Red Hat’s community Linux distribution Fedora has always been popular with open-source and Linux developers, but this latest release, Fedora 34 seems to be something special. As Matthew Miller, Fedora Project Leader, tweeted, “The beta for F34 was one of the most popular ever, with twice as many systems showing up in my stats as typical.”
Why? Nick Gerace, a Rancher software engineer, thinks it’s because “I’ve never seen the project in a better state, and I think GNOME 40 is a large motivator as well. Probably a combination of each, from anecdotal evidence.” He’s onto something.
When Canonical released Ubuntu 21.04 a few days earlier, their developers opted to stay with the tried and true GNOME 39 desktop. Fedora’s people decided to go with GNOME 40 for their default desktop even though it’s a radical update to the GNOME interface.
Besides boasting a new look, GNOME 40 is based on the new GTK 4.0 graphical toolkit. Under the pretty new exterior, this update also fixed numerous issues and smoothed out many rough spots. If you’d rather have another desktop, you can also get Fedora 34 with the newest KDE Plasma Desktop, Xfce 4.16, Cinnamon, etc. You name your favorite Linux desktop interface, Fedora will almost certainly deliver it to you.
Under those bright, shiny faces, you’ll find the Wayland display server. Unfortunately, as is the case with all Linux distros that use Wayland to replace the good old X.org display server, it does not work and play well with NVIDIA graphics. The Fedora developers are working upstream with NVIDIA to support its proprietary driver. I can only wish that NVIDIA would get the f-bomb clue Linus Torvalds gave them nine years ago to open up their drivers so we could finally have a first-rate, open-source NVIDIA driver. In the meantime, if your PC has NVIDIA graphics, you’ll automatically be reset to the slower, but working, X.org display server.
On the audio side of life, Fedora has moved to Wim Tayman’s PipeWire, and audio and video server, for audio. This replaces PulseAudio and Jack. While still new, it’s been praised by many as being superior to PulseAudio, which has long been the default Linux audio server. Since its APIs are compatible with PulseAudio, most applications will work with it without any changes. Fedora has also worked upstream with Google and Mozilla so it will work with the Chromium and Firefox web browser families. That said, if you’re doing professional-level audio work, it may not work with your applications. For example, while PipeWire does work with Audacity, the popular audio program, you may need to do a little tuning to get it to work just right and it doesn’t work yet with the popular OBS Studio podcasting program. In both cases, developers are busy trying to get them to work and play well with each other.
At this point, I should point out that this is part of life with Fedora. Fedora, as I’ve said many times, is a bleeding-edge distribution. It explores what’s possible to do with Linux, not what’s guaranteed to work. That’s a big reason why I recommend other distros, such as Linux Mint, for people who want a day-to-day work desktop Linux. Fedora is for developers and brave, adventuresome Linux users. It’s also the upstream for Red Hat Enterprise Linux (RHEL).
Speaking of programmers, they’ll be happy to use the latest update of Toolbox. This lets you easily create containers, which you can then use to host isolated development environments. So, for example, if you want to work on a program on top of RHEL, you just run:
toolbox create –distro rhel –release 8.4
…from a shell and, ta-da, instant RHEL instance ready to rumble.
As always, Fedora comes with the latest versions of languages and libraries. For instance, it includes Ruby 3.0 and Golang 1.16. Fedora is also running on top of the 5.11.12 Linux kernel, which was released only a few weeks ago.
Another feature I like is that, since Fedora 33, the default file system is Btrfs. I find it faster and more responsive than ext4, perhaps the most popular Linux desktop file system. What’s different this time around is that it now defaults to using Btrfs transparent compression.
Besides saving significant storage space — typically from 20 to 40% — Red Hat also claims this increases the lifespan of SSDs and other flash media. SSDs and the like have a built-in limited lifetime depending on how many writes a given drive does. Most users will never reach that limit, approximately ten years of normal use. But developers, who might for example compile Linux kernels every day, might reach that point before a PC’s usual end of useful life. For them, transparent compression may help keep their computer going until they need to replace it with a newer, faster machine.
