Last Friday, my wife and I packed up our car and drove 9.5 hours south from Prague, Czech Republic through Austria and Slovenia to a small coastal town in Croatian on the Adriatic sea. We used the Waze app on my Android phone for guidance all the way there. We stayed in an Airbnb that I found online. On the way to Croatia, we stopped outside Saltzburg, Austria for lunch. Just outside of Ljubliana, Slovenia, we topped up on diesel and had a drink and a short break.

On Saturday, we drove 90 minutes to Trieste, Italy. Except for a small problem where I put the wrong address into the Waze app, we drove to the Miramare castle parking lot through the narrow Italian streets in my big (by Italian standards) SUV. Afterward, we looked for a shopping center in Trieste where we could buy some wine and gifts for family and friends back in Prague. I found one on Google and we were there 15 minutes later.

On Sunday, we went to the Roman coliseum in Pula, Croatia. Pula is about 90 minutes away in the opposite direction from Trieste. It seemed to be a popular tourist location even on a major holiday. Parking was a bit rough but not unbearable. In truth, understanding how to use the parking meter was the only time where we had much of a problem concerning language on the entire trip.

I am blessed and privileged to fluently speak the language that is the lingua franca of much of the world today. Yet for all of my adventures on this short vacation, I can say if I didn’t speak English, but still had a relatively good understanding of technology, the difficulty level of this trip would not have been substantially greater. This is a great wonder of modern life. In previous decades or centuries, journeys like this would be rare and would require much more bravery. This was true even 50 years ago with a car.

This freedom to travel far and wide is made possible by technological innovation. I used an app on my smartphone to provide reliable verbal directions to a small village that I had never heard of before. I used a website on my computer to find an apartment for rent which I paid for online. I used a search engine on my phone to get a conversion rate on my money. I used ATMs from banks I never heard of to get Euros and Croatian Kuna that were programmed in 4 to 5 different languages. These are all things that have never been possible in the past.

We live in amazing times. If we ever lost all of this, it would be a tragedy and because of that, I don’t want to take it for granted. We can’t assume that this progress will still be here tomorrow or next year. It can be taken away. We can regress.

SUSE-IT plans a replacement of some network equipment in the Nuremberg Datacenter next Thursday (2022-04-21), between 4PM to 5PM CEST. Actual downtime is planned to be up to 15 minutes.

Affected services:

• OBS
• Wikis
• Jitsi
• Forums
• Matrix
• Mailing Lists
• Etherpad
• Moodle
• and some more

Please have a look at our status page for more details.

As usual, the openSUSE heroes can be reached via IRC (irc.opensuse.org/#opensuse-admin) or (with delayl Email (admin@opensuse.org).

Hace tiempo en el grupo de Developers Ve en el mundo, preguntaba si alguien había utilizado Obsidian. Considerándome un power user de Evernote, sé lo que necesito, y en los años que llevo buscando una alternativa que funcione en linux, tenia el problema de que muy pocas realmente funcionan bien o siquiera tienen soporte para linux.

Decidí irme por Obsidian, luego de considerar Notion y otras herramientas principalmente por los plugins, que tiene Zettelkasten como feature, esta pensado con las siguientes otras razones:

• Es perfecto para Zettelkasten y para construir un segundo cerebro (Building a Second Brain), y tiene un sistema de tags simple, pero poderoso.
• Soporte para Markdown by default.
• Los archivos están en mis dispositivos, no en la nube by design.
• Puedo elegir alternativas de respaldo, control de versiones y redundancia.
• Soporte para Kanban Boards.
• Soporte para Day Planners.
• Soporte para Natural Language Dates para cosas like: @today, @tomorrow.
• La interfaz es exactamente lo que me encanta de Sublime que es lo que había estado utilizando para tomar notas, junto a la aplicación de notas del teléfono y notas via el correo.
• Tiene un VIM mode :D.
• El roadmap promete.

Revisando varias cosas, y realmente investigando un poco, llegue al siguiente workflow:

• Logre construir el workflow que hace lo que necesito:
  • Vault en git en mi VPS, en una instancia propia de gitea, la data es mia.
  • En Linux:
    • El manejo de las distintas Vaults (Bóvedas) seria por git directamente.
      • Nextcloud como mecanismo de backup redundante en el NAS en casa via scsi en un rpi.
      • A mediano, o largo plazo:
        • La solución de NAS podría ser FreeNAS, TrueNAS o Synology
        • VPS como gateway, utilizando vpn con wireguard para mantener todo en una red privada.
  • En OSX:
    • Seria igual que en linux, por git pero con la diferencia de que las bóvedas estarían alojadas en una carpeta en iCloud.
    • La llave ssh con permiso de escritura en el repo seria importada al keystore (ssh-add -K), para que no de problemas a la hora de pedir contraseñas.
    • Queda pendiente revisar como hacer con las firmas de los commits con GPG, o maybe usando ssh para firmar commits
  • En IOS, los vaults se estarían abriendo via iCloud, dejando por fuera el manejo con git, mientras se agrega el soporte en para ios/mobile en obsidian-git.

En un tiempo revisare este post, y actualizare seguramente a mi nuevo workflow… o hare una vista en retrospectiva de que pudo salir mejor, etc, sin embargo creo que la primera tarea que hare, sera escribir un plugin para poderlo integrar con la creación de posts de este blog, y utilizar el grafo de tags, que por ahora… se ve así:

I recently ran into an issue where some Steam games wouldn’t launch and reported the error that the game would not run without DirectX 11. I was befuddled and could not find a solution. I chatted with people, search through forums and didn’t find a solution. I was left with the belief that the hardware […]

After 30 years of using the Internet and trying many communication formats, e-mail is still my favorite. However, e-mail has many problems. Spam is just annoying, but phishing and especially, spear phishing attacks can also be dangerous. A recent security training, and a Twitter thread I started about it, changed my mind completely about how I treat these harmful e-mails.

