Fedora is a Trademark of Red Hat, Inc, an operating system built by volunteers around the world. This page is provided so that independent volunteers can showcase our contributions to Fedora and Free Software in general. Official Fedora Download page.

RSS Atom

We Make Fedora

July 05, 2025

• Kevin Fenzi whew. Datacenter move (mostly) over

  

  Hey everyone. Welcome to the far side of the 2025 Datacenter Move. Everything is now moved over and (mostly) working from the new location.

  There are of course some things to fix still. We have been tracking the smaller items in: https://pagure.io/fedora-infrastructure/issue/12620 and larger ones in their own tickets. At this point if you see an issue please check if it's been mentioned above or in another infra ticket and if not, let us know.

  Things did not go as smoothly as I was hoping they would. I was hoping to have the build pipeline up and running on wed, but it took us until thursday morning to finish bringing it up.

  We are collecting items for a retrospective now and should hold that in the next week or two, but a few I will be mentioning:

  The good:

  • Other folks on my team (CLE - Community Linux Engineering) did tons of great work. My co-workers in .eu timezones shutting things down, then storage folks in east coast us switching storage meant that when I got in (west coast us) everything was ready to move.

  • The other Red Hat teams we worked with ( networking, storage, dc operations) were all great and very responsive to helping us

  • The community was great in being patient and waiting for things to come back up.

  • The new machines are super fast!

  The bad:

  • Took longer than expected to bring the build pipeline up again. This was due to a number of reasons, but the two big ones were: a) We used mtu 9000 in the old datacenter and carried that over to the new one. However there were some cross vlan links that were not working right with jumbo frames. This culminated in a networking outage wed afternoon that took us off line for a few hours. and b) our pkgs server is not something we redeploy much. It's one of our last RHEL8 instances. Because of this there were some issues that were difficult to debug and work through to get things working.

  • I copied our wiki database several times and it failed with a disk space full error. Turns out mariadb has a large binary file and by default rsync just copies to a temp copy and moves it in place at the end. If your disk isn't more than 2x the size of the db, boom. --inplace fixed that.

  Next week there's still some work to do. We need to power off all the machines in our old datacenter. Some of the newer hardware will be shipped to the new datacenter and we will use them to augment capacity. Some will be more builders, more openqa workers, etc.

  Finally, I've been super focused on this move, now that we are done after next week I hope to start in on the backlog of other things that I put off: packaging work, emails to reply to, AI scraper mitigation, and such.

  It's great to have this in the rear view mirror!

  comments? additions? reactions?

  As always, comment on mastodon: https://fosstodon.org/@nirik/114802872655170817

July 04, 2025

• Fedora Community Blog Infra and RelEng Update – Week 27, 2025

  This is a weekly report from the I&R (Infrastructure & Release Engineering) Team. We provide you both infographic and text version of the weekly report. If you just want to quickly look at what we did, just look at the infographic. If you are interested in more in depth details look below the infographic.

  Week: 30 June – 04 July 2025

  

  Infrastructure & Release Engineering

  The purpose of this team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work.
  It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.).
  List of planned/in-progress issues

  Fedora Infra

  • In progress:
    • no Matrix notifications from FMN since June 15
    • [FMTS] TLS certificate for gitlab-centos service is about to expire in 30 days
    • Decommission provisioning.fp.org
    • Planned Outage – Datacenter Move outage – 2025-06-30 01:00 UTC
    • Please register my testing instance of Fedora Infrastructure apps to OIDC
    • Forgejo: Owner access to @jflory7 for @CommOps
    • Move copr_hypervisor group from iptables to nftables
    • tmpwatch removed from ansible
    • Link in staging distgit instance leads to prod auth
    • re-add datagrepper nagios checks (and add to zabbix?)
    • Fix logrotate on kojipkgs01/02
    • 2025 datacenter move (IAD2->RDU3)
    • Broken link for STG IPA CA certificate, needed for staging CentOS Koji cert
    • [CommOps] Open Data Hub on Communishift
    • retire easyfix
    • Deploy Element Server Suite operator in staging
    • Pagure returns error 500 trying to open a PR on https://src.fedoraproject.org/rpms/python-setuptools-gettext
    • maubot-meetings bot multi line paste is cut
    • Move OpenShift apps from deploymentconfig to deployment
    • The process to update the OpenH264 repos is broken
    • httpd 2.4.61 causing issue in fedora infrastructure
    • Support allocation dedicated hosts for Testing Farm
    • EPEL minor version archive repos in MirrorManager
    • Add fedora-l10n pagure group as an admin to the fedora-l10n-docs namespace projects
    • vmhost-x86-copr01.rdu-cc.fedoraproject.org DOWN
    • Add yselkowitz to list to notify when ELN builds fail
    • Cleaning script for communishift
    • Move from iptables to firewalld
    • Port apps to OIDC
    • Help me move my discourse bots to production?
    • Migration of registry.fedoraproject.org to quay.io
  • Done:
    • Some links from src.fedoraproject.org are broken for packages with plus (+) in their names
    • release-monitoring.org isn’t filing bugs
    • please don’t remove enrolled centos machines from IPA in staging
    • RFR: Requesting a new FAS Group: Phosh SIG
    • Need to delete user account in FAS that has been already deleted in Discourse (discussion.fedoraproject.org) due to violations (spam, AI, etc.)

  CentOS Infra including CentOS CI

  • In progress:
    • Decommission IAD2 CentOS infra
    • Wrapper to check / create projects on GitLab using the REST API
    • [spike] : investigating options/alternatives for the upcoming DC move
    • expand ppc64le builders pool for Stream
    • Release Improvements
  • Done:
    • Request for New Mailing List: genos – at – centos.org
    • c7 builds failing for cksum mismatch of firewalld-filesystem-0.6.3-13.el7_9.noarch – centos7-updates
    • Add siosm (myself) as a sponsor to sig-cloud group
    • Stream 9 new mirror : mirror.clarkson.edu
    • Verify/Change target of press email address
    • Create a repo and FAS group for FRCL
    • CBS koji permissions
    • Update openinfra server to sync centos mirror
    • resources for OpenQA test execution
    • migrate id{.stg}.centos.org to new DC
    • Hardware init new RDU3 servers (part 1 / wave 0)
    • Prepare AWS new VPC for isolated builders
    • Mailing lists broken with DMARC

  Release Engineering

  • In progress:
    • Stalled package epel10 gtksourceview3
    • F43 system-wide change: GNU Toolchain update for F43 https://fedoraproject.org/wiki/Changes/GNUToolchainF43
    • evaluate proposed F43 change for preserving debuginfo in static .a libraries
    • `–no-git-branch` option to fedpkg request-branch and creating the branch manually doesn’t work as expected
    • EPEL 8 x86_64 won’t sync with Red Hat Satellite
    • Broken fork
    • msedit: Delete commit
    • F39 Archives are still not cleaned up
    • Fedora-KDE-42-1.1-x86_64-CHECKSUM has wrong ISO filename
    • F40 end of life
    • Turn EPEL minor branching scripts into playbooks
    • Mass retirement of packages with uninitialized rawhide branch
    • 300+ F42FTBFS bugzillas block the F41FTBFS tracker
    • Packages that have not been rebuilt in a while or ever
    • Send compose reports to a to-be-created separate ML
    • Could we have fedoraproject-updates-archive.fedoraproject.org for Rawhide?
    • Investigate and untag packages that failed gating but were merged in via mass rebuild
    • a few mass rebuild bumps failed to git push – script should retry or error
    • Package retirements are broken in rawhide
    • Update pungi filters
    • Implement checks on package retirements
    • Untag containers-common-0.57.1-6.fc40
    • Provide stable names for images
    • Packages that fail to build SRPM are not reported during the mass rebuild bugzillas
    • When orphaning packages, keep the original owner as co-maintainer
    • Create an ansible playbook to do the mass-branching
    • RFE: Integration of Anitya to Packager Workflow
    • Fix tokens for ftbfs_weekly_reminder. script
    • Update bootloader components assignee to “Bootloader Engineering Team”for Improved collaboration
  • Done:
    • Cannot build rust-debug-helper for epel9
    • Side tag for Perl 5.42
    • F43 System-wide change: Perl 5.42
    • New package not in tag f43-updates-candidate
    • “initial_commit”: false not respected in releng/fedora-scm-requests
    • Fix incorrectly created epel10 branch for lcov package
    • Untag graphviz-13.0.1-2.fc43 and graphviz-13.0.1-2.eln150 (and the 13.0.1-1 builds too)
    • Removing oneself from a package does not reset bugzilla assignee
    • Unretirement request: elementary-photos
    • F42 Atomic Desktops `-testing` builds failing on pungi-make-ostree error
    • Recent WSL image builds fail with “Unsupported file type: Fedora-WSL-Base-Rawhide-20250530.n.0.aarch64.wsl”
    • Request for permissions to make changes on torrent server
    • Fix OpenH264 tagging issues

  Fedora Data Center Move: “It’s Move Time!” and Successful Progress!
  

  This week was “move time” for the Fedora Data Center migration from IAD2 to RDU3, and thanks to the collective effort of the entire team, it’s been a significant success! We officially closed off the IAD2 datacenter, with core applications, databases, and the build pipeline successfully migrated to RDU3. This involved meticulously scaling down IAD2 OpenShift apps, migrating critical databases, and updating DNS, followed by the deployment and activation of numerous OpenShift applications in RDU3. While challenges arose, especially with networking and various service configurations, our dedicated team worked tirelessly to address them, ensuring most services are now operational in the new environment. We’ll continue validating and refining everything, but we’re thrilled with the progress made in establishing Fedora’s new home!

  If you have any questions or feedback, please respond to this report or contact us on #redhat-cpe channel on matrix.

  The post Infra and RelEng Update – Week 27, 2025 appeared first on Fedora Community Blog.

• Remi Collet 🎲 PHP 8.5 as Software Collection

  Version 8.5.0alpha1 has been released. It's still in development and will enter soon in the stabilization phase for the developers, and the test phase for the users (see the schedule).

  RPM of this upcoming version of PHP 8.5, are available in remi repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, CentOS, Alma, Rocky...) in a fresh new Software Collection (php85) allowing its installation beside the system version.

  As I (still) strongly believe in SCL's potential to provide a simple way to allow installation of various versions simultaneously, and as I think it is useful to offer this feature to allow developers to test their applications, to allow sysadmin to prepare a migration or simply to use this version for some specific application, I decide to create this new SCL.

  I also plan to propose this new version as a Fedora 44 change (as F43 should be released a few weeks before PHP 8.5.0).

  Installation :

  yum install php85

  ⚠️ To be noticed:

  • the SCL is independent from the system and doesn't alter it
  • this SCL is available in remi-safe repository (or remi for Fedora)
  • installation is under the /opt/remi/php85 tree, configuration under the /etc/opt/remi/php85 tree
  • the FPM service (php85-php-fpm) is available, listening on /var/opt/remi/php85/run/php-fpm/www.sock
  • the php85 command gives simple access to this new version, however, the module or scl command is still the recommended way.
  • for now, the collection provides 8.5.0-alpha1, and alpha/beta/RC versions will be released in the next weeks
  • some of the PECL extensions are already available, see the extensions status page
  • tracking issue #307 can be used to follow the work in progress on RPMS of PHP and extensions
  • the php85-syspaths package allows to use it as the system's default version

  ℹ️ Also, read other entries about SCL especially the description of My PHP workstation.

  $ module load php85
  $ php --version
  PHP 8.5.0alpha1 (cli) (built: Jul  1 2025 21:58:05) (NTS gcc x86_64)
  Copyright (c) The PHP Group
  Built by Remi's RPM repository  #StandWithUkraine
  Zend Engine v4.5.0-dev, Copyright (c) Zend Technologies
      with Zend OPcache v8.5.0alpha1, Copyright (c), by Zend Technologies
  

  As always, your feedback is welcome on the tracking ticket.

  Software Collections (php85)

  

• Remi Collet 🛡️ PHP version 8.1.33, 8.2.29, 8.3.23 and 8.4.10

  RPMs of PHP version 8.4.10 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  RPMs of PHP version 8.3.23 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  RPMs of PHP version 8.2.29 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  RPMs of PHP version 8.1.33 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  ℹ� The packages are available for x86_64 and aarch64.

  ⚠� PHP version 8.0 has reached its end of life and is no longer maintained by the PHP project.

  These versions are also available as Software Collections in the remi-safe repository.

  🛡� These Versions fix 3 security bugs (CVE-2025-1220, CVE-2025-1735, CVE-2025-6491), so the update is strongly recommended.

  Version announcements:

  • PHP 8.4.10 Release Annoucement
  • PHP 8.3.23 Release Annoucement
  • PHP 8.2.29 Release Annoucement
  • PHP 8.1.33 Release Annoucement

  ℹ� Installation: use the Configuration Wizard and choose your version and installation mode.

  Replacement of default PHP by version 8.4 installation (simplest):

  dnf module switch-to php:remi-8.4/common
  

  Parallel installation of version 8.4 as Software Collection

  yum install php84

  Replacement of default PHP by version 8.3 installation (simplest):

  dnf module switch-to php:remi-8.3/common
  

  Parallel installation of version 8.3 as Software Collection

  yum install php83

  And soon in the official updates:

  • Fedora Rawhide now has PHP version 8.4.10
  • Fedora 42 - PHP 8.4.10
  • Fedora 41 - PHP 8.3.23

  ⚠� To be noticed :

  • EL-10 RPMs are built using RHEL-10.0
  • EL-9 RPMs are built using RHEL-9.6
  • EL-8 RPMs are built using RHEL-8.10
  • intl extension now uses libicu74 (version 74.2)
  • mbstring extension (EL builds) now uses oniguruma5php (version 6.9.10, instead of the outdated system library)
  • oci8 extension now uses the RPM of Oracle Instant Client version 23.8 on x86_64 and aarch64
  • a lot of extensions are also available; see the PHP extensions RPM status (from PECL and other sources) page

  ℹ� Information:

  • Migrating from PHP 8.2.x to PHP 8.3.x
  • Migrating from PHP 8.3.x to PHP 8.4.x

  Base packages (php)

  

  

  

  

  Software Collections (php83 / php84)

  

  

  

  

July 03, 2025

• Kiwi TCMS Kiwi TCMS 14.3

  We're happy to announce Kiwi TCMS version 14.3!

  IMPORTANT:

  This is a minor version release which includes security related updates, several improvements, bug fixes and new translations.

  Recommended upgrade path:

  14.2 -> 14.3
  

  You can explore everything at https://public.tenant.kiwitcms.org!

  ---

  Public container image (x86_64):

  pub.kiwitcms.eu/kiwitcms/kiwi   latest  0de20b89c781    691MB
  

  IMPORTANT: version tagged and multi-arch container images are available only to subscribers!

  Changes since Kiwi TCMS 14.2

  Security

  • Update Django from 5.1.8 to 5.1.11, addressing medium severity vulnerabilities, CVE-2025-32873 and CVE-2025-48432, which do not appear to affect Kiwi TCMS

  Improvements

  • Remove the django-uuslug dependency
  • Update django-colorfield from 0.13.0 to 0.14.0
  • Update django-grappelli from 4.0.1 to 4.0.2
  • Update django-guardian from 2.4.0 to 3.0.3
  • Update django-simple-history from 3.8.0 to 3.10.1
  • Update django-tree-queries from 0.19.0 to 0.20.0
  • Update markdown from 3.8 to 3.8.2
  • Update psycopg[binary] from 3.2.6 to 3.2.9
  • Update pygments from 2.19.1 to 2.19.2
  • Update python-gitlab from 5.6.0 to 6.1.0
  • Update uwsgi from 2.0.29 to 2.0.30
  • Update node_modules/pdfmake from 0.2.18 to 0.2.20
  • Display nested Test Plan(s) in select drop-down on New Test Run page
  • Implement Bugzilla.details() method to fetch more information about reported bugs via the existing Bugzilla integration interface
  • Refactor URL /accounts/<username>/profile/ into /accounts/<pk>/profile/ to prevent usernames being exposed in logs or anonymous analytics
  • Refactor URL /plan/<pk>/<slug> into /plan/<pk>/ to prevent test plan summary being exposed in logs or anonymous analytics. Fixes Issue #3994

  Bug fixes

  • Make sure IssueTrackerType.details() method provides id and status fields to prevent crashes when IssueTracker integration falls back to this method
  • For Bug.details() API method always cast internal result to dict to avoid the situation where modernrpc/handlers/xmlhandler.py::dumps_result() doesn't know how to serialize that! Fixes Sentry KIWI-TCMS-VV
  • Don't send email notifications to inactive users

  Refactoring and testing

  • Update node_modules/eslint-plugin-import from 2.31.0 to 2.32.0
  • Update node_modules/webpack from 5.99.6 to 5.99.9
  • Use the public interface tcms_api.TCMS().exec in tests
  • Add test for unauthenticated Bugzilla.details() which falls back to OpenGraph

  Translations

  • Updated Chinese Simplified translation
  • Updated Chinese Traditional translation
  • Updated Persian translation

  Kiwi TCMS Enterprise v14.3-mt

  • Based on Kiwi TCMS v14.3
  • Update certbot-* from 4.0.0 to 4.1.1
  • Update dj-database-url from 2.3.0 to 3.0.1
  • Update django-prometheus from 2.3.1 to 2.4.1
  • Update sentry-sdk from 2.26.1 to 2.32.0
  • Update social-auth-app-django from 5.4.3 to 5.5.1

  Private container images

  hub.kiwitcms.eu/kiwitcms/version            14.3 (x86_64)           096aa72ea8b7    03 Jul 2025     691MB
  hub.kiwitcms.eu/kiwitcms/version            14.3 (aarch64)          90de3cb881d6    03 Jul 2025     703MB
  hub.kiwitcms.eu/kiwitcms/enterprise         14.3-mt (aarch64)       182297e972ce    03 Jul 2025     1.08GB
  hub.kiwitcms.eu/kiwitcms/enterprise         14.3-mt (x86_64)        3697c45224c0    03 Jul 2025     1.06GB
  

  IMPORTANT: version tagged, multi-arch and Enterprise container images are available only to subscribers!

  How to upgrade

  Backup first! Then follow the Upgrading instructions from our documentation.

  Happy testing!

  ---

  If you like what we're doing and how Kiwi TCMS supports various communities please help us grow!

  • Give â­� on GitHub;
  • Join our newsletter and follow all project news;
  • Become a contributor and an awesome open source hacker;
  • Become a subscriber and help us sustain development

• Charles-Antoine Couret 20 ans de Fedora-fr : dixième entretien avec Kévin touche à tout du projet Fedora et Fedora-fr

  Introduction

  Dans le cadre des 20 ans de Fedora-fr (et du Projet Fedora en lui-même), Charles-Antoine Couret (Renault) et Nicolas Berrehouc (Nicosss) avons souhaité poser des questions à des contributeurs francophones du Projet Fedora et de Fedora-fr.

  Grâce à la diversité des profils, cela permet de voir le fonctionnement du Projet Fedora sous différents angles pour voir le projet au delà de la distribution mais aussi comment il est organisé et conçu. Notons que sur certains points, certaines remarques restent d'application pour d'autres distributions.

  N'oublions pas que le Projet Fedora reste un projet mondial et un travail d'équipe ce que ces entretiens ne permettent pas forcément de refléter. Mais la communauté francophone a de la chance d'avoir suffisamment de contributeurs de qualité pour permettre d'avoir un aperçu de beaucoup de sous projets de la distribution.

  Chaque semaine un nouvel entretien sera publié sur le forum Fedora-fr.org, linuxfr.org et mon blog ici même.

  L'entretien du jour concerne Kévin Raymond (pseudo shaiton), ancien contributeur de Fedora et de Fedora-fr.org.

  Entretien

  Bonjour Kévin, peux-tu présenter brièvement ton parcours ?

  Perso ? Au sein de la communauté ? C'est un peu trop large pour être bref.. Curieux et créatif, j'ai découvert l'informatique, l'électronique et la programmation au Lycée. J'ai eu la chance que mon père fasse le choix de Linux pour moi et s'occupe de mes premières installations… Voir configuration matérielle. Au début il fallait internet pour configurer internet (recompilation de pilotes de périphériques) c'était un beau casse-tête sans personne pour vous aiguiller. Bon ok si on remet dans l'ordre au tout début il n'y avait pas la problématique du Wi-Fi. J'ai poursuivi mes études par un DUT GEII (Génie Electrique et Informatique Industrielle) en poursuivant sur une licence puis une école d'ingénieur électronique/informatique en alternance. Plus les années passaient plus j'avais de projets informatique ou électronique perso ou professionnels à réaliser et plus je m'éloignais du monde Windows, plus je me sentais chez moi sous Linux.

  Peux-tu présenter brièvement tes contributions au Projet Fedora ?

  Initialement traducteur francophone, j'en suis arrivé à être le coordinateur principal de l'équipe francophone. J'ai également contribué à l'internationalisation des sites internet du Projet Fedora. Ce qui m'a amené à en être un des mainteneurs principaux pendant quelques temps et de m'occuper du déploiement des nouvelles versions à chaque nouvelle sortie de version de Fedora. De là j'ai intégré l'équipe infrastructure afin de pouvoir suivre ou déclencher les mises à jour des sites. Étant un des traducteurs principaux, j'ai rejoins l'équipe documentation pour la même raison que l'équipe site internet : améliorer le déploiement des traductions. Et c'est également pour les traductions que je suis devenu coordinateur Transifex, une des plateformes de traduction utilisée un temps par le projet. Il a fallu accompagner les développeurs pour la migration et assurer le suivi du déploiement. Le problème principal étant qu'un développeur ne se rend pas compte qu'une traduction est disponible ou même qu'elle n'est pas inclue dans sa dernière version. Ayant un pied dans pas mal de portes, j'en suis venu à aider la coordination de chaque sortie de versions de Fedora. Ça c'est pour la partie productivité, mais il y a la partie sociabilité qui est une part importante de la vie d'un contributeur. Je suis devenu ambassadeur du Projet Fedora jusqu'à en devenir un mentor. J'ai également intégré le bureau de l'association Fedora-Fr, devenue Borsalinux-Fr lors de mon mandat. J'ai dirigé quelque temps la production de goodies pour l'équipe FR, les réunions hebdomadaire et co-organisé une rencontre internationale à Paris − le FUDCON − après en avoir été plusieurs fois un participant actif (aux États-Unis, Italie, Suisse).

  Qu'est-ce qui fait que tu es venu sur Fedora et que tu y es resté ?

  Pour le produit, c'était « Fedora Core » à l'époque : pour la nouveauté. Les distributions GNU/Linux étaient en plein développement, beaucoup de nouveautés arrivaient chez l'un avant l'autre. J'en ai essayé plusieurs et j'ai beaucoup aimé les choix proposés sous Fedora Core, j'y suis resté depuis 2005 (au moins en perso, si l'entreprise ne me laissait pas le choix).

  Pourquoi contribuer à Fedora en particulier ?

  Quant-au Projet et bien c'est parce que le produit me plaisait que tout naturellement c'est là que j'ai participé. Autant contribuer à ce dont on se sert tous les jours. Bon je dois quand même dire que c'est le programme d'ambassadeur qui m'a permis d'être inclus. Les forum d'entraide je voyais plutôt ça comme un mal nécessaire. En arrivant sur Paris, j'ai eu la chance de pouvoir rencontrer physiquement des passionnés prêt à vous écouter et vous aiguiller sur vos aspirations. Merci à Mathieu Bridon (dit « bochecha ») sans qui je serai resté de l'autre côté de la fenêtre.

  Contribues-tu à d'autres Logiciels Libres ? Si oui, lesquels et comment ?

  Très et trop peu. Je maintiens la traduction du logiciel GNU Make. D'ailleurs il me faut la rafraichir depuis la dernière mise à jour. J'en suis devenu le mainteneur parce que le précédent ne répondait plus et que la traduction actuelle ne me convenait pas. Si quelqu'un veut le reprendre je m'en sépare bien volontiers ! Ensuite j'ai des contributions ponctuelles sur mes interactions professionnelles. Principalement pour du correctif je n'ai pas une part active malgré mon envie. J'essaye autant que possible de tester les nouvelles versions de Fedora dès la version Alpha. Grâce à ma connaissance de Fedora, j'ai intégré le projet OLPC France où j'ai pu apporter mon expertise « Fedora » pour les outils de sauvegarde et mise à jour des XO (nom des ordinateurs portable du Projet OLPC basés sur la distribution GNU/Linux Fedora). Et je suis même allé à Madagascar gérer le déploiement d'une mise à jour distro de l'ensemble d'un parc. Expérience très enrichissante.

  Utilises-tu Fedora dans un contexte professionnel ? Et pourquoi ?

  Oui autant que possible. C'est mon univers, je maîtrise l'environnement et je n'ai pas besoin de chercher comment faire telle ou telle actions ce qui est bien plus rapide. J'apprécie aussi énormément les choix proposés par défaut. GNOME et son mode non intrusif me permet de rester concentré sur le principal (en espérant que la proposition du choix par défaut KDE ne sera pas acceptée…) Mais c'est aussi parce que Fedora fait partie de moi, je me suis construit avec le produit, avec le projet et avec la communauté. C'est comme quitter son pays natal, on peut le faire mais on n'est plus chez nous. Je me sens très bien sous Fedora et si je veux aider, corriger ou contribuer, je sais déjà comment m'y remettre.

  Est-ce que tes contributions à Fedora sont un atout direct ou indirect dans ta vie professionnelle ? Si oui, de quelle façon ?

  C'est un atout direct bien évidemment. Étant ingénieur en systèmes embarqués Linux, autant maîtriser l'environnement qui permet de répondre au besoin de l'entreprise. Dans l'entreprise on doit répondre à un besoin. Et pour ça l'humain invente des outils. S'il ne maîtrise pas ses outils il est moins productif et perd une part de ses capacités pour s'adapter à son environnement. D'un autre côté, j'aime le produit Fedora (peut-être maintenant surtout pour la Communauté) et travailler sous Fedora c'est vouloir se lever le matin et être accueilli par quelque chose qui nous fait plaisir. C'est devenu important pour mon bien être.

  Tu as été actif sur de nombreux projets de Fedora durant quelques années tout en étant non employé de Red Hat, est-ce que cela a été un frein dans ta participation d'une quelconque façon ?

  Absolument pas. J'étais assez pris par toutes mes contributions pour ne pas chercher à vouloir faire de la politique. Il y avait déjà assez de Guru dans l'équipe française pour que je ne m'y colle pas. Au travers de Red Hat j'ai trouvé du soutien, des conseils et du professionnalisme. Mais également des amis.

  Qu'est-ce que tu as fait plus exactement pour l'infrastructure et les sites web du Projet Fedora ?

  Pour les sites web, j'ai cherché à faire en sorte que mes traductions soient utilisées, déployées. C'est bien beau de passer ses nuits à traduire plutôt que dormir ou réviser, mais si le jour J la traduction n'est pas utilisée, à quoi cela sert-il ? Et si on te réponds « arf, si ça avait été publié 12h plutôt ça aurait apparu, maintenant il faut attendre le prochain déploiement dans 6 j » ça frustre. Et parfois ce n'est pas qu'une question de date c'est aussi un problème de code. Le développeur ne sait pas qu'une traduction est disponible, il ne l'utilise donc pas. J'ai donc pris en charge la synchronisation des équipes de traduction avec la génération des différents sites. J'ai créé des outils et modifié les process de déploiement des sites afin que les traducteurs soient au courant des dates et que l'équipe websites déploit automatiquement les traductions sans étapes manuelles inutiles. Côté infra j'étais là pour seconder l'équipe sur le déploiement des sites internet. Je pouvais déployer moi-même la version de test du site fedoraproject.org afin que les traducteurs puissent relire leurs traductions et soumettre des problèmes/correctifs avant le déploiement le jour J (pour rappel une nouvelle version tous les 6 mois). En tant que coordinateur principal de l'équipe de traduction francophone, j'étais aux premières loges pour corriger les problèmes et indiquer la procédure de test aux autres équipes.

  Tu as aussi géré la traduction quelques années entre Thomas Canniot et Jean-Baptiste Holcroft, qu'est-ce qui t'a attiré dans cette activité et qu'est-ce que tu as fait ?

  Ça a été entre mon année d'étude en Écosse ou j'ai beaucoup amélioré mon anglais et ma première année d'école d'ingénieur à Paris. Si j'ose l'annoncer à voie haute, j'ai eu beaucoup de temps perso lors de mes années d'école d'ingénieur c'est grâce à tout ce temps libre que j'ai pu plonger dans le projet Fedora. Et Matthieu, mon mentor m'a correctement accompagné pour trouver là ou je serai le plus utile, l'équipe de traduction où Thomas s'est quasiment retrouvé tout seul. Il gérait une équipe d'1,5 personne en se comptant lui-même. Je suis arrivé et à deux on a abattu un travail énorme pour rattraper les dérives. Je traduisais puis lui me corrigeait. Je venais de loin, il a fallu attendre mes 24 ans que je découvre la grammaire française, les règles d'accord COI/COD… Bon ce n'était pas très fun alors je me suis spécialisé sur la syntaxe. À deux nous avons recruté d'autres traducteurs, ensuite il a vu qu'on était une équipe, il m'a laissé la main sur la traduction. J'ai vécu 2 transitions d'outils de gestion des traductions. J'ai donné beaucoup d'effort sur le projet Transifex. Jusqu'à ce que ce projet se tourne vers un modèle commercial et que le projet Fedora change d'outil. Là je me suis dit que je ne voulais pas recommencer, j'avais des projets de refonte de tout l'outil de déploiement des sites internet. L'équipe de traduction n'était plus mon sujet prioritaire. Je ne sais même plus comment Jean-Baptiste a pris la main, mais à un moment donné les projets ont migré sur le nouvel outil, et moi j'ai perdu tout ce que j'avais mis en place. Mes outils ou scripts permettant d'obtenir les dernières traductions, d'obtenir le pourcentage de complétion de traduction de chaque langue sur chaque projet. Je n'ai plus rouvert cette porte j'ai laissé la main et je me suis concentré uniquement sur la relecture et la formation des nouveaux : habitudes de traduction pour la cohérence de l'historique, utilisation de la bonne syntaxe. Jusqu'à ce qu'on ne me voit plus contribuer sur la liste de diffusion. En résumé, j'avais le développement des sites qui était prioritaire, j'avais de moins en moins de temps à accorder, une équipe de jeunes (pas dans l'âge mais dans la date d'arrivée dans l'équipe de traduction francophone) et un changement d'outil et de process qui m'ont tout naturellement écartés de mes responsabilités.

  En 2012, le FUDCon (devenu Flock depuis) s'est tenu à Paris et tu en as été l'un des principaux organisateurs. Peux-tu expliquer le but de ces rencontres et de leur importance ? Quelles ont été les difficultés d'une telle organisation ? Quels souvenirs en retires tu ?

  Le FUDCon était un événement annuel (par région) qui était l'occasion pour les contributeurs de se rencontrer pour mieux se connaître mais aussi pour avancer plus rapidement sur des points particuliers et abolir les fuseaux horaires. C'était également l'occasion de rencontrer les « Redhatters ». C'est également lors de ces événements qu'on rapproche tous les organes de la communauté. Les rencontres physiques sont très importantes. Beaucoup d'échanges dans la communauté se passent en anglais, dont c'est la langue maternelle pour une grande partie. Il est parfois difficile de cerner le ton employé à l'écrit par un individu − oui toutes nos réunions étaient en chat/IRC −, c'est lors de rencontre de ce genre qu'on peut cerner le caractère d'un individu et comprendre quand il est sérieux, ironique ou espiègle. C'est aussi l'occasion d'échanger sur la vie, d'autres sujets qui ne sont pas ceux de tous les jours. Ou ouvre notre horizon. Lors de mon premier FUDCon à Zurich, j'étais tout jeune arrivé dans le projet. Je n'avais pas grand chose à dire mais beaucoup à apprendre. Et plus je me rapprochais de l'équipe France, plus j'entendais que la communauté rêverait d'un événement en France, à Paris. Alors un jour, un peu poussé, on a monté une petite équipe pour cet événement. Il a fallu choisir une date, trouver un lieu, proposer des logements et réaliser toute la logistique : - créer des goodies pour faire de petit cadeaux pour que les contributeurs puissent repartir avec un beau souvenir (t-shit « tour Eiffel » et dessous-de verre réutilisables) - gérer les subventions des contributeurs, s'ils proposaient un sujet (talk) ils pouvaient bénéficier d'une subvention par Red Hat - trouver un traiteur - coordonner l'équipe d'orga… J'ai rencontré pas mal de nouvelles difficultés. C'est la première fois que je gérais (en partie) un budget autre que le mien. Mais c'est également la première fois qu'on comptait sur moi -physiquement- à une si grande échelle. L'équipe d'organisation s'est principalement tournée autour des membres de l'association Borsalinux-Fr, mais on avait bien entendu des personnes en charge côté « Red Hat » sur qui se reposer puisque cet événement était sponsorisé tous les ans sur les différentes régions (Amérique, Asie, EMEA). N'oubliez surtout pas que dans EMEA il y a Europe, mais également Afrique. Ahhhh l'Afrique. C'est loin et dans l'espace et dans la culture. Je me souviens d'un appel le matin de l'événement. « Salut Kévin, j'ai raté mon avion, tu peux me trouver un autre vol » ? Oui, c'était un contributeur dont le billet d'avion était payé complètement sur le budget subvention de l'événement. Et ça paraissait naturel pour lui que je lui paie un nouveau billet pour l'avion qu'il avait raté parce qu'il est arrivé en retard à l'aéroport... Bon il a choisit de prendre lui-même le nouveau billet il est venu et on a passé de bons moments ! C'était un des contributeurs les plus actifs de sa région à cette époque. Autre problématique plus ennuyante au long terme : j'ai utilisé mon adresse email perso pour réserver le traiteur. Et je ne sais pas ce qu'il a fait, mais il s'est enregistré avec ma propre adresse email sur une liste quelque part, et depuis 12 ans je reçois des emails en tant que gestionnaire de cette entreprise. J'ai des candidatures spontané pour des comptables, je reçois des promotions pour acheter des sardines en gros, je reçois des nouvelles de la mairie de Paris… Ça c'est pénible. Mais j'avais à l'époque l'alias email @fedoraproject.org et j'aurai du écrire avec mon contact « pro » plutôt que perso. On apprend beaucoup en contribuant dans les projets communautaires ! Finalement, avoir organisé cet événement m'a donné de l'expérience pour organiser le même genre d'événement au sein du projet OLPC − One Laptop Per Child.

  Tu as aussi beaucoup rédigé et géré le magazine francophone Muffin, peux-tu nous expliquer en quoi ça consistait et ce que tu as fait ? Que penses-tu de ce format et du travail réalisé ?

  Muffin c'était incroyable. Depuis mes années d'études ou je devais rédiger des rapports et présenter du contenu d'une manière très formelle, j'ai appris à rédiger en LaTeX. Je pensais savoir, connaître et comprendre. Quand j'ai vu ce que mettait en place melmorabity (Mohamed El Morabity) pour le rendu, j'étais obligé de rester pour en apprendre plus ! J'ai surtout participé à la rédaction du numéro 3. C'est l'occasion de mettre en avant des nouveautés, d'anticiper sur les demandes qui vont venir dans les forum et de présenter de contenu de qualité à nos utilisateurs. J'étais tous les premiers samedi du mois aux PSL à la Cité des Sciences à Paris. C'était une rencontre mensuelle (peut-être a-t-elle encore lieu ?) où plusieurs contributeurs de plein de communautés différentes venaient à la rencontre de leurs utilisateurs. Ce magazine avait une cible de plus. C'était également quelque chose qu'on était fier de mettre en avant lors des différents salons que nous représentions (FOSDEM, Solution Linux…) Fedora misant sur les nouveautés, il est important qu'on utilise différents moyens pour annoncer les changements aux utilisateurs. C'était un moyen de plus.

  Par ailleurs à la même période il y avait je crois un _Linux Pratique Essentiel_ dédié à Fedora 13 sorti vers 2011-2012 qui a impliqué de nombreux rédacteurs de la communauté francophone dont toi. Peux-tu revenir sur cette expérience ? Quelle a été la plus-value de travailler avec un éditeur pour créer ce magazine payant ?

  Hum, ça me dit quelque chose mais je n'en n'ai plus aucun souvenir. J'ai peut-être très peu contribué dans ce magazine ? Je me souviens plutôt de ma première rencontre avec mon mentor, au 42 de je ne sais plus quelle rue à Paris. C'était pour un live sur Radio Libertaire pour ensuite aller à une rediffusion d'une conférence de RMS dans un lieu plein d'idées nouvelles… Y'a pas à dire il se passe plein de chose à Paris !

  Tu t'es ensuite mis en retrait de la communauté francophone après 2013, pour quelles raisons ?

  Plus j'en faisais au sein de la communauté Fedora, plus j'étais en capacité d'en faire plus. Je n'arrêtais pas d'interagir avec les différentes équipes pour améliorer la productivité, réduire les freins rencontrés par différents contributeurs, améliorer la collaboration. Sauf qu'au bout d'un moment, on entend les oiseaux chanter par la fenêtre et on se dit « mince, c'est déjà le matin ? » aller il faut aller chercher une ou deux heures de sommeil avant d'attaquer le boulot. Celui pour lequel on est payé. J'ai passé des semaines à plus de 30h de contribution sur les projets libres. Avec le boulot à plein temps à côté. Je n'étais pas le seul, mais si en plus on se disperse dans trop de sujets on ne peut pas tous les suivre complètement. Et si en plus on est à Madagascar avec une connexion internet limité, que ça coïncide avec le déploiement d'une nouvelle version et que c'est habituellement toi qui appuie sur le bouton ? Et bien tu trouves un « jeune » tout fou que tu formes et qui passe autant de temps avec toi sur internet qu'avec sa famille, tu lui confies la tâche d'appuyer sur le bouton et d'utiliser en prod tout le process de déploiement que tu viens de changer et activer après 2 mois de refontes complète. Tu te rends compte que ça se passe bien sans toi, que ça tourne, qu'il est fiable. Tu es rassuré et tu te dis « je me suis libéré d'une charge, qu'elle est ma prochaine priorité ? » Merci à Robert Mayr (robyduck) pour cette belle succession ! À ce moment j'ai également quitté Paris pour revenir dans mes montagnes (Haute-Savoie). J'ai intégré un nouveau travail dans lequel j'ai mis tout mon temps et même plus. Je n'ai plus eu l'occasion de rencontrer les collaborateurs du Projet Fedora aussi souvent et j'ai décroché. Oui j'ai trop donné pour mon entreprise à l'époque pour ce qu'elle me rendait, mais ayant relâché les rennes de la traduction FR et des sites internet, je me suis redirigé vers le loisir en montagne ce qui m'a permis de passer moins de temps sur l'ordinateur. Je n'avais plus non plus de contacts réguliers avec des guru de l'informatique : ceux qui vous tirent vers le haut. J'avais beaucoup de connaissances sur la collaboration que j'ai acquis au sein du projet à mettre en place dans mon entreprise. Finalement, j'ai continué mes « contributions libres » mais en tant que bénévole, je suis maintenant formateur en alpinisme. Je passe beaucoup de mon temps libre dans une autre association qui n'a plus de lien avec Fedora si ce n'est le bénévolat.

  Si tu avais la possibilité de changer quelque chose dans la distribution Fedora ou dans sa manière de fonctionner, qu'est-ce que ce serait ?

  Je ne suis plus au fait des axes politiques Fedora/Red Hat, je ne sais pas à quel point le rachat de Red Hat a influé sur le Projet Fedora même si j'ai vu passer quelques messages sur ce contexte. Je trouve que certains aspects sont trop éparpillés. J'ai vécu (à côté sans être contributeur) le développement de la forge Pagure (hello pingou !) mais également le choix de certains projets de partir sur gitlab ou github. Il y a des avantages et des inconvénients. Personnellement, j'ai découvert Gerrit et tout ce que ça permet. Je l'ai moi-même mis en place dans mon nouvel emplois en 2014. Dès cet instant je n'ai plus réussi à contribuer au Projet Fedora. Les outils utilisés étaient un frein pour moi je ne pouvais plus suivre les développements aussi facilement. Donc si je devais changer quelque chose dans le projet, on passerait tout sous Gerrit. Ok je n'ai pas répondu à la vraie question qui concernait le produit... Wayland, systemd ? Non non la politique ce n'est pas pour moi, j'aime avancer et ma première et dernière modification si ce n'est la traduction c'est l'activation de la console en 256 couleurs par défaut. Ça me suffit je vis très bien avec !

  À l'inverse, est-ce qu'il y a quelque chose que tu souhaiterais conserver à tout prix dans la distribution ou le Projet en lui même ?

  J'aime me dire que c'est un produit qui évolue avec sa communauté et non pas avec une entreprise. Ce que je souhaite conserver, c'est les quatre fondations : Freedom, Friends, Features, First Les nouvelles fonctionnalités étant ce que j'apprécie beaucoup. Je suis du genre à désactiver les mises à jour auto et aimer déclencher moi-même les mises à jour afin de surveiller tout ce qui arrive.

  Que penses-tu de la communauté Fedora-fr que ce soit son évolution et sa situation actuelle ? Qu'est-ce que tu améliorerais si tu en avais la possibilité ?

  Malheureusement je n'en fais plus partie, j'aimerai. Mais je n'arriverai pas à retrouver le même sentiment en restant à distance, le contact physique ou régulier avec les contributeurs me manque. Mais de la même manière que la plongée ou le parapente me manque. On n'a qu'une vie et elle est remplie de choix.

  Quelque chose à ajouter ?

  Merci beaucoup à vous d'être encore actif, aux nouveaux d'avoir pris la relève et à tout le monde de continuer à contribuer pour ce produit. C'est tous les jours que je pense aux milliers de contributeurs Fedora et aux centaines de contributeurs que j'ai connus personnellement.

  Merci Kévin pour ta contribution !

  Conclusion

  Nous espérons que cet entretien vous a permis d'en découvrir un peu plus sur le site Fedora-fr.

  Si vous avez des questions ou que vous souhaitez participer au Projet Fedora ou Fedora-fr, ou simplement l'utiliser et l'installer sur votre machine, n'hésitez pas à en discuter avec nous en commentaire ou sur le forum Fedora-fr.

  À dans 10 jours pour un entretien avec Aurélien Bompard, développeur au sein du Projet Fedora et employé Red Hat affecté au Projet Fedora en particulier dans l'équipe infrastructure.

July 02, 2025

• Peter Czanik Your first steps configuring syslog-ng

  Some of our most active users chose syslog-ng because of its detailed and accurate documentation (https://syslog-ng.github.io/). Later I received complaints that it is too detailed, and we need a tutorial: https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/. This time, I was asked for something even shorter. Here you are!

  Before you begin

  If you want to configure syslog-ng, you have to install it first. There are way too many ways to install syslog-ng, but I cannot include that many details here. Possibilities range from installing syslog-ng from a package included in your Linux distribution, through installing it from a 3^rd party repository, like ours, to building syslog-ng from source. In either case, you end up with syslog-ng installed in your environment and a default syslog-ng configuration.

  Configuring syslog-ng

  The default configuration usually collects local log messages in one or more text files. It is perfect for standalone workstations, but the main strength of syslog-ng is central log collection. Here we will learn about the main building blocks of a syslog-ng configuration and building a minimal syslog-ng configuration to collect log messages centrally.

  Minimal configuration

  @version:4.8
  source s_sys {
    system();
  internal();
  };
  destination d_mesg { file("/var/log/messages"); };
  log {
    source(s_sys);
        destination(d_mesg);
  };

  This is the shortest config I can think of. Of course, shorter identifiers and file names could make it even shorter, just as removing any white space. There is also an alternative syntax to make it shorter, however that is confusing for new users, and sometimes even to seasoned professionals.

  So, what do you see in this configuration? It starts with declaring the version number. This ensures that you get appropriate warnings if you use an old config with a new syslog-ng.

  Next, you will see three configuration blocks. Each one states the kind of building block first, like source, destination or log, all of which, except for log, have unique names. The other configurations are optional. By tradition, each name starts with a letter referring to the type of the block. This is not mandatory, and many Linux distros have a different naming scheme.

  Each source and destination might include multiple drivers. The system() source collects platform-specific local logs. The internal() source collects syslog-ng’s own logs. The file() destination writes logs to a file.

  The log statement (or log path) is a bit special: it connects the various building blocks together. In this case, it makes sure that logs from the s_sys source are written to the d_mesg destination.

  As you can see, the formatting of the configuration is pretty much flexible. One line, multiple lines, white space, no white space, it is up to you. Formatting can make the config easier to read, but syslog-ng does not need it.

  Adding a filter and more

  I extended the previous configuration a bit. The changes are marked with bold:

  @version:4.8
  @include "scl.conf"
  source s_sys {
    system();
    internal();
  };
  # this is a comment
  destination d_mesg { file("/var/log/messages.${MONTH}.${DAY}"); };
  
  filter f_default { level(info..emerg) and not (facility(mail)); };
  log {
    source(s_sys);
      filter(f_default); destination(d_mesg);
  };

  You can include other configuration files. “scl.conf” is a special one, as this name stands for the syslog-ng configuration library, which includes many useful configuration snippets. For example, parsers for Apache access logs or an Elasticsearch destination.

  You can use comments to explain more complex parts of your configuration.

  You can use macros in file names. In this example, instead of a single log file, a new one is created each day, and named after the current month and day. If you do additional message parsing, you could also use values parsed from log messages: for example, user names.

  You can use blank lines to separate building blocks. Unfortunately, I could not mark them with bold :-)

  I also added a filter, which means that I defined the filter, and included in the log path. I also defined a filter and included it in the log path. There is no need to add new lines to the configuration, therefore I placed the filter in the same line as the reference to the destination.

  Adding a network source and a few more destinations

  This configuration adds a network source and a few destinations to show that you can use a configuration block multiple times in your configuration.

  @version:4.8
  @include "scl.conf"
  source s_sys {
    system();
    internal();
  };
  # this is a comment
  destination d_mesg { file("/var/log/messages.${MONTH}.${DAY}"); };
  
  filter f_default { level(info..emerg) and not (facility(mail)); };
  log {
    source(s_sys);
      filter(f_default); destination(d_mesg);
  };
  
  # source for RFC5424 logs
  source s_syslog {
    syslog(port(601));
  };
  
  # destination for network logs
  destination d_fromnet {
    file("/var/log/fromnet");
    file("/var/log/fromnet.json" template("$(format-json --scope rfc5424 --scope dot-nv-pairs
          --rekey .* --shift 1 --scope nv-pairs)\n") );
  };
  
  # Elasticsearch destination
  destination d_elasticsearch {
    elasticsearch-http(
        index("syslog-ng")
        type("")
        user("elastic")
        password("Do2oFMbINS3hzfmR8uIV")
        url("https://172.16.167.182:9200/_bulk")
        template("$(format-json --scope rfc5424 --scope dot-nv-pairs
        --rekey .* --shift 1 --scope nv-pairs
        --exclude DATE @timestamp=${ISODATE})")
        tls(peer-verify(no))
    );
  };
  
  # all logs to Elasticsearch
  log {
    source(s_sys); source(s_syslog);
    destination(d_elasticsearch);
  };
  
  # network logs to files
  log { source(s_sys); destination(d_fromnet); };

  Here, I added a source and two more destinations, and, of course, also connected them in two log statements:

  • s_syslog collects RFC5424-compliant log messages at port 601 over non-encrypted TCP connections.

  • d_fromnet writes log messages to two different files. The first one is a regular syslog-formatted destination. The second one writes logs with a JSON template function, with all name-value pairs parsed from log messages included.

  • d_elasticsearch stores log data to an Elasticsearch database. It uses the JSON template function for message formatting, and it formats dates to be accepted by Elasticsearch.

  • The first log statement sends both local and network source log messages to the Elasticsearch destination. Here you can see that various building blocks can be used multiple times. Logs from s_src are written in a file, and also sent to the Elasticsearch destination.

  • The second log statement stores logs from the network source into files.

  What is next?

  Of course, while this blog is enough to understand the basic concepts of syslog-ng configuration, it did not cover all possibilities. There are parsers and other configuration elements, you can make things conditional with an if statement within a log path, and you can define sources and others within a log statement in-line, just to mention a few.

  • Links to the blogs and videos of the syslog-ng tutorial: https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/

  • Syslog-ng documentation: https://syslog-ng.github.io/

  • How to build a syslog-ng configuration with parsers and conditional parts: https://www.syslog-ng.com/community/b/blog/posts/developing-a-syslog-ng-configuration

  -

  If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik, on Mastodon as @Pczanik@fosstodon.org.

July 01, 2025

• Fedora Community Blog Fedora DEI Outreachy Intern – My first month Recap 🎊

  Hey everyone!
  
  It’s already been a month, I can’t imagine how time flies so fast, busy time?? Flock, Fedora DEI and Documentation workshop?? All in one month.
  
  As a Fedora Outreachy intern, my first month has been packed with learning and contributions. This blog shares what I worked on and how I learned to navigate open source communities.
  

  First, I would like to give a shoutout to my amazing Mentor, Jona Azizaj for all the effort she has put into supporting me. Thank You, Jona!

  Highlights from June

  Fedora DEI & Docs Workshop

  One of the biggest milestones this month was planning and hosting my first Fedora DEI & Docs Workshop. This virtual event introduced new contributors to Fedora documentation, showed them how to submit changes, and gave a live demo of fixing an issue – definitely a learning experience in event organizing!

  You can check the Discourse post; all information is in the post itself, including slides and comments.

  Flock 2025 recap

  I wrote a detailed Flock to Fedora recap article, covering the first two days of talks streamed from Prague. From big announcements about Fedora’s future to deep dives into mentorship, the sessions were both inspiring and practical. Read the blog magazine recap.

  Documentation contributions

  This month, I have contributed to multiple docs areas, including:

  • DEI team docs – Updated all the broken links in the docs.
  • Outreachy DEI page, and Outreachy mentored projects pages(under review) – I updated content and added examples of past interns, how Outreachy shaped their journey even beyond the internship.
  • How to Organize events section – Created a step guide for event planning.
  • Past event section – Documented successful Fedora DEI activities. It serves as an archive for our past events.

  Collaboration and learning

  The good part? It’s great to work closely with others, and I’m learning this in the open source space. I spend some time working with other teams as well:

  • Mindshare Committee – Learned how to request funding for events
  • Design team – I had an amazing postcards prepared, thanks to the Design team
  • Marketing – Got the Docs workshop promoted to different Fedora social accounts
  • Documentation team – Especially with Petr Bokoc, who shared a detailed guide on how you can easily contribute to the Docs pages.

  A great learning experience. One thing I could say about people in Open source (in Fedora), they’re super amazing, gentle Cheers – I’m enjoying my journey. 

  My role in Join Fedora SIG

  Oh, I thought it’s good to mention this as well, I am also part of the Join SIG, which helps newcomers find their place in Fedora. I’ve been able to understand how the community works, onboarding and mentorship.

  What I’ve learned

  • How to collaborate asynchronously – Video calls, and chats. 
  • How to chair meetings – I chaired two DEI Team meetings this month. The first one was challenging, but the second, I felt confident and even enjoyed it. I can tell I didn’t know how meetings are held in text  
  • How open source works – From budgeting to marketing, I’m learning how many moving pieces make Fedora possible. 

