All the News that Matters

• Debian: DSA-5293-1: chromium security update
  Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

• Debian LTS: DLA-3218-1: libpgjava security update
  pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setText(int, InputStream)` or PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This

• Debian LTS: DLA-3217-1: g810-led security update
  g810-led, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.

• Debian LTS: DLA-3216-1: vlc security update
  Mitsurugi Heishiro found out that in VLC, multimedia player and streamer, a potential buffer overflow in the vnc module could trigger remote code execution if a malicious vnc URL is deliberately played.

• Fedora 37: librime 2022-18023b665f
  Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.

• Fedora 37: rr 2022-18023b665f
  Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.

• Lightweight Distro 4MLinux 41 Arrives with Linux Kernel 6.0, Btrfs Support, and New Apps
  4MLinux developer Zbigniew Konojacki announced today the release and general availability for download of 4MLinux 41.0 as the latest stable version of this lightweight and independent GNU/Linux distribution featuring the JWM (Joe’s Window Manager) graphical environment.

• Feel like a Linux wizard with the Thunar file manager
  Computers are fancy filing cabinets, full of virtual folders and files waiting to be referenced, cross-referenced, edited, updated, saved, copied, moved, renamed, and organized. In this article, I'll take a look at a file manager for your Linux system.

• Tracing stateless video hardware decoding in V4L2
  Although there are many excellent tracing tools, the new v4l2-tracer utility traces V4L2 stateless decoding more comprehensively, adding the ability to replay (i.e. "retrace") the traced activity, portably, between different userspace environments.

• Google says Android runs better when covered in Rust
  Banishing memory safety bugs cuts critical vulnerabilitiesGoogle has been integrating code written in the Rust programming language into its Android operating system since 2019 and its efforts have paid off in the form of fewer vulnerabilities.…

• GIMP Stable Released for the First Time for Apple Silicon Devices
  Apple users using M1 and M2-based devices can now take advantage of the first stable version of the GIMP image editor for these architectures.

• 8 ideas for measuring your open source software usage
  Those of us who support open source project communities are often asked about usage metrics — a lot. The good news is that there are approximations and alternative metrics that can satisfy your thirst for knowledge about the software's usage, at least partially. This article explores these alternatives including their benefits and shortcomings.

• System76’s Rust-Based COSMIC Desktop Promises HDR Support, Smooth NVIDIA Experience
  System76’s upcoming Rust-based COSMIC desktop environment promises HDR support, a smooth NVIDIA experience, and many other novelties.

• Best Free and Open Source Alternatives to Google Sites
  Google Sites is a structured wiki and web page creation tool. Build internal project hubs, team sites, public-facing websites, and more—all without designer, programmer, or IT help.

• How to Install Apache Hadoop on Ubuntu 22.04
  Apache Hadoop is an open-source framework for processing and storing big data. In this tutorial, we will install the latest version of Apache Hadoop on an Ubuntu 22.04 server. Hadoop gets installed on a single node server and we create a Pseudo-Distributed Mode of Hadoop deployment.

• ARMedONE Cluster board supports up to 28x Popular Computer Modules
  The ARMedOne is a carrier board in E-ATX form-factor that can handle popular SO-DIMM computer modules like the Raspberry Pi CM3/CM4, Jetson Nano/Xavier/TX2 NX, NXP iMX8, etc. The product is expected to be released around mid-December 2022 on Kickstarter. The ARMedOne is a PC/Server mainboard capable of housing up to 28 computer modules from Raspberry […]

• Try this Java file manager on Linux
  Computers are fancy filing cabinets, full of virtual folders and files waiting to be referenced, cross-referenced, edited, updated, saved, copied, moved, renamed, and organized. In this article, we're taking a look at a file manager for your Linux system.

• How to Install Flask with Nginx and Gunicorn on Rocky Linux
  Flask is a microframework written in Python for developing modern web applications and API (Application Programming Interface). In this tutorial, we will show how to install and configure the Flask Python Web Framework with Gunicorn and Nginx on the Rocky Linux server. You will also learn how to set up Supervisord as a process manager for managing the Python Flask application.

• Latest Steam Client Update Improves New Big Picture Mode, Fixes Borderlands 2 Crash
  Valve released today a new stable Steam Client update that further improves the new Big Picture mode and fixes various bugs, crashes, and issues for a better and more enjoyable Steam for Linux experience.

• Working with Btrfs Subvolumes
  This article is part of a series of articles that takes a closer look at Btrfs, the default filesystem for Fedora Workstation and Fedora Silverblue since Fedora Linux 33.

• AXE300 is a Quad-Band 16-Stream Wi-Fi6 Router with 2x 10G ports
  The Archer AXE300 from TP-LINK is a Quad-band Wi-Fi6/6E router supporting up to 15.6Gbps, OFDMA and MU-MIMO technology to provide fast connectivity to several devices at the same time. The device is also equipped with 4x GbE LAN ports, 1x 2.5Gbps WAN/LAN port and 2x 10Gbps WAN/LAN ports. The product page specifies that the Archer […]

• Learn JavaScript in 2023
  With JavaScript’s 27th anniversary approaching in just a few days, we at Opensource.com are reflecting on how it has evolved into one of the most commonly-used programming language in the world. Why is it so popular? JavaScript is a universal language beloved by developers of all levels from beginners to advanced users. It can run anywhere from your phone to your server. And of course, there are the frameworks.

• Mesa 22.3 Brings Initial GFX11/RDNA3 Support on RADV, Shader Disk Cache on Panfrost
  The Mesa 3D graphics library has been updated today to version 22.3, a major update to this powerful and open-source graphics stack that brings numerous new features and improvements for better 3D graphics and gaming.

• How to Install and Use Nessus Security Scanner on Rocky Linux
  Nessus is an open-source network vulnerability scanner for vulnerability assessments, penetration testing, and ethical hacking. It uses the Common Vulnerabilities and Exposures (CVE) architecture and is one of the most comprehensive vulnerability scanners on the market. This guide describes how to install Nessus Security Scanner on the Rocky Linux server. Also, this will helps you to set up the Nessus CLI that allows you to manage Nessus via the terminal command line. And lastly, this also describes how to scan the server with Nessus.

• How to Install ReactJS with Nginx on Ubuntu 22.04
  React.js is a free and open-source JavaScript framework developed by Facebook in 2011. It is used for building reusable UI components and helps users to create rich and engaging web apps fast and efficiently with minimal coding. In this tutorial, we will show you how to install React.js on Ubuntu 22.04.

• NixOS 22.11 “Raccoon” Released with Security in Mind
  One of the most software-rich Linux distributions, NixOS, has released v22.11 with a strong focus on security and updated software versions.

• Graduate Students Analyze, Crack, and Remove Under-Desk Surveillance Devices
  "Graduate students at Northeastern University were able to organize and beat back an attempt at introducing invasive surveillance devices that were quietly placed under desks at their school," reports Motherboard:Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school's Interdisciplinary Science & Engineering Complex (ISEC), a facility used by graduate students and home to the "Cybersecurity and Privacy Institute" which studies surveillance. These sensors were installed at night — without student knowledge or consent — and when pressed for an explanation, students were told this was part of a study on "desk usage," according to a blog post by Max von Hippel, a Privacy Institute PhD candidate who wrote about the situation for the Tech Workers Coalition's newsletter.... Students began to raise concerns about the sensors, and an email was sent out by Luzzi attempting to address issues raised by students.... Luzzi wrote, the university had deployed "a Spaceti occupancy monitoring system" that would use heat sensors at groin level to "aggregate data by subzones to generate when a desk is occupied or not." Luzzi added that the data would be anonymized, aggregated to look at "themes" and not individual time at assigned desks, not be used in evaluations, and not shared with any supervisors of the students. Following that email, an impromptu listening session was held in the ISEC. At this first listening session, Luzzi asked that grad student attendees "trust the university since you trust them to give you a degree...." After that, the students at the Privacy Institute, which specialize in studying surveillance and reversing its harm, started removing the sensors, hacking into them, and working on an open source guide so other students could do the same. Luzzi had claimed the devices were secure and the data encrypted, but Privacy Institute students learned they were relatively insecure and unencrypted.... After hacking the devices, students wrote an open letter to Luzzi and university president Joseph E. Aoun asking for the sensors to be removed because they were intimidating, part of a poorly conceived study, and deployed without IRB approval even though human subjects were at the center of the so-called study. von Hippel notes that many members of the computer science department were also in a union, and thus networked together for a quick mass response. Motherboard writes that the controversy ultimately culminated with another listening session in which Luzzi "struggles to quell concerns that the study is invasive, poorly planned, costly, and likely unethical.""Afterwards, von Hippel took to Twitter and shares what becomes a semi-viral thread documenting the entire timeline of events from the secret installation of the sensors to the listening session occurring that day. Hours later, the sensors are removed..."
  
  
  Read more of this story at Slashdot.
  

• What is ChatGPT, the AI Chatbot That's Taking The Internet By Storm
  A reader submits a report: Artificial Intelligence (AI) research company OpenAI on Wednesday announced ChatGPT, a prototype dialogue-based AI chatbot capable of understanding natural language and responding in natural language. It has since taken the internet by storm, with people marvelling at how intelligent the AI-powered bot sounds. Some even called it a replacement for Google, since it's capable of giving solutions to complex problems directly," almost like a personal know-all teacher. "We've trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer follow-up questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests," OpenAI wrote on its announcement page for ChatGPT.ChatGPT is based on GPT-3.5, a language model that uses deep learning to produce human-like text. However, while the older GPT-3 model only took text prompts and tried to continue on that with its own generated text, ChatGPT is more engaging. It's much better at generating detailed text and can even come up with poems. Another unique characteristic is memory. The bot can remember earlier comments in a conversation and recount them to the user.ChatGPT wrote a poem about Slashdot. Try ChatGPT for yourself here.
  
  
  Read more of this story at Slashdot.
  

• Trailers Released for 2023 First-Person Shooter 'Starship Troopers: Extermination'
  You can read the news in Military Times magazine. "Coming just after the 25th anniversary of the release of the cult classic Starship Troopers (November 1997), Offworld Industries and Sony Pictures Consumer Projects are bringing the fight against the Arachnids to a computer near you." An official announcement and gameplay teaser were released for the upcoming game this week. "Starship Troopers: Extermination is a co-op FPS that puts you on the far-off front lines of an all-out battle against the Bugs!" explains its page on Steam. "Squad up, grab your rifle, and do your part as an elite Deep Space Vanguard Trooper set to take back planets claimed by the Arachnid threat!" The page says an "Early Access" launch is planned for 2023:In Starship Troopers: Extermination, our vision is to show a galactic war between the Federation and the Arachnid Empire. After our initial launch and throughout the course of Early Access development, players will get to engage with exciting new updates that expand upon the in-game universe, and provide feedback through the Steam Community Hub that our developers can take into consideration.... [W]e will be sharing an exciting and robust roadmap with content already planned for 2023. Throughout Early Access we will provide players with more weapons, an updated class leveling system as well as progression achievements and unlockable skins for both weapons and armor. Additionally we will be adding vehicles special call in attacks including massive Orbital Strikes to help during missions. On the enemy side we will be adding more bugs, flying enemies, and boss battles that require complex player coordination to accomplish. As we progress in development, our goal is to then begin ongoing planetary battles where the player can explore new items and enemies introduced in previous updates as an epic war breaks out. This transition adds a new world as we head to the completion of Early Access. The intent throughout Early Access is to convey that this part of our development cycle is the beginning of the war and the battle will only increase in complexity and ferocity as we move to full release. Starship Troopers: Extermination is expected to be in Early Access for approximately 1 year. The full version of Starship Troopers: Extermination will span multiple worlds to liberate them from the Arachnid Threat. This will include additional weapons, enemies types, class progression upgrades, community events, and encounters. The player will have a more diverse roster of customization options allowing them to tailor their Troopers to fit their playstyle and experience." Starship Troopers: Extermination will launch with a massive map on Planet Valaka. Up to twelve players can team up to complete side and main missions before escaping to the extraction zone. We'll have more to share closer to the Early Access launch in 2023! We plan to work closely with the community on Steam's Community Hub and in the official Starship Troopers: Extermination Discord as we add features, tune gameplay, and develop new content. "Starship Troopers is in a league of its own when it comes to 90s science fiction films," writes Boing Boing's Devin Nealy. "Despite serving as an adaptation of the Robert A. Heinlein book, Starship Troopers forges a unique identity through its striking visuals and deft use of satire." Noting the two "pretty weak" straight-to-video sequels (and two more CGI-animated films), Nealy argues that "Until the franchise finds a creative team that can properly capture the essence of the first film, a video game might be the best option for the series."
  
  
  Read more of this story at Slashdot.
  

• Physicists Use Google's Quantum Computer to Create Holographic Wormhole Between Black Holes
  "In an experiment that ticks most of the mystery boxes in modern physics, a group of researchers announced Wednesday that they had simulated a pair of black holes in a quantum computer," reports the New York Times [alternate URL here. But in addition, the researchers also sent a message between their two black holes, the Times reports, "through a shortcut in space-time called a wormhole. "Physicists described the achievement as another small step in the effort to understand the relation between gravity, which shapes the universe, and quantum mechanics, which governs the subatomic realm of particles.... Quanta magazine reports:The wormhole emerged like a hologram out of quantum bits of information, or "qubits," stored in tiny superconducting circuits. By manipulating the qubits, the physicists then sent information through the wormhole, they reported Wednesday in the journal Nature. The team, led by Maria Spiropulu of the California Institute of Technology, implemented the novel "wormhole teleportation protocol" using Google's quantum computer, a device called Sycamore housed at Google Quantum AI in Santa Barbara, California. With this first-of-its-kind "quantum gravity experiment on a chip," as Spiropulu described it, she and her team beat a competing group of physicists who aim to do wormhole teleportation with IBM and Quantinuum's quantum computers. When Spiropulu saw the key signature indicating that qubits were passing through the wormhole, she said, "I was shaken." The experiment can be seen as evidence for the holographic principle, a sweeping hypothesis about how the two pillars of fundamental physics, quantum mechanics and general relativity, fit together.... The holographic principle, ascendant since the 1990s, posits a mathematical equivalence or "duality" between the two frameworks. It says the bendy space-time continuum described by general relativity is really a quantum system of particles in disguise. Space-time and gravity emerge from quantum effects much as a 3D hologram projects out of a 2D pattern. Indeed, the new experiment confirms that quantum effects, of the type that we can control in a quantum computer, can give rise to a phenomenon that we expect to see in relativity — a wormhole.... To be clear, unlike an ordinary hologram, the wormhole isn't something we can see. While it can be considered "a filament of real space-time," according to co-author Daniel Jafferis of Harvard University, lead developer of the wormhole teleportation protocol, it's not part of the same reality that we and the Sycamore computer inhabit. The holographic principle says that the two realities — the one with the wormhole and the one with the qubits — are alternate versions of the same physics, but how to conceptualize this kind of duality remains mysterious. Opinions will differ about the fundamental implications of the result. Crucially, the holographic wormhole in the experiment consists of a different kind of space-time than the space-time of our own universe. It's debatable whether the experiment furthers the hypothesis that the space-time we inhabit is also holographic, patterned by quantum bits. "I think it is true that gravity in our universe is emergent from some quantum [bits] in the same way that this little baby one-dimensional wormhole is emergent" from the Sycamore chip, Jafferis said. "Of course we don't know that for sure. We're trying to understand it." Here's how principal investigator Spiropulu summarizes their experiment. "We found a quantum system that exhibits key properties of a gravitational wormhole yet is sufficiently small to implement on today's quantum hardware."
  
  
  Read more of this story at Slashdot.
  

• 20 Videogame QA Testers in Albany Win Union Vote at Activision Blizzard
  "A group of about 20 quality assurance testers at Activision Blizzard's Albany location won their bid for a union Friday afternoon," reports the Washington Post:The workers join the Game Workers Alliance, a union at the gaming company that already includes testers from Wisconsin-based Raven Software. Amanda Laven, a Blizzard Albany quality assurance tester, said that the union vote comes just about a year after the testers first began collecting signatures for a union. "We knew we were gonna win, but it's still extremely exciting and gratifying, especially because tomorrow marks the first anniversary of when we started organizing," Laven said. The testers are the lowest paid workers at Blizzard Albany, formerly called Vicarious Visions, a studio known for its work on the Guitar Hero and Crash Bandicoot franchises. The Game Workers Alliance is the first union at a major video game company in the U.S., and Friday's news marks the union's second significant win in an industry that has historically not organized.... The Blizzard Albany testers took their cues from seeing testers at Call of Duty-maker Raven petition the company and gather signatures. On May 28, Raven testers won their bid to unionize. They're currently undergoing bargaining efforts for a contract.
  