The old way

While most spam and some phishing can easily be filtered, spear phishing messages are unique by their nature. The way they try to trick users into clicking URLs, giving out sensitive data is improving each year. Of course, using e-mails as my primary communication form also means that most of the time it takes me less than a second to realize that an e-mail is problematic. For most of the past three decades, my immediate reaction was deleting these e-mails.

Ticketing

A couple years ago, my employer recommended opening a ticket if I run into a phishing e-mail. However, the problem with this is that tickets add a big overhead both to the reporter and to the department handling them. Which meant that I reported only a few tricky cases each year, when it took me more than a couple of seconds to decide that an e-mail is problematic. For the rest, I kept deleting them, as it allowed me to avoid the overhead of ticketing.

Everything? Everything!

Recently, I participated in a security training course where I was asked to report any kind of phishing e-mail to IT security. I was really surprised. Reporting everything has a huge overhead. Is it really necessary? I asked my Twitter followers, many of them working in infosec, and I also asked our IT department. The short answer from both of them was yes, because of two reasons.

First of all, as someone who spent almost three decades in infosec, I have no problem identifying problematic e-mails. But there are a lot more people without this experience. Reporting even trivial phishing e-mails can help saving these people from opening or responding to problematic e-mails.

The good news is that while previously, we needed to use a ticketing system to report problematic e-mails, now it’s just a simple click in the e-mail client. Most of the overhead is gone, so I just need to make sure that instead of deleting the e-mail right away, I report it instead.

Secondly, reporting all phishing e-mails also helps security to estimate the size of the attack and how much it is targeted. Reporting also means that instead of just defending myself, I can help to defend the rest of the users as well. As the security team can see the problematic e-mails on a centralized dashboard, they can identify phishing campaigns early, and so they can delete problematic e-mails from most users’ mail box, even before they could open them.

This is an idea that I’m playing around with. Here are some categories for any reviews. They could later depending on what I learn while doing the reviews.

1. Availability
2. Installation
3. Setup
4. Posting Articles
5. Filtering and Killfiles
6. Miscellaneous Features
7. Final Comments

This year the syslog-ng project will participate in the Google Summer of Code (GSoC) as a mentor organization again. If you are a university student or otherwise eligible to participate in the GSoC program, you can choose to develop a new feature for syslog-ng.

Read my blog to learn why to choose syslog-ng and how to get started: https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-in-gsoc-2022

Running a x86_64 image in qemu machine can be as easy as:

qemu-system-x86_64 openSUSE-Leap-15.3-JeOS.x86_64-kvm-and-xen.qcow2

# A more extended example
qemu-system-x86_64 -m 1G -cpu host -enable-kvm -smp cores=2,threads=1,sockets=1 -drive file=openSUSE-Leap-15.3-JeOS.x86_64-kvm-and-xen.qcow2,if=virtio

Doing the same for aarch64 is a bit more tricky. In this tutorial we’re gonna learn how to run a aarch64 vm using qemu. This approach works on native aarch64 hardware and as emulated VM on any other architectures as well.

The openSUSE community has published results from the annual community survey.

This year’s results increased from last year’s results by more than 100 participants, with 1,320 respondents this time around. While participation increased, results indicated a larger amount of people located in Europe took the survey. Since other regions were less represented, people should be aware of this fact while reading the results.

Information was gathered about the project, its distributions, the demographics and how the community is contributing to the project. A number of questions in this year’s survey provided participants with a wider opportunity to express their opinions and satisfaction with the above topics. A document lists all the comments from the survey.

Some modifications were made from the previous year’s survey, but the highest percentage group of users were ages of 35 to 44. An overwhelming survey participants were from the Northern Hemisphere and almost 500 were in the +1 UTC time zone before the recent daily savings, which put most in the Central European Time. Almost 60 percent of surveyees had a university degree and more than 81 percent of those who answered the question had at least a graduate degree. The amount of surveyees with a job in IT is about split about 50/50.

A core take away from the survey was that openSUSE distros were well supported for IT professionals and developers. Technologies for professional content creators appears to be growing is usage, according to the results.

More than 40 percent have been using Unix-like operating systems for 10 years and less than 3 percent have been using one less than a year. A majority of openSUSE’s desktop users favored using Tumbleweed and those favoring server use opted for Leap. MicroOS use on servers increase more than 40 percent. Packagers were given much recognition in the survey. An overwhelming percentage of surveyees ranked official repositories as their favorite source for get software; the others that followed were rpm downloads along with Flatpak, AppImages and snap respectively.

The survey results showed that most would recommend openSUSE distributions to advanced users and least recommend the distributions for new users. The overall sense was that users were satisfied with the distributions and found them stable and reliable; the distributions and there ease of use were held in high regard, especially the core uses of the server with web hosting, databases, containers and virtualization.

A majority of people prefered openSUSE’s forums, reddit and Twitter for technical communication and knowledge sharing about openSUSE. The other platforms were used for more social interaction with the community.

For more details about the annual survey, please visit the results on the openSUSE Wiki.

https://www.wykop.pl/link/6612291/rzad-dotuje-organizacje-religijne-ktore-stosuja-jawna-segregacje-religijna/

W całej sprawie chodzi o przyznanie uczelni wyższej, która nie dopuszcza w swe szeregi nie-katolików, sporego grantu pieniężnego od rządu. Mogę przeboleć fundusz kościelny, bo niby krzywdy komunistyczne. Ale grant pieniężny na prowadzenie kierunku, do którego mogą się zapisać tylko katolicy? I to z funduszu ochrony środowiska? To tak samo, jakby fundować prywatne drogi dla księdza Rydyzka…