  What’s next

  I plan to revisit the Event checklist and revamp it, work with my mentor Jona and make it meaningful and useful for future events. 

  Also to continue improving the DEI docs, and promoting Fedora’s DEI work.

  Last word

  This month has already been full of learning and growth. If you’re also interested in helping out the DEI work, reach out to us in the matrix room.

  Thanks for reading!

  Your Friend in Open Source.

  The post Fedora DEI Outreachy Intern – My first month Recap 🎊 appeared first on Fedora Community Blog.

• Dave Airlie nvk: blackwell support

  Blog posts are like buses sometimes...

  I've spent time over the last month enabling Blackwell support on NVK, the Mesa vulkan driver for NVIDIA GPUs. Faith from Collabora, the NVK maintainer has cleaned up and merged all the major pieces of this work and landed them into mesa this week. Mesa 25.2 should ship with a functioning NVK on blackwell. The code currently in mesa main passes all tests in the Vulkan CTS.

  Quick summary of the major fun points:

  Ben @ NVIDIA had done the initial kernel bringup in to r570 firmware in the nouveau driver. I worked with Ben on solidifying that work and ironing out a bunch of memory leaks and regressions that snuck in.

  Once the kernel was stable, there were a number of differences between Ada and Blackwell that needed to be resolved. Thanks to Faith, Mel and Mohamed for their help, and NVIDIA for providing headers and other info.

  I did most of the work on a GB203 laptop and a desktop 5080.

  1. Instruction encoding: a bunch of instructions changed how they were encoded. Mel helped sort out most of those early on.

  2. Compute/QMD: the QMD which is used to launch compute shaders, has a new encoding. NVIDIA released the official QMD headers which made this easier in the end.

  3. Texture headers: texture headers were encoded different from Hopper on, so we had to use new NVIDIA headers to encode those properly

  4. Depth/Stencil: NVIDIA added support for separate d/s planes and this also has some knock on effects on surface layouts. 

  5. Surface layout changes. NVIDIA attaches a memory kind to memory allocations, due to changes in Blackwell, they now use a generic kind for all allocations. You now longer know the internal bpp dependent layout of the surfaces. This means changes to the dma-copy engine to provide that info. This means we have some modifier changes to cook with NVIDIA over the next few weeks at least for 8/16 bpp surfaces. Mohamed helped get this work and host image copy support done.

  6. One thing we haven't merged is bound texture support. Currently blackwell is using bindless textures which might be a little slower. Due to changes in the texture instruction encoding, you have to load texture handles to intermediate uniform registers before using them as bound handles. This causes a lot of fun with flow control and when you can spill uniform registers. I've written a few efforts at using bound textures, so we understand how to use them, just have some compiler issues to maybe get it across the line.

  7. Proper instruction scheduling isn't landed yet. I have a spreadsheet with all the figures, and I started typing, so will try and get that into an MR before I take some holidays. 

   

• Fedora Community Blog Simplifying Fedora Package Submission Progress Report – GSoC ’25

  Student: Mayank Singh

  • Fedora Account: manky201

  About Project

  Hi everyone, I’m working on building a service to make it easier for packagers to submit new packages to Fedora, improving upon and staying in line with the current submission process. My main focus is to automate away trivial tasks, provide fast and clear feedback, and tightly integrate with Git-based workflows that developers are familiar with.

  This month

  I focused on presenting a high-level architecture of the service of the project to the Fedora community and collecting early feedback. These discussions were incredibly helpful in shaping the design of the project. In particular, they helped surface early concerns and identify important edge cases that we will need to support.

  The key decision is to go with a monorepo model:
  Each new package submission will be a Pull Request to a central repository where contributors submit their spec files and related metadata.

  The service will focus on:

  • Running a series of automated checks on the package (e.g rpmlint)
  • Detecting common issues early.
  • Reporting the feedback and results in the same PR thread for fast feedback loops.
  • Keeping the logic abstract and forge-agnostic, reuse packit-service’s code and layer new handlers on top of it.

  Currently, Working on setting up the local development environment and testing for the project with packit-service.

  What’s Next ?

  I’ll be working on getting a reliable testing environment ready and write code for COPR integration for builds and the next series of post build checks. All the code can be found at avant .

  Thanks to my mentor Frantisek Lachman and the community for the great feedback and support.

  Looking forward to share further updates.

  The post Simplifying Fedora Package Submission Progress Report – GSoC ’25 appeared first on Fedora Community Blog.

• Dave Airlie radv: VK_KHR_video_encode_av1 support

   I should have mentioned this here a week ago. The Vulkan AV1 encode extension has been out for a while, and I'd done the initial work on enabling it with radv on AMD GPUs. I then left it in a branch, which Benjamin from AMD picked up and fixed a bunch of bugs, and then we both got distracted. I realised when doing VP9 that it hasn't landed, so did a bit of cleanup. Then David from AMD picked it up and carried it over the last mile and it got merged last week.

  So radv on supported hw now supports all vulkan decode/encode formats currently available.  

June 30, 2025

• Swiss JuristGate Lawyer X, Law Firm X and Elon Musk's X: scandals linked by Old Xaverian

  Just when you thought it was safe to go to court, think again. Your lawyer might not have your best interests at heart and even worse, they may be working for the other side.

  In 2014, journalists discovered Victoria Police had a secret informer, a mole snitching on the underworld, identified by the code name Lawyer X.

  Initially, police were so concerned they sought a restraining order to prevent the media from publishing anything about the scandal. Police even sought to have the code name Lawyer X suppressed from publication.

  It was beyond embarassing: not only did police have the burden of protecting their secret informer, they may also have to protect her relatives who share the same name. The most notable among them, the informer's uncle, James Gobbo, a supreme court judge who subsequently served as Governor for the State of Victoria.

  There is absolutely no suggestion that Lawyer X's relatives had anything to do with her misdeeds. Nonetheless, the clients she betrayed were the biggest crooks in town, until, of course, her unethical behavior gave them the opportunity to have those convictions overturned and present themselves as model citizens once again. Any relatives or former business associates of Lawyer X, including the former governor, would be in danger for the rest of their lives.

  James Gobbo and his son James Gobbo junior are both Old Xaverians, graduates of Melbourne's elite Jesuit school for boys, like my father and I.

  Lawyer X was eventually revealed to be Nicola Gobbo, a graduate of the elite girls school Genazzano FCJ College. My aunt, that is my father's sister, also went to Genazzano.

  Alumni communications typically refer to Old Xaverians with the symbols "OX" and the year of graduation, for example, "OX96" for somebody who graduated in 1996.

  Whenever a scandal like this arises, if the suspect is a graduate of one of these elite schools, the newspapers will be very quick to dramatize the upper class background. The case of Lawyer X was a head and shoulders above any other scandal: a former prefect and class captain who made a career out of partying with drug lords, having their children and simultaneously bugging their conversations for the police.

  Stories like this are inconvenient for those elite schools but in reality, I don't feel the schools are responsible when one of these unlucky outcomes arises. The majority of students are getting a head start in life but there is simply nothing that any school can do to prevent one or two alumni going off the rails like this.

  Having been through this environment myself, I couldn't believe what I was seeing in 2023 when the Swiss financial regulator (FINMA) voluntarily published a few paragraphs from a secret judgment, using the code name "X" to refer to a whole law office (cabinet juridique in French) of jurists in Geneva who had ripped off their clients.

  

  The Gobbo family, Genazzano FCJ College and alumni have finally been vindicated. The misdeeds of Lawyer X pale in comparison to the crimes of the Swiss law firm X.

  Remember, Lawyer X operated in secrecy, her identity only known to a small number of handlers inside the police department. Thanks to my own research, I was able to prove that the activities of Law firm X were fully known to the bar association and the financial regulator for at least two years before they belatedly closed the firm.

  Lawyer X claims she contributed evidence to the arrest of 386 suspects during her time as a police informer. Law firm X had over twenty thousand clients at the time they were shut down. They admit that client records fell into the hands of Walder Wyss, a rival law firm engaged in legal proceedings against some of the clients who were abandoned by the Swiss jurists.

  Lawyer X was a woman and in her most recent bid for compensation, she claimed she was exploited by the police. Law firm X trafficked at least one woman from France to come and work in Geneva helping them promote an unauthorized insurance service to residents of both France and Switzerland.

  Lawyer X was a former member of a political party. One of the jurists from Law firm X was working for the rogue law office at the same time that he was a member of Geneva city council. He is a member of the same political party as the Swiss president from that era.

  In 1993, Lawyer X was an editor of Farrago, Australia's leading student newspaper. Law firm X used the Swiss media to write positive stories about their company. When the same company was outlawed, nanny-state laws prevented the media reporting anything at all about its downfall. Ironically, one of my former clients was also an editor of Farrago before he became Australia's Minister for Finance. The word Farrago gives a fascinating insight into the life of Lawyer X. Here is a sample sentence using the word Farrago in the Cambridge dictionary:

  ... told us a farrago of lies

  When FINMA revealed the secret judgment shuttering Law Firm X, Urban Angehrn, the FINMA director, resigned citing health reasons. His dramatic resignation helped bury news stories about the Law firm X judgment. In Australia, a number of chief commissioners have resigned. In fact, Victoria Police have been through three leaders in the last year.

  Who predicted Elon Musk would acquire Twitter?

  In 2018, I attended the UN Forum on Business and Human Rights, where I made this brief intervention predicting the future of Facebook and Twitter. When Elon Musk purchased Twitter in 2022, he called it X. Go figure.

June 28, 2025

• Kevin Fenzi 2 days to datacenter move!

  

  Just a day or two more until the big datacenter move! I'm hopeful that it will go pretty well, but you never know.

  Datacenter move

  Early last week we were still deploying things in the new datacenter, and installing machines. I ran into all kinds of trouble installing our staging openshift cluster. Much of it around versions of images or installer binaries or kernels. Openshift seems fond of 'latest' as a version, but thats not really helpfull all the time. Especially when we wanted to install 4.18 instead of the just released 4.19. I did manage to finally fix all my mistakes and get it going in the end though.

  We got our new ipa clusters setup and replicating from the old dc to new. We got new rabbitmq clusters (rhel9 instead of rhel8 and newer rabbitmq) setup and ready.

  With that almost everything is installed (except for a few 'hot spare' type things that we can do after the move, and buildvm's...which I will be deploying this weekend.

  On thursday we moved our staging env and it mostly went pretty well I think. There's still some applications that need to be deployed or fixed up, but overall it should mostly be functional. We can fix things up as time permits.

  We still have an outstanding issue with how our power10's are configured. Turns out we do need a hardware management console to set things up as we had planned. We have ordered this and will be reconfiguring things post move. For normal ppc64le builds this shouldn't have any impact. For composes that need nested virt, they will just fail until the week following the move (when we have some power9's on hand to handle this case). So, sorry ppc64le users, likely a bit of failed rawhide composes, sorry about that.

  Just a reminder about next week:

  • mirrorlists (dnf updates), docs/websites, downloads, discourse, matrix should all be unaffected

  • YOU SHOULD PLAN TO NOT TRY AND USE ANY OTHER SERVICES until the goahead (wed).

  Monday:

  • Around 10:00 UTC services will start going down.

  • We will be moving storage and databases for a while.

  • Once databases and storage are set we will bring services back up

  • On monday koji will be up and you can probibly even do builds (but I strongly advise you to not). However, bodhi will be down, so no updates will move forward from builds done in this period.

  Tuesday:

  • koji/build pipeline goes down.

  • We will be moving it's storage databases for a while.

  • We will bring things up once those are moved.

  Wed:

  • Start fixing outstanding issues, deploy missing/lower pri services

  • At this point we can start taking problem reports to fix things (hopefully)

  Thursday:

  • More fixing outstanding items.

  • Will be shutting down machines in old DC

  Friday:

  • Holiday in the US

  • Hopefully things will be in a stable state by this time.

  comments? additions? reactions?

  As always, comment on mastodon: https://fosstodon.org/@nirik/114762414965872142

June 27, 2025

• Fedora Community Blog Infra and RelEng Update – Week 26

  This is a weekly report from the I&R (Infrastructure & Release Engineering) Team. We provide you both infographic and text version of the weekly report. If you just want to quickly look at what we did, just look at the infographic. If you are interested in more in depth details look below the infographic.

  Week: 23 June – 27 June 2025

  

  Infrastructure & Release Engineering

  The purpose of this team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work.
  It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.).
  List of planned/in-progress issues

  Fedora Infra

  • In progress:
    • no Matrix notifications from FMN since June 15
    • [FMTS] TLS certificate for gitlab-centos service is about to expire in 30 days
    • Decommission provisioning.fp.org
    • Planned Outage – Datacenter Move outage – 2025-06-30 01:00 UTC
    • Please register my testing instance of Fedora Infrastructure apps to OIDC
    • Forgejo: Owner access to @jflory7 for @CommOps
    • Move copr_hypervisor group from iptables to nftables
    • tmpwatch removed from ansible
    • please don’t remove enrolled centos machines from IPA in staging
    • RFR: Requesting a new FAS Group: Phosh SIG
    • Link in staging distgit instance leads to prod auth
    • re-add datagrepper nagios checks (and add to zabbix?)
    • Fix logrotate on kojipkgs01/02
    • 2025 datacenter move (IAD2->RDU3)
    • Broken link for STG IPA CA certificate, needed for staging CentOS Koji cert
    • [CommOps] Open Data Hub on Communishift
    • retire easyfix
    • Deploy Element Server Suite operator in staging
    • Pagure returns error 500 trying to open a PR on https://src.fedoraproject.org/rpms/python-setuptools-gettext
    • maubot-meetings bot multi line paste is cut
    • Move OpenShift apps from deploymentconfig to deployment
    • The process to update the OpenH264 repos is broken
    • httpd 2.4.61 causing issue in fedora infrastructure
    • Support allocation dedicated hosts for Testing Farm
    • EPEL minor version archive repos in MirrorManager
    • Add fedora-l10n pagure group as an admin to the fedora-l10n-docs namespace projects
    • vmhost-x86-copr01.rdu-cc.fedoraproject.org DOWN
    • Add yselkowitz to list to notify when ELN builds fail
    • Cleaning script for communishift
    • Move from iptables to firewalld
    • Port apps to OIDC
    • Help me move my discourse bots to production?
    • Migration of registry.fedoraproject.org to quay.io
  • Done:
    • the-new-hotness not filing bugzilla tickets for new releases from anitya
    • TLS certificate for copr-dist-git.fedorainfracloud.org expired
    • [FAS] summer-coding sponsors update
    • Unable to SSH into homedir on fedorapeople.org
    • serif instead of sans-serif font on the fedora login page if open sans not installed
    • SSH and Git HTTPS access both blocked – Unable to contribute from Japan
    • Authentication failure with Pagure Personal Access Token for git push
    • redeploy aws proxies

  CentOS Infra including CentOS CI

  • In progress:
    • expand ppc64le builders pool for Stream
    • Release Improvements
    • resources for OpenQA test execution
    • migrate id{.stg}.centos.org to new DC
    • Hardware init new RDU3 servers (part 1 / wave 0)
    • Wrapper to check / create projects on GitLab using the REST API
    • Prepare AWS new VPC for isolated builders
    • [spike] : investigating options/alternatives for the upcoming DC move
  • Done:
    • Enabling back zabbix_agent_t selinux on el10 hosts
    • Error synching mirror
    • c9s build of libarrow does not install protobuf-3.19.0 from CBS
    • mirror-request
    • init new caching server ansible role
    • [spike] : investigating needed deps (poetry) for duffy on el9

  Release Engineering

  • In progress:
    • F39 Archives are still not cleaned up
    • Fedora-KDE-42-1.1-x86_64-CHECKSUM has wrong ISO filename
    • F40 end of life
    • Fix OpenH264 tagging issues
    • Turn EPEL minor branching scripts into playbooks
    • Mass retirement of packages with uninitialized rawhide branch
    • 300+ F42FTBFS bugzillas block the F41FTBFS tracker
    • Packages that have not been rebuilt in a while or ever
    • Send compose reports to a to-be-created separate ML
    • Could we have fedoraproject-updates-archive.fedoraproject.org for Rawhide?
    • Investigate and untag packages that failed gating but were merged in via mass rebuild
    • a few mass rebuild bumps failed to git push – script should retry or error
    • Package retirements are broken in rawhide
    • Update pungi filters
    • Implement checks on package retirements
    • Untag containers-common-0.57.1-6.fc40
    • Provide stable names for images
    • Packages that fail to build SRPM are not reported during the mass rebuild bugzillas
    • When orphaning packages, keep the original owner as co-maintainer
    • Create an ansible playbook to do the mass-branching
    • RFE: Integration of Anitya to Packager Workflow
    • Fix tokens for ftbfs_weekly_reminder. script
    • Update bootloader components assignee to “Bootloader Engineering Team”for Improved collaboration
  • Done:
    • libopendmarc-devel package cannot be found in EPEL-10
    • out-of-date EPEL repomd.xml references, multiple mirrors, >1 week
    • Please remove the `epel10` branch from the s3fs-fuse (rpms project)
    • perl-PDF-API2: Creating of branch epel10.0 was not completed
    • Unretire golang-github-gookit-color
    • Merge f43-python side tag into f43
    • make epel10-infra tags in koji
    • Please send openh264-2.6.0 to Cisco
    • Grant ELN automation privilege to build “secure boot” packages

  If you have any questions or feedback, please respond to this report or contact us on #apps or #admin channel on chat.fedoraproject.org.

  The post Infra and RelEng Update – Week 26 appeared first on Fedora Community Blog.

• Kevin Fenzi some ai thoughts around ansible lightspeed

  To take a short break from datacenter work, I have been meaning to look into ansible lightspeed for a long time, so I finally sat down and took an introductory course and have some thoughts about how we might use it in on fedora's ansible setup.

  The official name of the product is: "Red Hat Ansible Lightspeed with IBM watsonx Code Assistant", which is a bit... verbose, so I will just use 'Lightspeed' here.

  This is one of the very first AI products Red Hat produced, so its been around a few years. Some of that history is probibly why it's specifically using watsonx instead of some other LLMs on the backend.

  First a list of things I really like about it:

  • It's actually trained on real, correct, good ansible content. It's not a 'general' LLM trained on the internet, it's using some ansible galaxy content (you can opt out if you prefer) as well as a bunch of curated content from real ansible. This always struck me as one of the very best ways to leverage LLMs instead of general hoover in any data and use it. In this case it really helps make the suggestions and content more trustable and less hallucinated.

  • Depending on the watsonx subscription you have, you may train it on _your_ ansible content. Perhaps you have different standards than others or particular ways you do things. You can train it on them and actually get it to give you output that uses that.

  • Having something be able to generate a biolerplate for you that you can review and fix up is also a really great use for llms, IMHO.

  And some things I'm not crazy about:

  • It requires AAP (ansible automation platform) and watsonx licenses. (mostly, see below). It would be cool if it could leverage a local model or Red Hat AI in openshift instead of watsonx, but as noted above it's likely tied to that for historical reasons.

  • It uses a vscode plugin. I'm much more a vim type old sysadmin, and the idea of making a small ansible playbook thats just a text file seems like vscode is... overkill. I can of course see why they choose to implement things this way.

  And something I sure didn't know: There's an ansible code bot on github. It can scan your ansible git repo and file a PR to bring it in line with best practices. Pretty cool. We have a mirror of our pagure ansible repo on gitub, however, it seems to be not mirroring. I want to sort that out and then enable the bot to see how it does. :)

June 25, 2025

• Linux System Roles System Roles support for image mode (bootc) builds

  Goal

  Image mode, aka. “bootable containers�, aka. “bootc� is an exciting new way to build and deploy operating systems. A bootable container image can be used to install or upgrade a real or virtual machine, similar to container images for applications. This is currently supported for Red Hat Enterprise Linux 9/10 and Fedora/CentOS, but also in other projects like universal-blue.

  With system roles being the supported high-level API to set up Fedora/RHEL/CentOS systems, we want to make them compatible with image mode builds. In particular, we need to make them detect the “non-booted� environment and adjust their behaviour to not e.g. try to start systemd units or talk to network services, and defer all of that to the first boot. We also need to add full bootc end-to-end integration tests to ensure this keeps working in the future on all supported platforms.

  Build process

  This can work in two ways. Both ought to work, and which one you choose depends on your available infrastructure and preferences.

  Treat a container build as an Ansible host

  Start a container build with e.g.

  buildah from --name buildc quay.io/centos-bootc/centos-bootc:stream10
  

  Create an inventory for the buildah connector:

  buildc ansible_host=buildc ansible_connection=buildah ansible_become=false ansible_remote_tmp=/tmp
  

  Then run the system-roles playbooks on the “outside� against that inventory.

  That matches the spirit of Ansible and is cleaner as Ansible itself and system-roles do not need to be installed into the container. This is the approach outlined in “Building Container Images with Buildah and Ansible� and Ansible and Podman Can Play Together Now and implemented in the ansible-bender proof of concept (⚠� Warning: currently unmaintained).

  Install Ansible and the system roles into the container

  The Containerfile looks roughly like this:

  FROM quay.io/centos-bootc/centos-bootc:stream10
  RUN dnf -y install ansible-core rhel-system-roles
  COPY ./setup.yml .
  RUN ansible-playbook setup.yml
  

  Everything happens inside of the image build, and the playbooks run against localhost. This could use a multi-stage build to avoid having Ansible and the roles in the final image. This is entirely self-contained and thus works well in automatic container build pipelines.

  âš ï¸� Warning: Unfortunately this is currently broken for many/most roles because of an Ansible bug: service: fails in a container build environment. Once that is fixed, this approach will work well and might often be the preferred choice.

  Status

  This effort is tracked in the RHEL-78157 epic. At the time of writing, 15 roles are already supported, the other 22 still need to be updated.

  Roles which support image mode builds have the containerbuild tag, which you can see in the Ansible Galaxy view (expand the tag list at the top), or in the source code in meta/main.yml.

  Note that some roles also have a container tag, which means that they are tested and supported in a running system container (i.e. a docker/podman container with the /sbin/init entry point, or LXC/nspawn etc.), but not during a non-booted container build.

  Steps for converting a role

  Helping out with that effort is very much appreciated! If you are interested in making a particular role compatible with image mode builds, please follow these steps:

  1. Clone the role’s upstream git repository. Make sure that its meta/main.yml file does not yet have a containerbuild tag – if it does, the role was already converted. In that case, please update the status in the epic.

  2. Familiarize yourself with the purpose of the role, have a look at README.md, and think about whether running the role in a container generally makes sense. That should be the case for most of them, but e.g storage is hardware specific and for the most part does not make sense in a container build environment.

  3. Make sure your developer machine can run tests in in general. Do the integration test setup and also read the following sections about running QEMU and container tests. E.g. running a QEMU test should work:

     tox -e qemu-ansible-core-2.16 -- --image-name centos-9 --log-level=debug -- tests/tests_default.yml
     

  4. Do an initial run of the default or other test during a bootc container build, to get a first impression:

     LSR_CONTAINER_PROFILE=false LSR_CONTAINER_PRETTY=false tox -e container-ansible-core-2.16 -- --image-name centos-9-bootc tests/tests_default.yml
     

  5. The most common causes of failures are service_facts: which just simply doesn’t work in a container, and trying to set the state: of a unit in service:. The existing PRs linked from RHEL-78157 have plenty of examples what to do with these.

     The logging role PR is a good example for the standard approach of adding a __rolename_is_booted flag to the role variables, and use that to conditionalize operations and tests which can’t work in a container. E.g. the above service: status: can be fixed with

     state: "started"
     

     service_facts: can be replaced with systemctl is-enabled or similar, see e.g. the corresponding mssql fix or firewall fix.

     Do these “standard recipe� fixes to clear away the easy noise.

  6. Create a branch on your fork, and add a temporary commit to run tests on branch pushes, and another commit to enable tests on container builds and in system containers. With that you can iterate on your branch and get testing feedback without creating a lot of PR noise for other developers on the project. Push to your fork, go to the Actions page, and wait for the first test result.

  7. As described above, the container tag means that the role is supported and works in (booted) system containers. In most cases this is fairly easy to fix, and nice to have, as running tests and iterating is faster, and debugging is also a bit easier. In some cases running in system containers is hard (like in the selinux or podman roles), in that case don’t bother and remove that tag again.

  8. Go through the other failures. You can download the log archive and/or run the individual tests locally. The following command helps for easier debugging – it keeps the container running for inspection after a failure, and removes containers and temp files from the previous run:

     buildah rm --all; rm -rf /tmp/runcontainer.*; LSR_DEBUG=1 LSR_CONTAINER_PROFILE=false LSR_CONTAINER_PRETTY=false tox -e container-ansible-core-2.16 -- --image-name centos-9-bootc tests/tests_default.yml
     

     You can enter the container and debug with buildah run tests_default bash. The container name corresponds to the test name; check buildah ps.

  9. Fix the role and tests until you get a green result. Finally clean up and sort your commits into fix: Skip runtime operations in non-systemd environments, and feat: Support this role in container builds. Any role specific or more intrusive and self-contained change should be in separate commits before these.

  10. Add an end-to-end integration test which ensures that running the role during a container build actually works as intended in a QEMU deployment. If there is an existing integration test which has representative complexity and calls the role just once (i.e. tests one scenario), you can convert it like sudo’s bootc e2e test. If there is no existing test, you can also add a specific bootc e2e test like in this demo PR or the postgresql role.

  11. To locally run the bootc e2e test, see Image mode testing tox-lsr docs.

  12. Push the e2e test to your branch, iterate until green.

  13. Send a PR, link it from the Jira epic, get it landed, update the list in the Jira epic again.

  14. Celebrate � and brag about your contribution!

• Cockpit Project Cockpit 341

  Cockpit is the modern Linux admin interface. We release regularly.

  Here are the release notes from Cockpit 341 and Cockpit-podman 108:

  services: show link to podman page for quadlets

  The Services page now recognizes podman quadlets and shows a link to the Podman containers page.

  The link is only shown when cockpit-podman ≥ 108 is installed.

  

  Try it out

  Cockpit 341 and Cockpit-podman 108 are available now:

  • For your Linux system

  • Cockpit Client

  • Cockpit-podman Source Tarball
  • Cockpit-podman Fedora 42

  • Cockpit-podman Fedora 41

  • Cockpit Source Tarball
  • Cockpit Fedora 42
  • Cockpit Fedora 41

June 24, 2025

• Daniel Pocock Controllo sociale, media, tecnologia e cattolicesimo: Sinodo sulla sinodalità, revisione e feedback

  Il defunto Papa Francesco chiese a un gruppo di circa quattrocento vescovi di lavorare insieme dal 2021 al 2024 per analizzare il modo in cui i fedeli cattolici interagiscono e si sviluppano come movimento. Formalmente, a questo comitato di vescovi fu dato il titolo di Sinodo sulla sinodalità . Il termine Sinodo è ampiamente utilizzato in tutte le religioni cristiane per riferirsi a comitati, consigli o riunioni di tali gruppi a qualsiasi livello della gerarchia ecclesiastica. Il termine sinodalità è specifico della Chiesa cattolica. Il Sinodo ha una pagina web ufficiale in cui cerca di spiegare la sinodalità .

  Sono stati creati diversi gruppi di lavoro su un'ampia gamma di argomenti. In questa analisi, mi limiterò a esaminare il gruppo di lavoro numero tre, che ha esaminato il tema della missione nell'ambiente digitale . Successivamente, fornirò alcune mie prove sugli argomenti che il gruppo di lavoro sta prendendo in considerazione.

  Un altro gruppo di lavoro si è occupato del tema della poligamia. La psicologia e le neuroscienze dei media di controllo sociale usurpano le nostre relazioni al punto che alcune persone ritengono che gli algoritmi di Facebook esercitino la stessa influenza di una terza persona nel loro matrimonio. Ho creato un post separato sul blog per analizzare le prove relative ai fenomeni della poligamia e della cyberpoligamia . Data la diffusione sempre maggiore di queste tecnologie, è essenziale leggerlo insieme ai contenuti di questa analisi.

  In un recente articolo di cronaca non correlato al Sinodo, la diocesi di Paderborn (Germania centro-settentrionale) ha annunciato che cercherà di utilizzare TikTok per coinvolgere i giovani . L'ambito del gruppo di lavoro tre è molto ampio e non riguarda solo le piattaforme di controllo dei social media . Ritengo che l'ambito copra tutte le forme di tecnologia digitale.

  Anche i ripetitori di pacchetti per radio amatoriali rientrano nel campo di applicazione, sebbene le licenze per radio amatoriali non consentano la trasmissione esplicita di materiale religioso.

  Il Vaticano è stato uno dei primi ad adottare la radio a onde corte. Papa Leone XIV e monsignor Lucio Adrian Ruiz, segretario del Dicastero per la Comunicazione, hanno visitato questa settimana la sede della Radio Vaticana:

  

   

  Leggendo i risultati sia del gruppo di lavoro che del Sinodo nel suo complesso, ritengo che la Chiesa nel suo complesso non abbia deciso né di accogliere né di rifiutare i media di controllo sociale . Stanno riconoscendo che fanno parte del panorama digitale e stanno cercando di decidere come la Chiesa si relaziona ad esso.

  Come si è evoluto il processo sinodale ad alto livello

  Prima di entrare nei dettagli, ecco una panoramica del processo e dei resoconti pubblicati in momenti diversi, con link diretti alle edizioni tradotte.

  Il sito web principale del Sinodo è www.Synod.va ed è disponibile in diverse lingue. A quanto pare, il contenuto è stato creato in italiano e tradotto in inglese e in altre lingue. Questo lo rende un po' più difficile da leggere.

  Nell'ottobre 2023 si è svolto un lungo incontro a Roma durante il quale è stata elaborata una bozza iniziale del rapporto.

  • Relazione intermedia di ottobre 2023
  • uno dei tanti blog sul rapporto intermedio

  I vescovi tornarono nuovamente a Roma nell'ottobre 2024 e stilarono una relazione finale del Sinodo.

  • Rapporto finale di ottobre 2024 (traduzione in inglese)
  • Rapporto finale ottobre 2024 (italiano)
  • Il notiziario NCR riporta il rapporto finale

  Il Vaticano ha pubblicato il saluto del defunto Papa Francesco a conclusione del Sinodo . Le notizie sull'intervento del Papa sono rapidamente apparse .

  Hanno pubblicato anche alcune immagini e video .

  Punti chiave del rapporto finale in relazione all'ambiente digitale

  Al punto 58, il rapporto osserva che i cristiani potrebbero tentare di proclamare il Vangelo attraverso la loro partecipazione in un ambiente digitale.

  58. ... I cristiani, ciascuno secondo i suoi diversi ruoli - nella famiglia e negli altri stati di vita; nel mondo del lavoro e nelle professioni; impegnati civilmente, politicamente, socialmente o ecologicamente; nello sviluppo di una cultura ispirata al Vangelo, inclusa l'evangelizzazione dell'ambiente digitale - percorrono le strade del mondo e annunciano il Vangelo lì dove vivono, sostenuti dai doni dello Spirito.

  59. Così facendo, chiedono alla Chiesa di non abbandonarli, ma di farli sentire inviati e sostenuti nella missione.

  Questo punto sembra incoraggiare la Chiesa a riflettere sulla situazione affrontata da coloro che sono sotto l'influenza di un ambiente digitale, ma non implica necessariamente che l'ambiente digitale sia buono o cattivo.

  Al punto 112, riguardante la mobilità, che comprende persone di tutti i livelli sociali, il rapporto osserva:

  Alcuni mantengono forti legami con il loro Paese d'origine, soprattutto grazie ai media digitali, e per questo motivo può risultare difficile stabilire legami nel nuovo Paese; altri si ritrovano a vivere senza radici.

  Questa è un'osservazione eccellente. In Europa, ho incontrato coppie le cui relazioni dipendono interamente dai dispositivi che usano per la traduzione automatica. Quando arrivano nuovi arrivati &ZeroWidthSpace&ZeroWidthSpacein città, la cultura di WhatsApp incoraggia i vicini a passare settimane o mesi a parlare alle loro spalle senza mai guardarli negli occhi.

  113. La diffusione della cultura digitale, particolarmente evidente tra i giovani, sta cambiando profondamente la loro esperienza dello spazio e del tempo, influenzando le loro attività quotidiane, la comunicazione e le relazioni interpersonali, inclusa la fede. Le opportunità che offre internet stanno ridisegnando relazioni, legami e confini. Oggi sperimentiamo spesso solitudine ed emarginazione, anche se siamo più connessi che mai. Inoltre, coloro che hanno interessi economici e politici propri possono usare i social media per diffondere ideologie e generare forme di polarizzazione aggressive e manipolatrici. Non siamo ben preparati a questo e dobbiamo dedicare risorse affinché l’ambiente digitale diventi uno spazio profetico per la missione e l’annuncio. Le Chiese locali devono incoraggiare, sostenere e accompagnare quanti si impegnano nella missione nell’ambiente digitale. Le comunità e i gruppi digitali cristiani, in particolare i giovani, sono chiamati anche a riflettere sul modo in cui creano legami di appartenenza, promuovendo l’incontro e il dialogo. Devono offrire formazione ai loro coetanei, sviluppando un modo sinodale di essere Chiesa. Internet, costituito come una rete di connessioni, offre nuove opportunità per vivere meglio la dimensione sinodale della Chiesa.

  Questo paragrafo riconosce i pericoli della tecnologia digitale, in particolare dei social media che controllano la società , e le parole chiave sono "Non siamo ben preparati a questo". Tuttavia, suggerisce che le chiese locali dovrebbero "incoraggiare" a ridurre questi rischi online. Non credo che "incoraggiare" sia la parola giusta da usare, ma non credo nemmeno che dovrebbero scoraggiare.

  149. Il processo sinodale ha richiamato con insistenza l'attenzione su alcuni ambiti specifici della formazione del Popolo di Dio alla sinodalità. Il primo di questi riguarda l'impatto dell'ambiente digitale sui processi di apprendimento, sulla concentrazione, sulla percezione di sé e del mondo e sulla costruzione delle relazioni interpersonali. La cultura digitale costituisce una dimensione cruciale della testimonianza della Chiesa nella cultura contemporanea e un campo missionario emergente. Ciò richiede di garantire che il messaggio cristiano sia presente online in modi affidabili che non ne distorcano ideologicamente i contenuti. Sebbene i media digitali abbiano un grande potenziale per migliorare le nostre vite, possono anche causare danni e lesioni attraverso il bullismo, la disinformazione, lo sfruttamento sessuale e la dipendenza. Le istituzioni educative della Chiesa devono aiutare i bambini e gli adulti a sviluppare competenze critiche per navigare in sicurezza nel web.

  Questi commenti sono molto pertinenti e molto coerenti con la mia testimonianza, parte della quale è riprodotta più avanti in questa relazione.

  150. Un altro ambito di grande importanza è la promozione in tutti i contesti ecclesiali di una cultura della tutela, rendendo le comunità luoghi sempre più sicuri per i minori e le persone vulnerabili.

  Quando ho sollevato questo argomento nelle comunità del software libero, la mia famiglia è stata attaccata senza pietà. Si vedano le email che ho inviato alla fine del 2017 e i commenti su IBM Red Hat più avanti in questo rapporto.

  Fonti relative al gruppo di lavoro tre, la missione in un ambiente digitale

  Il sito web di Synod.va ha pubblicato l'elenco di tutti i gruppi di lavoro . Il sito web include un breve video su ciascun gruppo e un link ai loro rapporti più recenti.

  Il video del gruppo di lavoro tre dura poco meno di due minuti. Ecco alcune delle citazioni chiave e le mie osservazioni:

  "Oggi le persone, soprattutto i giovani, hanno imparato a vivere contemporaneamente e senza soluzione di continuità sia negli spazi digitali che in quelli fisici."

  Ritengo che questa affermazione sia del tutto errata. Le persone hanno imparato a usare gli spazi digitali. Una recente ricerca suggerisce che quasi il settanta percento dei giovani si sente a disagio dopo aver utilizzato i social media . In altre parole, si sentono spinti a usarli. Pertanto, non vivono una vita fluida. Le persone stanno soffrendo.

  Le affermazioni contenute nel video non sono quelle presentate nel rapporto finale. Ci arriveremo. Ciononostante, ogni volta che si parla di controllo sociale sui media , si tende a generalizzare sull'impossibilità di vivere senza. Ogni volta che vediamo un'affermazione come questa, è importante contestarla.

  "In che modo la Chiesa utilizza e si appropria della cultura digitale?"

  La domanda retorica è interessante. In realtà, i superpoteri della Silicon Valley usano e si appropriano di qualsiasi contenuto che forniamo loro. La chiesa non usa loro, usa noi. Come pensi che siano diventati così ricchi?

  Una domanda più appropriata potrebbe essere: "In che modo la Chiesa supplisce alle carenze delle culture digitali?".

  Non dimentichiamo che uno degli altri ingegneri morì il giorno del nostro matrimonio, ed era la Domenica delle Palme, il giorno in cui Gesù pianse mentre arrivava a Gerusalemme .

  Nella pagina che elenca i gruppi di lavoro, viene fornito un link a un rapporto di tre pagine sullo stato di avanzamento dei lavori del terzo gruppo di lavoro . Ecco un'interessante citazione del defunto Papa Francesco, ripresa dal gruppo di lavoro:

  "Questo ambiente è ormai "indistinguibile dalla sfera della vita quotidiana".

  Papa Francesco era un uomo intelligente e aveva intorno a sé persone intelligenti, tra cui il defunto Cardinale Pell. Possiamo far risalire questa citazione al pensiero di Alan Turing. Turing è considerato il padre dell'informatica e un martire. Turing ci ha trasmesso esattamente lo stesso concetto nel leggendario test di Turing, che lo stesso Turing definì il gioco dell'imitazione nel 1949.

  Un altro modo di interpretare questo fenomeno è dire che le masse sono state plagiate dai signori della Silicon Valley.

  Quando la whistleblower di Facebook Frances Haugen ci ha fornito i dettagli nella sua testimonianza al Congresso :

  Le scelte prese dai vertici di Facebook rappresentano un problema enorme – per i bambini, per la sicurezza pubblica, per la democrazia – ed è per questo che mi sono fatto avanti. E sia chiaro: non deve andare per forza così. Siamo qui oggi grazie alle scelte deliberate di Facebook.

  Il riassunto del gruppo di lavoro continua...

  Per annunciare efficacemente il Vangelo nella nostra cultura contemporanea, dobbiamo discernere le opportunità e le sfide presentate da questa nuova dimensione del “luogo”

  Quella citazione in particolare riconosce che ci sono sia opportunità che sfide. L'anno del giubileo è tutto incentrato sulla speranza e spero davvero che i membri del gruppo di lavoro leggano il materiale di informatori, psicologi infantili e persino medici legali che ci mettono in guardia dall'impatto di Facebook e simili .

  Ciononostante, il rapporto include l'espressione "maggiore immersione" e ritengo che la Chiesa non dovrebbe dare per scontato che questa sia una linea d'azione predefinita.

  La sintesi affronta anche il concetto di giurisdizione. La Chiesa cattolica si è tradizionalmente organizzata su base geografica. Internet permette alle persone di connettersi e formare comunità virtuali senza alcuna connessione geografica.

  Tra l'altro, prima di Internet, la Chiesa poteva spostare sacerdoti ad alto rischio da una parrocchia all'altra senza doversi preoccupare di eventuali collegamenti. Ho esaminato meticolosamente i documenti della Commissione Reale australiana e ho trovato questa nota del leggendario Padre X___:

  Ciò significa che se qualcuno in Australia venisse a sapere che Padre Z___ è in cura a causa di qualcosa accaduto a Boston e andasse lì per scoprirlo, si troverebbe in un vicolo cieco.

  La lettera in questione è stata scritta poco prima che Internet diventasse di dominio pubblico. Rileggendo quelle parole oggi, ci ricordano con chiarezza come Internet stia stravolgendo la nostra vita.

  Il gruppo di lavoro prosegue affermando che sta cercando "raccomandazioni o proposte pratiche" da tutta la comunità su qualsiasi argomento correlato alla missione della Chiesa nell'ambiente digitale.

  Le persone impegnate nel movimento del software libero, siano esse cattoliche o meno, possono contattare la propria diocesi locale per scoprire chi coordina a livello locale la risposta a queste sfide.

  Un'altra frase che mi ha colpito:

  "oggi viviamo in una cultura digitale"

  Non esattamente. Alcuni direbbero che ci viene imposta una cultura digitale. Istituzioni come la politica e i media ne sono dipendenti e la mettono su un piedistallo. Pertanto, è ancora più vitale che altre istituzioni, come la Chiesa, si assumano il compito di mettere in discussione ogni aspetto della cultura digitale e di promuovere valide alternative.

  La vita senza cellulari, la vita senza app

  Telefoni cellulari e app sono strettamente correlati. Alcune persone scelgono di vivere senza uno smartphone, in altre parole, hanno solo la metà dei problemi di un telefono cellulare completo. Alcune persone scelgono anche di avere smartphone senza l'app store di Google o Apple, ad esempio chi installa Replicant o LineageOS e utilizza l' app store di F-Droid per limitare il proprio telefono alle app etiche.

  In termini pratici, ci sono persone che non riescono a spostarsi nella propria città natale senza usare il telefono. Un interrogativo interessante per la chiesa è: quale percentuale di fedeli non è in grado di identificare il percorso più diretto da casa alla chiesa più vicina senza usare un'app? Sarebbe interessante analizzare le risposte in base a diversi fattori, come l'età e gli anni di residenza nella parrocchia.

  Un'altra domanda chiave, strettamente correlata a quella precedente, è: quanti parrocchiani riescono a ricordare gli orari delle messe e gli eventi chiave del calendario parrocchiale senza guardare il telefono? È fantastico avere queste informazioni visibili sul sito web della parrocchia; tuttavia, quando le persone sono veramente coinvolte nella parrocchia e nella comunità, queste informazioni vengono memorizzate. Più queste informazioni sono diffuse in una comunità, più questa è resiliente.

  I sistemi di autenticazione minano la dignità umana

  Oggigiorno vediamo spesso aziende che insistono sul fatto che hanno bisogno dei nostri numeri di cellulare per "autenticarci" o per "firmare" documenti tramite SMS.

  Questo tipo di cose è particolarmente inquietante. Molte persone hanno familiarità con la pratica nazista di marchiare a fuoco i numeri di identificazione sulla pelle dei prigionieri ebrei. I numeri di cellulare hanno una funzione simile. Anche se i numeri non vengono marchiati a fuoco sulla pelle, spesso è scomodo per le persone cambiare il proprio numero.

  Esistono molti fenomeni strettamente correlati, tra cui siti web che richiedono agli utenti di autenticarsi tramite un account Gmail o Facebook.

  A livello di Chiesa, Stato, istruzione, assistenza sanitaria e servizi finanziari, è fondamentale garantire che tutti possano partecipare nel modo che desiderano senza rinunciare alla propria dignità.

  La Chiesa deve esprimersi su questi argomenti con la stessa voce con cui si esprime su temi come l'aborto.

  È necessario sottolineare il consenso

  Le preoccupazioni relative al consenso e alla coercizione sono diventate un tema di grande attualità nel mondo di oggi. Ironicamente, le piattaforme di controllo sociale che fingono di aiutare le donne a trovare una piattaforma violano il principio del consenso in molti altri modi.

  Si consideri, ad esempio, chi ha dedicato tempo alla creazione di un profilo su Facebook o Twitter, a volte per molti anni, connettendosi con centinaia o migliaia di follower, per poi ritrovarsi a dover aggiungere il proprio numero di cellulare al proprio account. Se non lo fanno, l'account viene bloccato. Non esiste una vera e propria ragione tecnica per avere un numero di cellulare nell'account, poiché molti di questi servizi hanno funzionato esattamente allo stesso modo per molti anni prima che tali richieste diventassero comuni.

  Le persone non acconsentono liberamente a condividere i propri numeri di telefono con Mark Zuckerberg ed Elon Musk. I servizi sono stati imbastarditi per tendere un'imboscata ai loro utenti con queste richieste.

  È significativo che questa cultura di agguati e costrizioni si insinui nella società. In Australia, Chanel Contos ha lanciato una petizione/rivista molto pubblicizzata con storie di donne di scuole private d'élite che si sentivano vittime di agguati, bullismo e costrette a incontri fisici indesiderati.

  Ironicamente, la signorina Contos ha reso pubbliche le sue preoccupazioni proprio attraverso le stesse piattaforme che stanno minando la nostra comprensione del consenso e della privacy.

  La Chiesa stessa ha dovuto fare un profondo esame di coscienza sui temi del consenso e degli abusi di potere. Questo la pone in una posizione interessante, in cui possiamo affermare che, anche considerando alcune delle rivelazioni più sconvolgenti sugli abusi, i responsabili sono il male minore rispetto ai padroni della Silicon Valley.

  È sorprendente la rapidità con cui le istituzioni della Silicon Valley hanno abbandonato ogni sistema di pesi e contrappesi, ritenendo opportuno fare ciò che più gli aggrada. La Chiesa cattolica e altre istituzioni religiose possono ora fare tesoro di quanto hanno imparato dall'analisi critica dei propri errori e mettere in guardia la società da quanto sarebbe stupido ripetere la stessa strada con questi gangster digitali.

  La tecnologia digitale è molto più di un semplice controllo sociale dei media

  La chiesa non è nuova alla tecnologia. Le prime macchine da stampa furono installate nei locali della chiesa. Caxton installò la prima macchina da stampa inglese nell'Abbazia di Westminster. Altri siti includevano Oxford e l'Abbazia di St Alban. Prima della stampa, leggere e scrivere erano attività riservate ai chierici e molte delle loro opere esistevano solo in latino. La stampa permise la produzione in serie di Bibbie in tedesco e inglese. Questo, a sua volta, ebbe un enorme impatto sulla standardizzazione della lingua, così come contribuì a standardizzare gli atteggiamenti morali che la Silicon Valley sta distruggendo sotto di noi. La versione della Bibbia di Re Giacomo è ampiamente riconosciuta per il suo impatto sulla lingua inglese.

  La standardizzazione del linguaggio fu solo un effetto collaterale di questa invenzione. La Riforma fu un altro. Con l'acquisizione dei libri e della capacità di leggere, le persone divennero meno dipendenti dal clero.

  Allo stesso modo, i media di controllo sociale stanno avendo un impatto sulla nostra cultura, nel bene e nel male. Proprio come la stampa ha permesso la Riforma, i media di controllo sociale potrebbero portare a ulteriori cambiamenti nel modo in cui gli esseri umani si organizzano attorno a strutture e credenze religiose. I signori della Silicon Valley stanno attivamente riflettendo su questi ruoli. Elon Musk si è persino travestito da Satana. Se la Chiesa cattolica non offrirà un'alternativa convincente a questi spostamenti di potere, verrà sottratta al suo controllo.

  

   

  Frances Haugen (informatrice di Facebook): quasi nessuno al di fuori di Facebook sa cosa succede al suo interno. I vertici dell'azienda nascondono informazioni vitali al pubblico, al governo degli Stati Uniti, ai suoi azionisti e ai governi di tutto il mondo. I documenti che ho fornito dimostrano che Facebook ci ha ripetutamente ingannato su ciò che le sue stesse ricerche rivelano sulla sicurezza dei bambini, sul suo ruolo nella diffusione di messaggi d'odio e divisivi e molto altro ancora.

  Mentre le generazioni precedenti si rivolgevano al clero per un consiglio, per poi leggere la Bibbia a loro volta, i giovani di oggi si rivolgono a un motore di ricerca e un domani potrebbero affidarsi all'intelligenza artificiale. Possiamo già osservare come motori di ricerca, social media e bot di intelligenza artificiale spingano le persone a livelli crescenti di conflitto con i vicini o le spingano su sentieri oscuri di isolamento, autolesionismo e suicidio.

  Risorse della Chiesa cattolica rilevanti per l'ambiente digitale

  La Chiesa cattolica ha un ruolo importante nell'istruzione e nelle scuole, pertanto può vedere l'impatto del controllo sociale dei media e può far rispettare i divieti per i bambini e fornire formazione al personale e ai genitori.

  Gli insegnanti, in quanto dipendenti della Chiesa o dello Stato, hanno segnalato un aumento dei casi di bullismo da parte di genitori che si raggruppano sulle app di messaggistica. In un caso recente, la polizia britannica ha inviato sei agenti a umiliare un genitore che aveva usato WhatsApp per protestare contro la scuola locale. Il conflitto, la natura conflittuale di questo ambiente e l'enorme spreco di risorse della polizia sono tutte conseguenze del modo in cui la tecnologia è progettata e utilizzata nella società. Ogni episodio come questo offre uno spunto di riflessione sulle opportunità che la Chiesa cattolica ha di chiedersi "esiste un modo migliore?".

  Le parole di Frances Haugen aiutano a spiegare ai genitori di bambini piccoli l'assedio dei sei poliziotti:

  Ho visto che Facebook ha ripetutamente incontrato conflitti tra i propri profitti e la nostra sicurezza. Facebook ha sistematicamente risolto questi conflitti a favore dei propri profitti. Il risultato è stato un sistema che amplifica divisione, estremismo e polarizzazione, minando le società di tutto il mondo.

  La Chiesa cattolica è un importante datore di lavoro in molti paesi. Questo le conferisce la facoltà di prendere decisioni sull'uso di telefoni cellulari e app di messaggistica nel rapporto datore di lavoro/dipendente. Un datore di lavoro non può vietare ai dipendenti di utilizzare questi dispositivi nel tempo libero, ma può decidere di eliminarne l'uso ufficiale per motivi di lavoro. Il rapporto datore di lavoro/dipendente offre un'ulteriore opportunità per formare sull'importanza della dignità umana al di sopra delle esigenze dei nostri dispositivi.

  L'agenda pubblica nell'ambiente digitale, l'aborto della nostra specie

  Con molti politici e giornalisti che oggi vivono la loro vita sotto il controllo dei social media , la loro capacità di valutare quali temi meritino un dibattito pubblico è fortemente influenzata dalle tematiche che si suppone siano di tendenza online. Si pensa che le tematiche siano di tendenza online in conseguenza dell'interesse pubblico, mentre in realtà i gestori delle piattaforme online esercitano la loro influenza per garantire che alcune questioni sembrino crescere in modo organico, mentre argomenti significativi ma scomodi vengono opportunamente sepolti nel flusso di notizie.

  In questo contesto, la Chiesa cattolica offre una via alternativa per porre questioni all'ordine del giorno del dibattito pubblico, indipendentemente dal fatto che una particolare questione appaia "di tendenza" o meno. Questo potere viene spesso utilizzato per questioni vicine all'insegnamento della Chiesa, come il lobbying sull'aborto, ma non c'è motivo per cui la Chiesa non possa utilizzare le stesse risorse per fare lobbying contro l'aborto del genere umano da parte dell'intelligenza artificiale.

  Aiuto alle vittime di discriminazione da parte dei signori della Silicon Valley e delle bande online

  Le origini della Chiesa cattolica risalgono alla persecuzione di Gesù e dei martiri San Pietro e San Paolo.

