Contents

• GNU/Linux
  • Distributions
  • Devices/Embedded
• Free Software/Open Source
• Leftovers

GNU/Linux

• Desktop

  • A closer look at Chrome OS using LXD to run Linux GUI apps (Project Crostini)

    Project Crostini is the Chrome OS project to add support to run Linux GUI apps on Chrome OS.

    The components that facilitate Project Crostini can be found at https://github.com/lstoll/cros-crostini That page has instructions for those that wanted to enable the running of Linux GUI apps on Chrome OS, when Project Crostini was still under development. Lincoln Stoll dissected the source of Chrome OS and created a helpful list of the involved repositories.

    The basic component is The Chrome OS Virtual Machine Monitor (crossvm), which runs untrusted operating systems through Linux’s KVM interface. The Linux distribution would run in a VM. The test repositories make reference to the X server, XWayland and Wayland. There is a repository called sommelier, which is a nested Wayland compositor with X11 forwarding support. It needs more searching to figure out where the source code ended into the Chrome OS repository and what is actually being used.

    Update #1: Here are the vm_tools in Chrome OS. They include garcon, a service that gets added in the container and communicates with another service outside of the container (vm_concierge).

    What is important, is that LXD runs in this VM and is configured to launch a machine container with a Linux distribution. We are going in depth into this.

  • Linux On Chromebooks Now Official

    Among other news from Google I/O 2018, Google is making it possible to code on Chromebooks. Whether it’s building an app or writing a quick script, Chromebooks will be available for coding projects.

  • Android apps on Chromebooks can finally access SD card storage

    It’s been nearly two years since Google started rolling out a feature that lets you run Android apps on Chromebooks. And while Android support has come a long way, there’s one thing Android apps couldn’t do on Chromebooks… until now: access an SD card.

    But starting with the latest Chrome OS beta, it looks like Android apps on Chromebooks can access the SD card… although it seems like the feature is still very much a work in progress.

  • Microsoft to replace Surface Pro 4 tablets affected by screen flickering

    Microsoft is formally launching a replacement program for Surface Pro 4 devices affected by screen flickering. Any Surface Pro 4 units experiencing the problem will be covered for up to three years from the time of original purchase. “We have heard your feedback and after careful examination, have determined that a small percentage of Surface Pro 4 devices are exhibiting a screen flicker that cannot be addressed with a firmware or driver update,” the company said on its support page with details on the program.

    The annoying flickering has been well-documented on Microsoft’s support forums, with some users taking drastic steps like putting their Surface Pro 4 in a freezer to temporarily fix the issue. Back in February, Microsoft said it was closely monitoring the situation, and the company came to the conclusion that there’s no convenient fix.

  • Microsoft can’t fix “flickergate” Surface Pro 4s with software, so it’s replacing them

  • Don’t Skype Me: How Microsoft Turned Consumers Against a Beloved Brand

    In March tech investor and commentator Om Malik summarized the negativity by tweeting that Skype was “a turd of the highest quality” and directing his ire at its owner. “Way to ruin Skype and its experience. I was forced to use it today, but never again.”

  • System76 vs. The LVFS Firmware Updating Service

    This week the latest open-source drama was a differing of opinions between Richard Hughes of Red Hat who maintains Fwupd and LVFS for Linux firmware updating from the desktop and that of Linux PC vendor System76.

    Richard Hughes volleyed a blog post that recommend not buying System76 hardware for those wanting firmware updates via LVFS (the Linux Vendor Firmware Service). He wrote that post based upon System76 not currently using UEFI UpdateCapsule for BIOS updates, System76 developing a Rust tool to flash the embedded controller, and them rolling out their own firmware update handler that officially targets Ubuntu and Pop!_OS. Richard then encouraged Linux users to buy Dell XPS laptops instead.

    Richard’s post in full can be read here.

    On Friday, System76 responded to those accusations. According to System76, Richard expressed via email that the approach System76 is using for firmware updating likely wouldn’t work with LVFS and also their distributing of a proprietary firmware flashing tool likely wouldn’t be approved by Red Hat legal and they also found flashing the embedded controler from user-space to be sub-optimal.

• Audiocasts/Shows

  • Ubuntu Podcast from the UK LoCo: S11E10 – Ten Little Ladybugs – Ubuntu Podcast

    This week we’ve been smashing up a bathroom like rock stars. We discuss the Ubuntu 18.04 (Bionic Beaver) LTS release, serve up some command line love and go over your feedback.

• Kernel Space

  • Graphics Stack

    • Radeon EQAA Anti-Aliasing Support Merged To Mesa 18.2

      In addition to the potentially performance-doubling AMD Kaveri fix landing yesterday in Mesa 18.2 Git, also hitting this next version of Mesa is Enhanced Quality Anti-Aliasing (EQAA) support for Radeon GCN graphics processors.

      RadeonSI Gallium3D has wired up its Enhanced Quality Anti-Aliasing support. EQAA aims to deliver better quality over multi-sample anti-aliasing (MSAA) by providing more coverage samples per pixel. EQAA should have only slightly higher performance requirements than MSAA but with significant visual quality benefits.

    • AMD Kaveri Gets A Big Performance Boost With Mesa 18.2 & AMDGPU DRM

      When using the latest Git/development code of Mesa 18.2 on Kaveri APUs you may find up to a 2x increase in performance if you are using the AMDGPU DRM driver rather than the default Radeon DRM driver.

      It turns out the number of render back-ends reported by the kernel driver was wrong for Kaveri: there’s two, not one. Both render back-ends for Kaveri should now be enabled when using Mesa 18.2 Git since yesterday, but you need to be using the AMDGPU kernel driver as otherwise with the Radeon DRM kernel driver one of the back-ends will still be disabled.

    • Radeon ROCm 1.8 Compute Stack Released

      Following the slew of recent AMD/Radeon Linux driver updates, the ROCm 1.8.0 release was issued today for the Radeon Open Compute stack.

      ROCm 1.8 can be obtained via the GitHub instructions. Binary packages are provided for Ubuntu 16.04 and CentOS/RHEL 7.4.

    • The developer of Crazy Justice has shown off a quick teaser of it on Ubuntu

      Black Riddles Studio has finally shown Crazy Justice [Official Site] on Ubuntu, although it’s only a small teaser of their third-person shooter it has me excited.

      Crazy Justice is the third-person shooter developed by two brothers, which was crowdfunded on Fig where they managed to get $51K in funding. Since the campaign finished, they’ve hit just shy of $70K thanks to people pre-ordering it.

      They later announced a Battle Royale mode, which has me excited because Linux doesn’t really have one currently. You could argue we have stuff with last man standing modes, sure, but they’re quite different. Given how popular the BR genre is, it will be sweet to have it on Linux. As a reminder, the Early Access release should hopefully be available before the end of June. Looks like I might be getting an early birthday present this year…

    • Logind Support For Mir Is Getting Closer To Working

      Mir developers have been working on support for systemd’s Logind and there is a “mess of a branch” that is nearly functionally complete and could soon be merged.

    • Several DDX Drivers Aren’t Yet Ready For X.Org Server 1.20

      If you were hoping to build the newly-released X.Org Server 1.20 on your system(s) this weekend, be forewarned that a number of the DDX drivers haven’t yet been updated for supporting the API/ABI changes of this big server update.

      A number of the smaller, obscure drivers like Tseng, SiS, R128, and March64 haven’t yet been updated for xorg-server 1.20 support but also the more prominent xf86-video-ati and xf86-video-amdgpu DDX drivers have not yet seen new releases with xorg-server 1.20 support.

    • NVIDIA 396.18.11 Linux Vulkan Driver Released With Fixes

      The NVIDIA 396.18.11 Vulkan beta driver for Linux was released on Friday as pulling in the latest upstream fixes to the Vulkan beta driver branch for Windows and Linux.

      The 396.18.11 Linux driver and 397.76 Windows driver pull in the latest fixes from their general release driver. For the Linux release, it comes just three days after another small beta update (396.18.08) that was released to fix Alt-Tab freezing with the DXVK Direct3D11-over-Vulkan implementation.

    • Mesa 18.1 Expected To Officially Debut Next Week

      While Mesa 18.0 debuted just about one and a half months ago, the fourth and final release candidate of Mesa 18.1 is now available for testing as the next quarterly feature installment to these primarily OpenGL/Vulkan open-source drivers.

