Links 28/11/2016: X-Plane 11 Beta, Early Work For C++20, Microsoft Hole in RHEL

Posted in News Roundup at 7:44 pm by Dr. Roy Schestowitz

GNOME bluefish



  • Managing devices in Linux

    There are many interesting features of the Linux directory structure. This month I cover some fascinating aspects of the /dev directory. Before you proceed any further with this article, I suggest that, if you have not already done so, you read my earlier articles, Everything is a file, and An introduction to Linux filesystems, both of which introduce some interesting Linux filesystem concepts. Go ahead—I will wait.

    Great! Welcome back. Now we can proceed with a more detailed exploration of the /dev directory.

  • Open source has won, and Microsoft has surrendered

    I have covered Microsoft’s interference with FOSS [free and open-source software] for over a decade and carefully studied even pertinent antitrust documents. I know the company’s way of thinking when it comes to undermining their competition

    The pattern of embrace and extend (to extinguish) — all this while leveraging software patents to make Linux a Microsoft cash cow or compel OEMs to preinstall privacy-hostile Microsoft software/apps with proprietary formats (lockin) — never ended. What I see in the Linux Foundation right now is what I saw in Nokia 5 years ago and in Novell 10 years ago — the very thing that motivated me to start BoycottNovell, a site that has just turned 10 with nearly 22,000 blog posts. It is a saddening day because it’s a culmination, after years of Microsoft ‘micro’ payments to the Linux Foundation (e.g. event sponsorship in exchange for keynote positions), which will have Microsoft shoved down the throats of GNU/Linux proponents and give an illusion of peace when there is none, not just on the patent front but also other fronts (see what Microsoft’s partner Accenture is doing in Munich right now).

  • Desktop

    • Pinebook crams ARM CPU and Linux support into an $89 laptop

      Last year Pine64 debuted a tiny little Linux computer that packs an Allwinner A64 ARM processor inside a small, clear shell. The big deal with that tiny computer was that it cost only $15 or starters. Pine64 is back and this year it has a new laptop that is impressively cheap called the Pinebook.

      This laptop packs in the Allwinner quad-core, 64-bit processor and pairs that processor with 2GB of RAM. Internal storage is 16GB and the Pinebook features WiFi and Bluetooth built-in. The machine has dual USB 2.0 ports, a microSD card slot, a mini HDMI output, and a headphone port. It’s not going to be a powerhouse machine, but the hardware isn’t bad considering that the 11.6-inch screen version sells for $89.

  • Server

    • Docker 1.13.0 RC2 Supports Building of Docker DEBs for Ubuntu 16.10 on PPC64LE

      Two weeks ago, we discussed here the upcoming features of the Docker 1.13.0 open-source and cross-platform application container engine as part of the new version’s first Release Candidate build.

      And now, Developer Victor Vieux announced the availability of the second RC version for the Docker 1.13.0 release, which appears to bring lots of improvements and bug fixes. Notable changes include support for labels on volumes, the ability to filter volumes by label, along with the ability to purge data from a deleted volume using the “–force” parameter in the “docker volume rm” command.

    • AWS Launches Amazon Linux Container Image

      AWS recently launched a Docker container image for its Amazon Linux operating system, complementing the EC2 specific Amazon Linux AMI with a versatile deployment option for custom cloud and on-premise environments. The image is available through the Amazon EC2 Container Registry (Amazon ECR), and also as an official repository on Docker Hub.

      The Amazon Linux AMI is a “supported and maintained Linux image provided by Amazon Web Services” that is designed to “provide a stable, secure, and high performance execution environment for applications running on Amazon EC2″. It has long been the base image for most of AWS’ Linux based offerings, such as the AWS Elastic Beanstalk platforms, the Amazon Elastic MapReduce releases, and the Amazon EC2 Container Service instances.

    • 3 Emerging Cloud Technologies You Should Know

      In previous articles, we’ve discussed four notable trends in cloud computing and how the rise of microservices and the public cloud has led to a whole new class of open source cloud computing projects. These projects leverage the elasticity of the public cloud and enable applications designed and built to run on it.

      Early on in cloud computing, there was a migration of existing applications to Amazon Web Services, Google, and Microsoft’s Azure. Virtually any app that ran on hardware in private data centers could be virtualized and deployed to the cloud. Now with a mature cloud market, more applications are being written and deployed directly to the cloud and are often referred to as being cloud native.

      Here we’ll explore three emerging cloud technologies and mention a few key projects in each area. For a more in-depth explanation and to see a full list of all the projects across six broad categories, download our free 2016 Guide to the Open Cloud report.

    • Why the fuss about serverless?

      To explain this, I’m going to have to recap on some old work with a particular focus on co-evolution.

  • Kernel Space

    • Linux 4.9-rc7

      Still on the regular Sunday release schedule, here’s rc7.

      I think we got all the silly problems I was aware of fixed, and on the
      whole things are looking pretty good. In fact, if next week ends up
      being very quiet, this _might_ be the last rc, although honestly I
      strongly suspect I’ll end up doing an rc8. It’s been a big release,
      and rc7 could have been quieter. We’ll see.

      I basically reserve the right to make up my mind next weekend.

      The changes in rc7 are mainly drivers, architecture and networking. In
      fact, most of the driver updates are networking drivers, so I guess I
      could say “mostly networking and architecture updates, with a
      smattering of other driver updates” (the main other driver areas being
      usb, gpu, hid, i2c, iommu). And we’ve got the usual small random
      stuff all over (core kernel, a eBPF fix, some filesystem fixes etc).

      The appended shortlog gives a reasonable view into what’s up.


    • Linus Torvalds Outs the Seventh RC for Linux Kernel 4.9, Might Be the Last One

      It’s Sunday here is the US, and, for hardcore Linux users, this means that they test drive yet another RC (Release Candidate) build of the soon-to-be-released Linux 4.9 kernel.

      That’s right, Linus Torvalds just made his weekly announcement to inform the Linux community on the immediate availability of the seventh Release Candidate (RC7) development milestone for the upcoming Linux kernel 4.9 series, which has been delayed for a week due to the size of the patch.

    • Linux 4.9-rc7 Kernel Released: Final In 1~2 Weeks

      The Linux 4.9-rc7 test kernel is now available although it’s yet undecided whether there will be an RC8 before declaring it gold.

    • Shhhhh! If you’re quiet, Linus Torvalds might release new a Linux

      The world almost certainly needs to wait another week for Linux 4.9, says the operating system’s overlord Linus Torvalds.

      In his weekly post on the progress of the next kernel release, Torvalds announced release candidate seven of Linux 4.9, saying “ I think we got all the silly problems I was aware of fixed, and on the whole things are looking pretty good.”

    • Linux Kernel 4.4.35 LTS Hits the Streets with x86 Improvements, Updated Drivers
    • Linux Kernel 4.8.11 Improves Wireless and AMDGPU Drivers, Fixes AArch64 Issues
    • Graphics Stack

      • VK9, the open source project to implement d3d9 over Vulkan continues to improve

        VK9, formerly known as ‘SchaeferGL’ is an open source project that aims to implement d3d9 over Vulkan.

      • Mesa 13.0.2 Released, Includes Many Intel/RADV Vulkan Driver Fixes

        For those riding the stable Mesa release train, Mesa 13.0.2 is now available as the newest Mesa 13.0 point release.

