00:05:51] Jan gives a detail explanation of CouchDB and PouchDB's functionality, particularly their offline-first and synchronization capabilities, and how this has been used in critical projects like the Ebola vaccine. [00:08:41] Richard asks about maintaining ethical work practices and avoiding projects that conflict with Neighbourhoodie's values. [00:09:53] Jan discusses how Neighbourhoodie balances reinvesting in open source projects and expanding the company, focusing on professional services around CouchDB and PouchDB. [00:11:53] Alba describes her role in leading Sovereign Tech Fund (STF) projects within Neighbourhoodie, and how they engage with various projects to offer support. [00:13:31] Jan explains the STF's Bug Resilience Program. [00:16:33] Richard asks about the potential ethical dilemma when third-party consultants like Neighbourhoodie might be taking work that could have otherwise gone to maintainers themselves. We hear how Neighbourhoodie, the projects, and the STF agree on statements of work, including milestones and time estimates, to ensure fairness and proper allocation of resources. [00:21:23] We learn from Jan that dealing with low-quality bug reports isn't a primary focus of their work, but improving test coverage, dependency updates, and CI/CD processes helps mitigate these issues as a side effect. [00:22:54] Alba talks about the different types of projects they work in, such as OpenPGP.js, Sequioa, Yocto, PyPi, Systemd, PHP, Log4j, and reproducible builds. [00:23:49] Jan discusses the challenges and learning opportunities that comes with working across diverse projects, each with its own set of tools, communication styles, and cultural contexts. [00:25:29] Richard reflects on the complexity of open source sustainability and Alba describes how they research projects and identify areas where they can provide the most help, tailoring their approach to the specific needs of each project. [00:27:25] Jan explains that they don't dictate solutions but rather collaborate with projects to address their most pressing needs, often helping to mediate between different parts of a project to find common ground. [00:30:07] Jan explains how they educate clients to take responsibility for the scripts they deliver, unless there's a long-term support contract in place. [00:32:00] We learn how the Neighbourhoodie transition was organic and not part of a grand strategy and how they continue to contribute to open source through their consulting work. [00:34:54] Richard questions the choice of open source as the main focus given its limitations, and Jan explains that open source is widely understood and accessible, making it a practical choice for their work. [00:37:35] Alba and Jan share some highlights and fun things from their work. [00:39:32] Find out where you can follow Jan and Alba online. Quotes [00:02:19] “The goal was to have two separate entities so that when the company puts out an open source project in its own name, and then the company goes under, and the project goes away, we wanted to not have that.” [00:24:08] “If you do software long enough, you realize that the technical problems are just the sideshow and everything else you have to solve things on the people layer instead of the technology layer.” [00:25:06] “The current monoculture of everything is on GitHub is not the only truth out there.” [00:35:34] “Open source is the thing that everybody understands.” Spotlight [00:40:57] Richard's spotlight is Gregor Martynus. [00:41:54] Jan's spotlight is AdonisJS. [00:42:45] Alba's spotlight is PouchDB. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (email) (mailto:podcast@sustainoss.org) richard@theuserismymom.com (email) (mailto:richard@theuserismymom.com) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Alba Herrerías Ramírez LinkedIn (https://www.linkedin.com/in/alba-herrerias-ramirez/) Alba Herrerías Ramírez Website (https://www.albaherrerias.dev/) Alba Herrerías Ramírez Mastodon (https://mastodon.social/@albaherrerias) Alba Herrerías Ramírez email (mailto:alba@neighbourhood.ie) Jan Lehnardt LinkedIn (https://www.linkedin.com/in/jan-lehnardt-750b0816b/) Jan Lehnardt Website (https://writing.jan.io/) Jan Lehnardt Mastodon (https://narrativ.es/@janl) Jan Lehnardt email (mailto:jan@neighbourhood.ie) Neighbourhoodie Software (https://neighbourhood.ie/) CouchDB (https://couchdb.apache.org/) Sovereign Tech Fund (https://www.sovereigntechfund.de/) Bug Resilience Program (STF) (https://www.sovereigntechfund.de/programs/bug-resilience) Sustain Podcast: 2 episodes with guest Daniel Stenburg (https://podcast.sustainoss.org/guests/stenberg) Gregor Martynus-GitHub (https://github.com/gr2m) AdonisJS (https://adonisjs.com/) PouchDB (https://pouchdb.com/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Alba Herrerías Ramírez and Jan Lehnardt.
