Matthew Garrett looks at the recent disclosure of GitHub's private host key, how it probably came about, and what a better approach to key management might look like.

The main problem is that client tooling just doesn't handle this well. OpenSSH has no way to do TOFU for CAs, just the keys themselves. This means there's no way to do a git clone ssh://git@github.com/whatever and get a prompt asking you to trust Github's CA. Instead, you need to add a @cert-authority github.com (key) line to your known_hosts file by hand, and since approximately nobody's going to do that there's only marginal benefit in going to the effort to implement this infrastructure. The most important thing we can do to improve the security of the SSH ecosystem is to make it easier to use certificates, and that means improving the behaviour of the clients.

A quick and simple guide to fix pip command not found in Ubuntu and other Linux distributions.

ANBERNIC Launches the RG405M Handheld with an Android-based OS

Coding-related links

The GNOME team is developing accent colour support and its benefits for personalization.

Are you an Arch Linux user eager for the latest GNOME version? Look no further – here are the answers you’re looking for

Server stuff

This is cross-platform open source software running on Linux, macOS, and Windows

Some software, update from Mr. Revoy and more

last batch for today

Episodes and more

Incidents, bugs etc.

The Intel XeSS SDK 1.0 release happened last September while now has been succeeded by XeSS SDK 1.1. Though like the prior release, the XeSS SDK isn't fully open-source with just the bits around game integration being public...

Canonical released today a new Linux kernel security update for Ubuntu 22.10 (Kinetic Kudu) users to address nine security vulnerabilities.

New release

many howtos for the afternoon

Coding links and RasPi

Some GAFAM news

AMD has been teasing FidelityFX Super Resolution 3 (FSR3) as the latest version of their game upscaling tech that will be released later in the year. AMD began showing off FSR 3 to game developers this week at GDC while also re-affirming their open-source commitment...

Recently I provided a fresh look at the Intel Arc Graphics Linux gaming performance with the newest open-source drivers. While it was a letdown with some of the newer Steam Play games still not working due to current limitations of the Intel "ANV" open-source Vulkan driver and some Vulkan performance issues in other titles, one area that stood out was the very good Linux OpenGL performance. That made me curious to look at the workstation OpenGL performance for Intel Arc Graphics, which is the focus of today's testing.