      First time Mesa release manager Dylan Baker issued Mesa 18.1.0-RC4 this Friday evening with 25 queued patches. The affected work ranges from core Mesa fixes to Gallium3D, R600, RADV, RadeonSI, i965, and ANV fixes… Pretty much fixes across the board at least as far as the major drivers are concerned sans Nouveau.

• Applications

  • Mark Text: FOSS Markdown Editor With Realtime Preview

    Mark Text is a fairly new free, open source Markdown editor for Linux, Windows and Mac. Aimed at improving your editing efficiency, the editor supports the CommonMark Spec and the GitHub Flavored Markdown Spec.

    The application tries not to get in your way, by using a clean interface that tries to focus on your writing and nothing more, with a seamless live preview, while still allowing you to easily access its menu or see the current file name.

  • Instructionals/Technical

    • MySql DataTime/TimeStamp fields and Scala

    • Making Videos (that work in Firefox) from a Series of Images

    • Bite-Sized Linux: a zine collecting awesome *nix tutorial webtoons

    • Replacing hp-health on gen10 HPE DL360

    • Upgrading CentOS 6.x to CentOS 7.x

    • How to Fix Secure Connection Error in WordPress

    • How to Set Up Nginx High Availability Cluster using Pacemaker on CentOS 7

    • Setting Up LVM Partition On Linux Server

    • Get Qt5 Apps To Use Native Gtk+ Style In Ubuntu 18.04 LTS

    • How To Install and Use Docker on CentOS 7

    • AWK Command Examples

  • Wine or Emulation

    • Wine Announcement

      The Wine development release 3.8 is now available.

    • Wine 3.8 is out with an MP3 decoder and plenty of fixes

      The latest bi-weekly Wine development release is out with 3.8 and it brings a few notable features and bug fixes. I’m always in awe at the speed of Wine development, giving the mammoth task it really is.

    • Wine 3.8 Brings MP3 Decoding, Other improvements

      Wine 3.8 is now available as the latest bi-weekly development release of this program to run Windows applications/games on Linux and macOS.

  • Games

    • Linux Fun – Play Old Classic Snake Game in Linux Terminal

      msnake is the Linux command line version of the most popular old classic snake game was written in C using ncurses library by Mogria and Timo Furrer. The game can be played at terminal with textual interface in almost all GNU/Linux distributions.

      The game is highly customizable and includes free/classic gameplay modes, keybindings, and even the GUI-like appearance of the application.

      To run msnake game on all modern Linux distributions such as Ubuntu, Debian, Linux Mint, Fedora and Arch Linux, simply install it from the snapd package management software as shown.

    • Classic sci-fi adventure ‘Mission Critical’ is now on GOG with a Linux version

      Fancy a space adventure? How about a classic? Mission Critical has recently made its way onto GOG and it has a Linux version.

      Released by Legend Entertainment way back in 1995, when I was just a wee lad, Mission Critical was really well reviewed with some going as far as calling it a “masterpiece”.

    • Feral’s GameMode 1.1 Released For Optimizing Linux Gaming Performance

      One month ago Linux game porter Feral Interactive introduced GameMode as a utility/service for dynamically optimizing the Linux system performance when running games. The initial focus on GameMode was on ensuring the CPU scaling governor was in its performance mode while today brought the GameMode v1.1 release.

      In the month since publicly unveiling GameMode, there has been dozens of commits going into this tool to “optimize Linux system performance on demand” though at the moment still largely remains focused on setting the Intel/AMD CPU frequency scaling driver’s governor. But a lot of infrastructure work is now laid so hopefully soon we will see GameMode expand to offer more performance tweaks/optimizations.

    • Dust Racing 2D – An Open Source Car Racing Game Written in Qt And OpenGL

      Howdy, game lovers! Today, you can add one more cool game to your collection. Say hello to “Dust Racing 2D”, a traditional top-down (aerial-view) car racing game that makes your holidays fun and interesting. It is available as single or two-player mode, so your friend can join in the race and play along with you. It is a free, open source and cross-platform game written in Qt (C++) and OpenGL. Dust Racing 2D is currently available for Linux and Windows. In this tutorial, we will be learning how to install and play Dust Racing 2D game in Linux.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • FreeText typewriter annotation WYSIWYG implementation ideas

      As a part of the GSoC project, I’m working with my mentor Tobias Deiminger on implementing the FreeText typewriter annotation with click-to-type WYSIWYG editing feature in Okular to write directly on PDF page.

    • Modern C++ and Qt – part 2.

      I recently did a short tongue-in-cheek blog post about Qt and modern C++. In the comments, people discovered that several compilers effectively can optimize std::make_unique<>().release() to a simple new statement, which was kind of a surprise to me.

      I have recently written a new program from scratch (more about that later), and I tried to force myself to use standard library smartpointers much more than what I normally have been doing.

    • Google Summer of Code 2018 – Community Bonding Part 2: Studies about LVM

      As I said in my previous post, I’m using this community bonding period to understand how LVM works in kpmcore. It involved studying about how the three parts of LVM (Physical Volumes, Volume Groups and Logical Volumes) work in the library and how this logic was implemented.

      In this text, I’m intending to give a short explanation about LVM, discuss about some plannings related to the process of creation of LVM VGs in Calamares and talk about some corrections related to it that I’ve implemented in kpmcore and KDE Partition Manager.

      [...]

      Community Bonding period is almost finishing, but I’ll write another post about it before that, talking a little bit about my studies involving RAID arrays and which are my ideas to implementing it. See you later!

    • Kdenlive Sprint – The Movie

      Kdenlive is KDE’s advanced video-editor. This April, members of the Kdenlive project met up for five days – from 25th to the 29th – for their spring sprint. The developers Jean-Baptiste Mardelle and Nicolas Carion, along with professional community videomakers Farid Abdelnour, Rémi Duquenne and Massimo Stella, got together at the Carrefour Numérique in Paris to push the project forward.

    • Krita 4.0.3 Released

      Today the Krita team releases Krita 4.0.3, a bug fix release of Krita 4.0.0. This release fixes an important regression in Krita 4.0.2: sometimes copy and paste between images opened in Krita would cause crashes (BUG:394068).

  • GNOME Desktop/GTK

    • Work is Underway to Make the GNOME Web Browser Mobile Friendly

      To do well, the upcoming Linux-powered Librem 5 smartphone will need a decent set of mobile-ready apps — and a good web browser is key to that.

      Hoping to step up to the plate is GNOME Web (aka Epiphany), whose developers are working hard to make sure that the webkit-based browser is in fine form for finger-friendly fun while surfing.

    • Purism wants to create a GNOME mobile shell for Linux smartphones (and other Librem 5 phone update)

      Linux computer maker Purism hopes to ship their smartphone in January, and the corporation has been providing updates about development of the upcoming Librem 5 smartphone periodically since launching a crowdfunding campaign last September (that campaign eventually raised more than $1.5 million through pre-orders).

      We know that the phone will feature an NXP i.MX8 processor, that it will ship with a custom version of Purism’s PureOS operating system, and that it will support several different user interfaces and operating systems including Ubuntu Touch, KDE Plasma Mobile, and Purism’s own GNOME-based user interface.

    • Fractal Hackfest, Strasbourg (day 1

      Yesterday was the first day in the first Fractal Hackfest. I’ll try to write an small blog post every day to share the development with the world.

      My travel to Strasbourg was not an easy travel because I’ve to take two flights to get here from Málaga so a long day travelling.

      I met with Mathew from Matrix.org at the London airport because we took the same flight to here and it was really cool to meet him in person and we talk a little about the current Matrix situation.

      I’ve met the other Fractal people and collaborators at the event, and it’s great that people from Purism, Matrix, Gnome and the two GSoC students come here to work together in this great application.

    • Fractal Hackfest, Strasbourg (day 2)

      The encryption is a needed feature but encryption is hard to do in rooms. Matrix uses public-key cryptography, for rooms they are using Megolm, that’s a protocol to exchange encrypted messages with more than one and share that message keys in a one-to-one secure communication.

      I don’t know a lot about this E2E because for me it’s more important to have the client working with a basic functionality before the encryption. So you should read the official doc because maybe this that I’m writing here is completely wrong.