NetBSD 10 on a Pinebook Pro, OpenBSD extreme privacy setup, Version 256 of systemd boasts '42% less Unix philosophy', Posix.1 2024 is out, Blocking Access From or to Specific Countries Using FreeBSD and Pf, and more. Date: 2024.06.17 NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines NetBSD 10 on a Pinebook Pro (https://www.idatum.net/netbsd-10-on-a-pinebook-pro-laptop.html) OpenBSD extreme privacy setup (https://dataswamp.org/~solene/2024-06-08-openbsd-privacy-setup.html) News Roundup Version 256 of systemd boasts '42% less Unix philosophy' (https://www.theregister.com/2024/06/13/version_256_systemd/) Posix.1 2024 is out (https://ieeexplore.ieee.org/document/10555529) Blocking Access From or to Specific Countries Using FreeBSD and Pf (https://it-notes.dragas.net/2024/06/16/freebsd-blocking-country-access/) Beastie Bits BSD User Group Düsseldorf Juli 2024 (https://www.meetup.com/de-DE/bsd-user-group-dusseldorf-bsd-nrw/events/301557512/) Another cool UNIX workstation, that was never released (https://www.reddit.com/r/unix/comments/1dd60re/another_cool_unix_workstation_that_was_never/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)
Online identity is a ticking time bomb. Are trustworthy, open-source solutions ready to disarm it? Or will we be stuck with lackluster, proprietary systems?Sponsored By:Core Contributor Membership: Take $1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:
Your Linux box is a-changin'. systemd has a huge new release; we'll get into the most impressive features, including the new sudo replacement. Plus, our thoughts on the new Linux Arm laptops that are just around the corner.Sponsored By:Core Contributor Membership: Take $1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:
Linux Lugcast - https://linuxlugcast.com/ Hacker Public Radio - https://hackerpublicradio.org/ Reichsmark - https://en.wikipedia.org/wiki/Reichsmark 7-11 convenience store - https://www.7-eleven.com/ 7-11 pizza - https://www.7-eleven.com/products/pizza Peanut butter sandwich - https://www.foodnetwork.com/recipes/photos/pb-and-yay- Cereal - https://en.wikipedia.org/wiki/Cereal https://en.wikipedia.org/wiki/List_of_breakfast_cereals Medicaid - https://www.medicaid.gov/ Raspberry Pi - https://www.raspberrypi.com/ MX Linux - https://mxlinux.org/ MX Linux Pi OS Respin - https://mxlinux.org/blog/mx-23-1-raspberry-pi-os-respin/ Raspberry Pi OS - https://www.raspberrypi.com/software/ Chromium Browser - https://www.chromium.org/chromium-projects/ Firefox Browser - https://www.mozilla.org/en-US/firefox/new/ Raspberry Pi 400 - https://www.raspberrypi.com/products/raspberry-pi-400/ How Many Open Browser Tabs Is Too Many Open Browser Tabs? - https://lifehacker.com/does-having-too-many-tabs-open-really-slow-down-your-br-1848554140 HDMI - https://www.lifewire.com/hdmi-facts-high-definition-multimedia-interface-1847337 VGA - https://www.howtogeek.com/821620/what-is-vga/ RCA Connectors - https://www.cablethis.com/demystifying-rca-connectors-how-they-impact-your-audio-quality/ Composite Video - https://www.lifewire.com/composite-video-the-basics-1846869 CDC Pascal - https://standardpascal.org/CDC6000pascal.html https://exhibits.stanford.edu/stanford-pubs/catalog/sz874xb6118 Xerox - https://www.xerox.com/en-us IBM - https://www.ibm.com/us-en Thailand Death Train - https://www.bordersofadventure.com/death-railway-kanchanaburi-thailand/ https://www.thaitrainguide.com/death-railway/ West Virginia - https://www.wv.gov/Pages/default.aspx https://wvtourism.com/ Mining Effects On Fishing - https://fisheries.org/policy-media/policy-statements/afs-policy-statement-13/ Mining Land Remediation/Reclamation - https://www.epa.gov/remedytech/green-remediation-best-management-practices-mining-sites https://en.wikipedia.org/wiki/Mine_reclamation Kwai River - https://www.tripadvisor.com/Attraction_Review-g297924-d554151-Reviews-River_Kwai-Kanchanaburi_Kanchanaburi_Province.html Cassava - https://plants.usda.gov/DocumentLibrary/plantguide/pdf/pg_maes.pdf https://codycovefarm.com/plant-profile-cassava-manihot-esculenta/ Sugar Cane - https://en.wikipedia.org/wiki/Sugar_Kane Rice - https://en.wikipedia.org/wiki/Rice https://www.foodnetwork.com/how-to/articles/how-to-make-perfect-rice-a-step-by-step-guide The story of the great Polish train hack - https://www.railway-technology.com/news/the-story-of-the-great-polish-train-hack/?cf-view CompuServe Headquarters turns 50 - https://abc6onyourside.com/news/local/historical-status-given-to-central-ohio-building-that-once-housed-compuserve Compuserve - https://www.compuserve.com/ https://en.wikipedia.org/wiki/CompuServe PDP-10 Computer - http://www.columbia.edu/cu/computinghistory/pdp10.html Linear Power Supply - https://www.tek.com/en/documents/application-note/understanding-linear-power-supply-specifications Switching Power Supply - https://www.eleccircuit.com/what-switching-power-supply-how-does-it-work/ Asperger's Syndrome - https://www.autismspeaks.org/types-autism-what-asperger-syndrome DietPi - https://dietpi.com/ Debian Linux - https://www.debian.org/ XFCE - https://www.xfce.org/ Systemd - https://www.digitalocean.com/community/tutorials/what-is-systemd MX-23 