Of course, as always there are many other versions of Fedora. There’s a Fedora for servers; Fedora CoreOS, which is for people who want to run containers with the latest operating system improvements — it has a two-week update cycle; and Fedora IoT for Internet of Things (IoT) devices. You name the job, there’s probably a Fedora just for it.
New York Attorney General declares top ISPs committed net neutrality fraud
When then-President Donald Trump’s Federal Communications Commission (FCC) tried to destroy net neutrality in 2017, everyone knew that millions of comments in favor of breaking net neutrality were bogus.
As then-New York Attorney General Eric Schneiderman said at the time, two million net neutrality comments were fake. Schneiderman said: “Moving forward with this vote would make a mockery of our public comment process and reward those who perpetrated this fraud to advance their own hidden agenda.” Schneiderman was wrong.
His successor, Letitia James, found after a multi-year investigation that there had been “18 million fake comments with the FCC,” including over 500,000 fake letters sent to Congress in support of the repeal.
Behind this vast majority of this astroturfing campaign was Broadband for America, a marketing group funded by the country’s top ISPs. In classic 1984 doublespeak, it claims to be in favor of net neutrality while, in reality, being a group of its greatest enemies. Its members include AT&T, CenturyLink, Charter, CTIA – The Wireless Association, Comcast, Cox, NCTA – The Internet & Television Association, Telecommunications Industry Association (TIA), and USTelecom-The Broadband Association.
James reported: “After a multi-year investigation, we found the nation’s largest broadband companies funded a secret campaign to influence the FCC’s repeal of net neutrality rules — resulting in millions of fake public comments impersonating Americans. These illegal schemes are unacceptable.”
Altogether, 80% of all public FCC comments filed on its net-neutrality proposal four years ago came from the scammers. There was never, as Ajit Pai, then-FCC chairman and a former Verizon attorney claimed at the time, any mass support for destroying net neutrality. Pai, after leaving office, was hired as a partner by private equity firm Searchlight Capital Partners, where he works on telecom and ISP acquisitions.
James continued: “The broadband industry hired marketing companies that co-opted and created identities and filed nearly 18 million fake comments with the FCC and sent over half a million fake letters to Congress in support of the repeal. This practice was also used to influence other policies. Today, we stopped three of these marketing companies from continuing their illegal behavior and recommended reforms to stop this type of fraud in the future.”
These three companies are Fluent, React2Media and Opt-Intelligence. They all settled with the attorney general’s office and agreed to pay fines. They did not, however, admit to any wrongdoing. They did agree to get permission from anyone they quote in the future in comments purporting to represent public opinion. These businesses and at least three other companies were paid $4.2 million by Broadband for America. The investigation into this hack of democracy is still ongoing.
Where did the fake comments come from? The Office of the New York Attorney General (OAG) found that Broadband for America couldn’t rely on real grassroots support since the public overwhelmingly supported robust net neutrality. So, it created them via co-registration lead generation. In coregistration, consumers are offered rewards, such as gift cards, sweepstakes entries, or an e-book, for providing personal information and responding to advertisements. These include everything from discounted children’s movies to free trials of products.
To conceal the comments’ true source, Broadband for America’s contractors also created web pages for the conservative-leaning advocacy groups. Few comments, however, were submitted via these web pages. But they gave the impression that comments the FCC received came from Trump supporters.
In fairness, it wasn’t just the anti-net neutrality forces that generated fake comments. A 19-year-old college student who supported net neutrality filed over 7.7 million pro-neutrality comments with the FCC. Unlike Broadband for America, he didn’t use the names and addresses of real people without their consent. Instead, he automatically created comments using software-generated fake names and addresses.