      To do all this E2E key sharing, client side encryption and communication, Riot has three different implementations of the same lib, so they have this code in the JavaScript SDK, the same ported to iOS version in ObjectiveC and the same ported to Android in Java. Below this lib there’s the libolm that does the real encryption.

• Distributions

  • New Releases

    • Linuxfx LTS 9.0

  • Gentoo Family

    • On OpenPGP (GnuPG) key management

      Over the time, a number of developers have had problems following the Gentoo OpenPGP key policy (GLEP 63. In particular, the key expiration requirements have resulted in many developers wanting to replace their key unnecessarily. I’ve been asked to write some instructions on managing your OpenPGP key, and I’ve decided to go for a full blog post with some less-known tips. I won’t be getting into detailed explanations how to use GnuPG though — you may still need to read the documentation after all.

      [...]

      Signing keys are used to sign data, i.e. to prove its authenticity. Using multiple signing subkeys is rather trivial — you can explicitly specify the key to use while creating a signature (note that you need to append ! to key-id to force non-default subkey), and GnuPG will automatically use the correct subkey when verifying the signature. To reduce the wear of your main signing subkey, you can create a separate signing subkey for Gentoo commits. Or you can go ever further, and have a separate signing subkey for each machine you’re using (and keep only the appropriate key on each machine).

  • Slackware Family

    • Moving to XOrg 1.20

    • Let’s show some love to 14.2

      With all the excitement going on about the disruptive changes in Slackware-current (migration to the new C++ ABI caused all of Slackware to be recompiled, and then the upgrade of openssl to 1.1 caused many packages to be recompiled again), I had to spend all of my time and CPU power to keep up with the changes and fix my packages for -current.
      That meant, less attention to the package updates for Slackware 14.2. I realize I left the users of our stable release somewhat in the cold.
      I am going to do something about that. During the next weeks I will try to bridge the gap that had been expanding for package versions in my own repository, between 14.2 and -current.

  • Red Hat Family

    • Red Hat Summit 2018 Wraps Up With Containers/Virtualization Still Being Hot

      Red Hat Summit 2018 in San Francisco has now wrapped up, marking Red Hat’s 25th year hosting the event of customers and partners. Virtualization and containers continued being among the most discussed topics at the tech event.

      While there’s been signs of an approaching Red Hat Enterprise Linux 8 Alpha, sadly there was seemingly no RHEL8 mentions at this year’s summit, at least when it came to public announcements pertaining to this next-generation enterprise Linux platform. So we’ll have to wait and see on the RHEL8 front, but based upon their past release cycles and the alpha references we’ve been seeing, I suspect we’ll hear more later in the year.

    • Red Hat, Boston Children’s Collaborate on Open Source Image Sharing

      Red Hat announced its collaboration with Boston Children’s Hospital to provide a distributed user open source image sharing interface so clinicians and radiologists can share images in real-time anywhere around the world.

      The ChRIS Research Integration Service is a web-based medical image platform deployed on the Massachusetts Open Cloud (MOC). The MOC is a multi-provider cloud that was created by the Commonwealth of Massachusetts and several research universities.

      The collaboration was put into motion by the need for faster and more convenient access to medical images. Waiting for images to be scanned, shared, and analyzed causes delays in patient care, which can cause further medical problems.

    • Photos: Red Hat Gets Hot & Sweaty

      Tech conference protip: When attending conferences, my rule is I wear jeans to events with the name “open” in the title, and otherwise wear a suit. Red Hat is a unique edge case — the word “open” isn’t in the title, but the company is founded on open source. On the other hand, it’s enterprise focused, suggesting a suit as appropriate business attire. I went with a suit on day one, and jeans on day two.

      When I was not running around working on articles, and feeling the pain of sugar/carb withdrawal, I found some interesting oddities in corners of the conference. Click on the slideshow below for some of what I saw.

    • Red Hat shows the way for open-source licensing. Will the industry follow?

      The licensing of open-source software is complicated and runs counter to human intuition. Developers put their blood, sweat and tears into creating an elegant piece of software and then sign away the copyrights so that others can use and improve on it free and clear. Say what?

      The tech community has been grappling with this issue basically since Richard Stallman developed a free UNIX-style operating system in the early 1980s. As the open-source community has grown, the products have become more diverse and the stakes are higher.

      [...]

      At the heart of open-source licensing is the General Public License, or GPL, the compliance instrument that governs much of Red Hat’s software, including its Enterprise Linux. The GPL is known as a “copyleft” license, meaning that a developer can create open-source software and distribute it to someone else with all of the necessary copyrights. The recipient can copy it, distribute it, or improve on it in any way they see fit.

    • OpenShift Roadmap: What’s Next for Red Hat’s Kubernetes Container Platform?

      Red Hat is increasingly focusing on its OpenShift container platform for enabling organization to deploy and deliver applications. OpenShift was a dominant topic at the 2018 Red Hat Summit, with a multiple announcements and pronouncements about the Kubernetes platform’s future.

      Among the key OpenShift sessions was a roadmap session on May 9, in which five Red Hat product managers detailed future feature capabilities that are set to come to the platform over the coming year.

    • Red Hat Announces OpenShift Products, Partnerships at Annual Summit

    • Scientific Linux 7.5 Released As RHEL 7.5 Rebuild

      Testing of the release candidate earlier this month went well and out now is the official Scientific Linux 7.5 release.

      Scientific Linux 7.5 is the re-spin derived from upstream Red Hat Enterprise Linux 7.5 and its many changes/improvements.

    • Fedora

      • Fedora 28: Another Release for Power Users

        Fedora is widely recognized to be a smooth Linux distribution with up-to-date software, and is also used by a lot of developers around the world. Just around a 10 days ago Fedora 28 was released, bringing many changes and updated software.

        This review will guide you through the new release and what to expect so far.

        [...]

        Fedora 28 is yet another updated release for power users around the world. With updated software and some interesting new features and battery optimizations, Fedora 28 can be a good choice if you are looking for the latest stable up-to-date packages or you would like to get software just as they are from upstream.

        You may, however, face one of the common bugs in Fedora 28 of face crashes and hangs like we did, but this doesn’t mean that it’s not worth to try. Your experience on your hardware may be different than ours.

      • Fedora 28 : The LibreCAD application.

      • Custom Fedora Live Media

      • EPEL Outage Report 2018-11-05

  • Debian Family

    • Derivatives

      • Canonical/Ubuntu

        • Get Privacy Tools on Ubuntu 18.04

          If you are already aware about 2013 global privacy case, I believe you care about your internet privacy by now. If you just switched to Ubuntu, here’s a list of user-friendly programs (free software only) and search engine to protect your privacy. You will find my recommendation of a web search engine, a specific web browser, add-ons, email client enhancements, and password storage. This list accompanies the previous list of 20 useful programs for 18.04.

          [...]

          Free software is not gratis software but software that the user is free. Free software is about the user’s right, either individually or collectively, to control over the software. If you run your activities with nonfree software (also called proprietary), you don’t control the whole things software does within your computer, which only means there is somebody else controlling you and the computers. To protect your privacy, you should make sure you run only free software and relies only on privacy-respecting internet services.

• Devices/Embedded

  • Linux-based networking SBC features five GbE ports and optional SFP

    Gateworks has launched a rugged, headless “Newport GW6400” SBC that runs Linux on a dual- or quad-core Cavium OcteonTX with 3x mini-PCIe, 2x USB 3.0, 5x GbE ports (2x with PoE) and optional SFP.

    Last November, Gateworks announced a new product family of rugged Newport SBCs that run OpenWrt or Ubuntu on Cavium’s dual or quad-core ARMv8.1 Octeon TX networking SoCs. The debut model was a 105 x 100mm GW6300 SBC. Now, Gateworks has followed up with the promised high-end, 140 x 100mm Newport GW6400 model, which has 5x Gigabit Ethernet ports instead of 3x on the GW6300. Later this year we’ll see a GW6100 with a single gigabit port and a GW6200 with 2x GbE.

Free Software/Open Source

• National Guard team builds open-source cyber toolkit

  When the Missouri National Guard Cyber Team was called in to respond to security incidents, it used to take two days to collect information from compromised servers.

  To get better insight into attempted breaches and overall network health faster, the team built the Response Operation Collect Kit for Network Service Monitoring, a scalable and secure open source sensor platform that makes network monitoring more automated and easier to navigate.