XFCE (Bookworm) - https://forums.raspberrypi.com/viewtopic.php?t=362478 Thorium Web Browser - https://thorium.rocks/ Waterfox Web Browser - https://www.waterfox.net/ Group Speed Dial (FIrefox) - https://addons.mozilla.org/en-US/firefox/addon/groupspeeddial/ Raspberry Pi 5 - https://www.raspberrypi.com/products/raspberry-pi-5/ PDP-6 - http://pdp-6.net/ MIT - https://web.mit.edu/ MIT Early AI works - https://dspace.mit.edu/handle/1721.1/5460 ZULU Time - https://www.timeanddate.com/worldclock/timezone/zulu Daylight Savings Time - https://www.reuters.com/world/us/what-is-us-daylight-saving-time-why-was-it-created-2023-10-31/ Truck Driver Rules & Regulations - https://truckstop.com/blog/understanding-truck-driving-hours-and-regulations/ Amphetamine - https://en.wikipedia.org/wiki/Amphetamine Men In Black - https://www.imdb.com/title/tt0119654/ Cold War - https://www.britannica.com/event/Cold-War Pershing Ballastic Missle - https://www.lockheedmartin.com/en-us/news/features/history/pershing.html Pershing M26 Tank - https://tanks-encyclopedia.com/ww2/us/m26_pershing.php C4 Plastic Explosive - https://www.military.com/video/ammunition-and-explosives/explosives/c4-explained/1367499806001 Battleship New Jersey - https://www.battleshipnewjersey.org/ B-52 - https://stratofortress.org/history/ Wagner Military Group - https://en.wikipedia.org/wiki/Wagner_Group John Ringo - https://www.simonandschuster.com/authors/John-Ringo/1875432 Ghost (John Ringo book) - https://www.kirkusreviews.com/book-reviews/john-ringo/ghost-3/ Battleship Wisconsin - https://nauticus.org/explore/battleship-exhibits/about-the-battleship/ Jules Verne - https://www.biography.com/authors-writers/jules-verne M28/M29 Davy Crockett Tactical Nuclear Weapon - https://armyhistory.org/the-m28m29-davy-crockett-nuclear-weapon-system/ PTSD - https://www.psychiatry.org/patients-families/ptsd/what-is-ptsd Autistic Spectrum - https://www.cdc.gov/ncbddd/autism/signs.html Dyslexia - https://www.mayoclinic.org/diseases-conditions/dyslexia/symptoms-causes/syc-20353552 Boston - https://www.boston.gov/visiting-boston Clinical Depression - https://www.nimh.nih.gov/health/topics/depression Maine - https://visitmaine.com/ Spread Spectrum Communications - https://www.edn.com/what-is-spread-spectrum-technology/ Israeli Army Unit that recruits autistic teens - https://www.theatlantic.com/health/archive/2016/01/israeli-army-autism/422850/ Open Source - https://opensource.com/resources/what-open-source New Years Resolution - https://www.newsweek.com/new-years-resolution-2022-meaning-origin-ideas-1662947 Mini HDMI Cable - https://www.howtogeek.com/745530/hdmi-vs-mini-hdmi-vs-micro-hdmi-whats-the-difference/ LibreOffice Impress - https://www.libreoffice.org/discover/impress/ Powerpoint - https://www.microsoft.com/en-us/microsoft-365/powerpoint Google Drive - https://www.google.com/drive/ GPD Win 4 - https://www.gpd.hk/gpdwin4 Coreboot - https://www.coreboot.org/ Libreboot - https://libreboot.org/ FOSDEM - https://fosdem.org/2024/ BIOS - https://computer.howstuffworks.com/bios.htm X11 - https://www.baeldung.com/linux/x11 Wayland - https://wayland.freedesktop.org/ Gnome 3 - https://www.gnome.org/getting-gnome/ Mate - https://mate-desktop.org/ Xorg - https://wiki.archlinux.org/title/Xorg Open Suse - https://www.opensuse.org/ KDE - https://kde.org/ Unity - https://unityd.org/ Chromebook - https://www.google.com/chromebook/ ASUS EEE PC 901 - https://www.laptopmag.com/reviews/laptops/asus-eee-pc-901 ASUS EEE PC X101CH - https://www.cnet.com/reviews/asus-eee-pc-x101ch-review/ Star Labs - https://us.starlabs.systems/?shpxid=fc6f3491-925e-4b6c-aba5-4477924fc432 Pulse Audio - https://www.freedesktop.org/wiki/Software/PulseAudio/ Obsessive Compulsive Disorder (OCD) - https://www.nimh.nih.gov/health/topics/obsessive-compulsive-disorder-ocd STEM (Science, Technology, Engineering, & Math) - https://www.lifewire.com/what-is-stem-4150175
00:00 - PreShow Banter™ — RSA Power Moves08:14 - BHIS - Talkin' Bout [infosec] News 2024-05-0609:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR15:04 - Story # 2: A recent security incident involving Dropbox Sign20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability42:07 - Story # 6: LastPass goes independent over a year after serious breaches50:16 - Cyber Security Basics for Muggles & Minions with Ashley and Chris50:40 - Story # 7: Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million54:12 - Story # 8: Lockbit's seized site comes alive to tease new police announcements56:27 - Story # 9: Systemd v256 Introduces run0: A Safer Alternative to sudo
Josh and Kurt talk about a sudo replacement going into systemd called run0. It sounds like it'll get a lot right, but systemd is a pretty big attack surface and not everyone is a fan. We shall have to see if this ends up replacing sudo. Show Notes Conan O'Brien on Hot Ones Lennart's Mastodon thread xkcd automation
The first LinuxFest is back and better than ever. We share stories and friends from one of the best Linux gatherings of the year: LinuxFest Northwest.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:
System D is our topic for today discussing system processes, how do you manage and control processes, services, and fundamental components of Linux operating systems. In this discussion, we cover how to think about it, how it works, alternatives, process controls, and even how they get applied to containers. Containers were a nice bridge from our previous discussions when we were talking about container management systems. If you are interested in Linux and Linux management, Linux automation, this is a good episode for you! Transcript: https://otter.ai/u/KCK3f95lbUEAEzLgA60k-HbDlGk?utm_source=copy_url
Fredrik får besök av Peter Magnusson från grannpodden Säkerhetspodcasten, som hjälper till att reda ut vad som egentligen hänt kring bakdörren i komprimeringsbiblioteket XZ. Under påsken upptäcktes en bakdörr i XZ, som hade potential att ge upphovspersonerna tillgång till maskiner som kör saker som SSH och Systemd. Bakdörren var gömd i binärfiler för testfall, byggd för att inte märkas, och allt som behövdes hade smugits in över tid efter en koordinerad kampanj där upphovspersonerna gavs maintainerbehörighet till XZ. Peter reder ut vad som hänt, framgångar och misstag från angriparnas sida, och ger en säkerhetsinsatts perspektiv på det hela. Det är fascinerande att hela aktionen skett helt i det öppna och helt dokumenterad i text - e-post, commits och så vidare. Dessutom är det intressant att spekulera över vilka som kan tänkas ligga bakom, och vad det betyder med de misstag som faktiskt gjorts i processen och koden. Och givetvis det läskiga i att överarbetade underhållare av öppen källkod kan göras till måltavlor på det här sättet. En ond aktör plötsligt kan ha incitament att bygga upp en helt falsk verklighet kring en specifik person. Vad är chansen att detta är den enda operationen av det här slaget som pågått och kommer att genomföras? Och så måste vi hylla de människor som inte bara accepterar att en ny version av något plötsligt beter sig lite konstigt utan dyker ner och upptäcker händelser som dessa! Ett stort tack till Cloudnet som sponsrar vår VPS! Har du kommentarer, frågor eller tips? Vi är @kodsnack, @thieta, @krig, och @bjoreman på Mastodon, har en sida på Facebook och epostas på info@kodsnack.se om du vill skriva längre. Vi läser allt som skickas. Gillar du Kodsnack får du hemskt gärna recensera oss i iTunes! Du kan också stödja podden genom att ge oss en kaffe (eller två!) på Ko-fi, eller handla något i vår butik. Länkar XZ Peter Tidigare avsnitt med Peter Säkerhetspodcasten Assured Intrångstester Verilog FPGA Arm Trustzone Jesper i Säkerhetspodcasten Tidslinje för XZ-bakdörren SSH Systemd LZMA XKCD-strippen med biblioteket allting bygger på Russ Cox Andreas Freund som hittade bakdörren Intervju med Andreas Freund Debian Sid Hur bakdörren fungerar Länkare RSA-autentisering Lasse Collin Diskussionstrådarna om att lämna över kontrollen över XZ till Jia Tan Säkerhetspodcastens avsnitt om XZ Kodsnacket om och med underhållare av öppen källkod University of Minnesotas oetiska försök att sänka säkerheten i Linuxkärnan Open-source intelligence Fuzzing Clifford Stoll The cuckoo's egg Videor med Clifford Stoll Replay-attacker Ryan Mcbeth ICD 203 RCE - remote code execution NSA Tailored access operations Dual-EC DRBG Git rewrite Solarwinds-hacket Rob Menching - A microcosm of interaction in open source projects Theo T3.gg - What everyone missed about the Linux hack OWASP CI/CD topp tio Podden Fredrik lyssnade på The perfect backdoor is indistinguishable from a bug Mario Heiderich från Cure53 Mario och Angular
The battle of init systems is real. But should it be?
We're breaking down the attack: how it works, how it was hidden, and why time was running out for the attacker.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:
Endlich die Ausgabe 333. Mit Issos.. ihr wisst schon. Außerdem mit Floppys, nostalgische Spielmomenten und viel RUST.
Chris spends the week in a VR desktop, revealing the glitches, gains, and VR's open-source future.
Deploying Nextcloud the Nix way promises a paradise of reproducibility and simplicity. But is it just a painful trek through configuration hell? We built the dream Nextcloud using Nix and faced reality. Special Guest: Alex Kretzschmar.
Last year, we had some predictions about what 2023 would bring. How'd we do? There's some news to cover from the past two weeks, like the release of the Fedora Asahi spin, Wayland *not* breaking everything, and the very cursed diagonal monitor mode that only Linux supports. SystemD adds encrypted boot support, Chimera OS might be worth a look for your HTPC, and the Fedora stearing committe is weighing a round of interesting changes for Fedora 40, like unifying /bin and /sbin. Then we cover predictions for 2024, like the importance of Ubuntu's next LTS, AMD's GPU outlook, the future of Cosmic, and how exciting 2024 is going to be for desktop Linux users. We cover our favorite tips from the year, and sneak in a couple more aliases you might want to use. You can find the show notes at https://bit.ly/3veYhix and join us next time for a whole new year of Linux! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Club TWiT members can discuss episodes in the Club TWiT Discord.