The FCC, in theory, should have been able to spot this activity. In practice, it was clueless and didn’t detect that millions of submissions were coming from a single IP address. The OAG also identified another group of 1.6 million pro-neutrality comments that were submitted using fictitious identities but hasn’t been able to find out where they came from.
In the course of the investigation, the OAG found the FCC wasn’t the only one being targeted by big business. The OAG found that fraudulent comment campaigns had also targeted policy decisions at the Environmental Protection Agency and the Bureau of Energy Management at the US Department of the Interior.
Looking ahead, the OAG recommends several reforms to root out the deception and fraud that have infected public policy-making. These are
- Advocacy groups to take steps to ensure they have obtained valid consent from an individual before submitting a comment or message to the government on their behalf
- Agencies and legislatures that manage electronic systems that receive comments and messages to hold advocacy groups and their vendors more accountable for the comments they submit on behalf of individuals
- Lawmakers to strengthen laws to deter the submission of deceptive and unauthorized comments to the government
- Agencies to adopt technical safeguards to protect against unauthorized bulk submissions using automation.
Hopefully, all these changes will happen sooner than later. Democracy has enough trouble as it without businesses pretending to be millions of citizens.
Would you install iPhone apps from a third-party iOS store?
There’s pressure — both legal and otherwise — on Apple to open up iOS and iPadOS to third-party app stores, freeing both customers and developers from Apple’s iron grip.
But would you buy apps from a third-party app store?
As I see it, there are pros and cons, and when it comes to the end user, it’s mostly cons.
A lot of potential pros are being suggested, from more choice to cheaper apps to an ethereal sense of “freedom” from Apples rules and regulations.
On the downside, there wouldn’t be the curation that Apple carries out, and a rejection of apps that break the rules. Also, I suspect that moves such as making developers come clean about what they do with your data, or preventing them from tracking you across the web would likely get the chop.
What wouldn’t change is what developers can do, since most of the safeguards as to what apps can and can’t do are built into iOS.
Personally, I’m skeptical that a third-party app store would be good for end users. Sure, giving developers more flexibility over pricing would help them, but unless the new app store was curated to the same standards that Apple curates its App Store, I can’t help but see it degrade into a cesspit of fart apps and nonsense.
Also, now that Apple is putting pressure on privacy and tracking, any third-party app store that didn’t follow similar rules would become inundated by badware.
I can see why developers and advertisers — and bad guys — love the idea of an app store separate to Apple, but I’m having a tough time coming up with much in the way of end-user benefits, beyond promises of cheaper apps and a sense of not being tied to Apple.
I’m also having a hard time seeing the corporate world embrace third-party app stores on the iPhone, and I see them getting the same treatment that alternative app stores get on Android — they get blocked.
But, at the end of the day, it doesn’t matter if Apple opens up the iPhone to third-party app stores, the real question is whether users will use them.
I couldn’t see myself using them. I played with the Cydia app store many moons ago, but as the functionality built into iOS apps has increased, that became unnecessary for me a long time ago.
But the masses are easily swayed, and I can see the players who are upset by Apple’s privacy measures or fee structure making a hefty push to get users to make the switch. And some certainly have the ability push such a store hard.
Would you download iPhone apps from a third-party store? Why/why not? Let me know in the comments below!
Cybersecurity warning: Russian hackers are targeting these vulnerabilities, so patch now
Russian cyber attacks are being deployed with new techniques – including exploiting vulnerabilities like the recent Microsoft Exchange zero-days – as its hackers continue to target governments, organisations and energy providers around the world.
A joint advisory by, the US Department for Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA), FBI and the National Security Agency (NSA),as well as the UK National Cyber Security Centre looks to warn organisations about updated Tactics, Techniques and Procedures (TTPs) used by Russia’s foreign intelligence service, the SVR – a group also known by cybersecurity researchers as APT29, Cozy Bear, and The Dukes.
It comes after cybersecurity agencies in the US and the UK attributed the SolarWinds attack to Russia’s civilian foreign intelligence service, as well as several campaigns targeting Covid-19 vaccine developers.