  Ma lasciamo da parte gli esempi antichi e veniamo a coloro che, nei tempi a noi più vicini, hanno lottato per la fede. Prendiamo i nobili esempi della nostra generazione. Per gelosia e invidia, i più grandi e giusti pilastri della Chiesa furono perseguitati e giunsero fino alla morte. Poniamo davanti ai nostri occhi i buoni Apostoli. Pietro, per ingiusta invidia, sopportò non una o due, ma molte fatiche, e alla fine, dopo aver reso la sua testimonianza, se ne andò verso il luogo di gloria che gli spettava. Anche Paolo, per invidia, mostrò con l'esempio il premio che è dato alla pazienza: fu incatenato sette volte; fu bandito; fu lapidato; divenuto araldo sia in Oriente che in Occidente, ottenne la nobile fama dovuta alla sua fede; e dopo aver predicato la giustizia al mondo intero, giunto fino all'estremità dell'Occidente e reso testimonianza davanti ai governanti, lasciò finalmente il mondo e andò verso il luogo santo, divenendo il massimo esempio di pazienza. (prima lettera di Clemente ai Corinzi, 5:1 - 5:7)

  Queste parole spiegano la persecuzione di Pietro e Paolo sotto l'imperatore Nerone, avvenuta quasi duemila anni fa.

  Ottocento anni fa è stata promulgata la Magna Carta che, nel corso del tempo, ha ispirato la Carta dei diritti degli Stati Uniti, la Dichiarazione universale dei diritti umani e l'abolizione della pena di morte.

  Eppure oggi vediamo i signori della Silicon Valley voler buttare tutto questo dalla finestra e riportarci indietro ai tempi di Nerone.

  Consideriamo l'articolo 27 della Dichiarazione universale dei diritti umani :

  1. Ogni individuo ha diritto di prendere parte liberamente alla vita culturale della comunità, di godere delle arti e di partecipare al progresso scientifico ed ai suoi benefici.
  2. Ogni individuo ha diritto alla protezione degli interessi morali e materiali derivanti da ogni produzione scientifica, letteraria e artistica di cui egli sia autore.

  Quando visitiamo i siti web di noti progetti di software libero come Debian e Fedora, li vediamo dichiarare apertamente il loro desiderio di censurare certe persone. Chiunque si esprima su questioni etiche nel nostro settore è stato oggetto di queste estreme rappresaglie di tanto in tanto.

  Linus Torvals (fondatore di Linux) è stato bandito da DebConf . Il Dr. Jacob Appelbaum è stato oggetto di false voci di molestie sessuali . Il Dr. Richard Stallman è stato crocifisso tramite una petizione online a Pasqua 2021. Un professore rivale, Gunnar Wolf, ha chiesto un voto la notte del Giovedì Santo, proprio il giorno in cui Giuda tradì Gesù . Quando ho parlato per difendere i diritti civili del Dr. Stallman, la stessa folla si è rivoltata contro di me.

  Il Dr. Peter Eckersley ed io eravamo compagni di corso all'Università di Melbourne. Il Dr. Eckersley era il Chief Computer Scientist dell'Electronic Frontier Foundation e successivamente direttore della ricerca presso la Partnership on AI. Dopo la morte del Dr. Eckersley, ho ripristinato i suoi post sul blog sull'uso militare dell'IA e la stessa EFF ha censurato i link a questi blog, dando origine a una nuova causa per i diritti civili in cui EFF e Google, stranamente, siedono insieme sul banco degli imputati .

  Le somiglianze tra questi casi e la crescente lista di vittime sono la prova lampante che non si tratta di casi casuali. Esiste uno sforzo coordinato per ridurre o eludere i diritti civili. Se esiste uno spazio o un mondo digitale, allora è inquietantemente simile al mondo in cui gli imperatori romani ricorrevano a esecuzioni raccapriccianti per perpetuare il controllo attraverso la paura.

  La Chiesa cattolica può andare alla ricerca delle vittime che sono state cancellate, delle vittime che sono state de-piattaformate e di coloro che hanno qualcosa da dire sulla dignità umana nell'era dell'intelligenza artificiale. Che queste persone siano cattoliche o meno, le preoccupazioni che gli esperti indipendenti hanno cercato di indagare e pubblicizzare devono essere poste al di sopra del rumore prodotto dai dipartimenti di pubbliche relazioni.

  Allo stesso tempo, l'impatto orribile inflitto alle nostre famiglie è spesso nascosto alla vista del pubblico.

  I bambini nell'ambiente digitale

  È significativo che abbiamo trovato tattiche molto simili utilizzate da Harvey Weinstein e Chris Lamb, ex leader del progetto Debian.

  Questo è significativo perché Lamb è stato formato durante il Google Summer of Code ed è stato finanziato da Google, che ha anche ricevuto un cospicuo pagamento di 300.000 dollari poco prima che tre vittime rivelassero lo scandalo. Nonostante la promessa di trasparenza di Debian, il denaro è stato rivelato solo più di sei mesi dopo e il nome di Google non è mai stato pubblicamente collegato a quei numeri.

  Quando Weinstein nutriva preoccupazioni sul comportamento di alcune donne, inviava pettegolezzi sgradevoli sul "comportamento" ad altri membri del settore. C'è qualcosa di snob in questi atteggiamenti nei confronti del comportamento umano.

  Quando le donne hanno sporto denuncia alla polizia, il regista Peter Jackson ha preso la parola e ha confermato che Weinstein aveva fatto ricorso a questi sporchi trucchi , diffondendo voci sul comportamento di donne che non erano abbastanza sottomesse per i suoi gusti.

  "Ricordo che la Miramax ci disse che lavorare con loro era un incubo e che avremmo dovuto evitarli a tutti i costi. Probabilmente era il 1998", ha detto Jackson.

  "All'epoca non avevamo motivo di mettere in dubbio ciò che queste persone ci stavano dicendo, ma a posteriori mi rendo conto che molto probabilmente si trattava della campagna diffamatoria della Miramax in pieno svolgimento."

  Diverse persone si sono fatte avanti dimostrando che Chris Lamb stava facendo esattamente la stessa cosa nel suo ruolo in Debian. Secondo la legge sul copyright, i coautori non hanno alcun obbligo nei confronti della persona eletta a ricoprire di volta in volta il ruolo di Debian Project Leader. Siamo tutti uguali.

  Oggetto: R: Stato di sviluppatore Debian 
  Data: mar, 18 dic 2018 10:36:09 +0900 
  Da: Norbert Preining <norbert@preining.info> 
  A: Daniel Pocock <daniel@pocock.pro> 
  
  Ciao Daniel, 
  
  anche se affrontare una causa come questa nel Regno Unito è al di sopra delle 
  mie capacità e possibilità finanziarie, 
  ho paura che Lamb abbia effettivamente rovinato una candidatura per un'azienda 
  di New York, un lavoro correlato a Debian. Se è successo, e posso 
  ragionevolmente documentarlo, prenderei in considerazione una causa per diffamazione. 
  
  > Lamb è residente nel Regno Unito e invia email dal Regno Unito 
  > https://regainyourname.com/news/cyberbullying-cyberstalking-and-online-harassment-a-uk-study/ 
  
  Grazie per i link, li terrò a mente. 
  
  Norbert 
  
  -- 
  PREINING Norbert http://www.preining.info 
  Accelia Inc. + JAIST + TeX Live + Debian Developer 
  GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
  

  Ancora più inquietante è il fatto che Lamb abbia iniziato ad attaccare la mia famiglia proprio nello stesso periodo in cui il cardinale George Pell è stato condannato nel 2018. Un mio cugino di secondo grado era membro dell'ex coro del cardinale George Pell a Melbourne. Lamb e i suoi complici, finanziati da Google, hanno diffuso voci anonime di abusi.

  Diverse persone si sono fatte avanti con prove che Lamb si comportava come Weinstein, diffondendo voci alle nostre spalle. Quando io e il Dott. Preining abbiamo parlato, una terza vittima ha visto lo scandalo e si è identificata pubblicamente il giorno di Natale:

  Oggetto: Ri: Censura in Debian 
  Data: mar, 25 dic 2018 23:44:38 +0100 
  Da: martin f krafft
  Organizzazione: Il progetto Debian 
  A: debian-project@lists.debian.org 
  
  Ciao progetto, 
  
  È molto triste leggere di quello che sta succedendo. 
  
  So che c'è stato almeno un altro caso in cui DAM e AH 
  hanno agito al di fuori del loro mandato, minacciando di 
  espellere il progetto e scegliendo in modo molto selettivo con chi comunicare. 
  Lo so perché sono stato preso di mira. 
  
  Né DAM né AH (le stesse persone ancora attive oggi) hanno fatto 
  un solo tentativo di ascoltarmi. Nessuna delle mie e-mail a DAM o ad AH 
  ha mai ricevuto risposta. 
  
  Al contrario, DAM ha emesso un verdetto e ha influenzato altre persone al 
  punto che "perché DAM ha emesso una sentenza" è stato addotto come motivazione per altre 
  misure. Si è trattato di un abuso incostituzionale dei poteri di DAM e, nel 
  caso di AH, l'intera vicenda ha anche sfiorato la diffamazione. Tra gli altri, 
  l'attuale DPL Chris Lamb ha promesso una revisione a tempo debito, ma 
  non è mai successo nulla. 
  
  ... [ snip ] ...
  

  Ma se non è sicuro per gli ingegneri che sviluppano questa tecnologia, non lo è certamente per i bambini.

  Il 5 ottobre 2021 ho sollevato le preoccupazioni relative ai bambini in questa cultura con il rapporto Google, FSFE e lavoro minorile .

  Red Hat , una sussidiaria di IBM dal 2019, ha avviato un'azione legale per censurare e screditare le mie preoccupazioni. Mi hanno accusato di malafede per aver pubblicato quell'articolo. Tuttavia, il collegio legale ha stabilito che Red Hat mi stava molestando e che stava commettendo un abuso della procedura amministrativa.

  L'ironia, ovviamente, è che i Cardinali indossano cappelli rossi, come il nome dell'azienda Red Hat che è stata scoperta a maltrattarmi. Chris Lamb di Debian aveva diffuso voci sulla mia famiglia quando il Cardinale Pell fu condannato.

  Il modo in cui tutto questo ha intersecato le nostre vite e la nostra fede, le voci di abusi dopo la condanna del defunto Cardinale Pell, la mia visita ai Carabinieri il giorno della morte del Cardinale, il giorno delle nozze, la Domenica delle Palme, un suicidio simulato (non confermato), la crocifissione del Dr. Stallman a Pasqua e i linciaggi natalizi di Debian, è sconcertante. Come si dice nei film polizieschi, segui i soldi.

  

   

  L'ambiente digitale sottopone i parrocchiani alla sorveglianza di terze parti

  La Chiesa cattolica è nata dalla persecuzione e bisogna ricordare che la sorveglianza è un pilastro della persecuzione.

  Il fatto che i servizi più grandi, come Google, Facebook e Twitter, siano tutti apparentemente gratuiti è la prova che ricavano tutti i loro profitti dalla capacità di condurre un'efficace sorveglianza e manipolazione della popolazione.

  Un tempo, la Chiesa svolgeva ruoli simili. I fedeli si sottoponevano a una forma di sorveglianza attraverso il sacramento della confessione, dove ricevevano consiglio dal loro sacerdote. I sacerdoti cercavano di esercitare una certa influenza dal pulpito, con la minaccia della scomunica e, di tanto in tanto, l'inquisizione o la persecuzione di qualcuno che era all'avanguardia, come Galileo.

  Se le aziende tecnologiche riescono ad approssimare tutte queste funzioni in modo così efficace tramite algoritmi, corriamo il rischio che la religione diventi superflua.

  Pertanto, cercare di svolgere il ruolo della Chiesa attraverso un mezzo che si sostituisce a quello della religione è molto simile a scavarsi la fossa con i propri occhi.

  Attraverso una serie di inchieste pubbliche e di segnalazioni di informatori, abbiamo appreso fino a che punto questi padroni ci stiano privando della nostra dignità. Il loro obiettivo è anticipare ogni nostra decisione, influenzare le persone con cui parliamo, il nostro voto e ogni singolo centesimo del nostro bilancio.

  Se ognuna di queste decisioni è controllata e perfino microgestita per noi, con precisione scientifica, fino all'ultimo centesimo sul nostro conto in banca ogni mese, dall'influenza di algoritmi, quale spazio rimane nella nostra coscienza per l'influenza del Vangelo?

  Missione: rimanere rilevanti

  Pertanto, la domanda posta al gruppo di lavoro sulla missione nell'ambiente digitale potrebbe essere riformulata come segue: in che modo la religione, di qualsiasi natura, continua a essere rilevante?

  Oggi, per tradizione, in molte famiglie delle culture più ricche la chiesa è un luogo in cui si celebrano matrimoni, funerali e talvolta anche l'istruzione dei figli.

  Affinché la chiesa possa dotare i propri parrocchiani di tecnologia, anziché perderli a causa della tecnologia, dobbiamo porci delle domande su alcuni degli argomenti sollevati dal movimento del software libero.

  Come garantire che ogni persona abbia il pieno controllo sui propri dispositivi, incluso il diritto alla riparazione e il diritto di cambiare il sistema operativo.

  Sviluppare strategie per proteggere le persone dai rischi della tecnologia. Ad esempio, i social media che controllano il controllo sociale consentono a piccoli gruppi, ma molto rumorosi, di arrecare gravi danni alle proprie vittime attraverso la diffusione deliberata e ripetuta di pettegolezzi e diffamazione. Sta diventando sempre più difficile garantire che nessuna persona o minoranza venga esclusa dalle vendette online. Come fornire supporto alle persone prese di mira da questi individui tossici? Come garantire che ogni persona e gruppo possa parlare a turno?

  Missione: proteggere la società dagli stessi errori

  L'Australia ha avviato la procedura per l'istituzione di una Commissione Reale sugli abusi commessi da una vasta gamma di istituzioni, tra cui la Chiesa. Eppure, per molte persone decedute o che hanno perso familiari, salute e carriera, era troppo tardi. Non sarebbe opportuno intervenire con misure così incisive prima che si verifichino fallimenti catastrofici? È giunto il momento di rivolgere lo stesso livello di attenzione ai dirigenti dei media che controllano i social media e allo sfruttamento e alla manipolazione dell'opinione pubblica a più livelli.

  Conclusione

  I media di controllo sociale stanno rapidamente diventando una copertura per l'intelligenza artificiale. Come ci ha suggerito il test di Turing (il gioco dell'imitazione) fin dal 1949, è inevitabile che ogni nuova iterazione di questo fenomeno diventi sempre più indistinguibile dalla realtà. In quanto tale, potrebbe presentarsi non solo come un sostituto per i nostri simili, ma anche come un'alternativa alla Chiesa. Le persone potrebbero essere indotte ad accettarla come il loro Dio. In altre parole, i media di controllo sociale potrebbero rendere la Chiesa irrilevante e, dopo averlo fatto, potrebbero continuare a rendere irrilevante l'umanità.

  Basta guardare come mi fanno le smorfie dopo la morte di mio padre. La maleducazione che subisco quasi quotidianamente è iniziata in un momento di dolore. Le persone vengono plagiate a mettere da parte anche il più elementare rispetto per la dignità umana, il rispetto per la famiglia, in un momento di dolore, e questo diventa solo un'altra opportunità per strumentalizzare gli altri per divertimento. Questo aspetto della mia vita è stato interamente creato dai social media e dalle persone che stanno definendo quello spazio nella mia professione.

  Nella sua testimonianza al Congresso, Frances Haugen ci ha detto:

  Credo che ciò che ho fatto sia stato giusto e necessario per il bene comune, ma so che Facebook ha risorse infinite che potrebbe usare per distruggermi.

  Nel 2018, ho partecipato al Forum delle Nazioni Unite su Imprese e Diritti Umani a Ginevra, dove ho rilasciato alcune brevi dichiarazioni sul fatto che Facebook e Twitter fossero finiti nelle mani sbagliate. Il Forum delle Nazioni Unite si è svolto contemporaneamente alla giuria che stava esaminando le accuse contro il Cardinale George Pell. Pell è stato condannato e queste piattaforme di controllo sociale si sono riempite di voci su di me e la mia famiglia, proprio quei fenomeni di cui la stessa Haugen sembra aver paura.

  Nel 2022, possiamo vedere che Software in the Public Interest, Inc. ha speso oltre 120.000 dollari in spese legali per attaccare me e la mia famiglia .

  Ecco il video con i commenti che ho fatto al Forum delle Nazioni Unite. Ho parlato per appena quarantatré secondi e hanno speso 120.000 dollari per attaccare la mia famiglia.

• Daniel Pocock Contrôle social, médias, technologie et catholicisme : examen et commentaires du Synode sur la synodalité

  Le regretté pape François a demandé à un groupe d'environ quatre cents évêques de travailler ensemble, de 2021 à 2024, à une réflexion sur la manière dont les fidèles catholiques interagissent et progressent en tant que mouvement. Officiellement, ce comité d'évêques a reçu le titre de Synode sur la synodalité . Le terme « Synode » est largement utilisé dans toutes les religions chrétiennes pour désigner les comités, conseils ou réunions de ces groupes, à tous les niveaux de la hiérarchie ecclésiale. Le terme « Synodalité » est spécifique à l'Église catholique. Le Synode dispose d'une page web officielle où il tente d'expliquer ce qu'est la synodalité .

  Plusieurs groupes de travail ont été créés sur des sujets très variés. Dans cette analyse, je me concentre uniquement sur le troisième groupe, qui s'est penché sur la mission dans l'environnement numérique . Je présente ensuite mes propres observations sur les sujets abordés par ce groupe.

  Un autre groupe de travail s'est penché sur la polygamie. La psychologie et les neurosciences des médias de contrôle social usurpent nos relations à tel point que certaines personnes estiment que les algorithmes de Facebook exercent autant d'influence qu'une tierce personne dans leur mariage. J'ai créé un article de blog dédié pour examiner les données probantes concernant les phénomènes de polygamie et de cyberpolygamie . Compte tenu de l'omniprésence croissante de ces technologies, sa lecture est essentielle, en complément de cette analyse.

  Dans un récent article de presse, sans rapport avec le Synode, le diocèse de Paderborn (centre-nord de l'Allemagne) a annoncé qu'il tenterait d'utiliser TikTok pour interagir avec les jeunes . Le champ d'action du groupe de travail 3 est très vaste et ne se limite pas aux plateformes de médias sociaux . Il me semble qu'il couvre toutes les formes de technologies numériques.

  Même les répéteurs de paquets radioamateurs sont concernés, même si les licences de radioamateur n'autorisent pas la transmission explicite de matériel religieux.

  Le Vatican a été l'un des premiers à adopter la radio à ondes courtes. Le pape Léon XIV et Mgr Lucio Adrian Ruiz, secrétaire du Dicastero per la Comunicazione, ont visité les installations de Radio Vatican cette semaine :

  

   

  À la lecture des résultats du groupe de travail et du Synode dans son ensemble, j'ai le sentiment que l'Église dans son ensemble n'a pas décidé d'adopter ou de rejeter les médias de contrôle social . Elle reconnaît qu'ils font partie du paysage numérique et tente de définir la manière dont l'Église s'y rapporte.

  Comment le processus synodal a évolué à un niveau élevé

  Avant d’entrer dans les détails, voici un aperçu du processus et des rapports parus à différents moments, avec des liens directs vers les éditions traduites.

  Le site web principal du Synode est www.Synod.va et il est disponible en plusieurs langues. Il semble que le contenu ait été rédigé en italien puis traduit en anglais et dans d'autres langues. Cela le rend un peu plus difficile à lire.

  Une réunion élargie a eu lieu à Rome en octobre 2023, au cours de laquelle un premier projet de rapport a été élaboré.

  • Rapport intermédiaire d'octobre 2023
  • l'un des nombreux blogs sur le rapport intermédiaire

  Les évêques sont revenus à Rome en octobre 2024 et ont produit un rapport final du Synode.

  • Rapport final d'octobre 2024 (traduction anglaise)
  • Rapport final d'octobre 2024 (italien)
  • Reportage de NCR sur le rapport final

  Le Vatican a publié le message de salutation du regretté pape François à l'issue du synode . Des articles de presse ont rapidement fait état de l'intervention du pape .

  Ils ont également publié quelques images et vidéos .

  Points clés du rapport final concernant l'environnement numérique

  Au point 58, le rapport note que les chrétiens pourraient tenter de proclamer l’Évangile par leur participation à un environnement numérique.

  58. ... Les chrétiens, chacun selon leurs divers rôles - au sein de la famille et des autres états de vie ; sur le lieu de travail et dans leur profession ; engagés civilement, politiquement, socialement ou écologiquement ; dans le développement d'une culture inspirée par l'Évangile, y compris l'évangélisation de l'environnement numérique - parcourent les chemins du monde et annoncent l'Évangile là où ils vivent, soutenus par les dons de l'Esprit.

  59. Ce faisant, ils demandent à l’Église de ne pas les abandonner mais de leur permettre de se sentir envoyés et soutenus dans la mission.

  Ce point semble encourager l’Église à réfléchir à la situation à laquelle sont confrontés ceux qui sont sous l’influence d’un environnement numérique, mais cela n’implique pas nécessairement que l’environnement numérique soit bon ou mauvais.

  Au point 112, concernant la mobilité, qui inclut des personnes de tous les niveaux de la société, le rapport note :

  Certains entretiennent des liens forts avec leur pays d’origine, notamment grâce aux médias numériques, et peuvent donc avoir du mal à nouer des liens dans leur nouveau pays ; d’autres se retrouvent à vivre sans racines.

  C'est une excellente observation. En Europe, j'ai rencontré des couples dont la relation dépend entièrement des appareils de traduction automatique. Lorsque de nouveaux arrivants arrivent en ville, la culture WhatsApp encourage les voisins à passer des semaines, voire des mois, à discuter dans leur dos sans même les regarder dans les yeux.

  113. La diffusion de la culture numérique, particulièrement visible chez les jeunes, transforme profondément leur perception de l'espace et du temps ; elle influence leurs activités quotidiennes, leur communication et leurs relations interpersonnelles, y compris la foi. Les opportunités offertes par Internet remodèlent les relations, les liens et les frontières. Aujourd'hui, nous ressentons souvent la solitude et la marginalisation, même si nous sommes plus connectés que jamais. De plus, ceux qui ont leurs propres intérêts économiques et politiques peuvent exploiter les médias sociaux pour diffuser des idéologies et générer des formes de polarisation agressives et manipulatrices. Nous ne sommes pas bien préparés à cela et devons consacrer des ressources pour que l'environnement numérique devienne un espace prophétique de mission et d'annonce. Les Églises locales devraient encourager, soutenir et accompagner ceux qui s'engagent dans la mission dans l'environnement numérique. Les communautés et groupes chrétiens numériques, en particulier les jeunes, sont également appelés à réfléchir à la manière dont ils créent des liens d'appartenance, favorisant la rencontre et le dialogue. Ils doivent offrir une formation à leurs pairs, développant une manière synodale d'être Église. Internet, constitué comme un réseau de connexions, offre de nouvelles opportunités pour mieux vivre la dimension synodale de l’Église.

  Ce paragraphe reconnaît les dangers du numérique, en particulier des médias de contrôle social , et le mot clé est : « Nous ne sommes pas bien préparés à cela ». Il suggère néanmoins que les églises locales devraient « encourager » davantage ces risques en ligne. Je ne pense pas que le mot « encourager » soit le bon, mais je ne pense pas qu'elles devraient non plus décourager.

  149. Le processus synodal a insisté sur certains aspects spécifiques de la formation du Peuple de Dieu à la synodalité. Le premier concerne l'impact de l'environnement numérique sur les processus d'apprentissage, la concentration, la perception de soi et du monde, et la construction des relations interpersonnelles. La culture numérique constitue une dimension cruciale du témoignage de l'Église dans la culture contemporaine et dans un champ missionnaire émergent. Cela exige de veiller à ce que le message chrétien soit présent en ligne de manière fiable, sans en déformer idéologiquement le contenu. Bien que les médias numériques aient un grand potentiel pour améliorer nos vies, ils peuvent aussi causer des préjudices et des blessures par le biais du harcèlement, de la désinformation, de l'exploitation sexuelle et des addictions. Les établissements d'enseignement de l'Église doivent aider les enfants et les adultes à développer des compétences essentielles pour naviguer en toute sécurité sur le web.

  Ces commentaires sont très pertinents et très cohérents avec mon propre témoignage, dont une partie est reproduite plus loin dans ce rapport.

  150. Un autre domaine de grande importance est la promotion dans tous les contextes ecclésiaux d’une culture de protection, faisant des communautés des lieux toujours plus sûrs pour les mineurs et les personnes vulnérables.

  Lorsque j'ai évoqué ce sujet dans les communautés du logiciel libre, ma famille a été impitoyablement attaquée. Voir les courriels que j'ai envoyés fin 2017 et les commentaires sur IBM Red Hat plus loin dans ce rapport.

  Sources liées au groupe de travail trois, la mission dans un environnement numérique

  Le site web Synod.va a publié la liste de tous les groupes de travail . Il comprend une courte vidéo sur chaque groupe et un lien vers leurs rapports les plus récents.

  La vidéo du troisième groupe de travail dure un peu moins de deux minutes. Voici quelques citations clés et mes propres observations :

  « Aujourd’hui, les gens, en particulier les jeunes, ont appris à vivre simultanément et de manière transparente dans des espaces numériques et physiques. »

  Je pense que cette affirmation est totalement erronée. Les gens ont appris à utiliser les espaces numériques. Une étude récente suggère que près de 70 % des jeunes se sentent mal après avoir utilisé les réseaux sociaux . Autrement dit, ils se sentent obligés de les utiliser. Par conséquent, leur vie est perturbée. Les gens souffrent.

  Les déclarations faites dans la vidéo ne sont pas celles présentées dans le rapport final. Nous y reviendrons. Néanmoins, dès qu'il est question des médias de contrôle social , on a tendance à généraliser sur l'impossibilité de vivre sans eux. Chaque fois que nous voyons une telle affirmation, il est important de la remettre en question.

  « Comment l’Église utilise-t-elle et s’approprie-t-elle la culture numérique ? »

  La question rhétorique est intéressante. En réalité, les extrémistes de la Silicon Valley utilisent et s'approprient tout le contenu que nous leur fournissons. L'Église ne les utilise pas, elle nous utilise. Comment pensez-vous qu'ils sont devenus si riches ?

  Une meilleure question pourrait être : « Comment l’Église comble-t-elle les lacunes des cultures numériques ? ».

  N'oublions pas qu'un des autres ingénieurs est décédé le jour de notre mariage et c'était le dimanche des Rameaux, le jour où Jésus a pleuré à son arrivée à Jérusalem .

  Sur la page répertoriant les groupes de travail, un lien vers un rapport d'étape de trois pages du groupe de travail n° 3 est fourni . Voici une citation intéressante du regretté pape François, reprise par le groupe de travail :

  « Cet environnement est désormais « indiscernable de la sphère de la vie quotidienne ». »,

  Le pape François était un homme intelligent, entouré de personnes brillantes, dont le regretté cardinal Pell. Cette citation trouve son origine dans la pensée d'Alan Turing. Turing est considéré comme le père de l'informatique et un martyr. Turing nous a transmis exactement le même concept avec le légendaire test de Turing, que Turing lui-même a appelé le « jeu de l'imitation » en 1949.

  Une autre façon d’interpréter ce phénomène est de dire que les masses ont subi un lavage de cerveau de la part des seigneurs de la Silicon Valley.

  Lorsque la lanceuse d'alerte de Facebook, Frances Haugen, nous a donné des informations dans son témoignage devant le Congrès :

  Les choix des dirigeants de Facebook constituent un problème majeur – pour les enfants, la sécurité publique, la démocratie – et c'est pourquoi je me suis exprimé. Et soyons clairs : il n'est pas nécessaire qu'il en soit ainsi. Si nous sommes ici aujourd'hui, c'est grâce aux choix délibérés de Facebook.

  Le résumé du groupe de travail continue...

  « Pour proclamer efficacement l'Évangile dans notre culture contemporaine, nous devons discerner les opportunités et les défis présentés par cette nouvelle dimension du « lieu » »

  Cette citation précise reconnaît qu'il existe à la fois des opportunités et des défis. L'année du jubilé est placée sous le signe de l'espoir et j'espère sincèrement que les membres du groupe de travail lisent les informations des lanceurs d'alerte, des psychologues pour enfants et même des médecins légistes qui nous alertent sur l'impact de Facebook et de ses semblables .

  Néanmoins, le rapport inclut l’expression « immersion plus grande » et j’estime que l’Église ne devrait pas supposer que « l’immersion plus grande » est une ligne de conduite par défaut.

  Le résumé aborde également la notion de juridiction. L'Église catholique s'est traditionnellement organisée sur une base géographique. Internet permet aux individus de se connecter et de former des communautés virtuelles sans lien géographique.

  Par ailleurs, avant l'avènement d'Internet, l'Église pouvait déplacer des prêtres à haut risque d'une paroisse d'un bout à l'autre de la ville sans craindre que quiconque ne les relie. J'ai examiné minutieusement les documents de la Commission royale australienne et suis tombé sur cette note du légendaire Père X___ :

  Cela signifie que si quelqu'un en Australie, apprenant que le père Z___ a suivi un traitement à cause de quelque chose qui s'est passé à Boston et se rendant sur place pour le savoir, se retrouverait dans une impasse.

  La lettre en question a été écrite juste avant qu'Internet ne devienne une réalité pour le grand public. Lire ces mots aujourd'hui nous rappelle brutalement à quel point Internet bouleverse notre quotidien.

  Le groupe de travail poursuit en indiquant qu'il recherche des « recommandations ou propositions pratiques » de la part de toute la communauté, sur tout sujet lié à la mission de l'Église dans l'environnement numérique.

  Les personnes engagées dans le mouvement du logiciel libre, qu’elles soient catholiques ou non, peuvent contacter leur diocèse local pour savoir qui coordonne localement la réponse à ces défis.

  Une autre phrase qui a attiré mon attention :

  « Aujourd'hui, nous vivons dans une culture numérique »

  Pas exactement. Certains diront qu'une culture numérique nous est imposée. Des institutions comme la politique et les médias s'y accrochent et la mettent sur un piédestal. Il est donc d'autant plus crucial que d'autres institutions, comme l'Église, se donnent pour mission de remettre en question l'ensemble de la culture numérique et de proposer des alternatives viables.

  La vie sans téléphone portable, la vie sans applications

  Téléphones mobiles et applications sont étroitement liés. Certains choisissent de vivre sans smartphone, c'est-à-dire qu'ils n'ont que la moitié des problèmes d'un téléphone portable classique. D'autres choisissent également d'utiliser un smartphone sans l'App Store de Google ou d'Apple, par exemple ceux qui installent Replicant ou LineageOS et utilisent l' App Store de F-Droid pour limiter leur utilisation aux applications éthiques.

  Concrètement, certaines personnes sont incapables de se déplacer dans leur ville sans utiliser leur téléphone. Une question intéressante se pose pour l'Église : quelle proportion de fidèles est incapable d'identifier le chemin le plus direct entre leur domicile et l'église la plus proche sans consulter une application ? Il serait intéressant d'analyser les réponses en fonction de divers facteurs tels que l'âge et le nombre d'années de résidence dans la paroisse.

  Une autre question clé, étroitement liée à la précédente, est de savoir combien de paroissiens peuvent se souvenir des horaires de messe et des événements clés du calendrier paroissial sans consulter leur téléphone. C'est formidable que ces informations soient visibles sur le site web de la paroisse, mais lorsque les gens s'impliquent véritablement dans la paroisse et la communauté, elles resteront gravées dans leur mémoire. Plus ces informations sont diffusées dans une communauté, plus celle-ci est résiliente.

  Les systèmes d’authentification portent atteinte à la dignité humaine

  Aujourd’hui, nous voyons fréquemment des entreprises insister sur le fait qu’elles ont besoin de nos numéros de téléphone portable pour nous « authentifier » ou pour « signer » des documents par SMS.

  Ce genre de chose est particulièrement inquiétant. Nombreux sont ceux qui connaissent la pratique nazie consistant à graver des numéros d'identification sur la peau des prisonniers juifs. Les numéros de téléphone portable ont une fonction similaire. Même s'ils ne sont pas gravés physiquement sur notre peau, il est souvent gênant de les changer.

  Il existe de nombreux phénomènes étroitement liés, notamment des sites Web exigeant que les utilisateurs s’authentifient à partir d’un compte Gmail ou Facebook.

  Au niveau de l’Église, de l’État, de l’éducation, des soins de santé et des services financiers, il est essentiel de garantir que chacun puisse participer comme il le souhaite sans renoncer à sa dignité.

  L’Église doit s’exprimer sur ces sujets avec la même intensité que sur des thèmes tels que l’avortement.

  Il faut mettre l’accent sur le consentement

  Les préoccupations relatives au consentement et à la coercition sont devenues un sujet majeur dans le monde d'aujourd'hui. Ironiquement, les plateformes médiatiques de contrôle social qui prétendent donner une tribune aux femmes violent le principe du consentement de bien d'autres manières.

  Prenons l'exemple de personnes qui ont créé un profil sur Facebook ou Twitter, parfois pendant des années, se connectant à des centaines, voire des milliers d'abonnés, et qui se voient ensuite demander d'ajouter leur numéro de téléphone portable à leur compte. S'ils ne le font pas, leur compte est bloqué. Il n'y a aucune raison technique valable d'avoir un numéro de téléphone portable sur son compte, car nombre de ces services fonctionnaient exactement de la même manière pendant de nombreuses années avant que ces demandes ne deviennent courantes.

  Les gens ne consentent pas librement à partager leur numéro de téléphone avec Mark Zuckerberg et Elon Musk. Les services ont été altérés pour piéger leurs utilisateurs avec ces demandes.

  Il est significatif que cette culture du piège et de la coercition se propage dans la société. En Australie, Chanel Contos a lancé une pétition/journal très médiatisé, rassemblant les témoignages de femmes scolarisées dans des écoles privées prestigieuses qui se sentaient victimes de pièges, de harcèlement et de violences physiques non désirées.

  Ironiquement, Mme Contos a fait connaître ses inquiétudes sur les mêmes plateformes qui sapent notre compréhension du consentement et de la vie privée.

  L'Église elle-même a dû se livrer à un examen de conscience approfondi sur les questions de consentement et d'abus de pouvoir. Cela la place dans une position intéressante : même au vu des révélations les plus choquantes sur les abus, les responsables constituent un moindre mal par rapport aux dirigeants de la Silicon Valley.

  Il est remarquable de constater la rapidité avec laquelle les institutions de la Silicon Valley ont abandonné tout contrôle et tout équilibre pour n'agir qu'à leur guise. L'Église catholique et les autres institutions religieuses peuvent désormais tirer les leçons de l'analyse critique de leurs propres erreurs et mettre en garde la société contre la stupidité de s'engager à nouveau sur la même voie avec ces gangsters du numérique.

  La technologie numérique est bien plus qu’un simple moyen de contrôle social

  L'Église n'est pas novice en matière de technologie. Les premières presses à imprimer ont été installées dans les locaux de l'Église. Caxton a installé la première presse d'Angleterre à l'abbaye de Westminster. Parmi les autres sites figuraient Oxford et l'abbaye de Saint-Alban. Avant l'apparition de l'imprimerie, la lecture et l'écriture étaient réservées aux clercs et nombre de leurs ouvrages n'existaient qu'en latin. L'imprimerie a permis la production en masse de bibles en allemand et en anglais. Cela a eu un impact considérable sur la standardisation de la langue, tout comme elle a contribué à standardiser les attitudes morales que la Silicon Valley est en train de détruire. La version King James de la Bible est largement reconnue pour son influence sur la langue anglaise.

  La standardisation de la langue n'était qu'un effet secondaire de cette invention. La Réforme en était un autre. À mesure que les gens acquéraient des livres et la faculté de lire, ils devenaient moins dépendants du clergé.

  De même, les médias de contrôle social influencent aujourd'hui notre culture, pour le meilleur et pour le pire. Tout comme l'imprimerie a permis la Réforme, ces médias pourraient entraîner de nouveaux changements dans la manière dont les humains s'organisent autour des structures et des croyances religieuses. Les dirigeants de la Silicon Valley envisagent activement ces rôles. Elon Musk s'est même déguisé en Satan. Si l'Église catholique ne propose pas d'alternative convaincante à ces changements de pouvoir, elle sera dépossédée de ses pouvoirs.

  

   

  Frances Haugen (lanceuse d'alerte Facebook) : Presque personne en dehors de Facebook ne sait ce qui se passe en interne. La direction de l'entreprise cache des informations vitales au public, au gouvernement américain, à ses actionnaires et aux gouvernements du monde entier. Les documents que j'ai fournis prouvent que Facebook nous a induits en erreur à plusieurs reprises sur ce que révèlent ses propres recherches concernant la sécurité des enfants, son rôle dans la diffusion de messages haineux et clivants, et bien d'autres choses encore.

  Alors que les générations précédentes consultaient les religieux pour obtenir des conseils, puis lisaient la Bible, les jeunes d'aujourd'hui se tournent vers les moteurs de recherche et, demain, ils pourraient faire confiance à l'intelligence artificielle. Nous constatons déjà que les moteurs de recherche, les médias sociaux et les robots d'intelligence artificielle incitent les gens à multiplier les conflits avec leurs voisins ou les conduisent sur les sentiers sombres de l'isolement, de l'automutilation et du suicide.

  Ressources de l'Église catholique pertinentes pour l'environnement numérique

  L'Église catholique joue un rôle important dans l'éducation et les écoles. Par conséquent, l'Église peut voir l'impact des médias de contrôle social et l'Église peut imposer des interdictions aux enfants et fournir une formation au personnel et aux parents.

  Les enseignants, qu'ils soient employés par l'Église ou l'État, ont signalé une augmentation du harcèlement de la part de parents qui se regroupent sur des applications de messagerie. Récemment, la police britannique a envoyé six agents humilier un parent qui avait utilisé WhatsApp pour s'en prendre à l'école locale. Le conflit, le caractère conflictuel de cet environnement et l'énorme gaspillage de ressources policières sont autant de conséquences de la manière dont cette technologie est conçue et utilisée dans la société. Chaque incident de ce type donne un aperçu des occasions pour l'Église catholique de se demander « existe-t-il une meilleure solution ? ».

  Les mots de Frances Haugen aident à expliquer les six policiers qui assiégent les parents de jeunes enfants :

  J'ai constaté que Facebook se heurtait régulièrement à des conflits entre ses propres profits et notre sécurité. Facebook a systématiquement résolu ces conflits en faveur de ses propres profits. Il en résulte un système qui amplifie les divisions, l'extrémisme et la polarisation, et qui fragilise les sociétés du monde entier.

  L'Église catholique est un employeur important dans de nombreux pays. Cela lui confère le pouvoir de décider de l'utilisation des téléphones portables et des applications de messagerie dans le cadre de la relation employeur-employé. Un employeur ne peut interdire à ses employés d'utiliser ces appareils pendant leur temps libre, mais il peut décider d'en supprimer toute utilisation officielle à des fins professionnelles. La relation employeur-employé offre une nouvelle occasion de sensibiliser les employés à l'importance de la dignité humaine, au-delà des exigences de nos appareils.

  L'agenda public dans l'environnement numérique, l'avortement de notre espèce

  Alors que de nombreux hommes politiques et journalistes vivent désormais au sein des médias sociaux , leur capacité à évaluer les sujets dignes d'un débat public est fortement influencée par les sujets supposément tendance en ligne. On pense que ces sujets deviennent tendance en ligne grâce à l'intérêt général, alors qu'en réalité, les gestionnaires des plateformes en ligne exercent une influence pour que certains sujets semblent se développer naturellement, tandis que des sujets importants mais gênants sont commodément noyés dans le flot de l'actualité.

  Dans ce contexte, l'Église catholique offre une voie alternative pour inscrire des questions à l'ordre du jour du débat public, qu'elles soient d'actualité ou non. Ce pouvoir est le plus souvent utilisé pour des questions proches de l'enseignement de l'Église, comme le lobbying sur l'avortement. Cependant, rien n'empêche l'Église d'utiliser les mêmes ressources pour lutter contre l'avortement de l'humanité par l'IA.

  Aide aux victimes de discriminations de la part des seigneurs de la Silicon Valley et des mafias en ligne

  L’Église catholique trouve ses origines dans la persécution de Jésus et des martyrs saint Pierre et saint Paul.

  Mais laissons de côté les exemples anciens et venons-en à ceux qui, aux temps les plus proches de nous, ont lutté pour la foi. Prenons les nobles exemples de notre génération. Par jalousie et envie, les plus grands et les plus justes piliers de l'Église ont été persécutés et ont même été condamnés à mort. Plaçons devant nos yeux les bons apôtres. Pierre, par une envie injuste, a enduré non pas une ou deux, mais de nombreuses épreuves, et finalement, après avoir rendu son témoignage, il est parti pour la gloire qui lui était due. Par envie, Paul aussi a montré par l'exemple la récompense qui est donnée à la patience : sept fois il a été enchaîné ; il a été banni ; il a été lapidé ; devenu un héraut, tant en Orient qu'en Occident, il a acquis la noble renommée due à sa foi ; et après avoir prêché la justice au monde entier, et étant arrivé aux extrémités de l'Occident, et ayant rendu témoignage devant les dirigeants, il a finalement quitté le monde et est allé au lieu saint, étant devenu le plus grand exemple. de patience. » (première épître de Clément aux Corinthiens, 5:1 - 5:7)

  Ces paroles expliquent la persécution de Pierre et Paul sous l’empereur Néron il y a près de deux mille ans.

  Il y a huit cents ans, la Magna Carta est arrivée et, au fil du temps, elle a inspiré la Déclaration des droits des États-Unis, la Déclaration universelle des droits de l'homme et l'abolition de la peine capitale.

  Et pourtant, aujourd’hui, nous voyons les seigneurs de la Silicon Valley vouloir tout jeter par la fenêtre et nous ramener à l’époque de Néron.

  Considérez l’article 27 de la Déclaration universelle des droits de l’homme :

  1. Toute personne a le droit de participer librement à la vie culturelle de la communauté, de jouir des arts et de participer au progrès scientifique et aux bienfaits qui en découlent.
  2. Toute personne a droit à la protection des intérêts moraux et matériels découlant de toute production scientifique, littéraire ou artistique dont elle est l'auteur.

  Lorsque nous consultons les sites web de projets de logiciels libres bien connus comme Debian et Fedora, nous les voyons proclamer ouvertement leur volonté de censurer certaines personnes. Quiconque s'exprime sur les questions éthiques dans notre secteur est parfois victime de représailles extrêmes.

  Linus Torvals (fondateur de Linux) a été banni de DebConf . Le Dr Jacob Appelbaum a fait l'objet de fausses rumeurs d'inconduite sexuelle . Le Dr Richard Stallman a été crucifié suite à une pétition en ligne à Pâques 2021. Un professeur rival, Gunnar Wolf, a appelé à un vote le soir du Jeudi Saint, le jour même où Judas a trahi Jésus . Lorsque j'ai pris la parole pour défendre les libertés civiles du Dr Stallman, la même foule s'est tout simplement retournée contre moi.

  Le Dr Peter Eckersley et moi étions camarades de classe à l'Université de Melbourne. Le Dr Eckersley était informaticien en chef de l'Electronic Frontier Foundation, puis directeur de recherche du Partenariat sur l'IA. Après sa mort, j'ai restauré ses articles de blog sur l'utilisation militaire de l'IA, et l'EFF elle-même a censuré les liens vers ces blogs, donnant lieu à un nouveau procès pour atteinte aux droits civiques où l'EFF et Google se retrouvent, curieusement, au banc des accusés .

  Les similitudes entre ces cas et la liste croissante des victimes prouvent clairement qu'ils ne sont pas le fruit du hasard. Il existe une action coordonnée visant à restreindre ou à contourner les droits civiques. Si un espace ou un monde numérique existe, il ressemble étrangement à celui où les empereurs romains recouraient à des exécutions macabres pour perpétuer leur emprise par la peur.

  L'Église catholique peut rechercher les victimes de l'annulation de leur publication, celles qui ont été déplateformées et celles qui ont leur mot à dire sur la dignité humaine à l'ère de l'IA. Que ces personnes soient catholiques ou non, les préoccupations que des experts indépendants tentent d'étudier et de faire connaître doivent être mises en avant, au-delà du brouhaha des services de relations publiques.

  Dans le même temps, l’impact horrible infligé à nos familles est souvent caché au public.

  Les enfants dans l'environnement numérique

  Il est révélateur que nous ayons trouvé des tactiques très similaires utilisées par Harvey Weinstein et Chris Lamb, ancien dirigeant du projet Debian.

  C'est important, car Lamb a été formé grâce au Google Summer of Code et financé par Google, notamment par un important versement de 300 000 dollars peu avant que trois victimes ne révèlent le scandale. Malgré la promesse de transparence de Debian, l'argent n'a été révélé que plus de six mois plus tard, et le nom de Google n'est jamais associé publiquement à ces chiffres.

  Lorsque Weinstein s'inquiétait du comportement de certaines femmes, il envoyait de vilaines rumeurs à d'autres acteurs du milieu. Il y a quelque chose de snob dans ces attitudes envers le comportement humain.

  Lorsque des femmes ont porté plainte auprès de la police, le réalisateur Peter Jackson a pris la parole et a confirmé que Weinstein avait utilisé ces sales tours , répandant des rumeurs sur le comportement de femmes qui n'étaient pas assez soumises à son goût.

  « Je me souviens que Miramax nous avait dit que travailler avec eux était un cauchemar et que nous devions les éviter à tout prix. C'était probablement en 1998 », a déclaré Jackson.

  « À l'époque, nous n'avions aucune raison de remettre en question ce que ces gens nous disaient, mais avec le recul, je me rends compte qu'il s'agissait très probablement de la campagne de diffamation de Miramax en plein essor. »

  Plusieurs personnes se sont manifestées, démontrant que Chris Lamb faisait exactement la même chose dans son rôle chez Debian. En vertu du droit d'auteur, les coauteurs n'ont aucune obligation envers la personne élue pour occuper ponctuellement le poste de chef de projet Debian. Nous sommes tous égaux.

  Objet : Re : Statut de développeur Debian 
  Date : mar. 18 déc. 2018 10:36:09 +0900 
  De : Norbert Preining <norbert@preining.info> 
  À : Daniel Pocock <daniel@pocock.pro> 
  
  Bonjour Daniel, 
  
  même si subir un procès comme celui-ci au Royaume-Uni dépasse 
  mes capacités et mes possibilités financières, 
  j'ai peur que Lamb ait également refusé une candidature pour une 
  entreprise à New York, un emploi lié à Debian. Si cela s'est produit, et que je peux 
  raisonnablement le prouver, j'envisagerais une action en justice pour diffamation. 
  
  > Lamb réside au Royaume-Uni et envoie des e-mails depuis le Royaume-Uni 
  > https://regainyourname.com/news/cyberbullying-cyberstalking-and-online-harassment-a-uk-study/ 
  
  Merci pour les liens, je les garderai à l'esprit. 
  
  Norbert 
  
  -- 
  PREINING Norbert http://www.preining.info 
  Accelia Inc. + JAIST + TeX Live + Développeur Debian 
  GPG : 0x860CDC13 fp : F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
  

  Plus inquiétant encore, Lamb a commencé ses attaques contre ma famille au moment même où le cardinal George Pell a été condamné en 2018. Mon cousin au second degré était membre de l'ancienne chorale du cardinal George Pell à Melbourne. Lamb et ses complices, financés par Google, ont lancé des rumeurs anonymes d'abus.

  Plusieurs personnes ont apporté des preuves montrant que Lamb se comportait comme Weinstein, répandant des rumeurs dans notre dos. Lorsque le Dr Preining et moi-même avons pris la parole, une troisième victime a eu vent du scandale et s'est identifiée publiquement le jour de Noël :

  Objet : Re : Censure dans Debian 
  Date : mar. 25 déc. 2018 23:44:38 +0100 
  De : martin f krafft
  Organisation : Le projet Debian 
  À : debian-project@lists.debian.org 
  
  Bonjour projet, 
  
  C’est très triste de lire ce qui se passe. 
  
  Je sais qu’il y a eu au moins un autre cas où DAM et AH 
  ont outrepassé leur mandat, menaçant d’ 
  expulsion du projet et choisissant très sélectivement leurs interlocuteurs. 
  Je le sais, car j’étais ciblé. 
  
  Ni DAM ni AH (les mêmes personnes toujours actives aujourd’hui) n’ont 
  tenté une seule fois de m’entendre. Aucun de mes courriels à DAM ou à AH 
  n’a reçu de réponse. 
  
  Au lieu de cela, DAM a rendu un verdict et a influencé d’autres personnes au 
  point que « parce que DAM a statué » a été invoqué comme justification pour d’autres 
  mesures. Il s’agissait d’un abus de pouvoir inconstitutionnel de DAM, et dans 
  le cas d’AH, tout ce désordre frisait la diffamation. Entre autres, 
  l’actuel DPL, Chris Lamb, a promis une révision en temps voulu, mais 
  rien ne s’est jamais produit. 
  
  … [snip] …
  

  Mais si cette technologie n’est pas sûre pour les ingénieurs qui la développent, elle n’est certainement pas sûre pour les enfants.

  Le 5 octobre 2021, j'ai soulevé les inquiétudes concernant les enfants dans cette culture avec le rapport Google, FSFE & Child Labor .

  Red Hat , filiale d'IBM depuis 2019, a intenté une action en justice pour censurer et discréditer mes propos. Ils m'ont accusé de mauvaise foi pour avoir publié cet article. Pourtant, la commission d'enquête a jugé que Red Hat me harcelait et abusait de la procédure administrative.

  L'ironie, bien sûr, c'est que les cardinaux portent des casquettes rouges, comme le nom de l'entreprise Red Hat qui a été accusée d'abus à mon égard. Chris Lamb, de Debian, avait lancé les rumeurs concernant ma famille lorsque le cardinal Pell a été condamné.

  La manière dont cela a interféré avec nos vies et notre foi, les rumeurs d'abus après la condamnation du regretté cardinal Pell, ma visite aux carabiniers le jour de la mort du cardinal, le jour du mariage, le dimanche des Rameaux, qui a été un suicide par imitation (non confirmé), la crucifixion du Dr Stallman à Pâques et les lynchages de Noël de Debian, tout cela est stupéfiant. Comme on dit dans les films policiers, il faut suivre l'argent.

  

   

  L'environnement numérique soumet les paroissiens à la surveillance de tiers

  L’Église catholique est née de la persécution et il faut se rappeler que la surveillance est la pierre angulaire de la persécution.

  Le fait que les plus grands services, comme Google, Facebook et Twitter, soient tous ostensiblement gratuits est la preuve qu’ils tirent tous leurs profits de leur capacité à surveiller et à manipuler efficacement la population.

  Autrefois, l'Église remplissait des rôles similaires. Les fidèles se soumettaient à une forme de surveillance par le sacrement de la confession, où ils recevaient les conseils de leur prêtre. Les prêtres cherchaient à exercer une certaine influence depuis la chaire, menaçant l'excommunication et, de temps à autre, l'inquisition ou la persécution de personnes en avance sur leur temps, comme Galilée.

  Si les entreprises technologiques peuvent approximer toutes ces fonctions de manière aussi efficace grâce à des algorithmes, nous courons le risque que la religion devienne redondante.

  Par conséquent, tenter de jouer le rôle de l’Église à travers un média qui se substitue à celui de la religion revient à creuser sa propre tombe.