Last year, we had some predictions about what 2023 would bring. How'd we do? There's some news to cover from the past two weeks, like the release of the Fedora Asahi spin, Wayland *not* breaking everything, and the very cursed diagonal monitor mode that only Linux supports. SystemD adds encrypted boot support, Chimera OS might be worth a look for your HTPC, and the Fedora stearing committe is weighing a round of interesting changes for Fedora 40, like unifying /bin and /sbin. Then we cover predictions for 2024, like the importance of Ubuntu's next LTS, AMD's GPU outlook, the future of Cosmic, and how exciting 2024 is going to be for desktop Linux users. We cover our favorite tips from the year, and sneak in a couple more aliases you might want to use. You can find the show notes at https://bit.ly/3veYhix and join us next time for a whole new year of Linux! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Club TWiT members can discuss episodes in the Club TWiT Discord.
https://youtu.be/CYZte822pzE Forum Discussion Thread (https://forum.tuxdigital.com/t/246-linux-mint-debian-security-flaws-linux-blue-screen-of-death-nextcloud-amp-more-linux-news/6106) On this episode of TWIL (246), we've got new releases from Linux Mint, systemd, Debian and more. We've also got some new security stories to talk about from bluetooth flaws and firmware attacks to 23AndMe being back in the news in a less than ideal way. All of this and more on this episode of This Week in Linux, Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/2e528e6b-a692-44b1-a49f-b78b30b65127.mp3) Supported by: LINBIT = https://thisweekinlinux.com/linbit (https://thisweekinlinux.com/linbit) Want to Support the Show? Become a Patron = https://tuxdigital.com/membership (https://tuxdigital.com/membership) Store = https://tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 TWIL 246 Intro 00:35 Linux Mint 21.3 Beta Released - [ link (https://www.linuxmint.com/rel_virginia_whatsnew.php) ] 04:52 Systemd 255 Released - [ link (https://github.com/systemd/systemd/releases/tag/v255) ] 09:23 Debian 12.4 Released - [ link (https://www.debian.org/News/2023/20231210) ] 10:31 Nextcloud Hub 7 Released - [ link (https://nextcloud.com/blog/nextcloud-hub-7-advanced-search-and-global-out-of-office-features/) ] 14:30 LINBIT - [ link (https://thisweekinlinux.com/linbit) ] 15:54 Critical Bluetooth Flaw Affects Android, Apple & Linux Devices - [ announcement (https://github.com/skysafe/reblog/tree/main/cve-2023-45866), link (https://www.darkreading.com/vulnerabilities-threats/critical-bluetooth-flaw-exposes-android-apple-and-linux-devices-to-keystroke-injection-attack) ] 17:16 New LogoFAIL Firmware Attack - [ link (https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html) ] 19:08 23andMe Updates User Agreement to Prevent Data Breach Lawsuits - [ link (https://www.bleepingcomputer.com/news/security/23andme-updates-user-agreement-to-prevent-data-breach-lawsuits) ] 22:17 Meta Announces End-to-End Encryption in Messenger - [ announcement (https://engineering.fb.com/2023/12/06/security/building-end-to-end-security-for-messenger/), link (https://www.eff.org/deeplinks/2023/12/meta-announces-end-end-encryption-default-messenger) ] 24:24 W4 Games Raises $15M For Godot Game Engine - [ link (https://w4games.com/2023/12/07/w4-games-raises-15m-to-drive-video-game-development-inflection-with-godot-engine/) ] 25:52 Outro
Systemd brings a killer Windows feature to Linux! Syncing your funny picture folder with Rclone, fetching github info from the command line, and a M.2 HAT for the Raspberry Pi 5.
This week Noah and Steve discuss picking out a vHost and considerations for deploying it into production. -- During The Show -- 02:00 Types of AI Amount of compute required is astronomical Foundational model vs tweaking 05:55 Kid Friendly distro? - Chris Endless OS (https://www.endlessos.org/) What age to give kids a computer Why give a kid a computer Why Endless OS OpenDNS Filtering 14:13 Serial Connection To Proxmox VMs - Michael Client Setting Host Setting Enable the serial console Proxmox Wiki (https://pve.proxmox.com/wiki/Serial_Terminal) 17:15 pfSense blocking active connections - Bradly Stateful firewalls don't break active connections/sessions 21:00 News Wire EXT4 Corruption Bug - LWN (https://lwn.net/Articles/954285/) Gnome 45.2 - Gnome (https://discourse.gnome.org/t/gnome-45-2-released/18358) Libreoffice 7.6.4 - Libreoffice (https://www.libreoffice.org/download/release-notes/) Jellyfin Android TV App - Jellyfin (https://jellyfin.org/posts/androidtv-v0.16.0/) Jellyfin Roku App - Jellyfin (https://jellyfin.org/posts/roku-200) Debian 12.4 - Debian (https://www.debian.org/News/2023/20231210) Alpine Linux 3.19 - Alpine Linux (https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.19.0) Linux 6.8 Dropping Old Graphics Drivers - Phoronix (https://www.phoronix.com/news/Linux-6.8-No-More-UMS-ioctls) NSA & ESF Recommended Practices - NSA (https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3613105/nsa-and-esf-partners-release-recommended-practices-for-managing-open-source-sof/) OpenZeppelin Vulnerability - Bleeping Computer (https://www.bleepingcomputer.com/news/security/multiple-nft-collections-at-risk-by-flaw-in-open-source-library/) Bluetooth Authentication Bypass - Silicon Angle (https://siliconangle.com/2023/12/07/critical-bluetooth-security-flaw-discovered-google-apple-linux-devices/) Krasue RAT - The Hacker News (https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html) Automatic LLM AI Jail Break - Robust Intelligence (https://www.robustintelligence.com/blog-posts/using-ai-to-automatically-jailbreak-gpt-4-and-other-llms-in-under-a-minute) EU AI Act - Reuters (https://www.reuters.com/technology/eus-ai-act-could-exclude-open-source-models-regulation-2023-12-07/) Purple Llama - Info World (https://www.infoworld.com/article/3711284/meta-releases-open-source-tools-for-ai-safety.html) Apple