  
  Read more of this story at Slashdot.
  

• Becoming America's #2 Seller of Electric Vehicles, Ford Passes Kia in November
  CNBC reports:Ford Motor said Friday that it has achieved CEO Jim Farley's goal of becoming the second best-selling automaker of electric vehicles in the U.S. The Detroit automaker, citing third-party industry data, narrowly topped Hyundai/Kia to hit the goal.... Ford said its share of the electric vehicle segment was 7.4% through November, up from 5.7% a year earlier. Ford reported sales of 53,752 all-electric vehicles in the U.S. through November. Tesla, which does not break out domestic results, reported global deliveries of more than 908,000 EVs through the third quarter. Hyundai's sales do not include the Nexo hydrogen fuel cell vehicle. The company says with that vehicle, it slightly outsold Ford in battery- and fuel cell-powered vehicles of 54,043 units through November. The sales come after the South Korean automaker lost incentives that gave buyers of its EVs tax credits of up to $7,500 under the Biden administration's Inflation Reduction Act, which took effect in August. Vehicles such as Ford's EVs that are produced in North America still qualify for the credit. The article notes that General Motors — America's second-largest automaker — also "plans to significantly step up EV production in the coming years." Although so far, through the third quarter of this year, "it reported sales of less than 23,000 EVs."
  
  
  Read more of this story at Slashdot.
  

• What Happened After Matt Taibbi Revealed Twitter's Deliberations on Hunter Biden Tweets?
  "Twitter CEO Elon Musk turned to journalist Matt Taibbi on Friday to reveal the decision-making behind the platform's suppression of a 2020 article from the New York Post regarding Hunter Biden's laptop," reports Newsweek. "Taibbi later deleted a tweet showing [former Twitter CEO] Jack Dorsey's email address," adds the Verge, covering reactions to Taibbi's thread — and the controversial events that the tweets described:At the time, it was not clear if the materials were genuine, and Twitter decided to ban links to or images of the Post's story, citing its policy on the distribution of hacked materials. The move was controversial even then, primarily among Republicans but also with speech advocates worried about Twitter's decision to block a news outlet. While Musk might be hoping we see documents showing Twitter's (largely former) staffers nefariously deciding to act in a way that helped now-President Joe Biden, the communications mostly show a team debating how to finalize and communicate a difficult moderation decision. Taibbi himself tweeted that "Although several sources recalled hearing about a 'general' warning from federal law enforcement that summer about possible foreign hacks, there's no evidence - that I've seen - of any government involvement in the laptop story." More from the Verge:Meanwhile, Taibbi's handling of the emails — which seem to have been handed to him at Musk's direction, though he only refers to "sources at Twitter" — appears to have exposed personal email addresses for two high-profile leaders: Dorsey and Representative Ro Khanna. An email address that belongs to someone Taibbi identifies as Dorsey is included in one message, in which Dorsey forwards an article Taibbi wrote criticizing Twitter's handling of the Post story. Meanwhile, Khanna confirmed to The Verge that his personal Gmail address is included in another email, in which Khanna reaches out to criticize Twitter's decision to restrict the Post's story as well. "As the congressman who represents Silicon Valley, I felt Twitter's actions were a violation of First Amendment principles so I raised those concerns," Khanna said in a statement to The Verge. "Our democracy can only thrive if we are open to a marketplace of ideas and engaging with people with whom we disagree." The story also revealed the names of multiple Twitter employees who were in communications about the moderation decision. While it's not out of line for journalists to report on the involvement of public-facing individuals or major decision makers, that doesn't describe all of the people named in the leaked communications.... "I don't get why naming names is necessary. Seems dangerous," Twitter co-founder Biz Stone wrote Friday in apparent reference to the leaks.... The Verge reached out to Taibbi for comment but didn't immediately hear back. Twitter, which had its communications team dismantled during layoffs last month, also did not respond to a request for comment. Wired adds:What did the world learn about Twitter's handling of the incident from the so-called Twitter Files? Not much. After all, Twitter reversed its decision two days later, and then-CEO Jack Dorsey said the moderation decision was "wrong." In other news, "Twitter will start showing view count for all tweets," Elon Musk announced Friday, "just as view count is shown for all videos." And he shared other insights into his plans for Twitter's future. "Freedom of speech doesn't mean freedom of reach. Negativity should & will get less reach than positivity."
  
  
  Read more of this story at Slashdot.
  

• Computer Program For Particle Physics At Risk of Obsolescence
  "Maintenance of the software that's used for the hardest physics calculations rests almost entirely with a retiree," reports Quanta magazine, saying the situation "reveals the problematic incentive structure of academia."Particle physicists use some of the longest equations in all of science. To look for signs of new elementary particles in collisions at the Large Hadron Collider, for example, they draw thousands of pictures called Feynman diagrams that depict possible collision outcomes, each one encoding a complicated formula that can be millions of terms long. Summing formulas like these with pen and paper is impossible; even adding them with computers is a challenge. The algebra rules we learn in school are fast enough for homework, but for particle physics they are woefully inefficient. Programs called computer algebra systems strive to handle these tasks. And if you want to solve the biggest equations in the world, for 33 years one program has stood out: FORM. Developed by the Dutch particle physicist Jos Vermaseren, FORM is a key part of the infrastructure of particle physics, necessary for the hardest calculations. However, as with surprisingly many essential pieces of digital infrastructure, FORM's maintenance rests largely on one person: Vermaseren himself. And at 73, Vermaseren has begun to step back from FORM development. Due to the incentive structure of academia, which prizes published papers, not software tools, no successor has emerged. If the situation does not change, particle physics may be forced to slow down dramatically... Without ongoing development, FORM will get less and less usable — only able to interact with older computer code, and not aligned with how today's students learn to program. Experienced users will stick with it, but younger researchers will adopt alternative computer algebra programs like Mathematica that are more user-friendly but orders of magnitude slower. In practice, many of these physicists will decide that certain problems are off-limits — too difficult to handle. So particle physics will stall, with only a few people able to work on the hardest calculations. In April, Vermaseren is holding a summit of FORM users to plan for the future. They will discuss how to keep FORM alive: how to maintain and extend it, and how to show a new generation of students just how much it can do. With luck, hard work and funding, they may preserve one of the most powerful tools in physics. Thanks to long-time Slashdot reader g01d4 for submitting the story.
  
  
  Read more of this story at Slashdot.
  

• America's TSA Begins Quietly Testing Facial Recognition Tech at 16 Airports
  America's Transportation Security Administration "has been quietly testing controversial facial recognition technology for passenger screening at 16 major domestic airports — from Washington to Los Angeles," reports the Washington Post. Their article adds that the agency "hopes to expand it across the United States as soon as next year."Kiosks with cameras are doing a job that used to be completed by humans: checking the photos on travelers' IDs to make sure they're not impostors.... You step up to the travel document checker kiosk and stick your ID into a machine. Then you look into a camera for up to five seconds and the machine compares your live photo to the one it sees on your ID. They call this a "one to one" verification system, comparing one face to one ID. Even though the software is judging if you're an impostor, there's still a human agent there to make the final call (at least for now). So how accurate is it? The TSA says it's been better at verifying IDs than the manual process. "This technology is definitely a security enhancement," said [TSA program manager Jason] Lim. "We are so far very satisfied with the performance of the machine's ability to conduct facial recognition accurately...." But the TSA hasn't actually released hard data about how often its system falsely identifies people, through incorrect positive or negative matches. Some of that might come to light next year when the TSA has to make its case to the Department of Homeland Security to convert airports all over the United States into facial recognition systems.... The TSA says it doesn't use facial recognition for law-enforcement purposes. It also says it minimizes holding on to our face data, so it isn't using the scans to build out a new national database of face IDs. "The scanning and match is made and immediately overwritten at the Travel Document Checker podium. We keep neither the live photo nor the photo of the ID," said Lim. But the TSA did acknowledge there are cases in which it holds on to the data for up to 24 months so its science and technology office can evaluate the system's effectiveness.... "None of this facial recognition technology is mandated," said Lim. "Those who do not feel comfortable will still have to present their ID — but they can tell the officer that they do not want their photo taken, and the officer will turn off the live camera." There are also supposed to be signs around informing you of your rights. Here's the TSA's web page about the program. Thanks to long-time Slashdot reader SonicSpike for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• FTX Subsidiary Plans Restarting Withdrawals in Japan, as US Requests Review of Fraud Allegations
  "FTX Japan is looking to restart withdrawals," reports CoinDesk, "after a plan to return deposits was approved by its parent, the failed FTX exchange." "If the plan works out, the collapsed crypto exchange's users in Japan might be some of the first customers to get their money back...."In a notice posted on its website, FTX Japan said it was able to confirm with the company's bankruptcy lawyers in the U.S. that Japanese customers' funds "should not be part of FTX Japan's estate given how these assets are held and property interests under Japanese law." FTX Japan had been working on the plan to restart withdrawals for the last two weeks, and says it was approved by the FTX Trading management team.... "As part of the plan, we are incorporating controls, security audit, reconciliations and reviews to put in place a robust and secure process," the notice said. Meanwhile, America's Department of Justice "has requested that an independent examiner be appointed to review 'substantial and serious allegations of fraud, dishonesty' and 'incompetence'," reports CNBC: FTX's bankruptcy case demands an independent review, the Department of Justice said, because of allegations of fraud and dishonesty which could damage the entire crypto industry. Andrew Vara, the U.S. bankruptcy trustee for FTX's case, said Sam Bankman-Fried and his team mismanaged the company or potentially engaged in fraudulent conduct. The DOJ is seeking an independent examiner to investigate what happened... Former federal prosecutor Renato Mariotti told CNBC that the move "shows a level of interest and attention that they're paying to this that should be troubling to Mr. Bankman-Fried."
  
  
  Read more of this story at Slashdot.
  

• 2022's 'Earthshot Prizes' Recognize Five Innovative Responses to Climate Change
  "Childhood friends in Oman who figured out how to turn carbon dioxide into rock are among five winners chosen for the Prince of Wales's prestigious Earthshot Prize," reports the BBC:The annual awards were created by Prince William to fund projects that aim to save the planet. Each winner will receive £1m ($1.2m) to develop their innovation.... "I believe that the Earthshot solutions you have seen this evening prove we can overcome our planet's greatest challenges," Prince William said during the ceremony. "By supporting and scaling them we can change our future," he said. 1,500 projects were nominated, according to the event's web site. Here's the five winners: A Kenya-based company producing stoves powered by processed biomass (made from charcoal, wood and sugarcane) that "burns cleaner, creating 90% less pollution than an open fire," while cutting fuel costs in half.The Indian startup behind Greenhouse-in-a-box. "Plants in the greenhouse require 98% less water than those outdoors and yields are seven-times higher," explains the site, while the greenhouses themselves are 90% cheaper than a standard greenhouse, "more than doubling farmers' incomes [while] using less water and fewer pesticides."A Queensland-based program to expand the network of rangers using drones to monitor reefs and wildfires while sharing information and innovative ideas.London-based start-up Notpla, which created a plastic alternative made from seaweed and plants that's entirely biodegradable. (The seaweed used in its production also captures carbon twenty-times faster than trees.)The company 44.01 removes CO2 permanently by mineralising it in peridotite, accelerating the natural process by pumping carbonated water into peridotite underground. (Unlike carbon storage, "mineralizing" CO2 removes it forever, making the process safer, cost-effective, and scalable.)Five prizes will be awarded each year until 2030.
  
  
  Read more of this story at Slashdot.
  

• Chinese Police are Using Cellphone Data to Track Down Protesters
  CNN reports on the aftermath of last weekend's protests against the Chinese government:A protester told CNN they received a phone call Wednesday from a police officer, who revealed they were tracked because their cellphone signal was recorded in the vicinity of the protest site.... When they denied being there, the caller asked: "Then why did your cellphone number show up there?" In China, all mobile phone users are required by law to register their real name and national identification number with telecom providers. The protester was also told to report to a police station for questioning and to sign a written record.... In Shanghai, where some of the boldest protests took place with crowds calling for Xi's removal on two consecutive nights, police searched residents' cellphones in the streets and in the subway for VPNs that can be used to circumvent China's internet firewall, or apps such as Twitter and Telegram, which though banned in the country have been used by protesters. Police also confiscated the cellphones of protesters under arrest, according to two protesters who spoke to CNN. A protester who was arrested over the weekend said they were told to hand over their phone and password to the police as "evidence." They said they feared police would export the data on their phone after it was confiscated by officers, who told them they could pick it up a week later. Another protester said police returned their phone upon their release, but officers had deleted the photo album and removed the WeChat social media app. One protester told CNN they successfully avoided being contacted by the police as of Thursady afternoon. During the demonstration, they'd kept their phone in airplane mode.
  
  
  Read more of this story at Slashdot.
  

• New CryWiper Data Wiper Targets Russian Courts, Mayor's Offices
  An anonymous reader quotes a report from BleepingComputer: A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts. CryWiper was first discovered by Kaspersky this fall, where they say the malware was used in an attack against a Russian organization. [...] CryWiper is a 64-bit Windows executable named 'browserupdate.exe' written in C++, configured to abuse many WinAPI function calls. Upon execution, it creates scheduled tasks to run every five minutes on the compromised machine. Next, it contacts a command and control server (C2) with the name of the victim's machine. The C2 responds with either a "run" or "do not run" command, determining whether the wiper will activate or stay dormant. Kaspersky reports seeing execution delays of 4 days (345,600 seconds) in some cases, likely added in the code to help confuse the victim as to what caused the infection. CryWiper will stop critical processes related to MySQL, MS SQL database servers, MS Exchange email servers, and MS Active Directory web services to free locked data for destruction. Next, the malware deletes shadow copies on the compromised machine to prevent the easy restoration of the wiped files. CryWiper also modifies the Windows Registry to prevent RDP connections, likely to hinder intervention and incident response from remote IT specialists. Finally, the wiper will corrupt all enumerated files except for ".exe", ".dll", "lnk", ".sys", ".msi", and its own ".CRY", while also skipping System, Windows, and Boot directories to prevent rendering the computer completely unusable. After this step, CryWiper will generate ransom notes named 'README.txt,' asking for 0.5 Bitcoin (approximately $8,000) in exchange for a decrypter. Unfortunately, this is a false promise, as the corrupted data cannot be restored.
  
  
  Read more of this story at Slashdot.
  

• Apple Now Calling AR/VR Headset Operating System 'xrOS'
  Apple has decided to call the software that will run on its upcoming AR/VR headset "xrOS," an update from the original "RealityOS or "rOS" naming the company was planning on, according to Bloomberg. MacRumors reports: The name change comes as Apple begins to prepare for the launch of the headset, which is expected at some point in 2023. The headset will feature its own operating system, much like the Apple TV and the Apple Watch, and it will have a dedicated App Store. "XR" is meant to stand for extended reality, which pertains to both augmented and virtual reality. Rumors indicate that the headset Apple is working on will be "mixed reality" like the Microsoft HoloLens, supporting both augmented and virtual reality capabilities. Augmented reality augments what the user is seeing in the real world, while virtual reality is an entirely digital experience. Apple internally referred to the headset's operating system as "rOS" during the development process, but Bloomberg suggests that xrOS is a less generic name that will allow the headset to stand out more. In addition to confirming the name change with unnamed Apple sources, Bloomberg also discovered that a shell company named Deep Dive LLC has been registering the xrOS name across several countries, and Apple could potentially be behind these filings. Apple often uses shell companies to try to secretly register for trademarks for upcoming products.
  
  
  Read more of this story at Slashdot.
  