        As covered last week, the 50+ changes in this version include many fixes to VC4, i965, Radeon, and RADV drivers. There are also a number of Vulkan WSI (windowing system integration) fixes plus driver specific work, more smoke-testing, and memory leak fixes. The Intel Mesa driver also has received its share of support for Intel Geminilake hardware coming out in 2017.

      • Mesa 13.0.2 Adds Intel Gemini Lake Support, Great Improvements to Vulkan Drivers

        Today, November 28, 2016, Collabora’s Emil Velikov announced the release of the second maintenance update to the stable Mesa 13.0 3D Graphics Libray for Linux-based operating systems.

      • Qualcomm Adreno A5xx Open-Source Driver Bringup For Freedreno

        There’s now patches for bringing up open-source graphics driver support in the Freedreno stack for Qualcomm’s latest-generation Adreno graphics hardware.

        The Adreno 505, 506, 510, and 530 GPUs are found in Qualcomm’s Snapdragon SoCs like the Snapdragon 820, 821, 650, and 430. The Adreno 500 series is fully Vulkan 1.0 compliant, supports OpenGL ES 3.1/3.2, and has full support for OpenCL 2.0.

    • Benchmarks

      • 20-Way NVIDIA/AMD GPU Darktable OpenCL Photography Performance

        With the holiday season in full swing, whether you are just a casual photographer or professional, Darktable is easily one of the best photography workflow applications and it’s free software! Darktable has offered OpenCL acceleration for providing faster performance on GPUs and with the imminent Darktable 2.2 release there is even better OpenCL results. For those curious about the OpenCL performance of Darktable, I’ve done some Darktable 2.2-RC1 benchmarks on a variety of NVIDIA GeForce and AMD Radeon graphics cards under Ubuntu Linux.

      • More Darktable GPU/CPU Benchmarks – 27 Different Setups
  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Chakra GNU/Linux Users Get KDE Plasma 5.8.4, Apps 16.08.3, and Frameworks 5.28.0

        On November 27, 2016, Chakra GNU/Linux developer Neofytos Kolokotronis informs the community about the availability of a set of new software updates for the rolling distro originally based on Arch Linux.

        A week ago, we reported on the availability of the cups 2.1.4-3 and pepperflashplugin packages in the Chakra GNU/Linux repositories, which required manual intervention from the user. And, after some issues with their hosting provider, the promised KDE goodies are finally here, along with numerous other updates.

      • Google Code-in begins soon; KDE mentors welcome students

        The KDE community will once more be participating in Google Code-in, which pairs KDE mentors with students beween the ages of 13 and 18 to work on tasks which both help the KDE community and teach the students how to contribute to free and open source projects. Not only coding, but also documentation and training, outreach and research, quality assurance and user interface tasks will be offered.

      • KDE Developer Guide needs a new home and some fresh content

        As I just posted in the Mission Forum, our KDE Developer Guide needs a new home. Currently it is “not found” where it is supposed to be.

        We had great luck using markdown files in git for the chapters of the Frameworks Cookbook, so the Devel Guide should be stored and developed in a like manner. I’ve been reading about Sphinx lately as a way to write documentation, which is another possibility. Kubuntu uses Sphinx for docs.

        In any case, I do not have the time or skills to get, restructure and re-place this handy guide for our GSoC students and other new KDE contributors.

    • GNOME Desktop/GTK

      • This week in GTK+ – 26

        In this last week, the master branch of GTK+ has seen 40 commits, with 1551 lines added and 1998 lines removed.

      • Linux communities, we need your help!

        There are a lot of Linux communities all over the globe filled with really nice people who just want to help others. Typically these people either can’t (or don’t feel comfortable) coding, and I’d love to harness some of that potential by adding a huge number of new application reviews to the ODRS. At the moment we have about 1100 reviews, mostly covering the more popular applications, and also mostly written in English.

      • Work Underway for GTK+ 4 Toolkit, Graphic Tablet Support Was Improved on Windows

        Emmanuele Bassi, senior software engineer at Endless and GNOME/GTK+ collaborator, reports today, November 28, 2016, on the work that happened this last week for the cross-platform and open-source GTK+ GUI toolkit.

        With 1551 lines added and 1998 lines removed, the master branch of GTK+ has seen 40 commits since Emmanuele Bassi’s last report, and it appears that the first GTK+ 4 development snapshot is now ready for public testing, versioned 3.89.1. According to the current GTK+ road map, all deprecated APIs have now been removed.

  • Distributions

    • Red Hat Family

      • Red Hat Developer Toolset 6 released

        On the one hand, businesses want the most stable operating systems. That’s why Red Hat has Red Hat Enterpise Linux (RHEL). On the other, developers want the newest and fastest development tools. That’s why Red Hat also puts out the community Fedora Linux distribution. But what if you want both? Red Hat has you covered with Red Hat Developer Toolset 6.

      • For HPC, Red Hat Offers Much More than just Linux

        In this video from SC16, Dan McGuan from Red Hat Inc. describes the company’s wide range of software offerings for the HPC market.

      • Finance

      • Fedora

        • Jose Bonilla: How do you Fedora?

          Bonilla first got involved in the Fedora community when he was studying for the RHCSA (Red Hat Certified System Administrator) exam. He felt using Fedora was the best way to prepare for the exam. “One criteria I use when choosing any open sourced software is to examine the community.” Jose looks at the number of users, forums, blog posts, and issue resolution all as part of the community. The Fedora community exceeds all his expectations.

          Jose would like to see more development of Cockpit. “I feel that web-based server administration tools are the future and perhaps the gateway for new interest in Linux administration.” Bonilla did not credit any single person for influencing his decision to contribute to Fedora. It was a “multitude of people and their stances,” he said. Bonilla commented that his “goal is to convince people, by example, that open source projects such as the Fedora Project are important and viable solutions to anyone’s computing needs.”

        • Where has puppet gone in EPEL-6 (and when will it be back?)
        • Abiword for EL-7

          Over Thanksgiving break, I decided to go through a long list of emails that were marked “when you have a spare moment”. I really didn’t have one but I realized that many of those emails were crufty and old. One was some people asking about getting abiword together for EL-7. This looked like a straightforward enough task so I got into it and started working out all the packages that would need to be branched to say EPEL and what would be needed to compile them.

    • Debian Family

      • The Systemd-Free Debian Fork Celebrates Its Second Birthday

        Devuan, the Debian fork that frees the system of systemd, is now two years old.

        Yesterday marked two years since the announcement of the systemd-free Debian fork, Devuan.

        Two years going, this Linux OS that aims for “Init Freedom” isn’t the most vibrant distribution out there. When’s the last time you’ve heard of Devuan or even used it yourself? This year much of the systemd “hate” seems to have calmed down compared to prior years, although new features continue to be tacked onto systemd. Here’s an interesting Google Trends comparison for those interested.

      • Debian with three monitors under low cost graphics interface

        Since 2008 I use two monitors in my desktop. Yesterday I bought a new graphics interface and a third monitor. Some time I was looking for a low cost graphics interface. Ok, I am using GeForce GT 740 which has three output ports: VGA, DVI and HDMI. In Brazil this interface card can be found around R$ 400 (US$ 117, but my card was US$ 87 in Brazilian Black Friday). In Amazon.com, it is between US$ 51 and US$ 109. The chosen manufacturer was Zotac, but all GT 740 and 750 will work fine (I tested the GT 750 too).