Open Sources AI Tools - The Stack (https://www.thestack.technology/apple-quietly-open-sources-key-ai-tools/) Systemd 255 - The Verge (https://www.theverge.com/2023/12/7/23992512/linux-blue-screen-of-death-bsod-systemd-update) - Phoronix (https://www.phoronix.com/news/systemd-255) 24:00 Beeper Mini First impression, really cool but will only work till Apple notices Android users clearly want modern features 3 days after release, it all came to a halt Apple's FUD statement Beeper mini enabled security for non Apple users Apple's response reduces security and privacy Apple's response protects the iMessage lock-in effect Issue with other "encrypted apps" Focus of Beeper Beeper cloud uses its own cloud server Give beeper mini a review Beeper blog post (https://blog.beeper.com/p/beeper-mini-is-back) 37:45 vHost Hardware What is a vHost What does Steve consider network drives RAM CPU Lots of compute nodes vs a few large nodes Stage 1 - is it viable $1k-50k quotes Started with 2 vdevs with 3 drives Stay under 85% Stage 2 Scale up DELL EMC POWEREDGE R7425 8 BAY LFF SERVER 2x AMD EPYC 7451 H330 3 PCI RISER RPS DELL PowerEdge R6525 1U Server 2 x AMD EPYC 7542 2.9Ghz CPU 256 GB No HDD Can save a lot buying used Local vs Central storage Data centralized qcow2 on vHost 2 vdevs 2 disks per vdev Dell EMC KTN-STL3 drive shelf 15 disks in 2U Requires LSI SAS9200-8e NetApp DS4246 24 disks in 4U Requires LSI SAS9200-8e QSFP SFF-8436 Mini SAS SFF-8088 Cable Don't store Nextcloud data on OS qcow2 disk There will always be a single point of failure Change ZFS settings based on data being stored Easiest way to get a vHost up and running KVM vs "appliance OS" Bridging vs MAC vTap RAM is likely your biggest constraint Ubuntu libvirt doc (https://ubuntu.com/server/docs/virtualization-libvirt) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/367) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)
In the latest episode, we delve into the rapidly evolving AI ecosystem and its implications for us as Elixir developers, highlighting the potential hazards of relying on proprietary services like OpenAI and the benefits of self-hosted, open-source AI models. We touch on the Elixir LangChain library, how Elixir's position of running our own AI models strengthens us, and the governance and financial risks of depending on a single AI provider. Tune in for why these topics matter and how they shape the future of development in the context of Elixir, plus the holiday season's impact on our show schedule, and more! Show Notes online - http://podcast.thinkingelixir.com/179 (http://podcast.thinkingelixir.com/179) Elixir Community News - https://twitter.com/chris_mccord/status/1724861258548052109 (https://twitter.com/chris_mccord/status/1724861258548052109?utm_source=thinkingelixir&utm_medium=shownotes) – Chris McCord teased a new visual on Twitter resembling a colorful flame logo with the text "Soon™", with more details to come. - https://hauleth.dev/post/who-watches-watchmen-ii/ (https://hauleth.dev/post/who-watches-watchmen-ii/?utm_source=thinkingelixir&utm_medium=shownotes) – Hauleth's blog post explores creating an Elixir service supervised by SystemD, building on his series about managing BEAM applications. - https://www.elixirstreams.com/tips/how-page-title-is-updated (https://www.elixirstreams.com/tips/how-page-title-is-updated?utm_source=thinkingelixir&utm_medium=shownotes) – German Valesco explains the updating of the page_title in Phoenix LiveView with a tip and video demonstration. - https://dockyard.com/blog/2023/11/08/three-years-of-nx-growing-the-machine-learning-ecosystem (https://dockyard.com/blog/2023/11/08/three-years-of-nx-growing-the-machine-learning-ecosystem?utm_source=thinkingelixir&utm_medium=shownotes) – Sean Moriarity discusses the past three years and the future of the Elixir Machine Learning Ecosystem and Nx in a blog post on Dockyard. - https://twitter.com/TheErlef/status/1726654135750066390 (https://twitter.com/TheErlef/status/1726654135750066390?utm_source=thinkingelixir&utm_medium=shownotes) – Announcement of the 3rd edition of a BEAM-focused devroom at the 2024 FOSDEM conference, set to take place in Brussels. - https://beam-fosdem.dev/ (https://beam-fosdem.dev/?utm_source=thinkingelixir&utm_medium=shownotes) – FOSDEM's BEAM devroom, an event for the Elixir community and enthusiasts, provides details about the upcoming sidetrack. - https://www.youtube.com/playlist?list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY (https://www.youtube.com/playlist?list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY?utm_source=thinkingelixir&utm_medium=shownotes) – The official playlist of ElixirConf US videos, with several more sessions expected to be added. - https://www.youtube.com/watch?v=nw-030FD0Qc&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=46 (https://www.youtube.com/watch?v=nw-030FD0Qc&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=46?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf US video of Rafal Studnicki discussing keeping real-time auctions running during rollouts. - https://www.youtube.com/watch?v=P44hFAhKPao&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=47 (https://www.youtube.com/watch?v=P44hFAhKPao&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=47?utm_source=thinkingelixir&utm_medium=shownotes) – Tyler Young's ElixirConf US presentation on migrating data without downtime. - https://www.youtube.com/watch?v=4XaB4XWg-Qg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=48 (https://www.youtube.com/watch?v=4XaB4XWg-Qg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=48?utm_source=thinkingelixir&utm_medium=shownotes) – Michał Śledź's session at ElixirConf US on rewriting Pion in Elixir. - https://www.youtube.com/watch?v=E9pZP5jUYZg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=49 (https://www.youtube.com/watch?v=E9pZP5jUYZg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=49?utm_source=thinkingelixir&utm_medium=shownotes) – Andrew Berrien introduces ECSx and discusses a new approach to game development in Elixir at ElixirConf US. - https://www.youtube.com/watch?v=F42B6AZ879Q&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=50 (https://www.youtube.com/watch?v=F42B6AZ879Q&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=50?utm_source=thinkingelixir&utm_medium=shownotes) – Geoffrey Lessel's introduction to Vox, a static site generator for Elixir enthusiasts, at ElixirConf US. - https://adventofcode.com/ (https://adventofcode.com/?utm_source=thinkingelixir&utm_medium=shownotes) – Advent of Code is approaching, presenting new coding challenges starting December 1st with a new rule against using AI for leaderboard rankings. - https://twitter.com/ljgago/status/1724917401462997413 (https://twitter.com/ljgago/status/1724917401462997413?utm_source=thinkingelixir&utm_medium=shownotes) – Leonardo Gago tweets about his kino_aoc smart cell to assist with Advent of Code puzzles in Livebook. - https://github.com/ljgago/kino_aoc (https://github.com/ljgago/kino_aoc?utm_source=thinkingelixir&utm_medium=shownotes) – GitHub repository for KinoAoc, a Livebook smart cell created by Leonardo Gago for solving Advent of Code puzzles. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources - The discussion explores the AI ecosystem's influence on Elixir developers, addressing risks and dependencies unrelated to Elixir itself. - Concerns are raised about the dangers of building on top of OpenAI and the risk of service outages, as experienced with an AI fitness trainer. - Open-source AI models are discussed as viable alternatives that offer the possibility of self-hosting and independence from proprietary systems. - Mention of the Elixir LangChain library signifies an interest in being able to seamlessly switch AI models without altering application code. - The discussion covers the risks of government regulation, policy changes, financial and governance uncertainties, and how they could affect dependencies on single AI providers. - An industry desire for regulatory measures is expressed, aiming to build a legal buffer that could protect from competition. - The conversation questions the broader implications of reliance on AI, including why the topic is intriguing and why self-hosted, open-source models are crucial. - Arguably, Elixir is considered to have a strong position for running self-managed AI models, highlighting the alignment with open-source philosophies. - Looking to the future, Elixir is positioned well to do this. - A final note touches on the holiday season's effect on the podcast's show schedule with potential changes or pauses in the regular programming. Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern) - Cade Ward - @cadebward (https://twitter.com/cadebward) - Cade Ward on Fediverse - @cadebward@genserver.social (https://genserver.social/cadebward)
Try the new version of Thunderbird (it's now my email & calendar client of choice!): https://mzla.link/tb-flatpak
Can we build an indestructible server that stands up to the test of giving out root login to the Internet?
On this episode of This Week in Linux, Asahi Linux announced a major change with a new flagship distro for using Linux on Apple Silicon. GNOME and KDE released some exciting news for their respective desktop environments. systemd has a cool new feature called soft reboot and we have a whole lot of distro news […]
SHOW NOTES ►► https://tuxdigital.com/podcasts/this-week-in-linux/twil-228/
The boys are back, this week, we talk about SystemD, Gnome's new Window management, and more KDE Plasma 6 Updates. ==== Special Thanks to Our Patrons! ==== https://thelinuxcast.org/patrons/ ===== Follow us
I've been meaning to put down my thoughts about SystemD for the HPR community for some while, so here goes. I want to say that I am not a SystemD hater. When SystemD was a hot topic of debate, many became irrational over it, but I want to start by saying that I don't think it's a bad technology. I think it is a rather good technology. I just don't want it on my personal computer. So I would like to run things down in this order: what is it (as in, what is it really,) what makes it a good technology, why I don't want it now (but might later,) and a few tips for you if you decide that you don't want it currently. SystemD Is not an init system. SystemD includes an init system. SystemD Init was faster than SysVInit, but SystemD Init isn't the fastest init system, and SysVInit now has a parallelization helper, at least on Debian. So, if SystemD Init is not SystemD, than what is SystemD? To understand this we must first understand something about Linux. Linux operates under a model where there are root processes, and there are user processes. These two kinds of processes are usually called "layers." SystemD is actually a third layer, that can be called a system layer. So when SystemD is added to a Linux system, that changes the system so that there are three layers, a root layer, a user layer, and a system layer. As such, you now ask SystemD to set how the system runs. This is why SystemD includes things like an init system, because if you want to change what the system is running, you ask SystemD to change it. SystemD then messages an appropriate system to implement the change, like messaging its init system to bring up or bring down a system daemon. Once you play out this in your head a bit, you really realize that SystemD acts more like a message passing system in this regard. So why do I say SystemD is a good technology? Because this can standardize system control. Without SystemD a fleet of computers becomes like individual fingerprints or unique snowflakes. If you manage many computers, as