“The SVR is a technologically sophisticated and highly capable cyber actor. It has developed capabilities to target organisations globally, including in the UK, US, Europe, NATO member states and Russia’s neighbours,” said the alert.
The advisory warns that Russian cyber attackers have updated their techniques and procedures in an effort to infiltrate networks and avoid detection, especially when some organisations have attempted to adjust their defences after previous alerts about cyber threats.
This includes the attackers using open source tool Sliver as a means of maintaining access to compromised networks and making use of numerous vulnerabilities, including vulnerabilities in Microsoft Exchange.
Sliver is an open source red team tool, a tool used by penetration testers when legally and legitimately testing network security, but in this case is being abused to consolidate access to networks compromised with WellMess and WellMail, custom malware associated with SVR attacks.
SEE: Network security policy (TechRepublic Premium)
Although the paper warns that this isn’t necessarily a full list, other vulnerabilities – all of which have security patches available – used by Russian attackers, include:
- CVE-2018-13379 FortiGate
- CVE-2019-1653 Cisco router
- CVE-2019-2725 Oracle WebLogic Server
- CVE-2019-9670 Zimbra
- CVE-2019-11510 Pulse Secure
- CVE-2019-19781 Citrix
- CVE-2019-7609 Kibana
- CVE-2020-4006 VMWare
- CVE-2020-5902 F5 Big-IP
- CVE-2020-14882 Oracle WebLogic
- CVE-2021-21972 VMWare vSphere
The attackers are also targeting mail servers as part of their attacks as they’re useful staging posts to acquire administrator rights and the ability to further network information and access, be it for gaining a better understanding of the network, or a direct effort to steal information.
But despite the often advanced nature of the attacks, the paper by US and UK cybersecurity authorities says that “following basic cyber security principles will make it harder for even sophisticated actors to compromise target networks”.
This includes applying security patches promptly so no cyber attackers – cyber criminal or nation-state backed operative – can exploit known vulnerabilities as a means of entering or maintaining persistence on the network.
Guidance by the NCSC also suggests using multi-factor authentication to help protect the network from attack, particularly if passwords have been compromised.
MORE ON CYBERSECURITY
Best place to sell or trade-in your old phone, computer and tech gear
Looking to get some cash to finance your next smartphone, tablet, laptop, or video game console purchase? Many websites specialize in cashing in or provide trade-in value for your consumer electronics, including exchange/listing services, buyback services, and manufacturer trade-in programs.
In most of these cases, you can sell your old gear without having to visit a single location. You just need to drop it in the mail, and depending on which place you are working with, you will be provided with return packaging or a shipping label to print out. Some will even pick up your equipment using a courier.
An exchange or listing service is the most conventional of options for those who want to be directly involved in negotiating the sale and have the most control over the sale process to offer items up for bid or “buy it now” pricing. The benefit of this is that you can negotiate the highest price for your merchandise possible, but the negative is that there’s the highest amount of touch required, so it is the most hassle-intense of all the options. It may take longer to find the right buyer for your item on one of these services, and aborted sales are widespread.
eBay is the largest internet exchange for selling any product, merchant to merchant, merchant to buyer, or independent seller to buyer in the entire world. Its smartphone and consumer electronics section is probably the most active for secondary market sales of any consumer site. Single item sellers exist, but it is more oriented towards volume sellers who have made a business out of selling refurbished or used merchandise.
Payment: Direct bank transfer
Open exchange for buying and selling used phones, tablets, video games, cameras, and home tech — seller to buyer listings, with back and forth negotiation.
Payment: Paypal. No seller fees, but buyers pay a small fee that is included in the sale price.
Facebook For Sale groups are available in every town for any kind of new and used merchandise available. These are internet versions of classified ads, with no listing fees and no transaction fees. The burden of creating the listing and entering all product details, and interacting with the buyer is all the seller’s responsibility. No merchandise guarantees, risky. Negotiation can occur in public on Facebook posts or in Messenger, also offline/text/email.