• Astronomers Say a New, Huge Satellite Is As Bright As the Brightest Stars
  An anonymous reader quotes a report from Ars Technica: Last month, a Texas-based company announced that it had successfully deployed the largest-ever commercial communications satellite in low-Earth orbit. This BlueWalker 3 demonstration satellite measures nearly 65 square meters, or about one-third the size of a tennis court. Designed and developed by AST SpaceMobile, the expansive BlueWalker 3 satellite is intended to demonstrate the ability of standard mobile phones to directly connect to the Internet via satellite. Large satellites are necessary to connect to mobile devices without a ground-based antenna. [...] Since BlueWalker3's launch in September, astronomers have been tracking the satellite, and their alarm was heightened following its antenna deployment last month. According to the International Astronomical Union, post-deployment measurements showed that BlueWalker 3 had an apparent visual magnitude of around 1 at its brightest, which is nearly as bright as Antares and Spica, the 15th and 16th brightest stars in the night sky. For a few years, astronomers have been expressing concerns about megaconstellations, such as SpaceX's Starlink satellites. While these are more numerous -- there are more than 3,000 Starlink satellites in orbit -- they are much smaller and far less bright than the kinds of satellites AST plans to launch. Eventually, AST plans to launch a constellation of 168 large satellites to provide "substantial" global coverage, a company spokesperson said. Even one is enough for astronomers, however. "BlueWalker 3 is a big shift in the constellation satellite issue and should give us all reason to pause," said Piero Benvenuti, a director at the International Astronomical Union. The organization of astronomers is also concerned about the potential for radio interference from these "cell phone towers in space." They will transmit strong radio waves at frequencies currently reserved for terrestrial cell phone communications but are not subject to the same radio quiet zone restrictions that ground-based cellular networks are. This could severely impact radio astronomy research -- which was used to discover cosmic microwave background radiation, for example -- as well as work in related fields. Astronomers currently build their radio astronomy observatories in remote areas, far from cell tower interference. They are worried that these large, radio-wave transmitting satellites will interfere in unpopulated areas. "We are eager to use the newest technologies and strategies to mitigate possible impacts to astronomy," AST said in a statement to Ars. "We are actively working with industry experts on the latest innovations, including next-generation anti-reflective materials. We are also engaged with NASA and certain working groups within the astronomy community to participate in advanced industry solutions, including potential operational interventions." AST is "committed to avoiding broadcasts inside or adjacent to the National Radio Quiet Zone in the United States [...] as well as additional radioastronomy locations," adds Ars.
  
  
  Read more of this story at Slashdot.
  

• Troubleshoot node connectivity issues in Ansible Automation Platform controller
  Check connectivity to hosts youre managing with your AAP controller and get a spreadsheet-based summary of any exceptions. Read More at Enable Sysadmin
  
  The post Troubleshoot node connectivity issues in Ansible Automation Platform controller appeared first on Linux.com.
  

• Unified Patents and the Linux Foundation Announce Patcepta, an Open Source Rules Engine for Patent Prosecution
  Read the original post at: Read More 
  
  The post Unified Patents and the Linux Foundation Announce Patcepta, an Open Source Rules Engine for Patent Prosecution appeared first on Linux.com.
  

• Bosch and XPENG Motors join the ELISA Project to Strengthen their Commitment to Safety-Critical Applications
  Read the original post at: Read More 
  
  The post Bosch and XPENG Motors join the ELISA Project to Strengthen their Commitment to Safety-Critical Applications appeared first on Linux.com.
  

• Linux Foundation Newsletter: November 2022
  This month, we've got great news to share across the Linux Foundation. Here’s a roundup of must-read updates, including the release of Sylva, LF Europe’s first project, a new report from LF Research, community updates, Cyber Monday deals from LF Training 8 Certification, and so much more. We've also got a preview of what’s coming up in December!
  Contents
  
  Training 8 Certification: Cyber Monday deals are here!
  
  Telco cloud project Sylva launches under LF Europe at ONE Summit
  Expanding industry evolution at ONE Summit
  LF Member Summit: Coming together as a community
  New LF Research report serves as a guide to releasing internal code
  LFX: Understanding project health
  Diversity, equity, and inclusion
  Mentorship
  LF Project news and updates
  Upcoming events
  Follow us
  
  The post Linux Foundation Newsletter: November 2022 appeared first on Linux.com.
  

• 5 ways to harden your Linux server with Ansible
  Automation allows you to apply compliance and security policies consistently across your servers, verify compliance, and remediate servers. Read More at Enable Sysadmin
  
  The post 5 ways to harden your Linux server with Ansible appeared first on Linux.com.
  

• How to make an automatic dog feeder with Arduino and Linux
  Try this DIY project to learn (or teach your family) to write code that interfaces with real hardware. Read More at Enable Sysadmin
  
  The post How to make an automatic dog feeder with Arduino and Linux appeared first on Linux.com.
  

• How to verify Mastodon users with cryptography
  Use open source GPG key pairs and Keyoxide to prove your identity on Mastodon. Read More at Enable Sysadmin
  
  The post How to verify Mastodon users with cryptography appeared first on Linux.com.
  

• Find anything you need with fzf, the Linux fuzzy finder tool
  Im thankful for the Linux fuzzy finder tool because it superpowers the command line by making it fast to find whatever Im looking for. Read More at Enable Sysadmin
  
  The post Find anything you need with fzf, the Linux fuzzy finder tool appeared first on Linux.com.
  

• Top 15 articles sysadmins are thankful for in 2022
  Enable Sysadmin has published more than 1,200 articles; these are the favorites sysadmins turn to month after month. Read More at Enable Sysadmin
  
  The post Top 15 articles sysadmins are thankful for in 2022 appeared first on Linux.com.
  

• 2 practical ways to use the Python subprocess module
  Learn how to run Bash commands and scripts within your Python scripts using the subprocess module. Read More at Enable Sysadmin
  
  The post 2 practical ways to use the Python subprocess module appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• ‘The Callisto Protocol’ patch attempts to address PC performance issues
  One day after releasing The Callisto Protocol to promised the hotfix would “improve performance,” adding that “a number of additional updates” were on the way.
  We’re aware that some users are experiencing stuttering issues on the PC. We’ve got a patch that will be available in a few hours to improve performance, with a number of additional updates on the way.
  — The Callisto Protocol (@CallistoTheGame) December 2, 2022
  Since its release, PC players have taken to YouTube, Reddit and other online forums to complain about The Callisto Protocol’s performance issues. On Steam, the game currently holds a “Mixed” score after nearly 10,000 player reviews, with the majority of negative posts complaining about the game’s technical shortcomings.
  
  Digital Foundry details the problems in its recent video on the game. According to the outlet, The Callisto Protocol doesn’t precompile its shaders. That’s a big no-no for an Unreal Engine 4 game on PC. Nearly every time The Callisto Protocol introduces new assets or shows something for the first time, players can expect massive stuttering, with the effect worse on PCs with older and less powerful CPUs.
  
  How much the first patch fixes the shader compilation issue is hard to say. Some Twitter users report a “huge” difference, but note the problem isn’t completely fixed. Watching the few YouTube videos that document how the update affects performance, you can still see still plenty of micro stutters. If you want to play The Callisto Protocol on PC, I would say your best bet is to wait before buying the game.
  

• Stunning ‘The Last of Us' trailer puts Joel and Ellie's relationship in the spotlight
  If the wait to watch HBO's adaptation of The Last of Us wasn't long enough already, the network has shared a new trailer for the upcoming series ahead of its January 15th release date. Clocking in at almost two-and-a-half minutes long, the clip offers our best look yet at the Craig Mazin (Chernobyl) production. And for those who may have worried that the series would hew too closely to Naughty Dog's source material, it shows the adaptation's creators weren't afraid to bring something new to the franchise. 
  
  That's on display early on when there's a short scene of Ellie pretending to be a clicker. The exchange that follows is one of the few light-hearted moments in the trailer. Later in the clip, eagle-eyed fans will spot Ashley Johnson, the actor who voiced Ellie in the video games.  
  
  If you're unfamiliar with The Last of Us, the trailer serves as a decent overview of the first game's story. At the center of the narrative are Joel and Ellie, played by Pedro Pascal and Bella Ramsey in the upcoming HBO series. Joel must escort Ellie across a post-apocalyptic version of the US in the hopes that she may be the key to protecting what's left of the world's population from a fungal infection that turns its victims into aggressive, zombie-like creatures known as the Infected.    
  
  From all the marketing material HBO has shared to promote The Last of Us, it's clear the network has high hopes for the series. Footage from the show capped off a sizzle reel HBO uploaded earlier this year to hype its 2023 slate. 
  

• Netflix's latest 'The Witcher: Blood Origin' trailer teases the appearance of a certain bard
  With its latest Witcher franchise spinoff scheduled to arrive on December 25th, Netflix has shared a new trailer for The Witcher: Blood Origin. The approximately two-minute-long clip expands on the teaser the company uploaded last month. After most of Netflix's past promotional material for Blood Origin focused on Michelle Yeoh's character Scian, the latest trailer gives her co-stars, including Sophia Brown and Laurence O’Fuarain, a chance to shine. It probably won't surprise you to find out they're all badasses in their own way.
  
  Set some 1,200 years before the story of Geralt and Ciri, Blood Origin promises to give fans more insight into the creation of the first witcher. You'll want to watch the clip through to the end to catch a glimpse of Jaskier (Joey Batey). It looks like everyone's favorite bard will work alongside Minnie Driver to immortalize the exploits of Scian's band of elves. When Driver announced she was joining The Witcher franchise back in September, she said her character would play a pivotal role "in connecting Blood Origin's past with The Witcher's future."
  
  Blood Origin comes during a period of uncertainty for Netflix'sThe Witcher. The company recently announced that Henry Cavill would not return to play Geralt of Rivia after the show's third season. Liam Hemsworth will carry the series moving forward.
  

• Twitter reinstates account of Daily Stormer’s infamous neo-Nazi creator
  Twitter has restored the account of Andrew Anglin, one of America’s most notorious neo-Nazis. The creator of the white supremacist website The Daily Stormer had been banned from the social media platform for nearly a decade. His return would appear to be part of Elon Musk’s offer of “general amnesty��� to users who had “not broken the law or engaged in egregious spam.” Anglin, it should be noted, is currently in hiding while attempting to avoid a 2019 court order to pay $14 million for leading a harassment campaign against Jewish residents in Montana.
  Neo-Nazi Andrew Anglin, who was booted off Twitter in 2013, has had his account restored. pic.twitter.com/sEv5UDVUw2
  — Right Wing Watch (@RightWingWatch) December 2, 2022
  Shortly after regaining control of his account, Anglin tweeted a defense of Ye, the rapper formerly known as Kanye West. “Saying you love Hitler is not even a big deal,” Anglin said, referencing Ye’s recent InfoWars interview. “No one cares about that. The man died 80 years ago.” Ye’s now-infamous interview with Alex Jones saw the rapper declare his “love” for Adolf Hitler and deny that the Holocaust had ever happened. Anglin later tweeted an endorsement of Ye’s 2024 presidential campaign.
  
  The reinstatement comes in the same week Twitter suspended Ye for tweeting a photo of the Star of David merged with a swastika. Anglin is only one of a few prominent white nationalists to return to Twitter following Elon Musk’s takeover of the company. One estimate by software engineer Travis Brown suggests Twitter has restored as many as 12,000 accounts since October 27th, including those belonging to Richard Spencer and Patrick Casey.
  White nationalist Patrick Casey, who has repeatedly ban evaded on Twitter, (https://t.co/qjFcmNTyOa), claimed that he has been reinstated on the platform. Casey thanked Twitter owner Elon Musk for the supposed development. pic.twitter.com/bf5ROtwELa
  — Alex Kaplan (@AlKapDC) November 30, 2022
  The return of even just one avowed neo-Nazi is likely to reinforce fears from civil rights groups, advertisers and governments over Elon Musk's handling of the platform. On November 26th, the billionaire claimed hate speech impressions had recently decreased compared to October last year. However, findings from the Center for Countering Digital Hate, the Anti-Defamation League and other groups that study online platforms suggest that there’s been a dramatic increase in the prevalence of hate speech on Twitter since Musk’s takeover.
  

• Judge dismisses indictment against Huawei exec Meng Wanzhou
  More than four years after her arrest, the drawn-out legal saga of Huawei Chief Financial Officer Meng Wanzhou came to a formal end this week. On Friday, US District Judge Ann Donnelly dismissed an indictment against Meng, according to arrested Meng in 2018 for allegedly violating American sanctions against Iran. Meng, who is also the daughter of Huawei founder and CEO Ren Zhengfei, spent the next three years fighting attempts to extradite her to the US, where she faced up to 30 years in prison for bank and wire fraud charges. Donnelly dismissed the indictment “with prejudice,” meaning the Justice Department can’t bring the same charges against Meng again.
  
  Before entering into an agreement with US prosecutors last year, Meng spent three years under house arrest. The detainment strained relationships between the United States and China and led to an international incident. China apprehended two Canadians, Michael Spavor and Michael Kovrig, within days of Meng’s arrest. They were later released after Meng entered into a deferred prosecution agreement with the Justice Department. As part of the agreement, she acknowledged having made false statements about Huawei’s business in Iran. Meng flew home to China the day Donnelly approved the pact.
  
  Huawei and its subsidiaries are still facing charges in the US. Most notably, the Justice Department recently announced charges against two Chinese spies who had allegedly tried to interfere in a criminal investigation into the company. Earlier this week, the FCC also banned telecom and video surveillance equipment from Huawei, among a handful of other Chinese companies. Meng currently serves as the company's rotating chairperson and deputy chairwoman, as well as CFO. 
  

• Pentagon unveils B-21 Raider aircraft with advanced stealth technology
  The US military has unveiled the B-21 Raider, its first new stealth bomber in 30 years. Northrop Grumman, which developed the aircraft, first showed us a silhouette of the plane covered by a shroud way back in 2015. Now, the Pentagon has officially presented the B-21 at an event at Northrop Grumman's plant in Palmdale, California, but most of its details still remain a secret. Prior to the event, though, the company called it the "world’s first sixth-generation aircraft," which means it's a lot more technologically advanced than the military jets in service today.
  
  According to announcement. A Northrop Grumman official also said that the B-21 can fly in full stealth mode every day, according to #DefiningPossible#RiseoftheRaiderpic.twitter.com/rZIINucOug
  — Northrop Grumman (@northropgrumman) December 3, 2022
  
  

• Recommended Reading: The environmental cost of China's EV boom
  The dirty road to clean energy: How China’s electric vehicle boom is ravaging the environment
  Antonia Timmerman, Rest of World
  
  The rise of electric vehicles in China is causing devastating environmental impacts in nearby Indonesia, including rising ocean temperatures as a byproduct of coal plants. Upper respiratory infections are also one of the main health issues for people who live near nickel-processing factories and the main water sources for some areas are increasingly polluted and prone to flooding.
  The future of parking is in New York — and it costs at least $300,000 per space
  Ray Parisi, CNBC
  
  Some of the priciest condos in NYC are housed in buildings with futuristic parking systems. Robotic technology is deployed to park and retrieve vehicles. The catch? The apartments cost millions and reserving a self-parking spot will cost you at least $300,000 more.
  We’re in denial about the true cost of a Twitter implosion
  Eve Fairbanks, Wired
  
  "The amount of reputational and social wealth that stands to be lost if Twitter collapses is astounding," Fairbanks explains. "Twitter currently functions as perhaps the world's biggest status bank, and the investments stored in it are terrifyingly unsecured." 
  

• Meta faces lawsuit for harvesting financial data from tax prep websites
  A group of anonymous plaintiffs who filed their taxes online in 2020 using H&R Block has sued Meta, accusing the company of violating users' trust and privacy. If you'll recall, a recent Markup investigation revealed that H&R Block, along with other popular tax-filing websites like TaxAct and TaxSlayer, have been sending users' sensitive financial information to Meta through its Pixel tracking tool. 
  
  Pixel is a piece of code companies can embed on their websites so they can track visitors' activities and identify Facebook and Instagram users to target with ads. Apparently, the aforementioned tax prep websites had been transmitting personal information, such as income data, filing statuses, refund amounts and dependents' tuition grants, to Meta through that code. The tax-filing services had already changed their Pixel settings to stop sending information or had been reevaluating how they used Pixel by the time Markup's report came out. 
  
  In a statement sent to Engadget when the news first came out, Meta said that advertisers are prohibited from sharing personal information and that it uses an automated system that can filter out sensitive content sent through Pixel. The plaintiffs acknowledged in their complaint (PDF, courtesy of The Markup) that Meta does require businesses that use Pixel to "have lawful rights to collect, use and share" user data before providing the company with any information. However, the plaintiffs argue that Meta makes no effort to enforce that rule and instead relies on a "broken honor-system" that has resulted in "repeated, documented violations."
  