many professional IT people do, you want them to all run the same, all have the same profiles and general configurations. So if you have a bunch of computers you are running, you can run a lot more if they are all run the same way. If your job requires you to run 10,000 webservers, you want them to run identically because it is impossible to keep an understanding of 10,000 unique configurations in a human head. SystemD really shines in its support of virtualization as well. So to speak of servers, I used to run an email server for a few friends. Each of us had a userid and number as unix users. The mapping of unix userids and postfix userids can get confusing when it gets big. Thanks to SystemD's virtualization work, you can actually put a service like email into a namespace situation so that it has only the users root and the daemon user id (like "postfix"), so SystemD greatly enhances security for server installations. This might help explain its dominance in linux distributions that have been traditionally server-centric, such as debian and redhat. So why don't I don't want it? Well, I've been doing a lot of talking about professional computer work and corporate work environments, but I use a "Personal Computer" as a hobby. I've been out-of-industry for decades now. And when I say "Personal Computer" I'm not talking a hardware specification, rather I'm talking about "This is my personal computer where I do things my way, as opposed to my work computer where I do things my companies way". Dear listener, please remember that I did the first community show contribution to HPR, and my topic was about personalization. For me, a hobbyist interested in operating system experimentation, I don't want a system layer, I want a traditional unix-like system that operates on a two-layer model and does things my way, nobody else's way. So, what advice can I give to those who don't want SystemD now? Well, recently I've left Debian. Debian, you see, supports init system diversity, but as you now know dear listener, that is different than being without SystemD. You may have heard that SystemD is linux-specific, that is to say that it runs only on linux, not anything like a BSD system or a Windows system. But you may be curious to know that it is also Gnu-libC specific. Which means that the C compiler must use GNU's libC standard library. Thus, if you have a system built around the Musl C standard library like Alpine or Void, or a system like Android that runs on the Bionic C Standard library, you wont have a SystemD system. I'm personally learning Void as its package manager supports both binary and a ports collection much like the BSD's. But that is what I'm doing on my personal computer, I leave you in the freedom to do things your way on your personal computer!
How we found peace with the Linux community's perpetual debates; and our tricks for finding the signal from the noise.
Now that we're both on new PCs in the last six months, it's time for us to run through some of our experiences and offer a few (hopefully new) tips for anyone else building a machine. Join us as we talk shop this week about recent BIOS trends, our love of portable apps, unconventional cloud storage strategies, much handwringing about motherboard vendor drivers, Windows package managers, some hefty praise for WSL2 (plus a dangerous digression into the varied feelings about systemd), and more.Some of the less common software mentioned in this episode, which is all easy to Google:Rufus (the full-featured disk imager for making OS install media)PowerToys (make Windows way better)Chocolatey, WinGet, and scoop (the Windows package managers)Input Director (Will's software KVM solution)rclone (command line cloud storage manager)HWiNFO (the gold standard hardware monitor)OCCT (hardware stability and stress testing)LatencyMon (diagnose audio/video latency issues in Windows)Lastly, the Wired article about the capsized cars: https://www.wired.com/2008/02/the-race-to-save-the-cougar-ace/Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod
https://thehomelab.show/The sponsor for today's episodehttps://www.linode.com/homelabshowhttps://lawrencesystems.com/https://www.learnlinux.tv/
Why Fedora 38 might Sway you to try it; and how it runs on the MacBook M1 Max.
In the Security News: Rorschach, QNAP and sudo, why bother signing things, why bother having a password, why bother updating firmware, smart screenshotting, TP-Link oh my, music with Grub2, byte arrays and UTF-8, what is my wifi password, Debian and systemd, opening garage doors, downgrade your firmware to be more secure, exploit databases, this is like a movie, unsolved CTFs, and Near-Ultrasound Inaudible Trojans! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw779
A fresh take on open-source funding, Fedora's plan for better encryption out of the box, and our impressions of the latest Ubuntu Beta.
What we're liking about GNOME 44, how Microsoft's Linux distro is trying to attract more users, and we bust a CentOS myth.
Our favorite features in Linux 6.2, the Hollywood tool getting open-sourced, and a systemd update you need to know about.
Are the long-timers holding Linux back? Lennart Poettering argues we are and proposes a new Microsoft-blessed way to secure Linux. Plus, our thoughts on the slow decline of mailing lists in open-source development. Special Guest: Neal Gompa.
systemd arrives on WSL, Audacity gains a huge feature, Mozilla makes (valid) excuses, a bumper KDE Korner, and more. News Listener Michael sent Joe a LMN 3 Systemd support is now available in WSL Systemd support lands in WSL Audacity 3.2 Released with Realtime Effects, VST3 Support Mozilla calls out Microsoft, Google, Apple over... Read More
We were fixing servers all night, but at least we have a great story. A special guest joins us to help make a big show announcement. Special Guest: Tim Canham.