      • Derivatives

        • Parsix GNU/Linux 8.15 (Nev) and 8.10 (Erik) Get New Security Updates from Debian

          Today, November 27, 2016, the developers of the Debian-based Parsix GNU/Linux distribution announced the availability of new security updates for the Parsix GNU/Linux 8.10 “Erik” and 8.15 “Nev” releases.

          While the upcoming Parsix GNU/Linux 8.15 “Nev” release is still in the works, it gets the same security update as Parsix GNU/Linux 8.10 “Erik,” which are being ported from the upstream repositories of Debian GNU/Linux 8 “Jessie” (a.k.a. Debian Stable) to Parsix GNU/Linux’s own repos.

          It’s been a week since our previous report on the security updates pushed to the stable Parsix GNU/Linux repositories, and we’re seeing updated versions of the Vim text editor, Apache Tomcat 7 and 8 Java Servlet Containers, as well as Wireshark network protocol analyzer.

        • Canonical/Ubuntu

          • Canonical Announces the Availability of Ubuntu Advantage VG on AWS Marketplace

            Canonical, through Udi Nachmany, head of the Ubuntu Certified Public Cloud program, was proud to announce the availability for purchase of Ubuntu Advantage Virtual Guests on the AWS marketplace.

          • Mir is not only about Unity8

            Mir is a project to support the management applications on the display(s) of a computer. It can be compared to the more familiar X-Windows used on the current Ubuntu desktop (and many others). I’ll discuss some of the motivation for Mir below, but the point of this post is to clarify the relationship between Mir and Unity8.

          • Mir/Ubuntu Developer Talks Up Mir Outside Of Unity 8

            Most talk these days of Ubuntu’s Unity 8 next-gen desktop experience and their Mir display server goes hand-in-hand since the change-over is planned in-step before Ubuntu 18.04 LTS, but there’s a new Ubuntu Insights blog post up working to promote Mir as more than just tech for the Unity 8 desktop.

            Canonical engineer Alan Griffith has written a blog post today about Mir outside of Unity 8. Mir’s abstraction layer is providing libmiral.so as a stable library to Mir providing window manager, the miral-shell providing both traditional and tiling window manager, and miral-kiosk as a sample “kiosk” with basic window management.

          • What’s New in Ubuntu 17.04 (Zesty Zapus) – Overview

            Ubuntu 17.04, code named Zesty Zapus, is the future release that will succeed Ubuntu 16.10, and even though it’s End of life date has been scheduled for January 2018, the development team aims to bring a lot of upgrades, fixes, and additions in this release.

          • Flavours and Variants

            • Maui 2.1 “Blue Tang” ISO Fixes Installer Issues, Includes Updated Packages

              It’s been almost a month since the Maui 2 “Blue Tang” Linux distro arrived based on the Ubuntu 16.04 LTS (Xenial Xerus) operating system and KDE Plasma 5.8 LTS desktop environment, and now the first ISO respin is here.

              Maui 2.1 is a refreshed installation medium for those who want to install the Ubuntu-based distribution on their personal computers, including various updated packages, but it mainly focuses on fixing various issues reported by users with the Calamares installer since Maui 2.

  • Devices/Embedded

Free Software/Open Source

  • Productivity hacks: Optimizing your workflow with open source

    Communication with your team is key.

    For chat, IRC or Mattermost are great ways to stay in touch in real time. But chat can be a productivity killer if you feel like you have to be present at all times. Structure your day so that you only focus on necessary chat converstions; log off of chat when you need to focus on another task and set expectations with your team. Also, talk to your team about what types of things will be discussed on chat and what discussions are better for a different method, like a meeting.

    For meetings, talking with people in person can be necessary and very helpful for getting things done, but meetings can also be a time sink. Try to set them for only 30 minutes and stick to it. If you need more time, then take it as needed. If you set an agenda (try Etherpad for this), stick to it. Use your calendar to track your time—check out these open source Google calendar alternatives.

  • 15 JavaScript frameworks and libraries

    JavaScript’s open source stance is also one of the best. Contrary to popular belief, JavaScript is not a project, but a specification with an open standard where the language is evolved and maintained by its core team. ECMAScript, another fancy name of JavaScript, is not open source, but it too has an open standard.

    You can easily see evidence of JavaScript’s popularity when you look at both at GitHub. JavaScript is the top programming language when it comes to the number of repositories. Its prominance is also evident on Livecoding.tv, where members are diligently creating more videos on JavaScript than any other topic. At the time of this writing, the self-dubbed edutainment site hosts 45,919 JavaScript videos.

  • Yelp offers up Kafka tools to open source

    Yelp saved itself US$10 million by building out its Apache Kafka-based Data Pipeline, and now it wants to spread that love to other enterprises. Just before the holidays, Yelp open-sourced its Data Pipeline and assorted utilities used to maintain and build out this streaming data platform.

    Data Pipeline is now available on GitHub under the Apache 2.0 license. Using Data Pipeline, developers can tie their applications into the constantly flowing stream of Kafka data. The company detailed this in a blog entry.

  • Nomulus: Google’s open-source TLD registry platform

    In mid-October, Google open-sourced the core software behind their TLD registry: Nomulus. This software allows creation and management of new top-level domains (TLDs) in the cloud, enabling current businesses in the Internet real-estate market to expand into the new, rapidly growing generic TLD (gTLD) space, as well as reducing the technological barrier for prospective newcomers.

    Nomulus provides a wealth of core features out of the box. Because it is designed to run on Google App Engine, Nomulus is cloud-based and can scale quickly and efficiently as domains leased increase in popularity and number of registrations or inquiries.

  • Contribute To Open Source On #OpenCyberMonday

    Today is Cyber Monday, the day when everyone in the US goes back to work after Thanksgiving. Cyber Monday is a celebration of consumerism, and the largest online shopping day of the year. Right now, hundreds of thousands of office workers are browsing Amazon for Christmas presents, while the black sheep of the office are on LiveLeak checking out this year’s Black Friday compartment syndrome compilations.

  • Pentaho’s Quentin Gallivan: Open-Source Framework, Analytics Tools Key to Agencies’ Data Integration Efforts

    Quentin Gallivan, CEO of Hitachi Data Systems’ Pentaho subsidiary, has said government agencies should develop a “centralized” plan that seeks to leverage the use of business analytics tools and an open-source framework like Hadoop in order to facilitate data integration and access.

    Gallivan wrote that agencies should adopt an open-source framework that includes governance practices on the use of data and works to support big data processing operations.

  • Bitcoin in 5 minutes

    Blockstream’s Eric Martindale opened his five-minute All Things Open lightning talk with a bold claim: “Bitcoin is one on the most significant innovations of our time.”

  • 3 alternative reasons why you should test Nextcloud 11 Beta

    On the Nextcloud blog I just published about the beta for Nextcloud 11. The release will deliver many improvements and is worth checking out in itself, plus I put a nice clickbait-style title and gave three reasons to test it.

  • Web Browsers

    • Mozilla

      • The Glass Room: Looking into Your Online Life

        It’s that time of year! The excitement of Black Friday carries into today – CyberMonday – the juxtaposition of the analog age and the digital age. Both days are fueled by media and retailers alike and are about shopping. And both days are heavily reliant on the things that we want, that we need and what we think others want and need. And, all of it is powered by the data about us as consumers. So, today – the day of electronic shopping – is the perfect day to provoke some deep thinking on how our digital lives impact our privacy and online security. How do we do this?

