acme.sh is an ACME protocol client written purely in Shell (Unix shell) language.

Ubuntu Server 21.04 was released. This latest development cycle brings:

• phased updates
• native support for Microsoft SQL Server on 20.04 LTS
• Hardware Enablement (HWE) advanced networking stack for all LTS Ubuntu versions
• stability updates to HA stack, including pacemaker and corosync
• Linux kernel 5.11
• application updates

The author reports on the challenges of live-migrating 900 Openstack Compute nodes.

It was possible to merge malicious pull requests and execute arbitrary Ruby codes on users' machines.

»Upptime is the open-source uptime monitor and status page, powered entirely by GitHub Actions and Issues.«

The Epic Games Reliability Engineering team did a post-mortem on a certificate expiration issue they recently experienced.

The short instructions on this post show how to set the Permissions-Policy: interest-cohort=() header in popular HTTP/S servers.

The Codecov supply chain hack gets investigated.

»Some of you have noticed the past few weeks and months that
a serious attempt to bring a second language to the kernel was
being forged. We are finally here, with an RFC that adds support
for Rust to the Linux kernel.«

»Tahoe-LAFS is a Free and Open decentralized cloud storage system.«

Interesting read about the shortcomings of using fail-fast for achieving fault tolerance in modern distributed systems.

Blog post on how Nix can help to solve DevOps problems.

»BleedingTooth is a set of zero-click vulnerabilities in the Linux Bluetooth subsystem that can allow an unauthenticated remote attacker in short distance to execute arbitrary code with kernel privileges on vulnerable devices.«

With the free support ending for Qt5, KDE is now maintaining security and functional fixes for it.

This post explains the three phases involved in starting ZFS on Linux.

In this post, the author explains his self-hosting setup.

Collaborative Markdown notes.

The author shares his thoughts and experience on communication in distributed teams.

The author explains an interesting information leakage bug in TXT files for TextEdit.

csvq: An SQL-like query language for csv.

Guider is a performance analyzer for almost all systems based on the Linux kernel.

Version 1.1 of the Proxmox Backup Server is based on Debian 10.9 with a 5.4 kernel 5.4 and uses ZFS 2.0.

In this post, the author gives practical tips on how not to leak secrets when building container images.

The vulnerability that allowed the execution of arbitrary shell commands on the trunk server was introduced six years ago.

Moxie Marlinspike takes a closer look at the Cellebrite UFED equipment: »By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me.«

Page with a comprehensive list of various text to diagram tools.

Only some of the highlights:

• ZFS now provided by OpenZFS
• in-kernel framing and encryption of TLS
• arm64 is promoted to Tier-1 status
• rewritten routing stack
• clang, lld, llvm, libc++ update to 11.0.1
• bhyve improvements
• removed obsolete GDB

In this statement, the DNS root server operators explain why they don't feel comfortable being the early adopters of authoritative DNS encryption.

Element Matrix Services is now bridging to Microsoft Teams.

The article demonstrates with practical examples how insufficient user input validation leads to code execution vulnerabilities.

»The DebOps project is a set of Free and Open Source tools that let users bootstrap and manage an IT infrastructure based on Debian or Ubuntu operating systems.«

This short post explains why, strictly speaking, the term DNS propagation is misused.

Post by Percona about different multi-master replication solutions for Postgres.

Pointed comment by Corey Quinn on why the operating system does not matter that much anymore.

»FreeBSD will promote arm64 to a Tier 1 architecture in FreeBSD 13.«

In this post, Michael Prokop does an in-depth post-mortem on the outage of a Proxmox hyper-converged Ceph cluster.

Shellharden is a shell script syntax highlighter.

»Self-hosted "wayback machine" that creates HTML & screenshot archives of sites from your bookmarks, browsing history, RSS feeds, or other sources.«

This post shows four practical examples of how fzf can improve shell workflows.

This post compares the Github flow with the less often used git-send-email-flow.

In this paper, the authors present a framework to identify open-source software packages where the software engineering labor becomes out of alignment with the demand of people who rely on the software.

zellij is a terminal multiplexer with a layout and plugin system on top.

git-xargs is a command-line utility that allows the execution of commands on multiple git repositories in parallel.

The release notes of OpenSSH 8.6 again start with the deprecation notice for the SHA-1 "ssh-rsa" signature scheme. The new release comes with security and feature improvements.

YouTube will gain up to 33 times the performance with its custom-built video transcoding units compared to optimized software on traditional servers.

The author illustrates some recurring issues that often arise in architectures based on microservices.

» I've lately been trying an exercise where, when reading anything by or about tech companies, I replace uses of the word "infrastructure" with "means of production." «

In-depth comparison of files, archives, and directories.

Version 12 of the LLVM compiler toolchain was released.

The FBI actively removes backdoors from the hacked Microsoft Exchange servers.

»Dell Technologies to Spin-off 81% Equity Ownership of VMware.«

In this multi-part article, the author covers access methods to multi-screen spice consoles.

In this post, the author shows that replacing C/C++ with safer languages is not an all-or-nothing task and suggests prioritizing systematically.

New release of OSBuild, the project providing tools for building operating system images.

xplr is »a hackable, minimal, fast TUI file explorer, stealing ideas from nnn and fzf. «

Yes, running unsupported, unpatched servers on the Internet is a bad idea.

Article about Microsofts first production-environment deployment of two-phase liquid immersion cooling in a data center.

Article how with AMD PSB enabled, CPUs are locked to a vendor ecosystem.

Booklet with shell scripting tips and tricks.

This guide covers many different aspects of online anonymity.

The first stable version of Almalinux, a binary-compatible drop-in replacement for CentOS, is available.

The author explains how he hosts his blog on the Quectel EG25-G modem of his PinePhone.

According to a source, Ubiquiti's breach in January 2021 was much severe than what the company communicated.

This post introduces Cloudflare's rewritten web application firewall.