VSI releases OpenVMS 9.2-1 and x86 hobby licenses //

VMS Software Inc (VSI) has opened its hobbyist licensing scheme for the x86-64 version of one of the most reliable OSes in the business.

The slow-but-steady migration of OpenVMS onto commodity x86 kit has passed a couple of significant milestones. A year ago, we covered the release of OpenVMS 9.2, the first production-ready version of the OS for x86-64 kit. In that story we mentioned that the VMS equivalent of a point release was coming, probably at the end of 2022. Well, it's here, and there is also a way to get hold of the new OS and try it for yourself.

Progress is slow, but that is a good thing: this is one of the most reliable and stable OSes in the IT industry. A measured, thoroughly tested release cycle is what you want when some clusters have uptimes measured in decades.

Last month, HP spin-off VMS Software Inc. started the field test of OpenVMS E9.2-1. This version means two significant new milestones for this 46-year-old enterprise OS. It's the first update for the new x86-64 edition: if you were running 9.2 on Intel-powered tin, you can get the 9.2-1 update and do an in-place upgrade.

firmware is weirder than we give it credit for. It's even hard to say exactly what it is.

That used to be easy – firmware was software built into hardware (don't mention microcode.) In the days when that meant small expensive ROM chips, only a tiny part of a device's working software could be stored that way, in general just the low-level routines that directly operated the hardware and presented APIs to software that would be loaded in later. Now many devices have enough system flash on board to hold the complete stack, firmware now includes complete operating systems and has come to mean that software at the heart of your technology that controls its behavior and which you can't just load in as an app.

This somewhat shadowy status has consequences. For a start, it has virtually no consumer market. Nobody goes out and buys new firmware; //

No illicit market exists to cream off revenues.

While companies can buy in firmware from other companies, more often, as with MSI, you're a hardware company writing your own firmware. //

So there's no market in stolen firmware, and not much to be gained by keeping it secret anyway. So why lock it down? //

So unlocking firmware makes it more secure, not less. It makes devices more useful, not less. It creates more innovation, not less. And open source firmware is theft-proof; nobody can steal what you're giving away. //

In fact, it's probably time to ditch the idea of firmware as a magical chimaera too dangerous to be freed. The idea only made sense when hardware imposed far more limits on computer architecture. Its continued existence doesn't benefit anyone – manufacturers, users, innovators or the environment. As one of the last ways left to lock people out from their own devices, it's a barrier, not a shield. Publish the code. Open the specs. There's no firm foundation for firmware any more.

Simple & Free Wiki Software

BookStack is a simple, self-hosted, easy-to-use platform for organising and storing information.

BookStack is fully free and open, MIT licensed. The source is available on GitHub.

Easy, Simple Interface
Simplicity has been the top priority when building BookStack. The page editor has a simple WYSIWYG interface and all content is broken into three simple real world groups:

• Books
• Chapters
• Pages

BookStack is built using PHP, on top of the Laravel framework and it uses MySQL to store data. Performance has been kept in mind and BookStack can run happily on a $5 Digital Ocean VPS.

Built-In diagrams.net
The page editor within BookStack has diagrams.net drawing capability built-in, allowing the quick and easy creation of diagrams within your documentation.

Optional Markdown Editor
If you prefer to write in Markdown then BookStack supports you. A markdown editor is provided and includes a live-preview as you write your documentation.

Integrated Authentication
As well as the default email/password login social providers such as GitHub, Google, Slack, AzureAD and more can be used. Okta, SAML2 and LDAP options are available for enterprise environments.

Free Online Mind Mapping
Create, Share, Collaborate, View your mind maps !

Try now !

Why WiseMapping ?
WiseMapping is perfect for individual note-taking, collaborative planning, teamwork and class rooms.

CHATONS – kittens in french – is the Collective of Hosters Alternative, Transparent, Open, Neutral and Solidarity. This collective aims to bring together structures offering free, ethical and decentralised online services in order to allow users to quickly find alternatives that respect their data and privacy to the services offered by GAFAM (Google, Apple, Facebook, Amazon, Microsoft). CHATONS is a collective initiated by the association Framasoft in 2016 following the success of its campaign De-google-ify Internet.

An alternative to Big Tech's video platforms
PeerTube is a tool for sharing online videos developed by Framasoft, a french non-profit.

What is PeerTube?
PeerTube allows you to create your own video platform, in complete independence.

Dans le but de promouvoir la décentralisation des données personnelles et l’usage de logiciels open source, je propose un hébergement de divers services utiles. Ces services sont basés sur du code libre et déployés sur des systèmes libres également.

Je suis un particulier, et dans la mesure de mes capacités, j’essaye toujours de fournir des services à ma famille et à mes amis proches en remplacement de services non libres fournis par les géants du web. J’ai décidé de faire le nécessaire pour étendre ces services à un public plus large, avec pour but de conserver une qualité suffisante.

Time is VLC Extension that displays running time on the screen in a playing video.
(Extension script "time_ext.lua" + Interface script "time_intf.lua")
Features:

• supported tags: [E], [Efps], [D], [R], [T], [O], [P], [n], [_];
• 9 possible positions on the screen;
• elapsed time with milliseconds;
• playback speed rate taken into account for duration time;

PhpGedView is a revolutionary genealogy program which allows you to view and edit your genealogy on your website. It has full privacy functions, can import from GEDCOM files, and supports multimedia. It also simplifies family collaboration.

shayre utilizes your own storage, not cloud storage. You know where your files are and where you want them to be. shayre gets them where they need to go as soon as possible without any clicks. If you still want the cloud, shayre works with it too. ///

possible commercialized Syncthing fork?