  • Databases

    • phpMyAdmin security issues

      You might wonder why there is so high number of phpMyAdmin security announcements this year. This situations has two main reasons and I will comment a bit on those.

      First of all we’ve got quite a lot of attention of people doing security reviews this year. It has all started with Mozilla SOS Fund funded audit. It has discovered few minor issues which were fixed in the 4.6.2 release. However this was really just the beginning of the story and the announcement has attracted quite some attention to us. In upcoming weeks the security@phpmyadmin.net mailbox was full of reports and we really struggled to handle such amount. Handling that amount actually lead to creating more formalized approach to handling them as we clearly were no longer able to deal with them based on email only. Anyway most work here was done by Emanuel Bronshtein, who is really looking at every piece of our code and giving useful tips to harden our code base and infrastructure.

  • Pseudo-Open Source (Openwashing)

  • Funding

    • Time is running out for NTP

      Everyone benefits from Network Time Protocol, but the project struggles to pay its sole maintainer or fund its various initiatives

    • KDE End of Year Fundraising

      Have you ever felt that you wanted to give back to the KDE project? As the season of giving draws near there’s never been a better time to support KDE and help the project continue to bring free software to millions of lives worldwide.

      By participating in the end of year fundraiser, you can help us in our mission. Your donations are used to pay for transport and accomodation for developers to attend sprints as well as to support the server infrastructure required to keep the project running.

  • C++

    • The Latest On C++17, Early Work For C++20

      There was a C++ standards meeting recently in Issaquah, Washington and a report on it is now available with the latest on C++17 and early work around what will form C++20.

      This meeting resulted in the C++17 committee draft as the first feature-complete draft of the C++17 specification.Various tweaks to the language and library were accepted at this meeting. C++17 remains on track for seeing its official spec out in 2017.

  • Licensing/Legal

    • From Concept to License: Stewarding Your Own Open Source Project

      Are you of a mind to launch an open source project or are you in the process of doing so? Doing it successfully and rallying community support can be more complicated than you think, but a little up-front footwork and howework can help things go smoothly. Beyond that, some planning can also keep you out of legal trouble. Issues pertaining to licensing, distribution, support options and even branding require thinking ahead if you want your project to flourish. In this post, you’ll find our newly updated collection of good, free resources to pay attention to if you’re doing an open source project.

  • Openness/Sharing/Collaboration


  • Unhappy Thanksgiving in Valentina-Vlad-Nikky Family

    So today is Thanksgiving and I am writing this from the GlobalRev studio in New York, while my wife Nikky and my daughter Valentina are in Madrid. I was supposed to be on the 10pm flight to Madrid today, but it was not meant to be. Yesterday, I got a call from the passport office that my passport application is going through “administrative processing” and will be delayed in issuance.

    A day earlier, when i was submitting paperwork for a same day passport renewal, they canceled my existing passport, so now i don’t have a passport to be able to travel. I have been given no indication as to how long this “administrative processing” can take.


    This culminated yesterday when i got that call from the passport office. I was having lunch with a friend in Union square when the call came in. The gentleman on the other side of the phone first verified my identity and then informed me that I will not be able to fly to Spain today because my passport is being held up for “administrative processing” and he has no information on when that will be done, but assured me he will call me whenever that happens.

  • Security

    • European Commission knocked offline by ‘large scale’ DDoS attack

      THE EUROPEAN COMMISSION (EC) was struck by a large-scale distributed denial of service (DDoS) attack on Thursday, bringing down its internet access for hours.

      The EC confirmed the attack to Politico, saying that while it did fall victim to a DDoS attack, no data breached was experienced.

      “No data breach has occurred,” a Commission spokesperson said. “The attack has so far been successfully stopped with no interruption of service, although connection speeds have been affected for a time.”

    • Overclocked Wearables Can Pick Up Bio-Acoustic Signals

      The sensors incorporated into wearables can sometimes be repurposed to perform tasks beyond their intended applications. For example, it’s been shown that it’s possible to discover a victim user’s passwords and PINs by applying a sophisticated algorithm to the data gathered by wearable embedded sensors.

      Recently, researchers at the Future Interfaces Group at Carnegie Mellon University have overclocked the accelerometer of an LG smartwatch to extend its capabilities to more than just tracking fitness. By overclocking the off-the-shelf smartwatch via some software updates, they can now detect and process very small vibrations and audio signals.

      The new technology, dubbed ViBand, can allow different apps to understand the context of your activities by capturing bio-acoustic signals.

    • The Economics of stealing a Tesla with a phone

      A few days ago there was a story about how to steal a Tesla by installing malware on the owner’s phone. If you look at the big picture view of this problem it’s not all that bad, but our security brains want to make a huge deal out of this. Now I’m not saying that Tesla shouldn’t fix this problem, especially since it’s going to be a trivial fix. What we want to think about is how all these working parts have to fit together. This is something we’re not very good at in the security universe; there can be one single horrible problem, but when we paint the full picture, it’s not what it seems.

    • Config fumble left Azure Red Hat Enterprise Linux wide open

      A software engineer setting up a secure Red Hat Enterprise Linux virtual machine in the cloud discovered a serious configuration flaw that could be exploited to upload arbitrary software packages to Microsoft Azure update infrastructure.

      Ian Duffy found Microsoft had configured the Red Hat Update Appliance used for Azure in such a way that an attacker could easily get access to the content delivery servers and upload packages that client virtual machines would acquire when updating.

      Duffy was able to bypass the username and password authentication on the content delivery server by running a log file collector application. Once completed, the log file collector provided a link to a downloadable compressed archive.

    • Azure bug bounty Root to storage account administrator

      In my previous blog post Azure bug bounty Pwning Red Hat Enterprise Linux I detailed how it was possible to get administrative access to the Red Hat Update Infrastructure consumed by Red Hat Enterprise Linux virtual machines booted from the Microsoft Azure Marketplace image. In theory, if exploited one could have gained root access to all virtual machines consuming the repositories by releasing an updated version of a common package and waiting for virtual machines to execute yum update.

    • How to add more entropy to improve cryptographic randomness on Linux

      If you have Linux servers that depend upon encryption, you owe it to yourself to beef up the system entropy. Here’s how to do so with haveged.

    • Security advisories for Monday
    • FutureVault Inc.’s FutureVault

      Though short of Mr Torvalds’ aim of world domination, FutureVault, Inc., has set the ambitious goal to “change the way business is done” with its FutureVault digital collaborative vault application. Described by its developer as “at the epicenter of a brand new disruptive category in the financial services world”, FutureVault allows users to deposit, store and manage important financial, legal and personal documents digitally by means of a white-label, cloud-based, SaaS platform.

    • Azure glitch allowed attackers to gain admin rights over hosted Red Hat Linux instances

      A VULNERABILITY in Microsoft’s Azure cloud platform could have been exploited by an attacker to gain admin rights to instances of Red Hat Enterprise Linux (RHEL) and storage accounts hosted on Azure.

    • Microsoft update servers leave Azure RHEL instances hackable
    • Microsoft update left Azure Linux virtual machines open to hacking
    • Microsoft Azure bug put Red Hat instances at risk
    • Microsoft update servers left all Azure RHEL instances hackable

      Microsoft has patched flaws that attackers could exploit to compromise all Azure Red Hat Enterprise Linux (RHEL) instances.