Payment: Anything goes. Cash, arranged electronic payment, trades.
A buyback service is a website that has pre-negotiated pricing for listed categories and models of devices based on their stated condition, such as good, excellent, pristine, or even cracked or damaged. Provided the item received during inspection meets the pre-negotiated condition, you’ll receive that price for the item. If it doesn’t meet the negotiated condition, these services typically will offer you a reduced price, or they will offer to return the item to you.
This service distinguishes itself by having a flexible payment system as it includes direct bank transfers via Zelle, PayPal, or regular bank checks.
Payment: Paypal, Zelle, or check
Turnaround: 72 hours after receipt of item using standard shipping, accelerated turnaround available for additional $15 fee via two-day shipping option. Processing can take up to five business days.
Similar service to Itsworthmore, with a large variety of devices and products available to buy and sell, including custom quotes for unlisted items.
Payment: PayPal, direct deposit, BuyBackWorld gift card, prepaid debit card, and check
Turnaround: 48 hours after passing inspection
UPS Integrated Logistics (CAMS) partner specializing in buying and reselling used Apple, Samsung, and Google smartphones and tablets, as well as video game systems and home automation products
All inspection and packaging occur either with a UPS courier that visits your home or business or at a UPS store. Payment occurs within 24 hours of receipt of the package. The full insured value of the assessed item occurs during transfer to UPS. The company commits to selling or sustainably disposing of all received products.
Payment: Direct deposit or Amazon gift card
Turnaround: 24 hours after receipt of the item
Trade-in for credit service on many forms of consumer electronics. Many kinds of devices are listed, but not consistently the most aggressive on offers and frequently not up to date on the most current devices on the market. The trade-in process is fair and generally fast — ideal for people who heavily use Amazon.
Payment: Amazon gift card
Turnaround: 48 hours after receipt of the item
Similar to Amazon’s trade-in service, you pick a product category, manufacturer, model, and condition, and the system will provide you a quote. The accepted offer is awarded as a store credit in the form of a Best Buy gift card.
Payment: Best Buy gift card
Turnaround: Instant if done in person at a retail store. Seven to nine business days if mailed
If you don’t need to liquidate your device for cash, but instead, simply want to trade up to a newer model, it’s often the least path of resistance to take advantage of a manufacturer’s own trade-in programs, which will give you the cash value of your device with the purchase of a new device.
If you’re looking to buy a new Apple device, using its own trade-in service is a good, hassle-free option, especially if you are looking to finance some of that purchase with your existing phone, tablet, or computer.
The company will take other manufacturers’ products but gives the best prices on its own. This isn’t the best service to use if you want a quick turnaround on payment, as it can take two or three weeks to process unless you do the trade-in at an actual Apple Store retail location.
However, the company will send you packaging with prepaid shipping customized to the device you are sending back, making the entire process very easy to deal with. To use this option, either go to Apple’s trade-in site directly or choose “I have a device to trade-in” when purchasing a new device from the Apple Store.
Payment: Apple Store gift card or trade-in value during the purchase of Apple products
Turnaround: Instant at an Apple retail store, two to three weeks if done online
Google’s trade-in service is primarily used when looking to trade-in an older smartphone to the Google Pixel phones — it will not only take its own Pixel devices in trade, but also Apple, Samsung, LG, and Motorola phones. As with Apple, the turnaround time for credit on your purchase may take two to three weeks.
Payment: Trade-in value for credit on a new Pixel phone
Turnaround: Can take two to three weeks
As with Google and Apple, Samsung generally runs promotions for trade-in on its latest model devices shortly after their introduction. For 2021, it is running it for the S21 5G series. The company accepts older models of their own devices and Apple, Google, LG, and Motorola.