  According to The Markup, the lawsuit is seeking class action status for people who used the tax prep services mentioned in the publication's report. The services themselves, however, were not named as defendants in the case. 
  

• Security flaw in Florida tax website exposed filers' sensitive data
  Some Florida residents may be keeping a close eye on their finances after a security incident. Researcher Kamran Mohsin tellsTechCrunch that Florida's Department of Revenue website had a flaw that exposed hundreds of filers' bank account and Social Security numbers. Anyone who logged in to the state business tax registration site could see, modify and even delete personal data just by modifying the web address pointing to a taxpayer's application number — you just needed to change the digits in the link.
  
  There were over 713,000 applications in the Department's pipeline at the time of the discovery, Mohsin said. Mohsin warned the Department about the flaw on October 27th.
  
  Department representative Bethany Wester said in a statement that the government fixed the flaw within four days of the report, and that two unnamed firms have deemed the site secure. She added there was "no sign" attackers abused the flaw, but didn't say how officials might have spotted any misuse. The agency contacted every affected taxpayers by phone or writing within four days of learning about the issue, and has offered a year of free credit monitoring.
  
  Bugs like these, known as insecure direct object references, are relatively easy to fix. The damage might also be limited compared to other tax-related breaches, such as a Healthcare.gov intrusion that compromised about 75,000 people in 2018. However, the incident underscores the potential harm from weak security — even a small-scale exposure like this could be used to commit tax fraud and steal refunds.
  

• John Wick's creator is writing a movie based on 'Sifu'
  John Wick creator Derek Kolstad is working on yet another videogame adaptation. Fresh off the news that he's writing and producing a Streets of Rage film, it emerged that Kolstad is taking on the same duties for a live-action movie based on Sifu.
  
  Kolstad and his partners at media company Story Kitchen have teamed up with Sifu developer and publisher Sloclap, as Deadline reports. The beat-'em-up proved a hit when it was released in February, as it sold a million copies in three weeks — despite Elden Ring and Horizon Forbidden West arriving at around the same time. What makes Sifu stand out from the pact is that every time the protagonist dies in their quest for vengeance, they get older but their enemies stay the same age.
  
  That hook alone gives a screenwriter a lot of intriguing possibilities. The one vs. many aspect of Sifu seems right up Kolstad's alley as well, given his experience with the John Wick franchise and Nobody. As if all that wasn't enough, Kolstad is also behind Netflix's Splinter Cell, an upcoming animated series based on Ubisoft's games.
  

• Second group of Activision Blizzard testers wins union vote
  More Activision Blizzard workers have voted to unionize. Quality assurance testers at Blizzard Albany have voted 14-0 in favor of unionization. The team at the Diablo-focused office will join the Communication Workers of America (CWA), the representative of the existing Raven Software union.
  
  The game publisher tried to prevent the vote in October, arguing that 88 developers should be included to prevent a "fractured" office. The National Labor Relations Board (NLRB) denied that bid in late November, noting that the game testers shared a "community of interest" for their cause. Expansions like this are sometimes used in union-busting efforts to reduce the chances of a successful vote. The company also tried to impound three votes that arrived late due to mail delays, although those wouldn't have affected the outcome.
  
  Activision Blizzard told Engadget in a statement that it was "considering all options." It maintained that all Albany workers should have voted in the name of "fundamental fairness and rights" for the entire branch, not just the QA unit.
  
  The CWA said in its own statement that this was a vote against "burn out culture," while Blizzard Albany associate test analyst Amanda Deep said the group was "advocating for ourselves" out of care for the work and the games. Workers at Raven and Blizzard Albany have complained about long hours, pay rates and other labor issues. Unionization theoretically gives staff more clout in demanding better conditions.
  
  It may not be so simple, however. While Activision Blizzard responded to initial unionization efforts by converting 1,100 testers to full-time jobs and raising their base pay, the NLRB also found that it unfairly withheld raises from Raven QA workers who had voted to join a union. Activision Blizzard claimed that it had pass on those pay raises due to "legal obligations" around a pending election, but the NLRB attributed this to the unionization. Improved conditions might come, but they aren't guaranteed to come quickly.
  

• Pong's influence on video games endures 50 years later
  A game that is easy to learn, but difficult to master. This was the concept Atari founder Nolan Bushnell instilled into Allan Alcorn, a then-24-year-old engineer, prior to the development of one of the most recognizable games of all time, Pong, just over 50 years ago.
  
  Pong, a video game in which a square is bounced between two rectangles controlled by players, was released on November 29th of 1972 by Atari, only a few days more than 50 years ago. Atari sold more than 8,000 Pong arcade cabinets, and a few years later, the home version would become an instant success, selling about 150,000 units of a console that played nothing but Pong. However, despite how much time has passed, and the massive changes the gaming industry has endured, Pong's — and Atari's — influence on the world of video games remains prevalent today. Watch the video below for the full story.
  
  
  

• Google Messages starts testing end-to-end encryption for RCS group texts
  improve iOS and Android messaging interoperability, and it made another attempt to get Apple onboard with RCS in a blog post. "Today, all of the major mobile carriers and manufacturers have adopted RCS as the standard — except for Apple," Messages group product manager Neena Budhiraja wrote. "Apple refuses to adopt RCS and continues to rely on SMS when people with iPhones message people with Android phones, which means their texting is stuck in the 1990s."
  
  Still, there are companies that are working on ways to make iMessage accessible on other devices. Just this week, the developers of an app called Sunbird claim to have gotten iMessage to work on Android.
  

• Meta Quest Pro’s first update adds mixed reality screen recordings
  The Meta Quest Pro is a classic case of the early adopter’s dilemma. Although the headset offers a wealth of potential for virtual reality enthusiasts, it also requires a $1,500 investment for something that — at least for now — doesn’t have the software to justify its price. Although today’s v47 update doesn’t fix that problem, it does take a small first step by adding mixed reality (MR) capture and background audio playback.
  
  The first update since Quest Pro’s launch lets you record your real-world environment combined with virtual elements. Previously, you could only capture in-game action and the real-world elements would be reduced to a black background.
  
  The feature doesn’t appear to require any settings changes. After installing the update, you can record MR video by pulling up the headset’s Quick Action Bar, navigating to Camera and tapping “Record Video.”
  
  Background audio is another addition. While playing any game, you can stream audio from the headset’s browser or any 2D panel app (progressive web apps optimized for Quest), and you’ll still hear it when you jump into a game. The feature lets you listen to your favorite music or podcast while playing an otherwise serene VR game (fishing, golf and meditation experiences come to mind).
  
  Meta also added several feature updates for its entire Quest lineup (also including the Quest 2 and the original Quest). Horizon Home, the cozy hub you see when you first put on the headset, now makes it easier to change your avatar’s appearance. It also includes a virtual mirror to check out your avatar’s makeovers in real-time. Additionally, the Meta Quest mobile app received a few updates. You can now make your game wish lists public to send to friends and family as a not-so-subtle holiday gift nudge. The mobile app also makes it easier to see friend activity and adds widgets for starting a Cast, including viewing your headset and controller’s battery life.
  

• GE has a new smart mixer that can shut itself off when your dough is ready
  it costs $1,000. Preorders are open now and the mixer should ship later this month.
  

• VW teases second-generation ID.3 EV with design and tech upgrades
  Volkswagen's electric car lineup is now mature enough that it's introducing second-generation models — and it appears the company is taking some criticism to heart. VW has teased a redesign of the ID.3 that addresses complaints about the first version while upgrading the technology. The compact EV now sports a "matured" design with a supposedly sharper-looking exterior and higher-quality interior materials. Importantly, it's also more functional — there's a larger 12-inch infotainment display, two cupholders in the center console and a removable luggage compartment floor.
  
  The tech may be the centerpiece. VW stresses the new ID.3 will use the company's "latest" software platform, which boosts the sometimes-sluggish performance and allows for over-the-air updates. It will also reflect feature upgrades that include easier paid EV charging, adaptive lane guidance and parking aids.
  Volkswagen
  VW won't formally unveil the revamped ID.3 until the spring, and pre-orders placed now won't arrive until the last quarter of 2023 due to "high order volume." However, it's keeping the current starting price of €43,995 (about $43,600) for the Life trim. Business, Style, Max and Tour variants will also be available.
  
  There's no mention of which markets will get the new EV. As before, though, we wouldn't expect a North American ID.3 launch. VW remains focused on crossovers and SUVs like the ID.4 in this market, and its fledgling Chattanooga EV factory will still be ramping up production through 2023. All the same, the second-gen ID.3 will be worth a look as a preview what to expect for revisions of those models that do cross the Atlantic. They may not be complete reinventions, but they should fare better against stiff competition from the likes of Ford and Nissan.
  

• Crypto scammer faces 18 months in prison over $22 million SIM attack
  A young man is facing time behind bars for his role in a high-profile crypto scam. Bloombergreports a federal judge has sentenced 25-year-old Nicholas Truglia to 18 months in prison for allegedly taking part in a scheme that stole $22 million in cryptocurrency from blockchain adviser Michael Terpin in 2018. The perpetrators are said to have asked Truglia to convert Triggers tokens stolen from Terpin into Bitcoin after breaching the consultant's phone.
  
  Truglia has been described as a member of a larger criminal group that relied heavily on SIM swapping, or transferring victim phone numbers to SIM cards under attackers' control, to rob crypto industry personalities. Terpin accused a New York State teen of leading the group following a private investigation and successfully recouped some of his losses. The teen pointed to Truglia and two other people as accomplices.
  
  Truglia is the only person in the group subject to criminal charges, and is already facing civil penalties near $80 million for his alleged involvement. The relatively light sentence appears to have been influenced by Truglia's autism, which defense attorney Jeffrey Udell claimed made it harder to understand the real-world consequences of the theft.
  
  This is far from the largest crypto heist in recent memory. State-backed hackers and online gangs have been linked to thefts worth hundreds of millions of dollars from the blockchain. The length of the sentence is unlikely to deter others, for that matter. However, the sentencing theoretically sends a message that aiding crypto thieves is still a serious crime.
  

• World Cup attendees can use AR to see stats for players on the pitch
  Folks who are attending the FIFA World Cup in Qatar don't have to miss out on all the player stats they'd see while watching games on TV. The A post shared by ESPN FC (@espnfc)
  
  The VAR replays could come in handy for those who are in the stadium but aren't clear about why the referee made a certain decision. In the buildup to Japan's winning goal against Spain on Thursday, it appeared as though the ball went out of play (as shown in the image above). The referee initially disallowed the goal but overturned the decision after VAR showed a sliver of the ball remained in bounds. Having the option to see the VAR replay on their phone might have helped fans in attendance understand the call, especially if they missed it on the big screen.
  
  The AR overlay looks neat and it could add to the experience of being at a game for some folks. On the other hand, it's the World Cup and possibly a once-in-a-lifetime experience. Sometimes, it's okay to keep your phone away and be truly immersed in what's going on around you.
  

• iPhone users can now share their digital car keys with Pixel owners
  You no longer need others to use the same phone OS to share your digital car keys. Google has added car key sharing to Pixel devices, making cross-platform swaps available in an early form. If you're using an iPhone running iOS 16.1, you can send keys stored in Wallet to a Pixel through communications apps like Mail, Messages and WhatsApp. Pixel users share their car access through Android's wallet app.
  
  Google plans to expand sharing to more phones using Android 12 or newer. Only a handful of car makers currently support digital car keys, including BMW and Hyundai brands that include Genesis and Kia. Some cars may require that you activate through a physical key or code, while others might ask you to start the process through the vehicle's infotainment screen.
  
  Note that this isn't the same as the remote or proximity-based lock controls you get from companies like Tesla — this treats your phone like a physical key that requires getting close to the door. On phones with ultra-wideband, such as many recent iPhones and larger Galaxy S21/S22 models, you can unlock your car without taking the phone out of your pocket or using a smartwatch.
  
  Companies across the industry, including Apple and Google, are hoping to make a publicly available standard for digital car key sharing. While there's no timeline for when this might happen, the appeal is clear. You could lend your car to a friend for the weekend regardless of the phone they use, and without handing over a fob. That could be crucial as car ownership declines and people are more likely to borrow vehicles than rent or use ridesharing services.
  

• Roku's Streaming Stick 4K is on sale for $25, plus all the Cyber Week deals you can still get
  Black Friday and Cyber Monday may be behind us, but many of the deals are still live as of today. A few deals even popped up after the shopping holidays ended, keeping our deals radar from getting rusty. Samsung still has a few good discounts including the Galaxy Z Fold 4 and Frame TVs. Apple's latest iPad is $30 off and sales on a few games for the PS5 and Nintendo Switch are still going strong. If you missed out on Black Friday or still have some shopping to do, now is a good time to grab an Instant Pot for holiday cooking, a Roomba to keep the floors spotless or a great pair of earbuds to unwind with some music. Here are the best deals from Cyber Week that you can still get today.       
  'Roku Streaming Stick 4K
  Most of Roku's streaming devices are still on sale. Including the Roku Streaming Stick 4K, which is half price. At just $25, it matches the price of Amazon's 4K stick, and it's our current favorite streaming device. The Roku Streambar is down to $80, which is $50 less than usual and a record low. Roku's 2022 Ultra set-top box has dropped to a new low of $69.
  
  Roku's Streaming Stick 4K is on sale for $25 right now, which is half off its usual price. This small dongle connects directly to your TV's HDMI port and streams content in 4K, supports Dolby Vision and offers voice command capabilities via its remote. And finally, Roku's Express has dropped to $18 which is one of the best prices we've seen. If you just want an inexpensive streaming device with basic features, the Express is a solid option.
  Shop the Roku sale at AmazonGalaxy Z Fold4Sam Rutherford/Engadget
  The Galaxy Z Fold 4 is $450 off right now, bringing the rather expensive foldable phone down to $1350 for the 256GB configuration. That includes a $100 "not trade-in" credit. If you do have an old phone to turn in, you'll get at least $300 credit (if it's a Galaxy device) and up to $1,000, depending on the phone and condition. We gave it an Engadget score of 86 with particular praise for the longer zoom on the upgraded cameras and an improved battery life that lasted 17 hours and 13 minutes in our test, which is three more hours than the previous generation. The Z Fold 4 is also great at multitasking. In the end, we called it "a cutting-edge device that’s actually ready for the mainstream."
  Buy Galaxy Z Fold 4 at Samsung - $1,3502022 iPad
  Apple's 2022 standard-model iPad is the 10th generation of the multipurpose slate, earning an 85 in our review back in October. We were concerned at the price hike over the previous generation, which brought it to a steep $449. But now that it's going for $419, it's a little easier on your wallet. What we did like was the complete redesign, the solid 10-plus hours of battery, and the addition of a landscape-oriented front-facing camera. Note that the iPad standard only works with the first generation of the Apple Pencil.
  Buy iPad (10th gen) at Amazon - $419Xbox Series SEngadget
  The Xbox Series S is down to $240 at Amazon, and Woot has the device available for $220 outright — albeit for an international model, which means your instruction manual may be in Spanish — but it's a full $80 off the usual $300.
  
  The Series S is good value for PlayStation or Switch users who want a cheaper way into the Xbox ecosystem. We gave the Series S a review score of 85 at launch, noting that while it isn't doesn't handle 4K gaming and won't play physical games (just digital versions), it can still play all the same games as the pricier Xbox Series X and offers incredibly smooth gameplay.
  Buy Xbox Series S at Amazon - $240Anker 577 Thunderbolt docking station
  Anker’s 577 Thunderbolt docking station is what we recommend getting for people who work from home. It's a multi-purpose, powerful brick into which you can plug all of your necessities. With 13 ports, there’s a good chance every peripheral you use will find a home. Plus it supports 85W laptop charging power your your machine as you use it.
  Buy Anker 577 docking station at Amazon - $240Samsung 2022 Frame TVAmy Skorheim
  Right now, Woot is running a sale on Samsung's 2022 Frame TVs that includes some of the best prices we've seen. The best value is the 50-inch model, which is down to $870 — a healthy 33 percent off. You'll see steep discounts across the range, though, including the sweet-spot 55-inch and 65-inch models (now $1,100 and $1,490). We like the Frame for its ability to look convincingly like art when you're not watching it. 
  Buy 2022 The Frame TV (50-inch) at Woot - $870Apple 12.9-inch Magic Keyboard
  If you want to experiment with using an iPad Pro as a laptop, Apple's Magic Keyboard is one of the best typing solutions out there. However, like most first-party Apple accessories, it'll cost you. But you can get the 12.9-inch model for $100 less than usual from Amazon. Right now the white keyboard is down to $250, which is the lowest price we've seen it. We gave it an Engadget score of 84, appreciating the luxurious feel of the keys and precision of the trackpad. 
  Buy Apple 12.9-inch Magic Keyboard at Amazon $250Xbox Wireless Controller
  If you need a spare gamepad for your Xbox or PC, Microsoft's wireless Xbox Series X/S controller is available for $40 at Microsoft. That's about $20 below the controller's usual going rate. The sale applies to multiple finishes, though some colors are priced at $45. Just note that these pads still rely on AA batteries by default; if you want one rechargeable battery, that'll cost you another $25.
  Buy Xbox Wireless Controller at Microsoft - $40Games for PlayStation and Switch
  If you're looking to build out your game library, this week saw several sales on games for all three of the major consoles. Some were at or near their lowest prices to date and a few are still going on as of today. One of the most acclaimed and popular games of 2022, favorite sequels of the year, the robot-battling open-world game over-the-top hack-and-slasher Buy Elden Ring at Walmart - $35Razer Blade 14
  Razer's Blade 14 with an AMD Ryzen 9 6900HX chip, 16GB of RAM, a 1TB SSD and an RTX 3070 Ti GPU is currently down to $2,000 at Amazon. That's about $350 off its average price and tied for the best price we've tracked. We gave the Blade 14 a review score of 84 last year, and we've recommended the similar Blade 15 in recent buying guides and gift guides. It can run hot, and you can still get similarly powerful gaming laptops for less cash, but the Blade still packs enough power to play demanding games at higher settings in a slim and slick-feeling design that weighs less than four pounds.
  Buy Razer Blade 14 at Amazon - $2,000HyperX Cloud Alpha
  The HyperX Cloud Alpha is down to $55 at Best Buy which is $45 below the wired headset's list price and close to the best price we've tracked. It's a sturdy, no-frills gaming headset that's comfortable to wear for hours. A good set of non-gaming headphones will sound better for the price, but the profile here is still relatively well-balanced, and the included mic is perfectly fine for everyday party chats.
  Buy HyperX Cloud Alpha at Best Buy - $55Hisense TV deals
  Most of Hisense's TVs are on sale for Cyber Week. If you're looking to spend as little as possible on a still-decent TV, then you can't get much better than Hisense's 43-inch R6-Series Roku TV for $200. It supports 4K content and Dolby Vision, plus it runs on Roku's smart TV operating system.
  Shop Hisense Cyber Week TV deals at AmazonAmazon Fire TV Stick streaming devicesAmazon
  Amazon's most affordable streaming stick, the Fire TV Stick Lite is still going for just $15 right now, which is half off its usual price. This is a good option if you want to upgrade an old, "dumb" TV in your home into a smart one. If you have a 4K screen, grab the Fire TV Stick 4K, which has dropped to $25 or 50 percent off its normal price. For Amazon's most capable streaming stick, grab the Fire TV Stick 4K Max. It's down to $35 right now. It has all of the features of the standard Fire TV Stick 4K: UHD streaming capabilities, Dolby Vision and Atmos support, and the live picture-in-picture feature. But on top of that, it has WiFi 6 support and a bit more RAM than all other Fire streaming sticks, improving its overall performance.
  Shop the Fire TV Stick sale at AmazonVizio V21t-J8 soundbarVizio
  The Vizio V21t-J8 soundbar is our favorite budget-friendly soundbar and it's down to $120 right now, which is 26 percent off its usual price and a near record low. You're getting a 2.1-channel setup with this accessory, plus a 4.5-inch wireless sub along with it. It may not have WiFi connectivity, but that's the main tradeoff you'll have to make. Otherwise, it supports HDMI ARC/eARC, DTS Virtual:X and Bluetooth, and it has a 3.5mm aux jack as well.
  Buy Vizio V21t-J8 soundbar at Amazon - $120MacBook Air M1
  If you aren't worried about having the latest model, the 2020 MacBook Air with the M1 chip is on sale for just $799. We gave it an 94 in our review, calling it the best MacBook for most people when it first hit the scene, especially those looking for a casual computer. The M1 chip will still feel like a big upgrade if you're coming from an aging Intel machine, and we also liked this laptop's lovely display, lack of fan noise and good battery life.
  Buy MacBook Air at Amazon - $79914-inch MacBook Pro
  Apple's 14-inch MacBook Pro is a still on sale for a whopping $500, bringing it down to $2,000. We gave it and the 16-inch model scores of 92 in our review, with appreciation for the fast M1 Pro and Max processors, excellent display and solid battery life.
  Buy MacBook Pro (14-inch) at Amazon - $2,000Microsoft Surface Laptop Go 2
  Microsoft's Surface Laptop Go 2 is still down to $600. This configuration has a Core i5-1135G7 processor, 8GB of RAM and a 128GB SSD. We gave this 12.4-inch notebook a score of 86 earlier this year, and it earned a spot in our guide to the best cheap Windows laptops. It impressed us with its slick design, bright screen, good battery life and USB-C charging.
  Buy Surface Laptop Go 2 at Amazon - $600Microsoft Surface Laptop 5
  The 13-inch Surface Laptop 5 with 8GB of RAM and 512GB of storage is on sale for $1,000, which is the best price we've seen. We gave this machine a score of 83 for its elegant design, bright display, Thunderbolt 4 support and solid performance. We weren't as impressed by its 720p webcam and its non-backlit keyboard, but this notebook is definitely a step up from the Surface Laptop Go 2 and a great pick for daily productivity .
  Buy Surface Laptop 5 at Amazon - $1,000Microsoft Cyber Week deals
  A number of Surface laptops and bundles are still on sale for Cyber Week, direct from Microsoft. The new Surface Pro 9 and the Surface Laptop 5 are up to $200 and $300 off, respectively, while you can save more than $600 on Surface Laptop 4 bundles. We recommend checking out all of Microsoft's discounted bundles, because they are some of the best ways to get all of the things you'd need — like keyboard attachments, styluses and more — to make a Surface machine truly your own.
  Shop Microsoft Cyber Week dealsiRobot Roomba s9+ robot vacuum
  The Roomba s9+ has been around for a couple of years and it's probably overkill for most people. At $999, it's certainly not cheap, but it did earn a spot in our list of best robot vacuums. Right now, you can pick up the high-end machine for $220 off at Wellbots when you use the code ENG220' at checkout. A final price of $779 is the best we've seen on this smart home gadget, In our testing, we found the s9+ to be an incredibly capable cleaner, and while on the loud side, it's no more noisy than other robo-vacs in this price range.
  Buy Roomba s9+ at Wellbots - $779Elektron Syntakt
  The latest entry in Elektron's midrange groovebox series is a lot of things — an analog synth, a digital drum machine, an absurdly powerful sequencer. But one thing the Syntakt is not, is cheap. Right now though, the Syntakt is down to $799 across a number of shops. And while it's definitely focused on percussion, a recent firmware update added two new "machines" that focus on more melodic sounds.
  Buy Elektron Syntakt at Reverb - $799Buy Elektron Syntakt at Perfect Circuit - $799Korg Minilogue XD
  When the Minilogue XDlaunched for just $650 it staked a pretty convincing claim to the best bang-for-your-buck synth. A few years later, and it's no less impressive. But its price has crept upwards to $730, but now it's down to $600. Korg is offering a number of discounts across its range, but the clear stand out is this 18-percent off on an incredibly versatile synth. It combines four voices of true analog polyphony with a digital synth engine and effects.  
  Buy Korg Minilogue XD at Perfect Circuit - $600UA Volt audio interfaces
  The Universal Audio Volt 76 series stands out from the audio interface pack with a stylish look, low noise and latency, and large easy to use controls. What sets the 76 apart, from even its cheaper Volt brethren is the all analog modeling of its legendary 1176 compressor. The Volt 476 and 276 are both on sale, marked down to $329 and $269, respectively.
  Buy Universal Audio Volt 476 at Reverb - $329Buy Universal Audio VOLT 476 at Perfect Circuit - $329Buy Universal Audio Volt 276 at Reverb - $269Buy Universal Audio Volt 276 at Perfect Circuit - $269Monoprice Soundstage3
  While its not meant to take on the road, the Monoprice Soundstage 3 is an excellent pick for at-home listening. Usually $250, the sale price is down to $200 right now. We like its minimalist design and clear, balanced sound. It gets 10 hours of play on a charge, but also has plenty of hard-wire ports if its staying in one place.
  Buy Monoprice SoundStage 3 at Monoprice - $200Bose SoundLink Revolve II
  Bose SoundLink Revolve II is great for bringing your music outside and we found it had a loud and bright sound that carries nicely through the out of doors. It pumps out 360-degree sound and gets 13 hours of play on a charge. It's usually $220 but is still down to $180 right now.  
  Buy Bose SoundLink Revolve II at Bose - $180Solo Stove fire pitsSolo Stove
  Solo Stove's fire pits remain up to 40 percent off right now. We like these fire pits because, while on the expensive side, they are good options that don't smoke you out. Aside from the small table-top Mesa, the most affordable of the bunch is the Solo Stove Ranger, which is on sale for $180.
  Buy Solo Stove Ranger at Solo Stove - $180Chromecast with Google TV
  Like the Fire TV and Roku sticks above, the Chromecast with Google TV 4K turns a "dumb" TV into a smart one, and right now it's just $40, down from $50. We reviewed it when it first came out and gave it a score of 86, particularly impressed with the Google Assistant integration.
  Buy Chromecast with Google TV 4K at Amazon - $40Crucial MX500 (1TB)Crucial
  Crucial's MX500 internal drive is down to a new low of $68 for the 1TB version, and you can find discounts on the other configurations, too. We've long recommended this drive for its standard form factor, its sequential read/write speeds of up to 560/510 MB/s and its AES 256-bit hardware encryption. It also has integrated power loss immunity, which saves all of your work even when there's a power outage.
  Buy Crucial MX500 at Amazon - $68Jabra Elite 3 earbuds
  We were impressed with the Jabra Elite 3 earbuds at their list $80 list price, giving them an 88 in our review. Now that they're below $50, it's still a good day to get a pair. We called them the "new standard for affordable wireless earbuds" because they offer detailed and balanced sound with a booming low end. We got right around the estimated seven-hour battery life and liked Jabra's comfortable new design for the Elite 3 buds.  
  Buy Jabra Elite 3 earbuds at Amazon - $50Sony WH-1000XM5Billy Steele/Engadget
  Sony's WH-1000XM5 headphones are down to $348 right now, which is the best price we've seen since they came out earlier this year. These are our current favorite wireless headphones, and Sony essentially changed only a few things about the previous WH-1000XM4 to make this generation even better. They have improved noise cancellation and sound quality, plus a slick new design and a solid battery life. We also appreciate their Speak-to-Chat feature and multi-device connectivity.
  Buy Sony WH-1000XM5 at Amazon - $348OnePlus 10 Pro
  You can pick up the OnePlus 10 Pro smartphone for only $549 right now, which is the lowest we've seen it. The standout feature of this handset is its remarkably fast charging technology. You can get a full charge in just over a half hour using 80W SUPERVOOC charging. However, US users are capped at 65W SUPERVOOC, but that's still the speediest charging standard available stateside. Otherwise, we also appreciated the 10 Pro's lovely 120Hz display and its fast face-unlock feature.
  Buy OnePlus 10 Pro at Amazon - $550iRobot Roomba j7
  iRobot's Roomba j7 is on sale for $349 right now, which is the cheapest we've seen it, and you can get the j7+ for $599. This is one of iRobot's latest robo-vacs and it has enhanced obstacle avoidance which lets it navigate around a robot vacuum's arch nemesis: pet poop. It also has 10 times the suction power of a standard Roomba, plus support for smart mapping and Alexa and Google Assistant voice control. With the j7+ model, you're also getting a clean base into which the robo-vac will empty its bin after every job.
  Buy iRobot Roomba j7 at Amazon - $349Blink Mini camera
  Blink Mini cameras are usually $35 each, but right now Amazon is selling two for less than the price of one. On the same product page, you'll notice a one-camera configuration option, that's $30, so this really is a case where it's a better deal to get two. The Minis are motion-activated devices (as, in they aren't always on)and have built-in speakers and a mic so you can hear and talk to people (or pets) remotely using your phone.
  Buy Blink Mini camera 2-pack at Amazon - $30Echo Show 8
  If you're still looking to pick up a new smart display ahead of the holidays, a newer deal on Amazon's Echo Shows may be of interest. The retailer is currently offering a bundle that pairs its Echo Show 8 with the Kids edition of its Echo Show 5 for $70.
  
  We've seen the Echo Show 8 alone go for $70 for much of the last two months, but that still equals the lowest price we've tracked. Normally, it retails closer to $100. With this deal, you're effectively getting an Echo Show 5 Kids thrown in at no extra cost. That device is currently available on its own for $40, but its average street price over the last few months has sat closer to $60.
  Buy Echo Show 8 + Echo Show 5 Kids at Amazon - $70Disney+
  Disney+ will switch to a two-tier model on December 8th. After that, the ad-free version, which is the only way the service is currently offered, will increase to $11 per month instead of $8. The new ad-supported plan will then go for $8. If you want to hang on to that $8 per month price for an ad-free plan, you can sign up before December 7th and pay $80 for a year of ad-free streaming. That works out to a 39 percent discount over the elevated $11 per month plan. If you didn't already know, Disney+ includes a dominating trove of content from Disney, Pixar, Star Wars, Marvel, and National Geographic.
  Subscribe to a year of Disney+ (ad-free) for $80YouTube TV
  Switching to an all-streaming diet often means forgoing live TV and other content cable offers. YouTube TV is one way to get back some of the live sports, live news and "cable channels" you're missing. YouTube's limited time offer is still going and gives you your first three months for $55 per month, with no contract required. If you decide you like what you're seeing, don't cancel and the price will revert to the regular $65 per month.
  Subscribe to 3 months of YouTube TV for $55 per monthAlo Moves
  While some subscription deals time out after a few months, Alo Moves is still offering half-off annual subscriptions for life. The going rate for a yearly membership is currently $200, so this brings it down to $100. The online fitness service currently has more than 3,000 classes, and new classes are added weekly. You can watch on your laptop or via app on an iPhone or iPad. Yoga, pilates, HIIT, and core classes are available, along with meditation and mindfulness sessions, including a power nap sound bath.
  Subscribe to a year of Alo Moves - $100Masterclass
  Masterclass memberships are annual and include access to all 180 classes they offer. Right now when you buy any membership plan, which range from $180 to $276 per year, you'll get a second free membership to give away. There are classes from Martin Scorsese, Usher, Carlos Santana, Questlove, Alice Waters, David Lynch and 100 other people you've heard of. Classes range from a little over two hours to five-plus hours and are broken into between 12 and 30 lessons each.
  Buy two MasterClass subscriptions - $180 per yearRosetta Stone
  Like Masterclass above, this Rosetta Stone membership doesn't make you decide what you want to learn up front. And instead of a yearly membership, this one is for life. The usual price for a lifetime membership is $300, but is still half price right now. With it, you get access to all 25 languages Rosetta Stone offers, complete with customizable lesson plans and immersion learning methods. The deal runs from now through Friday, December 2nd.
  Buy a lifetime membership to Rosetta Stone - $149Adobe Creative Cloud
  Adobe Creative Cloud All Apps includes more than 20 apps, including Photoshop, Premiere Pro, Illustrator and InDesign. From now through December 4th, Adobe's sale takes 25 percent off the monthly price for your entire first year. That brings the price down from its usual $55 per month to just $40 per month.  
  Subscribe to Adobe Creative Cloud All Apps - $40 per monthTidal HiFi
  You can think of Tidal's HiFi membership as Spotify for audiophiles and music super fans, delivering up to 1411 kbps of lossless audio quality to your Android, iPhone or desktop. A membership also includes curated playlists, access to Tidal original documentaries and interviews with musicians, and of course it's all ad free. The holiday deal gives you two months for $2, and bumps up to $10 a month after that.
  Subscribe to Tidal HiFI - $2 for two monthsiRobot Roomba 694
  The iRobot Roomba 694 is currently our favorite budget robot vacuum and is down to $180 right now. That's 33 percent off for a $95 savings that's close to an all-time low. We liked the way the 694 dependably cleaned both carpet and tile, and appreciated the excellent user interface on the app. Setup is straightforward, even for a robo vac newbie. It doesn't come with extra brushes and the spot-clean function is only available as a button on the unit itself, but we still think it's the best budget vac for most people.
  Buy iRobot Roomba 694 at Amazon - $179Shark Ion RV765
  The Shark Ion RV765 is the runner up in our guide to budget robo vacs and right now it's down to $150, which is a super low price for any smart vacuum, especially one with a two-hour battery life. We particularly liked the adjustable wheels that automatically reacted to the "terrain" of carpet, rug, or hard floor, and the intuitive app for setting schedules and otherwise controlling the robot.
  Buy Shark Ion RV765 at Walmart - $150Eufy RoboVac X8 Hybrid
  With a more than 50 percent discount, Eufy's RoboVac X8 Hybrid is down to $320, which is 51 percent off its usual $650 sticker. We gave the X8 a shout out in our robo vac guide for its great customization features, including a "tap and go" option that lets you direct the vac to a particular spot for extra on-demand cleaning. The hybrid X8 can wet-wipe your floors as well as vacuum them, and comes with a fillable tank and swappable cleaning pads to enable the mopping function. If you don't need your vac to mop, the vacuum-only Eufy RoboVac X8 is on sale for 40 percent off, making it just $300 instead of $500 right now.
  Buy Eufy RoboVac X8 Hybrid at Amazon - $320Meater Plus
  The Meater Plus is the recommended thermometer in our grilling gear guide. It's still down $80 from its usual $100 price tag. While a wired version is certainly cheaper, we thought the price bump was worth not having to avoid the cables as you work with larger pieces of meat. It's got a 165-foot Bluetooth range and the single probe has two sensors, with one end reading the internal temp of your meat and the exposed end monitoring the ambient temp of your cooking environment. 
  Buy Meater Plus at Amazon - $80Instant Pot Duo
  The Instant Pot Duo makes an excellent gift for just about anyone, but it's also a great way to add some extra capacity to your kitchen for holiday cooking. It dropped down to $79 for Black Friday and is still on sale. That's a 21 percent discount and a great buy, considering all it can do. It features seven functions in one unit, and can act as a pressure cooker, slow cooker, rice cooker, steamer, sauté pan, yogurt maker and warmer. 
  Buy Instant Pot Duo at Amazon - $79Google Nest Hub
  If you like the Google Assistant for your smart display needs, the latest generation of the Google Nest Hub is half price, bringing it down to $50. The seven-inch screen is one inch smaller than the Echo Show 8, and the Google Hub doesn't have an on-board camera, which some might prefer. As a smart display, it'll happily act as a hub to control compatible smart home devices using just your voice.
  Buy Google Nest Hub at B&H Photo - $50Google Nest Cam
  The Google Nest Cam battery is your best bet for Google Assistant-controlled indoor and outdoor monitoring. While they usually go for $180, they're $60 off right now, making them $120 each. These run on batteries and are rated to handle the weather outside, but they're quite a bit more expensive than some other cameras. They send high def 1080p video to your phone or smart display when they're triggered and are smart enough to tell the difference between pets, cars and people.
  Buy Google Nest Cam at B&H Photo - $120Amazon Echo Dot
  When Amazon's Echo Dot first unveiled its new spherical shape in 2020, we tried it out and thought it was a well-rounded speaker in all senses of the word, awarding it a score of 88. For Black Friday it was 50 percent off, putting Amazon's smallest smart speaker down to just $25. Today it's bumped up to $28, which is still a fairly good deal on a speaker that'll let you control your music, lights, thermostats and more with your voice. The Echo Dot even acts as a WiFi extender, adding up to 1,000 square feet of extra coverage, if you use the brand's Eero WiFi routers.
  Buy Echo Dot at Amazon - $28Blink Video Doorbell
  The Blink Video Doorbell is the least expensive doorbell in Amazon's lineup, and right now is down to $35 from its usual price of $50. You can use it wired to your existing doorbell wiring or run the unit on two AA batteries. Your first set of batteries is included and can last up to two years. The unit wakes up with a doorbell press or when it detects motion, enabling two-way talk. Wiring the unit allows it to activate your built-in doorbell chime. On batteries, you'll get alerts via the Blink app.
  Buy Blink Video Doorbell at Amazon - $35Logitech G435 gaming headset
  Logitech's G435 gaming headset typically goes for $80, but right now they're just $49.88. They connect via Bluetooth or with the USB-A dongle for a lower-latency wireless connection. The built-in mics allow for in-game chat and post-game Discord discussions. They'll pair up with a PC and both PlayStation 4 and 5 using the wireless dongle, or via Bluetooth with PC, Mac, and Nintendo Switch. You can pair them with your phone too, but keep in mind these don't have active noise cancellation.
  Buy Logitech G435 gaming headset at Amazon - $50Razer Kishi mobile controller
  Razer's Kishi mobile controller turns your smartphone into a Switch-like gaming device. It's usually $100, and Black Friday knocked 55 percent off the list price. Now the Android version is just a tad cheaper, bringing the sticker to $40. It's the same $45 for the iPhone version as it was for the shopping holiday. The Kishi connects via your phone's charging port, as opposed to via Bluetooth, so there's no wireless latency. Note that this is the original version of the device, not the recently released V2. That version isn't budging from its $99 MSRP.
  Buy Razer Kishi mobile controller at Amazon - $40Razer Orochi gaming mouse
  The Razer Orochi gaming mouse has an MSRP of $70, but right now that's down by half. This mobile mouse made the cut in our search for the ultimate productivity mouse. Even though we called it the most "forgettable-looking option," we were impressed by how lightweight and capable it is. It connects via Bluetooth or wireless dongle and runs on ether an AA or AAA battery, with up to 950 hours on a battery.
  Buy Razer Orochi gaming mouse at Amazon - $35Tile Pro tracker
  The Tile Pro tracker usually goes for $35, and was down $28 for Black Friday, but now it's even more affordable at just $25. The BlueTooth tracker has a convenient lanyard hole making it ideal for a set of keys, but you can also attach it to a pack or luggage. Regardless of what item you attach it to, the Tile app makes sure that item never goes missing. Using Bluetooth when it's within 400 feet, you can make the Tile Pro ring to find things that way. When an item is farther away, the Tile app uses the Tile network to locate the item by anonymously pinging the phones of other Tile users.
  Buy Tile Pro tracker at Amazon - $25Samsung EVO Select MicroSD card
  This Samsung microSD card is still on sale, with a 38 percent discount on the 256GB size bringing it down to just $25. It offers transfer speeds of up to 130MBps and even includes a SD adapter so you can use it with more of your devices.
  Buy Samsung EVO Select MicroSD card at Amazon - $25Kasa smart video doorbell
  A doorbell that works with either Alexa or the Google Assistant, the Kasa Smart Video Doorbell is on sale for just $42, down from its usual $60. In addition to offering app-controllable two-way audio and 1296p video from the 3MP camera, the Kasa doorbell comes with a plug-in chime to let you know when someone rings your bell. This model doesn't have a battery option, so it'll only work by hooking up to your existing doorbell wire.
  Buy Kasa Smart Video Doorbell at Amazon - $42Samsung T7 Shield
  The rugged Samsung T7 Shield portable SSD in 1TB is on sale for $100 right now, which matches its record-low price. We've been fans of the T7 lineup for quite some time, and the latest edition has a rubberized exterior that helps protect it from drops from almost 10 feet high. It's also IP65 water- and dust-resistant, and supports 1,050/1,000 MB/s read/write speeds.
  Buy T7 Shield (1TB) at Amazon - $100Samsung 980 Pro
  If you need a solid drive for your new PS5, Samsung's 980 Pro is a good choice. The 1TB version with an included heatsink is on sale for only $120, and since it comes with that accessory, it'll be ready to go for your console. We like its read speeds of 7,000MB/s, its smart thermal control and the fact that you can maintain and customize it using Samsung's Magician software.
  Buy Samsung 980 Pro (1TB) at Amazon - $120Crucial X8
  Crucial's X8 portable drive in 2TB is on sale for $140, which is a record-low price. We like this drive for its compact yet durable design that's drop-, shock- and vibration-resistant, plus its read speeds of up to 1,050MB/s. It also comes with a USB-C to A and a USB-C to C cable, so you can use it with almost any device.
  Buy Crucial X8 (2TB) at Amazon - $140SanDisk Extreme
  SanDisk's 2TB Extreme portable SSD dropped to $145 for Black Friday, which was the cheapest we've seen it. Since then, it creeped up by $5, but is still a healthy 67 percent discount. You get up to 1,050MB/s read and up to 1,000MB/s write speeds with this pocket-friendly drive, plus a design that's IP55 water and dust resistant, that's able to withstand drops from up to two meters. We also like that it has a carabiner loop built in so you can attach it to your bag.
  Buy SanDisk Extreme SSD (2TB) at Amazon - $150Lexar Play microSD card
  Perfect for bumping the capacity of a Nintendo Switch, Lexar's Play microSD card is on sale for only $15 right now. That'll get you the 128GB model, but this card goes up to a whopping 1TB of storage, and that version is down to $100, which is even cheaper than it was for Black Friday. This card supports 150MB/s read speeds and comes with five years of limited product support.
  Buy Lexar Play microSD card (128GB) at Amazon - $15Buy Lexar Play microSD card (1TB) at Amazon - $100Bose QuietComfort 45
  Bose's QuietComfort 45 headphones are available for $249, which is $20 more than their all-time low but still roughly $60 off their average street price. This is an alternative pick in our guide to the best wireless headphones. We liked that the QC 45s have a more neutral sound out of the box, still-capable ANC and a design that's comfortable without sacrificing the ability to fold up. They also use physical buttons instead of touch controls. We gave the QuietComfort 45 a review score of 86 last year.
  Buy Bose QuietComfort 45 at Amazon - $249Sennheiser Momentum True Wireless 3
  Sennheiser's Momentum True Wireless 3 are on sale for $200, which is $40 off the usual going rate and tied for the best price we've seen. These are the wireless earphones we recommend if detailed sound quality is your chief concern. Their adaptive ANC is effective, their eight-ish hours of battery life is solid and their default sound profile should satisfy if you enjoy a boosted low-end.
  Buy Sennheiser Momentum True Wireless 3 at Amazon - $200Sennheiser Momentum 4
  Another honorable mention in our guide to the best wireless headphones, Sennheiser's Momentum 4 is down to $276, which is an all-time low and $25 cheaper than they were for Black Friday. We gave this pair a review score of 82 this past August, admiring the stellar 60 or so hours of battery life per charge and great sound quality right out of the box.
  Buy Sennheiser Momentum 4 at Amazon - $276Amazon Echo Studio''
  The Echo Studio is a bigger and louder version of the standard Echo smart speaker, built to deliver hi-res audio. It's usually $200 and doesn't often go on sale, but for Black Friday, it's $40 off the list price. We gave the Studio an 88 in our review, saying Amazon had finally nailed the audio element of its smart speaker lineup. With the larger build and speaker array, it's clear Amazon is trying to compete with other smart speaker manufacturers like Sonos and Bose with this one, and for the most part, it does a fine job of it.
  Buy Echo Studio at Amazon - $160
  Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.
  

• TikTok and Bumble join anti-revenge-porn initiative
  TikTok and Bumble are the latest tech companies to join an initiative aimed at reducing the spread of revenge porn — intimate images and videos shared without the subject's consent. They've partnered with StopNCII.org (Stop Non-Consensual Intimate Image Abuse), which hosts a tool developed in partnership with Meta. TikTok, Bumble, Facebook and Instagram will detect and block any images that are included in StopNCII.org's bank of hashes.
  
  The website enables people to create hashes (unique digital fingerprints) of images and videos in question. This process takes place on their device. In order to protect users' privacy, the actual files aren't uploaded to StopNCII.org, only a unique string of letters and numbers.
  
  Hashes submitted to StopNCII.org are shared with the initiative's partners. If an image or video uploaded to TikTok, Bumble, Facebook or Instagram matches a corresponding hash and "meets partner policy requirements," the file will be sent to the platform's moderation team. If moderators find that the image breaks their platform's rules, they'll remove it. The other partner platforms will block the image from being shared too.
  
  The tool has been live for a year and more than 12,000 people have created cases to prevent intimate videos and images being shared without consent. Users have created more than 40,000 hashes to date. As Bloomberg notes, Meta partnered with SWGfL, the UK nonprofit behind the Revenge Porn Helpline, to develop StopNCII.org. SWGfL hopes that many more platforms will sign up.
  
  The initiative builds on a pilot Meta (then known as Facebook) started in Australia in 2017 that asked users to upload revenge porn images to a Messenger chat with themselves. Meta promised to delete the images after hashing them, but the approach raised obvious privacy concerns.
  
  TikTok and Bumble are joining the initiative amid increasing regulatory scrutiny on the former and a broader crackdown on revenge porn. The UK, for instance, plans to force platforms that host user-generated content to take down non-consensual intimate images more swiftly, as laid out in the government's Online Safety Bill.
  

• What we bought: How Zwilling’s Cool Touch Kettle became my most-used kitchen gadget
  I never got into coffee, but I do love a good cuppa. That said, I have zero respect for the natural process of boiling water. The internet tells us that water boils faster at high altitude, and I’ve been living between 6,000 and 8,000 feet for the past ten years. But I swear it was taking longer. Maybe chalk that up to the inverse relationship between patience and age. Somehow evading the laws of thermodynamics, Zwilling’s electric kettle does something spooky to water, boiling it in a fraction of the time I ever thought possible.
  
  Officially called the Zwilling Cool Touch Kettle, it’s made by the German brand Zwilling J. A. Henckels, which I’d previously only known for their chef’s knives that have been around since the 1700s. I stumbled upon the kettle while researching knives for a kitchen roundup at a previous job and decided to buy one. Glad I did.
  Amy Skorheim / Engadget
  I’ve owned electric kettles before, but they seemed to boil water only moderately faster than a microwave. They also had suspect cleanliness issues, either not allowing access to the interior, or having the heating elements exposed and crusty-looking at the bottom of the kettle. No such problems here, though, with the Zwiling’s fully enclosed, fully accessible interior. I’ve had the kettle for over a year now and it’s got some calcium buildup, but not so bad that I’ve felt the need to clean it.
  
  This kettle is part of Zwilling’s Enfinigy line and besides sounding vaguely indecent, Enfinigy is an indicator of the kettle’s energy optimization. Though it pumps out 1500 watts of power, it’s using those watts for a short period of time, automatically shutting off when water reaches a boil. Simple physics explains the efficiency at work here: the hefty amount of wattage, delivered by an equally hefty cord, fires up an internal element that gets hot quickly. The element sits directly beneath your water, sending heat into the well-insulated chamber where it can’t escape into the ether. Since less heat is wasted, there’s more going directly to boiling the water, and voila, hot water faster.
  Amy Skorheim / Engadget
  To prove its superiority, I decided to pit the boil times of the Zwilling kettle against my 1,200-watt microwave and natural gas stove. If I compared the results to free throw skills, the kettle is Steph Curry. The microwave and stove are me. In terms of numbers, two eight-ounce cups in the Zwilling boiled in two minutes. The same amount in the microwave took five minutes, and the stove got the water roiling in five minutes and 45 seconds.
  
  You can boil as little as two “cups” at a time (more on that below), which goes fast and saves a bunch of energy in the process. In a ploy to cheat time, I now use the Zwilling to boil pasta water too, adding a tiny amount to a pot on the stove and putting the majority of the H2O in the kettle, transferring it over when it boils. It always results in faster mac and cheese, which makes everyone happy.
  
  My only gripe is the lid. It’s got an easy-open, button-operated mechanism that raises the lid… halfway. Or a little more than halfway, to a 70-degree angle. That’s intentional and meant to keep people from burning their faces with steam, but I always wish it could open a little wider to make adding water and checking the level easier.
  Amy Skorheim / Engadget
  The only other issue I have is with the interior measurement markings. There are markers for metric liters, which are as straightforward as the metric system itself. But for imperial units, the cup markers are for “coffee cups,” which someone has decided means six ounces, instead of eight. Nice for that one-cup-to-one-tablespoon ratio for coffee, but trickier for cooking. Also do we need to add more complications to imperial measurements?
  