      Software engineer Ian Duffy found the flaws while building a secure RHEL image for Microsoft Azure. During that process he noticed an installation script Azure uses in its preconfigured RPM Package Manager contains build host information that allows attackers to find all four Red Hat Update Appliances which expose REST APIs over HTTPS.

      From there Duffy found a package labelled PrepareRHUI (Red Hat Update Infrastructure) that runs on all Azure RHEL boxes, and contains the rhui-monitor.cloud build host.

      Duffy accessed that host and found it had broken username and password authentication. This allowed him to access a backend log collector application which returned logs and configuration files along with a SSL certificate that granted full administrative access to the four Red Hat Update Appliances.

    • Deutsche Telekom Says Cyber Attack Hits 900,000 Customers

      Deutsche Telekom (DTEGY) , Europe’s largest, said it could have been a victim of a cyber attack as 900,000 fixed-line customers face a second consecutive day of outages.

      The Bonn, Germany-based company, which has 20 million fixed network customers, said 900,000 customers with specific routers have faced temporary problems and marked fluctuations in quality, with some also receiving no service at all. It added that the problems have occurred in a wide region, not in a specific area.

    • San Francisco’s Muni Hacked

      It seems that on Friday, right in the midst of busy Thanksgiving weekend holiday traffic, the San Francisco Municipal Transportation Agency or Muni, was hit by hackers, forcing the system to offer Saturday free rides on the system’s light rail trains. The breach was apparently a ransomware attack, with the hackers demanding 100 Bitcoin, or approximately $73,000, to unencrypt the system.

      It all began when the words “You Hacked, ALL Data Encrypted” appeared on Muni agents’ screens. It’s not known whether Muni paid the ransom, although that’s considered unlikely. Operations of the system’s vehicles were not affected.

  • Transparency/Investigative Reporting

    • Latest Wikileaks cover Three Mile Island and worried governments’ response to partial meltdown

      A deluge of 1979 U.S. diplomatic cables released by WikiLeaks on Monday illustrate how intensely the partial meltdown at Three Mile Island grabbed the world’s attention and thrust the future of nuclear energy into question.

      Included in those communications are a series involving initial estimates of the human and environmental risks, as well as the response from world leaders to the unfolding crisis at the plant outside Harrisburg.

      In a cable sent from the U.S. Embassy in Brussels to Dublin, Ireland’s days after the March 28 incident, mounting interest from European officials is evident. All cables are unedited, but in some cases they’ve been clarified.

      “Mrs. Aston, along with several other officials concerned with nuclear power situations in the ec [European Community], called DOE [U.S. Department of Energy] representative at usec brussels early this morning to request all available information on the subject incident.”

  • Environment/Energy/Wildlife/Nature

    • Saudi Arabia tells OPEC it won’t attend non-OPEC talks on Monday

      Top OPEC oil exporter Saudi Arabia has told the producer group it will not attend scheduled talks in Vienna on Monday with non-OPEC oil producers, OPEC sources said on Friday.

    • Officials suspect chronic wasting disease in Michigan deer

      State wildlife regulators say another deer in southern Michigan may have been found with chronic wasting disease.

      The Department of Natural Resources says a hunter shot the 1½-year-old buck last week in Clinton County’s Eagle Township and took it to a check station.

    • Indonesia Is Burning, So Why Is The World Looking Away?

      In what is said to be one of the greatest environmental disasters of the 21st century, vast parts of Indonesia are currently on fire, burning from forest fires due to a whole range of sub-standard environmental policies.

      Due to deforestation, the land is sparse, as canals have dried up and the rain forest is set on fire to be cleared for the building of plantations. Palm oil is one of the main reasons for the clearing of the rain forests.

  • Finance

    • Economy Minister Rehn insists PM had no conflict of interest in mine deal

      Outgoing Economic Affairs Minister Olli Rehn has come out in defence of Prime Minister Juha Sipilä following reports that an engineering company owned by the PM’s relatives won a lucrative contract from the taxpayer-funded Terrafame mine in eastern Finland. Rehn said he is “absolutely sure” that Sipilä had no knowledge that the company owned by his uncles and cousins had won a half-a-million-euro order from the former Talvivaara mine.

  • AstroTurf/Lobbying/Politics

    • Electoral College must reject Trump unless he sells his business, top lawyers for Bush and Obama say

      Members of the Electoral College should not make Donald Trump the next president unless he sells his companies and puts the proceeds in a blind trust, according to the top ethics lawyers for the last two presidents.

      Richard Painter, Chief Ethics Counsel for George W. Bush, and Norman Eisen, Chief Ethics Counsel for Barack Obama, believe that if Trump continues to retain ownership over his sprawling business interests by the time the electors meet on December 19, they should reject Trump.

      In an email to ThinkProgress, Eisen explained that “the founders did not want any foreign payments to the president. Period.” This principle is enshrined in Article 1, Section 9 of the Constitution, which bars office holders from accepting “any present, emolument, office, or title, of any kind whatever, from any king, prince, or foreign state.”

    • When is a recount a sham?

      Recounts provide a peaceful dispute mechanism to help ensure that elections will be free and fair and equal to all. But the mere act of having a recount is not what helps elections be free and fair. The recount must be accountable to the public and fully transparent.

      A recount doesn’t need a smoking gun, and never needs to be apologized for. Done correctly, recounts add validity to elections.

      There is a great deal at stake in any recount. Observers should not make assumptions that every recount is honest, or that every statement made by public officials is true. The purpose of observation is authentication, and this responsibility should be taken seriously.

    • False CNN-porn report shows how fast fake news spreads

      No, despite what you read, CNN did not run porn for 30 minutes last night, as was reported by Fox News, the New York Post,Variety and other news organizations, several of which later corrected their stories.

    • Trump dismisses Wisconsin recount drive as ‘scam’

      Republican President-elect Donald Trump has described an impending recount of votes in Wisconsin as a “scam”.

      Mr Trump, who narrowly won the state, said the results “should be respected instead of being challenged or abused”.

      Green Party candidate Jill Stein had initiated the recount. She also wants recounts in Michigan and Pennsylvania, citing “statistical anomalies”.

      Democratic candidate Hillary Clinton’s campaign has said it would participate in Wisconsin’s recount.

      Results would need to be overturned in all three states to alter the outcome of the 8 November presidential election.

    • Trump calls recount effort a ‘scam’

      President-elect Donald Trump blasted Green Party presidential nominee Jill Stein on Saturday for pushing for a recount in several states, calling her efforts a “scam.”

      “This is a scam by the Green Party for an election that has already been conceded, and the results of this election should be respected instead of being challenged and abused, which is exactly what Jill Stein is doing,” Trump said in a statement.

      Citing concerns that voting systems have been compromised, Stein filed for a recount in Wisconsin on Friday afternoon, and has been fundraising off her vow to do the same in Pennsylvania and Michigan — all states in which Trump won or is leading.

    • Donald Trump blasts Wisconsin recount effort a ‘scam’ and says election is over

      Donald Trump has blasted the recount effort launched last week by the Green Party in Wisconsin which on Saturday attracted the formal support also of Hillary Clinton.

      From his Palm Beach retreat in Florida, Mr Trump issued a lengthy rebuke of the initiative calling it “ridiculous” and a “scam” that had been launched purely to benefit the Green Party’s nominee, Jill Stein, and “fill her coffers with money”.