Payment: Trade-in value during the purchase of S21 5G
Why and when to cash or trade-in
As with anything you buy, when you remove a product from its packaging, it immediately depreciates. Additionally, as soon as a new model of whatever product you are using is announced, the value depreciates even more.
How do you get the highest price for my device?
If you are inclined to get the highest price for your item, you’ll want to trade it in before a newer model year is announced. Typically, most manufacturers will eliminate a product from a model line once a year. Still, some may retain products for sale from the previous model year. (Apple even offers the iPhone 11, XR, and the SE while the iPhone 12 is for sale.) In that case, the models that are eliminated from the line — such as the iPhone XS or the iPhone 8 from two generations prior — will become much more depreciated.
When should you trade in your device?
There are times of the year that best align with the announcement of the sale of new models. In the case of Apple, there is usually a fall cadence, typically in mid-September, when iPhones, iPad Air, and entry-level iPad models are announced. iPad Pro models now tend to be announced in late spring, March, or April. Samsung Galaxy S series phones and tablets usually are announced in January, Note series are announced in August (although it is questionable the Note line will continue production now that the S series is virtually identical with pen support), and the last two flagship Google Pixel devices were announced in October and September, respectively.
Where should you trade in your device: Manufacturer or third-party listing service?
If you intend to trade in the device for another device at the same manufacturer, it may make sense to use the manufacturers’ own trade-in program rather than a buyback service, as their pricing tends to be more aggressive on their own products. You might be able to get a somewhat higher price at a listing service, but the much higher level of effort to get it for a minimal price difference of $20 to $50 might not be worth it.
American Airlines Passenger Arrested After Alleged Crew Attack
The Reason for Ethereum’s Recent Rally to ATH According to Changpeng Zhao
Chiliz Price Prediction 2021-2025: $1.76 By the End of 2025
Mining Bitcoin: How to Mine Bitcoin
Mining Bitcoin: How to Mine Bitcoin
Talking Fintech: Customer Experience and the Productivity Revolution
Teamsters Lead Historic Defeat of CEO Pay at Marathon Petroleum
Bitcoin Gains Bullish Momentum, Signals Another Major Rally
Mining Bitcoin: How to Mine Bitcoin
Equity Monday: TechCrunch goes Yahoo while welding robots raise $56M
Alaska Court System Temporarily Disconnected the Internet After a Cybersecurity Threat
Apple is giving a laser company that builds some of its AR tech $410 million
Amid XRP lawsuit, Ripple appoints former US Treasurer to its board, and names new CFO
TFT 11.9 B-patch nerfs Mordekaiser and LeBlanc
Cryptocurrency ATM Network Bitcoin Depot Launches More Than 350 New ATMs Across the U.S.
Incident Detection and Response Basics Greatly Matter
Galaxy Digital Set To Buy BitGo for $1.2 Billion
When does Destiny 2 Season of the Splicer start and end?
Education lender Climb Credit taps Zest AI for credit underwriting
‘DeFi may lead to a paradigm shift’ says Federal Reserve Bank paper
Big Data1 week ago
AT&T shareholders vote against approving executive compensation
Energy1 week ago
Ozop Energy (OZSC) Secures $2.1 Million in Purchase Orders for Photo-Voltaic Energy System Components
Blockchain1 week ago
Polygon Rolls Out $100 Million DeFi Adoption Fund
Aviation1 week ago
A Clean Sheet Widebody: The Story Of The Airbus A350
Blockchain6 days ago
Munger ‘Anti-Bitcoin’ and Buffett ‘Annoyance’ Towards Crypto Industry
Blockchain6 days ago
Ethereum hits $3,000 for the first time, now larger than Bank of America
Blockchain1 week ago
Derivatives Exchange GlobeDX Raises $18M in Seed Round Led by Blockchain VCs
AR/VR1 week ago
HTC Teases Reveal of “game-changing VR headsets” at VIVECON
SaaS1 week ago
SaaS1 week ago
SaaS1 week ago
SaaS1 week ago