  RockNSM combines several open source tools in a single platform. The combination of tools allows the Missouri National Guard Cyber Team to set up their data collection for security monitoring and incident response in 20 minutes.

  Part of the appeal of RockNSM is the ability to collect information on networks without needing administrative access to sensitive networks.

• Maximizing Value from Open Source Testing Frameworks

  Even well-known companies like Google that have built home-grown systems to run UI and API testing against all their applications are now releasing their own open source systems into the market. Recently, Google and Netflix announced Kayenta, an open source automated canary analysis service to enable continuous delivery for software teams. However, if you are not a company with the resources of a Google and Netflix, building your own open source tool or complementing an open source framework with a home-grown system is not always a viable open. In fact, it’s a common misconception that software teams have or should choose between purchasing a commercial tool or leverage free open source framework. Growing companies should maximize their value from open source assets along with commercial tools.

• Taking Open Source for Granted

  But just as many in the United States have had a wakeup call about taking the stability of our civic institutions for granted, those with an interest in seeing open source remain a vital and robust model moving forward should remember that the price of freedom is high. It always has been.

• Events

  • Considering an RSAC Expo booth? Our Experience, in 5,000 words or less

    So we decided to try a booth for 2018, and figured we’d document our experience (and thoughts) along the way. In this post you’ll find a full breakdown of all our costs for attending and boothing at RSAC, including what it takes to get a space; kitting it out with furniture, equipment, swag and more; staffing the booth; the crazy that is conference pricing; and the logistics for actually making it happen.

  • OpenStack Summit Vancouver 2018

    OpenStack Summit is the leading event in Open Infrastructure, bringing together the builders and operators for sessions and workshops on containers, CI/CD, telecom & NFV, public cloud, multi-cloud and more.

• Web Browsers

  • Chrome

    • Google Updates Chrome for Desktop to Fix Privilege Escalation Bug in Extensions

      Google released on Thursday a new stable version of its Chrome 66 web browser, version 66.0.3359.170, which is currently rolling out to Linux, Mac, and Windows users, to fix a few important security issues.

  • Mozilla

    • rr Chaos Mode Improvements

      rr’s chaos mode introduces nondeterminism while recording application execution, to try to make intermittent bugs more reproducible. I’m always interested in hearing about bugs that cannot be reproduced under chaos mode, especially if those bugs have been diagnosed. If we can figure out why a bug was not reproducible under chaos mode, we can often extend chaos mode to make it reproducible, and this improves chaos mode for everyone. If you encounter such a bug, please file an rr issue about it.

    • This week in Mixed Reality: Issue 6

      The team and community continue to add new features, fix bugs, and respond to early user and developer feedback to deliver a solid experience across Firefox Reality, Hubs and the content related projects.

• Oracle/Java/LibreOffice

  • Gnome Login Screen Redesign, CentOS Update, VirtualBox, Mender Team and IoT

    Oracle recently announce the available of VirtualBox 5.2.12. This latest update includes support for the Linux 4.17 kernel, alongside your typical bug fixes.

  • Best free and open source Microsoft Excel alternatives

  • Microsoft’s Latest Excel Update Has Security Pros Anxious

    [...] But JavaScript also creates more interconnection and more access points—meaning more points of potential vulnerability. It’s already a bit of a web security nightmare. And on top of that, attackers have long shown their willingness to exploit customization and automation features in Excel—and other Microsoft Office programs—to create malicious files for phishing and other attacks. The ubiquity of Microsoft Office files make them the perfect vector for tricking victims and wreaking havoc.

• Pseudo-Open Source (Openwashing)

  • Windows Subsystem for Linux – Many distros!

• Funding

  • $125 Million Richer, Mesosphere Tackles Big Data at the Edge [Ed: Be very careful of Mesos and Mesosphere. Microsoft people, those who participated in competition crimes, are funding it and Microsoft attempted a literal takeover.]

• BSD

  • FreeBSD 11.2 Beta Now Available For Testing

    FreeBSD 11.2 has reached the beta milestone to succeed FreeBSD 11.1 from last year and ahead of FreeBSD 12.0 that is expected this November.

    FreeBSD 11.2 is targeted for release around the end of June but before then they expect to do a total of three beta releases and up to three release candidates.

• FSF/FSFE/GNU/SFLC

  • LibreJS 7.14 released

    GNU LibreJS aims to address the JavaScript problem described in Richard Stallman’s article The JavaScript Trap. LibreJS is a free add-on for GNU IceCat and other Mozilla-based browsers. It blocks nonfree nontrivial JavaScript while allowing JavaScript that is free and/or trivial.

  • Contract opportunity: JavaScript Developer for GNU LibreJS

    The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a contract JavaScript Developer to work on GNU LibreJS, a free browser add-on that addresses the problem of nonfree JavaScript described in Richard Stallman’s article The JavaScript Trap. This is a temporary, paid contract opportunity, with specific deliverables, hours, term, and payment to be determined with the selected candidate. We anticipate the contract being approximately 80 hours of full-time work, with the possibility of extension depending on results and project status.

  • Paper on reproducible bioinformatics pipelines with Guix

    I’m happy to announce that the bioinformatics group at the Max Delbrück Center that I’m working with has released a preprint of a paper on reproducibility with the title Reproducible genomics analysis pipelines with GNU Guix.

    We built a collection of bioinformatics pipelines called “PiGx” (“Pipelines in Genomix”) and packaged them as first-class packages with GNU Guix. Then we looked at the degree to which the software achieves bit-reproducibility, analysed sources of non-determinism (e.g. time stamps), discussed experimental reproducibility at runtime (e.g. random number generators, the interface provided by the kernel and the GNU C library, etc) and commented on the practice of using “containers” (or application bundles) instead.

  • New release of eiffel-iup

    It is already available a new version of eiffel-iup, a Liberty Eiffel wrapper to IUP toolkit. So you can build your graphical application from Eiffel using Liberty Eiffel, the GNU implementation of Eiffel language. So happy hacking.

• Public Services/Government

  • Brazilian federal government leads in open source adoption

    Open source is more common at federal level, seen in 93 percent of organizations, while 78 percent of state-level bodies use it, according to the findings of the E-Government ICT edition carried out by the Brazilian Internet Steering Committee (CGI.br).

    The study has also found that in 2017, new open source development has taken place in 85 percent of federal government organizations to cater for their specific requirements, while 57 percent of state organizations also developed new open systems.

    Of the federal organizations that have carried out open source development in Brazil, some 52 percent have also shared these platforms with other public sector bodies.

    For the study, some 1686 federal and state-level organizations were surveyed by the CGI.br between July and October 2017.

• Openness/Sharing/Collaboration

  • Linux for developers comes to Chrome OS, using AR to assist surgeons, and more open source news

    In this edition of our open source news roundup, we take a look at Linux for developers coming to Chrome OS, a tool that uses AR to assist surgeons, and more.

• Programming/Development

  • Java: Executing code in comments?!

Leftovers

• Cisco has yanked all its ads from YouTube

  “When we find that ads mistakenly ran against content that doesn’t comply with our policies, we immediately remove those ads. We know that even when videos meet our advertiser friendly guidelines, not all videos will be appropriate for all brands. But we are committed to working with our advertisers and getting this right,” the company said.

• Ryanair goes all in on AWS

  It is also migrating from Microsoft SQL Server databases to Amazon’s popular Aurora. This will help the airline run its email marketing campaigns at lower costs. Naturally the airline runs email marketing at massive scale, sending out 22 million emails daily to customers about travel bookings or sales events.

• The spectacular power of Big Lens

  Between them, Essilor and Luxottica play a central, intimate role in the lives of a remarkable number of people. Around 1.4 billion of us rely on their products to drive to work, read on the beach, follow the whiteboard in biology lessons, type text messages to our grandchildren, land aircraft, watch old movies, write dissertations and glance across restaurants, hoping to look slightly more intelligent and interesting than we actually are. Last year, the two companies had a combined customer base that is somewhere between Apple’s and Facebook’s, but with none of the hassle and scrutiny of being as well known.

  Now they are becoming one. On 1 March, regulators in the EU and the US gave permission for the world’s largest optical companies to form a single corporation, which will be known as EssilorLuxottica. The new firm will not technically be a monopoly: Essilor currently has around 45% of the prescription lenses market, and Luxottica 25% of the frames. But in seven centuries of spectacles, there has never been anything like it. The new entity will be worth around $50bn (£37bn), sell close to a billion pairs of lenses and frames every year, and have a workforce of more than 140,000 people. EssilorLuxottica intends to dominate what its executives call “the visual experience” for decades to come.