  I didn’t even mention how good it looks. It’s going to live on your countertop its entire life, so thankfully the matte silver-gray hue and streamlined, single-button interface are lovely to look at. And operation is dead simple. Click the button to start, pull the kettle off the base to stop. The button on the lid is in just the right spot, ergonomically speaking, and the pour is smooth and as slow or fast as your preferred drink requires – from an herbal tea flood to a thin pour-over stream. Not all kettles are worthy of a $115 price tag, but this one is.
  

• Huawei teases a smartwatch with built-in wireless earbuds
  As convenient as wireless earbuds can be, you typically have to carry a case around to store and charge them. Wouldn't you rather free up your pocket? Huawei thinks so. As The Registernotes, the Chinese brand has teased a Watch Buds smartwatch that includes earbuds you charge beneath the dial. Official details will have to wait as the company has delayed a winter consumer launch event slated for today, but there are already some clues as to how this oddball design will work.
  
  Huawei Central has obtained photos indicating that the earbuds attach to the underside of the dial and sit in recesses when the watch is closed. The design is similar to that of the Watch GT series, complete with a steel case and leather strap, and reportedly runs Huawei's in-house HarmonyOS. While the specs aren't available, it won't be surprising if there's a large battery when the watch has to power both itself and the buds.
  
  An early hands-on video from QSQTechnology, meanwhile, suggests that the earbuds attach to the watch through magnets. The buds' design is unremarkable, and doesn't look especially comfortable — this is about convenience more than anything.
  
  It's not certain when Huawei will formally announce the Watch Buds, nor is it clear which countries will get them. We definitely wouldn't count on a US launch given Huawei's persona non grata status. However, it won't be surprising if there's a market for the design. You could listen to music on a walk without carrying anything beyond your smartwatch, and you'd never have to worry about misplacing a charging case.
  

• Engadget Podcast: Kindle Scribe review and the rise of Twitter clones
  Finally, a Kindle you can write on! This week, we dive into Cherlynn’s review of the Kindle Scribe, Amazon’s first e-reader that can also capture handwritten notes. The hardware is great, but as usual, Amazon’s software feels half-baked. Also, Devindra and Cherlynn discuss the rise of new Twitter alternatives like Hive Social and Post. It looks like many communities are already splintering off to these services, but unfortunately, they can’t yet replicate the magic of Twitter.
  
  Listen below or subscribe on your podcast app of choice. If you've got suggestions or topics you'd like covered on the show, be sure to Morning After and Engadget News!
  Subscribe!
  iTunes
  
  Spotify
  
  Pocket Casts
  
  Stitcher
  
  Google Podcasts
  
  Topics
  
  
  Kindle Scribe review – 1:13
  
  Rise of the Twitter clones: Hive Social, Post, and Mastodon – 19:28
  
  Amazon will lose $10 billion on its Alexa division this year – 34:12
  
  We’ve got a new trailer for the Super Mario Bros. animated movie – 38:01
  
  Working on – 43:58
  
  Pop culture picks – 45:30
  'Livestream
  Credits'
  Hosts: Cherlynn Low and Devindra Hardawar
  Producer: Ben Ellman
  Music: Dale North and Terrence O'Brien
  Livestream producers: Julio Barrientos
  Graphic artists: Luke Brooks and Brian Oh
  

• Apple's upcoming mixed reality headset will reportedly run 'xrOS'
  Apple has internally changed the name of its upcoming mixed reality headset's accompanying software from "realityOS" to "xrOS," according to Parker Ortolanifound a patent application for "realityOS" filed by a shell company called Realityo Systems LLC. Bloomberg also reported back in August that yet another shell company with a different name filed applications for "Reality One," "Reality Pro" and "Reality Processor."
  
  This recent name change could indicate that Apple is ironing out the details of the project for its approaching launch. Gurman says Apple plans to debut the headset, its dedicated operating system and its app store sometime next year. According to previous reports, the device will feature virtual versions of the company's apps, including Messages, FaceTime and Maps, and will use iris scanning for app purchases and sign-ins. Apple's recent job listings also indicate that the tech giant is working on its own 3D mixed reality world, which could become a rival to Facebook's vision of the metaverse. 
  

• What’s New in Debian 11 “Bullseye”?
  Image
  Debian is a preferred choice of millions of Linux users for some of the most popular and powerful operating systems, like Ubuntu and its derivatives are based on Debian.
  Debian 11has finally been released, finally, after a long development work of two years. Bullseye – that’s the name given to this latest Debian Linux distro. So what are the updates and upgrades? In this article, let’s check out what’s new in Debian 11.
  Debian 11’s ArchitectureDebian supports a good range of hardware architectures. 
  Supported Architectures
  ARM EABI (armel) ARMv7 (EABI hard-float ABI and armhf) 64-bit ARM (arm64) 32-bit PC (i386) 64-bit PC (amd64) Little-endian MIPS (mipsel) 64-bit little-endian PowerPC 64-bit little-endian MIPS IBM System z (s390x)Not Supported Hardware
  Old MIPS 32-bit CPUsLinux Kernel InformationDebian 11 supports the Linux Kernel 5.10 LTS. Debian 10 Buster, the earlier version to Debian 11, used Linux Kernel 4.19 while released. A newer kernel means a new set of bug fixes, new hardware support, and improved performance.
  This is the perfect kernel for Debian bullseye considering the Debian lifecycle.   
  Supports exFATexFAT is the shortened form of the Extensible File Allocation Table. It’s a filesystem used for flash memory, such as SD cards and USB flash drives.
  Now Debian 11 provides support for the exFAT. For mounting the exFAT filesystem, you don’t need the filesystem-in-userspace implementation provided by the exfat-fuse package additionally anymore. Thanks to kernel 5.10! exFAT comes in handy with it. Tools for checking and creating an exFAT are given in the exfatprogs package.
  Bauhaus Movement Inspired Theme & WallpaperDebian features cool wallpapers and a default theme for each of the major releases. Debian 11’s theme is inspired by the Bauhaus movement. Bauhaus means “building house” and it was an art and design movement from 20th century Germany. The Bauhaus movement revolved around abstract, geometric style featuring little emotion or sentiments. 
  Its modern aesthetic still is immensely influential for designers, architects, and artists. You can see this theme all through Debian 11 whether it’s the installer, login window, or the Grub menu.
  Newer Desktop Environment VersionsDebian 11 offers newer desktop environment versions. Desktop flavors you get here are, KDE Plasma 5.20, GNOME 3.38, LXDE 11, LXQt 0.16, Xfce 4.16, and MATE 1.24. Debian prefers stability and it’s quite clear from the desktop environments. You might not get the latest cutting-edge distributions like Fedora or Arch/Manjaro.
  Updated PackagesDebian 11 consists of more than 11,294 new packages out of 59,551 packages. It also reduced over 9,519 “obsolete” packages and removed 42,821 that were updated. A total of 5,434 packages remained as they were.
  A good number of software applications and package updates are included in Debian bullseye, such as Apache 2.4.48, Calligra 3.2, Emacs 27.1, LibreOffice 7.0, Inkscape 1.0.2, Linux kernel 5.10 series, Perl 5.32, PHP 7.4, Vim 8.2, PostgreSQL 13, and the list goes on. All these ready-to-use software packages are built with over 30,000 source packages.
  With this huge selection of packages and wide architecture support, Debian has always stayed committed to its aim of being The Universal Operating System.
  Improved Printer and Scanner FeaturesDebian 11 presents a new ipp-usb package. It is built with a vendor-neutral IPP-over-USB protocol that is supported by many latest printers. So, many modern-day printers will be supported now by Debian. And you won’t need the drivers for that.
  SANE driverless backend lets you use scanners without any trouble.
  EndnotesWant to try Debian Bullseye? Get it from here. You can also check “bullseye” with Live Images without installing it on your PC. This will load and run the entire OS in read-only mode. These live images are available for the i386 and amd64 architectures in the form of USB sticks, DVDs, and netboot setups. Debian Live has a standard image. So you can try a basic Debian without any GUIs.
  And that’s the ending of this article. Hope you find our Debian 11 guide helpful.
  #Linux Debian News

• Nvidia Linux drivers causing random hard crashes and now a major security risk still not fixed after 5+ months
  Image The recent fiasco with Nvidia trying to block Hardware Unboxed from future GPU review samples for the content of their review is one example of how they choose to play this game. This hatred is not only shared by reviewers, but also developers and especially Linux users.
  The infamous Torvalds videos still traverse the web today as Nvidia conjures up another evil plan to suck up more of your money and market share. This is not just one off shoot case; oh how much I wish it was. I just want my computer to work.
  If anyone has used Sway-WM with an Nvidia GPU I’m sure they would remember the –my-next-gpu-wont-be-nvidia option.
  These are a few examples of many.
  The Nvidia Linux drivers have never been good but whatever has been happening at Nvidia for the past decade has to stop today. The topic in question today is this bug: [https://forums.developer.nvidia.com/t/bug-report-455-23-04-kernel-panic-due-to-null-pointer-dereference]
  This bug causes hard irrecoverable crashes from driver 440+. This issue is still happening 5+ months later with no end in sight. At first users could work around this by using an older DKMS driver along with a LTS kernel. However today this is no longer possible. Many distributions of Linux are now dropping the old kernels. DKMS cannot build. The users are now FORCED with this “choice”:
  {Use an older driver and risk security implications} or {“use” the new drivers that cause random irrecoverable crashes.}
  This issue is only going to get more and more prevalent as the kernel is a core dependency by definition. This is just another example of the implications of an unsafe older kernel causing issue for users: https://archlinux.org/news/moving-to-zstandard-images-by-default-on-mkinitcpio/
  If you use Linux or care about the implications of a GPU monopoly, consider AMD. Nvidia is already rearing its ugly head and AMD is actually putting up a fight this year.
  #Linux NVIDIA News

• MuseScore Created New Font in Memory of Original SCORE Program Creator
  Image
  MuseScore represents a free notation software for operating systems such as Windows, macOS and Linux. It is designed and suitable for music teachers, students & both amateur and professional composers. MuseScore is released as FOSS under the GNU GPL license and it’s accompanied by freemium MuseScore.com sheet music catalogue with mobile score viewer, playback app and an online score sharing platform. In 2018, the MuseScore company was acquired by Ultimate Guitar, which included full-time paid developers in the open source team. Since 2019 the MuseScore design team has been led by Martin Keary, known as blogger Tantacrul, who has consistently criticized composer software in connection with design and usability. From that moment on, a qualitative change was set in motion in MuseScore.
  
  Historically, the engraving quality in MuseScore has not been entirely satisfactory. After the review by Martin Keary, MuseScore product owner (previously known as MuseScore head of design) and Simon Smith, an engraving expert, who has produced multiple detailed reports on the engraving quality of MuseScore 3.5, it has become apparent that some key engraving issues should be resolved immediately.That would have a significant impact on the overall quality of our scores. Therefore, these changes will considerably improve the quality of scores published in the sheet music catalog, MuseScore.com.
  
  The MuseScore 3.6 was called 'engraving release,' which addressed many of the biggest issues affecting sheet music's layout and appearance and resulted from a massive collaboration between the community and internal team.
  
   
  
  Two of the most notable additions in this release are Leland, our new notation font and Edwin, our new typeface.
  
  Leland is a highly sophisticated notation style created by Martin Keary & Simon Smith. Leland aims to provide a classic notation style that feels 'just right' with a balanced, consistent weight and a finessed appearance that avoids overly stylized quirks.
  
  The new typeface, Edwin, is based on the New Century Schoolbook, which has long been the typeface of choice by some of the world's leading publishers, explicitly chosen as a complementary companion to Leland. We have also provided new default style settings (margins, line thickness, etc.) to compliment Leland and Edwin, which match conventions used by the world's leading publishing houses.
  
  “Then there's our new typeface, Edwin, which is an open license version of new Century Schoolbook - long a favourite of professional publishers, like Boosey and Hawkes. But since there is no music written yet, you'll be forgiven for missing the largest change of all: our new notation font: Leland, which is named after Leland Smith, the creator of a now abandoned application called SCORE, which was known for the amazing quality of its engraving. We have spent a lot of time finessing this font to be a world beater.”
  
  — Martin Keary, product owner of MuseScore
  
  Equally as important as the new notation style is the new vertical layout system. This is switched on by default for new scores and can be activated on older scores too. It is a tremendous improvement to how staves are vertically arranged and will save the composer’s work hours by significantly reducing his reliance on vertical spacers and manual adjustment.
  
  MuseScore 3.6 developers also created a system for automatically organizing the instruments on your score to conform with a range of common conventions (orchestral, marching band, etc.). Besides, newly created scores will also be accurately bracketed by default. A user can even specify soloists, which will be arranged and bracketed according to your chosen convention. These three new systems result from a collaboration between Simon Smith and the MuseScore community member, Niek van den Berg.
  
  MuseScore team has also greatly improved how the software displays the notation fonts: Emmentaler and Bravura, which more accurately match the original designers' intentions and have included a new jazz font called 'Petaluma' designed by Anthony Hughes at Steinberg.
  
  Lastly, MuseScore has made some beneficial improvements to the export process, including a new dialog containing lots of practical and time-saving settings. This work was implemented by one more community member, Casper Jeukendrup.
  
  The team's current plans are to improve the engraving capabilities of MuseScore, including substantial overhauls to the horizontal spacing and beaming systems. MuseScore 3.6 may be a massive step, although there is a great deal of work ahead.
  
  Links
  
  Official release notes: MuseScore 3.6
  
  Martin Keary’s video: “How I Designed a Free Music Font for 5 Million Musicians (MuseScore 3.6)”
  
  Official video: “MuseScore 3.6 - A Massive Engraving Overhaul!”
  
  Download MuseScore for free: MuseScore.org
  #Linux Music Software FOSS

• Virtual Machine Startup Shells Closes the Digital Divide One Cloud Computer at a Time
  Image Startup turns devices you probably already own - from smartphones and tablets to smart TVs and game consoles - into full-fledged computers.
  Shells (shells.com), a new entrant in the virtual machine and cloud computing space, is excited to launch their new product which gives new users the freedom to code and create on nearly any device with an internet connection.  Flexibility, ease, and competitive pricing are a focus for Shells which makes it easy for a user to start-up their own virtual cloud computer in minutes.  The company is also offering multiple Linux distros (and continuing to add more offerings) to ensure the user can have the computer that they “want” to have and are most comfortable with.
  
  The US-based startup Shells turns idle screens, including smart TVs, tablets, older or low-spec laptops, gaming consoles, smartphones, and more, into fully-functioning cloud computers. The company utilizes real computers, with Intel processors and top-of-the-line components, to send processing power into your device of choice. When a user accesses their Shell, they are essentially seeing the screen of the computer being hosted in the cloud - rather than relying on the processing power of the device they’re physically using.
  
  Shells was designed to run seamlessly on a number of devices that most users likely already own, as long as it can open an internet browser or run one of Shells’ dedicated applications for iOS or Android. Shells are always on and always up to date, ensuring speed and security while avoiding the need to constantly upgrade or buy new hardware.
  
  Shells offers four tiers (Lite, Basic, Plus, and Pro) catering to casual users and professionals alike. Shells Pro targets the latter, and offers a quad-core virtual CPU, 8GB of RAM, 160GB of storage, and unlimited access and bandwidth which is a great option for software engineers, music producers, video editors, and other digital creatives.
  
  Using your Shell for testing eliminates the worry associated with tasks or software that could potentially break the development environment on your main computer or laptop. Because Shells are running round the clock, users can compile on any device without overheating - and allow large compile jobs to complete in the background or overnight. Shells also enables snapshots, so a user can revert their system to a previous date or time. In the event of a major error, simply reinstall your operating system in seconds.
  
  “What Dropbox did for cloud storage, Shells endeavors to accomplish for cloud computing at large,” says CEO Alex Lee. “Shells offers developers a one-stop shop for testing and deployment, on any device that can connect to the web. With the ability to use different operating systems, both Windows and Linux, developers can utilize their favorite IDE on the operating system they need. We also offer the added advantage of being able to utilize just about any device for that preferred IDE, giving devs a level of flexibility previously not available.”
  
  “Shells is hyper focused on closing the digital divide as it relates to fair and equal access to computers - an issue that has been unfortunately exacerbated by the ongoing pandemic,” Lee continues. “We see Shells as more than just a cloud computing solution - it’s leveling the playing field for anyone interested in coding, regardless of whether they have a high-end computer at home or not.”
  
  Follow Shells for more information on service availability, new features, and the future of “bring your own device” cloud computing:
  
  Website: https://www.shells.com
  
  Twitter: @shellsdotcom
  
  Facebook: https://www.facebook.com/shellsdotcom
  
  Instagram: https://www.instagram.com/shellscom
  #virtual-machine #cloud-computing #Shells

• Ubuntu 20.10 “Groovy Gorilla” Arrives With Linux 5.8, GNOME 3.38, Raspberry Pi 4 Support
  Article Images Image
  Just two days ago, Ubuntu marked the 16th anniversary of its first ever release, Ubuntu 4.10 “Warty Warthog,” which showed Linux could be a more user friendly operating system.
  
  Back to now, after the six months of development cycle and the release of the current long-term Ubuntu 20.04 “Focal Fossa,” Canonical has announced a new version called Ubuntu 20.10 “Groovy Gorilla” along with its seven official flavor: Kubuntu, Lubuntu, Ubuntu MATE, Ubuntu Kylin, Xubuntu, Ubuntu Budgie, and Ubuntu Studio.
  
  Ubuntu 20.10 is a short term or non-LTS release, which means it will be supported for 9 months until July 2021. Though v20.10 does not seem a major release, it does come with a lot of exciting and new features. So, let’s see what Ubuntu 20.10 “Groovy Gorilla” has to offer:
  New Features in Ubuntu 20.10 “Groovy Gorilla”
  
  Ubuntu desktop for Raspberry Pi 4
  Starting with one of the most important enhancements, Ubuntu 20.10 has become the first Ubuntu release to feature desktop images for the Raspberry Pi 4. Yes, you can now download and run Ubuntu 20.10 desktop on your Raspberry Pi models with at least 4GB of RAM.
  
  Even both Server and Desktop images also support the new Raspberry Pi Compute Module 4. The 20.10 images may still boot on earlier models, but new Desktop images only built for the arm64 architecture and officially only support the Pi 4 variant with 4GB or 8GB RAM.
  Linux Kernel 5.8
  
  
  Upgrading the previous Linux kernel 5.4, the latest Ubuntu 20.10 ships the new Linux kernel 5.8, which is dubbed��“the biggest release of all time” by Linus Torvalds as it contains the highest number of over 17595 commits.
  
  So it’s obvious that Linux 5.8 brings numerous updates, new features, and hardware support. For instance, Kernel Event Notification Mechanism, Intel Tiger Lake Thunderbolt support, extended IPv6 Multi-Protocol Label Switching (MPLS) support, Inline Encryption hardware support, Thunderbolt support for Intel Tiger Lake and non-x86 systems, and initial support for booting POWER10 processors.
  GNOME 3.38 Desktop Environment
  
  
  Another key change that Ubuntu 20.10 includes is the latest version of GNOME desktop environment, which enhances the visual appearance, performance, and user experience of Ubuntu.
  
  One of my favorite features that GNOME 3.38 introduces is a much-needed separate “Restart” button in the System menu.
  
  
  
  Among other enhancements, GNOME 3.38 also includes:
  Better multi-monitor support Revamped GNOME Screenshot app Customizable App Grid with no “Frequent Apps” tab Battery percentage indicator New Welcome Tour app written in Rust Core GNOME apps improvementsShare Wi-Fi hotspot Via QR Code
  
  
  If you’re the person who wants to share the system’s Internet with other devices wirelessly, this feature of sharing Wi-Fi hotspot through QR code will definitely please you.
  
  Thanks to GNOME 3.38, you can now turn your Linux system into a portable Wi-Fi hotspot by sharing QR code with the devices like laptops, tablets, and mobiles.
  Add events in GNOME Calendar app
  
  
  Forget to remember the events? A pre-installed GNOME Calendar app now lets you add new events (birthday, meetings, reminders, releases), which displays in the message tray. Instead of adding new events manually, you can also sync your events from Google, Microsoft, or Nextcloud calendars after adding online accounts from the settings.
  Active Directory Support
  
  
  In the Ubiquity installer, Ubuntu 20.10 has also added an optional feature to enable Active Directory (AD) integration. If you check the option, you’ll be directed to configure the AD by giving information about the domain, administrator, and password.
  
  
  Tools and Software upgrade
  
  
  Ubuntu 20.10 also features the updated tools, software, and subsystems to their new versions. This includes:
  glibc 2.32, GCC 10, LLVM 11 OpenJDK 11 rustc 1.41 Python 3.8.6, Ruby 2.7.0, PHP 7.4.9 perl 5.30 golang 1.13 Firefox 81 LibreOffice 7.0.2 Thunderbird 78.3.2 BlueZ 5.55 NetworkManager 1.26.2Other enhancements to Ubuntu 20.10:Nftables replaces iptables as default backend for the firewall Better support for fingerprint login Cloud images with KVM kernels boot without an initramfs by default Snap pre-seeding optimizations for boot time improvements
  A full release notes of Ubuntu 20.10 is also available to read right from here.
  How To Download Or Upgrade To Ubuntu 20.10
  If you’re looking for a fresh installation of Ubuntu 20.10, download the ISO image available for several platforms such as Desktop, Server, Cloud, and IoT.
  
  But if you’re already using the previous version of Ubuntu, you can also easily upgrade your system to the Ubuntu 20.10. For upgrading, you must be using Ubuntu 20.04 LTS as you cannot directly reach 20.10 from 19.10, 19.04, 18.10, 18.04, 17.04, or 16.04. You should first hop on to v20.04 and then to the latest v20.10.
  
  As Ubuntu 20.10 is a non-LTS version and by design, Ubuntu only notifies a new LTS release, you need to upgrade manually by either choosing a GUI method using the built-in Software Updater tool or a command line method using the terminal.
  
  For command line method, open terminal and run the following commands:
  
  sudo apt update && sudo apt upgrade
  
  sudo do-release-upgrade -d -m desktop
  
  Or else, if you’re not a terminal-centric person, here’s an official upgrade guide using a GUI Software Updater.
  
  Enjoy Groovy Gorilla!
  Ubuntu Groovy Gorilla GNOME GNOME 3.0 Raspberry Pi kernel

• Linux Mint 20.1 “Ulyssa” Will Arrive In Mid-December With Chromium, WebApp Manager
  Article Images Image
  As the Linux Mint team is progressing to release the first point version of Linux Mint 20 series, its founder and project leader Clement Lefebvre has finally revealed the codename for Linux Mint 20.1 as “Ulyssa”. He has also announced that Mint 20.1 will most probably arrive in mid-December (just before Christmas).
  
  Until you wait for its beta release to test Linux Mint 20.1, Clement has also shared some great news regarding the new updates and features that you’ll get in Mint 20.1.
  
  First, packaging of open source Chromium web browser and its updates directly through the official Mint repositories. As the team noticed delays between the official release and the version available in Linux distros, it has now decided to set up their own packaging and build Chromium package based on upstream code, along with some patches from Debian and Ubuntu as well.
  
  As a result, the first test build of Chromium is available to download from here.
  
  In last month's blog, the Mint team introduced a new WebApp Manager, inspired by Peppermint OS and its SSB (Site Specific Browser) application manager, ICE. It is a WebApp management system that will debut in Linux Mint 20.1 to turn a website into a standalone desktop application.
  
  However, the Debian package of WebApp Manager v1.0.5 is now available to download, which comes with UI improvements, bug fixes and better translations for languages.
  
   
  
   
  
  Another feature that you’ll be thrilled to see in Linux Mint 20.1 is the hardware video acceleration enabled by default in the Celluloid video player. Obviously, hardware-accelerated players will bring smoother playback, better performance and reduced CPU usage.
  
   
  
   
  
  Besides the confirmed features, the Linux Mint team is also looking for feedback on a side-project by Stephen Collins, “Sticky notes.” It is a note-taking app, which is still in Alpha stage. But if all goes well, who knows, you’ll see Sticky notes app in the upcoming Linux Mint.
  
   
  
   
  
  The Linux Mint team has also asked for opinion on IPTV (Internet Protocol Television). If you use M3U IPTV on your phone, tablet or smart TV, you can let them know. The team seems interested to develop an IPTV solution for Linux desktop as a side project if the audience is small or turn it into an official Linux Mint project, if demand is good enough.
  Linux Mint

• Newest IPFire Release Includes Security Fixes and Additional Hardware Support (IPFire 2.25 - Core Update 147)
  Image
  Michael Tremer, maintainer of the IPFire project, announced IPFire 2.25 Core Update 147 today. This is the newest IPFire release since Core Update 146 on June 29th.
  
  IPFire 2.25 Core Update 147 includes some important security updates including a newer version of Squid web proxy that has patched recent vulnerabilities.
  
  Beyond security updates, IPFire 2.25 Core Update 147 adds support for additional hardware, as well as enhancing support for existing hardware because the new release ships with version 20200519 of the Linux firmware package.
  
  IPFire 2.25 Core Update 147 also rectified a recurring issue relating to forwarding GRE connections.
  
  In addition, the update improved IPFire on AWS configurations.
  
  IPFire 2.25 Core Update 147 includes these updated packages: bind 9.11.20, dhcpcd 9.1.2, GnuTLS 3.6.14, gmp 6.2.0, iproute2 5.7.0, libassuan 2.5.3, libgcrypt 1.8.5, libgpg-error 1.38, OpenSSH 8.3p1, squidguard 1.6.0.
  
  You can download IPFire 2.25 Core Update 147 here.
  Releases

• Linux Mint 19.2 "Tina" Cinnamon Now Available, IBM Has Transformed Its Software to Be Cloud-Native and Run on Any Cloud with Red Hat OpenShift, Icinga Web 2.7.0 Released, Google Rolling Out Android Auto Design Updates and Kernel 5.1 Reaches End of Life
  
  News briefs for August 2, 2019.
  
  Linux Mint 19.2 "Tina" Cinnamonwas officially released today. This is a long-term support release that will be supported until 2023, and it brings updated software and many improvements. Go here toread about all the new features.
  
  IBM yesterday announced it has transformed its software to be cloud-nativeand run on any cloud with Red Hat OpenShift. From the announcement:"Enterprises can now build mission-critical applications once and run themon all leading public clouds, including AWS, Microsoft Azure, Google CloudPlatform, Alibaba and IBM Cloud and on private clouds.The new cloud-native capabilities will be delivered as pre-integratedsolutions called IBM Cloud Paks." IBM also announced Red Hat OpenShift onIBM Cloud, RedHat OpenShift on IBM Z and LinuxOne, and consulting andtechnology services for Red Hat.
  
  Icinga Web 2.7.0was released this week. Improvements include Japanese andUkranian language support, bonus functionality for Modules, an enhanced UIand much more. You can get the official packages from packages.icinga.com.
  
  Google begins rolling out new Android Auto design updates. ZDNetreports that "the new Android Auto starts playing media and Google Mapsas soon as the car starts. Maps will also show suggested locations. If aroute has already been planned on a phone, Android Auto automatically addsthe directions and displays routing information....Android Auto now also canuse widescreen displays to give extra space for step-by-step navigation,media playback, and call controls. Changes to improve visibility includeeasier-to-read fonts and a new dark mode.Overall, the design changes are meant to get users on the road faster andallow easier management of apps with fewer taps."
  
  Greg Kroah-Hartman recentlyannounced that Linux kernel 5.1 has reached endof life: "Everyone should bemoved to the 5.2.y kernel at this point in time. 5.1.y is nowend-of-life."
  Linux Mint IBM Cloud cloud native Red Hat OpenShift Icinga Google Android kernel

• Canonical Announces the Availability of Xibo as a Snap, Chrome 76 Released, Viruses Discovered in LibreOffice, Pop!_OS 18.10 Reaches End of Life, and Dutch Ministry of Justice and Security Warns of Microsoft Office Online Privacy Risks
  
  News briefs for August 1, 2019.
  
  Canonicalyesterday announced the availability of the Xibo open-source digital signageplatform as a snap. From the announcement: "Xibo provides acomprehensive suite of digital signage products, with its Content ManagementSystem (CMS) at the heart of this experience-led offering. Xibo for Linux iscompletely free and natively built for the Xibo CMS, which can be installedon servers or combined with Xibo cloud hosting."You can download the Xibo snap here.
  
  The Chrome team has promoted Chrome 76 to the stable channel for Windows,Mac and Linux. According to SoftpediaNews, "Highlights of the Chrome 76 releaseinclude Flash plugin blocked by default, Dark Mode support for websites,more improvements to the Payments API to allow merchant websites or web appsto respond when a user changes payment instruments, better support for PWAs(Progressive Web Apps), and the ability to control the 'Add to Home' screenmini-infobar."
  
  Silent macro viruses have been discovered in LibreOffice. TheRegister reports that there's an "issue where documents can beconfigured to run macros silently on opening". The vulnerability wasreported by Nils Emmerich and assignedCVE-2019-9848. According to The Register, "It appearsthat the supposedly fixed 6.2.5 is still vulnerable—confirmed by us."There is an updated bugreport here. To fix it, "disable LibreLogo immediately if it is present and enabled in your build of LibreOffice."
  
  System76announces that Pop!_OS 18.10 has reached end of life and will no longerreceive security updates. To keep your system secure and up to date, upgradeyour OS to version 19.04.
  
  Due to security and privacy risks, the Dutch Ministry of Justice and Security is warning governmentinstitutions not to use Microsoft Office online or mobile apps. According toTheRegister, "A report from PrivacyCompany, which was commissioned by theministry, found that Office Online and the Office mobile apps should bebanned from government work. The report found the apps were not incompliance with a set of privacy measures Redmond has agreed to with theDutch government."
  News Canonical Xibo Snap Chrome LibreOffice Security System76 Pop!_OS Microsoft Privacy

• Collabora Announces xrdesktop, Blender 2.8 Released, Arduino Selects Auth0 as Its Identity Management Platform of Choice, Microway Showcasing Its Data Science WhisperStation at PEARC19 and KDE Plasma Maintenance Update
  
  News briefs for July 31, 2019.
  
  Collaborayesterday announced xrdesktop. This new open-source project"enables interaction with traditional desktopenvironments, such as GNOME and KDE, in VR. Sponsored by Valve, xrdesktopmakes window managers aware of VR and is able to use VR runtimes to renderdesktop windows in 3D space, with the ability of manipulating them with VRcontrollers and generating mouse and keyboard input from VR." See the wikifor instructions on how to install xrdesktop.
  
  Blender 2.80 hasbeen released. This new version "features a redesigned userinterface that puts the focus on the artwork that you create. A new darktheme and modern icon set were introduced. Keyboard, mouse and tabletinteraction got a refresh with left click select as the new default. QuickFavorites menus provide rapid access to often-used tools." See the ReleaseNotes for details.
  
  Auth0 announces Arduino has selected Auth0 as its identity managementplatform of choice. Auth0 will be replacing Arduino's own Single Sign Onsolution for all of its public-facing web properties. From the announcment:"Arduino discovered its homegrown authentication solution would not scale tomeet the rapidly developing needs of its growing global community, andreached out to Auth0. In addition to Single Sign On, Arduino will takeadvantage of Auth0's new Universal Login, which enables developers tocompletely customise their branded authentication experiences quickly, andDevice Flow for browserless or input-constrained devices."
  
  Microway is showcasing its Data Science WhisperStation, a UniqueUltra-Quiet NVIDIA Data Science Workstation, at PEARC19 in Chicago this week(ending on August 1st). From the press release: "Up to 10 times faster thanCPU solutions from data preparation to result, the Data ScienceWhisperStation helps data scientists, analysts, and engineers transformmassive datasets into insights in less time." You can learn more about PEARChere, and more about the DataScience WhispterStation here.
  
  KDE released the fourth maintenance update to the latest KDE Plasma 5.16desktop environment. The release adds three weeks' worth of newtranslations and a few bug fixes, which are small but important. See the fullchangelog for details.
  News Collabora xrdesktop VR Valve Desktop Blender Arduino Auth0 Security Microway Big Data Hardware KDE Plasma