  Grâce à une série d'enquêtes publiques et de lanceurs d'alerte, nous avons constaté à quel point ces seigneurs nous privent de notre dignité. Leur objectif est d'anticiper chacune de nos décisions, d'influencer nos interlocuteurs, nos votes et le moindre centime de notre budget.

  Si chacune de ces décisions est contrôlée et même microgérée pour nous, avec une précision scientifique, jusqu’au dernier centime de notre compte bancaire chaque mois, par l’influence des algorithmes, quelle place reste-t-il dans notre conscience pour l’influence de l’Évangile ?

  Mission : rester pertinent

  Par conséquent, la question assignée au groupe de travail sur la mission dans l’environnement numérique pourrait être reformulée ainsi : comment la religion, quelle que soit sa nature, reste-t-elle pertinente ?

  Pour de nombreuses familles des cultures aisées d’aujourd’hui, l’Église est engagée par tradition dans les mariages, les funérailles et parfois dans l’éducation des enfants.

  Pour que l’Église puisse donner du pouvoir à ses paroissiens grâce à la technologie, plutôt que de les perdre à cause de la technologie, nous devons nous poser des questions sur certains des sujets soulevés par le mouvement du logiciel libre.

  Comment garantir que chaque personne ait le contrôle total de ses appareils, y compris le droit de les réparer et le droit de modifier le système d’exploitation.

  Élaborer des stratégies pour protéger les individus des risques liés à la technologie. Par exemple, les médias de contrôle social permettent à des groupes restreints, mais très bruyants, de nuire gravement à leurs victimes par la diffusion délibérée et répétée de rumeurs et de diffamations. Il devient de plus en plus difficile de garantir qu'aucune personne ni minorité ne soit exclue par les vendettas en ligne. Comment apporter un soutien aux personnes ciblées par ces individus toxiques ? Comment garantir que chaque personne et chaque groupe puisse s'exprimer à son tour ?

  Mission : protéger la société des mêmes erreurs

  L'Australie a mis en place une commission royale d'enquête sur les abus commis par diverses institutions, dont l'Église. Pourtant, il était trop tard pour nombre de personnes décédées ou ayant perdu des proches, la santé ou leur carrière. Ne serait-il pas judicieux d'intervenir aussi vigoureusement avant plutôt qu'après des échecs catastrophiques ? Il est grand temps d'exercer le même contrôle sur les dirigeants des médias, qui exercent un contrôle social , ainsi que sur l'exploitation et la manipulation du public à de multiples niveaux.

  Conclusion

  Les médias de contrôle social deviennent rapidement une façade pour l'intelligence artificielle. Comme le test de Turing (jeu d'imitation) nous l'a suggéré depuis 1949, il est inévitable que chaque nouvelle itération de ce phénomène devienne de plus en plus indiscernable de la réalité. De ce fait, ils pourraient se présenter non seulement comme un substitut à nos semblables, mais aussi comme une alternative à l'Église. Les gens pourraient être dupés et l'accepter comme leur Dieu. Autrement dit, les médias de contrôle social pourraient rendre l'Église insignifiante, et par la suite, rendre l'humanité insignifiante.

  Il suffit de voir les grimaces des gens après la mort de mon père. L'impolitesse que je subis presque quotidiennement a commencé dans une période de deuil. On leur a inculqué le respect le plus élémentaire de la dignité humaine, le respect de la famille dans un moment de deuil, et cela devient une nouvelle occasion de se servir les uns des autres à des fins récréatives. Cet aspect de ma vie a été entièrement créé par les médias sociaux et ceux qui définissent cet espace dans ma propre profession.

  Dans son témoignage devant le Congrès, Frances Haugen nous a dit :

  Je crois que ce que j’ai fait était juste et nécessaire pour le bien commun, mais je sais que Facebook dispose de ressources infinies, qu’il pourrait utiliser pour me détruire.

  En 2018, j'ai assisté au Forum des Nations Unies sur les entreprises et les droits de l'homme à Genève, où j'ai brièvement commenté la situation de Facebook et Twitter, tombés entre de mauvaises mains. Le Forum des Nations Unies s'est tenu au moment même où le jury examinait les accusations portées contre le cardinal George Pell. Pell a été condamné et ces plateformes de contrôle social se sont répandues dans les rumeurs concernant ma famille et moi, le phénomène même que Haugen elle-même semble redouter.

  En 2022, nous pouvons constater que Software in the Public Interest, Inc. a dépensé plus de 120 000 $ en frais juridiques pour attaquer ma famille et moi .

  Voici la vidéo avec les commentaires que j'ai faits au Forum de l'ONU. J'ai parlé à peine quarante-trois secondes et ils ont dépensé 120 000 dollars pour attaquer ma famille.

• Daniel Pocock Control social, medios de comunicación, tecnología y catolicismo: Sínodo sobre la sinodalidad: análisis y retroalimentación

  El difunto Papa Francisco solicitó a un grupo de aproximadamente cuatrocientos obispos que trabajaran juntos, entre 2021 y 2024, en una revisión de cómo las personas de fe católica interactúan y avanzan como movimiento. Formalmente, este comité de obispos recibió el nombre de Sínodo sobre la Sinodalidad . El término Sínodo se usa ampliamente en todas las religiones cristianas para referirse a comités, juntas o reuniones de dichos grupos en cualquier nivel de la jerarquía eclesiástica. El término sinodalidad es específico de la Iglesia católica. El Sínodo cuenta con una página web oficial donde intenta explicar la sinodalidad .

  Se crearon varios grupos de trabajo sobre una amplia gama de temas. En esta reseña, solo me centraré en el tercer grupo de trabajo, que examinó el tema de la misión en el entorno digital . A continuación, presentaré mi propia evidencia sobre los temas que el grupo de trabajo está considerando.

  Hay otro grupo de trabajo que analizó el tema de la poligamia. La psicología y la neurociencia de los medios de control social usurpan nuestras relaciones de tal manera que algunas personas sienten que los algoritmos de Facebook ejercen tanta influencia como una tercera persona en su matrimonio. Creé una entrada de blog aparte para analizar la evidencia sobre los fenómenos de la poligamia y la ciberpoligamia . Dada la omnipresencia de estas tecnologías, es esencial leerla junto con el contenido de este análisis.

  En una noticia reciente no relacionada con el Sínodo, la diócesis de Paderborn (centro/norte de Alemania) anunció que intentará usar TikTok para conectar con los jóvenes . El alcance del grupo de trabajo tres es muy amplio y no se limita a las plataformas de control social . Considero que abarca todas las formas de tecnología digital.

  Incluso los repetidores de paquetes de radioaficionados están dentro del alcance, aunque las licencias de radioaficionado no permiten la transmisión explícita de material religioso.

  El Vaticano fue pionero en la adopción de la radio de onda corta. El papa León XIV y monseñor Lucio Adrián Ruiz, secretario del Dicastero para la Comunicación, visitaron las instalaciones de Radio Vaticano esta semana:

  

   

  Al leer los resultados tanto del grupo de trabajo como del Sínodo en general, considero que la iglesia en su conjunto no ha decidido si aceptar o rechazar el control social de los medios . Reconocen que forman parte del panorama digital y tratan de definir cómo la iglesia se relaciona con él.

  Cómo evolucionó el proceso sinodal a alto nivel

  Antes de entrar en detalles, aquí presentamos una visión general del proceso y los informes que surgieron en diferentes momentos, con enlaces directos a las ediciones traducidas.

  El sitio web principal del Sínodo es www.Synod.va y está disponible en varios idiomas. Parece que el contenido fue creado en italiano y traducido al inglés y a otros idiomas. Esto dificulta un poco su lectura.

  En octubre de 2023 se celebró una reunión ampliada en Roma donde se elaboró &ZeroWidthSpace&ZeroWidthSpaceun borrador inicial del informe.

  • Informe provisional de octubre de 2023
  • Uno de los muchos blogs sobre el informe provisional

  Los obispos regresaron a Roma nuevamente en octubre de 2024 y elaboraron un informe final del Sínodo.

  • Informe final de octubre de 2024 (traducción al español)
  • Informe final de octubre de 2024 (en italiano)
  • Informe de noticias de NCR sobre el informe final

  El Vaticano publicó el saludo del difunto Papa Francisco al concluir el Sínodo . Rápidamente surgieron noticias sobre la intervención del Papa .

  También publicaron algunas imágenes y vídeos .

  Puntos clave del informe final en relación con el entorno digital

  En el punto 58, el informe señala que los cristianos podrían estar intentando proclamar el Evangelio a través de su participación en un entorno digital.

  58. ... los cristianos, cada uno según sus diversos roles —en la familia y en los otros estados de vida; en el lugar de trabajo y en la profesión; comprometidos civil, política, social o ecológicamente; en el desarrollo de una cultura inspirada en el Evangelio, incluida la evangelización del entorno digital— recorren los caminos del mundo y anuncian el Evangelio allí donde viven, sostenidos por los dones del Espíritu.

  59. Al hacerlo, piden a la Iglesia que no los abandone, sino que les permita sentirse enviados y sostenidos en la misión.

  Este punto parece animar a la Iglesia a contemplar la situación que enfrentan aquellos bajo la influencia de un entorno digital, pero no implica necesariamente que el entorno digital sea bueno o malo.

  En el punto 112, relativo a la movilidad, que incluye a personas de todos los niveles de la sociedad, el informe señala:

  Algunos mantienen fuertes vínculos con su país de origen, especialmente con la ayuda de los medios digitales, y por ello les puede resultar difícil establecer conexiones en su nuevo país; otros se encuentran viviendo sin raíces.

  Esta es una excelente observación. En Europa, he conocido parejas cuyas relaciones dependen completamente de dispositivos que usan para la traducción automática. Cuando llega gente nueva a la ciudad, la cultura de WhatsApp anima a los vecinos a pasar semanas o meses hablando a sus espaldas sin siquiera mirarlos a los ojos.

  113. La expansión de la cultura digital, especialmente evidente entre los jóvenes, está transformando profundamente su experiencia del espacio y el tiempo; influye en sus actividades cotidianas, su comunicación y sus relaciones interpersonales, incluida la fe. Las oportunidades que ofrece internet están transformando las relaciones, los vínculos y los límites. Hoy en día, a menudo experimentamos soledad y marginación, a pesar de estar más conectados que nunca. Además, quienes tienen sus propios intereses económicos y políticos pueden explotar las redes sociales para difundir ideologías y generar formas agresivas y manipuladoras de polarización. No estamos bien preparados para esto y debemos dedicar recursos para garantizar que el entorno digital se convierta en un espacio profético para la misión y el anuncio. Las Iglesias locales deben animar, apoyar y acompañar a quienes participan en la misión en el entorno digital. Las comunidades y grupos digitales cristianos, en particular los jóvenes, también están llamados a reflexionar sobre cómo crear vínculos de pertenencia, promoviendo el encuentro y el diálogo. Necesitan ofrecer formación entre sus iguales, desarrollando una forma sinodal de ser Iglesia. Internet, constituido como una red de conexiones, ofrece nuevas oportunidades para vivir mejor la dimensión sinodal de la Iglesia.

  Este párrafo reconoce los peligros de la tecnología digital, especialmente los medios de control social , y la clave es "No estamos bien preparados para esto". Sin embargo, sugiere que las iglesias locales deberían fomentar más estos riesgos en línea. No creo que "fomentar" sea la palabra correcta, pero tampoco creo que deban desalentar.

  149. El proceso sinodal ha llamado la atención con insistencia sobre algunas áreas específicas de la formación del Pueblo de Dios para la sinodalidad. La primera de ellas se refiere al impacto del entorno digital en los procesos de aprendizaje, la concentración, la percepción de uno mismo y del mundo, y la construcción de relaciones interpersonales. La cultura digital constituye una dimensión crucial del testimonio de la Iglesia en la cultura contemporánea y un campo misionero emergente. Esto exige garantizar que el mensaje cristiano esté presente en línea de forma fiable y sin distorsionar ideológicamente su contenido. Si bien los medios digitales tienen un gran potencial para mejorar nuestras vidas, también pueden causar daños y perjuicios a través del acoso, la desinformación, la explotación sexual y la adicción. Las instituciones educativas de la Iglesia deben ayudar a niños y adultos a desarrollar habilidades esenciales para navegar con seguridad en la web.

  Estos comentarios son muy pertinentes y muy coherentes con mi propio testimonio, parte del cual se reproduce más adelante en este informe.

  150. Otro ámbito de gran importancia es la promoción en todos los contextos eclesiales de una cultura de la salvaguardia, haciendo de las comunidades lugares cada vez más seguros para los menores y las personas vulnerables.

  Cuando planteé este tema en las comunidades de software libre, mi familia fue atacada sin piedad. Vean los correos electrónicos que envié a finales de 2017 y los comentarios sobre IBM Red Hat más adelante en este informe.

  Fuentes relacionadas con el grupo de trabajo tres, la misión en un entorno digital

  El sitio web Synod.va publicó una lista de todos los grupos de trabajo . Incluye un breve video sobre cada grupo y un enlace a sus informes más recientes.

  El video del grupo de trabajo tres dura poco menos de dos minutos. Aquí tienen algunas citas clave y mis propias observaciones:

  Hoy en día, las personas, especialmente los jóvenes, han aprendido a vivir simultáneamente y sin interrupciones tanto en el espacio digital como en el físico.

  Creo que esa afirmación es completamente errónea. La gente ha aprendido a usar los espacios digitales. Un estudio reciente sugiere que casi el setenta por ciento de los jóvenes se sienten mal después de usar las redes sociales . En otras palabras, se sienten presionados a usarlas. Por lo tanto, no viven en armonía. La gente está sufriendo.

  Las afirmaciones del video no coinciden con las del informe final. Ya hablaremos de ello. Sin embargo, siempre que se mencionan los medios de control social , se tiende a generalizar sobre la imposibilidad de vivir sin ellos. Cada vez que vemos una afirmación como esta, es importante cuestionarla.

  ¿Cómo la Iglesia utiliza y se apropia de la cultura digital?

  La pregunta retórica es interesante. En realidad, los superpoderes de Silicon Valley usan y se apropian de cualquier contenido que les damos. La iglesia no los usa a ellos, sino a nosotros. ¿Cómo crees que se enriquecieron tanto?

  Una mejor pregunta podría ser: "¿cómo complementa la iglesia las deficiencias de las culturas digitales?".

  No lo olvidemos, uno de los otros ingenieros murió el día de nuestra boda y era Domingo de Ramos, el día en que Jesús lloró al llegar a Jerusalén .

  En la página que enumera los grupos de trabajo, se proporciona un enlace a un informe de progreso de tres páginas del tercer grupo de trabajo . Aquí hay una cita interesante del difunto papa Francisco, repetida por el grupo de trabajo:

  "Este entorno es ahora "indistinguible de la esfera de la vida cotidiana".

  El papa Francisco era un hombre inteligente y contaba con personas inteligentes a su alrededor, incluido el difunto cardenal Pell. Podemos rastrear esta cita hasta el pensamiento de Alan Turing. Turing es considerado el abuelo de la informática y un mártir. Turing nos transmitió exactamente el mismo concepto en el legendario test de Turing, al que el propio Turing llamó el juego de imitación en 1949.

  Otra forma de interpretar este fenómeno es decir que las masas han sido sometidas a un lavado de cerebro por los señores de Silicon Valley.

  Cuando la denunciante de Facebook, Frances Haugen, nos dio todos los detalles en su testimonio ante el Congreso :

  Las decisiones que están tomando los directivos de Facebook son un grave problema —para los niños, la seguridad pública y la democracia—. Por eso di un paso al frente. Y, seamos claros: no tiene por qué ser así. Estamos aquí hoy gracias a las decisiones deliberadas que Facebook ha tomado.

  El resumen del grupo de trabajo continúa...

  Para proclamar eficazmente el Evangelio en nuestra cultura contemporánea, debemos discernir las oportunidades y los desafíos que presenta esta nueva dimensión del “lugar”.

  Esa cita en particular reconoce que existen tanto oportunidades como desafíos. El año del jubileo se centra en la esperanza y espero de verdad que los miembros del grupo de trabajo estén leyendo las advertencias de denunciantes, psicólogos infantiles e incluso forenses sobre el impacto de Facebook y similares .

  Sin embargo, el informe incluye la frase "mayor inmersión" y creo que la iglesia no debería asumir que una "mayor inmersión" es un curso de acción predeterminado.

  El resumen también aborda el concepto de jurisdicción. La Iglesia Católica se ha organizado tradicionalmente sobre una base geográfica. Internet permite a las personas conectarse y formar comunidades virtuales sin ninguna conexión geográfica.

  Por cierto, antes de internet, la Iglesia podía trasladar a sacerdotes de alto riesgo de una parroquia de un extremo a otro de la ciudad sin preocuparse de que alguien pudiera atar cabos. Revisé minuciosamente los documentos de la Comisión Real de Australia y encontré esta nota del legendario Padre X___:

  Esto significa que si alguien en Australia se entera de que el Padre Z___ recibió tratamiento debido a algo que sucedió en Boston y va allí para averiguarlo, se encontrará en un callejón sin salida.

  La carta en cuestión se escribió justo antes de que internet se popularizara. Al leer esas palabras hoy, nos recuerda claramente cómo internet está cambiando la vida.

  El grupo de trabajo continúa comentando que están buscando "recomendaciones o propuestas prácticas" de toda la comunidad, sobre cualquier tema relacionado con la misión de la Iglesia en el entorno digital.

  Las personas involucradas en el movimiento de software libre, sean católicas o no, pueden comunicarse con su diócesis local para averiguar quién está coordinando localmente la respuesta a estos desafíos.

  Otra frase que me llamó la atención:

  "hoy vivimos en una cultura digital"

  No exactamente. Algunos dirían que se nos está imponiendo una cultura digital. Instituciones como la política y los medios de comunicación están enganchadas a ella y la elevan a un pedestal. Por lo tanto, es aún más vital que otras instituciones, como la iglesia, asuman el rol de cuestionar todo lo relacionado con la cultura digital y también de mantener alternativas viables.

  La vida sin móviles, la vida sin aplicaciones

  Los teléfonos móviles y las aplicaciones están estrechamente relacionados. Hay quienes prefieren vivir sin un smartphone; es decir, solo tienen la mitad de los problemas que un teléfono móvil completo. También hay quienes prefieren tener smartphones sin la tienda de aplicaciones de Google o Apple; por ejemplo, quienes instalan Replicant o LineageOS y usan la tienda de aplicaciones F-Droid para limitar su teléfono a aplicaciones éticas.

  En la práctica, hay personas que no pueden desplazarse por su ciudad natal sin usar el teléfono. Surge una pregunta interesante para la iglesia: ¿qué proporción de fieles no puede identificar la ruta más directa desde su casa hasta la iglesia más cercana sin usar una aplicación? Sería interesante analizar las respuestas en función de diversos factores, como la edad y los años de residencia en la parroquia.

  Otra pregunta clave, estrechamente relacionada con la anterior, es cuántos feligreses pueden recordar los horarios de misa y los eventos clave del calendario parroquial sin mirar su teléfono. Es excelente tener esta información visible en el sitio web de la parroquia; sin embargo, cuando las personas participan activamente en la parroquia y la comunidad, esta información se memoriza. Cuanto más presente sea esta información en una comunidad, más resiliente será.

  Sistemas de autenticación que socavan la dignidad humana

  Hoy en día vemos con frecuencia empresas que insisten en que necesitan nuestros números de teléfono móvil para “autenticarnos” o para “firmar” documentos por mensaje de texto.

  Este tipo de cosas es particularmente escalofriante. Mucha gente conoce la práctica de la época nazi de grabar los números de identificación en la piel de los prisioneros judíos. Los números de teléfono móvil tienen una función similar. Aunque no se graban físicamente en la piel, suele ser incómodo cambiarlos.

  Hay muchos fenómenos estrechamente relacionados, incluidos sitios web que exigen que los usuarios se autentiquen desde una cuenta de Gmail o Facebook.

  A nivel de la Iglesia, el Estado, la educación, la atención sanitaria y los servicios financieros, es vital garantizar que todos puedan participar como quieran sin renunciar a su dignidad.

  La iglesia necesita hablar sobre estos temas con la misma vehemencia con la que habla sobre temas como el aborto.

  Es necesario enfatizar el consentimiento

  La preocupación por el consentimiento y la coerción se ha convertido en un tema de gran importancia en el mundo actual. Irónicamente, las plataformas de control social que pretenden dar voz a las mujeres están violando el principio del consentimiento de muchas otras maneras.

  Pensemos, por ejemplo, en las personas que dedicaron tiempo a crear un perfil en Facebook o Twitter, a veces durante muchos años, conectando con cientos o miles de seguidores y luego se encontraron con la exigencia de añadir su número de teléfono móvil a su cuenta. Si no lo hacían, su cuenta era bloqueada. No existe una razón técnica válida para tener un número de teléfono móvil en la cuenta, ya que muchos de estos servicios funcionaron exactamente igual durante muchos años antes de que tales exigencias se volvieran comunes.

  Las personas no consienten libremente compartir sus números de teléfono con Mark Zuckerberg y Elon Musk. Los servicios han sido corrompidos para engañar a sus usuarios con estas exigencias.

  Es significativo que esta cultura de emboscar y coaccionar a las personas se haya extendido a la sociedad. En Australia, Chanel Contos inició una petición/diario muy publicitada con historias de mujeres de escuelas privadas de élite que se sintieron emboscadas, intimidadas y obligadas a tener encuentros físicos no deseados.

  Irónicamente, la señorita Contos hizo públicas sus preocupaciones a través de las mismas plataformas que están socavando nuestra comprensión del consentimiento y la privacidad.

  La propia iglesia ha tenido que hacer un profundo examen de conciencia sobre temas de consentimiento y abuso de poder. Esto la coloca en una posición interesante, donde podemos afirmar que, incluso considerando algunas de las revelaciones más impactantes sobre el abuso, los responsables son el mal menor en comparación con los amos de Silicon Valley.

  Es notable la rapidez con la que las instituciones de Silicon Valley han abandonado todos los controles y contrapesos, y han optado por hacer lo que les place. La Iglesia Católica y otras instituciones religiosas ahora pueden aprovechar lo aprendido del análisis crítico de sus propios errores y advertir a la sociedad sobre la estupidez que sería repetir el mismo camino con estos gánsteres digitales.

  La tecnología digital es mucho más que medios de control social

  La iglesia no es ajena a la tecnología. Las primeras imprentas se instalaron en los templos. Caxton instaló la primera imprenta de Inglaterra en la Abadía de Westminster. Otros lugares fueron Oxford y la Abadía de St. Alban. Antes de la imprenta, leer y escribir eran actividades reservadas a los clérigos, y muchas de sus obras solo existían en latín. La imprenta permitió la producción masiva de biblias en alemán e inglés. Esto, a su vez, tuvo un gran impacto en la estandarización del idioma, así como en la estandarización de las actitudes morales que Silicon Valley está destruyendo. La versión King James de la Biblia es ampliamente reconocida por su impacto en el idioma inglés.

  La estandarización del lenguaje fue solo un efecto secundario de esta invención. La reforma fue otro. A medida que la gente adquirió libros y el poder de la lectura, se volvió menos dependiente del clero.

  De igual manera, los medios de control social actuales están impactando nuestra cultura, para bien o para mal. Así como la imprenta facilitó la reforma, los medios de control social podrían conducir a nuevos cambios en la forma en que los humanos nos organizamos en torno a las estructuras y creencias religiosas. Los amos de Silicon Valley están considerando activamente estos roles para sí mismos. Elon Musk incluso se ha disfrazado de Satanás. Si la Iglesia Católica no ofrece una alternativa convincente a estos cambios de poder, se la arrebatarán.

  

   

  Frances Haugen (denunciante de Facebook): Casi nadie fuera de Facebook sabe lo que ocurre dentro de Facebook. La dirección de la compañía oculta información vital al público, al gobierno de Estados Unidos, a sus accionistas y a gobiernos de todo el mundo. Los documentos que he proporcionado demuestran que Facebook nos ha engañado repetidamente sobre lo que revela su propia investigación sobre la seguridad infantil, su papel en la difusión de mensajes de odio y polarización, y mucho más.

  Mientras que las generaciones anteriores recurrían a clérigos en busca de consejo, y luego leían la Biblia, los jóvenes de hoy recurren a un motor de búsqueda, y mañana podrían depositar su fe en la inteligencia artificial. Ya podemos ver evidencia de que los motores de búsqueda, las redes sociales de control y los bots de IA conducen a las personas a mayores niveles de conflicto con sus vecinos o las llevan por caminos oscuros de aislamiento, autolesión y suicidio.

  Recursos de la Iglesia Católica relevantes para el entorno digital

  La Iglesia Católica tiene un papel importante en la educación y las escuelas, por lo tanto, la Iglesia puede ver el impacto de los medios de control social y puede imponer prohibiciones a los niños y brindar capacitación al personal y a los padres.

  Los docentes, tanto empleados de la Iglesia como del Estado, han reportado un aumento del acoso escolar por parte de padres que se agrupan en aplicaciones de mensajería. En un caso reciente, la policía británica envió a seis agentes para humillar a un padre que había usado WhatsApp para protestar contra la escuela local. El conflicto, la naturaleza conflictiva de este entorno y el enorme desperdicio de recursos policiales son consecuencias de la forma en que se diseña y utiliza la tecnología en la sociedad. Cada incidente como este ofrece una perspectiva sobre las oportunidades que tiene la Iglesia Católica para preguntarse: "¿Hay una mejor manera?".

  Las palabras de Frances Haugen ayudan a explicar por qué seis policías sitiaron a los padres de niños pequeños:

  Vi que Facebook se enfrentaba repetidamente a conflictos entre sus propios beneficios y nuestra seguridad. Facebook siempre resolvía esos conflictos a favor de sus propios beneficios. El resultado ha sido un sistema que amplifica la división, el extremismo y la polarización, y que debilita a las sociedades de todo el mundo.

  La Iglesia Católica es un importante empleador en muchos países. Esto le otorga la capacidad de tomar decisiones sobre el uso de teléfonos móviles y aplicaciones de mensajería en la relación empleador-empleado. Un empleador no puede prohibir a sus empleados el uso de estos dispositivos en su tiempo libre, pero sí puede decidir eliminar cualquier uso oficial de estos recursos con fines laborales. La relación empleador-empleado ofrece otra oportunidad para capacitar sobre la importancia de la dignidad humana por encima de las exigencias de nuestros dispositivos.

  La agenda pública en el entorno digital, el aborto de nuestra especie

  Dado que muchos políticos y periodistas viven ahora a través de medios de control social , su capacidad para evaluar qué temas merecen debate público se ve fuertemente influenciada por los que supuestamente son tendencia en línea. Existe la idea de que los temas son tendencia en línea debido al interés público, mientras que la realidad es que los administradores de las plataformas en línea ejercen influencia para asegurar que algunos temas parezcan crecer orgánicamente, mientras que temas importantes pero inconvenientes quedan convenientemente ocultos en el torrente de noticias.

  En este contexto, la Iglesia Católica ofrece una vía alternativa para incluir temas en la agenda de debate público, independientemente de si un tema en particular parece ser tendencia o no. Este poder se utiliza con mayor frecuencia para temas relacionados con la doctrina de la Iglesia, como el cabildeo sobre el aborto, pero no hay razón para que la Iglesia no pueda utilizar los mismos recursos para presionar contra el aborto de la raza humana mediante IA.

  Ayuda a las víctimas de discriminación por parte de los señores de Silicon Valley y las turbas en línea

  La Iglesia Católica remonta sus orígenes a la persecución de Jesús y los mártires San Pedro y San Pablo.

  Pero dejemos de lado los ejemplos antiguos y vayamos a quienes, en tiempos más cercanos a nosotros, lucharon por la fe. Tomemos los nobles ejemplos de nuestra generación. Por celos y envidia, los pilares más grandes y justos de la Iglesia fueron perseguidos, llegando incluso a la muerte. Consideremos a los buenos apóstoles. Pedro, por envidia injusta, soportó no uno ni dos, sino muchos trabajos, y finalmente, tras dar su testimonio, partió al lugar de gloria que le correspondía. Por envidia, Pablo también mostró con su ejemplo el premio que se otorga a la paciencia: siete veces fue encadenado, desterrado y apedreado. Habiéndose convertido en heraldo, tanto en Oriente como en Occidente, obtuvo el noble renombre debido a su fe; y habiendo predicado la justicia al mundo entero, y habiendo llegado a los confines de Occidente, y habiendo dado testimonio ante gobernantes, finalmente partió del mundo y fue al lugar santo, convirtiéndose en el mayor ejemplo. de paciencia." (Primera epístola de Clemente a los Corintios, 5:1 - 5:7)

  Estas palabras describen la persecución de Pedro y Pablo bajo el emperador Nerón hace casi dos mil años.

  Hace ochocientos años llegó la Carta Magna y, con el tiempo, ha inspirado la Carta de Derechos de Estados Unidos, la Declaración Universal de Derechos Humanos y la abolición de la pena capital.

  Sin embargo, hoy vemos que los señores de Silicon Valley quieren tirar todo eso por la ventana y llevarnos de nuevo a la época de Nerón.

  Consideremos el artículo 27 de la Declaración Universal de Derechos Humanos :

  1. Toda persona tiene derecho a tomar parte libremente en la vida cultural de la comunidad, a gozar de las artes y a participar del progreso científico y de sus beneficios.
  2. Toda persona tiene derecho a la protección de los intereses morales y materiales que le correspondan por razón de las producciones científicas, literarias o artísticas de que sea autora.

  Al consultar los sitios web de proyectos de software libre conocidos como Debian y Fedora, vemos que proclaman abiertamente su deseo de censurar a ciertas personas. Cualquiera que se pronuncie sobre cuestiones éticas en nuestra industria ha sido objeto de estas extremas represalias ocasionalmente.

  Linus Torvals (fundador de Linux) fue expulsado de la DebConf . El Dr. Jacob Appelbaum fue objeto de rumores falsos de conducta sexual inapropiada . El Dr. Richard Stallman fue crucificado mediante una petición en línea en la Pascua de 2021. Un profesor rival, Gunnar Wolf, convocó a una votación la noche del Jueves Santo, el mismo día en que Judas traicionó a Jesús . Cuando defendí las libertades civiles del Dr. Stallman, la misma turba simplemente se volvió contra mí.

  El Dr. Peter Eckersley y yo fuimos compañeros de clase en la Universidad de Melbourne. El Dr. Eckersley fue el principal científico informático de la Fundación Frontera Electrónica y, posteriormente, director de investigación de la Alianza para la IA. Tras su fallecimiento, restauré sus entradas de blog sobre el uso militar de la IA, y la propia EFF censuró los enlaces a estos blogs, lo que dio lugar a una nueva demanda por derechos civiles en la que, curiosamente, la EFF y Google se encuentran juntos en el banquillo de los acusados .

  Las similitudes entre estos casos y la creciente lista de víctimas son prueba clara de que no son aleatorios. Existe un esfuerzo coordinado para reducir o eludir los derechos civiles. Si existe un espacio o un mundo digital, es inquietantemente similar al mundo donde los emperadores romanos recurrían a ejecuciones espantosas para perpetuar el control mediante el miedo.

  La Iglesia Católica puede buscar a las víctimas que han sido canceladas, a las víctimas que han sido expulsadas de sus plataformas y a quienes tienen algo que decir sobre la dignidad humana en la era de la IA. Sean o no católicas , las preocupaciones que expertos independientes han estado intentando investigar y difundir deben ser puestas por encima del ruido de los departamentos de relaciones públicas.

  Al mismo tiempo, el terrible impacto infligido a nuestras familias a menudo queda oculto a la vista del público.

  Los niños en el entorno digital

  Es revelador que hayamos encontrado tácticas muy similares utilizadas por Harvey Weinstein y Chris Lamb, ex líder del Proyecto Debian.

  Esto es significativo porque Lamb se formó a través del Google Summer of Code y recibió financiación de Google, incluyendo un cuantioso pago de 300.000 dólares poco antes de que tres víctimas revelaran el escándalo. A pesar de la promesa de transparencia de Debian, el dinero no se reveló hasta seis meses después y el nombre de Google nunca se ha relacionado públicamente con las cifras.

  Cuando a Weinstein le preocupaba el comportamiento de algunas mujeres, difundía rumores desagradables sobre su "comportamiento" a otras personas de la industria. Hay algo de esnobismo en estas actitudes hacia el comportamiento humano.

  Cuando las mujeres presentaron denuncias a la policía, el director de cine Peter Jackson habló y confirmó que Weinstein había estado usando estos trucos sucios , difundiendo rumores sobre el comportamiento de las mujeres que no eran lo suficientemente sumisas para su gusto.

  "Recuerdo que Miramax nos dijo que era una pesadilla trabajar con ellos y que debíamos evitarlos a toda costa. Esto fue probablemente en 1998", dijo Jackson.

  En ese momento, no teníamos motivos para cuestionar lo que nos decían, pero en retrospectiva, me doy cuenta de que es muy probable que se tratara de la campaña de desprestigio de Miramax en pleno apogeo.

  Diversas personas han dado a conocer que Chris Lamb hacía exactamente lo mismo en su puesto en Debian. Según la ley de derechos de autor, los coautores no tienen ninguna obligación con la persona elegida para servir como Líder del Proyecto Debian en cada momento. Todos somos iguales.

  Asunto: Re: Estado del desarrollador de Debian
  Fecha: mar., 18 dic. 2018 10:36:09 +0900
  De: Norbert Preining <norbert@preining.info>
  Para: Daniel Pocock <daniel@pocock.pro>
  
  Hola, Daniel,
  
  Incluso si, pasar por una demanda como esta en el Reino Unido es algo fuera de lo común.
  Mis capacidades y posibilidades financieras.
  Pero me temo que Lamb en realidad también arruinó una solicitud para un
  empresa en Nueva York, un trabajo relacionado con Debian. Si eso ha sucedido, y puedo...
  Si lo documentara razonablemente, consideraría una demanda por difamación.
  
  > Lamb reside en el Reino Unido y envía correos electrónicos desde el Reino Unido.
  > https://regainyourname.com/news/ciberbullying-ciberacecho-y-acoso-en-linea-un-estudio-del-Reino-Unido/
  
  Gracias por los enlaces, los tendré en cuenta.
  
  Norberto
  
  --
  PREINING Norbert http://www.preining.info
  Accelia Inc. + JAIST + TeX Live + Desarrollador Debian
  GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
  

  Aún más inquietante, Lamb comenzó sus ataques contra mi familia justo cuando el cardenal George Pell fue condenado en 2018. Mi primo segundo había sido miembro del antiguo coro del cardenal George Pell en Melbourne. Lamb y sus cómplices, financiados por Google, difundieron rumores anónimos sobre abusos.

  Varias personas presentaron pruebas de que Lamb se comportaba como Weinstein, difundiendo rumores a nuestras espaldas. Cuando el Dr. Preining y yo hablamos, una tercera víctima vio el escándalo y se identificó públicamente el día de Navidad:

  Asunto: Re: Censura en Debian
  Fecha: mar., 25 dic. 2018 23:44:38 +0100
  De: martin f. krafft
  Organización: El proyecto Debian
  Para: debian-project@lists.debian.org
  
  Hola proyecto,
  
  Es muy triste leer lo que está pasando.
  
  Sé que ha habido al menos otro caso, en el que DAM y AH
  Han actuado fuera de su mandato, amenazando con proyectos
  expulsión y elegir de forma muy selectiva con quién comunicarse.
  Lo sé, porque me estaban tomando como blanco.
  
  Ni DAM ni AH (las mismas personas que siguen activas hoy en día) hicieron...
  Un solo intento de escucharme. Ninguno de mis correos electrónicos a DAM ni a AH
  fueron respondidas alguna vez.
  
  En cambio, DAM dictó un veredicto e influyó en otras personas para que...
  punto de que "porque DAM gobernaba" se dio como razón para otros
  medidas. Esto fue un abuso inconstitucional de los poderes de DAM, y en
  En el caso de AH, todo el embrollo también rozaba la difamación. Entre otros,
  El actual DPL Chris Lamb prometió una revisión a su debido tiempo, pero
  Nunca pasó nada.
  
  ... [ recorte ] ...
  

  Pero si no es seguro para los ingenieros que crean esta tecnología, ciertamente no es seguro para los niños.

  El 5 de octubre de 2021, planteé la preocupación por los niños en esta cultura con el informe Google, FSFE y trabajo infantil .

  Red Hat , subsidiaria de IBM desde 2019, inició acciones legales para censurar y desacreditar mis preocupaciones. Me acusaron de mala fe por publicar ese artículo. Sin embargo, el panel legal dictaminó que Red Hat me estaba acosando y que había abusado del procedimiento administrativo.

  La ironía, claro, es que los Cardenales llevan sombreros rojos, como el nombre de la empresa Red Hat , que fue descubierta abusando de mí. Chris Lamb, de Debian, fue quien inició los rumores sobre mi familia cuando el Cardenal Pell fue condenado.

  La forma en que esto se entrelazó con nuestras vidas y nuestra fe, los rumores de abuso tras la condena del difunto cardenal Pell, mi visita a los Carabineros el día de la muerte del cardenal, el día de la boda, el Domingo de Ramos, siendo un suicidio imitador (sin confirmar), la crucifixión del Dr. Stallman en Pascua y los linchamientos navideños de Debian, es asombroso. Como dicen en las películas de crímenes, sigue el dinero.

  

   

  El entorno digital somete a los feligreses a la vigilancia de terceros

  La Iglesia Católica nació de la persecución y hay que recordar que la vigilancia es una piedra angular de la persecución.

  El hecho de que los servicios más grandes, como Google, Facebook y Twitter, sean aparentemente gratuitos es una prueba de que obtienen todos sus beneficios de su capacidad de ejercer una vigilancia y manipulación eficaces de la población.

  En una época, la Iglesia cumplía funciones similares. Los fieles se sometían a una forma de vigilancia mediante el sacramento de la confesión, donde recibían consejo de su sacerdote. Los sacerdotes buscaban ejercer cierta influencia desde el púlpito, con la amenaza de excomunión y, de vez en cuando, la inquisición o persecución de algún adelantado a su tiempo, como Galileo.

  Si las empresas tecnológicas pueden aproximar todas estas funciones tan efectivamente con algoritmos, corremos el riesgo de que la religión se vuelva redundante.

  Por lo tanto, intentar desempeñar el papel de la Iglesia a través de un medio que sustituye el papel de la religión es muy parecido a cavar la propia tumba.

  A través de una serie de investigaciones públicas y denuncias, hemos escuchado hasta qué punto estos señores están despojando nuestra dignidad. Su objetivo es anticipar cada una de nuestras decisiones, influir en con quién hablamos, en cómo votamos y hasta el último centavo de nuestro presupuesto.

  Si cada una de esas decisiones es controlada e incluso microgestionada por nosotros, con precisión científica, hasta el último centavo de nuestra cuenta bancaria cada mes, por la influencia de algoritmos, ¿qué espacio queda en nuestra conciencia para la influencia del Evangelio?

  Misión: seguir siendo relevante

  Por lo tanto, la pregunta asignada al grupo de trabajo sobre la misión en el entorno digital podría reformularse así: ¿cómo puede la religión, sea cual sea su naturaleza, seguir siendo relevante?

  Hoy en día, para muchas familias de culturas adineradas, la iglesia participa, por tradición, en la celebración de bodas, funerales y, a veces, en la educación de los niños.

  Para que la iglesia pueda empoderar a los feligreses con la tecnología, en lugar de perderlos a causa de la tecnología, necesitamos hacer preguntas sobre algunos de los temas planteados por el movimiento del software libre.

  Cómo garantizar que cada persona tenga control total sobre sus dispositivos, incluido el derecho a repararlos y a cambiar el sistema operativo.

  Desarrollar estrategias para proteger a las personas de los riesgos de la tecnología. Por ejemplo, las redes sociales de control permiten que grupos pequeños pero muy ruidosos causen un daño intenso a sus víctimas mediante la difusión deliberada y repetida de chismes y difamaciones. Cada vez es más difícil garantizar que ninguna persona o minoría sea excluida por las venganzas en línea. ¿Cómo brindar apoyo a las personas que son blanco de estas personas tóxicas? ¿Cómo garantizar que cada persona y grupo pueda expresarse?

  Misión: proteger a la sociedad de los mismos errores

  Australia pasó por el proceso de crear una Comisión Real para investigar los abusos cometidos por diversas instituciones, incluida la Iglesia. Sin embargo, fue demasiado tarde para muchas de las personas que fallecieron o perdieron a sus familiares, su salud y sus carreras. ¿No sería fantástico realizar intervenciones tan contundentes antes, y no después, de los catastróficos fracasos? Ya es hora de que se aplique el mismo nivel de escrutinio a los jefes de los medios de comunicación que controlan las redes sociales y a la explotación y manipulación del público en múltiples niveles.

  Conclusión

  Los medios de control social se están convirtiendo rápidamente en una fachada para la inteligencia artificial. Como nos ha sugerido la prueba de Turing (juego de imitación) desde 1949, es inevitable que cada nueva iteración de este fenómeno se vuelva cada vez más indistinguible de la realidad. Por ello, podría presentarse no solo como un sustituto de los demás seres humanos, sino como una alternativa a la iglesia. La gente podría ser engañada para aceptarla como su dios. En otras palabras, los medios de control social podrían volver irrelevante a la iglesia y, después de eso, podrían continuar haciendo irrelevante a la humanidad.

  Solo mira cómo me hacen muecas tras la muerte de mi padre. La grosería que sufro casi a diario empezó en un momento de duelo. A la gente se le inculca que deje de lado incluso el respeto más básico por la dignidad humana, el respeto por la familia en momentos de duelo, y se convierte en otra oportunidad para usarnos mutuamente como pasatiempo. Este aspecto de mi vida fue creado enteramente por los medios de control social y las personas que definen ese espacio en mi propia profesión.

  En su testimonio ante el Congreso, Frances Haugen nos dijo:

  Creo que lo que hice fue correcto y necesario para el bien común, pero sé que Facebook tiene recursos infinitos que podría usar para destruirme.

  En 2018, asistí al Foro de la ONU sobre Empresas y Derechos Humanos en Ginebra, donde hice algunos breves comentarios sobre la posibilidad de que Facebook y Twitter cayeran en malas manos. El Foro de la ONU coincidió con la consideración de los cargos contra el cardenal George Pell por parte del jurado. Pell fue condenado y estas plataformas de control social se llenaron de rumores sobre mi familia y sobre mí, el mismo fenómeno al que la propia Haugen parece temer.

  En 2022, podemos ver que Software in the Public Interest, Inc. gastó más de $120,000 en honorarios legales para atacar a mi familia y a mí .

  Aquí está el video con los comentarios que hice en el Foro de la ONU. Hablé apenas cuarenta y tres segundos y gastaron 120.000 dólares en atacar a mi familia.

• Daniel Pocock Social Control Media, Technology & Catholicism: Synod on Synodality review and feedback

  The late Pope Francis asked a group of approximately four hundred bishops to work together from 2021 to 2024 on a review of how people of Catholic faith interact and advance as a movement. In formal terms, this committee of bishops was given the title Synod on Synodality. The term Synod is used widely in all Christian religions to refer to committees, boards or meetings of those groups at any level of the church heirarchy. The term Synodality is specific to the Catholic Church. The Synod has an official web page where they attempt to explain Synodality.

  Various working groups were created on a wide range of topics. In this review, I am only looking at working group three, which examined the topic the mission in the digital environment. I then go on to provide some of my own evidence about the topics the working group is considering.

  There is another working group that looked at the topic of polygamy. The psychology and neuroscience of social control media usurps our relationships in such a way that some people feel Facebook's algorithms are exerting as much influence as a third person in their marriage. I created a separate blog post to look at the evidence concerning the phenomena of polygamy and cyberpolygamy. Given how pervasive these technologies are becoming, it is essential reading alongside the content in this analysis.

  In a recent news report unrelated to the Synod, the diocese of Paderborn (central/northern Germany) announced they will try to use TikTok to engage with youth. The scope of working group three is very broad and is not only about social control media platforms. I feel the scope covers all forms of digital technology.

  Even amateur radio packet repeaters are in scope although amateur radio licensing doesn't allow the explicit transmission of religious material.

  The Vatican was an early adopter of shortwave radio. Pope Leo XIV and Monsignor Lucio Adrian Ruiz, secretary of the Dicastero per la Comunicazione visited Vatican Radio's broadcasting facility this week:

  

   

  Reading the outputs from both the working group and the overall Synod, I feel that the church as a whole did not decide to either embrace or reject social control media. They are acknowledging that it is part of the digital landscape and trying to decide how the church relates to it.

  How the Synod process evolved at a high level

  Before delving into the details, here is an overview of the process and the reports that came out at different times, with direct links to the translated editions.

  The main web site for the Synod is at www.Synod.va and it is available in various languages. It appears that the content was created in Italian and translated to English and other languages. This makes it a little bit more difficult to read.

  There was an extended gathering in Rome in October 2023 where an initial draft report was produced.

  • October 2023 interim report
  • one of many blogs about the interim report

  The bishops came back to Rome again in October 2024 and produced a final report from the Synod.

  • October 2024 final report (English translation)
  • October 2024 final report (Italian)
  • NCR news report about the final report

  The Vatican published the late Pope Francis's greeting at the conclusion of the Synod. News reports quickly appeared about the Pope's intervention.

  They also published some images and videos.

  Key points from the final report as it relates to the digital environment

  At point 58, the report notes that Christians may be attempting to proclaim the Gospel through their participation in a digital environment.

  58. ... Christians, each according to their diverse roles - within the family and other states of life; in the workplace and in their professions; engaged civilly, politically, socially or ecologically; in the development of a culture inspired by the Gospel, including the evangelisation of the digital environment - walk the paths of the world and proclaim the Gospel where they live, sustained by the gifts of the Spirit.

  59. In doing so, they ask the Church not to abandon them but rather to enable them to feel that they are sent and sustained in mission.

  This point appears to encourage the church to contemplate the situation faced by those under the influence of a digital environment but it does not necessarily imply the digital environment is good or bad.

  At point 112, concerning mobility, which includes people from all levels of society, the report notes:

  Some maintain strong bonds with their country of origin, especially with the help of digital media, and thus can find it difficult to form connections in their new country; others find themselves living without roots.

  This is an excellent observation. In Europe, I've met couples who have relationships entirely dependent upon devices they use for automated machine translation. When new people arrive in town, the WhatsApp culture encourages neighbors to spend weeks or months talking behind their backs without ever looking them in the eye.

  113. The spread of digital culture, particularly evident among young people, is profoundly changing their experience of space and time; it influences their daily activities, communication and interpersonal relationships, including faith. The opportunities that the internet provides are reshaping relationships, bonds and boundaries. Nowadays, we often experience loneliness and marginalisation, even though we are more connected than ever. Moreover, those with their own economic and political interests can exploit social media to spread ideologies and generate aggressive and manipulative forms of polarisation. We are not well prepared for this and ought to dedicate resources to ensure that the digital environment becomes a prophetic space for mission and proclamation. Local Churches should encourage, sustain and accompany those who are engaged in mission in the digital environment. Christian digital communities and groups, particularly young people, are also called to reflect on how they create bonds of belonging, promoting encounter and dialogue. They need to offer formation among their peers, developing a synodal way of being Church. The internet, constituted as a web of connections, offers new opportunities to better live the synodal dimension of the Church.

  This paragraph acknowledges the dangers of digital technology, especially social control media and the key words are "We are not well prepared for this". Yet it suggests that local churches should "encourage" more of these online risks. I don't feel the word "encourage" is the right word to use but I don't think they should discourage either.

  149. The synodal process has insistently drawn attention to some specific areas of formation of the People of God for synodality. The first of these concerns the impact of the digital environment on learning processes, concentration, the perception of self and the world, and the building of interpersonal relationships. Digital culture constitutes a crucial dimension of the Church’s witness in contemporary culture and an emerging missionary field. This requires ensuring that the Christian message is present online in reliable ways that do not ideologically distort its content. Although digital media has great potential to improve our lives, it can also cause harm and injury through bullying, misinformation, sexual exploitation and addiction. Church educational institutions must help children and adults develop critical skills to safely navigate the web.

  These comments are very relevant and very consistent with my own testimony, some of which is reproduced later in this report.

  150. Another area of great importance is the promotion in all ecclesial contexts of a culture of safeguarding, making communities ever safer places for minors and vulnerable persons.

  When I raised this topic in the free software communities, my family was attacked ruthlessly. See the emails I sent at the end of 2017 and comments about IBM Red Hat later in this report.

  Sources related to working group three, the mission in a digital environment

  The Synod.va web site published a list of all the working groups. The web site includes a brief video about each group and a link to their most recent reports.

  The video for working group three lasts a little bit less than two minutes. Here are some of the key quotes and my own observations:

  "Today, people, especially the young, have learnt to live simultaneously and seamlessly in both digital and physical spaces."

  I feel that statement is quite wrong. People have learnt how to use digital spaces. One recent research report suggests that nearly seventy percent of young people feel bad after using social media. In other words, they feel pressured into using it. Therefore, they are not living seamlessly. People are suffering.

  The statements made in the video are not the statements presented in the final report. We will get to that. Nonetheless, whenever social control media is mentioned, there is a tendency for people to make these generalisations about being unable to live without it. Every time we see a statement like this, it is important to challenge it.

  "How does the church use and approriate the digital culture?"

  The rhetorical question is interesting. In reality, the Silicon Valley overloads use and appropriate any content that we give them. The church doesn't use them, they use us. How do you think they got so rich?

  A better question might be "how does the church complement the shortcomings of digital cultures?".

  Let's not forget, one of the other engineers died on our wedding day and it was Palm Sunday, the day Jesus wept as he arrived in Jerusalem.

  On the page listing the working groups, they provide a link to a three page progress report from working group three. Here is an interesting quote from the late Pope Francis that was repeated by the working group:

  "This environment is now “indistinguishable from the sphere of everyday life.”",

  Pope Francis was a smart guy and he had some smart people around him, including the late Cardinal Pell. We can trace that quote right back to the thinking of Alan Turing. Turing is considered to be the grandfather of computer science and a martyr. Turing gave us exactly the same concept in the legendary Turing test, which Turing himself called the imitation game in 1949.

  Another way to interpret this phenomena is to say that the masses have been brainwashed by the Silicon Valley overlords.

  When Facebook whistleblower Frances Haugen gave us the low down in her testimony to Congress:

  The choices being made by Facebook’s leadership are a huge problem — for children, for public safety, for democracy — that is why I came forward. And let’s be clear: it doesn’t have to be this way. We are here today because of deliberate choices Facebook has made.

  The summary from the working group goes on...

  "To proclaim the Gospel effectively in our contemporary culture, we must discern the opportunities and challenges presented by this new dimension of the “place”"

  That particular quote acknowledges that there are both opportunities and challenges. The jubilee year is all about hope and I really hope the working group members are reading the stuff from whistleblowers, child psychologists and even coroners who are warning us about the impact of Facebook and their ilk.

  Nonetheless, the report includes the phrase "greater immersion" and I feel the church should not assume "greater immersion" is a default course of action.

  The summary also touches on the concept of jurisdiction. The Catholic Church has traditionally organized itself on a geographical basis. The Internet allows people to connect and form virtual communities without any geographical connection.