• Health/Nutrition

  • Trump Declares Intent To Stop Pharma Companies From ‘Gaming’ Patent System

    US President Trump today declared in a White House speech his intent to “take steps” to lower drug prices by stopping “gaming of regulatory and patent processes by drug makers to unfairly protect monopolies,” as well as increasing price transparency and promoting biosimilars and generics. But to do this, his administration will take on what it sees as “freeloading” on US innovation by foreign governments, and addressing “unfair” intellectual property and market access policies in trade agreements.

• Security

  • Security updates for Friday

  • Windows Under Attack as NSA Exploit Usage Skyrockets

    EternalBlue, the stolen NSA exploit that was used to create the infamous WannaCry ransomware, is back in business, only that this time usage appears to skyrocket, according to security vendor ESET.

    Researcher Ondrej Kubovič notes that while WannaCry attacks have dropped, EternalBlue is still around, and the first months of 2018 brought a worrying increase in the number of attacks based on this exploit.

    EternalBlue is an exploit stolen from the NSA by hacking group Shadow Brokers in April 2016. It takes advantage of a vulnerability in the Windows Server Message Block (SMB) protocol, and Microsoft shipped patches even before the flaw went public.

    But this doesn’t mean that attackers have stopped searching for targets. The researcher says cybercriminals are scanning the Internet for exposed SMB ports and are trying to compromise the host with an exploit that eventually allows for payloads deployed on the target machine and leading to different outcomes.

    “Interestingly, according to ESET’s telemetry, EternalBlue had a calmer period immediately after the 2017 WannaCryptor campaign: over the following months, attempts to use the EternalBlue exploit dropped to “only” hundreds of detections daily,” the researcher notes.

    “Since September last year, however, the use of the exploit has slowly started to gain pace again, continually growing and reaching new heights in mid-April 2018.”

  • Microsoft Says It Won’t Fix a Bug Causing BSODs on Windows 10

    A bug causing Windows machines to crash when a USB drive is inserted won’t get a patch from Microsoft, despite the issue said to be affecting all versions of the operating system, including the newly-launched April 2018 Update.

    Security researcher Marius Tivadar says in a post on GitHub that he first reported the problem to Microsoft in July 2017 after discovering that a USB drive running a handcrafted NTFS image can cause any system to crash even if locked.

    “Microsoft was very responsive regarding my disclosure 1 year ago, but they didn’t issue a security patch,” Tivadar explains.

  • Purism’s FSP Reverse Engineering Effort Might Be Stalled

    Purism has been working on reverse-engineering the Intel Firmware Support Package (FSP) module but it looks like that work may have taken a turn.

    A Phoronix reader tipped us off this morning that the Intel FSP reverse-engineering information made public by Purism has now been retracted. The past several months Purism has been working on reverse-engineering the Intel FSP to free the system further to run on only open-source code rather than still having the Intel binary-only module paired with Coreboot. Their big focus this year has been on figuring out the actual silicon initialization code inside the FSP. Purism’s Youness Alaoui was very close to finding out this information at the start of April and he wrote a lengthy blog post outlining his reverse-engineering work.

  • Google will soon require OEMs to roll out ‘regular’ Android security patches

  • Will Blockchains Include Insecurity by Design?

    Ask any journalist to pick an adjective to use in connection with standards development and the answer will invariably be “boring.” But according to a recent New York Times article (yes, it also used that word – as well as “wonky”), the process of creating standards just became a whole lot more interesting – at least when it comes to the blockchain. The reason? A standards working group may have been infiltrated by state actors bent on embedding security flaws into the very standards being created for the purpose of preventing attacks.

    And why not? The power of a successful standard comes from the fact that vendors have to adopt it in order to sell a given product or service, such as a WiFi router or a USB device. Indeed, laptops and smart phones include hundreds of standards, each of which is essential to a given function or service. As I noted last week, the blockchain will need standards, too, in order for it to take hold in multiple areas. Some of those standards will be intended to make the blockchain more secure.

  • 6 Things You Should Do to Secure Your NAS

  • Packets over a LAN are all it takes to trigger serious Rowhammer bit flips

    For the first time, researchers have exploited the Rowhammer memory-chip weakness using nothing more than network packets sent over a local area network. The advance is likely to further lower the bar for triggering bit flips that change critical pieces of data stored on vulnerable computers and servers.

• Defence/Aggression

  • Greek Police Uncover Plan to Kill Russian National Arrested in Greece – Source

    “The Greek law enforcement received intelligence on plans to prepare an assassination via poisoning with the help of criminals. The head of the prison and the prosecutor of the city of Thessaloniki summoned Vinnik and informed him about the plot to poison him, and special security measures were taken in connection with that,” the source said.

  • Report: Bitcoin money laundering suspect spared from prison poison plot

    Greek law enforcement has disrupted a plan to murder a Russian man arrested in Greece last year, who American authorities believe laundered billions of dollars’ worth of Bitcoin through BTC-e, a shady Bitcoin exchange that the suspect is also accused of creating.

  • Iran Deal Partners Mull How to Confront ‘Renegade’ U.S.

    What can the five remaining signatories to the Iran nuclear deal do now that the Trump administration has trampled on Security Council Resolution 2231 and its 13 binding decisions, adopted under Article 41 of the United Nations Charter, which codified the Iran nuclear deal into international law? Sooner or later, the other 14 members of the Security Council, especially Britain, China, France and Russia, must decide how to confront their renegade permanent member, the United States.

    Otherwise, the Council may lose its unique authority to prevent and resolve conflicts.

    Specifically, the question they may soon have to confront will be how they can protect the resolution and the companies that comply with it when doing business with Iranians, given that Iran is subject once again to new U.S. sanctions.

    The first broadside against the companies of U.S. allies that are doing business with Iran came minutes after President Donald Trump announced his withdrawal from the Joint Comprehensive Plan of Action, or JCPOA, on May 8. Richard Grenell, his ambassador to Germany (and spokesman for the U.S. at the UN from 2001-2008), tweeted, “German companies doing business in Iran should wind down operations immediately.”

    The reaction was immediate, but it was outrage, not compliance, that German diplomatic and business leaders expressed.

  • Trump’s Iran Debacle: What Will Germany and Russia Do?

    In the wake of Donald Trump’s thoroughly unsurprising decision to scuttle the Iran nuclear accord, two countries that may be most in the hot seat are Germany and Russia. The big question now is whether their mutual discomfort leads them to find common cause.

    Angela Merkel’s plight is especially painful. Not only are Germany’s extensive business links with Iran at risk thanks to Trump’s decision to re-apply sanctions, but the German chancellor’s political fortunes have taken a beating thanks to years of American incompetence in the Middle East.

    In Libya, then-Secretary of State Hillary Clinton devoted two weeks during the 2011 Arab Spring to persuading Qatar to join the anti-Gaddafi coalition, only to stand by and watch as the oil-rich emirate seized the opportunity to distribute some $400 million to murderous Salafist rebels spreading anarchy from one end of the country to the other. The result was a failed state that soon turned into a jumping-off point for hundreds of thousands of desperate refugees making their way to Germany and other parts of the European Union.

  • Trump picks billionaire military contractor to lead intelligence board

    President Trump on Friday announced that Stephen Feinberg, a New York billionaire who owns the giant military contractor DynCorp International, will chair a White House executive board that reviews the effectiveness and legality of foreign intelligence.

    [...]

    Feinberg, who has no previous experience working in government intelligence, is the first person that Trump has appointed to the board.

  • Media Debate Best Way to Dominate Iran

    The debate in the New York Times and Washington Post over President Donald Trump’s decision to withdraw from the Joint Comprehensive Plan of Action (JCPOA), better known as the Iran deal, revolves around which tactics America should use to dominate Iran.

    At one end of the spectrum of acceptable opinion is the view that President Trump was correct to withdraw from the deal because it supposedly failed to handcuff Iran to a sufficient degree. At the other is the far more common perspective, which is that Trump should have remained in the deal because it is an effective tool for controlling Iran.

    [...]