Creating your own BitWarden Service

VueScan is packed full of useful features. They have outdone themselves when it comes to possibilities on what you can do by using all of these options.

But, on the flip side, the interface is cluttered with too many options that can make it confusing.

We love that VueScan is great for premade color profiles. You’ll find a range of particular film profiles, such as Portra 400. This feature provides you with a filter that helps give your shots a realistic rendering for that film type.

There are limitations for editing options, and it’s likely that you will end up polishing images later in Photoshop or Lightroom.

Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised. Turns out the full story is worse: //

To date, we have determined that once the cloud storage access key and dual storage container decryption keys were obtained, the threat actor copied information from backup that contained basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

That’s bad. It’s not an epic disaster, though.

These encrypted fields remain secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password using our Zero Knowledge architecture. As a reminder, the master password is never known to LastPass and is not stored or maintained by LastPass. //

John Thurston • December 26, 2022 1:31 PM

“I think the question of why everything in the credentials store was not encrypted is interesting. What possible advantage is there of not just encrypting the whole thing under your master password.”

Because this is how Lastpass is able to offer to supply uid:pwd values when you have not unlocked your vault. If this information was kept encrypted, then the browser extensions would not know when to prompt you to unlock to supply the creds.

I’ve never liked this ‘feature’, but there’s nothing I can do about it. //

Wladimir Paöant • December 27, 2022 6:56 AM

I would have been less problematic had LastPass not messed up. They:

1. Failed to upgrade many accounts from 5,000 to 100,100 iterations.
2. Didn’t keep up with cracking hardware improvements (100k iterations are really on the lower end today).
3. Didn’t bother existing their new password complexity rules for existing accounts.
4. Didn’t bother encrypting URLs despite being warned about it continuously, allowing attackers to determine which accounts are worth the effort to decrypt.

Their statement is misleading, they downplay the issues. I’ve summed it up on my blog here: https://palant.info/2022/12/26/whats-in-a-pr-statement-lastpass-breach-explained/ //

FakeFlashTest is for testing the actual memory size of USB Flash Drives and SD cards.

This is a pretty slick and simple tool for verifying that you have the memory size you paid for. But that is not all; it can help prevent corruption; for example, a 32 GB SD card may only have 4 GB of memory, and once you fill that 4 GB space, it can potentially become corrupted, resulting in a loss of all the data stored.

FakeFlashTest includes two tests, and due to the nature of these tests, we strongly recommend backing up all data stored in the test subjects. The first is the Quick Size Test; it will check your drive and report the actual capacity and warn if the drive is fake - this test is destructive and the author states that you WILL lose files. The second is Test Empty Space; this one writes test files to the remaining free space on your drive - this test is not destructive, but if you do have a fake, then you could lose your data.

FakeFlashTest is designed to perform a quick check to verify if a flash memory device is fake (i.e., they have been programmed to lie about their size); it does not check all memory faults.

Mastodon, which proudly proclaims it is “not for sale” and has around 4.5 million user accounts, is pretty similar to Twitter, once users get past the complicated sign-up process. The main difference is that it’s not one cohesive platform, but actually a collection of different, independently-run and self-funded servers. Users on different servers can still communicate with each other, but anybody can set up their own server, and set their own rules for discussion. Mastodon is a crowdfunded nonprofit, which funds the full-time work of Rochko—its sole employee—and several popular servers.

The platform doesn’t have the power to force server owners to do anything—even comply with basic content moderation standards. That sounds like a recipe for an online haven for far-right trolls. But in practice, many of Mastodon’s servers have stricter rules than Twitter, Rochko says. When hate-speech servers do appear, other servers can band together to block them, essentially ostracizing them from the majority of the platform. “I guess you could call it the democratic process,” Rochko says.

Manage your Google Drive, OneDrive, and Dropbox files straight from your Desktop.
With Insync, you can now sync, edit, backup and share files without opening a million browser tabs.
Download for Windows
Version for Windows, Mac & Linux with 15 day free trial

Manage all your software, all in one place
Backstage makes it easy for one team to manage 10 services — and makes it possible for your company to manage thousands of them

A uniform overview
Every team can see all the services they own and related resources (deployments, data pipelines, pull request status, etc.)

Metadata on tap
All that information can be shared with plugins inside Backstage to enable other management features, like resource monitoring and testing

Zulip combines the immediacy of real-time chat with an email threading model.

With Zulip, you can catch up on important conversations while ignoring irrelevant ones.

Apps for every platform.

Zulip has modern apps for every major platform, powered by Electron and React Native.

Open source.

Zulip is 100% open source software, built by a vibrant community of over 1000 developers from all around the world. With 160,000 words of developer documentation, a high quality code base, and a welcoming community, it’s easy to extend or tweak Zulip.

Our self-hosted server infrastructure consists of different microservices responsible for varying functionality. The self-hosted server works as the backend that processes and stores your data; it does not include the web application.

The web application is an optional process that you must spin up separately. However, you can use the existing web app or the official Standard Notes desktop app with your self-hosted server.

Bryan Sparks, President of DRDOS, clarified the license of CP/M:

Let this paragraph represent a right to use, distribute, modify, enhance, and otherwise make available in a nonexclusive manner CP/M and its derivatives. This right comes from the company, DRDOS, Inc.'s purchase of Digital Research, the company and all assets, dating back to the mid-1990’s. DRDOS, Inc. and I, Bryan Sparks, President of DRDOS, Inc. as its representative, is the owner of CP/M and the successor in interest of Digital Research assets.
Of course, it was "opened" a long time before, but with an unclear clause, mentioning "Unofficial CP/M Web Site" as a licensed place.

The discussion is not over yet, but we believe this statement is equivalent to the well-known BSD or MIT licenses.