  On a sidenote, in the days before the Internet, the church was able to move high-risk priests from a parish on one side of the city to the other side of the city and not worry about anybody joining the dots. I went through the papers from Australia's Royal Commission meticulously and found this note from the legendary Father X___:

  That means that if anyone in Australia, learning that Father Z___ had treatment because of something that happened in Boston and going there to find out, would run into a dead end.

  The letter in question was penned just before the Internet came onto public consciousness. Looking at those words today, it is a stark reminder about how the Internet is tipping life on its head.

  The working group goes on to comment that they are seeking "practical recommendations or proposals" from across the community, on any topic related to the Church's mission in the digital environment.

  People engaged in the free software movement, whether they are Catholic or not, can contact their local diocese to find out who is locally coordinating the response to these challenges.

  Another phrase that caught my eye:

  "today we live in a digital culture"

  Not exactly. Some people would say that a digital culture is being imposed on us. Institutions like politics and the media are hooked on it and they put it up on a pedestal. Therefore, it is even more vital that other institutions, such as the church, take the role of questioning everything about digital culture and also maintaining viable alternatives.

  Life without mobile phones, life without apps

  Mobile phones and apps are closely related. There are some people who choose to live without a smart phone, in other words, they only have half the problems of a full mobile phone. Some people also choose to have smart phones without the Google or Apple app store, for example, people who install the Replicant or LineageOS and use the F-Droid app store to limit their phone to ethical apps.

  In practical terms, there are people who are unable to navigate their home town without using their phone. An interesting question arises for the church, what proportion of followers are unable to identify the most direct route from their home to their closest church without looking at an app? It would be interesting to analyze the responses based on various factors such as age and years of residence in the parish.

  Another key question, closely related to the above, is how many parishioners can recall regular mass times and key events in the parish calendar without looking at their phone? It is great to have this information visible on the parish web site, nonetheless, when people are truly engaged in the parish and the community, this information will be committed to memory. The more pervasive this information is in a community, the more resilient the community.

  Authentication systems undermining human dignity

  Today we frequently see companies insisting they need to have our mobile phone numbers to "authenticate" us or to "sign" documents by text message.

  This type of thing is particularly creepy. Many people are familiar with the Nazi-era practice of burning identification numbers into the skin of Jewish prisoners. Mobile phone numbers serve a similar functional purpose. Even though the numbers are not physically burnt into our skin, it is often inconvenient for people to change their number.

  There are many closely related phenomena, including web sites demanding users authenticate themselves from a Gmail or Facebook account.

  At the level of the church, the state, education, health care and financial services, it is vital to ensure everybody can participate in the way they want to without giving up their dignity.

  The church needs to become just as vocal about these topics as it is about themes such as abortion.

  Need to emphasize consent

  Concerns about consent and coercion have become a big topic in the world today. Ironically, the social control media platforms pretending to help give women a platform are violating the principle of consent in so many other ways.

  Consider, for example, people who spent time creating a profile on Facebook or Twitter, sometimes over many years, connecting with hundreds or thousands of followers and then being confronted with the demand to add their mobile phone number to their account. If they don't add their mobile phone number, their account is blocked. There is no genuine technical reason to have a mobile phone number in the account as many of these services worked exactly the same way for many years before such demands became commonplace.

  People are not freely consenting to share their phone numbers with Mark Zuckerberg and Elon Musk. The services have been bastardized to ambush their users with these demands.

  Significantly, this culture of ambushing and coercing people trickles down into society. In Australia, Chanel Contos started a highly publicized petition/journal with stories from women at elite private schools who felt they had been ambushed, bullied and coerced into unwanted physical encounters.

  Ironically, Miss Contos publicized her concerns through the very same platforms that are undermining our understanding of consent and privacy.

  The church itself has had to do a lot of soul searching on topics of consent and abuses of power. This puts the church in an interesting position where we can say that even considering some of the most shocking revelations about abuse, those responsible are the lesser evil compared to the overlords in Silicon Valley.

  It is remarkable how quickly the institutions of Silicon Valley have abandoned all checks and balances and seen fit to do as they please. The Catholic Church and other religious institutions can now take what they have learnt from the critical analysis of their own mistakes and warn society how stupid it would be to go down the same path again with these digital gangsters.

  Digital technology is much more than social control media

  The church is not new to technology. Early printing presses were installed in church premises. Caxton installed England's first press at Westminster Abbey. Other sites included Oxford and St Alban's Abbey. Prior to the printing press, reading and writing were activities reserved for clerics and many of their works only existed in Latin. The printing press enabled the mass production of bibles in German and English languages. This, in turn, had a huge impact on the standardization of the language just as it helped standardize the moral attitudes that Silicon Valley is ripping out underneath us. The King James Version of the bible is widely recognized for its impact on the English language.

  The standardization of language was only one side-effect of this invention. The reformation was another. As people gained books and the power of reading, they became less dependant upon the clerics.

  Likewise, social control media today is having an impact on our culture, for better or worse. Just as printing presses enabled the reformation, social control media may lead to further changes in the way humans organize ourselves around religious structures and beliefs. The overlords in Silicon Valley are actively contemplating these roles for themselves. Elon Musk has even dressed up as Satan. If the Catholic Church doesn't offer a compelling alternative to these power shifts then it will be taken out of the church's hands.

  

   

  Frances Haugen (Facebook whistleblower): almost no one outside of Facebook knows what happens inside Facebook. The company’s leadership keeps vital information from the public, the U.S. government, its shareholders, and governments around the world. The documents I have provided prove that Facebook has repeatedly misled us about what its own research reveals about the safety of children, its role in spreading hateful and polarizing messages, and so much more.

  Whereas previous generations went to clerics for advice, followed by reading the bible themselves, the youth today go to a search engine and tomorrow people may be putting their faith in artificial intelligence. We can already see evidence of search engines, social control media and AI bots guiding people to increased levels of conflict with their neighbors or putting people on dark paths of isolation, self-harm and suicide.

  Catholic Church resources relevant to digital environment

  Catholic Church has a big role in education and schools, therefore, the church can see the impact of social control media and the church can enforce bans for children and provide training to staff and parents.

  Teachers, as employees of the church or the state, have reported a rise in bullying from parents who group together on messaging apps. In one recent case, British police sent six officers to humiliate a parent who had used WhatsApp to agitate about the local school. The conflict, the adversarial nature of this environment and the huge waste of police resources are all consequences of the way the technology is designed and used in society. Each incident like this provides an insight about opportunities for the Catholic Church to ask "is there a better way?".

  Words from Frances Haugen help explain the six police officers laying seige to the parents of small children:

  I saw that Facebook repeatedly encountered conflicts between its own profits and our safety. Facebook consistently resolved those conflicts in favor of its own profits. The result has been a system that amplifies division, extremism, and polarization — and undermining societies around the world.

  The Catholic Church is a large employer in many countries. This gives the church the ability to make decisions about the use of mobile phones and messaging apps in the employer/employee relationship. An employer can't prohibit staff from using these things in their personal time but they can decide to eliminate any official use of these gimmicks for work purposes. The employer/employee relationship provides another opportunity to provide training about the importance of human dignity above the demands of our devices.

  The public agenda in the digital environment, abortion of our species

  With many politicians and journalists now living their lives through social control media, their ability to evaluate which issues are worthy of public debate are heavily influenced by the issues that are supposedly trending online. There is a notion that issues are trending online as a consequence of public interest while the reality is the managers of online platforms exert influence to ensure some issues appear to grow organically while significant but inconvenient topics are conveniently buried in the flood of news.

  In this context, the Catholic Church provides an alternative route to put issues on the agenda for public discussion, regardless of whether a particular issue appears to be "trending" or not. This power is most often used for issues close to the church's teaching, such as lobbying about abortion, but there is no reason the church can't use the same resources to lobby against the abortion of the human race by AI.

  Aid for victims of discrimination by Silicon Valley overlords and online mobs

  The Catholic Church traces its origins to the persecution of Jesus and the martyrs Saint Peter and Saint Paul.

  "But let us pass from ancient examples, and come unto those who have in the times nearest to us, wrestled for the faith. Let us take the noble examples of our own generation. Through jealousy and envy the greatest and most just pillars of the Church were persecuted, and came even unto death. Let us place before our eyes the good Apostles. Peter, through unjust envy, endured not one or two but many labours, and at last, having delivered his testimony, departed unto the place of glory due to him. Through envy Paul, too, showed by example the prize that is given to patience: seven times was he cast into chains; he was banished; he was stoned; having become a herald, both in the East and in the West, he obtained the noble renown due to his faith; and having preached righteousness to the whole world, and having come to the extremity of the West, and having borne witness before rulers, he departed at length out of the world, and went to the holy place, having become the greatest example of patience." (first epistle of Clement to the Corinthians, 5:1 - 5:7)

  These words account for the persecution of Peter and Paul under the Emperor Nero almost two thousand years ago.

  Eight hundred years ago, the Magna Carta arrived and over time, it is has inspired the US Bill of Rights, the Universal Declaration of Human Rights and the abolition of capital punishment.

  Yet today we see the Silicon Valley overlords wish to throw all of that out the window and take us back to the time of Nero.

  Consider article 27 from the Universal Declaration of Human Rights:

  1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.
  2. Everyone has the right to the protection of the moral and material interests resulting from any scientific, literary or artistic production of which he is the author.

  When we look at the web sites of well known free software projects like Debian and Fedora, we see them openly proclaiming their desire to censor certain people. Anybody who speaks up about ethical issues in our industry has been subject to these extreme reprisals from time to time.

  Linus Torvals (founder of Linux) was banned from DebConf. Dr Jacob Appelbaum was subject to falsified rumors of sexual misconduct. Dr Richard Stallman was subject to a crucifixion by online petition at Easter 2021. A rival professor, Gunnar Wolf, made the call for a vote on the night of Holy Thursday, the very day that Judas betrayed Jesus. When I spoke up to defend Dr Stallman's civil liberties, the same mob simply turned on me too.

  Dr Peter Eckersley and I were classmates at the University of Melbourne. Dr Eckersley was the Chief Computer Scientist of the Electronic Frontier Foundation and subsequently director of research at the Partnership on AI. After Dr Eckersley's death, I restored his blog posts about military use of AI and the EFF itself censored links to these blogs, giving rise to a new civil rights law suit where the EFF and Google are rather bizarrely sitting together in the dock as defendants.

  The similarities between these cases and the growing list of victims is clear proof that they are not random. There is a coordinated effort to roll back or circumvent civil rights. If a digital space or digital world does exist, then it is eerily similar to the world where Roman Emperors used grisly executions to perpetuate control through fear.

  The Catholic Church can seek out the victims who have been canceled, victims who have been de-platformed and people who have something to say about human dignity in the era of AI. Whether or not these people are Catholics or not, the concerns that independent experts have been trying to research and publicize need to be elevated above the noise from public relations departments.

  At the same time, the horrific impact inflicted on our families is often hidden from public view.

  Children in the digital environment

  It is telling that we found very similar tactics used by Harvey Weinstein and Chris Lamb, former leader of the Debian Project.

  This is significant because Lamb was trained through the Google Summer of Code and funded by Google, including a large payment of $300,000 shortly before three victims revealed the scandal. Despite Debian's promise of transparency, the money was only revealed more than six months later and Google's name is never publicly connected to the numbers.

  When Weinstein had concerns about the behavior of some women, he would send nasty rumors about "behavior" to other people in the industry. There's something snobby about these attitudes to human behavior.

  When women made complaints to the police, the film director Peter Jackson spoke up and confirmed Weinstein had been using these dirty tricks, spreading rumors about behavior of women who were not submissive enough for his liking.

  "I recall Miramax telling us they were a nightmare to work with and we should avoid them at all costs. This was probably in 1998," Jackson said.

  "At the time, we had no reason to question what these guys were telling us - but in hindsight, I realise that this was very likely the Miramax smear campaign in full swing."

  A range of people have come forward showing that Chris Lamb was doing exactly the same thing in his role at Debian. Under copyright law, co-authors do not have any obligation to the person elected to serve as Debian Project Leader from time to time. We are all equals.

  Subject: Re: Debian Developer status
  Date: Tue, 18 Dec 2018 10:36:09 +0900
  From: Norbert Preining <norbert@preining.info>
  To: Daniel Pocock <daniel@pocock.pro>
  
  Hi Daniel,
  
  even if, going through a lawsuite like this in the UK is out and above
  my abilities and financial possibilities.
  But I am scared that Lamb actually also hosed an application for a
  company in NY, a job related to Debian. If that has happened, and I can
  reasonably document it, I would consider a defamation law suite.
  
  > Lamb is a resident of the UK and sending emails from the UK
  > https://regainyourname.com/news/cyberbullying-cyberstalking-and-online-harassment-a-uk-study/
  
  Thanks for the links, I will keep them in mind.
  
  Norbert
  
  --
  PREINING Norbert                               http://www.preining.info
  Accelia Inc.     +    JAIST     +    TeX Live     +    Debian Developer
  GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
  

  Even more disturbing, Lamb started his attacks on my family at the very same time that Cardinal George Pell was convicted in 2018. My second cousin had been a member of Cardinal George Pell's former choir in Melbourne. Lamb and his co-conspirators, funded by Google, started anonymous rumors about abuse.

  Multiple people came forward with evidence that Lamb was behaving like Weinstein, spreading the rumors behind our backs. When Dr Preining and I spoke up, a third victim saw the scandal and identified himself publicly on Christmas Day:

  Subject: Re: Censorship in Debian
  Date: Tue, 25 Dec 2018 23:44:38 +0100
  From: martin f krafft 
  Organization: The Debian project
  To: debian-project@lists.debian.org
  
  Hello project,
  
  It's very sad to read about what's going on.
  
  I know that there's been at least another case, in which DAM and AH
  have acted outside their mandate, threatening with project
  expulsion, and choosing very selectively with whom they communicate.
  I know, because I was being targeted.
  
  Neither DAM nor AH (the same people still active today) made
  a single attempt to hear me. None of my e-mails to either DAM or AH
  were ever answered.
  
  Instead, DAM ruled a verdict, and influenced other people to the
  point that "because DAM ruled" was given as a reason for other
  measures. This was an unconstitutional abuse of DAM's powers, and in
  the case of AH, the whole mess also bordered on libel. Among others,
  the current DPL Chris Lamb promised a review in due time, but
  nothing ever happened.
  
  ... [ snip ] ...
  

  Yet if it is not safe for the engineers who make this technology, it is certainly not safe for kids.

  On 5 October 2021, I raised the concerns about children in this culture with the report Google, FSFE & Child Labor.

  Red Hat, a subsidiary of IBM since 2019, started legal action to censor and discredit my concerns. They accused me of bad faith for publishing that article. Yet the legal panel ruled that Red Hat was harassing me and engaged in an abuse of the the administrative procedure.

  The irony, of course, is that the Cardinals wear red hats, like the name of the company Red Hat who were found to be abusing me. Chris Lamb at Debian had started the rumors about my family when Cardinal Pell was convicted.

  The manner in which this intersected our lives and our faith, the abuse rumors after the late Cardinal Pell's conviction, my visit to the Carabinieri on the day the Cardinal died, the wedding day, on Palm Sunday, being a copy-cat (unconfirmed) suicide, the crucifixion of Dr Stallman at Easter and the Debian Christmas lynchings, it is staggering. As they say in crime movies, follow the money.

  

   

  Digital environment subjects parishioners to third-party surveillance

  The Catholic Church was born out of persecution and it has to be remembered that surveillance is a cornerstone of persecution.

  The fact that the largest services, like Google, Facebook and Twitter are all ostensibly free is proof that they gain all of their profit from their ability to conduct effective surveillance and manipulation of the population.

  At one time, the church used to fulfil similar roles. Followers would submit themselves to a form of surveillance through the sacrament of confession, where they would receive counsel from their priest. Priests seek to exert some influence from the pulpet, with the threat of ex-communication and from time to time, the odd inquisition or persecution of somebody who was ahead of his time like Galileo.

  If tech companies can approximate all these functions so effectively with algorithms, we run the risk that religion becomes redundant.

  Therefore, attempting to perform the church's role through a medium that is substituting itself for the role of religion is a lot like digging one's own grave.

  Through a series of public inquiries and whistleblowers, we've heard the extent to which these overlords are stripping away our dignity. Their goal is to anticipate our every decision, influence who we talk to, influence how we vote and influence every last cent in our budget.

  If every one of those decisions is controlled and even micromanaged for us, with scientific precision, right down to the last cent in our bank account each month, by the influence of algorithms, what space is left in our consciousness for the influence of the Gospel?

  Mission: remaining relevant

  Therefore, the question assigned to the working group about the mission in the digital environment could be rephrased as how does religion, of any nature, remain relevant at all?

  For many families in affluent cultures today, the church is engaged out of tradition for weddings, funerals and sometimes education for the children.

  For the church to empower parishioners with technology, rather than losing parishioners to technology, we need to ask questions about some of the topics raised by the free software movement.

  How to ensure each person has full control over their devices, including right to repair and right to change the operating system.

  Develop strategies to protect people from the risks of technology. For example, social control media allows small but very noisy groups to do intense harm to their victims with the deliberate and repeated spread of gossip and defamation. It is becoming harder and harder to ensure that no person or minority is excluded by online vendettas. How to provide support to people targetted by these toxic people? How to ensure that every person and group can take their turn to speak?

  Mission: protecting society from the same mistakes

  Australia went through the process of having a Royal Commission into abuses by a wide range of institutions, including the church. Yet that was too late for many of the people who have either died or lost their family members, health and careers. Wouldn't it be great to make such strong interventions before rather than after catastrophic failures have occurred? It is high time for the same level of scrutiny on social control media bosses and the exploitation and manipulation of the public on multiple levels.

  Conclusion

  Social control media is rapidly becoming a front for artificial intelligence. As the Turing test (imitation game) has suggested to us since 1949, it is inevitable that each new iteration of this phenomena will become more and more indistinguishable from reality. As such, it may present itself not only as a substitute for fellow human beings but as an alternative to the church. People may be duped into accepting it as their God. In other words, social control media may make the church irrelevant and after it does that, it may go on to make humanity irrelevant.

  Just look at the way people make faces at me after my father died. The rudeness I experience on an almost daily basis started at a time of grief. People are brainwashed to set aside even the most basic respect for human dignity, the respect for a family at a time of grief and it just becomes another opportunity to use each other for sport. This aspect of my life was entirely created by social control media and the people who are defining that space in my own profession.

  In her testimony to Congress, Frances Haugen told us:

  I believe what I did was right and necessary for the common good — but I know Facebook has infinite resources, which it could use to destroy me.

  In 2018, I attended the UN Forum on Business and Human Rights in Geneva, making some brief comments about Facebook and Twitter falling into the wrong hands. The UN Forum occurred at the same time the jury was considering the charges against Cardinal George Pell. Pell was convicted and these social control media platforms filled up with rumors about my family and I, the very phenomena Haugen herself seems to be afraid of.

  In 2022, we can see that Software in the Public Interest, Inc spent over $120,000 on legal fees attacking my family and I.

  Here is that video with the comments I made at the UN Forum. I spoke for barely forty three seconds and they spent $120,000 to attack my family.

• Matthew Garrett Why is there no consistent single signon API flow?

  Single signon is a pretty vital part of modern enterprise security. You have users who need access to a bewildering array of services, and you want to be able to avoid the fallout of one of those services being compromised and your users having to change their passwords everywhere (because they're clearly going to be using the same password everywhere), or you want to be able to enforce some reasonable MFA policy without needing to configure it in 300 different places, or you want to be able to disable all user access in one place when someone leaves the company, or, well, all of the above. There's any number of providers for this, ranging from it being integrated with a more general app service platform (eg, Microsoft or Google) or a third party vendor (Okta, Ping, any number of bizarre companies). And, in general, they'll offer a straightforward mechanism to either issue OIDC tokens or manage SAML login flows, requiring users present whatever set of authentication mechanisms you've configured.
  
  This is largely optimised for web authentication, which doesn't seem like a huge deal - if I'm logging into Workday then being bounced to another site for auth seems entirely reasonable. The problem is when you're trying to gate access to a non-web app, at which point consistency in login flow is usually achieved by spawning a browser and somehow managing submitting the result back to the remote server. And this makes some degree of sense - browsers are where webauthn token support tends to live, and it also ensures the user always has the same experience.
  
  But it works poorly for CLI-based setups. There's basically two options - you can use the device code authorisation flow, where you perform authentication on what is nominally a separate machine to the one requesting it (but in this case is actually the same) and as a result end up with a straightforward mechanism to have your users socially engineered into giving Johnny Badman a valid auth token despite webauthn nominally being unphisable (as described years ago), or you reduce that risk somewhat by spawning a local server and POSTing the token back to it - which works locally but doesn't work well if you're dealing with trying to auth on a remote device. The user experience for both scenarios sucks, and it reduces a bunch of the worthwhile security properties that modern MFA supposedly gives us.
  
  There's a third approach, which is in some ways the obviously good approach and in other ways is obviously a screaming nightmare. All the browser is doing is sending a bunch of requests to a remote service and handling the response locally. Why don't we just do the same? Okta, for instance, has an API for auth. We just need to submit the username and password to that and see what answer comes back. This is great until you enable any kind of MFA, at which point the additional authz step is something that's only supported via the browser. And basically everyone else is the same.
  
  Of course, when we say "That's only supported via the browser", the browser is still just running some code of some form and we can figure out what it's doing and do the same. Which is how you end up scraping constants out of Javascript embedded in the API response in order to submit that data back in the appropriate way. This is all possible but it's incredibly annoying and fragile - the contract with the identity provider is that a browser is pointed at a URL, not that any of the internal implementation remains consistent.
  
  I've done this. I've implemented code to scrape an identity provider's auth responses to extract the webauthn challenges and feed those to a local security token without using a browser. I've also written support for forwarding those challenges over the SSH agent protocol to make this work with remote systems that aren't running a GUI. This week I'm working on doing the same again, because every identity provider does all of this differently.
  
  There's no fundamental reason all of this needs to be custom. It could be a straightforward "POST username and password, receive list of UUIDs describing MFA mechanisms, define how those MFA mechanisms work". That even gives space for custom auth factors (I'm looking at you, Okta Fastpass). But instead I'm left scraping JSON blobs out of Javascript and hoping nobody renames a field, even though I only care about extremely standard MFA mechanisms that shouldn't differ across different identity providers.
  
  Someone, please, write a spec for this. Please don't make it be me.
  
  comments

June 23, 2025

• Daniel Pocock Poligamia, dal Sinodo cattolico sulla sinodalità ai media di controllo sociale e alla cyberpoligamia Debian

  Nel 2021, il defunto Papa Francesco ha avviato il Sinodo sulla sinodalità , un processo che si è concluso con una relazione finale nell'ottobre 2024.

  L' elenco dei gruppi di lavoro comprende un gruppo dedicato alle sfide della poligamia, soprattutto nelle regioni in cui la chiesa può reclutare nuovi seguaci che hanno già più partner in famiglia.

  Il gruppo di lavoro sulla poligamia ha prodotto un breve rapporto incentrato sulla sfida in Africa .

  Il rapporto finale del Sinodo dell'ottobre 2024 ha menzionato la poligamia solo una volta. A quanto pare, il gruppo di lavoro non ha individuato una via d'uscita su cui i vescovi potessero concordare e rimane un tema aperto per la Chiesa.

  Tra tutte le religioni cristiane, la Chiesa cattolica è una delle più severe in materia di poligamia. Catechismo della Chiesa Cattolica, par. 2387:

  La poligamia non è conforme alla legge morale. La comunione [coniugale] è radicalmente contraddetta dalla poligamia; questa, infatti, nega direttamente il disegno di Dio rivelato fin dal principio, perché è contraria alla pari dignità personale dell'uomo e della donna che nel matrimonio si donano con un amore totale e perciò unico ed esclusivo .

  Si noti che la parola esclusivo fa parte della definizione cattolica .

  Nel nostro mondo moderno, caratterizzato dal controllo sociale dei media e dall'intelligenza artificiale, il cervello delle persone viene riprogrammato e ciò ha un impatto diretto sul modo in cui le persone formano e percepiscono le relazioni.

  Si potrebbe sostenere che alcune persone sono ormai così totalmente coinvolte dal controllo sociale dei media da non avere più un legame mentale esclusivo con il loro partner nel mondo reale.

  Frances Haugen, informatrice di Facebook, ha rilasciato una testimonianza convincente al Congresso degli Stati Uniti :

  Facebook sceglie quali informazioni miliardi di persone vedono, plasmando la loro percezione della realtà. Anche chi non usa Facebook è influenzato dalla radicalizzazione di chi lo usa. Un'azienda che ha il controllo sui nostri pensieri, sentimenti e comportamenti più profondi ha bisogno di una vera supervisione.

  In altre parole, gli algoritmi di Facebook sono diventati una terza persona in molti matrimoni. Gli algoritmi di Facebook stanno integrando le decisioni dei genitori sui loro figli, e non in senso positivo.

  Ho visto che Facebook ha ripetutamente incontrato conflitti tra i propri profitti e la nostra sicurezza. Facebook ha sistematicamente risolto questi conflitti a favore dei propri profitti. Il risultato è stato un sistema che amplifica la divisione, l'estremismo e la polarizzazione, minando le società di tutto il mondo. In alcuni casi, questo pericoloso dibattito online ha portato a violenze vere e proprie che danneggiano e persino uccidono le persone. In altri casi, la loro macchina per ottimizzare i profitti sta generando autolesionismo e odio verso se stessi, soprattutto tra i gruppi vulnerabili, come le adolescenti. Questi problemi sono stati ripetutamente confermati dalle ricerche interne di Facebook.

  Alan Turing previde questo fenomeno nel 1949 con la sua proposta per il gioco dell'imitazione. Oggi lo chiamiamo Test di Turing. L'implicazione del pensiero di Turing è che, con ogni nuova iterazione degli algoritmi, diventa sempre più difficile per un essere umano distinguere gli algoritmi da un essere umano reale.

  Se l'essere umano non è in grado di distinguere gli algoritmi da un altro essere umano reale, allora è logico supporre che possa iniziare a formare legami emotivi con gli algoritmi e le persone create dall'intelligenza artificiale .

  Molto è stato scritto in studi di ricerca sull'interazione tra i media di controllo sociale e la dopamina nel cervello . Il nostro cervello può avere naturalmente stimoli di dopamina, ad esempio quando un bambino ci sorride, e può avere stimoli quando vediamo qualcosa di artificiale, come un video di un bambino generato dall'intelligenza artificiale su Facebook. Sono necessarie ulteriori ricerche per comprendere in che misura questi stimoli sostitutivi compromettano il funzionamento familiare nel mondo reale.

  Da un altro articolo su NeuroLaunch :

  Ma non è solo la dopamina a entrare in gioco. Anche l'ossitocina, spesso soprannominata "ormone delle coccole", gioca un ruolo nei nostri legami sociali online. Quando interagiamo positivamente sui social media, il nostro cervello rilascia ossitocina, creando un senso di connessione e fiducia. È come se il nostro cervello non riuscisse a distinguere tra un abbraccio virtuale e uno reale.

  Allarmante.

  Dobbiamo considerare questo fenomeno come una forma di poligamia virtuale o cyberpoligamia e quando discutiamo delle sfide della poligamia, potrebbe non essere giusto concentrarsi sulla poligamia in Africa e non parlare contemporaneamente del fenomeno virtuale.

  Osservando le relazioni aperte nell'ecosistema del software open source, molti di questi aspetti vengono accennati, ma mai dichiarati. Nel 2016, si sono diffuse voci su uno sviluppatore, il Dr. Jacob Appelbaum. Sono comparsi diversi articoli di cronaca. La rivista Die Zeit ha pubblicato un articolo intitolato "Cosa ha fatto quest'uomo?" . Chiunque condividesse link all'articolo veniva immediatamente punito in alcune community. L'articolo afferma:

  Seduta di fronte a loro c'è una giovane americana. Aveva conosciuto gli altri solo un paio di giorni prima, ma sembra a disagio a questa festa. Non parla molto, ma ascolta con cordialità quello che viene detto.

  ...

  Gli invitati alla festa del signor Appelbaum sono circa 20 e sono programmatori, hacker e attivisti provenienti da tutto il mondo.

  Successivamente ho divulgato e-mail interne che insinuano che le accuse contro il dottor Appelbaum sembrano essere falsificate, esagerate e mai segnalate alla polizia .

  Un tema legato alla crisi del Dr. Appelbaum è il concetto di relazioni aperte nelle comunità del software libero e open source. Quando la crisi è iniziata nel 2016, si è discusso molto su cosa accadesse realmente alle feste. Sono comparsi resoconti giornalistici. La gente lo trovava imbarazzante.

  Sono queste persone a creare le basi tecnologiche per molti dei servizi online da cui dipendiamo. Pertanto, se il fenomeno della poligamia è valido in queste comunità, è inevitabile che diventi moralmente accettabile anche nelle tecnologie estrapolate dal nostro lavoro.

  Woody Allen ha distribuito il film Vicky Cristina Barcelona nel 2008. Abbiamo notato parallelismi nelle liste delle stanze della DebConf che ora le persone condividono. È seguito il Debian Pregnancy Cluster e subito dopo, nel 2014, si è deciso di organizzare la Women's MiniDebConf a Barcellona , &ZeroWidthSpace&ZeroWidthSpacecome nel film. Altri hanno abbandonato. Per quanto ne so, l'evento non si è mai più ripetuto.

  I casi Debian potrebbero rappresentare un caso limite, tipico dei gruppi simili a sette, ma il fenomeno della poligamia virtuale nei media di controllo sociale sembra rappresentare un rischio molto più ampio.

  Frances Haugen, la whistleblower di Facebook, ha consegnato un'enorme quantità di documenti che rivelano fino a che punto gli algoritmi di Facebook si ingrazino ai loro soggetti. Haugen ha dimostrato l'effetto dissuasivo di Facebook su alcuni tipi di soggetti, ad esempio le adolescenti con disturbi alimentari.

  Il riprogrammazione del cervello, la sostituzione dell'amore umano con l'amore virtuale non è un problema solo nei rapporti tra marito e moglie e genitori e figli. Basti pensare alla morte di Abraham Raji alla DebConf23 in India .

  Ogni volta che qualcuno muore, i Debianisti pubblicano una dichiarazione di rammarico preconfezionata come questa, basata su un modello di posta elettronica, copiano e incollano la foto di Abraham nella foto di gruppo e poi, dopo una pausa per il funerale, la conferenza prosegue come meglio può, secondo il programma esistente.

  Un paio di giorni dopo l'annegamento di Abraham, scattarono una foto di gruppo nella piscina dell'hotel e la pubblicarono con la didascalia "Entrate e unitevi a noi".

   

  Confrontate questo con la risposta di Amnesty International al suicidio di due dipendenti. Amnesty International commissionò una serie di rapporti esterni e li pubblicò prontamente affinché tutti i suoi donatori, volontari e dipendenti potessero leggerli. Dopo il caso del Debian Suicide Cluster , non fu mai pubblicato alcun rapporto. Ingenti somme di denaro furono spese per cercare di impedire la pubblicazione delle prove sulle morti .

  Una delle morti più tragiche avvenne proprio il giorno del nostro matrimonio, che guarda caso era la Domenica delle Palme .

  A un osservatore esterno, il modo in cui questi gruppi copiano e incollano una dichiarazione standard su ogni morte e poi vanno avanti come se nulla fosse accaduto può apparire estremamente insensibile. Dobbiamo analizzare più attentamente per comprendere le dinamiche di queste relazioni. Molte di queste persone raramente si incontrano nel mondo reale. Se il novantanove percento del rapporto con Abraham si basava su comunicazioni elettroniche, significa forse che le persone non avevano instaurato un rapporto umano con lui prima di incontrarlo per la prima volta alla conferenza?

  Questo è sconcertante. Facendo un passo indietro, scopriamo che le persone avevano un rapporto non proprio umano con il volontario deceduto, ma d'altra parte, quando si usano i social media per il controllo , alcune persone si legano agli algoritmi e alle esperienze in modo ancora più forte di quanto non si leghino alla vita familiare nel mondo reale.

  In altre parole, non possiamo semplicemente preoccuparci dell'impatto delle amicizie nascoste sui social media di controllo , dobbiamo preoccuparci degli algoritmi stessi che riprogrammano quelle parti della mente umana che sono normalmente riservate all'aspetto esclusivo di una relazione coniugale. O a ciò che era considerato esclusivo nei matrimoni sani prima dell'avvento dei social media di controllo .

  Diagramma della cyberpoligamia Debian

  Il diagramma mostra solo un sottoinsieme delle relazioni. Vale la pena confrontarlo con le note sul cluster Debian per la gravidanza e con quelle sul programma Outreachy .

  È importante osservare un diagramma completo come questo perché alcune di queste persone sono attivamente coinvolte in attacchi di cyberbullismo contro altri sviluppatori di software open source. Per fermare il cyberbullismo, dobbiamo identificarne le origini.

  I Debianisti cercano di presentarsi come un'organizzazione quasi professionale. Si vantano di titoli altisonanti e rubano il gergo del Codice di Condotta da organizzazioni più credibili. Se vogliono usare questi titoli altisonanti e il gergo del Codice di Condotta, hanno anche l'obbligo di rivelare tutti i loro conflitti di interesse sentimentali e finanziari. Cercare di nascondere questi conflitti di interesse con scuse sulla privacy e sulle molestie è immorale e disonesto.

  Quando rendiamo pubbliche tutte queste relazioni, quando vediamo che tutte le persone che ricoprono titoli importanti in diversi team sono legate sentimentalmente, possiamo vedere che Debian non è affatto un'organizzazione professionale, è più simile a un'associazione studentesca o a un gruppo teatrale amatoriale.

  

   

  Riferimenti:

  • Video DebConf18: Enrico Zini, "Più persone"
  • Vicky Cristina Barcelona (Trailer, IMDB)

  Si prega di consultare la cronologia di come si è evoluta la cultura delle molestie e degli abusi in Debian .

• Charles-Antoine Couret 20 ans de Fedora-fr : neuvième entretien avec Nicolas contributeur de Fedora-fr

  Introduction

  Dans le cadre des 20 ans de Fedora-fr (et du Projet Fedora en lui-même), Charles-Antoine Couret (Renault) et Nicolas Berrehouc (Nicosss) avons souhaité poser des questions à des contributeurs francophones du Projet Fedora et de Fedora-fr.

  Grâce à la diversité des profils, cela permet de voir le fonctionnement du Projet Fedora sous différents angles pour voir le projet au delà de la distribution mais aussi comment il est organisé et conçu. Notons que sur certains points, certaines remarques restent d'application pour d'autres distributions.

  N'oublions pas que le Projet Fedora reste un projet mondial et un travail d'équipe ce que ces entretiens ne permettent pas forcément de refléter. Mais la communauté francophone a de la chance d'avoir suffisamment de contributeurs de qualité pour permettre d'avoir un aperçu de beaucoup de sous projets de la distribution.

  Chaque semaine un nouvel entretien sera publié sur le forum Fedora-fr.org, linuxfr.org et mon blog ici même.

  L'entretien du jour concerne Nicolas Berrehouc (pseudo Nicosss), contributeur de Fedora-fr et mainteneur de sa documentation. Il est devenu président de l’association Borsalinux-fr en avril 2025.

  Entretien

  Bonjour Nicolas, peux-tu présenter brièvement ton parcours ?

  Je me nomme donc Nicolas, je ne suis pas informaticien de métier malgré ce que certaines personnes pourraient croire et je ne travaille pas pour Red Hat non plus. Je suis plus issu d'une formation automatisme, micro-contrôleur et électronique donc malgré tout un monde technique. Mon activité professionnelle actuelle n'est d'ailleurs pas en lien avec l'informatique ni à proprement dit avec ma formation. Je suis un touche à tout autodidacte qui aime apprendre et partager

  Peux-tu présenter brièvement tes contributions au Projet Fedora ?

  Mes contributions directes au Projet Fedora se limitent uniquement aux journées de tests ainsi que tout ce qui va toucher aux validations des correctifs apportés via testing suite à des rapports de bugs, que j'aurais initiés ou non, avant que ce soit poussé en stable. D'ailleurs, je rapporte soit sur le bugzilla Red Hat, soit directement upstream aussi. Il y a aussi Anitya que j'ai pas mal renseigné à sa sortie car j'ai vraiment trouvé que c'était un super projet. De ce fait, mon poste de travail est tout le temps en testing et en général je bascule vers la Beta dès qu'elle est disponible. Voilà le plus gros de mes contributions au Projet Fedora.

  J'ai par ailleurs fait le choix de ne pas faire partie de groupes directement au sein du Projet Fedora par manque de temps.

  Qu'est-ce qui fait que tu es venu sur Fedora et que tu y es resté ?

  J'ai découvert le monde GNU/Linux avec Slackware fin des années 90 (oui l'autre siècle ) mais ça a été une grosse douche froide à l'époque, donc stand-by avant de goûter à Mandrake qui proposait une utilisation plus abordable. Puis j'ai découvert Fedora Core à sa sortie que j'ai commencé à utiliser en parallèle d'un Windows car c'était encore difficile de se défaire de ses habitudes avec certains logiciels. Mais la bascule s'est faite finalement très rapidement par la suite malgré tout et depuis pas mal d'années maintenant je n'utilise plus que Fedora Linux, tant en poste de travail que serveur d'ailleurs.

  J'y voyais aussi la possibilité de faire passer des utilisateurs Windows au monde GNU/Linux juste par le fait de donner une seconde vie à leurs ordinateurs car bien souvent les utilisatrices et utilisateurs ont une utilisation basique de leurs ordinateurs.

  Le Projet Fedora proposait une vision qui me correspondait assez avec l'idée d'être novatrice, s'orienter vraiment vers le Logiciel Libre et surtout une gestion communautaire donc il était possible de ne pas rester un simple consommateur dans son coin. A l'époque Ubuntu avait pignon sur rue et était LA distribution mais malgré une grosse communauté francophone enjouée à l'époque le principe de fonctionnement ne me plaisait pas vraiment.

  Pourquoi contribuer à Fedora en particulier ?

  En fait, tous les champs sont quasi possibles pour contribuer. Il y a énormément d'outils disponibles pour faciliter les contributions à travers son compte FAS désormais en plus. Par ailleurs il y a une bonne dynamique et des gens passionnés donc ça donne d'autant plus envie de participer. Fedora intègre beaucoup de technologies et d'innovations que l'on retrouvera par la suite dans les autres distributions, alors pourquoi attendre Ça reste ma philosophie personnelle donc ça colle avec Fedora.

  Contribues-tu à d'autres Logiciels Libres ? Si oui, lesquels et comment ?

  N'étant pas développeur, il m'arrive tout de même de rapporter des bugs upstream sur certains logiciels que j'utilise lorsque ce n'est pas déjà fait. En général les différents projets sont assez réactifs et ça permet toujours de faire avancer les choses. Mais sinon pas de vraies contributions à un projet particulier en tant que tel.

  Utilises-tu Fedora dans un contexte professionnel ? Et pourquoi ?

  Absolument pas, mon entreprise propose uniquement des postes sous Windows 10 assez verrouillés ; donc souvent quelques moments de solitude avec des réflexes propres à mon utilisation quotidienne de GNOME :D Après, en contexte "semi-professionnel" dirons-nous, j'ai des serveurs auto-hébergés sous Fedora Linux aussi proposant des services pour un cercle restreint comme des outils Web, Cloud, XMPP, Mail. Pour ce point c'est arrivé assez rapidement aussi car cela faisait partie d'un apprentissage que je souhaitais réaliser afin d'avoir une compréhension et une indépendance sur la gestion de mes données personnelles. Un grand merci au monde du Logiciel Libre qui permet de faire ça !

  Est-ce que tes contributions à Fedora sont un atout direct ou indirect dans ta vie professionnelle ? Si oui, de quelle façon ?

  Je dirais que ça a plus un aspect indirect, comme pouvoir parler technique avec des personnes qui sont plus côté Informatique ou Informatique Industrielle et donc faciliter des résolutions de problèmes.

  Tu participes essentiellement à la communauté francophone : maintenance du site web, documentation, répondre au forum, suivi de l'association, pour quelles raisons tu y contribues ? Pourquoi se focaliser sur la communauté francophone dans ton cas ?

  Oui, j'ai décidé assez tôt de plus me focaliser sur la Communauté Francophone car malgré ce que l'on peut croire il y a une énorme demande et je pense que pour que les personnes passent le cap en France il faut un support accessible en Français pour les accompagner au mieux. J'avais regardé côté Projet Fedora mais je n'avais pas vraiment trouvé quelque chose qui pouvait avoir une portée surtout pour l'utilisateur final car je voyais du potentiel dans l'utilisation de Fedora Linux en remplacement d'un Windows pour une utilisation dite courante. Je sais que la priorité du Projet est d'avoir des contributeurs mais il faut des utilisateurs aussi et compter sur le fait qu'un faible pourcentage passera le cap vers la contribution. Il y a eu beaucoup de choses de faites côté documentation en français par le Projet Fedora mais je trouve que nous avons encore très largement notre place car les pionniers de Fedora-fr avaient déjà répondu bien avant à ce manque.

  Par conséquent, je suis assez actif dans l'ensemble des domaines cités afin d'essayer de relancer une dynamique car je sais que les personnes sont en place depuis un long moment maintenant. J'espère aussi que ça permettra à d'autres de se lancer dans l'aventure au travers de l'Association. N'hésitez pas à vous faire connaitre lors des réunions du 1er Lundi de chaque mois !

  Nous avons fourni il y a quelques années un gros effort pour moderniser la documentation, peux-tu revenir sur cette épisode et la nécessité d'une telle action ?

  Oui en effet, nous avons réalisé un très très très gros travail qu'il faudrait arriver à poursuivre d'ailleurs et j'en appelle à toutes les bonnes volontés à se faire connaître. Quoi dire sur toutes ces soirées de travail Nous avons décidé d'une organisation pour identifier les articles obsolètes (quasi tous :D ) ainsi que les priorités par rapport aux demandes. Puis nous nous sommes répartis les articles pour la mise à jour et nous effectuions les relectures croisées. Pas sûr que ce soit à jour mais voilà ce qui a servi de support de travail. Toutes les semaines nous faisions des points via un canal IRC pour aborder des questionnements et lever des doutes dans notre travail.

  Aujourd'hui l'idée est de pouvoir fournir ou améliorer des articles autour des questions récurrentes sur le Forum afin de faciliter la transition vers Fedora Linux et éviter les multiples répétitions via le Forum.

  Quels manques identifies-tu au niveau de la documentation ?

  Le plus gros manque est le maintien à jour de tout ce qui est disponible

  Aujourd'hui il y a des articles très sollicités (comme les pilotes propriétaires Nvidia ; quelle idée d'avoir un GPU de cette marque aussi) qui mériteraient d'avoir plus de suivi mais sinon aujourd'hui l'accent est vraiment porté sur le fait de pouvoir fournir une documentation pour les questions les plus récurrentes sur le Forum afin d'éviter les redites ou recherches sur celui-ci et devoir renvoyer vers des discussions similaires. Bien évidemment toute autre contribution pour un nouvel article est bienvenue car nous sommes vraiment dans l'idée de partager les connaissances et c'est aussi le meilleur moyen pour découvrir d'autres choses.

  Quelle importance il y a d'avoir un forum en français à propos de Fedora ? Est-ce un bon médium pour résoudre les problèmes des gens en général ?

  L'anglais n'est pas vraiment une maîtrise forte en France, et c'est difficile de faire quitter Windows à des personnes en leurs annonçant que le package contient aussi la surprise de devoir se mettre à l'anglais. Il existe des traducteurs en ligne désormais mais les utilisateurs Fedora Linux francophones nous montrent bien que ce Forum a son importance car il y a régulièrement des questions et il est très consulté. Il n'y a évidemment aucun concours avec le Forum officiel en anglais du Projet Fedora. D'ailleurs avant de migrer toute l'infrastructure de Fedora-fr, il s'était aussi posé la question de rejoindre le Forum officiel du Projet via la section non anglaise mais finalement nous avons voulu continuer à offrir tout un écosystème francophone pour continuer dans nos objectifs au niveau de l'Association Borsalinux-fr.

  Pourquoi penses-tu que la fréquentation du site a baissé depuis 2011 qui est le pic historique d'activité ?

  Pour moi les gens sont de plus en plus devenus de simples consommateurs courant après les effets de mode ou cherchant uniquement du divertissement. Ce sont bien souvent des personnes hyper connectées mais qui ne comprennent absolument rien au fonctionnement de leurs outils et applications, ce qui est vraiment dommage. Beaucoup de personnes se sont désintéressées des ordinateurs et se concentrent uniquement sur des ordiphones ou tablettes avec pour OS Android Google ou Apple, ce qui limite les besoins de se tourner vers une distribution GNU/Linux.

  D'un autre côté la distribution Fedora Linux, malgré l'intégration de nouveautés, a vraiment perfectionné tout son process et son assurance qualité donnant ainsi une distribution vraiment stable et performante. Par conséquent qui dit stabilité dit aussi moins de problèmes à régler

  Au niveau des Logiciels Libres il y a aussi eu beaucoup de travail de fond pour proposer une concurrence de haut-niveau face à des logiciels propriétaires. C'est vraiment un point à souligner car beaucoup de monde ne sait même pas, bien souvent, qu'il utilise du Logiciel Libre. Tout cet écosystème qui a gagné en stabilité et performance engendre forcément moins de demandes aussi.

  Il faudrait avoir de vraies statistiques sur le nombre d'utilisateurs en fait. En ce moment il y a des articles concernant l'augmentation de la part de marché des distributions GNU/Linux mais ça reste à suivre.

  Tu as participé avec Guillaume à la dernière mise à jour du site alors que tu n'es pas webmaster de métier, qu'as-tu apporté dans la procédure ?

  Alors en fait ça a porté plus largement que sur le site en lui-même. Guillaume était un peu seul dans le cadre de cette nécessité de migration de toute l'infrastructure qui devenait un très gros frein pour maintenir et faire évoluer tous les outils déployés. Ça a été l'occasion de pouvoir lui redonner de la motivation puis ensuite d'intégrer ce projet pour déclencher tout ce que nous connaissons aujourd'hui.

  La migration a malgré tout été très précipitée car il y avait tout à faire et en très peu de temps.

  Effectivement je ne suis pas webmaster de métier et il a fallu s'approprier très rapidement WordPress afin de proposer à minima un équivalent de ce que nous avions avant avec fedora-fr.org donc ça a été un enchainement de journées très chargées. Et comme vous pouvez le constater nous ne sommes pas des designers dans l'âme non plus :D Donc tout aide est la bienvenue aussi ; même si le Forum est plus le point de chute.

  L'idée en parallèle était d'en profiter pour rédiger de la documentation partagée sur notre Nextcloud à propos de toute notre infrastructure ainsi que notre fonctionnement interne au niveau de l'Association. Ce travail est d'ailleurs toujours en cours.

  Quels manques identifies-tu au niveau de la communauté francophone en général ?

  Je pense que c'est ce que l'on peut retrouver un peu de partout avec un manque d'appartenance. Aujourd'hui la consommation prime et l'utilisateur ne se considère que comme un consommateur alors qu'il pourrait trouver un épanouissement personnel en participant au sein d'une communauté et de fait s'engager dans une démarche d'échanges et de partages.

  Tu nous as représenté de nombreuses années aux JDLL à Lyon, qu'est-ce qui te plaît ou qui ne te plaît pas dans cet événement ? Quels intérêts trouves-tu à y aller ?

  En effet, j'ai commencé à me rendre aux JDLL à partir de 2005 car j'étais désormais pas loin de Lyon et que le monde du Libre avait commencé à faire son petit bout de chemin dans ma tête, donc j'assistais à pas mal de conférences et pendant les pauses je faisais le tour des stands. C'est d'ailleurs à ce moment là que j'ai pu rencontrer des membres de la Communauté Fedora-Fr (shaiton entre autre qui était un bon recruteur ) qui tenaient le stand sur le site Universitaire de la Doua à l'époque. Puis au fil des années, j'ai passé de plus en plus de temps vers le stand Fedora/Borsalinux-Fr pour finalement me faire embringuer dans l'aventure de la tenue du stand (petit clin d’œil à number80 qui y est pour beaucoup). Depuis quelques années maintenant j'ai hérité des relations avec l'organisation des JDLL pour la tenue du stand pour Fedora/Borsalinux-Fr lors de cet évènement.

  C'est un moment de l'année où il est possible de rencontrer tout type de population et je trouve ça super intéressant de pouvoir échanger avec autant de monde. Ça permet aussi de pouvoir se remettre en question car ce n'est pas comme se réunir au sein d'une communauté où tout le monde est d'accord avec les mêmes idées. Bref c'est très enrichissant humainement !

  Quelles sont tes tâches au niveau de l'association ? Qu'est-ce qui doit être amélioré à ton avis ? Et qu'est-ce qui fonctionne bien ?

  Nous sommes un effectif très réduit au niveau de l'Association donc je suis multitâches mais j'avoue que le temps me manque. Si l'on en revient à mes débuts dans l'Association j'ai surtout essayé de relancer du dynamisme et de l'animation au sein des réunions hebdomadaires tenues historiquement sur IRC. Je pense que cela est aussi dû aux années écoulées sans renouvellement des membres du bureau et un manque de bénévoles pour assurer une répartition des tâches. Ensuite il a été décidé de passer ces réunions au pas mensuel et en visio pour essayer de toucher plus de monde. Il y a quelques passages mais ce n'est pas encore ça derrière. Dans le même temps, nous avons assuré la transparence des informations échangées lors de ces réunions en postant le compte rendu sur le Forum qui est l'outil le plus fréquenté par la communauté Fedora-fr.

  Une instance Nextcloud a été déployée sur notre infrastructure, ça a été l'occasion de pouvoir construire de la documentation sur les outils que nous utilisons, des procédures liées à la maintenance ou à la gestion de l'Association, etc afin que tout le monde puisse s'y retrouver, voire même se projeter un peu plus dans une activité de l'Association. L'idée est de pouvoir assurer la continuité de fonctionnement de l'Association et ce même après un départ de quelqu'un.

  Nous avons la chance d'avoir encore parmi nous des piliers de l'Association qui sont encore investis. Pour le moment il y a encore pas mal de travail mais après ça devrait se calmer pour pouvoir se focaliser sur des choses j'espère plus concrètes.

  Si tu avais la possibilité de changer quelque chose dans la distribution Fedora ou dans sa manière de fonctionner, qu'est-ce que ce serait ?

  Côté distribution je n'ai pas vraiment à me plaindre, il y a certes un gros rythme qui peine à tenir les dates de sorties mais le travail est énorme et surtout la qualité du processus est arrivée à un sacré niveau de maturité. Fini l'époque où il fallait allumer des cierges et invoquer les grands esprits avant de se lancer dans une migration :D L'installation peut encore amener certaines questions pour des néophytes mais ensuite tout est tellement fiabilisé que n'importe qui peut s'en servir sans problème.

  À l'inverse, est-ce qu'il y a quelque chose que tu souhaiterais conserver à tout prix dans la distribution ou le projet en lui même ?

  Le côté vivant et passionné de toutes celles et de tous ceux qui participent à ce projet dans le monde. C'est vraiment quelque chose que l'on retrouve à chaque fois dans les interviews lors des élections Fedora et ça fait plaisir.

  Au niveau de la distribution, qu'elle aille toujours de l'avant et propose toujours autant l'implémentation de nouveautés technologiques.