    The Washington Post (5/9/18) ran an incoherent piece by US national security advisor John Bolton saying that Trump needed to take the US out of the Iran deal because, since its implementation, Iran has not “focus[ed] on behaving responsibly.” In other words, he opposes the nuclear accord because Iran has proven itself too immature for the freedom from US control that Bolton wrongly suggests it is offered under the JCPOA.

    Commentators who differed on Trump’s decision nevertheless shared the premise of those in favor of taking the US out of the deal, which is that Iran belongs under imperial stewardship.

    Susan Rice, President Obama’s national security advisor, defended the Iran nuclear deal in the Times (5/8/18) on the grounds that it “has served American interests.” “By withdrawing from the deal,” she writes, “we have weakened our ability to address [America’s] concerns” with Iranian policy.

• Transparency/Investigative Reporting

  • Sarah Palin praises WikiLeak’s Julian Assange; ‘He’s all about freedom’

    Sarah Palin on Thursday expressed her appreciation for WikiLeaks publisher Julian Assange, notwithstanding his website releasing the Republican politician’s personal emails nearly a decade earlier during her failed campaign for vice president.

    The former Alaska governor praised Mr. Assange during an interview with One America News, a right-leaning cable network, reversing course after harshly condemning WikiLeaks over its past publications.

    “We do have a little bit of history,” Mrs. Palin said with respect to the WikiLeaks chief. “He leaked or published somehow my private emails, and I was so ticked off at him and I thought he was just such a foe — until I started figuring out where he was headed.”

• Finance

  • Financial inclusion is making great strides

  • Apple scraps plans for $1 billion Irish data center

    The European Commission ruled in 2016 that the Irish government had granted illegal aid to Apple by helping it keep its tax bill artificially low for more than 20 years.

    Apple (AAPL) was ordered to pay €13 billion ($15.5 billion) in unpaid taxes. Ireland and Apple are appealing the ruling.

  • Apple scraps $1 billion Irish data center over planning delays

    A similar Apple center announced at the same time in Denmark was due to begin operations last year and Apple announced in July that it would build its second EU data center there.

  • Apple drops plans for a $1 billion data center in Ireland

  • Facebook Plans to Create Its Own Cryptocurrency

    Facebook is exploring the creation of its own cryptocurrency, a virtual token that would allow its billions of users around the world to make electronic payments, people familiar with Facebook’s plans told Cheddar.

    “They are very serious about it,” said one of the people, who asked not to be identified discussing unannounced plans.

    Facebook started studying blockchain almost a year ago, when a member of its corporate development team, Morgan Beller, began looking at how the social platform could use the emerging technology.

    At the time, Beller was the only Facebook employee devoted to studying blockchain, the digital and decentralized ledger that underpins cryptocurrencies like Bitcoin and Ethereum.

  • Australia says cash about to become illegal for purchases over $7,500

  • Australia Bans Cash For All Purchases Over $7,500 Starting July of 2019

    Australia’s Liberal Party government has announced that it will soon be illegal to purchase anything over $10,000 AU ($7,500 US) with cash. The government says it’s, “encouraging the transition to a digital society,” and cracking down on tax evasion. But not everyone is happy with the move.

• AstroTurf/Lobbying/Politics

  • How the Saudis Wooed Donald Trump

    All it took was flattery, arms, and a little bit of cash.

  • If Trump Is Laundering Russian Money, Here’s How It Works

    Shell companies, pseudonyms, shady lawyers, and secrecy: The president’s and his lawyer’s business practices match the classic pattern of suspicious activity.

  • Senate intelligence panel seeking Sam Nunberg communications with Stone

    Roger Stone said he’s “pleased” former Trump campaign aide Sam Nunberg is now choosing to cooperate with special counsel Robert Mueller after initially saying he would refuse to comply with a subpoena.. (File Photo)

  • Senate investigators request interview with Nunberg, communications with Stone

    The Senate Intelligence Committee is requesting a closed-door interview with onetime Trump campaign adviser Sam Nunberg and that he turn over communications he had with GOP strategist Roger Stone.

    The panel made the formal request to Nunberg on Thursday, CNN reports, asking him to provide any communications with Stone regarding Russia, its hacking efforts during the 2016 election and WikiLeaks as the committee probes Russia’s interference in the race.

  • Former Trump aide Sam Nunberg summoned to meet with Senate panel

    The Senate Intelligence Committee has requested that former Trump campaign aide Sam Nunberg turn over any communications with longtime Trump political adviser Roger Stone that mention Julian Assange, Russia, Wikileaks, and hacking.

    Nunberg told ABC News that he received a letter request from the committee on Friday to submit the documents by May 24. He was also asked to appear before the committee in a closed interview.

  • Steam Yanks Another Developer’s Games Over Fake Reviews Posted By Employee

    Astro-turfing and fake reviews continue to be plagues upon the online marketplace, creating a wave of distrust with the public when it comes to properly assessing any business via online means. It’s impossible to know how big or small a problem this is, which only adds to the distrust in the public, forcing them to assume the worst. All that being said, Valve has actually been pretty good about policing reviews on its gaming platform, Steam, and also making a big public stink about instances in which it has had to take action against developers for trying to game the review system. Studios have had their games pulled from the store entirely, such as when Digital Homicide and Insel Games each had their respective titles pulled. Given that Valve made sure the volume was turned up when it took such actions, one would think that game studios ought to have gotten the message by now.

  • Revealed: rebranded D-Notice committee issued two notices over Skripal affair

    Spinwatch can reveal that the Skripal affair has resulted in the issuing of not one but two ‘D-Notices’ to the British media, which are marked private and confidential. We can also disclose the contents of both notices, which have been obtained from a reliable source.
    Spinwatch can reveal that the Skripal affair has resulted in the issuing of not one but two ‘D-Notices’ to the British media, which are marked private and confidential. We can also disclose the contents of both notices, which have been obtained from a reliable source.

    That two notices were issued has been confirmed by the ‘D-Notice’ Committee. The Committee, which is jointly staffed by government officials and mainstream media representatives has recently changed its name to the ‘Defence and Security Media Advisory (DSMA) Committee’. The use of the word ‘advisory’ is no doubt a bid to discourage the public from thinking that this is a censorship committee. However, the DSMA-Notices (as they are now officially called) are one of the miracles of British state censorship. They are a mechanism whereby the British state simply ‘advises’ the mainstream media what not to publish, in ‘notices’ with no legal force. The media then voluntarily comply.

    Sergei Skripal and his daughter Yulia were poisoned in Salisbury and discovered collapsed on a park bench in the late afternoon of Sunday 4 March. Less than three days later on 7 March, the first and – until now undisclosed – notice was issued.
    That two notices were issued has been confirmed by the ‘D-Notice’ Committee. The Committee, which is jointly staffed by government officials and mainstream media representatives has recently changed its name to the ‘Defence and Security Media Advisory (DSMA) Committee’. The use of the word ‘advisory’ is no doubt a bid to discourage the public from thinking that this is a censorship committee. However, the DSMA-Notices (as they are now officially called) are one of the miracles of British state censorship. They are a mechanism whereby the British state simply ‘advises’ the mainstream media what not to publish, in ‘notices’ with no legal force. The media then voluntarily comply.

    Sergei Skripal and his daughter Yulia were poisoned in Salisbury and discovered collapsed on a park bench in the late afternoon of Sunday 4 March. Less than three days later on 7 March, the first and – until now undisclosed – notice was issued.

  • We read every one of the 3,517 Facebook ads bought by Russians. Their dominant strategy: Sowing racial discord

    The Russian company charged with orchestrating a wide-ranging effort to meddle in the 2016 presidential election overwhelmingly focused its barrage of social media advertising on what is arguably America’s rawest political division: race.

    The roughly 3,500 Facebook ads were created by the Russian-based Internet Research Agency, which is at the center of Special Counsel Robert Mueller’s February indictment of 13 Russians and three companies seeking to influence the election.

    While some ads focused on topics as banal as business promotion or Pokémon, the company consistently promoted ads designed to inflame race-related tensions. Some dealt with race directly; others dealt with issues fraught with racial and religious baggage such as ads focused on protests over policing, the debate over a wall on the U.S. border with Mexico and relationships with the Muslim community.

    The company continued to hammer racial themes even after the election.

    USA TODAY Network reporters reviewed each of the 3,517 ads, which were released to the public this week for the first time by the House Permanent Select Committee on Intelligence. The analysis included not just the content of the ads, but also information that revealed the specific audience targeted, when the ad was posted, roughly how many views it received and how much the ad cost to post.

• Censorship/Free Speech

  • Bitcoin Voice Is Addressing Censorship in the Cryptosphere

    CryptoSlate recently spoke to Alex Pasfield, the 14-year old developer behind Bitcoin Voice, a platform that has been built for the Bitcoin Cash and Bitcoin community to vote on important issues. T

  • Censorship of ‘Taiwan’ at U.S. University Sparks Concern Over Chinese Influence

    The recent removal by a Beijing-backed language school embedded on a university campus in the United States of a reference to the democratic island of Taiwan has sparked concern that Chinese political censorship is compromising freedom of speech far beyond its borders.

    Journalism award winner Bethany Allen-Ebrahimian, who gave a keynote address at Savannah State University’s Department of Journalism and Mass Communications, found that an entry on her biography saying she had worked in Taiwan had been removed.

    “I’d listed the self-governing island as one of the places where I’d reported,” Allen-Ebrahimian wrote in Foreign Policy magazine after the event. “But in the printed materials for the event, the reference to Taiwan had been removed.”

  • Partisanship at Eurovision is becoming more blatant

    Yet regional tensions have had less impact on the competition than another political phenomenon: collusive voting blocs. A paper published in 2017 by Alexander Mantzaris, Samuel Rein and Alexander Hopkins of the University of Central Florida has identified the worst culprits, and demonstrated that such partisanship is on the rise.

  • Eurovision Pulls Chinese Contract After Broadcaster Censors Irish Entry

    The group that broadcasts the Eurovision has terminated its partnership with a Chinese station from showing the contest.

    It comes after Mango TV censored Ireland’s entry in the first semi-final.

    It’s thought this related to the depiction of a same-sex couple on stage during Ryan O’Shaughnessy’s song ‘Together’.

  • Chinese Censorship of Eurovision Prompts LGBT Community Outcry

  • Chinese censorship of Eurovision prompts LGBT community outcry

    A Chinese broadcaster’s censorship of gay-themed content during this week’s Eurovision Song Contest has fuelled an outcry among the country’s LGBT community and prompted the European Broadcasting Union to halt its relationship with the channel.

  • EBU terminates this year’s partnership with Mango TV

  • Eurovision cuts feed to China’s Mango TV over censorship

  • Eurovision 2018: Chinese broadcaster barred from airing final after censoring LGBT+ content

  • China’s bizarre and hateful Eurovision censorship

  • China’s Mango TV Banned From Airing ‘Eurovision Song Contest’ After LGBT Censorship

• Privacy/Surveillance

  • Zuckerberg’s Invasion and Evasion

  • Thousands of Facebook ads bought by Russians to fool U.S. voters released by Congress

    The Facebook ads varied in their effectiveness and reach, with some only being shared a few hundred times, others seen hundreds of thousands or more than 1 million times. They ran just over two years starting in June 2015, increasing in volume in October and November 2016, just before and after the presidential election, but also showing spikes in April and May of 2016 and also April and May of 2017.

  • UK regulator orders Cambridge Analytica to release data on US voter

    He said the ICO’s letter was “pretty extraordinary” and “proved what we’ve been saying for a long time: this is not a normal company. To have the audacity to say that American voters are no different than jihadis hiding in a cave is pretty shocking”. He said that it was the fact that it was a British company that had processed US voters’ data in the UK in an act of “digital colonialism” that had originally inspired him to ask the company for his data back.

  • Hollywood Offers Ominous Visions of Facial Recognition’s Future

    Facial recognition technology stars in three recent Hollywood movies: Isle of Dogs, Ready Player One, and Black Panther. In Wes Anderson’s stop-motion near-future Japan, a corrupt mayor uses the technology to capture the Little Pilot who only wants to save his dog. In Steven Spielberg’s dystopic America, a megalomaniacal billionaire uses drones equipped with face scanners to find one of the movie’s heroes as she drives her van through an impoverished futuristic cityscape. And in Ryan Coogler’s Wakanda, the royal technologist’s team uses her facial recognition tool to identify intruders in the kingdom.

  • Company That Handles Prison Phone Calls Is Surveilling People Who Aren’t in Prison

    Sen. Ron Wyden has revealed shocking surveillance practices by Securus, a prison technology company.

    Securus, one of the country’s largest providers of phone services to incarcerated people, is known for its shady, cruel, and sometimes illegal business practices. It has charged exorbitant rates for prisoners’ calls, limited family and friends to video-only “visits” with incarcerated loved ones, and violated attorney-client privilege by recording phone calls between prisoners and their attorneys.

    This week, Sen. Ron Wyden (D-Ore.) revealed even more troubling practices that undermine the privacy and civil liberties of millions upon millions of Americans. In letters made public on Friday demanding action from the Federal Communications Commission and several major telecommunications companies, Wyden described Securus’ ability to obtain and share the cell phone location information of virtually anyone who uses a phone.

    The letters report that Securus provides correctional facilities with the ability to access real-time location data for virtually any individual in the country — without making sure that officials have obtained a warrant or proper consent.

  • Senator Wyden Demands Answers from Prison Phone Service Caught Sharing Cellphone Location Data

    Do you use Verizon, AT&T, Sprint, or T-Mobile? If so, your real-time cell phone location data may have been shared with law enforcement without your knowledge or consent.

    How could this happen? Well, a company that provides phone services to jails and prisons has been collecting location information on all Americans and sharing it with law enforcement—with little more than a “pinky promise” from the police that they’ve obtained proper legal process.

    This week, Sen. Wyden called out that company, Securus Technologies, in a letter to the FCC demanding the agency investigate Securus’s practices. Wyden also sent letters to the major phone carriers asking for an accounting of all the third parties with which they share their customers’ information as well as what they think constitutes customer consent to that sharing.

    Wyden called on the carriers to immediately stop sharing data with any and all third parties that have misrepresented customer consent or abused their access to sensitive customer data like real-time location information.

  • How a Mugger Helped Create the NSA’s Post-9/11 Surveillance Program

    It was just another quiet Tuesday in October 2013 when a startling call from a reporter arrived on Stephen Sachs’ phone. The reporter was with an outlet that Sachs had never heard of—Wired—and he was asking about a Supreme Court case, Smith v. Maryland, from decades ago. The career lawyer had practically forgotten about it. But the Foreign Intelligence Surveillance Court had been secretly relying on Smith, which began as a late-night robbery in Baltimore in 1975, to justify a massive surveillance program at the National Security Agency.

    The 1979 Smith decision “was a routine robbery case,” he told David Kravets. “To extend it to what we now know as massive surveillance, in my personal view, is a bridge too far.” Specifically, Smith had become a critical linchpin in the third-party doctrine.

    Today, the third-party doctrine works like this: If Alice calls Bob using Verizon, the fact that this call went over Verizon’s network means that a third party (Verizon) was brought into the mix. Under this logic, neither Alice nor Bob can claim a privacy interest over the fact that the call took place. So, Verizon can disclose this metadata (who called whom, when, and for how long) to the police with little difficulty. In short, the government claims (and the Supreme Court agreed in 1979), that there was no “reasonable expectation of privacy” in numbers disclosed to a phone company.

  • Hey Alexa, What Are You Doing to My Kid’s Brain?

    Among the more modern anxieties of parents today is how virtual assistants will train their children to act.

• Civil Rights/Policing

  • The Handbook of Tyranny: stark infographics on human cruelty

  • WaPo Positions Support for Torturer as Vote for Feminism

    As the war over Gina Haspel’s nomination to lead the Central Intelligence Agency has waged on this week, we’ve been gifted an incredible batch of corporate media apologias for the CIA’s decades-long legacy of torture, extrajudicial killings and civil liberties violations. Perhaps most remarkably, these outlets have spent hundreds of words arguing that Haspel should be confirmed as the next director of the CIA—despite having overseen a black site prison where detainees were brutally tortured, and directing the destruction of evidence of this illegal and inhumane practice—because it’s the feminist thing to do.

    This was the perfect line for the Trump administration’s Haspel push—a notion informed both by the Republicans’ elementary understanding of identity politics and their obsession with calling out perceived liberal hypocrisy: After all, how could any self-respecting Democrat vote against a woman to usher the United States’ international spying apparatus into its next no doubt sinister phase?