      So far Ms Stein has raised close to $6 million through crowdfunding to pay to petition for recounts of the election results in three states. The request for a recount was submitted to the election authorities in Wisconsin on Friday. If she reaches her goal of raising $7 million in total she will be able to make similar filings to Pennsylvania and Michigan next week.

    • Paul Levy Discovers Head Of Reputation Management Company Signed Off On Forged/Fraudulent Court Docs

      As a result of a federal judge in Rhode Island taking a second look at an order he hastily granted earlier, Paul Alan Levy of Public Citizen has been able to confirm Richart Ruddie — the head of an extremely-sketchy reputation management company — signed off on the forged and fraudulent documents delivered to the court. The documents — a bogus lawsuit featuring the forged signatures of both the plaintiff and the defendant — are apparently just part of Profile Defenders’ reputation management work.

      Nice work if you can get [away with] it. File a bogus lawsuit. “Locate” a bogus defendant. Produce a signed admission of guilt and ask the judge to order search engines to delist the offending content. Cash checks. Repeat until caught.

      Richart Ruddie has been caught.

  • Censorship/Free Speech

    • A Media Blacklist, Courtesy of WaPo: Now I’m Afraid for Our Democracy

      So: Clinton lost because Russia wanted Trump to win because Trump will favor Russia so Russia created fake news which influenced over 62 million Americans to overlook Trump’s flaws and vote for him. Got it.

      Proof? Stuff on Facebook. Main source of that proof? A group of unknown origin, financing, and makeup (“an independent team of concerned American citizens”) called PropOrNot, i.e., propaganda or not. The group also “strongly suspects that some of the individuals involved have violated the Espionage Act, the Foreign Agent Registration Act, and other related laws.”

  • Privacy/Surveillance

    • Privacy Activists Urge Obama To Trump-Proof the NSA Before Leaving

      Terrified of Donald Trump gaining access to the world’s most powerful spy apparatus, a growing coalition of civil liberties activists, companies, and individuals are calling for President Obama to enact emergency NSA reforms before leaving office.

      Many take cues from former National Security Agency systems analyst Edward Snowden, who, after stealing a cache of documents to give to the press in 2013, warned of a surveillance apparatus so powerful it would enable “turnkey tyranny” if inherited by a president inclined to abuse it.

      And more than any major party candidate in recent memory, Trump has shaken opponents with outright promises to abuse executive power, like proposing to register all American Muslims in a database and spy on them without a warrant. He has a history of wanting to spy, too: A number of sources have previously claimed Trump would listen in on his guests’ phone calls at his Mar-A-Largo resort.

    • The NSA spy fortress in the middle of New York City

      The Intercept has published a fascinating, and eerie, investigation into the iconic Brutalist tower at 33 Thomas Street in Manhattan. Built to withstand a nuclear bomb, the modern fortress has no windows.

    • “A disaster waiting to happen”: Can you trust the government to digitise your personal data?

      Last week, the government’s Digital Economy Bill hit the news because of a proposed ban on pornographic websites that didn’t comply with its planned age verification rules. The news was just the right amount of shocking and yes, sexy, to grab the nation’s attention, but in the meantime other parts of the Bill remained unscrutinised. A distinctly un-sexy aspect of the Bill – Part 5, “Digital Government” – aims to completely revolutionise the way your personal data is shared.

      In essence, Part 5 allows the government to digitise your data and bulk-share it without informing you or asking for your permission. This data includes your birth, death, and marriage certificates, as well as information on your taxes, court appearances, benefits, student loans, and even parking tickets. If the Bill passes, your information will be shared with local councils, charities, and even businesses – initially, gas and electricity companies.

    • Petition against ‘most extreme’ new spying laws receives enough signatures to force parliament to consider debate

      More than 100,000 people have asked Parliament to repeal new spying laws, forcing MPs to consider debating them. But they are likely to block any further discussion of the hugely controversial bill.

      A petition focusing the Investigatory Powers Bill criticises the new surveillance laws, arguing that they allow authorities “unprecedented levels of power” and that they must be revoked. It had received 120,000 signatures at the time of publication, meaning that Parliament must consider it for debate.

    • EULF Guidelines for public administrations on location privacy now published

      Public administrations increasingly use location data to deliver public services such as location-enabled tools, apps for tourists, toll collection services or cadastral web applications. Location data such as addresses, GPS coordinates or camera images is key to many public services and can also be linked to all sorts of other data, generating new information that was not available before. Despite the increase consumption of location data, its potential to reveal personal information is often underestimated, especially in comparison to other sensitive data, for instance in the financial and health domains.

  • Civil Rights/Policing

    • A Dakota pipeline’s last stand

      In the Dakota language, the word “oahe” signifies “a place to stand on.”

      And that’s what the Standing Rock Sioux and its allies in the environmental and activist movements say they are doing: using Lake Oahe in North Dakota as a place to take a stand by setting up camps and obstructing roads to block the controversial $3.7 billion Dakota Access pipeline.

      Their confrontations with police — who have responded with water cannons, pepper spray and rubber bullets — have steered attention to the 1,170-mile-long oil pipeline project and its owner, Energy Transfer Partners. But the real source of Native Americans’ grievance stretches back more than a century, to the original government incursions on their tribal lands. And those earlier disputes over their rights to the land, like the one over the Dakota Access pipeline, pitted the tribes against a persistent force, the Army Corps of Engineers.

    • Amid a media blackout of the Standing Rock protests, law enforcement targets the rare journalists on the scene

      Unicorn Riot is a media collective that formed in response to the lack of media coverage of the Occupy Wall Street movement and the Tar Sands Blockade; their news comes direct from the front lines of some of the most significant and under-reported conflicts in the world, in the form of unedited livestreams from the conflict zone, and edited highlight reels after the fact.

      Unicorn Riot’s reporters are among the most targeted by Morton County Sheriff’s Deputies — the same law enforcement officers whom Unicorn Riot have outed for the sadistic use of water-canons in subzero temperatures and of firing tear gas cannisters directly into the protesters’ crowds, activities the deputies lied about when they denied doing either.

      The Morton County cops say that because Unicorn Riot has a point of view, they are protesters, not reporters (this is the same argument they used when they fabricated charges against Democracy Now’s Amy Goodman in October). This is wrong on its face: protesting is a thing you do, not a thing you believe. As Unicorn Riot’s Lorenzo Serna says, “I’m not participating. I’m not building the barricade. I’m not pushing off against the police. I’m not going to pray at the water ceremony. I’m literally there observing.”

      Discriminatory policing against journalists based on their political beliefs raises significant First Amendment questions, and they will only get more grave: the rise of crowdfunded, independent media; the decline of commercial, traditional news organizations; the practice of blacking out coverage of significant protests; and the coming, press-hostile, human-rights-hostile Trump years will put police and journalists into more conflict than ever.

    • Shariah laws already affect non-Muslims, SIS says

      Politicians’ argument that Shariah laws do not affect non-Muslims is disproved by existing interfaith custody battles, the Sisters in Islam group said today when urging the rejection of a Bill to enhance Shariah punishments.

      Citing the cases of M. Indira Gandhi and S. Deepa who both underwent high-profile custody battles with Muslim convert ex-spouses, SIS said this was just one of many reasons not to “bulldoze” through PAS president Datuk Seri Abdul Hadi Awang’s private member’s Bill.

      “While proponents of RUU355 insist that the Bill will not affect non-Muslims, reality shows that existing syariah laws are already impacting non-Muslims in Malaysia,” the group said.