  Que penses-tu de la communauté Fedora-fr que ce soit son évolution et sa situation actuelle ? Qu'est-ce que tu améliorerais si tu en avais la possibilité ?

  J'ai connu l'époque des communautés Fedora-fr très actives dans différentes grandes villes, puis ça s'est perdu et je pense qu'aujourd'hui ça ne reverra pas le jour. Idem pour d'autres grandes distributions qui avaient leurs communautés Fr.

  Aujourd'hui je pense que la communauté Fedora-Fr (les personnes actives) est une bonne chose car ça répond vraiment à un besoin au niveau francophone car l'anglais reste un peu la bête noire. Ceci permet donc de faciliter la prise en main de Fedora Linux avec un Forum de qualité ainsi que de la Documentation orientée pour répondre aux débutantes et débutants tout en assurant une base de connaissances collaborative. Et ça ouvre la porte pour contribuer directement au Projet Fedora par la suite.

  Malheureusement tout ceci est en train de s’essouffler et je ne sais pas combien de temps cette grande aventure va durer si de nouvelles personnes ne viennent pas apporter un peu de souffle à l'équipe. Pour ma part je trouve que c'est sociétale donc il faudrait peut-être revoir le modèle complet mais dans tous les cas nous aurons besoin de bénévoles.

  Quelque chose à ajouter ?

  Un appel à volontaires Si vous voulez vous investir dans l'Association que ce soit pour des évènements, de la documentation, du webdesign, du marketing pour des goodies ou d'autres idées alors n'hésitez pas à nous contacter via le site de l'Association, lors d'une réunion mensuelle ou tout autre canal. Nous vous accueillerons avec plaisir !

  Merci Nicolas pour ta contribution !

  Conclusion

  Nous espérons que cet entretien vous a permis d'en découvrir un peu plus sur le site Fedora-fr.

  Si vous avez des questions ou que vous souhaitez participer au Projet Fedora ou Fedora-fr, ou simplement l'utiliser et l'installer sur votre machine, n'hésitez pas à en discuter avec nous en commentaire ou sur le forum Fedora-fr.

  À dans 10 jours pour un entretien avec Kévin Raymond, ancien contributeur de Fedora et de Fedora-fr.org.

June 21, 2025

• Kevin Fenzi 10 days to datacenter move

  

  Super busy recently focused on the datacenter move thats happening in just 10 days! (I hope).

  datacenter move

  Just 10 days left. We are not really where I was hoping to be at this point, but hopefully we can still make things work.

  We got our power10 boxes installed and setup and... we have an issue. Some of our compose process uses vm's in builder guests, but the way we have the power10 setup with one big linux hypervisor and guests on that doesn't allow those guests to have working nested virt. Only two levels is supported. So, we are looking at options for early next week and hopefully we can get something working in time for the move. Options include getting a vHMC to carve out lpars, moving an existing power9 machine in place at least for the move for those needs and a few more. I'm hoping we can get something working in time.

  We are having problems with our arm boxes too. First there were strange errors on the addon 25G cards. That turned out to be a transceiver problem and was fixed thursday. Then the addon network cards in them don't seem to be able to network boot, which makes installing them anoying. We have plans for workarounds there too for early next week: either connected the onboard 1G nics, or some reprogramming of the cards to get them working, or some installs with virtual media. I'm pretty sure we can get this working one way or another.

  On the plus side, tons of things are deployed in the new datacenter already and should be ready. Early next week we should have ipa clusters replicating. Also soon we should have staging openshift cluster in place.

  Monday, networking is going to do a resilance test on the networking setup there. This will have them take down one 'side' of the switches and confirm all our machines are correctly balancing over their two network cards.

  Tuesday we have a 'go/no-go' meeting with IT folks. Hopefully we can be go and get this move done.

  Next wed, I am planning to move all of our staging env over to the new datacenter. This will allow us to have a good 'dry run' at the production move and also reduce the number of things that we need to move the following week. If you are one of the very small number of folks that uses our staging env to test things, make a note that things will be down on wed.

  Then more prep work and last minute issues and on into switcharoo week.

  Early monday of that week, things will be shutdown so we can move storage, then storage moves, we sync other data over and bring things up. Tuesday will be the same for the build system side. I strongly advise contributors to just go do other things monday and tuesday. Lots of things will be in a state a flux. Starting wed morning we can start looking at issues and fixing them up.

  Thanks for everyone's patience during this busy time!

  misc other stuff

  I've been of course doing other regular things, but my focus as been on datacenter moving. Just one other thing to call out:

  Finally we have our updated openh264 packages released for updates in stable fedora releases. It was a long sad road, but hopefully now we can get things done much much quicker. The entire thing wasn't just one thing going wrong or blocking stuff, it was a long series of things, one after another. We are in a much better state now moving forward though.

  comments? additions? reactions?

  As always, comment on mastodon: https://fosstodon.org/@nirik/114722324993121031

June 20, 2025

• Matthew Garrett My a11y journey

  23 years ago I was in a bad place. I'd quit my first attempt at a PhD for various reasons that were, with hindsight, bad, and I was suddenly entirely aimless. I lucked into picking up a sysadmin role back at TCM where I'd spent a summer a year before, but that's not really what I wanted in my life. And then Hanna mentioned that her PhD supervisor was looking for someone familiar with Linux to work on making Dasher, one of the group's research projects, more usable on Linux. I jumped.
  
  The timing was fortuitous. Sun were pumping money and developer effort into accessibility support, and the Inference Group had just received a grant from the Gatsy Foundation that involved working with the ACE Centre to provide additional accessibility support. And I was suddenly hacking on code that was largely ignored by most developers, supporting use cases that were irrelevant to most developers. Being in a relatively green field space sounds refreshing, until you realise that you're catering to actual humans who are potentially going to rely on your software to be able to communicate. That's somewhat focusing.
  
  This was, uh, something of an on the job learning experience. I had to catch up with a lot of new technologies very quickly, but that wasn't the hard bit - what was difficult was realising I had to cater to people who were dealing with use cases that I had no experience of whatsoever. Dasher was extended to allow text entry into applications without needing to cut and paste. We added support for introspection of the current applications UI so menus could be exposed via the Dasher interface, allowing people to fly through menu hierarchies and pop open file dialogs. Text-to-speech was incorporated so people could rapidly enter sentences and have them spoke out loud.
  
  But what sticks with me isn't the tech, or even the opportunities it gave me to meet other people working on the Linux desktop and forge friendships that still exist. It was the cases where I had the opportunity to work with people who could use Dasher as a tool to increase their ability to communicate with the outside world, whose lives were transformed for the better because of what we'd produced. Watching someone use your code and realising that you could write a three line patch that had a significant impact on the speed they could talk to other people is an incomparable experience. It's been decades and in many ways that was the most impact I've ever had as a developer.
  
  I left after a year to work on fruitflies and get my PhD, and my career since then hasn't involved a lot of accessibility work. But it's stuck with me - every improvement in that space is something that has a direct impact on the quality of life of more people than you expect, but is also something that goes almost unrecognised. The people working on accessibility are heroes. They're making all the technology everyone else produces available to people who would otherwise be blocked from it. They deserve recognition, and they deserve a lot more support than they have.
  
  But when we deal with technology, we deal with transitions. A lot of the Linux accessibility support depended on X11 behaviour that is now widely regarded as a set of misfeatures. It's not actually good to be able to inject arbitrary input into an arbitrary window, and it's not good to be able to arbitrarily scrape out its contents. X11 never had a model to permit this for accessibility tooling while blocking it for other code. Wayland does, but suffers from the surrounding infrastructure not being well developed yet. We're seeing that happen now, though - Gnome has been performing a great deal of work in this respect, and KDE is picking that up as well. There isn't a full correspondence between X11-based Linux accessibility support and Wayland, but for many users the Wayland accessibility infrastructure is already better than with X11.
  
  That's going to continue improving, and it'll improve faster with broader support. We've somehow ended up with the bizarre politicisation of Wayland as being some sort of woke thing while X11 represents the Roman Empire or some such bullshit, but the reality is that there is no story for improving accessibility support under X11 and sticking to X11 is going to end up reducing the accessibility of a platform.
  
  When you read anything about Linux accessibility, ask yourself whether you're reading something written by either a user of the accessibility features, or a developer of them. If they're neither, ask yourself why they actually care and what they're doing to make the future better.
  
  comments

June 19, 2025

• Adam Young I call it my ctaginator

  The Linux Kernel source is too big to generate all tags for all files. I want only a subset of C files and the corresponding headers. Here is my first take at it. yes it is in python. The program is designed to be run from the root of the Linux Kernel tree.

  #!/usr/bin/python3
  
  import sys
  from plumbum import local,  FG
  
  print("Hello, Tristate Area.")
  
  sources = []
  
  for file in sys.argv[1:]:
      sources.append(file)
      print("file = " + file)
      with open(file) as cfile:
          for line in cfile.readlines():
              if line.startswith("#include"):
                  for part in line.split():
                      if part.startswith("<"):
                          header = part.replace("<","").replace(">","")
                          header = "include/" + header
                          sources.append(header)
  sources =sorted(set(sources))
  
  ctags = local['ctags']
  print(ctags.bound_command(sources).formulate())
  ctags.bound_command(sources) & FG
  
  

  A Typical run looks like this:

  ~/ctaginator drivers/mailbox/pcc.c  drivers/mailbox/mailbox.c drivers/net/mctp/mctp-pcc.c
  Hello, Tristate Area.
  file = drivers/mailbox/pcc.c
  file = drivers/mailbox/mailbox.c
  file = drivers/net/mctp/mctp-pcc.c
  ['/usr/bin/ctags', 'drivers/mailbox/mailbox.c', 'drivers/mailbox/pcc.c', 'drivers/net/mctp/mctp-pcc.c', 'include/acpi/acpi_bus.h', 'include/acpi/acpi_drivers.h', 'include/acpi/acrestyp.h', 'include/acpi/actbl.h', 'include/acpi/pcc.h', 'include/linux/acpi.h', 'include/linux/cleanup.h', 'include/linux/delay.h', 'include/linux/device.h', 'include/linux/err.h', 'include/linux/hrtimer.h', 'include/linux/if_arp.h', 'include/linux/init.h', 'include/linux/interrupt.h', 'include/linux/io-64-nonatomic-lo-hi.h', 'include/linux/io.h', 'include/linux/kernel.h', 'include/linux/list.h', 'include/linux/log2.h', 'include/linux/mailbox_client.h', 'include/linux/mailbox_controller.h', 'include/linux/module.h', 'include/linux/mutex.h', 'include/linux/netdevice.h', 'include/linux/of.h', 'include/linux/platform_device.h', 'include/linux/spinlock.h', 'include/linux/string.h', 'include/net/mctp.h', 'include/net/mctpdevice.h']
  

  When I ran ctags from the command line by hand:

  ctags drivers/net/mctp/mctp-pcc.c include/acpi/pcc.h drivers/mailbox/mailbox.c drivers/mailbox/mailbox.h drivers/mailbox/pcc.c include/linux/hrtimer.h kernel/time/hrtimer.c include/linux/platform_device.h include/linux/mailbox_controller.h include/linux/mailbox_client.h include/linux/device.h include/linux/skbuff.h
  

  I get a file of size 155502. Running ctaginator I get a file of size 491157. Feels about right.

  However, this does not include headers only included from other headers. To do that, we would need something recursive. That something would need cycle-breaking ability….

• Remi Collet 🎲 PHP version 8.3.23RC1 and 8.4.9RC1

  Release Candidate versions are available in the testing repository for Fedora and Enterprise Linux (RHEL / CentOS / Alma / Rocky and other clones) to allow more people to test them. They are available as Software Collections, for parallel installation, the perfect solution for such tests, and as base packages.

  RPMs of PHP version 8.4.9RC1 are available

  • as base packages in the remi-modular-test for Fedora 40-42 and Enterprise Linux ≥ 8
  • as SCL in remi-test repository

  RPMs of PHP version 8.3.23RC1 are available

  • as base packages in the remi-modular-test for Fedora 40-42 and Enterprise Linux ≥ 8
  • as SCL in remi-test repository

  ℹ️ The packages are available for x86_64 and aarch64.

  ℹ️ PHP version 8.2 is now in security mode only, so no more RC will be released.

  ℹ️ Installation: follow the wizard instructions.

  ℹ️ Announcements:

  • PHP 8.4.9RC1 available for testing
  • PHP 8.3.23RC1 available for testing

  Parallel installation of version 8.4 as Software Collection:

  yum --enablerepo=remi-test install php84

  Parallel installation of version 8.3 as Software Collection:

  yum --enablerepo=remi-test install php83

  Update of system version 8.4:

  dnf module switch-to php:remi-8.4
  dnf --enablerepo=remi-modular-test update php\*

  Update of system version 8.3:

  dnf module switch-to php:remi-8.3
  dnf --enablerepo=remi-modular-test update php\*

  ℹ️ Notice:

  • version 8.4.9RC1 is in Fedora rawhide for QA
  • EL-10 packages are built using RHEL-10.0 and EPEL-10.0
  • EL-9 packages are built using RHEL-9.6
  • EL-8 packages are built using RHEL-8.10
  • oci8 extension uses the RPM of the Oracle Instant Client version 23.7 on x86_64 and aarch64
  • intl extension uses libicu 74.2
  • RC version is usually the same as the final version (no change accepted after RC, exception for security fix).
  • versions 8.3.23 and 8.4.9 are planed for July 3rd, in 2 weeks.

  Software Collections (php83, php84)

  

  

  Base packages (php)

  

  

• Jon Chiappetta TurnTables – A MacOS App In Swift – Starting From Scratch And Copying iTunes!

  It’s been a while since I’ve posted here on the good old blog, I’ve been busy with life and work, however, that may change soon as the big 5 banks in Canada are now forcing everyone to a mandated RTO back in to downtown Toronto. I had to move out of the city some years back due to the cost of living crisis here so I may be out of a job come September.

  

  Anyway, I started a new MacOS app in Swift called TurnTable which is written from scratch to try and copy the old spirit and simplicity of the original iTunes application. It doesn’t have anything fancy yet implemented but I just wrote it all today and am posting the source code of course up on my github. I will try to add more features to it over time when I get a free chance to do so!

  Source code: https://github.com/stoops/TurnTable/tree/main

  • 

  • 

  • 

  • 

  • 

  • 

  ~

June 18, 2025

• Peter Czanik The syslog-ng Insider 2025-06: arm64; PAM; testing

  Dear syslog-ng users,

  
  

  This is the 132nd issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

  NEWS

  Installing nightly syslog-ng arm64 packages on a Raspberry Pi

  Last week, I posted about running nightly syslog-ng container images on arm64. However, you can also install syslog-ng directly on the host (in my case, a Raspberry Pi 3), running the latest Raspberry OS.

  https://www.syslog-ng.com/community/b/blog/posts/installing-nightly-syslog-ng-arm64-packages-on-a-raspberry-pi

  Working with One Identity Cloud PAM Linux agent logs in syslog-ng

  One Identity Cloud PAM is one of the latest security products by One Identity. It provides asset management as well as secure and monitored remote access for One Identity Cloud users to hosts on their local network. Last year, I showed you how collect One Identity Cloud PAM Network Agent log messages on Windows and create alerts when somebody connects to a host on your local network using PAM Essentials. This time, I will show you how to work with the Linux version of the Network Agent.

  https://www.syslog-ng.com/community/b/blog/posts/working-with-one-identity-cloud-pam-linux-agent-logs-in-syslog-ng

  Testing the new syslog-ng wildcard-file() source options on Linux

  Last year, syslog-ng 4.8.0 improved the wildcard-file() source on FreeBSD and MacOS. Version 4.9.0 will do the same for Linux by using inotify for file and directory monitoring, resulting in faster performance while using significantly less resources. This blog is a call for testing the new wildcard-file() source options before release.

  https://www.syslog-ng.com/community/b/blog/posts/testing-the-new-syslog-ng-wildcard-file-source-options-on-linux

  WEBINARS

  • You can learn about upcoming webinars and browse recordings of past webinars at https://www.syslog-ng.com/events/

  Your feedback and news, or tips about the next issue are welcome. To read this newsletter online, visit: https://syslog-ng.com/blog/

June 17, 2025

• Fedora Community Blog Less than 2 weeks until the Datacenter move

  It’s less than 2 weeks until the switch of fedoraproject to our new datacenter, so I thought I would provide a reminder and status update.

  Currently we are still on track to switch to the new datacenter the week of June 30th. As mentioned in previous posts:

  • End users hopefully will not be affected (mirrorlists, docs, etc should all be up and working all the time)
  • Contributors should expect for applications and services to be down or not fully working on Monday the 30th and Tuesday the 1st. Contributors are advised to hold their work until later in the week and not report problems for those days as we work to migrate things.
  • Starting Wednesday the 2nd things should be up in the new datacenter and we will start fixing issues that are reported as we can do so.

  We ask for your patience in the next few weeks as we setup to do a smooth transfer of resources.

  The post Less than 2 weeks until the Datacenter move appeared first on Fedora Community Blog.

• Matthew Garrett Locally hosting an internet-connected server

  I'm lucky enough to have a weird niche ISP available to me, so I'm paying $35 a month for around 600MBit symmetric data. Unfortunately they don't offer static IP addresses to residential customers, and nor do they allow multiple IP addresses per connection, and I'm the sort of person who'd like to run a bunch of stuff myself, so I've been looking for ways to manage this.
  
  What I've ended up doing is renting a cheap VPS from a vendor that lets me add multiple IP addresses for minimal extra cost. The precise nature of the VPS isn't relevant - you just want a machine (it doesn't need much CPU, RAM, or storage) that has multiple world routeable IPv4 addresses associated with it and has no port blocks on incoming traffic. Ideally it's geographically local and peers with your ISP in order to reduce additional latency, but that's a nice to have rather than a requirement.
  
  By setting that up you now have multiple real-world IP addresses that people can get to. How do we get them to the machine in your house you want to be accessible? First we need a connection between that machine and your VPS, and the easiest approach here is Wireguard. We only need a point-to-point link, nothing routable, and none of the IP addresses involved need to have anything to do with any of the rest of your network. So, on your local machine you want something like:
  
  [Interface]
  PrivateKey = privkeyhere
  ListenPort = 51820
  Address = localaddr/32
  
  [Peer]
  Endpoint = VPS:51820
  PublicKey = pubkeyhere
  AllowedIPs = VPS/0
  
  And on your VPS, something like:
  
  [Interface]
  Address = vpswgaddr/32
  SaveConfig = true
  ListenPort = 51820
  PrivateKey = privkeyhere
  
  [Peer]
  PublicKey = pubkeyhere
  AllowedIPs = localaddr/32
  
  The addresses here are (other than the VPS address) arbitrary - but they do need to be consistent, otherwise Wireguard is going to be unhappy and your packets will not have a fun time. Bring that interface up with wg-quick and make sure the devices can ping each other. Hurrah! That's the easy bit.
  
  Now you want packets from the outside world to get to your internal machine. Let's say the external IP address you're going to use for that machine is 321.985.520.309 and the wireguard address of your local system is 867.420.696.005. On the VPS, you're going to want to do:
  
  iptables -t nat -A PREROUTING -p tcp -d 321.985.520.309 -j DNAT --to-destination 867.420.696.005
  
  Now, all incoming packets for 321.985.520.309 will be rewritten to head towards 867.420.696.005 instead (make sure you've set net.ipv4.ip_forward to 1 via sysctl!). Victory! Or is it? Well, no.
  
  What we're doing here is rewriting the destination address of the packets so instead of heading to an address associated with the VPS, they're now going to head to your internal system over the Wireguard link. Which is then going to ignore them, because the AllowedIPs statement in the config only allows packets coming from your VPS, and these packets still have their original source IP. We could rewrite the source IP to match the VPS IP, but then you'd have no idea where any of these packets were coming from, and that sucks. Let's do something better. On the local machine, in the peer, let's update AllowedIps to 0.0.0.0/0 to permit packets form any source to appear over our Wireguard link. But if we bring the interface up now, it'll try to route all traffic over the Wireguard link, which isn't what we want. So we'll add table = off to the interface stanza of the config to disable that, and now we can bring the interface up without breaking everything but still allowing packets to reach us. However, we do still need to tell the kernel how to reach the remote VPN endpoint, which we can do with ip route add vpswgaddr dev wg0. Add this to the interface stanza as:
  
  PostUp = ip route add vpswgaddr dev wg0
  PreDown = ip route del vpswgaddr dev wg0
  
  That's half the battle. The problem is that they're going to show up there with the source address still set to the original source IP, and your internal system is (because Linux) going to notice it has the ability to just send replies to the outside world via your ISP rather than via Wireguard and nothing is going to work. Thanks, Linux. Thinux.
  
  But there's a way to solve this - policy routing. Linux allows you to have multiple separate routing tables, and define policy that controls which routing table will be used for a given packet. First, let's define a new table reference. On the local machine, edit /etc/iproute2/rt_tables and add a new entry that's something like:
  
  1 wireguard
  
  where "1" is just a standin for a number not otherwise used there. Now edit your wireguard config and replace table=off with table=wireguard - Wireguard will now update the wireguard routing table rather than the global one. Now all we need to do is to tell the kernel to push packets into the appropriate routing table - we can do that with ip rule add from localaddr lookup wireguard, which tells the kernel to take any packet coming from our Wireguard address and push it via the Wireguard routing table. Add that to your Wireguard interface config as:
  
  PostUp = ip rule add from localaddr lookup wireguard
  PreDown = ip rule del from localaddr lookup wireguard
  and now your local system is effectively on the internet.
  
  You can do this for multiple systems - just configure additional Wireguard interfaces on the VPS and make sure they're all listening on different ports. If your local IP changes then your local machines will end up reconnecting to the VPS, but to the outside world their accessible IP address will remain the same. It's like having a real IP without the pain of convincing your ISP to give it to you.
  
  comments

• Jakub Kadlčík Copr builders powered by bootc

  As of today, all Copr builder virtual machines are now being spawned from bootc images, which is no small feat because the builder infrastructure involves multiple architectures (x86_64, aarch64, ppc64le, s390x), multiple clouds (Amazon AWS, IBM Cloud), and on-premise hypervisors. It scales up to 400 builders running simultaneously and peaking at 30k builds a day.

  Before bootc

  You can find some interesting history and previous numbers in Pavel’s article - Fedora Copr farm of builders - status of July 2021. The part it leaves out is how we used to generate the Copr builder images.

  The process is documented in the official Copr documentation. In a nutshell, it involved manually spawning a VM from a fresh Fedora Cloud image, running Ansible playbooks to provision it, and then using custom scripts to upload the image to the right place. Because we need to build the images natively, we had to follow this process for every architecture.

  The easiest workflow was for x86_64 builders running on our own hypervisors. It meant connecting to the hypervisor using SSH and running a custom copr-image script from the praiskup/helpers repository. While its usage looks innocent, internally it had to execute many virt-sysprep commands. It also required some guestfish hacks to modify cloud-init configuration inside of the image so that it works outside of an actual cloud. Then, finally, using the upload-qcow2-images script to upload the image into libvirt.

  The same exact workflow for ppc64le builders. However, internally it had a special case uploading the image also to OSU OSL OpenStack.

  For s390x builders, we don’t have a hypervisor where we could natively build the image. Thus we needed to spawn a new VM in IBM Cloud and run the previously mentioned copr-image script inside of it. Once finished, we needed to upload the image to IBM Cloud. This is supposed to be done using the ibmcloud tool, but the problem is that it is not FOSS, and as such, it cannot be packaged for Fedora. We don’t want to run random binaries from the internet, so we containerized it.

  At this point, only x86_64 and aarch64 images for Amazon AWS remain.

  While not straightforward to create a new AMI from a local qcow2 image, it’s quite easy to create an AMI from a running EC2 instance. That was our strategy. Spawn a new instance from a fresh Fedora Cloud image, provision it, and then create an AMI from it.

  Current situation

  I disliked exactly three aspects concerning the previous solution. It required a lot of manual work, the process was different for every cloud and architecture, and the bus factor was less than one.

  Even though at this moment generating a fresh set of builder images still requires about the same amount of manual work as before, there is a potential for future automation. By switching to bootc and Image Builder, we were able to offload some dirty work to them while also unifying the process to follow the same steps for all architectures and clouds (with minor caveats).

  The current process is temporarily documented here. We spawn a VM for every architecture and use it to build the system image from our Containerfile via the quay.io/centos-bootc/bootc-image-builder. Then we fetch the results and upload them where needed.

  For Amazon AWS, we can utilize the image-builder upload feature which is amazing. But for other clouds and hypervisors, we still need our custom upload-qcow2-images and quay.io/praiskup/ibmcloud-cli. If image-builder could implement the missing support and enable uploading to all of them, that would be a major win for us.

  Future plans

  My goal is simple, I want one-button deployment. Well, almost.

  When a change is made to our Containerfile, or when triggered manually, or periodically after a period of inactivity, I want the images to be automatically built for all architectures and uploaded to all the necessary places. Then seeing a list of image names and AMIs that I can either choose to use or ignore.

  The bootc-image-builder-action seems like the perfect candidate, but the problem is that it cannot natively build images for ppc64le and s390x.

  SNThrailkill recommended GitLab Runners but that would require us to maintain the runner VMs, which is annoying. Moreover, there is a potential chicken-and-egg problem, meaning that if we break our image, we might not be able to spawn a VM to build a new working image. We also wouldn’t be able to use the existing GitHub action and would have to port it for GitLab.

  At this moment, our team is leaning towards Konflux and a tekton pipeline for building images. Fedora Konflux instance is limited to x86_64 and aarch64, so we would temporarily have to use an internal Red Hat instance which provides all the architectures needed by us.

  Many questions are yet to be answered. Is Konflux ready? Does the pipeline for building images already exist? Does it support everything we need? Is it built on top of image-builder so that we can use its upload feature?

  Pitfalls along the way

  Hopefully, this can help Image Builder and bootc developers better understand their blind spots in the onboarding process, and also prevent new users from repeating the same mistakes.

  Before discovering that bootc exists, our original approach was to use just Image Builder and its blueprints, and automatize the process using Packit. There were several problems. It was easy to build the image locally from our blueprint, but it wasn’t possible to upload the same blueprint to be built in a hosted Image Builder service. Additionally, I had several issues with the Blueprint TOML format. The order of operations is pre-defined (e.g. all users are always created before any packages are installed). There is no escape hatch to run a custom command. And finally, it’s yet another specification to learn. My recommendation? Just go with bootc.

  Our main problem with bootc is the immutability of the filesystem. Can somebody please help me understand whether the immutable filesystem is a fundamental building block, a key piece of technology that enables bootable containers, or whether it is an unrelated feature? If it is technologically possible, our team would love to see officially supported mutable bootc base images. Currently, we are going forward with a hack to make the root filesystem transient.

  One of the issues that probably stems out of the immutable filesystem is the necessity to change the default location of the RPM database. This hack is baked into the bootc base images and we needed to revert it because it causes Mock to fail under some specific circumstances. This unfortunately cost us many many hours of debugging.

  The process of building system images is quite storage intensive in /var/lib/containers and /run. To avoid running out of disk space on our virtual machines, we had to turn our swap partition into a data volume and mount the problematic directories there. Not sure if there is something that image-builder can do to make this a less of problem.

  We build the system images natively on VMs of the same architecture that they are targeted for, but then we fetch all of them to an x86_64 machine and upload the images to the respective clouds from there. We discovered a bug in cross-arch upload to AWS, which was promptly confirmed and fixed by the image-builder team. Big customer satisfaction right here.

  We also struggled with setting up AWS permissions for the image-builder upload command to work correctly. We tried running it, fixing the insufficient permissions it complained about, running it again, and again, and so on. I don’t recommend this approach. It turns out there is a documentation page with instructions.

  I hope this chapter doesn’t come across as too discouraging. In fact, we found workarounds for all of our problems, and we are now happily using this in production. So you can probably too.

June 16, 2025

• Fedora fans معرفی و نصب مرورگر اینترنتی LibreWolf

  

  LibreWolf یک مرورگر امن، حریم‌خصوصی‌محور و متن‌باز است که بر پایه Firefox توسعه داده شده است. هدف اصلی این مرورگر، حذف ویژگی‌هایی است که ممکن است به حریم خصوصی کاربران آسیب بزنند یا داده‌های آن‌ها را به سرورهای خارجی ارسال کنند. LibreWolf برای کاربرانی طراحی شده که می‌خواهند تجربه‌ای امن‌تر و بدون ردیابی در وب […]

  The post معرفی و نصب مرورگر اینترنتی LibreWolf first appeared on طرفداران فدورا.

June 13, 2025

• Adam Young Tavolo

  When the noise of the DotCom boom became too loud for me to ignore, I finally left my role enabling mainframes and joined a consultancy focusing on Electronic Commerce with a skillset based on Java. I was pretty well prepared for this, as the Object Oriented approach I had learned in the Visual C++ world translated over fairly cleanly, and I had taken a Java transition course at UC Berkely extenstion. Thus, I moved two streets up, two streets over, to the overheated, noisy, open bay office if Fort Point Partners.

  Fort Point was still such a young company that it had not even gotten the fortpoint.com domain name yet…that would happen in a few months. They already had a couple projects under their belts, but the big ones were just starting, and they were staffing up for them. I was hired to work on a project for the Culinary Institute of America (yes, the CIA) that was about recipe management as a way of selling high end ingredients for these recipes. The site was called “Tavolo,” after the Italian word for table, but with the accent on the second syllable.

  Our Project Manager was Roger Kibbe, and our technical lead was Paul Duey. While these two guys are real characters, and it would be fun to try and describe the ups and downs of the project in dramatic terms, they are very real people who I bonded with during a fairly intense project, and have become life long friends. Suffice to say that we all learned and grew a lot during the year that the project developed.

  OK, I will add that I was the person that exposed Roger to UML diagrams. His initial response was “What the hell is that?” But I think he got it pretty quickly.

  I was actually a bit above average age for the team. Most of the engineers were right out of college, with maybe a year or two of professional experience. I didn’t have much more technical experience, just my two years at Walker Interactive, but I had spent 3 years in the Army after graduation. On the other hand, a few of the coders on the project had really learned their craft, and were well beyond me in productivity and thoughtfulness…it made for a really great learning environment.

  We were Java based, but this was before Java Enterprise Edition, and we built on the most powerful platform of the day: ATG Dynamo. ATG had built a data-mapping technique based on the mapping of Java objects to database tables using the properties of those objects. This very much heralded what we would see with J2EE’s second go round with data mapping, and very much mapped how Hibernate would work in the future. However, ATG was learning that they needed to make tools for analysts, and they had changed their approach, using a dynamic mapping based on XML and HashMaps. These were called Repositories and their first foray into using them was in the personalization of the user experience. This part of the site fell to me.

  I, of course, was arrogant and thought I could do everything, so I also horned in on Bill Noto’s piece, which was the back end integration with the AS400 machines…this very much looked like the kind of work I was doing back at Walker, and I thought I had something to offer. In retrospect, the leadership should have told me to stick to my lane, or switched me off the personalization work, as it turned out that the fast timeline of the project meant I was seriously behind.

  I will also say that I messed up in the backend integration, in that I did not use the data mapping mechanism from ATG. For some reason, I ended up building my own, that probably looked like the early iterations of ATGs. I thought it was going to run outside of the app server, on its own machine. We ended up just running it alongside the existing one, and it was fine.

  Getting back to the Repository API and the personalization, I found myself frustrated by the lack of type safety in building that code. It really was not as neat a fit as the data transfer object design from the rest of the site. I do remember writing some really bad code to work around that. In solving the problem of dynamic data query, it stopped supporting its basic use case.

  But by far the biggest frustration, and I think I speak for all engineers on the project, was the amount of time you had to wait for the Dynamo app server to restart every time you made a change. I later learned that the biggest time chunk in the restart process was the re-indexing of the objects, and we should have turned that off, but that solution didn’t help us on Tavolo. This i

  The restart problem continued to haunt us on follow on projects until we found a hack-work-around. The Pages were in a format called JHTML, a pre-cursor to Java Server Pages. JHTML was dynamically converted to Java when the page was first loaded. It turns out you could do full Java objects within these pages, and they would be dynamically re-created when the page was reloaded. This is a technique I have used on a few occasions in on JSPs after my time at Fort Point.
  
  Possibly the biggest lesson learned from Tavolo is that everyone follows the pattern set by the leadership. The technical lead was dating a night nurse, and thus had little motivation to go home at the end of the day. He tended to start late and work until after midnight. This was the pattern for the whole team. Most of use were young, and didn’t have families, so it was fine, although it did mess with my Rock Climbing schedule. I think we all enjoyed (to some degree) the craziness of working until 4 in the morning, going home to sleep until noon, and the coming back the next day.

  Until that point, I had been completely removed from the customer side of the business. With Fort Point’s approach, I found myself at in front of the customer a few times, both early on for the offsite planning, and as we progressed. This pattern would continue with other projects, as one aspect of consulting is that you often find yourself integrated into the customers work-force, either building something to hand over to them, or expanding something they did, or figuring out how to get things to work together. I also got to work with partners on the integration effort. All of this helped me to understand the process of software development and deployment much better than I had in the past.

  Many years later, Fort Point was bought by Adobe, which is why www.fortpoint.com redirectes to Adobe’s site.

• Luca Ciavatta Virtual Machines. VMware Workstation Pro and Alternatives in 2025

  In an era where software testing, cross-platform development, and cyber hygiene are increasingly vital, virtual machines (VMs) have become indispensable. They offer a way to run entire operating systems—Windows, Linux, or even macOS—inside another OS environment, with no need to repartition disks, dual boot, or invest in additional hardware. Whether you’re a developer, a cybersecurity enthusiast, or just a curious power user, VMs are a sandbox of opportunity.

  In a surprising move following its acquisition by Broadcom, VMware made Workstation Pro free for personal use in May 2024, turning the tides in a market dominated by open-source solutions like VirtualBox. This article explores VMware Workstation Pro in-depth, its use cases, performance, macOS compatibility, and viable alternatives.

  ---

  Why Choose VMware Workstation Pro?

  

  VMware Workstation Pro has long been a professional favorite. Its robust performance, feature-rich environment, and hardware-accelerated virtualization make it ideal for everything from software testing to enterprise development environments.

  Historically priced at over $200/€200, it’s now available free of charge for personal use, while businesses still require a $120/year (€119/year) commercial license.

  Key Advantages

  • Superior Performance: Unlike VirtualBox, VMware harnesses native virtualization features like Intel VT-x or AMD-V with greater efficiency.
  • Snapshots & Clones: Save and revert VM states easily for testing and rollback scenarios.
  • Hardware Compatibility: Better handling of USB passthrough, GPU acceleration, and networking modes (NAT, Bridge, Host-Only).
  • Seamless Integration: Drag and drop, shared clipboard, and folder sharing enhance productivity.
  • Cross-Platform Support: Native support on Windows and Linux; with some workarounds, you can also use VMs on macOS.

  ---

  System Requirements

  To run VMware Workstation Pro efficiently, make sure your host machine meets or exceeds the following specs:

  Component	Minimum	Recommended
  CPU	64-bit with VT-x or AMD-V	Intel Core i5 / Ryzen 5 or better
  RAM	4 GB	8 GB or more
  Disk Space	1.5 GB (software) + 10–50 GB per VM	SSD for optimal performance
  Host OS	Windows 10/11 or modern Linux distros	Windows 11 Pro, Ubuntu 24.04
  Graphics	Optional 3D acceleration	Dedicated GPU for development/testing

  Tip: To enable virtualization, access your BIOS/UEFI (usually F2 or DEL during boot) and activate Intel VT-x or AMD-V.

  Installing VMware Workstation Pro (Windows & Linux)

  1. Download the installer from the VMware official site.
  2. Choose your platform: Windows (.exe) or Linux (.bundle).
  3. Run the installer with administrative privileges.
  4. Skip the license key when prompted if using for personal use.
  5. Avoid syncing your VM files with cloud folders like OneDrive or Dropbox—VMs are large and may cause sync issues or corruption.

  On Linux, use the command line:

  sudo chmod +x VMware-Workstation-Full-*.bundle
  sudo ./VMware-Workstation-Full-*.bundle

  Creating Your First Virtual Machine

  Launching a VM with VMware is straightforward yet powerful:

  Quick Setup (Typical Mode)

  1. Launch VMware and click “Create a New Virtual Machine.�
  2. Choose “Typical (recommended)� to skip advanced configuration.
  3. Attach an ISO file—download Windows from Microsoft or Linux from Ubuntu.
  4. Optionally enter a product key for Windows or set up a username.
  5. Assign a name and storage path for the VM.
  6. Allocate resources:
     • 2–4 GB RAM for Windows
     • 1 GB RAM for Linux
     • 20–40 GB disk space
  7. Click Finish and start your virtual journey.

  ---

  

  Run Windows, Linux and other virtual machines with VMware Workstation Pro for Windows and Linux or VMware Fusion for Mac, the industry standard desktop hypervisors.

  Build and test nearly any app with the world’s leading desktop hypervisor app for Windows and Linux.

  ---

  Optimizing VM Performance

  Even on modest systems, VMware lets you squeeze more out of your virtual machines. Here’s how:

  1. Tune Resource Allocation

  • Increase RAM and CPU cores—without starving the host.
  • Enable hardware-assisted virtualization in VM settings.

  2. Enable VMware Tools

  This set of drivers improves:

  • Video performance
  • Clipboard sharing
  • Time sync
  • File dragging and dropping

  To install:

  • Go to VM > Install VMware Tools (the ISO is mounted automatically).

  3. Configure Network Modes

  • NAT: Default and safe for most users.
  • Bridged: Lets the VM appear as a real machine on the local network.
  • Host-Only: Isolated network for safe testing.

  4. Use Snapshots & Clones

  Snapshots allow point-in-time backups. If something breaks, just roll back.

  VM > Snapshot > Take Snapshot

  
  You can even clone VMs for parallel testing.

  macOS and Virtualization: The Legal and Technical Landscape

  Running macOS as a Guest

  By default, VMware does not support macOS guests unless you’re on a Mac using VMware Fusion. However, unofficial patches like the macOS Unlocker (used at your own risk) enable macOS installation on VMware Workstation for educational use.

  You will need:

  • VMware Workstation Pro (on Windows or Linux)
  • macOS Unlocker (e.g., via GitHub: paolo-projects/auto-unlocker)
  • macOS installation ISO (legally obtained from Apple’s site)

  Disclaimer: Installing macOS on non-Apple hardware violates Apple’s EULA and is not supported by VMware.

  Running VMs on macOS

  For Mac users, the counterpart is VMware Fusion—a polished, professional virtualization suite with native M1/M2 chip support as of version 13.

  Requirements:

  • macOS 12 or higher
  • 8+ GB RAM
  • Apple Silicon or Intel-based Mac

  Fusion has both Pro (paid) and Player (free for personal use) versions. Download it from VMware Fusion’s official page.

  ---

  Use Cases: How Real People Use Virtual Machines

  1. Software Testing

  Test apps across different OSes without maintaining physical test devices.

  2. Web Development

  Run LAMP or MEAN stacks in isolated environments.

  3. Cybersecurity

  Use Kali Linux or Parrot OS to run penetration tests in a sandbox.

  4. OS Experimentation

  Try new Linux distros like Fedora or Arch without touching your main setup.

  5. Legacy Software Support

  Run Windows XP or 7 for apps that don’t support modern Windows.

  6. Gaming Mods

  Install niche game mods or utilities that could harm your primary OS.

  ---

  Free Alternatives to VMware Workstation Pro

  Though VMware is now free for personal use, it’s not the only option. Here are notable alternatives:

  Tool	Pros	Cons
  VirtualBox	Free, cross-platform, good community support	Slower performance, weaker 3D support
  Hyper-V (Windows Pro)	Native, low overhead	Not user-friendly for beginners
  GNOME Boxes (Linux)	Simple, great for quick tests	Limited features
  UTM (macOS)	Native on M1/M2, runs VMs and emulators	UI not as advanced
  Parallels Desktop (macOS)	Optimized for Mac	Paid only

  Best Practices for Virtualization in 2025

  Keep Host OS Updated

  Virtualization exploits often target host kernels. Stay patched.

  Use SSDs or NVMe Drives

  VMs benefit enormously from fast read/write speeds.

  Encrypt VMs

  Use full-disk encryption inside the VM, especially for sensitive data.

  Isolate Networks

  Use Host-Only or NAT to prevent VMs from exposing your entire LAN.

  Backup Snapshots

  Keep copies of VM states for recovery. Use version control for code.

  ---

  Final Thoughts

  Virtualization has transitioned from a niche capability to a mainstream necessity. With Broadcom’s decision to make VMware Workstation Pro free for personal use, more users can now enjoy a professional-grade hypervisor without the cost barrier.

  

  Whether you’re experimenting with Linux, testing risky software, or building a sandboxed dev environment, VMware offers a reliable, feature-rich, and now accessible platform. And with tools like Fusion for macOS, VirtualBox for the open-source crowd, or UTM for M-series Macs, there’s a virtual solution for everyone.

  In a world trending toward cloud everything, the power to run isolated, fully offline virtual operating systems is a liberating option—especially when it doesn’t come with a monthly fee.

  ---

  Resources & Further Reading

  • VMware Workstation Pro – Official Site
  • Download Ubuntu ISO
  • Windows 10 ISO Download
  • VirtualBox Official Site
  • VMware Fusion for Mac
  • macOS Unlocker (Educational Use Only)
  • UTM for macOS

  The post Virtual Machines. VMware Workstation Pro and Alternatives in 2025 appeared first on CIALU.NET.

June 12, 2025

• Stephen Gallagher Trip Report: Flock to Fedora 2025

  Another year, another Fedora contributor conference! This year, Flock to Fedora returned to Prague, Czechia. It’s a beautiful city and always worth taking a long walk around, which is what many of the conference attendees did the day before the conference started officially. Unfortunately, my flight didn’t get in until far too late to attend, but I’m told it was a good time.

  Day One: The Dawn of a New Era

  After going through the usual conference details, including reminders of the Code of Conduct and the ritual Sharing of the WiFI Password, Flock got into full swing. To start things off, we had the FPL Exchange. Once a frequent occurence, sometimes only a few short years apart, this year saw the passing of the torch from Matthew Miller who has held the position for over eleven years (also known as “roughly as long as all of his predecessors, combined”) to his successor Jef Spaleta.

  In a deeply solemn ceremony… okay, I can’t say that with a straight face. Our new Fedora Project Leader made his entrance wearing a large hotdog costume, eliciting laughter and applause. Matthew then proceeded to anoint the new FPL by dubbing him with a large, Fedora Logo-shaped scepter. Our new JefPL gave a brief overview of his career and credentials and we got to know him a bit.

  After that, the other members of FESCo and myself (except Michel Lind, who was unable to make it this year) settled in for a Q&A panel with the Fedora community as we do every year. Some years in the past, we’ve had difficulty filling an hour with questions, but this time was an exception. There were quite a few important topics on peoples’ minds this time around and so it was a lively discussion. In particular, the attendees wanted to know our stances on the use of generative AI in Fedora. I’ll briefly reiterate what I said in person and during my FESCo election interview this year: My stance is that AI should be used to help create choices. It should never be used to make decisions. I’ll go into that in greater detail in a future blog post.

  After a brief refreshment break, the conference launched into a presentation on Forgejo (pronounced For-jay-oh, I discovered). The talk was given by a combination of Fedora and upstream developers, which was fantastic to see. That alone tells me that the right choice was made in selecting Forgejo for out Pagure replacement in Fedora. We got a bit of history around the early development and the fork from Gitea.

  Next up was a talk I had been very excited for. The developers of Bazzite, a downstream Fedora Remix focused on video gaming, gave an excellent talk about the Bootc tools underpinning it and how Fedora provided them with a great platform to work with. Bazzite takes a lot of design cues from Valve Software’s SteamOS and is an excellent replacement OS for the sub-par Windows experience on some of the SteamDeck’s competitors, like the Asus Rog Ally series. It also works great on a desktop for gamers and I’ve recommended it to several friends and colleagues.

  After lunch, I attended the Log Detective presentation, given by Tomas Tomecek and Jiri Podivin. (Full disclosure: this is the project I’m currently working on.) They talked about how we are developing a tool to help package maintainers quickly process the logs of build failures to save time and get fixes implemented rapidly. They made sure to note that Log Detective is available as part of the contribution pipeline for CentOS Stream now and support for Fedora is coming in the near future.

  After that, I spent most of the remainder of the day involved in the “Hallway Track”. I sat down with quite a few Fedora Friends and colleagues to discuss Log Detective, AI in general and various other FESCo topics. I’ll freely admit that, after a long journey from the US that had only gotten in at 1am that day, I was quite jet-lagged and have only my notes to remember this part of the day. I went back to my room to grab a quick nap before heading out to dinner at a nearby Ukrainian restaurant with a few old friends.

  That evening, Flock held a small social event at an unusual nearby pub. GEEKÁRNA was quite entertaining, with some impressive murals of science fiction, fantasy and videogame characters around the walls. Flock had its annual International Candy Swap event there, and I engaged in my annual tradition of exchanging book recommendations with Kevin Fenzi.

  Day Two: To Serve Man

  Despite my increasing exhaustion from jet lag, I found the second day of the conference to be exceedingly useful, though I again did not attend a high number of talks. One talk that I made a particular effort to attend was the Fedora Server Edition talk. I was quite interested to hear from Peter Boy and Emmanuel Seyman about the results of the Fedora Server user survey that they conducted over the past year. The big takeaway there was that a large percentage of Fedorans use Fedora Server as a “home lab server” and that this is a constituency that we are under-serving today.

  After the session, I sat down with Peter, Emmanuel and Aleksandra Fedorova and we spent a long while discussing some things that we would like to see in this space. In particular, we suggested that we want to see more Cockpit extensions for installing and managing common services. In particular, what I pitched would be something like an “App Store” for server applications running in containers/quadlets, with Cockpit providing a simple configuration interface for it. In some ways, this was a resurrection of an old idea. Simplifying the install experience for popular home lab applications could be a good way to differentiate Fedora Server from the other Editions and bring some fresh interest to the project.

  After lunch, I spent most of the early afternoon drafting a speech that I would be giving at the evening event, with some help from Aoife Moloney and a few others. As a result, I didn’t see many of the talks, though I did make sure to attend the Fedora Council AMA (Ask Me Anything) session.

  The social event that evening was a boat cruise along the Vltava River, which offered some stunning views of the architecture of Prague. As part of this cruise, I also gave a speech to honor Matthew Miller’s time as Fedora Project Leader and wish him well on his next endeavors at Red Hat. Unfortunately, due to technical issues with the A/V system, the audio did not broadcast throughout the ship. We provided Matthew with a graduation cap and gown and Aoife bestowed upon him a rubber duck in lieu of a diploma.

  Day Three: Work It!

  The final day of the conference was filled with workshops and hacking sessions. I participated in three of these, all of which were extremely valuable.

  The first workshop of the day was for Log Detective. Several of the attendees were interested in working with the project and we spent most of the session discussing the API, as well as collecting some feedback around recommendations to improve and secure it.

  After lunch, I attended the Forgejo workshop. We had a lengthy (and at times, heated) discussion on how to replace our current Pagure implementation of dist-git with a Forgejo implementation. I spent a fair bit of the workshop advocating for using the migration to Forgejo as an opportunity to modernize our build pipeline, with a process built around merge requests, draft builds and CI pipelines. Not everyone was convinced, with a fair number of people arguing that we should just reimplement what we have today with Forgejo. We’ll see how things go a little further down the line, I suppose.

  The last workshop of the day was a session that Zbigniew Jędrzejewski-Szmek and I ran on eliminating RPM scriptlets from packages. In an effort to simplify life for Image Mode and virtualization (as well as keep updates more deterministic), Zbigniew and I have been on a multi-year campaign to remove all scriptlets from Fedora’s shipped RPMs. Our efforts have borne fruit and we are now finally nearing the end of our journey. Zbigniew presented on how systemd and RPM now has native support for creating users and groups, which was one of the last big usages of scriptlets. In this workshop, we solicited help and suggestions on how to clean up the remaining ones, such as the use of the alternatives system and updates for SELinux policies. Hopefully by next Flock, we’ll be able to announce that we’re finished!

  With the end of that session came the end of Flock. We packed up our things and I headed off to dinner with several of the Fedora QA folks, then headed back to my room to sleep and depart for the US in the morning. I’d call it time well spent, though in the future I think I’ll plan to arrive a day earlier so I’m not so tired on the first day of sessions.

• Fedora fans انتشار رسمی Rocky Linux 10

  

  تیم Rocky Linux با خوشحالی اعلام کرد که نسخه‌ی Rocky Linux 10.0 به‌صورت GA (General Availability) در دسترس قرار گرفته است. تصاویر (image/iso) جدید نصب، کانتینر، کلاد و live آماده‌ی دانلود هستند. ️ تغییرات مهم پشتیبانی از معماری‌های جدید: اکنون نسخه ۱۰ فقط از معماری‌های x86-64-v3، ARM (aarch64)، RISC‑V (riscv64)، IBM POWER (ppc64le) و IBM […]

  The post انتشار رسمی Rocky Linux 10 first appeared on طرفداران فدورا.

June 11, 2025

• Lennart Poettering ASG! 2025 CfP Closes Tomorrow!

  The All Systems Go! 2025 Call for Participation Closes Tomorrow!

  The Call for Participation (CFP) for All Systems Go! 2025 will close tomorrow, on 13th of June! We’d like to invite you to submit your proposals for consideration to the CFP submission site quickly!

• Charles-Antoine Couret 20 ans de Fedora-fr : huitième entretien avec Jean-Baptiste mainteneur de la traduction française

  Introduction

  Dans le cadre des 20 ans de Fedora-fr (et du Projet Fedora en lui-même), Charles-Antoine Couret (Renault) et Nicolas Berrehouc (Nicosss) avons souhaité poser des questions à des contributeurs francophones du Projet Fedora et de Fedora-fr.

  Grâce à la diversité des profils, cela permet de voir le fonctionnement du Projet Fedora sous différents angles pour voir le projet au delà de la distribution mais aussi comment il est organisé et conçu. Notons que sur certains points, certaines remarques restent d'application pour d'autres distributions.

  N'oublions pas que le Projet Fedora reste un projet mondial et un travail d'équipe ce que ces entretiens ne permettent pas forcément de refléter. Mais la communauté francophone a de la chance d'avoir suffisamment de contributeurs de qualité pour permettre d'avoir un aperçu de beaucoup de sous projets de la distribution.

  Chaque semaine un nouvel entretien sera publié sur le forum Fedora-fr.org, linuxfr.org et mon blog ici même.

  L'entretien du jour concerne Jean-Baptiste Holcroft, un des mainteneurs de la traduction française de Fedora.

  Entretien

  Bonjour Jean-Baptiste, peux-tu présenter brièvement tes contributions au projet Fedora ?

  Gêné par des traductions partielles de logiciels que je trouve super, j'ai aidé d'abords en signalant des problèmes, puis en traduisant, et ne voyant pas les traductions arriver, à fluidifier le processus de traduction.

  Ayant compris le fonctionnement, grâce à la communauté, j'ai voulu aider cette communauté à être plus efficace, en migrant sur la très bonne plateforme de traduction Weblate, en permettant la traduction de la totalité de la documentation de Fedora (on parle ici de 3,5 millions de mots, de milliers de pages).