    White House spokesperson Sarah Huckabee Sanders made this point plainly in a tweet last week, saying: “Any Democrat who claims to support women’s empowerment and our national security but opposes her nomination is a total hypocrite.”

  • 5 Things Gina Haspel Wouldn’t Say About CIA Torture — and Why It Matters

    Haspel was far from forthright, regularly evading questions or giving only vague answers. Some takeaways from the hearing.

    President Trump’s nominee to be CIA director, Gina Haspel, faced pointed questions from the Senate Intelligence Committee Wednesday morning. Senators asked about her role in the agency’s torture program and its cover-up, including her role in the destruction of dozens of videotapes documenting torture.

    Haspel, however, was far from forthright, regularly evading questions or giving only vague answers.

  • CBP Sued For Seizing $41,000 From Airline Passenger, Then Refusing To Give It Back Unless She Promised Not To Sue

    Another case of asset forfeiture is the subject of a federal lawsuit. Like many others, the plaintiff has obtained the assistance of the Institute for Justice in battling the government for the return of seized assets. In this case, a US citizen saw $41,000 of hers disappear into the government’s custody when she attempted to take it to her hometown in Nigeria to start a medical clinic.

    [...]

    On top of that, the reporting must be done at the time of the flight, but the office where the reporting is handled is not even located on the airport’s property, much less in the terminal. And then there’s the petty grubbiness of the CBP officers’ actions — like their decision to cut open her bag to access the cash, rather than use the key she provided them, and threatening to harass and detain her in the future any time she decides to board an international flight.

  • The government took $41,000 from this Texan at a Houston airport six months ago. They never gave it back.

    For nearly a decade, Anthonia Nwaorie dreamed of starting a medical clinic in her hometown in Southern Nigeria.

    Last October, the 59-year-old nurse was boarding a plane in Houston with medical equipment, supplies, and about $41,000 in cash — which had taken her years to save — when Customs and Border Protection officials stopped her.

    “The officer started asking me questions: How much money do you have? How long have you been in the United States?” she remembered. “I felt like a criminal that had just run the red light.”

    Nwaorie said she was detained for hours. She missed her flight to Nigeria and the customs officers seized all her money. Lawyers at the Institute for Justice, an Arlington, Virginia-based public interest law firm, say her case demonstrates just how abusive the practice of civil forfeiture — which allows the government to take property that is believed to be tied to a crime — can be.

  • Injured Amazon worker describes high-tech dystopia inside Texas warehouse

    Every time workers leave the facility, they are subjected to an invasive search. “You wait in line with a bucket like at the airport,” she said. A worker is required to take off belt, shoes, and hat. Bags are sent through a conveyor belt and the worker goes through a full body scan. “If you set it off, you have to go through a second search, and they wand you front to back.”

    In a 10-hour shift, workers are permitted two 15-minute breaks and one 30-minute break for lunch. To go outside on a break, workers must submit to the search and go through the security line. “The lines to get outside on your 15-minute break are 20 to 30 deep on each line, and there are only two lines.” Meanwhile, the breaks are timed from “scan to scan” at a worker’s station, and workers are admonished, “Not one second more.”

  • CIA & Army veteran has the best response to Gina Haspel confirmation obfuscation

  • Ex-PM Najib banned from leaving Malaysia

    Najib Razak is barred from travelling overseas, just days after his party’s shock election defeat.

• Internet Policy/Net Neutrality

  • Net neutrality dies June 11th

    The US Senate has forced a vote, scheduled for next week, to overturn Pai’s decision. If the Senate is successful, the House of Representatives will have to take similar measures before Pai’s framework is overruled. Of course, that’s not to say Donald Trump won’t veto it once it lands on his desk. In the interim, a handful of states have passed their own bills upholding Title II provisions.

  • It’s Official: the FCC Has Released the Date the Net Neutrality Repeal Will Go Into Effect

  • AT&T Cans Exec Over Cohen Payment Kerfuffle, Pretends This Kind Of Influence Peddling Isn’t Perfectly Routine

    As you’ve probably seen, AT&T was recently exposed for paying $600,000 into a shady shell LLC operated by President Trump’s “fixer” Michael Cohen. Initially, AT&T tried to claim that the company had simply hired Cohen for “insight” into President Trump. Given AT&T could easily gain said insight into Trump from any number of its lawyers, lobbyists, and above-board consultants (not to mention the ocean of politicians and regulators in its back pocket), the idea they’d pay a dubious NYC “fixer” for such insight never really carried much weight.

    It seems fairly obvious at this point that AT&T was probably paying Cohen for additional access to the President. A leaked document provided to the Washington Post makes it clear that AT&T hoped to gain some advantage in its business before the FCC (net neutrality, privacy, protectionism, protecting its monopoly power), and its efforts to gain regulatory approval for the company’s $86 billion Time Warner merger…

  • T-Mobile Hires Ex-FCC Commissioner To Claim Its Competition-Killing Merger Will Be Really Great For…Farmers

    As we’ve discussed, the looming Sprint T-Mobile merger is going to be decidedly ugly for American consumers. Global history has shown repeatedly that when you reduce the number of total competitors from four to three, you proportionally reduce any incentive to truly compete on price. Analysts have also predicted that anywhere between 10,000 and 30,000 retail, management, and administrative employees will lose their jobs as the bigger company inevitably eliminates redundant positions. Of course like any American merger, the two companies’ CEOs have spent much of the last week trying to claim the exact opposite.

    Still, it’s going to be an uphill climb for Sprint and T-Mobile to sell regulators on the deal, even for an administration that seems to take pride in undermining consumers and small businesses.

  • Tim Karr on Net Neutrality Fight, Mark Trahant on Indian Country Today

    As we record the show on May 10, the FCC has posted notice that net neutrality rules—the ones that keep service providers from favoring websites that give them money, and slowing down or “throttling” your access to websites that don’t pony up—will disappear on June 11. This should come as a surprise to all of the media outlets that told you that net neutrality already died on April 23. So: What, exactly, is going on? And, since abandoning the fight for an open internet is not an option, what do we do now? We talk net neutrality with Tim Karr, senior director of strategy and communications at the group Free Press.

• Intellectual Monopolies

  • Brazilian Superior Court Of Justice Stops Patent Term Extension Attempts

    To summarize the last decade of Brazilian Superior Court of Justice judgements on patent term extension matters, two conclusions can be reached: (1) in Brazil, big pharma/agrochemical companies are much like Charles Dicken’s famous character Oliver Twist: “Please Sir, I want some more!”; and (2) while IP lawyers should be commended for their creativity in attempting to obtain patent term extensions, the STJ has consistently ruled against such attempts, always noting that a patent impacts several actors of society: (i) the inventor; (ii) the patent holder; (iii) the State; (iv) consumers; (v) competition; and (vi) the environment. The proper solution for such cases cannot be favorable only for a party (or two).

  • Trademarks

    • Rap or Pap? Dr. Dre Loses Trademark Battle With Dr. Drai, A Gynecologist

      I trust that readers of this site young and old will be familiar with Dr. Dre. The wildly famous rapper has made hit records, produced some of the biggest names in hip hop, been a mogul in the music hardware space with his headphone line, and performed countless pelvic exams on women throughout the American northeast.

      Wait, that last part can’t be right. Surely I was legitimately confused by the existence of Dr. Drai, an OB/GYN in Pennsylvania who dared attempt to get a trademark on his name for his doctor-ly practice. It seems that Dr. Dre has been locked in a trademark opposition with Dr. Drai going on three years, arguing that the absurd example of faked confusion above is actually likely to happen for real.

  • Copyrights

    • Minnesota Judges Refuse To Unmask Defendants For Copyright Troll Strike 3

      With copyright trolling a business model in full force across the world, we’ve noted that there has finally started to be some pushback against these tactics. In Europe, both courts and ISPs have begun wising up to the notion that IP addresses are an incomplete and faulty piece of “evidence” at best, with both government and industry also finally beginning to question just where user privacy should fit into all of this. In America, unfortunately, copyright trolls have all too often been able to unmask customers through ISPs based on court orders pretty much at will. Strike 3 Holdings is one such troll, with the company being partially responsible for a number of piracy lawsuits shooting out of the gate in 2018 at record speed.