    • Gang shootings start weekend in Malmö and Gothenburg

      At around 7pm on Friday evening a 20-year-old man was shot in Biskopsgården, a district of Gothenburg long plagued by gang violence. Then at 2am on Saturday morning, a man in his mid-to-late 30s was shot inside a club in Norra Grängesbergsgatan, a Malmö street known for its illegal nightclubs.

    • Thai Computer Crime Law Raises Rights Concerns

      Amendments to Thailand’s controversial Computer Crime Act were debated in parliament this week, with rights groups expressing concerns that the law will bolster government efforts to restrict online freedoms and spy on users.

      The 2007 legislation was originally created to stop spam, identity fraud, hacking and other computer-related offenses.

      However, there are fears the military junta will use these new amendments to help in its bid to suppress dissent in the country, which it often does by using the ancient lese-majeste law forbidding criticism of the Royal Family.

      The proposed amendments, seen by Reuters, include articles 18 and 19 which say the authorities can grab user and traffic data from service providers without court approval, as well as demand computer devices from users.

      Article 20, meanwhile, apparently states that any website deemed to threaten national security or “offend people’s good morals” can be removed or suspended.

  • Intellectual Monopolies

    • On Eve Of WIPO Traditional Knowledge Negotiations, Nations Swap Experiences

      A seminar was organised by the World Intellectual Property Organization to provide a discussion platform on the eve of this week’s meeting on the protection of traditional knowledge, and as a way for countries to share systems of protection. Panellists presented views on possible graduated protection for different sorts of traditional knowledge.

    • Copyrights

      • EU Council Agrees To Remove Geo-Blocking Barriers To E-Commerce

        The European Union Council of member states today agreed on draft regulations to prevent blocking of cross-border e-commerce, but appears to retain copyright restrictions.

        “Geo-blocking is a discriminatory practice that prevents online customers from accessing and purchasing products or services from a website based in another member state,” the Council explained in a press release. The draft regulation will form the common position to start negotiations with the European Parliament and Commission, it said.

      • Book Review: Copyright Beyond Law

        This Kat was very excited when she heard about “Copyright Beyond Law: Regulating Creativity in the Graffiti Subculture” by Mart Iljadica with Bloomsbury Press. The perfect opportunity to top up her hipster street art card with some proper knowledge.

        The book begins with a notice that there are no images contained within the text, precisely because the author argues that graffiti is copyright protected. Iljadica invites readers to explore street art on their own (N.B. For London-based IPKat readers, I highly recommend the Alternative London walking tours near Liverpool St.) The book’s focus is instead on the creative process of graffiti making.

      • EU law forbids the resale of non-original tangible copies of computer programmes

        Last month the Court of Justice of the European Union (CJEU) issued its decision in Microsoft, a reference for a preliminary ruling from Latvia concerning the principle of digital exhaustion as applied to computer programmes.

      • Streaming Cyberlockers ‘Hate’ Pirate Kodi Add-Ons

        Million of people use Kodi as their main source of entertainment, often with help from add-ons that allow them to access pirated movies and TV-shows. While these tools are a blessing for many, the streaming cyberlockers that provide the videos see the add-ons as a major threat to their business.

      • Hosting Companies Dragged into Piracy Lawsuit Alongside Cloudflare

        A lawsuit that accuses Cloudflare of providing services to alleged ‘pirate’ sites has been expanded. In an amended complaint, adult outfit ALS Scan now seeks to hold hosting providers OVH and Steadfast Networks liable for infringement, alongside operators and affiliates of several image hosting sites.

Patents Roundup: Patent Trolls, Patent Quality, and the Patent Trial and Appeal Board (“PTAB”)

Posted in America, Patents at 7:27 am by Dr. Roy Schestowitz

Game of backgammon

Summary: A week’s roundup of patent news from the United States, where there’s a mixture of good news, bad news, good reporting, and misleading (or selective) reporting

TAKING a break from European scandals and looking at the USPTO for a moment, there’s some good news and some bad news. This post is an outline of recent coverage and some interpretation of recent developments.

IoT and Other Buzzwords Targeted by Trolls

Using buzzwords for patent thickets, MIP published “Defining the IP landscape in IoT” several days ago. In simple terms , IoT is just a device with a TCP/IP stack, where IP stands for Internet Protocol, not Intellectual Property (quite a buzzword in its own right).

Another new article, published by a site that piggybacks the buzzword “IoT” (as meaningless as the buzzword “smart”), is titled “IoT Time: Don’t Feed the Trolls” and it speaks of a real and growing problem. Patent trolls, including some of Microsoft’s, are trying to tax — using patents — every device out there, even routers. One of Microsoft’s patent trolls that does this is still fighting for software patents. Here is what the article said:

The White House estimates that 62 percent of all patent-related lawsuits in 2014-2015 came from these trolls. And although it is a problem in the hardware space, it’s a much bigger one for software folks.

The New York Times in 2012 reported that the number of software patents has gone through the roof in the last few years, and software is hard for courts to nail down in terms of what, specifically, is the proprietary bit of code. Much of the code looks like any other code, even to experts, which leads to after-the-fact lawsuits asking for huge settlements years later.

Improved Patent Quality Means Less Litigation

The US patent system gives us many reasons for optimism, Trump’s presidency aside (we wrote about this last night). With better quality control in recent years the number of lawsuits sank, especially frivolous lawsuits from trolls. Here is how IAM put it:

It has been clear for most of 2016 that the number of new patent litigation cases was going to be down this year in the US. But it is now becoming ever more likely that the fall will be dramatic. According to the latest estimate from Lex Machina, the total amount of suits for 2016 is expected to be 4,586; that’s down from 5,822 last year, which was the second busiest on record.

This data from Lex Machina was mentioned elsewhere as well, though not in publications that are busy glorifying patents and attempting to inflate their value (no emphasis needed on such articles).

PTAB, Inter Partes Reviews (IPRs) and the Courts

David from Patently-O, a rather scholarly site, said that “courts continue to split on whether IPRs (reeexam, reissue, etc.) are “prosecution.””

In our view, a good analogy or parallel here is the EPO’s Boards of Appeal. Here is what David wrote:

I’ve written a lot about so-called prosecution bars (buy some of the books for Christmas gifts here! They make great stocking stuffers for toddlers), and this case is in many ways not that unusual but it does raise one interesting issue and serves as a reminder to both check your side and the other’s for folks who may need to be subjected to a bar, and its scope.

The opinion is not online that I can find but is Emerson Electric Co. v. Sipco, LLC, 2016 WL 6833741 (N.D. Cal. Case No.16-mc-80164-DMR, Nov. 21, 2016). A third party, Linear Technologies Corporation (“LTC”) was served with a subpoena that included a request for its source code. LTC sought to ensure that one of the party’s experts, Ameroth, would not have access to it because he was participating in IPRs. LTC had not instituted the IPRs and was not a party to the litigation.

Everyone agreed to amend to include a prosecution bar in the protective order (apparently it did not, before the subpoena, contain one), but the dispute was over whether Ameroth could view LTC’s source code and still participate in the IPR.

Suffice to say, we’re huge fans of IPRs and of PTAB in general. It helps ensure greater and more reliable control over the quality of patents. It’s a bit like an independent (sort of) regulator of examiners. Its very existence is enough to compel examiners to think twice before they grant a patent in error. PTAB is almost like a watchdog, i.e. the very opposite of Watchtroll who just keeps attacking PTAB. It was sorely needed for over a decade and now it’s under never-ending attacks from the patent microcosm (profiting from the absence of such oversight mechanism).