  Transifex, la plateforme précédente, ne permettait pas un travail collectif efficace (entre les traducteurices et entre traducteurices-projets de développement).

  Avec l'expérience, j'ai constaté que la communauté du logiciel libre propose une expérience désastreuse pour les traducteurs, le coût de traduction vs l'effort nécessaire pour traduire tout un système d'exploitation est monstrueux, j'ai maintenant voulu rendre cela perceptible et accessible à tous (ce site est moche, sa valeur est la mesure de traduction transverse).

  Qu'est-ce qui fait que tu es venu sur Fedora et que tu y es resté ?

  Ses valeurs en tant que communauté m'ont intéressées.

  Fedora accueille les contributeurs, leur permet de gagner en responsabilité, de financer des initiatives et de grandir en tant que personne. Si mon implication varie dans le temps, ce n'est qu'une question de temps disponible.

  Pourquoi contribuer à Fedora en particulier ?

  La ligne est claire, au plus proche des créateurs de logiciels libre, en collaboration, que du logiciel libre et très fiable. C'est une mentalité que je trouve excellente et dans laquelle je me sens à l'aise.

  Contribues-tu à d'autres Logiciels Libres ? Si oui, lesquels et comment ?

  J'ai contribué pendant quelques temps au projet YunoHost sur les thèmes de la traduction, de l'internationalisation et de l'empaquetage de logiciels. Ce projet est mature et autonome sur ces deux sujets, ayant moins de temps, j'ai arrêté d'y contribuer. Je continue à l'utiliser au quotidien car je le considère aussi stable que Fedora pour gérer mon serveur personnel avec mes emails, mes fichiers, mes contacts, etc. Aujourd'hui, je m'intérresse plutôt à notre efficacité collective plutôt qu'un projet en particulier.

  Est-ce que tes contributions à Fedora sont un atout direct ou indirect dans ta vie professionnelle ? Si oui, de quelle façon ?

  Toute la culture technique gagnée en lisant l'actualité des projets, en contribuant via des rapports de bugs, des traductions, des développements m'ont aidé pour obtenir mon emploi actuel, et pour mon travail au quotidien.

  Le logiciel libre et le fait d'y contribuer, même modestement est un lien réel, concret et palpable, très loin de l'informatique fantasmée qui ne fait le bonheur que du porte-monnaie et du pouvoir des puissants.

  Dans le travail, qu'il soit lucratif, amical ou militant, je veux du concret qui nous aide à avancer, et c'est une valeur très forte du logiciel libre.

  Tu as maintenu la traduction française de Fedora pendant des années, peux-tu nous expliquer l'importance de la traduction et même de l'internationalisation dans ce genre de projets ?

  Le logiciel libre est un outil de lutte contre l'appropriation des communs par une minorité. Si on veut qu'il soit un outil d'émancipation des masse, on veut réduire les barrières à l'utilisation, tout en respectant les singularités de ses utilisateurs et utilisatrices. Un utilisateur de logiciel ne devrait pas avoir à apprendre une nouvelle langue pour utiliser un outil émmancipateur et respectueux, d'où l'intérêt de ces activités.

  Traduire un logiciel est une activité complexe, quelles sont les difficultés rencontrées lors de cette activité ?

  Traduire est la partie facile, ça consomme très peu de temps, ce qui est compliqué c'est :

  • savoir où traduire - trouver quel logiciel affiche la chaîne, trouver où il est hébergé, comprendre quelle version est à traduire, etc
  • demander de pouvoir traduire un logiciel - tout n'est pas traduisible, notre pouvoir pour faire évoluer ça en tant que traducteurice est faible
  • comprendre comment traduire - l'idéal c'est Weblate directement lié au dépôt de logiciel du dépôt, le pire c'est l'ouverture de Pull Request
  • maintenir les traductions dans le temps - pour chaque projet

  Tu as participé à la migration de la plateforme de traduction Zanata vers Weblate, peux-tu revenir sur cette tâche et les motivations derrière cette décision ?

  Weblate est un outil de traduction performant, qui facilite la vie des créateurices de logiciels et des traducteurices. Cet outil est proche du dépôt de code source et permet beaucoup d'autonomie aux traducteurices pour s'organiser comme iels le souhaitent, tracer les modifications, être notifiés, etc.

  Zanata, ben c'était un objet ok pour traduire, mais c'est tout, tout le reste était déficient. A titre d'illustration, pour savoir si une traduction a été modifiée, je devais aller regarder sur chaque phrase l'historique des modifications. Sur Weblate, l'historique est transparent et efficace, et permet de filtrer par langue, projet, composants et type de changements. Voici par exemple l'historique des changements de traduction en Français sur tous les projets. Quand Weblate est arrivé, j'ai activement démontré la pertinence de ce projet et poussé le sujet pour que nous soyons plus efficaces.

  Tu as également participé à obtenir des statistiques de traduction au sein du projet Fedora, quel intérêt à cela et comment cela a été mis en œuvre ?

  C'est un sujet génial, mais c'est légèrement compliqué, voici une simplification : Une distribution Linux, c'est l'assemblage de milliers de logiciels, des lignes de code contenues dans les paquets. Chaque paquet est disponible au téléchargement sur des mirroirs, on y retrouve même les paquets d'il y a plusieurs années (j'arrive à exploiter les données jusqu'à Fedora 7 sortie en mai 2007).

  En suivant de près le fonctionnement de Weblate, je me suis rendu compte que le créateur de Weblate a créé des petits outils pour : avoir des listes de tous les codes de langues connus, et d'auto-détection des fichiers de traduction.

  La mécanique va donc :

  • télécharger chaque paquet existant dans Fedora
  • en extraire le code source
  • lancer l'auto-détection des fichiers de traduction
  • calculer pour chaque fichier le pourcentage d'avancement
  • agréger les résultats par langue grâce aux codes connus
  • puis générer un site web pour afficher les résultats

  Avec mon ordinateur, cela m'a pris plus de dix jours de calcul en continu, et le téléchargement de 2 To de données pour réussir à avoir une vue sur plus de 15 ans de la distribution Fedora. Je n'ai malheureusement pas encore eu le temps d'en faire une rétrospective pertinente dans le cadre d'une conférence, faute de temps pour analyser les données. Pour l'instant, la seule partie visible est le site https://languages.fedoraproject.org. J'espère avancer sur ce sujet pour la rencontre annuelle 2025 du projet Fedora et le FOSDEM 2026.

  La traduction est une activité spécifique pour chaque langue mais tout le monde a des problèmes communs vis à vis de l'outillage ou des situations complexes, y a-t-il des collaborations entre les différentes équipes de traduction dans Fedora ?

  D'une façon générale, résoudre un problème pour une langue résous systématiquement un problème pour une autre langue. Les traducteurs et traductrices se soutiennent beaucoup notamment pour ces raisons, soutenez-les vous aussi !

  L'absence de centralisation dans cette activité rend la cohérence des traductions dans l'ensemble des logiciels libres très complexe. Peux-tu nous expliquer ces difficultés ? Est-ce qu'il y a une volonté francophone notamment d'essayer de résoudre le problème en collaborant ensemble d'une certaine façon sur ces problématiques ?

  Un logiciel est une création, sa communauté peut être plus ou moins inclusive et pointue sur certaines traductions. La cohérence vient avec les usages et évolue comme la langue de façon progressive et délocalisée. On pourrait imaginer proposer des outils, mais si c'est un sujet très important, ce n'est pour l'instant pas mon combat. Je vois ça comme un problème de privilégié, car spécifique aux langues ayant suffisamment de traduction, alors que la quasi totalité des langues en ont très peu et sont incapables de tenir le rythme exigé par l'évolution de nos logiciels libres.

  Je voudrais d'abord démontrer et faire acter à la communauté du logiciel libre qu'il y a urgence à améliorer notre efficacité avec des changements de processus et de l'outillage. Cet outillage pourrait sûrement permettre d'améliorer la cohérence.

  Fedora n'est sans doute pas le projet le plus avancé sur la question de l'internationalisation malgré ses progrès au fil des ans, qu'est-ce que le projet Fedora pourrait faire à ce sujet pour améliorer la situation ?

  Si on veut faciliter la vie des traducteurices, il faudrait envisager de permettre de traduire à l'échelle de Fedora, de façon distincte des traductions de chaque projet, comme le fait Ubuntu. Le problème, c'est qu'Ubuntu utilise des outils médiocres (Launchpad) et n'a pas de moyen automatiser pour renvoyer ce travail aux créateurs de logiciels. Fedora pourrait innover sur ce sujet, et réussir à faire les deux avec une bonne plateforme de traduction (Weblate) et beaucoup d'outillage pour partager ce travail avec les différentes communauté, les utilisateurices y gagneraient en confort, les traducteurices en efficacité et les projets en contributions.

  Quelque chose à ajouter ?

  Un grand merci à la communauté francophone de Fedora, à la communauté Fedora et à l'ensemble des communautés qui collaborent tous les jours pour nous permettre d'avoir des outils émancipateurs et qui nous respectent. Le travail réalisé au quotidien est exceptionnellement utile et précieux, merci, merci et merci.

  Gardons à l'esprit que le logiciel n'est qu'un outil au service d'autres luttes dans lesquelles nous devons prendre notre part.

  Merci Jean-Baptiste pour ta contribution !

  Conclusion

  Nous espérons que cet entretien vous a permis d'en découvrir un peu plus sur le site Fedora-fr.

  Si vous avez des questions ou que vous souhaitez participer au Projet Fedora ou Fedora-fr, ou simplement l'utiliser et l'installer sur votre machine, n'hésitez pas à en discuter avec nous en commentaire ou sur le forum Fedora-fr.

  À dans 10 jours pour un entretien avec Nicolas Berrehouc, contributeur de Fedora-fr et mainteneur de sa documentation.

June 09, 2025

• Dave Airlie radv: vulkan VP9 video decode

  The Vulkan WG has released VK_KHR_video_decode_vp9. I did initial work on a Mesa extensions for this a good while back, and I've updated the radv code with help from AMD and Igalia to the final specification.

  There is an open MR[1] for radv to add support for vp9 decoding on navi10+ with the latest firmware images in linux-firmware. It is currently passing all VK-GL-CTS tests for VP9 decode.

  Adding this decode extension is a big milestone for me as I think it now covers all the reasons I originally got involved in Vulkan Video as signed off, there is still lots to do and I'll stay involved, but it's been great to see the contributions from others and how there is a bit of Vulkan Video community upstream in Mesa.

   [1] https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/35398

   

• Kevin Fenzi Flock to fedora 2025

  

  Just got home yesterday from Flock to Fedora 2025 edition and I'm going to try and write up my thoughts before I get busy and forget everything. Do note that this is likely to be a long post.

  Flock is always a great conference and this year was no exception. This time I was very busy and distracted by the upcoming Datacenter move, so I didn't anticipate it as much as I usually do, but it sure was great once I got there. I'm an introvert by nature, and the prospect of being "on" and engaging with the world and all the people at the conference should drain me, but flock somehow manages to leave me energized (in mind / feelings at least) if exhausted in body.

  Day -2 (monday 2025-06-02)

  My travels started on Monday the 2nd. I got up early, grabbed a cup of coffee and checked in on things before heading for the airport. It's a great thing I did as I managed to block some scrapers that were causing the python mass rebuild to go very very slowly. Pesky scrapers. Then 2 hour drive to the airport in Portland. Some traffic, but no real delays. Then a quick bite to eat and my first flight: PDX to AMS. It's about a 9 hour flight, which is pretty crazy, but I definitely like it better than more smaller hops. There's less to go wrong.

  As a side note, I cannot stress to others enough how much noise canceling headphones really make plane flights more bearable. They cut off the nasty drone of the engines/wind and make it vastly less painfull. I wore my headphones with noise canceling on all the time, even when I wasn't listening to anything.

  On these long flights I can't really sleep, so I like to read ebooks and catch up on podcasts. This flight I listened to some great song exploder episodes ( "our house" and "everybody wants to rule the world") and some radiolab and others.

  Then arrival in AMS. I only had a 1.5 hour layover, which it turned out was just perfectly timed. I managed to get through the customs line and to the new gate just before they started boarding for Pague. They did make me check my bag here because the flight was so full, but that was fine.

  Day -1 (tuesday 2025-06-03)

  Got into Prague, got my bag and got a uber to the hotel. The hotel checkin was not until 3pm according to their website but they managed to already have my room ready, so I was able to check in and decompress.

  I then met Carl and Noel at a resturant nearby for a nice lunch. We chatted on all kinds of topics.

  Back to the hotel to relax a bit. I was determined to try and stay up and go to sleep later so my schedule would shift, but then I decided to just lay down for a few minutes and bam! I did wake up around 8pm local time and went back to bed, and I did wake up early, but that was after getting a lot of sleep.

  Day 0 (wed 2025-06-04)

  I met up with tons of folks at breakfast at the hotel and we went over to the venue. The hotel I was staying at was about 1.5 blocks from the venue hotel, it worked out just fine.

  Some of us went to a outside air food court place for lunch. It was nice. I had some tacos and we had some more conversations at the lunch table.

  The afternoon I went to a meetup between fesco and council members that were present. I think there was some productive discussion there. There were a lot of suggestions on how fesco and the council could communicate more and how the council could communicate better with the communty and what sort of workflows might make sense. I think it mostly resulted in some council action items, but also on the fesco side more communication to the council on difficult topics.

  After that I was off to the sponsor dinner. This is a dinner with folks from the groups/companies that sponsored flock along with fesco and council members. This time it was at a lovely resturant that was a 600+ year old underground wine cellar! https://www.napekle.cz/en/ The food was great and the conversations were also... great!

  Back to the hotel and in bed around midnight.

  Day 1 (thursday 2025-06-05)

  Flock begins!

  We had opening remarks and handoff of the Fedora Project Leader baton (wand? septere? curling boom?). I was hit by how long I have been around this community. I met Jef back in the fedora.us/fedora-extras days, almost 20 years ago now, and Matthew showing a picture of his kids when he first became FPL and now and how much they had grown. We are all getting older and we really need to bring in new folks to carry the fedora foundations forward.

  Then, right after that was the 'meet your FESCo' panel. We didn't have all FESCo members present, but a good many of them. We did a quick introduction and then took questions from the audience. I'm glad Peter was there and asked about the provenpackager stuff from eariler this year. I hope answers were helpfull. There were questions all over the place, new arches, ai, workflows, provenpackagers, etc. Do view the video if you are interested.

  Next I had planned to go to the forgejo talk, but then... as with so many times in this flock, I got in discussions in the 'hallway track' with people and wasn't able to make it there in time. :( I hope to catch the recording (along with many other talks).

  Then lunch at the venue, but this time I signed up for the mentor/metee lunch matching. There was only 3 of us at the Infra/Releng table, but we had a great time I thought. I was happy to share what I could, and Justin and Hristo had a lot of good perspectives. I hope I helped them out, and I know they gave me things to think about. Overall it was very nice. It might have been better with more people, but I'd definitely sign up for this again at another flock.

  After lunch I spent a lot of time in the hallway track talking to folks. One super great surprise was that Toshio was there! I got to chat with him a bunch over flock and it was so nice to see him again. Later the next day another person I hadn't seen in a while appeared too: Vipul! I hadn't been too much in touch with him since he moved to a new job at the UN, but it was super great to see him as well (even though I did not recognize him at first with his new glasses!).

  It would likely be too hard to list all the people I talked to about all the things I talked to them about but some themes became clear:

  • There was a lot of talk about AI. Yes, the usual funny stores about how AI got it wrong or was used in a stupid way, but also a lot of 'how can we leverage this stuff in a resonable way and how can we make AI more in fitting with our foundations'.

  • A lot of discussion about community building, communication and bringing in new contributors.

  I did mange to get to Greg's talk on "Build it and they will come" and other myths. Some great stuff there around community building. I particularly liked some of the examples, which showed things we do wrong all the time. Things to think about and leverage.

  Then, thursday night we had a CLE dinner for all the members of my team in Red Hat. It turned out to be at the same place we went for lunch on tuesday, but thats fine. It was good. Some good converations there where I got to chat with Julia and Patrik (although it was kind of loud there, so it was hard hearing anything).

  After that some of us rushed off to the Candy Swap. Always a fun event. This time it wasn't at the venue, but instead at a 'games cafe'. They had a full bar there and a bunch of games. It was kind of small, but it worked out ok for our crowd. After the candy swap I got to chat with Stephen about books and movies. We always catch up this way and share nice books we have read. We were joined by Peter and Troy too, so I have a list of books to look up now.

  Day 2 (Friday 2025-06-06)

  Friday came too early after too little sleep.

  I went to the 'what about a better dist-git' talk. Some nice information there, but I think I knew much of it before. There were some good questions starting, but I got pulled out to the hallway track, so I will need to look back at those.

  Some more hallway discussions and then off to the "One year in: Microsoft as a Fedora Contributor" talk by Bex. It was great to see the parts of the project that microsoft folks are contributing to, I don't think many people realize it, so it was great to get some visibility to their efforts. I'm personally very happy that Jeremy has been helping out with our signing infra and cloud uploads. Thats really important stuff that we didn't have anyone to drive forward until he was able to do so.

  I really planned to go to the Fedora Server talk next, but then again I got into discussions in the hallway until I had missed it. :(

  After lunch I went to some lightning talks. This was a last minute thing as the speaker in that slot was not able to be there, but wow... fedora contributors are always ready with talks a the drop of a fedora. I really liked Emma's presentation about design. It's not something developers think about or realize, but we should! Lots of other great ones too!

  I went to Greg's discourse tips and tricks. Learned a few things, but I would definitely recommend people who aren't up on discourse to watch the recording. It will help you out getting started!

  Then more hallway and the Fedora Council AMA. There were some good questions here and some good discussions about various council related topics. I probibly need to watch the recording even thought I was there because I was tired after a long day.

  There was there some short closing remarks (even though there would be workshops the following day) from Justin. he thanked all the folks who helped make flock happen and gave info on the evening event and workshops the next day. There was one thing missing however: We should have all thanked Justin! I know flock is a massive undertaking, and I am sure there were issues I have no idea about, but from my side flock was a great success! Thank you Justin!

  The evening event was a boat ride with dinner. We did this same event last time flock was in pague. It was fun then and again now. I had Troy and Evan and Jens at my dinner table and we had a bunch of great discussion about shirts, travel, home assistant, people we all knew and more. Then after dinner everyone mingled on the top deck until they kicked us off the boat around 10pm.

  A group of us then went to a beer place near the hotel for a few more beers. Some more talk there about... lots of things. I managed to get back and in bed around midnight (thats the theme).

  Day 3 (Saturday 2025-06-07)

  The last day was workshops and breakouts. I went to the start of the initial setup hackfest, but I knew much of the information that they were going over, so I allowed myself to be pulled into the hallway again.

  After lunch, I went to the distgit implementation in forgejo talk. There was some good discussion about workflows and how things could work. We did get a bit off topic I think with talking about provenpackagers, but I guess it's all related. I'm really looking forward to us using forgejo here.

  I did go to Aurélien's improve fedora infra applications, but again I kind of knew the background here, so I got pulled off into some other things:

  • I had a (I hope) nice talk with Peter about server setup and deliverables. I do owe him some more docs/info on one part of it I could not happen to recall, but hopefully this gives him info he needs to work on the server deliverables some more.

  • A talk with a few folks about plans for handling the matrix spam issues. We came up with some proposed short term and longer term plans. Look for plans asking for feedback in the coming weeks. We really need to get things workable there.

  • A nice talk with the person who actually started the opensuse foundation. He was there looking to see if it would be useful to start a fedora one. I don't know the answer, but It sounded very interesting.

  • Got to catch up on ARM stuff with Peter (another one). Always great to talk to him and hopefully we can find some ways forward for the x1e / snapdragon laptops sooner rather than later.

  • The new FPL, Jef. I was in several conversations with him. He seemed to be keeping afloat with all the stuff going on, which I thought was amazing. I'm sure he will be a great FPL.

  • Some good discussions with Greg. He's on my team at Red Hat and working with myself and Fabian on infra, so we were able to have a few higher bandwith discussions that should help us in the coming weeks.

  • Got to catch up a bit with Fabian on a bunch of topics.

  • Had a few nice discussions with Brendan (my grand boss).

  After things closed out a bunch of us went to a Dim Sum place nearby for dinner. More books discussion, along with travels and interesting places.

  I went back to the hotel and crashed before 9am, which was good, because my flight to AMS was at 6am the next day.

  Day 4 (Sunday 2025-06-08)

  Travel back home. Got a cab with Brendan at 4am, got to the airport, through security and onto my first flight in time at 6am. Then, in AMS, walking accross the airport, grabbed a quick breakfast and got to the terminal in time to get on my AMS to PDX flight. On the way back my usual podcast and books didn't work because I was so sleepy. It was hard to pay attention. So, instead I watched a few movies: the new marvel captain america one and the second dune movie. Both were ok, but nothing super amazing. My flight from AMS left at 10am, and arrived in PDX at 11am the same day, but it was definitely not a 1 hour flight.

  I was worried about customs coming back to the US, but it turned out that they just asked me if I had any food, I said nope, they said ok.

  Then the 2 hour drive home. I was pretty sleepy at this point, but I got some cafene and was able to make it home fine finally. There was a lot of stop and go traffic this time, which was anoying, so the drive took an extra hour or so.

  Health and diet

  I'm going to digress here about heath, diet and conferences, so if that doesn't interest you, feel free to skip it.

  I gained weight on this trip, and thats unfortunately pretty usual. I think there's several reasons for this. If you are traveling you may not have much choice of food, or might not know when next you will get food. Breakfast is often included in hotels, and it's almost always a 'all you can eat' buffet type thing. I can eat a lot.

  But also, conferences always seem to put food in front of you, and I am pretty bad about just eating food if it's there. I don't want it to go to waste, and it's something I do as a background.

  Of course the simple answer is to just have more willpower and eat smaller amounts, but it's not simple to do that sometimes. I don't know if there's much that could be done from a conference point of view. I guess less food with coffee/tea/water breaks? Or moving away from buffets?

  Anyhow, something to think about.

  Matrix spam

  The horrific matrix spam ramped up before flock and measures were put into place that blocked it. Some of those measures are pretty heavy handed, but we really did not want to have to handle this junk at flock. As I mentioned above we did some up with some plans, and I hope we can make things still safe but more open soon.

  Some links

  The fedora youtube channel should have talk recordings soon: https://www.youtube.com/@fedora

  The list of talks and slides, etc: https://cfp.fedoraproject.org/flock-to-fedora-2025/schedule/

  comments? additions? reactions?

  As always, comment on mastodon: https://fosstodon.org/@nirik/114655707058309116

• Jakub Kadlčík Flock to Fedora report 2025

  Flock to Fedora is my favorite conference and this year was no exception.

  Too many good presentations and workshops to name them all. But I want to mention at least the most surprising (in a good way) ones. It takes some courage to be the first person to go for a lightning talk, especially when lightning talks aren’t even scheduled and organizers open the floor at the very moment. Smera, I tip my hat to you. Also, I was meaning to ask, how do graphic designers choose the FOSS project they want to work on? As an engineer, I typically get involved in sofware that I use but is broken somehow, or is missing some features. I am curious what is it like for you. Another pleasant surprise was Marta and her efforts to replace grub with nmbl. I will definitely try having no more boot loader. In a VM though, I’d still like to boot my workstation :D.

  Random thoughts

  We bunked with Pavel, which made me think of this office scene.

  Something happened to me repeatedly during this conference and amused me every time. I introduced myself to a person, we talked for five minutes, and then the person asked “so what do you do in Fedora?”. I introduced myself once more, by my nickname. To which the immediate reaction was “Ahaaa, now I know exactly what you do!”. I am still laughing about this. Organizers, please bring back FAS usernames on badges.

  It was nice to hear Copr casually mentioned in every other presentation. It makes the work that much more rewarding.

  My favorite presentation was Bootable Containers: Moving From Concept to Implementation. I’ve spent all my free time over the last couple of months trying to create a bootc image for Copr builders, and seeing Sean falling into and crawling out of all the same traps as myself was just cathartic. We later talked in the hallway and I appreciated how quickly he matched my enthusiasm about the project. He gave me some valuable advice regarding CI/CD for the system images. Man, now I am even more hyped.

  I learned about Fedora Ready, an amazing initiative to partner with laptop vendors and provide a list of devices that officially support Fedora. Slimbook loves Fedora so much that they even offer a laptop with Fedora engravings. How amazing would it be if my employer provided this option for a company laptop? What surprised me, was not seeing System76 on the list. I am a fan of theirs, so I am considering reaching out.

  Feeling a tap on your shoulder 30 seconds after you push a commit is never a good sign. When you turn around, Karolina is looking into your eyes and saying that f’d up, you immediately know that push was a bad idea. For a petite lady, she can be quite terrifying :D. I am exaggerating for effect. We had a nice chat afterward and I pitched an idea for an RPM macro that would remove capped versions from Poetry dependencies. That should make our lives easier, no?

  One of my favorite moments this year was chilling out with Zbigniew on a boat deck, cruising the Vltava River, and watching the sunset over the beautiful city of Prague. Kinda romatic if you ask me. Just joking, but indeed, it was my pleasure to get to know you Zbigniew.

  The JefFPL exchange

  The conference began with a bittersweet moment - the passing of the Fedora Project Leadership mantle from Matthew Miller to Jeff Spaleta.

  I didn’t know Jeff before, probably because he was busy doing really effin cool stuff in Alaska, but we had an opportunity to chat in the hallway after the session. He is friendly, well-spoken, and not being afraid to state his opinions. Good qualities for a leader. That being said, Matthew left giant shoes to fill, so I think it is reasonable not to be overly enthusiastic about the change just yet.

  Matthew, best wishes in your next position, but at the same time, we are sad to see you go.

  FESCo and Fedora Council

  The FESCo Q&A and the Fedora Council AMA were two different sessions on two different days, but I am lumping them together here. Both of them dealt with an unspecified Proven Packager incident, the lack of communication surrounding it, and the inevitable loss of trust as a consequence.

  I respectfully disagree with this sentiment.

  Let’s assume FESCo actions were wrong. So what? I mean, really. Everybody makes mistakes. I wrote bugfixes that introduced twice as many new bugs, I accidentally removed data in production, and I am regularly wrong in my PR comments. Yet I wasn’t fired, demoted, or lost any trust from the community. Everybody makes mistakes, it’s par for the course. Even if FESCo made a mistake (I am not in the position to judge whether they did or not), it would not overshadow the majority of decisions they made right. They didn’t lose any of my trust.

  As for the policies governing Proven Packagers, one incident in a decade does not necessarily imply that new rules are needed. It’s possible to just make a gentlemen’s agreement, shake hands, and move on.

  That being said, I wanted to propose the same thing as Alexandra Fedorova. Proven Packagers are valuable in emergencies, and I think, it is a bad idea to disband them. But requiring +1 from at least one other person before pushing changes, makes sense to me. Alexandra proposed +1 from at least one other Proven Packager, but I would broaden the eligible reviewers to also include Packager Sponsors and FESCo members. I would also suggest requiring the name of the reviewer to be clearly mentioned in the commit description.

  ---

  Don’t be sad if you missed the conference. There are recordings.

June 06, 2025

• Remi Collet ⚙️ PHP version 8.3.22 and 8.4.8

  RPMs of PHP version 8.4.8 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  RPMs of PHP version 8.3.22 are available in the remi-modular repository for Fedora ≥ 40 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

  ℹ� The packages are available for x86_64 and aarch64.

  ℹ� There is no security fix this month, so no update for version 8.1.32 and 8.2.28.

  ⚠� PHP version 8.0 has reached its end of life and is no longer maintained by the PHP project.

  These versions are also available as Software Collections in the remi-safe repository.

  Version announcements:

  • PHP 8.4.8 Release Annoucement
  • PHP 8.3.22 Release Annoucement

  ℹ� Installation: use the Configuration Wizard and choose your version and installation mode.

  Replacement of default PHP by version 8.4 installation (simplest):

  dnf module switch-to php:remi-8.4/common
  

  Parallel installation of version 8.4 as Software Collection

  yum install php84

  Replacement of default PHP by version 8.3 installation (simplest):

  dnf module switch-to php:remi-8.3/common
  

  Parallel installation of version 8.3 as Software Collection

  yum install php83

  And soon in the official updates:

  • Fedora Rawhide now has PHP version 8.4.8
  • Fedora 42 - PHP 8.4.8
  • Fedora 41 - PHP 8.3.22

  ⚠� To be noticed :

  • EL-10 RPMs are built using RHEL-10.0
  • EL-9 RPMs are built using RHEL-9.5 (next builds will use 9.6)
  • EL-8 RPMs are built using RHEL-8.10
  • intl extension now uses libicu74 (version 74.2)
  • mbstring extension (EL builds) now uses oniguruma5php (version 6.9.10, instead of the outdated system library)
  • oci8 extension now uses the RPM of Oracle Instant Client version 23.7 on x86_64 and aarch64
  • a lot of extensions are also available; see the PHP extensions RPM status (from PECL and other sources) page

  ℹ� Information:

  • Migrating from PHP 8.2.x to PHP 8.3.x
  • Migrating from PHP 8.3.x to PHP 8.4.x

  Base packages (php)

  

  

  Software Collections (php83 / php84)

  

  

June 05, 2025

• Matthew Garrett How Twitter could (somewhat) fix their encrypted DMs

  As I wrote in my last post, Twitter's new encrypted DM infrastructure is pretty awful. But the amount of work required to make it somewhat better isn't large.
  
  When Juicebox is used with HSMs, it supports encrypting the communication between the client and the backend. This is handled by generating a unique keypair for each HSM. The public key is provided to the client, while the private key remains within the HSM. Even if you can see the traffic sent to the HSM, it's encrypted using the Noise protocol and so the user's encrypted secret data can't be retrieved.
  
  But this is only useful if you know that the public key corresponds to a private key in the HSM! Right now there's no way to know this, but there's worse - the client doesn't have the public key built into it, it's supplied as a response to an API request made to Twitter's servers. Even if the current keys are associated with the HSMs, Twitter could swap them out with ones that aren't, terminate the encrypted connection at their endpoint, and then fake your query to the HSM and get the encrypted data that way. Worse, this could be done for specific targeted users, without any indication to the user that this has happened, making it almost impossible to detect in general.
  
  This is at least partially fixable. Twitter could prove to a third party that their Juicebox keys were generated in an HSM, and the key material could be moved into clients. This makes attacking individual users more difficult (the backdoor code would need to be shipped in the public client), but can't easily help with the website version[1] even if a framework exists to analyse the clients and verify that the correct public keys are in use.
  
  It's still worse than Signal. Use Signal.
  
  [1] Since they could still just serve backdoored Javascript to specific users. This is, unfortunately, kind of an inherent problem when it comes to web-based clients - we don't have good frameworks to detect whether the site itself is malicious.
  
  comments

• Guillaume Kulakowski SeedboxSync: Synchronise automatiquement ta seedbox avec ton NAS

  Si tu utilises une seedbox pour tes téléchargements torrents, tu sais à quel point ça peut être pénible de devoir transférer les fichiers manuellement vers ton NAS. C’est exactement pour ça que j’ai créé SeedboxSync : un outil simple et léger qui automatise cette étape. SeedboxSync se connecte à ta seedbox via SFTP, et copie […]

  Cet article SeedboxSync: Synchronise automatiquement ta seedbox avec ton NAS est apparu en premier sur Guillaume Kulakowski's blog.

• Matthew Garrett Twitter's new encrypted DMs aren't better than the old ones

  (Edit: Twitter could improve this significantly with very few changes - I wrote about that here. It's unclear why they'd launch without doing that, since it entirely defeats the point of using HSMs)
  
  When Twitter[1] launched encrypted DMs a couple
  of years ago, it was the worst kind of end-to-end
  encrypted - technically e2ee, but in a way that made it relatively easy for Twitter to inject new encryption keys and get everyone's messages anyway. It was also lacking a whole bunch of features such as "sending pictures", so the entire thing was largely a waste of time. But a couple of days ago, Elon announced the arrival of "XChat", a new encrypted message platform built on Rust with (Bitcoin style) encryption, whole new architecture. Maybe this time they've got it right?
  
  tl;dr - no. Use Signal. Twitter can probably obtain your private keys, and admit that they can MITM you and have full access to your metadata.
  
  The new approach is pretty similar to the old one in that it's based on pretty straightforward and well tested cryptographic primitives, but merely using good cryptography doesn't mean you end up with a good solution. This time they've pivoted away from using the underlying cryptographic primitives directly and into higher level abstractions, which is probably a good thing. They're using Libsodium's boxes for message encryption, which is, well, fine? It doesn't offer forward secrecy (if someone's private key is leaked then all existing messages can be decrypted) so it's a long way from the state of the art for a messaging client (Signal's had forward secrecy for over a decade!), but it's not inherently broken or anything. It is, however, written in C, not Rust[2].
  
  That's about the extent of the good news. Twitter's old implementation involved clients generating keypairs and pushing the public key to Twitter. Each client (a physical device or a browser instance) had its own private key, and messages were simply encrypted to every public key associated with an account. This meant that new devices couldn't decrypt old messages, and also meant there was a maximum number of supported devices and terrible scaling issues and it was pretty bad. The new approach generates a keypair and then stores the private key using the Juicebox protocol. Other devices can then retrieve the private key.
  
  Doesn't this mean Twitter has the private key? Well, no. There's a PIN involved, and the PIN is used to generate an encryption key. The stored copy of the private key is encrypted with that key, so if you don't know the PIN you can't decrypt the key. So we brute force the PIN, right? Juicebox actually protects against that - before the backend will hand over the encrypted key, you have to prove knowledge of the PIN to it (this is done in a clever way that doesn't directly reveal the PIN to the backend). If you ask for the key too many times while providing the wrong PIN, access is locked down.
  
  But this is true only if the Juicebox backend is trustworthy. If the backend is controlled by someone untrustworthy[3] then they're going to be able to obtain the encrypted key material (even if it's in an HSM, they can simply watch what comes out of the HSM when the user authenticates if there's no validation of the HSM's keys). And now all they need is the PIN. Turning the PIN into an encryption key is done using the Argon2id key derivation function, using 32 iterations and a memory cost of 16MB (the Juicebox white paper says 16KB, but (a) that's laughably small and (b) the code says 16 * 1024 in an argument that takes kilobytes), which makes it computationally and moderately memory expensive to generate the encryption key used to decrypt the private key. How expensive? Well, on my (not very fast) laptop, that takes less than 0.2 seconds. How many attempts to I need to crack the PIN? Twitter's chosen to fix that to 4 digits, so a maximum of 10,000. You aren't going to need many machines running in parallel to bring this down to a very small amount of time, at which point private keys can, to a first approximation, be extracted at will.
  
  Juicebox attempts to defend against this by supporting sharding your key over multiple backends, and only requiring a subset of those to recover the original. I can't find any evidence that Twitter's does seem to be making use of this,Twitter uses three backends and requires data from at least two, but all the backends used are under x.com so are presumably under Twitter's direct control. Trusting the keystore without needing to trust whoever's hosting it requires a trustworthy communications mechanism between the client and the keystore. If the device you're talking to can prove that it's an HSM that implements the attempt limiting protocol and has no other mechanism to export the data, this can be made to work. Signal makes use of something along these lines using Intel SGX for contact list and settings storage and recovery, and Google and Apple also have documentation about how they handle this in ways that make it difficult for them to obtain backed up key material. Twitter has no documentation of this, and as far as I can tell does nothing to prove that the backend is in any way trustworthy. (Edit to add: The Juicebox API does support authenticated communication between the client and the HSM, but that relies on you having some way to prove that the public key you're presented with corresponds to a private key that only exists in the HSM. Twitter gives you the public key whenever you communicate with them, so even if they've implemented this properly you can't prove they haven't made up a new key and MITMed you the next time you retrieve your key)
  
  On the plus side, Juicebox is written in Rust, so Elon's not 100% wrong. Just mostly wrong.
  
  But ok, at least you've got viable end-to-end encryption even if someone can put in some (not all that much, really) effort to obtain your private key and render it all pointless? Actually no, since you're still relying on the Twitter server to give you the public key of the other party and there's no out of band mechanism to do that or verify the authenticity of that public key at present. Twitter can simply give you a public key where they control the private key, decrypt the message, and then reencrypt it with the intended recipient's key and pass it on. The support page makes it clear that this is a known shortcoming and that it'll be fixed at some point, but they said that about the original encrypted DM support and it never was, so that's probably dependent on whether Elon gets distracted by something else again. And the server knows who and when you're messaging even if they haven't bothered to break your private key, so there's a lot of metadata leakage.
  
  Signal doesn't have these shortcomings. Use Signal.
  
  [1] I'll respect their name change once Elon respects his daughter
  
  [2] There are implementations written in Rust, but Twitter's using the C one with these JNI bindings
  
  [3] Or someone nominally trustworthy but who's been compelled to act against your interests - even if Elon were absolutely committed to protecting all his users, his overarching goals for Twitter require him to have legal presence in multiple jurisdictions that are not necessarily above placing employees in physical danger if there's a perception that they could obtain someone's encryption keys
  
  comments

June 04, 2025

• Adam Young Mapping a PCIe Device to its module on Linux

  The Kernel docs are a little old. They point to the Device Drivers book, which was great, but quite outdated; it was written around version 2.6 and the Kernel is up to 6.15. Here are my notes that go from those docs to where things are today.

  First, the module mapping is no longer in /lib/modules/
  KERNEL_VERSION/modules.pcimap. but rather in the more general /lib/modules/
  KERNEL_VERSION/modules.alias file. For example, if I run lspic, my last entry is:

  
  03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller (rev 15)
  

  Running lspci -k shows the module attached to that device:

  03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller (rev 15)
  Subsystem: Intel Corporation Device 2067
  Kernel driver in use: r8169
  Kernel modules: r8169

  If I look in less /lib/modules/6.15.0-0.rc7.58.fc43.x86_64/modules.alias I see many entries that map to that module:

  alias pci:v000010ECd00005000svsdbcsci* r8169
  alias pci:v000010ECd00003000svsdbcsci* r8169
  alias pci:v000010ECd00008126svsdbcsci* r8169
  alias pci:v000010ECd00008125svsdbcsci* r8169

  But which one is mine? Lets see how much info lspci -vvxxx can give us;

  03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller (rev 15)
  Subsystem: Intel Corporation Device 2067
  Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+
  Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR-
  Kernel driver in use: r8169
  Kernel modules: r8169
  00: ec 10 68 81 07 04 10 00 15 00 00 02 10 00 00 00
  10: 01 e0 00 00 00 00 00 00 04 40 10 91 00 00 00 00
  20: 04 00 10 91 00 00 00 00 00 00 00 00 86 80 67 20
  30: 00 00 00 00 40 00 00 00 00 00 00 00 ff 01 00 00

  If I look a little further down the modules.alias file, I see this line:

  
  
  alias pci:v00000001d00008168svsd00002410bcsci r8169

  And note that the 8168 matches at least on of the entries in RTL8111/8168/8211/8411

  Where as none of the others seem to match. This makes it likely, but not 100%.

  More to come

• Kushal Das OpenSSL legacy and JDK 21

  

  While updating the Edusign validator to a newer version, I had to build the image with JDK 21 (which is there in Debian Sid). And while the application starts, it fails to read the TLS keystore file with a specific error:

  ... 13 common frames omitted
  Caused by: java.lang.IllegalStateException: Could not load store from '/tmp/demo.edusign.sunet.se.p12'
  at org.springframework.boot.ssl.jks.JksSslStoreBundle.loadKeyStore(JksSslStoreBundle.java:140) ~[spring-boot-3.4.4.jar!/:3.4.4]
  at org.springframework.boot.ssl.jks.JksSslStoreBundle.createKeyStore(JksSslStoreBundle.java:107) ~[spring-boot-3.4.4.jar!/:3.4.4]
  ... 25 common frames omitted
  Caused by: java.io.IOException: keystore password was incorrect
  at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2097) ~[na:na]
  at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:228) ~[na:na]
  at java.base/java.security.KeyStore.load(KeyStore.java:1500) ~[na:na]
  at org.springframework.boot.ssl.jks.JksSslStoreBundle.loadKeyStore(JksSslStoreBundle.java:136) ~[spring-boot-3.4.4.jar!/:3.4.4]
  ... 26 common frames omitted
  Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
  ... 30 common frames omitted
  

  I understood that somehow it is not being able to read file due to bad passphrase. But, the same file with same passphrase can be opened by the older version of the application (in the older containers).

  After spending too many hours reading, I finally found the trouble. The openssl was using too new algorithm. By default it will use AES_256_CBC for encryption and PBKDF2 for key derivation. But, if we pass -legacy to the openssl pkcs12 -export command, then it using RC2_CBC or 3DES_CBC for certificate encryption depening if RC2 cipher is enabled.

  This finally solved the issue and the container started cleanly.

• Charles-Antoine Couret 20 ans de Fedora-fr : septième entretien avec Johan ancien contributeur à Fedora-fr

  Introduction

  Dans le cadre des 20 ans de Fedora-fr (et du Projet Fedora en lui-même), Charles-Antoine Couret (Renault) et Nicolas Berrehouc (Nicosss) avons souhaité poser des questions à des contributeurs francophones du Projet Fedora et de Fedora-fr.

  Grâce à la diversité des profils, cela permet de voir le fonctionnement du Projet Fedora sous différents angles pour voir le projet au delà de la distribution mais aussi comment il est organisé et conçu. Notons que sur certains points, certaines remarques restent d'application pour d'autres distributions.

  N'oublions pas que le Projet Fedora reste un projet mondial et un travail d'équipe ce que ces entretiens ne permettent pas forcément de refléter. Mais la communauté francophone a de la chance d'avoir suffisamment de contributeurs de qualité pour permettre d'avoir un aperçu de beaucoup de sous projets de la distribution.

  Chaque semaine un nouvel entretien sera publié sur le forum Fedora-fr.org, linuxfr.org et mon blog ici même.

  L'entretien du jour concerne Johan Cwiklinski (pseudo trasher), ancien contributeur de Fedora-fr.org et actuel mainteneur du logiciel de gestion Galette.

  Entretien

  Bonjour Johan, peux-tu présenter brièvement ton parcours ?

  Je suis principalement développeur (PHP, Python, Java), et un peu administrateur système - complètement autodidacte. J'ai découvert le monde de GNU/Linux en 1998 en achetant avec deux camarades de fac une distribution Red Hat 5.2 :D

  Ce n'est que quelques années plus tard, en 2002, que je reviendrai à Linux ; rapidement comme OS principal. J'ai testé durant cette période différentes distributions comme Red Hat, Fedora, Mandrake et Ubuntu - pour revenir définitivement à Fedora en 2006.

  Peux-tu présenter brièvement tes contributions au projet Fedora ?

  J'ai traduit de la documentation et des logiciels pour le projet. J'ai rédigé de la documentation pour le projet officiel (un peu) et pour le communauté francophone (beaucoup plus). J'ai rédigé des articles pour des magazines divers. J'ai empaqueté et maintenu différents logiciels dans les dépôts. J'ai participé à la mise en place et maintenance de certaines versions du site internet de la communauté francophone. J'ai participé à plusieurs salons informatiques dans le Nord ainsi qu'à Paris et à Bruxelles (FOSDEM), avec d'autres contributeurs francophones de l'époque. J'ai été responsable de la mise en place de la documentation "Fedora-fr" pendant plusieurs années.

  J'ai mis en place avec l'aide d'autres contributeurs différents canaux pour apporter des contributeurs francophones à participer au packaging sur Fedora - via la rédaction d'une documentation assez complète, des présentations lors d'évènements sur Paris, un canal IRC dédié, ...,

  Et j'ai aidé à monter l'association "Fedora-fr" - pour laquelle j'ai été trésorier la première année d'existence.

  Qu'est-ce qui fait que tu es venu sur Fedora et que tu y es resté (si tu t'en sers encore) ?

  Alors, oui, je tourne encore sous Fedora ; que ce soit sur mon ordinateur personnel ou celui du boulot. J'ai même une Fedora sur un serveur dédié que j'administre

  Je suis resté sur Fedora parce que la logique du projet orienté vers le logiciel libre me convenait bien, et ensuite parce que j'y participais. Cette distribution me convient encore tout à fait aujourd'hui, je n'ai pas de raison d'en changer

  Pourquoi contribuer à Fedora en particulier ?

  À l'époque de la sortie de Fedora, je m'y étais un peu intéressé. J'avais une petite expérience sur d'autres distributions similaires (RedHat) ou pas (Ubuntu) - mais à cette époque, un bref passage du côté de la communauté francophone (notamment sur les canaux IRC) ne m'avait pas réellement séduit.

  Ce n'est que deux ans plus tard que j'y suis revenu. J'avais alors décidé de switcher sur Fedora Core 3 définitivement à titre personnel. L'accueil de la communauté francophone a vraiment été exceptionnel, et je me suis rapidement mis à contribuer.

  Contribues-tu à d'autres Logiciels Libres ? Si oui, lesquels et comment ?

  Je contribue à un logiciel libre - que je ne citerai pas - pour mon travail, depuis plusieurs années déjà.

  Et je suis le leader et principal développeur du projet de gestion d'adhérents "Galette".

  Utilises-tu Fedora dans un contexte professionnel ? Et pourquoi ?

  Oui, je l'utilise depuis longtemps sur mes postes de travail - ainsi que des distributions approchantes (comme CentOS) sur différents serveurs que j'ai eu à gérer.

  La raison est plutôt simple : chaque distribution a ses propres spécificités, et en tant que contributeur au projet, je connais assez bien celles de Fedora. C'est donc tout naturellement que je l'utilise. J'ai aussi la chance de pouvoir choisir librement mon environnement de travail.

  Est-ce que tes contributions à Fedora sont un atout direct ou indirect dans ta vie professionnelle ? Si oui, de quelle façon ?

  Un certain atout, oui. Mes contributions ont pu à quelques reprises appuyer mes candidatures à certains postes.

  J'ai également pas mal packagé pour le travail, que ce soit pour ajouter des paquets inexistants, ou pour en mettre à jour voire corriger d'autres.

  Tu as fait partie des fondateurs du site Fedora-fr.org, peux-tu revenir aux débuts du site à ce moment là ? Comment la communauté francophone a émergé à partir du Projet Fedora né quelques mois plus tôt seulement ?

  Alors, je n'ai pas fait partie des fondateurs, je suis arrivé juste après

  La communauté francophone existait déjà, il y avait un site, un tout petit peu de documentation, le forum, les canaux IRC, ... Tous les outils étaient déjà en place, de même que les demandes de personnes francophones.

  Nous avons alors essayé de faire connaître davantage Fedora et sa communauté - avec un certain succès puisque nous avons toujours été sollicités.

  Tu as rédigé ou participé à la rédaction de nombreux articles de la documentation en français à l'époque alors que tout était à faire. Était-ce de simples traductions au départ ? L'accès à des ressources même en anglais était facile à ce moment là ? Ou cela reposait plutôt sur l'expérience ?

  J'ai pas mal contribué à la traduction de la documentation officielle dans un premier temps ; leur wiki de l'époque ne rendait pas spécialement la chose facile, et j'ai peu rédigé à cette époque.

  Globalement, on pouvait trouver de la documentation plus ou moins facilement (tout est toujours un peu relatif), mais on la trouvait surtout en anglais - et pas forcément sur tous les sujets. Il faillait aussi connaître un peu, et ne pas se noyer dans la masse des informations "inutiles" pour les nouveaux.

  La traduction de la doc officielle était très chronophage, et servait finalement assez peu, des questions revenaient souvent.

  C'est là qu'est arrivé le wiki de la doc francophone, agencé différemment, dont l'un des objectifs était de fournir toute une série d'articles pour les débutants, et qui ne posait pas certaines limites de la documentation officielle (l'installation de certains pilotes matériels ou de certaines bibliothèques notamment).

  Quelle était la répartition des tâches entre pour la maintenance du site ?

  Chacun faisait ce qu'il pouvait ? :D

  J'étais principalement en charge de la maintenance du Wiki (backend et frontend), et de Galette. Il pouvait m'arriver de donner un coup du main sur d'autres aspects, mais c'était assez rare somme toute.

  Tu as contribué à différents sites pour le Projet Fedora, lesquels ?

  Au niveau du Projet lui même, je pense n'avoir contribué qu'à la documentation. Sur fedora-fr.org, la documentation, le site de l'association, et très peu les forums.

  Quelles différences vois-tu entre les sites aujourd'hui et ceux de l'époque alors que le projet était naissant ?

  Il y en a vraiment beaucoup :D

  Du côté du projet anglophone, les pages d'accueil sont plus claires et "vendeuses" aujourd'hui. La documentation a globalement pas mal changé, on s'y retrouve plus facilement, et c'est mieux indexé par les moteurs de recherche.

  Du côté francophone, le changement le plus notable est certainement l'abandon des forums historiques pour le passage à une solution plus moderne et lisible

  Tu as également crée et tu maintiens toujours le logiciel Galette pour gérer l'association, pourquoi avoir crée ce logiciel ? En dehors de Fedora-fr il y a d'autres utilisateurs ?

  Je n'ai pas créé Galette. Le projet a été créé en 2003 sous l'impulsion de l'ALDIL (LUG de Lyon). Peu de logiciels de gestion d'association de cette époque existent encore aujourd'hui

  À la création de l'association Fedora-fr en 2007, nous avons rapidement cherché un moyen de gérer les adhérents. Plusieurs projets auraient pu répondre à la demande, mais Galette était celui qui collait le plus.

  J'ai donc entrepris de mettre en œuvre une instance de Galette. Je suis tombé sur deux-trois soucis qui devaient être corrigés, j'ai donc commencé à contribuer au projet.

  Rapidement, le projet a eu besoin d'un nouveau mainteneur, et je me suis proposé... C'était le 18 mai 2007

  Depuis lors, je me suis consacré à l'amélioration du projet ; de nouvelle versions majeures comportant de nouvelles fonctionnalités voient le jour régulièrement.

  À ce que j'en sais, plusieurs centaines d'associations utilisent Galette aujourd'hui - difficile de savoir exactement.

  Tu as globalement fait un pas de côté à partir de 2012 de Fedora-fr et même de Fedora en général, peux-tu expliquer pourquoi ?

  J'ai effectivement commencé à m'éloigner du projet en 2012, je continuais à participer notamment au niveau packaging, mais j'ai tout arrêté depuis 2021.

  Il n'y a pas de raison vraiment particulière, ma situation personnelle a pas mal évolué depuis toutes ces années ; je n'ai plus autant de temps libre, et aussi d'autres centres d'intérêt.

  Si tu avais la possibilité de changer quelque chose dans la distribution Fedora ou dans sa manière de fonctionner, qu'est-ce que ce serait ?

  Je n'ai trop rien à répondre sur le sujet

  À l'inverse, est-ce qu'il y a quelque chose que tu souhaiterais conserver à tout prix dans la distribution ou le projet en lui même ?

  Je dirai l'aspect communautaire et libre ; c'est quand même ce qui fait que j'utilise la distribution depuis toutes ces années

  Que penses-tu de la communauté Fedora-fr que ce soit son évolution et sa situation actuelle ? Qu'est-ce que tu améliorerais si tu en avais la possibilité ?

  Je ne suis plus trop au faîte de tout cela, et depuis trop longtemps je pense... Je ne connais pas la situation de la communauté francophone aujourd'hui.

  Quant à changer des choses... Là encore, je ne sais pas trop.

  Quelque chose à ajouter ?

  Merci aux contributeurs actuels de continuer le travail entrepris et de continuer de faire vire la communauté !

  Merci Johan pour ta contribution !

  Conclusion

  Nous espérons que cet entretien vous a permis d'en découvrir un peu plus sur le site Fedora-fr.

  Si vous avez des questions ou que vous souhaitez participer au Projet Fedora ou Fedora-fr, ou simplement l'utiliser et l'installer sur votre machine, n'hésitez pas à en discuter avec nous en commentaire ou sur le forum Fedora-fr.

  À dans 10 jours pour un entretien avec Jean-Baptiste Holcroft, un des mainteneurs de la traduction française de Fedora.

• Cockpit Project Cockpit 340

  Cockpit is the modern Linux admin interface. We release regularly.

  Here are the release notes from Cockpit 340, cockpit-podman 107, cockpit-machines 333, and cockpit-ostree 211:

  Storage: Prevent modifying unsupported partitions

  Cockpit now detects unsupported partitions and displays a notice that Cockpit does not support it, such as modifying LVM2 Logical Volume partitions.

  

  Storage: Rename safety warning

  We now display a warning when renaming volume groups that contain the root filesystem as it might break the next boot.

  Podman: Quadlet log links

  Quadlet logs now link to their systemd service log page counterpart.

  

  Machines: Virtual network interfaces can now select source mode

  When adding a new virtual network interface you can now select between VEPA, Bridge, Private, or Passthrough for more flexibility with how machines are exposed to the network.

  

  Try it out

  Cockpit 340, cockpit-podman 107, cockpit-files 22, cockpit-machines 334, and cockpit-ostree 211 are available now:

  • For your Linux system

  • Cockpit Client

  • Cockpit Source Tarball
  • Cockpit Fedora 42
  • Cockpit Fedora 41
  • cockpit-podman Source Tarball
  • cockpit-podman Fedora 42
  • cockpit-podman Fedora 41
  • cockpit-files Source Tarball
  • cockpit-files Fedora 42
  • cockpit-files Fedora 41
  • cockpit-machines Source Tarball
  • cockpit-machines Fedora 42
  • cockpit-machines Fedora 41
  • cockpit-ostree Source Tarball
  • cockpit-ostree Fedora 42
  • cockpit-ostree Fedora 41

June 03, 2025

• Christof Damian Sharing a monitor between Linux & Mac

  

  For my new job, I (annoyingly) have to use a silly MacBook. For everything else, I have a nice, beautiful desktop running Fedora.

  I looked into KVMs to share my monitor and keyboard between the two computers, but couldn't really find something reasonably priced and functional. 

  Synergy/Barrier/InputLeap for keyboard sharing
  

  I have used Synergy before to share keyboard and mouse between Linux computers, and this was already a good step. There is a fork for Synergy on Linux called Barrier, which now has been forked again to InputLeap. Now the maintained version is Deskflow. It also allows copy & paste between systems.
  

  This brought me half to where I wanted to be, but I was still restricted to the tiny laptop screen on the Mac. 

  DDC monitor input source switching
  

  Both of my monitors are connected via DisplayPort to my desktop. I now connected the right monitor also via HDMI to the Mac. This already allowed me to easily switch between the input sources with the monitor's on-screen menu.
  

  While researching a new monitor, which has a build in KVM, but only comes with software for Mac & Windows, I found out that you can control most monitor functionality via DCC. 

  This includes things like brightness, contrast, rotation, and most importantly the input source. 

  For Linux, you can use ddcutil and your window manager keyboard shortcut settings. For me, it is these two commands, your monitor and sources may vary.
  

  ddcutil -d 1 setvcp 0x60 0x0f # display 1 -> displayport
  

  ddcutil -d 1 setvcp 0x60 0x11 # display 1 -> hdmi
  

  On OS X you can use BetterDisplay, this is a pretty nifty tool to control all kinds of aspects of your display, definitely worth a look. It also supports keyboard shortcuts to change input sources.
  

  

  There you go, easy-peasy and for free. I hope that helps someone, or me in the future, when I forget how it works.
  

  
  

• Peter Czanik Deprecating Java-based drivers from syslog-ng: Is HDFS next?

  While most Java-based drivers have been deprecated in syslog-ng years ago, we have recently removed all of them in preparation to syslog-ng 4.9.0. Right now, the only Java-based driver remaining is HDFS, so we want to ask the syslog-ng community if the HDFS destination is still needed for them.

  A bit of background

  The Java destination was originally added to syslog-ng to be able to send log messages to Elasticsearch. Later, HTTP, HDFS and Kafka drivers were also added. Unfortunately, these Java-based drivers were difficult (or impossible) to submit to Linux distributions. In addition, they were also difficult to maintain, used more resources, and were problematic to configure. Over the years, most of the Java-based drivers were replaced by native C drivers, so the Java-based drivers became deprecated.

  Many of the dependencies used by the Java-based drivers are no longer maintained and contain CVE problems. This is why we decided that deprecation is not enough: we must remove these drivers from the syslog-ng source code.

  There is only one exception: HDFS. It is still there, as there is no C-based driver for HDFS yet in syslog-ng, and it is CVE free. Still, we would love to remove all Java-based drivers – however, before we would spend any more resources to develop a C-based alternative for it, we would like to ask you if there is an actual need for it. If nobody actually needs an HDFS driver, then simply deprecating HDFS support and deleting it a few releases later would be the easiest solution for us.

  Status

  Java-based drivers were never included in mainstream Linux distributions for two reasons. Firstly, because their dependencies were not available in those distributions, and secondly, because the use of binary JAR files was not supported. Despite this, I maintained RPM packages with Java-based drivers for many years, but eventually removed these drivers from my packages half a decade ago. Nobody complained about this – all I know is that people still use the Java destination for their own drivers.

  Building Java-based drivers is still an option in FreeBSD ports, but even there, only HDFS will be available starting from syslog-ng 4.9.0.

  I updated packaging to follow up with the driver removal, as I had to remove Java-related configuration files from file lists.

  Question to the community

  So, do you still use the Java-based HDFS driver of syslog-ng? If you still need it, please let us know on the mailing list or open an issue / discussion on the syslog-ng GitHub page: https://github.com/syslog-ng/syslog-ng/

  -

  If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik, on Mastodon as @Pczanik@fosstodon.org.

• ! Avi Alkalay ¡ Jornalismo na Era da Inteligência Artificial

  Inteligência Artificial tem melhorado ao ponto que imagens e vídeos gerados por IA são muito convincentes e indistinguíveis da realidade. Entramos na era em que IA pode se tornar uma poderosa fonte de inverdades, fake news etc.

  

  É aí que jornalistas e seus meios devem ganhar protagonismo e a atenção dos leitores e telespectadores. Pois, lembrando, o papel do repórter é ir lá checar se é verdade e contar o que viu. Pode até adicionar opinião depois, mas primeiro publicar fatos apurados.

  Mas qual é a diferença entre bom jornalismo e pessoa qualquer que repassa “notícias” no zap ou memes nas redes? A diferença é a mesma entre o médico diplomado, experiente, e o sujeito que vende na Praça da Sé, para curar todos os males, elixir de conhaque mijado. Este último não tem método, ciência nem reputação a zelar. Isso sem nem entrar no mérito da profundidade do conteúdo.

  Jornalismo profissional é mais necessário do que nunca na nossa era da pós-verdade, inteligência artificial e fake news.

  Também no Facebook, LinkedIn e Instagram.

• Michel Alexandre Salim On working sustainably

  Looking at what tags to use for this post, it surprised me that it’s been over two years since I posted about taking recharge (basically a short sabbatical).

  Plus ça change, plus c’est la même chose…

  Some reorganizations happen at work, but I’m still basically working upstream on Linux distributions. I have a US passport now, which means traveling to the Schengen area is now straightforward; on the other hand it does mean more travel and more jet lag… and I got promoted!

June 02, 2025

• The NeuroFedora Blog Next Open NeuroFedora meeting: 02 June 2025 1300 UTC

  

  Photo by William White on Unsplash.

  
  

  Please join us at the next regular Open NeuroFedora team meeting on Monday 02 June 2025 at 1300 UTC. The meeting is a public meeting, and open for everyone to attend. You can join us in the Fedora meeting channel on chat.fedoraproject.org (our Matrix instance). Note that you can also access this channel from other Matrix home severs, so you do not have to create a Fedora account just to attend the meeting.

  You can use this link to convert the meeting time to your local time. Or, you can also use this command in the terminal:

  $ date -d 'Monday, June 02, 2025 13:00 UTC'
  

  The meeting will be chaired by @ankursinha. The agenda for the meeting is:

  • New introductions and roll call.
  • Tasks from last meeting.
  • Open Pagure tickets.
  • Package health check.
  • Open package reviews check.
  • CompNeuro lab compose status check for Fedora 41/rawhide.
  • Neuroscience query of the week
  • Next meeting day, and chair.
  • Open floor.

  We hope to see you there!

May 31, 2025

• Luca Ciavatta 50 Useful and Fun Linux Commands Every Power User Should Know

  
  This article includes an in-depth introduction to the Linux terminal, detailed descriptions of each command, installation instructions for various distributions (Debian/Ubuntu, Fedora, openSUSE, and Arch), usage examples, and relevant links to official documentation and repositories.

  Introduction: The Terminal, the Brain of Linux

  In the age of graphical user interfaces and slick desktops, the command-line interface (CLI) remains a core pillar of the Linux experience. It’s not just a legacy tool — it’s a powerhouse of efficiency, automation, and control. From system administrators and developers to power users and hobbyists, the terminal offers unmatched versatility and performance. Understanding how to navigate and leverage the CLI isn’t just beneficial — it’s essential for unlocking the full power of any Linux-based system.

  

  Graphical environments can certainly be convenient, but they often come at the cost of speed, flexibility, and scripting power. The terminal, on the other hand, gives users access to the raw heart of the operating system, enabling advanced file manipulation, system diagnostics, remote management, software compilation, and more. What’s more, it empowers users to chain tools together, automate complex workflows, and extend system functionality in creative ways.

  Beyond the ubiquitous utilities like ls, cd, grep, find, and top, the Linux ecosystem is thriving with lesser-known but incredibly useful or amusing commands that make daily workflows more efficient — and sometimes more entertaining.

  This article isn’t just a collection of commands; it’s a curated journey through 50 tools that enhance usability, productivity, and system mastery. Whether you’re a seasoned sysadmin or a terminal-curious developer, you’ll discover utilities here that streamline your life, improve your system visibility, or even add a touch of fun to your terminal time.

  For each command listed, you’ll find installation instructions tailored to the major Linux distributions: Debian/Ubuntu, Fedora, openSUSE, and Arch Linux. If you’ve never tried these tools before, now’s your moment to expand your command-line toolkit.

  Let’s dive in.

  ---

  Section 1: File Navigation & Management

  1. zoxide – Smarter Directory Jumper

  Description: Replaces cd with an intelligent, history-based directory switcher.

  Installation:

  # Debian/Ubuntu
  sudo apt install zoxide
  
  # Fedora
  sudo dnf install zoxide
  
  # openSUSE
  sudo zypper install zoxide
  
  # Arch
  sudo pacman -S zoxide

  Post-install config: Add to ~/.bashrc or ~/.zshrc:

  eval "$(zoxide init bash)"  # or "zsh" if using Zsh

  Usage:

  z docs

  ---

  2. exa – A Modern Replacement for ls

  Description: Beautiful output with icons, colors, and tree views.

  Installation:

  # Debian/Ubuntu
  sudo apt install exa
  
  # Fedora
  sudo dnf install exa
  
  # openSUSE
  sudo zypper install exa
  
  # Arch
  sudo pacman -S exa

  Usage:

  exa --long --git --icons

  ---

  3. ranger – Terminal File Manager with Preview

  Description: A powerful, keyboard-controlled file manager.

  Installation:

  # Debian/Ubuntu
  sudo apt install ranger
  
  # Fedora
  sudo dnf install ranger
  
  # openSUSE
  sudo zypper install ranger
  
  # Arch
  sudo pacman -S ranger

  Usage:

  ranger

  Exit: Press q

  ---

  4. bat – A Better cat with Syntax Highlighting

  Description: Enhances cat with code highlighting and line numbers.

  Installation:

  # Debian/Ubuntu
  sudo apt install bat
  
  # Fedora
  sudo dnf install bat
  
  # openSUSE
  sudo zypper install bat
  
  # Arch
  sudo pacman -S bat

  Usage:

  bat script.sh

  ---

  5. ncdu – Disk Usage Analyzer

  Description: Terminal-based disk usage viewer, better than du -sh.

  Installation:

  # Debian/Ubuntu
  sudo apt install ncdu
  
  # Fedora
  sudo dnf install ncdu
  
  # openSUSE
  sudo zypper install ncdu
  
  # Arch
  sudo pacman -S ncdu

  Usage:

  ncdu /

  ---

  6. tldr – Simplified Man Pages

  Description: TLDR (Too Long Didn’t Read) offers simplified and community-driven versions of common man pages.

  Why it’s useful: It provides concise examples for how to use commands, which is especially handy for beginners and pros alike who just need a quick syntax refresher.

  Install:

  sudo apt install tldr  # Ubuntu/Debian
  sudo dnf install tldr  # Fedora
  sudo zypper install tldr  # openSUSE
  sudo pacman -S tldr  # Arch

  Usage:

  tldr tar
  tldr curl

  ---

  7. glances – System Monitoring at a Glance

  Description: Glances is a cross-platform system monitoring tool written in Python.

  Why it’s useful: It provides a holistic overview of system performance: CPU, memory, disk I/O, network, sensors, and processes.

  Install:

  sudo apt install glances  # Ubuntu/Debian
  sudo dnf install glances  # Fedora
  sudo zypper install glances  # openSUSE
  sudo pacman -S glances  # Arch

  Usage:

  glances

  ---

  8. htop – Interactive Process Viewer

  Description: htop is an improved version of top.

  Why it’s useful: Offers a colorized and interactive process list with options to sort by CPU, memory, PID, and more.

  Install:

  sudo apt install htop
  sudo dnf install htop
  sudo zypper install htop
  sudo pacman -S htop

  Usage:

  htop

  ---

  9. bpytop – Beautiful Resource Monitor

  Description: bpytop is a Python-based resource monitor with a modern UI.

  Why it’s useful: It’s visually appealing, responsive, and offers comprehensive system stats.

  Install:

  sudo apt install bpytop
  sudo dnf install bpytop
  sudo zypper install bpytop
  sudo pacman -S bpytop

  Usage:

  bpytop

  ---

  10. sl – Steam Locomotive (Just for Fun)

  Description: Typing sl (instead of ls) launches a steam locomotive in your terminal.

  Why it’s fun: A charming easter egg for mistypers.

  Install:

  sudo apt install sl
  sudo dnf install sl
  sudo zypper install sl
  sudo pacman -S sl

  Usage:

  sl

  ---

  11. cmatrix – Matrix Rain Animation

  Description: Simulates the digital rain seen in The Matrix.

  Why it’s fun: Eye-candy for your terminal.

  Install:

  sudo apt install cmatrix
  sudo dnf install cmatrix
  sudo zypper install cmatrix
  sudo pacman -S cmatrix

  Usage:

  cmatrix

  ---

  12. lolcat – Rainbow Coloring for Terminal Output

  Description: Colors terminal text in rainbow hues.

  Why it’s fun: Makes any terminal output look more cheerful.

  Install:

  sudo gem install lolcat  # Requires Ruby

  Usage:

  echo "Hello, world!" | lolcat

  ---

  13. figlet – ASCII Art Text Generator

  Description: Turns text into large ASCII letters.

  Why it’s fun: Great for making terminal banners.

  Install:

  sudo apt install figlet
  sudo dnf install figlet
  sudo zypper install figlet
  sudo pacman -S figlet

  Usage:

  figlet Hello

  ---

  14. cowsay – Talking Cow (or Other Animals)

  Description: A cow that says whatever you want.

  Why it’s fun: Pure novelty; often used with fortune and lolcat.

  Install:

  sudo apt install cowsay
  sudo dnf install cowsay
  sudo zypper install cowsay
  sudo pacman -S cowsay

  Usage:

  cowsay "Use the force, Linux."

  ---

  15. neofetch – System Info with Style

  Description: Displays system information alongside your distro’s logo.

  Why it’s useful/fun: Useful for screenshots or just bragging.

  Install:

  sudo apt install neofetch
  sudo dnf install neofetch
  sudo zypper install neofetch
  sudo pacman -S neofetch

  Usage:

  neofetch

  ---

  Absolutely! Here are commands 16 to 50 following the exact same detailed format with installation instructions, usage, and brief descriptions in English:

  ---

  16. fd – Simple, Fast and User-Friendly Alternative to find

  Description: A modern replacement for find with intuitive syntax and colorized output.

  Installation:

  # Debian/Ubuntu
  sudo apt install fd-find
  
  # Fedora
  sudo dnf install fd-find
  
  # openSUSE
  sudo zypper install fd-find
  
  # Arch
  sudo pacman -S fd

  Usage:

  fd pattern
  fd --type f --size +10M

  ---

  17. bat-extras – Enhancements for bat

  Description: Adds many extra commands that complement bat, like syntax highlighting for git diffs and more.

  Installation:

  # Usually installed via GitHub; install dependencies first
  git clone https://github.com/eth-p/bat-extras.git
  cd bat-extras
  sudo ./install.sh

  Usage:

  bats diff somefile
  bats grep pattern

  ---

  18. fzf – Command-line Fuzzy Finder

  Description: A general-purpose interactive fuzzy finder for the terminal.

  Installation:

  # Debian/Ubuntu
  sudo apt install fzf
  
  # Fedora
  sudo dnf install fzf
  
  # openSUSE
  sudo zypper install fzf
  
  # Arch
  sudo pacman -S fzf

  Usage:

  fzf
  cat file.txt | fzf

  ---

  19. neovim – Hyperextensible Text Editor

  Description: An improved version of Vim with better extensibility and modern features.

  Installation:

  # Debian/Ubuntu
  sudo apt install neovim
  
  # Fedora
  sudo dnf install neovim
  
  # openSUSE
  sudo zypper install neovim
  
  # Arch
  sudo pacman -S neovim

  Usage:

  nvim file.txt

  ---

  20. ripgrep (rg) – Recursive Search Tool

  Description: Fast and user-friendly alternative to grep, optimized for speed.

  Installation:

  # Debian/Ubuntu
  sudo apt install ripgrep
  
  # Fedora
  sudo dnf install ripgrep
  
  # openSUSE
  sudo zypper install ripgrep
  
  # Arch
  sudo pacman -S ripgrep

  Usage:

  rg "search_term"
  rg --files

  ---

  21. tmux – Terminal Multiplexer

  Description: Allows multiple terminal sessions in one window, session persistence, and window splitting.

  Installation:

  # Debian/Ubuntu
  sudo apt install tmux
  
  # Fedora
  sudo dnf install tmux
  
  # openSUSE
  sudo zypper install tmux
  
  # Arch
  sudo pacman -S tmux

  Usage:

  tmux
  # Ctrl+b then % to split vertically

  ---

  22. nc – Netcat – Swiss Army Knife for TCP/IP

  Description: Reads and writes data across network connections using TCP or UDP.

  Installation:

  # Debian/Ubuntu
  sudo apt install netcat
  
  # Fedora
  sudo dnf install nmap-ncat
  
  # openSUSE
  sudo zypper install netcat
  
  # Arch
  sudo pacman -S openbsd-netcat

  Usage:

  nc -l 1234
  nc hostname 1234

  ---

  23. jq – Command-line JSON Processor

  Description: Parses, filters, and transforms JSON data with ease.

  Installation:

  # Debian/Ubuntu
  sudo apt install jq
  
  # Fedora
  sudo dnf install jq
  
  # openSUSE
  sudo zypper install jq
  
  # Arch
  sudo pacman -S jq

  Usage:

  cat data.json | jq '.key'

  ---

  24. aria2 – Lightweight Multi-protocol & Multi-source Download Utility

  Description: Supports HTTP/HTTPS, FTP, BitTorrent, and Metalink downloads.

  Installation:

  # Debian/Ubuntu
  sudo apt install aria2
  
  # Fedora
  sudo dnf install aria2
  
  # openSUSE
  sudo zypper install aria2
  
  # Arch
  sudo pacman -S aria2

  Usage:

  aria2c http://example.com/file.zip
  aria2c -T torrent-file.torrent

  ---

  25. tig – Text-mode Interface for Git

  Description: An ncurses-based text interface for Git repositories.

  Installation:

  # Debian/Ubuntu
  sudo apt install tig
  
  # Fedora
  sudo dnf install tig
  
  # openSUSE
  sudo zypper install tig
  
  # Arch
  sudo pacman -S tig

  Usage:

  tig
  tig status

  ---

  26. dust – More intuitive du

  Description: Provides a nicer and more human-readable disk usage summary.

  Installation:

  # Debian/Ubuntu
  # Install Rust and then use cargo:
  cargo install du-dust
  
  # Fedora
  sudo dnf install dust
  
  # openSUSE
  sudo zypper install dust
  
  # Arch
  sudo pacman -S dust

  Usage:

  dust
  dust /home

  ---

  27. btop – Resource Monitor with a Graphical UI

  Description: A modern resource monitor with an intuitive and colorful interface.

  Installation:

  # Debian/Ubuntu
  sudo apt install btop
  
  # Fedora
  sudo dnf install btop
  
  # openSUSE
  sudo zypper install btop
  
  # Arch
  sudo pacman -S btop

  Usage:

  btop

  ---

  28. entr – Run Arbitrary Commands When Files Change

  Description: Watches files and runs commands when they are modified.

  Installation:

  # Debian/Ubuntu
  sudo apt install entr
  
  # Fedora
  sudo dnf install entr
  
  # openSUSE
  sudo zypper install entr
  
  # Arch
  sudo pacman -S entr

  Usage:

  ls *.c | entr make

  ---

  29. watch – Execute a Program Periodically

  Description: Runs a command repeatedly, showing output fullscreen.

  Installation:

  # Usually pre-installed
  sudo apt install procps  # Debian/Ubuntu
  sudo dnf install procps-ng  # Fedora
  sudo zypper install procps  # openSUSE
  sudo pacman -S procps-ng  # Arch

  Usage:

  watch -n 5 df -h

  ---

  30. hexyl – A Command-Line Hex Viewer

  Description: View files in hex with colors and easy navigation.

  Installation:

  # Debian/Ubuntu
  sudo apt install hexyl
  
  # Fedora
  sudo dnf install hexyl
  
  # openSUSE
  sudo zypper install hexyl
  
  # Arch
  sudo pacman -S hexyl

  Usage:

  hexyl file.bin

  ---

  31. pv – Pipe Viewer

  Description: Monitor the progress of data through a pipeline.

  Installation:

  # Debian/Ubuntu
  sudo apt install pv
  
  # Fedora
  sudo dnf install pv
  
  # openSUSE
  sudo zypper install pv
  
  # Arch
  sudo pacman -S pv

  Usage:

  pv file.iso | dd of=/dev/sdb

  ---

  32. git-delta – Syntax-highlighting pager for git

  Description: Improves git diff output with color, side-by-side views, and better syntax.

  Installation:

  # Debian/Ubuntu
  sudo apt install git-delta
  
  # Fedora
  sudo dnf install git-delta
  
  # openSUSE
  sudo zypper install git-delta
  
  # Arch
  sudo pacman -S git-delta

  Usage:

  git diff | delta

  ---

  33. httpie – Friendly command-line HTTP client

  Description: A user-friendly HTTP client for testing APIs and sending requests.

  Installation:

  # Debian/Ubuntu
  sudo apt install httpie
  
  # Fedora
  sudo dnf install httpie
  
  # openSUSE
  sudo zypper install httpie
  
  # Arch
  sudo pacman -S httpie

  Usage:

  http GET https://api.github.com/users/username

  ---

  34. maim – Screenshot tool

  Description: A versatile screenshot utility with multi-format support.

  Installation:

  # Debian/Ubuntu
  sudo apt install maim
  
  # Fedora
  sudo dnf install maim
  
  # openSUSE
  sudo zypper install maim
  
  # Arch
  sudo pacman -S maim

  Usage:

  maim screenshot.png

  ---

  35. rsync – Remote Sync Tool

  Description: Sync files and directories locally or remotely with great efficiency.

  Installation:

  # Usually pre-installed
  sudo apt install rsync  # Debian/Ubuntu
  sudo dnf install rsync  # Fedora
  sudo zypper install rsync  # openSUSE
  sudo pacman -S rsync  # Arch

  Usage:

  rsync -avz /source/dir user@host:/destination/dir

  ---

  36. ncspot – Terminal Spotify client

  Description: Spotify client written in Rust with ncurses interface.

  Installation:

  # Arch
  sudo pacman -S ncspot
  
  # For others, build from source on GitHub

  Usage:

  ncspot

  ---

  37. tmate – Instant Terminal Sharing

  Description: Share your terminal session securely over SSH.

  Installation:

  # Debian/Ubuntu
  sudo apt install tmate
  
  # Fedora
  sudo dnf install tmate
  
  # openSUSE
  sudo zypper install tmate
  
  # Arch
  sudo pacman -S tmate

  Usage:

  tmate
  # Share the displayed SSH session link

  ---

  38. lsd – An ls replacement with colors and icons

  Description: Modern alternative to ls with nice visuals.

  Installation:

  # Debian/Ubuntu
  sudo apt install lsd
  
  # Fedora
  sudo dnf install lsd
  
  # openSUSE
  sudo zypper install lsd
  
  # Arch
  sudo pacman -S lsd

  Usage:

  lsd --long --group-directories-first

  ---

  39. gping – Ping with Graphs

  Description: Ping tool that displays a graph of latency.

  Installation:

  # Arch
  sudo pacman -S gping
  
  # Debian/Ubuntu and Fedora: build from source or find a package

  Usage:

  gping google.com

  ---

  40. speedtest-cli – Internet speed test from CLI

  Description: Test internet speed from your terminal.

  Installation:

  # Debian/Ubuntu
  sudo apt install speedtest-cli
  
  # Fedora
  sudo dnf install speedtest-cli
  
  # openSUSE
  sudo zypper install speedtest-cli
  
  # Arch
  sudo pacman -S speedtest-cli

  Usage:

  speedtest-cli

  ---

  41. ngrok – Secure Tunnels to localhost

  Description: Expose local servers behind NATs and firewalls to the public internet.

  Installation:

  # Download from official site and unzip or use package managers

  Usage:

  ngrok http 8080

  ---

  42. entr – Run commands when files change

  Description: Monitor files and rerun commands on changes.

  Installation:

  # Debian/Ubuntu
  sudo apt install entr
  
  # Fedora
  sudo dnf install entr
  
  # openSUSE
  sudo zypper install entr
  
  # Arch
  sudo pacman -S entr

  Usage:

  ls *.py | entr python main.py

  ---

  43. asdf – Version manager for multiple languages

  Description: Manage multiple runtime versions with one tool.

  Installation:

  git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.12.0

  Add to shell config:

  . $HOME/.asdf/asdf.sh

  Usage:

  asdf install nodejs latest
  asdf global nodejs latest

  ---

  44. broot – Tree viewer and navigator

  Description: A better alternative to tree and ls with fast navigation.

  Installation:

  # Debian/Ubuntu
  sudo apt install broot
  
  # Fedora
  sudo dnf install broot
  
  # openSUSE
  sudo zypper install broot
  
  # Arch
  sudo pacman -S broot

  Usage:

  broot

  ---

  45. xclip – Command line clipboard utility

  Description: Access X clipboard from the command line.

  Installation:

  # Debian/Ubuntu
  sudo apt install xclip
  
  # Fedora
  sudo dnf install xclip
  
  # openSUSE
  sudo zypper install xclip
  
  # Arch
  sudo pacman -S xclip

  Usage:

  echo "Hello" | xclip -selection clipboard
  xclip -o -selection clipboard

  ---

  46. wget – Non-interactive network downloader

  Description: Retrieve files via HTTP, HTTPS, FTP.

  Installation:

  # Usually pre-installed
  sudo apt install wget  # Debian/Ubuntu
  sudo dnf install wget  # Fedora
  sudo zypper install wget  # openSUSE
  sudo pacman -S wget  # Arch

  Usage:

  wget https://example.com/file.zip

  ---

  47. whois – Domain lookup utility

  Description: Look up domain registration info.

  Installation:

  # Debian/Ubuntu
  sudo apt install whois
  
  # Fedora
  sudo dnf install whois
  
  # openSUSE
  sudo zypper install whois
  
  # Arch
  sudo pacman -S whois

  Usage:

  whois example.com

  ---

  48. neovide – A graphical frontend for neovim

  Description: GUI for Neovim with smooth animations.

  Installation:

  # Arch
  sudo pacman -S neovide
  
  # Others: build from source or use prebuilt binaries

  Usage:

  neovide

  ---

  49. dust – A more intuitive du

  Description: Summarizes disk usage with better readability.

  Installation:

  # Rust-based, install via cargo
  cargo install du-dust

  Usage:

  dust

  ---

  50. exa – Modern replacement for ls

  Description: Stylish ls with colors and icons (already covered but worth repeating here).

  Installation:

  # Debian/Ubuntu
  sudo apt install exa
  
  # Fedora
  sudo dnf install exa
  
  # openSUSE
  sudo zypper install exa
  
  # Arch
  sudo pacman -S exa

  Usage:

  exa --long --icons

  ---

  Linux is a treasure trove of powerful commands, many of which are not only functional but also quirky, entertaining, or surprisingly enlightening. Among the more esoteric but fascinating commands available in the Linux ecosystem, several stand out for their creativity, cleverness, or practical value in specific scenarios. Let’s explore a selection of particularly intriguing commands from the list above, providing detailed descriptions, real-life examples, and insights into how they can enrich your Linux experience.

  One of the more surprisingly informative commands is whatis. While seemingly simple, whatis provides a concise one-line summary of any Linux command. It’s especially useful for newcomers or when working in a complex system where many utilities are installed. For example, running:

  whatis grep

  outputs:

  grep (1)             - print lines matching a pattern

  This allows users to quickly check what a command does without diving into its man page. It’s effectively a metadata lookup and is backed by the same databases that power the man command itself, but distilled into a quick overview.

  In a similar vein, apropos serves as a powerful discovery tool. Instead of looking up a specific command, apropos allows users to find commands related to a specific topic. It searches the whatis database for any entry that contains the given keyword. For instance:

  apropos compression

  might return a list including gzip, bzip2, xz, and zip, each with a brief description. It’s like grep for the command library, making it invaluable for discovering tools you didn’t even know existed.

  Among the more entertaining utilities is cowsay, a classic example of Unix whimsy. When invoked, cowsay takes input text and has an ASCII-art cow “say” it in a speech bubble:

  cowsay "I love Linux!"

  results in:

   _____________
  < I love Linux! >
   -------------
          \   ^__^
           \  (oo)\_______
              (__)\       )\/\
                  ||----w |
                  ||     ||

  This command is frequently used in system login messages, scripts for humorous purposes, or as part of more elaborate pipelines, especially when combined with fortune.

  The fortune command itself is another piece of classic Unix fun. It displays a random, often witty or philosophical quote. When piped into cowsay, it creates an amusing banner:

  fortune | cowsay

  This combination became a meme in the Unix world and often appears as the default login message in retro-themed Linux distros. For those wanting even more visual novelty, cowsay can be replaced with cowthink or configured with other animals via the -f option, including Tux the penguin, ghosts, and even moose.

  The sl command is a brilliant lesson in embracing user error with humor. It stands for “Steam Locomotive” and is triggered when a user mistypes “ls” as “sl.” Instead of a cryptic error, users are greeted with a cheerful ASCII art steam train chugging across the terminal. To see it in action:

  sl

  Though its utility is nil, its charm is infinite—especially in systems that have it installed as a lighthearted easter egg.

  On the more technical side of things, script is a deeply useful tool for recording terminal sessions. It captures everything displayed on your terminal and saves it to a file—useful for debugging, documentation, or training materials. For example:

  script session.log

  initiates a recording session. Everything typed and output to the terminal will now be saved to session.log. Typing exit ends the recording. This is essential for creating reproducible demonstrations or auditing sessions.

  Another fascinating command is yes. While seemingly trivial, yes is a high-performance text outputter that continuously prints a string until interrupted. It’s often used to simulate user input in shell scripts that expect confirmation prompts:

  yes | apt-get install something

  This automatically confirms all “Are you sure?” prompts. Additionally, yes can be a fun benchmark tool, as it outputs data rapidly to stdout and can be redirected to measure disk or CPU speed. You can also customize the output:

  yes "Testing 123"

  This will endlessly print “Testing 123” to the terminal until Ctrl+C is pressed.

  Moving into slightly more unconventional territory, toilet and figlet are two utilities that transform text into large ASCII art. For example:

  figlet Linux Rocks

  prints:

    _      _                _         
   | |    (_)              | |        
   | |     _ _ __ ___   ___| | _____  
   | |    | | '_ ` _ \ / _ \ |/ / _ \ 
   | |____| | | | | | |  __/   < (_) |
   |______|_|_| |_| |_|\___|_|\_\___/ 

  These can be used for scripts, banners, or notifications. They’re not just artistic—they’re also practical when used to create legible section headers in log files or notifications.

  In terms of introspection and system personality, uname and uptime are valuable. uname reveals system-level information:

  uname -a

  might return:

  Linux mymachine 5.15.0-60-generic #66-Ubuntu SMP x86_64 GNU/Linux

  This is useful when logging system metadata or debugging issues related to kernel version, architecture, or OS. Meanwhile, uptime tells you how long the system has been running, along with current user count and system load averages:

  uptime

  You might see something like:

  14:12:45 up 3 days,  4:05,  2 users,  load average: 0.15, 0.10, 0.05

  This compact output is often monitored in scripts or dashboards to track stability or detect overloads.

  For visualization of command pipelines and processes, the command pv (Pipe Viewer) is an often overlooked gem. It allows you to monitor the progress of data through a pipeline. For example:

  pv largefile.tar.gz | tar xzf -

  lets you see a progress bar and data rate for the file being extracted. It’s indispensable for operations involving large files, where you otherwise get no feedback until completion.

  Another visually satisfying utility is lolcat, which adds a rainbow coloring effect to output. Used in conjunction with figlet:

  figlet Welcome | lolcat

  creates a vivid, colorful greeting—fun for custom login scripts or system branding.

  A more practical but underutilized command is watch. It re-executes a command at regular intervals and displays the output full screen, refreshing like a terminal dashboard:

  watch -n 1 df -h

  This refreshes disk usage stats every second, useful for real-time monitoring during operations like backups or installs.

  Lastly, one cannot omit the powerful and poetic cal. This simple utility prints a calendar for the current month, or any month/year:

  cal 9 2025

  outputs the calendar for September 2025. It’s useful for scripting date-based logs, scheduling scripts, or just glancing at your terminal-based planner. When combined with ncal, you can even show week numbers or the calendar in vertical format.

  In conclusion, Linux is not just a technical environment—it’s a rich culture filled with humorous, helpful, and historic commands that reflect the ethos of Unix philosophy: small, sharp tools that do one thing well. Whether you’re piping cowsay into lolcat or using script to capture a debugging session, these commands make Linux not only a powerful operating system but a delightful one too.

  ---

  Final Thoughts

  The Linux terminal is more than just a tool — it’s a canvas. Each of the commands listed here, from the practical to the quirky, represents the incredible flexibility of open-source culture. These tools demonstrate how Linux not only solves problems efficiently but also makes the experience personal and even delightful.

  Whether you’re optimizing workflows, analyzing system performance, or just trying to make your terminal look cooler, the command line offers endless possibilities.

  Sources & Further Reading:

  • https://github.com/ajeetdsouza/zoxide
  • https://the.exa.website/
  • https://ranger.github.io/
  • https://github.com/sharkdp/bat
  • https://dev.yorhel.nl/ncdu
  • https://tldr.sh/
  • https://github.com/htop-dev/htop

  The post 50 Useful and Fun Linux Commands Every Power User Should Know appeared first on CIALU.NET.

• Rajeesh K Nambiar RIT-Bahadur Malayalam typeface

  In 1978, a commemorative souvenir was published to celebrate the milestone of acting in 400 films by Bahadoor, a celebrated Malayalam movie actor. Artist Namboodiri designed its cover caricature and the lettering.

  

  Based on this lettering, KH Hussain designed a traditional script Malayalam Unicode font named ‘RIT Bahadur’. I did work on the engineering and production of the font to release it on the 25th death anniversary of Bahadoor, on 22-May-2025.

  National daily ‘The Hindu’ has published an article about Bahadur font.

  RIT Bahadur is a display typeface that comes in Bold and BoldItalic variants. It is licensed under Open Font License and can be freely downloaded from Rachana website.

  

May 30, 2025

• Maxim Burgerhout How I manage SSL certificates for my homelab with Letsencrypt and Ansible

  How I manage SSL certificates for my homelab with Letsencrypt and Ansible

  I have a fairly sizable homelab, consisting of some Raspberry Pi 4s, some Intel Nucs, a Synology NAS with a VM running on it and a number of free VMs in Oracle cloud. All these machines run RHEL 9 or RHEL 10 and all of them are managed from an instance of Red Hat Ansible Automation Platform that runs on the VM on my NAS.

  On most of these machines, I run podman containers behind caddy (which takes care of any SSL certificate management automatically). But for some services, I really needed an automated way of managing SSL certificates that didn't involve Caddy. An example for this is cockpit, which I use on some occasions. I hate those "your connection is not secure messages", so I needed real SSL certificates that my whole network would trust without the need of me having to load custom CA certificates in every single device.

  I also use this method for securing my internal Postfix relay, and (in a slightly different way) for setting up certificates for containers running on my NAS.

  So. Ansible to the rescue. It turns out, there is a surprisingly easy way to do this with Ansible. I found some code floating around the internet. To be honest, I forgot where I got it, it was probably a GitHub gist, but I really don't remember: I wrote this playbook months and months ago - I would love to attribute credit for this, but I simply can't :(

  The point of the playbook is that it takes a list of certificates that should exist on a machine, and it makes sure those certificates exist on the target machine. Because this is for machines that are not connected to the internet, it's not possible to use the standard HTTP verification. Instead, it creates temporary DNS records to verify my ownership of the domain.

  Let's break down how the playbook works. I'll link to the full playbook at the end.

  Keep in mind that all tasks below are meant to be run as a playbook looping over a list of dictionaries that are structures as follows:

    le_certificates:
      - common_name: "mymachine.example.com"
        basedir: "/etc/letsencrypt"
        domain: ".example.com"
        email: security-team@example.com
  

  First, we make sure a directory exists to store the certificate. We check for the existence of a Letsencrypt account key and if that does not exist, we create it and copy it over to the client:

    - name: Create directory to store certificate information
      ansible.builtin.file:
        path: "{{ item.basedir }}"
        state: directory
        mode: "0710"
        owner: "{{ cert_directory_user }}"
        group: "{{ cert_directory_group }}"
  
    - name: Check if account private key exists
      ansible.builtin.stat:
        path: "{{ item.basedir }}/account_{{ item.common_name }}.key"
      register: account_key
  
    - name: Generate and copy over the acme account private key
      when: not account_key.stat.exists | bool
      block:
        - name: Generate private account key for letsencrypt
          community.crypto.openssl_privatekey:
            path: /tmp/account_{{ item.common_name }}.key
            type: RSA
          delegate_to: localhost
          become: false
          when: not account_key.stat.exists | bool
  
        - name: Copy over private account key to client
          ansible.builtin.copy:
            src: /tmp/account_{{ item.common_name }}.key
            dest: "{{ item.basedir }}/account_{{ item.common_name }}.key"
            mode: "0640"
            owner: root
            group: root
  

  The next step is to check for the existence of a private key for the domain we are handling, and create it and copy it to the client if it doesn't exist:

    - name: Check if certificate private key exists
      ansible.builtin.stat:
        path: "{{ item.basedir }}/{{ item.common_name }}.key"
      register: cert_key
  
    - name: Generate and copy over the acme cert private key
      when: not cert_key.stat.exists | bool
      block:
        - name: Generate private acme key for letsencrypt
          community.crypto.openssl_privatekey:
            path: /tmp/{{ item.common_name }}.key
            type: RSA
          delegate_to: localhost
          become: false
          when: not cert_key.stat.exists | bool
  
        - name: Copy over private acme key to client
          ansible.builtin.copy:
            src: /tmp/{{ item.common_name }}.key
            dest: "{{ item.basedir }}/{{ item.common_name }}.key"
            mode: "0640"
            owner: root
            group: root
  

  Then, we create a certificate signing request (CSR) based on the private key, and copy that to the client:

    - name: Generate and copy over the csr
      block:
        - name: Grab the private key from the host
          ansible.builtin.slurp:
            src: "{{ item.basedir }}/{{ item.common_name }}.key"
          register: remote_cert_key
  
        - name: Generate the csr
          community.crypto.openssl_csr:
            path: /tmp/{{ item.common_name }}.csr
            privatekey_content: "{{ remote_cert_key['content'] | b64decode }}"
            common_name: "{{ item.common_name }}"
          delegate_to: localhost
          become: false
  
        - name: Copy over csr to client
          ansible.builtin.copy:
            src: /tmp/{{ item.common_name }}.csr
            dest: "{{ item.basedir }}/{{ item.common_name }}.csr"
            mode: "0640"
            owner: root
            group: root
  

  Now the slightly more complicated stuff starts. This next task contacts the Letsencrypt API and requests a certificate. It specifies a dns-01 challenge, which means that Letsencrypt will respond with a challenge that we can validate our request through the creation of a special DNS record. All we need is in the response, which well store as cert_challenge.

    - name: Create a challenge using an account key file.
      community.crypto.acme_certificate:
        account_key_src: "{{ item.basedir }}/account_{{ item.common_name }}.key"
        account_email: "{{ item.email }}"
        src: "{{ item.basedir }}/{{ item.common_name }}.csr"
        cert: "{{ item.basedir }}/{{ item.common_name }}.crt"
        challenge: dns-01
        acme_version: 2
        acme_directory: "{{ acme_dir }}"
        # Renew if the certificate is at least 30 days old
        remaining_days: 60
        terms_agreed: true
      register: cert_challenge
  

  Now, I'll be using DigitalOcean's API to create the temporary DNS records, but you can use whatever DNS service you want, as long as it's publicly available for Letsencrypt to query. The following block will only run if two things are true: 1. the cert_challenge is changed, which is only so if we need to renew the certificate. Letsencrypt certificates are valid for 90 days only. We specified remaining_days: 60, so if we run this playbook 30 or more days after its previous run, cert_challenge will be changed and the certificate will be renewed. 2. item.common_name (which is a variable that holds the requested DNS record) is part of the challenge_data structure in cert_challenge. This is to verify we actually got the correct data from the Letsencrypt API, and not just some metadata change.

  The block looks like this:

     - name: Actual certificate creation
      when: cert_challenge is changed and item.common_name in cert_challenge.challenge_data
      block:
        - name: Create DNS challenge record on DO
          community.digitalocean.digital_ocean_domain_record:
            state: present
            oauth_token: "{{ do_api_token }}"
            domain: "{{ item.domain[1:] }}"
            type: TXT
            ttl: 60
            name: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].record | replace(item.domain, '') }}"
            data: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].resource_value }}"
          delegate_to: localhost
          become: false
  
        - name: Let the challenge be validated and retrieve the cert and intermediate certificate
          community.crypto.acme_certificate:
            account_key_src: "{{ item.basedir }}/account_{{ item.common_name }}.key"
            account_email: "{{ item.email }}"
            src: "{{ item.basedir }}/{{ item.common_name }}.csr"
            cert: "{{ item.basedir }}/{{ item.common_name }}.crt"
            fullchain: "{{ item.basedir }}/{{ item.domain[1:] }}-fullchain.crt"
            chain: "{{ item.basedir }}/{{ item.domain[1:] }}-intermediate.crt"
            challenge: dns-01
            acme_version: 2
            acme_directory: "{{ acme_dir }}"
            remaining_days: 60
            terms_agreed: true
            data: "{{ cert_challenge }}"
  
        - name: Remove DNS challenge record on DO
          community.digitalocean.digital_ocean_domain_record:
            state: absent
            oauth_token: "{{ do_api_token }}"
            domain: "{{ item.domain[1:] }}"
            type: TXT
            name: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].record | replace(item.domain, '') }}"
            data: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].resource_value }}"
          delegate_to: localhost
          become: false
  

  You'll notice that the TTL for this record is intentionally very low, because we don't need it other than for validation of the challenge, and we'll remove it after vertification. If you do not use DigitalOcean as a DNS provider, the first task in the block above will look different, obviously.

  The second task in the block reruns the acme_certificate task, and this time we pass the contents of the cert_challenge variable as the data parameter. Upon successful validation, we can store retrieve the new certificate, full chain and intermediate chain to disk. Basically, at this point, we are done without having to use certbot :)

  Of course, in the third task, we clean up the temporary DNS record again.

  I have a slightly different playbook to manage certificates on my NAS, and some additional tasks that configure Postfix to use this certificate, too, but those are probably useful for me only.

  TL;DR: it you want to create a (set of) certificate(s) for a (group of) machine(s), running this playbook from AAP every month makes that really easy.

  The main playbook looks like this:

  ---
  # file: letsencrypt.yml
  - name: Configure letsencrypt certificates
    hosts: rhel_machines
    gather_facts: false
    become: true
    vars:
      debug: false
      acme_dir: https://acme-v02.api.letsencrypt.org/directory
  
    pre_tasks:
      - name: Gather facts subset
        ansible.builtin.setup:
          gather_subset:
            - "!all"
            - default_ipv4
            - default_ipv6
  
    tasks:
      - name: Include letsencrypt tasks for each certificate
        ansible.builtin.include_tasks: letsencrypt_tasks.yml
        loop: "{{ le_certificates }}"
  

  The letsencrypt_tasks.yml file is all of the above tasks combined into a single playbook:

  ---
  # file: letsencrypt_tasks.yml
  
  - name: Create directory to store certificate information
    ansible.builtin.file:
      path: "{{ item.basedir }}"
      state: directory
      mode: "0710"
      owner: "{{ cert_directory_user }}"
      group: "{{ cert_directory_group }}"
  
  - name: Check if account private key exists
    ansible.builtin.stat:
      path: "{{ item.basedir }}/account_{{ item.common_name }}.key"
    register: account_key
  
  - name: Generate and copy over the acme account private key
    when: not account_key.stat.exists | bool
    block:
      - name: Generate private account key for letsencrypt
        community.crypto.openssl_privatekey:
          path: /tmp/account_{{ item.common_name }}.key
          type: RSA
        delegate_to: localhost
        become: false
        when: not account_key.stat.exists | bool
  
      - name: Copy over private account key to client
        ansible.builtin.copy:
          src: /tmp/account_{{ item.common_name }}.key
          dest: "{{ item.basedir }}/account_{{ item.common_name }}.key"
          mode: "0640"
          owner: root
          group: root
  
  - name: Check if certificate private key exists
    ansible.builtin.stat:
      path: "{{ item.basedir }}/{{ item.common_name }}.key"
    register: cert_key
  
  - name: Generate and copy over the acme cert private key
    when: not cert_key.stat.exists | bool
    block:
      - name: Generate private acme key for letsencrypt
        community.crypto.openssl_privatekey:
          path: /tmp/{{ item.common_name }}.key
          type: RSA
        delegate_to: localhost
        become: false
        when: not cert_key.stat.exists | bool
  
      - name: Copy over private acme key to client
        ansible.builtin.copy:
          src: /tmp/{{ item.common_name }}.key
          dest: "{{ item.basedir }}/{{ item.common_name }}.key"
          mode: "0640"
          owner: root
          group: root
  
  - name: Generate and copy over the csr
    block:
      - name: Grab the private key from the host
        ansible.builtin.slurp:
          src: "{{ item.basedir }}/{{ item.common_name }}.key"
        register: remote_cert_key
  
      - name: Generate the csr
        community.crypto.openssl_csr:
          path: /tmp/{{ item.common_name }}.csr
          privatekey_content: "{{ remote_cert_key['content'] | b64decode }}"
          common_name: "{{ item.common_name }}"
        delegate_to: localhost
        become: false
  
      - name: Copy over csr to client
        ansible.builtin.copy:
          src: /tmp/{{ item.common_name }}.csr
          dest: "{{ item.basedir }}/{{ item.common_name }}.csr"
          mode: "0640"
          owner: root
          group: root
  
  - name: Create a challenge using an account key file.
    community.crypto.acme_certificate:
      account_key_src: "{{ item.basedir }}/account_{{ item.common_name }}.key"
      account_email: "{{ item.email }}"
      src: "{{ item.basedir }}/{{ item.common_name }}.csr"
      cert: "{{ item.basedir }}/{{ item.common_name }}.crt"
      challenge: dns-01
      acme_version: 2
      acme_directory: "{{ acme_dir }}"
      # Renew if the certificate is at least 30 days old
      remaining_days: 60
      terms_agreed: true
    register: cert_challenge
  
  - name: Actual certificate creation
    when: cert_challenge is changed and item.common_name in cert_challenge.challenge_data
    block:
      - name: Create DNS challenge record on DO
        community.digitalocean.digital_ocean_domain_record:
          state: present
          oauth_token: "{{ do_api_token }}"
          domain: "{{ item.domain[1:] }}"
          type: TXT
          ttl: 60
          name: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].record | replace(item.domain, '') }}"
          data: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].resource_value }}"
        delegate_to: localhost
        become: false
  
      - name: Let the challenge be validated and retrieve the cert and intermediate certificate
        community.crypto.acme_certificate:
          account_key_src: "{{ item.basedir }}/account_{{ item.common_name }}.key"
          account_email: "{{ item.email }}"
          src: "{{ item.basedir }}/{{ item.common_name }}.csr"
          cert: "{{ item.basedir }}/{{ item.common_name }}.crt"
          fullchain: "{{ item.basedir }}/{{ item.domain[1:] }}-fullchain.crt"
          chain: "{{ item.basedir }}/{{ item.domain[1:] }}-intermediate.crt"
          challenge: dns-01
          acme_version: 2
          acme_directory: "{{ acme_dir }}"
          remaining_days: 60
          terms_agreed: true
          data: "{{ cert_challenge }}"
  
      - name: Remove DNS challenge record on DO
        community.digitalocean.digital_ocean_domain_record:
          state: absent
          oauth_token: "{{ do_api_token }}"
          domain: "{{ item.domain[1:] }}"
          type: TXT
          name: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].record | replace(item.domain, '') }}"
          data: "{{ cert_challenge.challenge_data[item.common_name]['dns-01'].resource_value }}"
        delegate_to: localhost
        become: false
  

  And finally, as part of host_vars, for each of my hosts a letsencrypt.yml file exists containing:

  ---
  le_certificates:
    - common_name: "myhost.example.com"
      basedir: "/etc/letsencrypt"
      domain: ".example.com"
      email: security-team@example.com
  

  To be fair, there could probably be a lot of optimization done in that playbook, and I can't remember why I did it with .example.com (with the leading dot) and then use item.domain[1:] in so many places. But, I'm a lazy IT person, and I'm not fixing what isn't inherently broken :)

  Hope this helps!

  M