Here is a very recent article titled “Federal Circuit PTAB Appeal Statistics – November 2016″. It’s from a site of patent law firms and it says:

Through November 1, 2016, the Federal Circuit decided 128 PTAB appeals from IPRs and CBMs. The Federal Circuit affirmed the PTAB on every issue in 101 (78.91%) of the cases, and reversed or vacated the PTAB on every issue in 9 (7.03%) of the cases. A mixed outcome on appeal, where at least one issue was affirmed and at least one issue was vacated or reversed, occurred in 11 (8.59%) of the cases.

78.91% affirmation rate is very high and it’s similar to the rate of CAFC invalidations of software patents.

MIP also wrote about PTAB last week (Mr. Loney writes a lot on the subject from New York). “Though the AIA and PTAB have made strides in curtailing the practices of the non-practicing “trolls”,” it said, “patents can still be monetized through these same methods by operational and non-operational companies alike.”

Watch what PTAB does to the patent troll of Ericsson, based on this report from MIP: “In Unwired Planet v Google, the Federal Circuit has declared: “The Board’s application of the ‘incidental to’ and ‘complementary to’ language from the PTO policy statement instead of the statutory definition renders superfluous the limits Congress placed on the definition of a CBM patent””

A lot of the press coverage last week actually focused on this one case. They have been pretty much ignoring all the cases which did not suit them and instead cherry-pick this one case. We’ll deal with that separately later.

PTAB made many people realise that passing the examiners’ ‘quality’ control at the USPTO is not enough, or as IAM put it: “The extent to which patent value and validity are correlated in the current market was called into question last week at Unified Patents’ annual meeting in Silicon Valley.” To quote IAM’s headline (it’s a blog post), “To understand a patent’s true value these days you have to factor in the PTAB” (which habitually shoots down patents even after a grant and without the patents being tested in court).

Remember how companies used to issue press releases to brag about being granted a patent or two? Well, watch how PTAB too gains recognition, based on this press release:

Voip-Pal Announces the USPTO Has Denied on All Grounds Institution of Unified Patents Inc.’s Petition for Inter Parted Review Filed

Voip-Pal.com, Inc. (“Voip-Pal,” the “Company”) (VPLM) is pleased to announce that on November 18, 2016 the Patent Trial and Appeal Board (“PTAB”) of the United States Patent and Trademark Office (“USPTO”) denied on all grounds a petition for Inter Partes Review (“IPR”), IPR2016-01082, filed by Unified Patents Inc. against Voip-Pal’s Routing, Billing and Rating Patent (“RBR”), Patent No. 8,542,815 (“815”)

Patent Microcosm Makes a Mountain Out of a Molehill

As we noted above, in one particular case CAFC did not agree with PTAB. It’s one of those exceptions or rare situations. As expected, patent law firms try to use this one case against PTAB’s legitimacy and they hope to overturn software patents’ death. How many articles did we find about it last week? Plenty! See [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15] and also “Federal Circuit Tightens Standard for AIA Review” (behind paywall), which generalises based on one single case. Greedy law firms ignored what CAFC has said about PTAB’s function until they got something that supports their narrative/business model, so now they amplify it. It obviously got PTAB foes (patent maximalists) all riled up (see Watchtroll) and various sites that wrote about it were careful to note that it’s just one case of many. If one actually bothers visiting the USPTO’s site, there’s a post there which calls PTAB a success. To quote: “As part of the USPTO’s ongoing Enhanced Patent Quality Initiative, in April 2016 we launched the Post Grant Outcomes Pilot, focused on pending patent applications that are related to issued patents undergoing an America Invents Act (AIA) trial proceeding before the Patent Trial and Appeal Board (PTAB). We’d like to report that the Post Grant Outcomes Pilot has succeeded in making examiners aware of patents related to applications they are examining that are involved in PTAB trials, and in turn has facilitated the timely and effective examination of applications.”

Here is an article about that:

Post grant pilot a success, says PTAB chief judge

A US initiative called the “post grant outcomes pilot” has been a success, according to the chief judge of the Patent and Trial Appeal Board (PTAB).

In a blog by David Ruschke, chief judge at the PTAB, and Drew Hirschfeld, commissioner for patents, the pair noted that the pilot had “succeeded in making examiners aware of patents related to applications they are examining”.

This in turn facilitated “the timely and effective examination of applications”.

As part of the US Patent and Trademark Office’s (USPTO) ongoing “enhanced patent quality initiative”, the pilot was launched in April to focus on pending patent applications that are related to issued patents undergoing an America Invents Act (AIA) trial proceeding.

We sure hope that Ruschke and his colleagues will keep their job after the Trump administration fills the swamp, as it so habitually does amid transition. It looks like Lee will be pushed out, so what will that mean for PTAB and the America Invents Act (AIA)?

Patent Attorney Mark Summerfield: EPO Administrative Council “Members Should be Ashamed.”

Posted in Europe, Patents at 5:35 am by Dr. Roy Schestowitz

Summary: A recent comment about Battistelli’s misbehaviour and the Administrative Council’s utter failure to get a grip on him

It seems to be more widely known by now, even well outside the ‘IP’ community and the EPO’s applicants (industry), that EPO needs to be saved from Battistelli. Attorneys too speak about it collectively and one attorney, Mark Summerfield, decided write the following about the EPO (bottom of blog post at IAM):

The situation at the EPO continues to be of major concern to all stakeholders, not least patent applicants who pay substantial annual maintenance fees while their applications remain pending.

In some ways it has become irrelevant who is “right” or “wrong”, or where the truth lies. When an organisation becomes dysfunctional, ultimate responsibility resides with management. M. Battistelli appears unwilling, or unable, to accept this. His response to your opinion piece sought to deflect blame elsewhere, while this reply from M. Prunier calls M. Battistelli’s honesty and integrity further into question.

At the same time we have seen a similar lack of transparency at WIPO, in various national IP offices, and in the processes of negotiating multinational treaties with significant IP provisions (e.g. the TPP). A backlash against “elites” (i.e. those who would have us lie back and blindly accept that they know what is best for us) has already produced Brexit and delivered the US presidency to Donald Trump.

My impression is that (presumably well-intentioned) people within international organisations, governments, and the public services, have decided that truly democratic processes are just too hard and inefficient, and have appointed themselves as the “expert” arbiters and executors. Those who have become the losers in this process, whether they be union reps at the EPO, or disenfranchised residents of the US rust belt, have had their fill and are crying out for their voices to be heard.

Even if everything M. Battistelli says is true, he has still failed to provide the leadership the EPO requires to evolve and adapt to the challenges facing the global IP system. The paralysis of the Administrative Council in dealing with this crisis is something of which its members should be ashamed.

We agree on that last part. Any sane member of the Council would have long ago voted Battistelli out. But as long as they collectively act like his spineless chinchillas he knows he can get away with virtually anything, even clear violations of their instructions.

EPO Caricature: Slowing Down Justice and Giving Luxury Cars as Gifts

Posted in Europe, Humour, Patents at 4:09 am by Dr. Roy Schestowitz

Sepp in Croatia

Summary: The latest cartoon making the rounds is about SLAPP and alleged bribery in Croatia (more on that soon)

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts