EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.26.18

Links 26/6/2018: New Firefox and Stable Kernels

Posted in News Roundup at 4:22 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • LinuxQuestions.org Turns Eighteen

    I’m proud to announce that LQ turned 18 today! I’d like to once again thank each and every LQ member for their participation and feedback. While there is always room for improvement, that LQ has remained a friendly and welcoming place for new Linux members despite its size is a testament to the community.

    To say that feedback has been absolutely critical to our success is an understatement. As has become tradition, I’d like to use this thread to collect as much feedback as possible about LQ. What are we doing well and where can we improve? Where are we failing? What can we do to ensure long time members remain engaged and willing to help? What can we do to ensure new members feel welcome? What should we be doing differently?

    As part of our 18 year anniversary, we’ll be randomly selecting 18 posts from this thread and upgrading that member to “Contributing Member” status for one year. Stay tuned, and thanks again for being a member. Together, I think we can make LQ even better.

    –jeremy

  • Desktop

  • Server

    • Microsoft Buys GitHub: Three Weeks Later

      I heard that Microsoft would be buying GitHub just a couple days before it happened when Carlie Fairchild at Linux Journal told me about it. I replied to the news with a solid, “Get! Out!” Needless to say, I had my doubts. As someone who remembers all too well the “Embrace, extend and extinguish” days of Microsoft, the news of this latest embrace did, however briefly, bring back those old memories. When I was asked what I thought, I answered that the optics were bad.A lot of years have passed since, back in 2001, Steve Ballmer declared Linux to be a cancer. These days, Microsoft loves Linux. It says so right on its website. Two years ago, Steve Ballmer also proclaimed his love for Linux. In 2018, Microsoft has its own distribution that it uses in its Azure cloud. Microsoft includes several different flavors of Linux in its app store (the Windows Subsystem for Linux), all of which can be installed on Windows 10. Microsoft develops for Linux. Heck, Microsoft even contributes to the Linux kernel.

      [...]

      But let’s, just for a moment, pretend that Microsoft is in fact up to its old “extend, embrace and extinguish” tricks. Open source can and would survive anything Microsoft could throw at it. Linux withstood SCO (backed at the time by Microsoft) in a long legal battle, and all of Microsoft’s best attempts to frame it as dangerous, not up to the job, unreliable and a cancer. That was back when Linux was the little guy. In 2018, Linux is the Big Man On Campus.

      Linux and open-source software will do just fine, even with Microsoft running the show at GitHub.

    • We’re moving from Azure to Google Cloud Platform

      Improving the performance and reliability of GitLab.com has been a top priority for us. On this front we’ve made some incremental gains while we’ve been planning for a large change with the potential to net significant results: moving from Azure to Google Cloud Platform (GCP).

    • EFF Launches STARTTLS Everywhere, GitLab Moving from Azure to Google Cloud, Firefox 61.0 Released, SUSE Linux Enterprise 15 Now Available and More

      The EFF yesterday announced the launch of STARTTLS Everywhere, “EFF’s initiative to improve the security of the email ecosystem”. The goal with STARTTLS is “to do for email what we’ve done for web browsing: make it simple and easy for everyone to help ensure their communications aren’t vulnerable to mass surveillance.” You can find out how secure your current email provider is at https://www.starttls-everywhere.org, and for a more technical deep dive into STARTTLS Everywhere, go here.

      GitLab announced yesterday that it is moving from Azure to Google Cloud. GitLab claims the decision to switch to Google Cloud is “because of our desire to run GitLab on Kubernetes. Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support.” The migration is planned for Saturday, July 28, 2018, and GitLab will utilize its Geo product for the migration.

    • ​GitLab moves from Azure to Google Cloud Platform

      Andrew Newdigate, GitLab’s Google Cloud Platform Migration Project Lead, explained GitLab was making the move to improve the service’s performance and reliability.

      Specifically, the company is making the move because it believes Kubernetes is the future. Kubernetes “makes reliability at massive scale possible.” GCP was their natural choice because of this desire to run GitLab on Kubernetes. After all, Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support.

  • Kernel Space

    • Linux 4.17.3
    • Linux 4.16.18
    • Linux 4.14.52
    • Linux 4.9.110
    • Linux Foundation

      • Open Source Guides for the Enterprise Now Available in Chinese

        The popular Open Source Guides for the Enterprise, developed by The Linux Foundation in collaboration with the TODO Group, are now available in Chinese. This set of guides provides industry-proven best practices to help organizations successfully leverage open source.

        “Making these resources available to Chinese audiences in their native language will encourage even greater adoption of and participation with open source projects,” said Chris Aniszczyk, CTO of Cloud Native Computing Foundation and co-founder of the TODO Group. The guides span various stages of the open source project lifecycle, from initial planning and formation to winding down a project.

      • Jobs Report: Demand for Open Source Skills Climbs, Topped by Linux

        The seventh annual open source jobs report from The Linux Foundation and careers site Dice shows an increasing enterprise demand for open source skills, with Linux regaining the position of most-coveted technology.

        The demand for open source skills is so high that nearly half of hiring manages responding to the survey said their organization are supporting open source projects solely for the purpose of recruiting hard-to-find talent.

        That talent hunt is topped by the search for Linux skills, which is back on top as the No. 1 skill sought by hiring managers following a hiatus that saw cloud technologies ascending in last year’s report.

      • Need a Smart IT Hire? Look to Open Source

        Even if your association’s main stack isn’t based on open-source software, you should still know the language. According to a recent report from the Linux Foundation, it could even help you find new talent.

        In my many years writing about the ins and outs of associations—and particularly their technology challenges—one common refrain I’ve heard is this: Open-source software is hard to maintain and comes with a lot of headaches that you won’t run into with a managed vendor.

    • Benchmarks

      • 13-Way IBM POWER9 Talos II vs. Intel Xeon vs. AMD Linux Benchmarks On Debian

        Back in April we were able to run some IBM POWER9 benchmarks with remote access to the open-source friendly Talos II systems by Raptor Computer Systems. We were recently allowed remote access again to a few different configurations of this libre hardware with three different POWER9 processor combinations. Here are those latest benchmarks compared to Intel Xeon and AMD EPYC server processors.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.13.2 Desktop Environment Released with More Than 20 Improvements

        The second maintenance update of the KDE Plasma 5.13 desktop environment has been released today, version 5.13.2, with another layer of stability improvements.

        Coming just one week after the first point release, KDE Plasma 5.13.2 arrives only two weeks after the release of the KDE Plasma 5.13 desktop environment to fix more bugs that the team discovered across various components, such as Plasma Discover, Plasma Desktop, Plasma Workspace, KSysGuard, Plasma Audio Volume Control, and others.

        Highlights of this second point release include simplified Flatpak initialization process and inclusion of a donation URL for KNS in the Plasma Discover package manager, a fix for a leak of pipe FDs in the MD RAID code and support for Qt 5.11 in KSysGuard, as well as more improvements to the Fonts KCM panel. For more details, check out the full changelog.

      • (wanted) Poudriere Workflow Support

        Poudriere will grind away at dependencies and everything, and in the end spits out a nicely colored status line; it looks like this (here, I was rebuilding octave in order to test Qt5 compatibility, and most of the dependencies were already done).

      • GSoC 2018 – Coding Period (June 18th to June 26th): Finishing LVM VG support and starting RAID implementation

        I’ve finished LVM VG complete support to Calamares, including resize, deactivate and remove operations. All my progress is actually related to my PR from the last week (I’ve changed it’s name, because I decided to include the remaining LVM implementations on it). This PR got some dependency issues with kpmcore’s latest versions and the code needs some refactoring, but you can see it here:

      • (Request) 3D Konqui Model

        A long time ago Konqui was a bit different than what it is today, you know – people evolve, and mascotts too.I think everyone here remembers the Huge konqui custume that I did for the brazilian conventions, it was the most amazing konqui costume ever but he’s resting in peace now, retired in a theather school.

      • About Git Reverts and Contributor’s Pride

        This also appply to my new changes to Konsole. I’v did a lot of changes in the source this month, and I was sending experimental stuff to it that I had three accepted-merged-reverted commits. This doesn’t makes me angry at all, one of the features is probably be upstreamed to Breeze and all kde software will enjoy it, and the other two introduced regressions, and if we don’t produce code we can’t evolve, without new code there’s also no new bugs being introduced (as i did).

      • KDAB at Qt Contributors’ Summit

        About 80 committed developers met in Oslo to talk about the latest developments in the Qt framework, enjoying beautiful weather in Oslo, and of course, the coffee.

      • Qt 3D Studio 2.0 Officially Released, Qt Design Studio Announced For UI Designers

        The Qt Company has been on a roll this year with a slew of exciting announcements, the latest of which are Qt 3D Studio 2.0 and a new tool for user-interface designers as Qt Design Studio.

        Qt 3D Studio 2.0 we’ve known has been coming with editor improvements, a new run-time built on Qt 3D rather than the NVIDIA rendering engine, and much more.

    • GNOME Desktop/GTK

      • Thank you, address sanitizer developers

        I don’t often write useless blog posts, but today will be an exception. The address sanitizer (asan) is a ludicrously good tool. The developers deserve a huge thank you.

      • Tagged Entry in Nautilus

        With the exams having been left in the past, I can get back to hacking on Nautilus again. This time, it’s coming up with a GTK+ 4-ready tagged entry for the search. Heavily inspired by Matthias’ prototype, here is a sneak peek at the work-in-progress implementation:

  • Distributions

    • PCLinuxOS/Mageia/Mandriva Family

      • Weekly Roundup and News – weeks 24 & 25

        For the longest time our wiki main page has been very plain and simple; our own Zalappy has designed a new look, and the modifications are almost ready! Keep watching, because it’s looking really good! Thanks to Zalappy for his artistic flair, and to apb for his hard work making it happen.

    • OpenSUSE/SUSE

      • ​SUSE Linux Enterprise Server takes a big step forward

        SUSE doesn’t get the ink that Red Hat Enterprise Linux (RHEL) or Canonical Ubuntu does, but it’s still a darn fine Linux server distribution. Now, SUSE takes another step forward in the server room and data center with the mid-July release of SUSE Linux Enterprise Server (SLES) 15.

        SLES 15 will be available on x86-64, ARM, IBM LinuxONE, POWER, and z Systems in mid-July. So, no matter what your preferred server architecture, SUSE can work with you.

      • SUSE Announces Release of SUSE Linux Enterprise 15, SUSE Manager 3.2 and SUSE Linux Enterprise High Performance Computing 15

        Today, SUSE announced the release of SUSE Linux Enterprise 15, SUSE Manager 3.2 and SUSE Linux Enterprise High Performance Computing 15 with a focus on helping customers innovate in this era of rapid digital transformation while meeting the needs of multimodal IT.

      • SUSE Updates Enterprise Linux for the Multi-Cloud Era

        SUSE announced its Enterprise Linux 15 and SUSE Manager 3.2 updates on June 25, ushering in the next generation of enterprise Linux technologies from the Germany-based Linux vendor.

        SUSE Enterprise Linux 15 is the first time since 2014 that SUSE has changed the major version for its flagship platform. While SUSE Linux Enterprise 12 was announced back in 2014, SUSE never released a version 13 or 14, deciding instead to skip ahead to version 15 for the new update.

        “In various cultures, both 13 and 14 are unlucky numbers,” Matthias Eckermann, director of SUSE Linux Enterprise product management, told eWEEK. “We were asked to not use these by partners and customers, so here we are at 15.”

      • SUSE Linux Enterprise 15 Officially Released

        Sharing the same code-base as openSUSE Leap 15, on Monday SUSE announced the release of SUSE Linux Enterprise 15.

        SUSE Linux Enterprise 15 was announced along with the release of SUSE Manager 3.2 and SUSE Linux Enterprise High Performance Computing 15. SUSE Linux Enterprise 15 products though are said to be available beginning around the middle of July.

    • Red Hat Family

      • Red Hat has friends in the clouds. That could help it get a piece of a Pentagon contract.

        A major contract from the U.S. Department of Defense could benefit some workers in the Triangle.

        Red Hat leaders have been talking to defense officials about its JEDI cloud-services contract and think the company is “extremely well-positioned” to supply the project’s back-end workings, Red Hat Chief Financial Office Eric Shander said in a recent interview.

      • Cloud-native BPM solution launched by Red Hat

        Open source solutions provider Red Hat has launched what it calls the `next generation’ of Red Hat JBoss BPM Suite, now called Red Hat Process Automation Manager.

        It provides a cloud-native platform for developing applications that automate business decisions and processes.

      • Using Red Hat Data Grid to power a multi-cloud real-time game

        The scavenger hunt game developed for the audience to play during the Red Hat Summit 2018 demo used Red Hat Data Grid as storage for everything except the pictures taken by the participants. Data was stored across three different cloud environments using cross-site replication. In this blog post, we will look at how data was flowing through Data Grid and explain the Data Grid features powering different aspects of the game’s functionality.

      • PodCTL #40 – Scaling OpenShift Roadshows

        Summertime is typically a slow news cycle for technology, so some people find time to relax, while others use it as an opportunity to learning something new. One activity that draws lots of people eager to learn are the OpenShift roadshow, where both Application Developers and IT Operations can get hands-on with OpenShift and related technologies.

      • So, you want to do computer science, huh?

        I do mentor/advise startups and if any of them come to me with proposals that involve buying hardware, setting up software as part of the servers etc, I will promptly throw them out. Create your stuff on the cloud – AWS, Google, Rackspace, DigitalOcean etc. Lots of them out there. At some point, when your project/start-up ideas have gained some form/shape, and you have paying customers, you could consider running your own data centers using Red Hat Open Stack and Red Hat OpenShift to make sure that you have a means to run your application in-house or in your own data center or onto the public cloud seamlessly.

      • Red Hat Enterprise Linux builds the foundation for the world’s fastest supercomputer(s)
      • Red Hat Certified Cloud Architect – An OpenStack Perspective – Part Two
      • Finance

      • Fedora

        • Fedora 29′s User PATH Will Prioritize Local User Binaries

          There have been several controversial Fedora 29 changes this cycle like hiding GRUB by default and catering i686 packages to x86_64 while another one was approved today at the Fedora Engineering and Steering Committee.

          The latest approved feature for Fedora 29 that’s been met by some controversy in user/developer discussions is on changing the prioritization of some paths within the user PATH environment variable. Rather than ~/.local/bin and ~/bin currently appearing at the end of the PATH paths, with Fedora 29 they will be set to the front. This gives these local user paths higher priority over the system-wide paths when it comes to looking for commands on the system.

        • Hello from your new Fedora Program Manager

          Hi, Fedora Community! I’d like to take a moment to introduce myself as the newly-hired Fedora Program Manager. I’ve been a Fedora user for over a decade and a contributor in various roles almost that long. I started out on the documentation team as a writer and then led the team for a few releases. I’ve also maintained packages, dabbled a little bit in marketing (I know I’m way behind on that video ticket, sorry!), and helped promote Fedora through social media and articles on Opensource.com. Professionally, my background is largely in systems administration (with a strong focus on high performance computing in public cloud), but I’ve spent the last two years in marketing. I have a bachelors degree in meteorology and a masters degree in IT project management. I’m also an organizer for a local tech meetup and an occasional freelance writer.

        • Fedora 28 : Using the python module sh .
        • [Week 6] GSoC Status Report for Fedora App: Abhishek Sharma
        • Fedora/RISC-V nightly builds
    • Debian Family

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu Weekly Newsletter Issue 533

            Welcome to the Ubuntu Weekly Newsletter, Issue 533 for the week of June 17 – 23, 2018. The full version of this issue is available here.

  • Devices/Embedded

Free Software/Open Source

  • Jos Poortvliet: Working at Nextcloud

    I’ve been around in communities like KDE, openSUSE, Mandrake/Mandriva and others… and various open source and closed companies. Seen some do a good job. Seen others be mismanaged. This one: the most fun. Serious.

    Working at Nextcloud is special. For one, we’re a distributed company. Is it hard? Well, yes and no. Working from home is great with such a motivated team with very little management overhead and good communication. Our company is entirely built on it, that is why it works.

    [...]

    But we connect in person: roughly every second month, at a company-wide meeting in a single place, usually Stuttgart, for a full week of coding and having a great time. And once a year we go to Berlin for our conference, happening the last week of August! All those meetings are open, with often lots of community members participating in the whole process of designing and deciding around our software.

    And yes, the sales people join there, too. I have NEVER worked in a company where the sales people, the marketing team and the engineers were so good with each other. Respect between these three departments is extremely rare, as I’m sure every one of my readers knows from experience.

  • Web Browsers

    • Mozilla

      • New Firefox Releases Now Available

        Even though summer is here in the northern hemisphere, we’re not taking any breaks. Firefox continues our focus on making a browser that is smarter and faster than any other, so you can get stuff done before you take that much needed outdoor stroll.

      • Firefox 61 – Quantum of Solstice

        Firefox 61 is now available, and with it come new performance improvements that make the fox faster than ever!

      • Firefox 61 Releasing Today With Performance Improvements, Accessibility Inspector

        Mozilla is on schedule with releasing Firefox 61.0 today and can already be found via their FTP mirrors.

        Firefox 61.0 has us excited due to performance improvements: This new web-browser update has furthered Quantum CSS to offer faster page rendering times with the parsing being parallelized, other rendering speed optimizations, and faster tab switching on Linux/Windows are among the performance enhancements.

      • Retained Display Lists for improved page performance

        Continuing Firefox Quantum’s investment in a high-performance engine, the Firefox 61 release will boost responsiveness of modern interfaces with an optimization that we call Retained Display Lists. Similar to Quantum’s Stylo and WebRender features, developers don’t need to change anything on their sites to reap the benefits of these improvements.

      • Scanning for breached accounts with k-Anonymity

        The new Firefox Monitor service will use anonymized range query API endpoints from Have I Been Pwned (HIBP). This new Firefox feature allows users to check for compromised online accounts while preserving their privacy.

      • Testing Firefox Monitor, a New Security Tool

        From shopping to social media, the average online user will have hundreds of accounts requiring passwords. At the same time, the number of user data breaches occurring each year continues to rise dramatically. Understandably, people are now more worried about internet-related crimes involving personal and financial information theft than conventional crimes. In order to help keep personal information and accounts safe, we will be testing user interest in a security tool that lets users check if one of their accounts has been compromised in a data breach.

  • Oracle/Java/LibreOffice

    • Checking out the notebookbar and other improvements in LibreOffice 6.0

      With any new openSUSE release, I am interested in the improvements that the big applications have made. One of these big applications is LibreOffice. Ever since LibreOffice has forked from OpenOffice.org, there has been a constant delivery of new features and new fixes every 6 months. openSUSE Leap 15 brought us the upgrade from LibreOffice 5.3.3 to LibreOffice 6.0.4. In this post, I will highlight the improvements that I found most newsworthy.

  • Pseudo-Open Source (Openwashing)

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • Top 6 Arduino robots of 2018 (so far)

        Since its development in the early 2000s, Arduino products like the Uno and Nano have revolutionized what people can make at home with inexpensive and easy-to-use components. Robotics and automation are no longer solely in the realm of engineers; anyone willing to spend the time to learn how these devices work can create their own inventions.

        This has led to an influx of practical and innovative projects, and the technology to share them via video and social media has only accelerated the growth. We may be only halfway through 2018, but we’ve already seen a wide variety of innovative projects.

        Here are a handful of our favorites so far—we can only imagine what else we’ll see in 2018!

  • Programming/Development

    • 8 great pytest plugins

      We are big fans of pytest and use it as our default Python testing tool for work and open source projects. For this month’s Python column, we’re sharing why we love pytest and some of the plugins that make testing with pytest so much fun.

    • Python 3: Sometimes Immutable Is Mutable and Everything Is an Object

      Python is a multi-paradigm programming language. Meaning, it supports different programming approach. One of the popular approach to solve a programming problem is by creating objects. This is known as Object-Oriented Programming (OOP).

    • Massacring C Pointers

      I’m taking a break from debugging books to talk about a calamitous shitshow of textbook writing: Mastering C Pointers: Tools for Programming Power, by Robert J. Traister.

      I learned of the book through a talk by Brian Kernighan where he refers to the book as probably “the worst C programming textbook ever written.”[1] He doesn’t name it but with some help I was able to track down his obliquely accurate reference.

      This book has become my white whale. Since I started reading debugging books, and especially now that I’m digging through older ones, I find bits of advice that simply don’t work today. While some of it could be construed as useless or idiotic, I’ve always found the authors come from a position of earnestness, attempting to draw the best conclusions based on decent principles and what they knew at the time they wrote it. In some cases they may not have known much, but they’re honestly and humbly trying to impart some wisdom.

Leftovers

  • Happy birthday, you lumbering MS-DOS-based mess: Windows 98 turns 20 today

    Windows 98 turns 20 today. However, rose-tinted spectacles still don’t make a hybrid 16 and 32 bit OS tottering on top of MS-DOS any more appealing.

    While Windows NT 4.0 pointed to a future free from MS-DOS, the majority of the Windows user base simply did not have the hardware to run much more than a jumped-up version of Windows 95. Thus Windows 98 appeared to bridge the gap.

    Codenamed Memphis, the first beta of Windows 98 arrived in 1996 with the final Release To Manufacturing (RTM – remember those?) version appearing two years later. USB support came as standard (and memorably exploded live on stage) along with a range of functions intended as a nod to that World Wide Web thing. Applications such as Outlook Express, FrontPage Express and a personal web server appeared as part of the installation.

  • Science

    • The rock that fell to Earth

      The meteorite man of Montrose, Colorado, enchanted his community with promises of untold riches of extraterrestrial origin. But as Steven Curry collided with scientists and the legal system in his quest for recognition, his obsession took him to the Bundy Ranch and a police standoff.

  • Health/Nutrition

    • FDA Repays Industry by Rushing Risky Drugs to Market

      As pharma companies underwrite three-fourths of the FDA’s budget for scientific reviews, the agency is increasingly fast-tracking expensive drugs with significant side effects and unproven health benefits.

  • Security

    • Security updates for Monday
    • Security updates for Tuesday
    • Hyperthreading under scrutiny with new TLBleed crypto key leak

      Last week, developers on OpenBSD—the open source operating system that prioritizes security—disabled hyperthreading on Intel processors. Project leader Theo de Raadt said that a research paper due to be presented at Black Hat in August prompted the change, but he would not elaborate further.

      The situation has since become a little clearer. The Register reported on Friday that researchers at Vrije Universiteit Amsterdam in the Netherlands have found a new side-channel vulnerability on hyperthreaded processors that’s been dubbed TLBleed. The vulnerability means that processes that share a physical core—but which are using different logical cores—can inadvertently leak information to each other.

      In a proof of concept, researchers ran a program calculating cryptographic signatures using the Curve 25519 EdDSA algorithm implemented in libgcrypt on one logical core and their attack program on the other logical core. The attack program could determine the 256-bit encryption key used to calculate the signature with a combination of two milliseconds of observation, followed by 17 seconds of machine-learning-driven guessing and a final fraction of a second of brute-force guessing.

    • Oracle gets busy with Lazy FPU fix, adds more CPU Spectre-protectors

      Oracle has released fixes for Spectre v3a, Spectre v4, and the “Lazy FPU” vulnerability.

      The two Spectre patches cover CVE-2018-3640 and CVE-2018-3640.

      As Oracle’s director of security assurance Eric Maurice explained, the patches apply to both Oracle Linux and Oracle VM and the associated Intel microcode.

    • Oracle’s latest Linux fixes: New Spectre, Lazy FPU patches beef up defenses

      Oracle has released patches for the latest Spectre CPU flaws and a fix for the Lazy floating-point unit (FPU) state restore issue affecting Intel CPUs.

      Oracle’s updates address the Spectre CPU flaws revealed in May, including CVE-2018-3640, also known as Spectre variant 3a, and CVE-2018-3639, Spectre variant 4.

    • WPA3: Wi-Fi Receives Its Biggest Security Upgrade After 14 Years

      Last year, when security researchers tore apart WPA2’s security with KRACK exploit, questions were raised regarding its ability to protect billions of WiFi-compatible devices across the world.

    • Indian Banks Running Windows XP Finally Asked To Update: RBI Sends Notice
    • Control measures for ATMs – Timeline for compliance

      Please refer to our confidential Circular DBS.CO/CSITE/BC.8074/31.01.015/2016-17 dated April 17, 2017 (issued to banks) highlighting concerns about the ATMs running on Windows XP and/or other unsupported operating systems. A reference is also invited to our confidential Advisory No. 3/2017 dated March 06, 2017 and No. 13/2017 dated November 1, 2017 wherein the banks were advised to put in place, with immediate effect, suitable controls enumerated in the illustrative list of controls.

      2. The slow progress on the part of the banks in addressing these issues has been viewed seriously by the RBI. As you may appreciate, the vulnerability arising from the banks’ ATMs operating on unsupported version of operating system and non-implementation of other security measures, could potentially affect the interests of the banks’ customers adversely, apart from such occurrences, if any, impinging on the image of the bank.

    • NBD with TLS-PSK

      The Network Block Device (NBD) protocol is really useful to us when we deal with virtual machines and disk images. It lets us share disk images between machines and is also the universal protocol we use for communicating disk images between different bits of software. I wrote a pluggable NBD server called nbdkit to make this even easier.

      However there was a problem: The protocol has no concept of logins. If you have an open NBD port, then anyone can connect and read or write your disk image. This is not quite as terrible as it sounds since when two processes are talking NBD to each other, we use a Unix domain socket and we hide the socket in a directory with restrictive permissions. But there are still cases — such as communicating between separate servers — where authentication would be useful.

    • The Biggest Digital Heist in History Isn’t Over Yet

      Someone had sent emails to the bank’s employees with Microsoft Word attachments, purporting to be from suppliers such as ATM manufacturers. It was a classic spear-phishing gambit. When opened, the attachments downloaded a piece of malicious code based on Carberp, a so-called Trojan that unlocked a secret backdoor to the bank’s network. The malware siphoned confidential data from bank employees and relayed the information to a server the hackers controlled. Delving deeper, the Kaspersky team found that intruders were taking control of the cameras on hundreds of PCs inside the organization, capturing screenshots and recording keystrokes. Soon, the researchers learned that other banks in Russia and Ukraine had been hacked the same way.

  • Defence/Aggression

    • Erdogan’s Ambition for the Caliphate and the Failure of Turkish Democracy

      When the Justice and Development (AK) Party took office in 2002, many intellectuals in Turkey and abroad were convinced that the party’s commitment to democratization was promising. The first term of the AK Party rule, which is considered as a golden era, broadly extended from 2002 to 2007. This era was characterized by high, inclusive economic growth, coupled with significant democratic reforms, ranging from a radical reordering of civil-military relations to the recognition of minority rights, including language and cultural rights for Kurdish citizens.

      This initial high performance created a certain level of trust in the AK Party rule among Turkish intellectuals, including the Gülen Movement, that in time the AK Party would eliminate all the undemocratic aspects of the Turkish governmental system. Between 2009 and 2011, the AK Party government successfully managed to create a legal framework that precluded Turkish military involvement in politics, which would prevent military interventions of the kind Turkey had suffered from in the past. The end result, however, was not a consolidated democracy as expected, but a highly personalized autocracy embodied in the figure of Recep Tayyip Erdogan.

      What went wrong with the AK Party and its leadership during the democratization of Turkey remains an important question. Was the performance of the party between 2002 and 2007 mere window dressing, with Erdogan and his close, oligarchic circle waiting for a convenient time to apply their secret, true agenda? Were they never democratic at all? Or was Erdogan obsessed with the idea that he had a messianic mission like being the ‘Caliph’ of the Muslim world?

  • Transparency/Investigative Reporting

    • How Comey intervened to kill WikiLeaks’ immunity deal

      One of the more devastating intelligence leaks in American history — the unmasking of the CIA’s arsenal of cyber warfare weapons last year — has an untold prelude worthy of a spy novel.

      Some of the characters are household names, thanks to the Russia scandal: James Comey, fired FBI director. Sen. Mark Warner (D-Va.), vice chairman of the Senate Intelligence Committee. Department of Justice (DOJ) official Bruce Ohr. Julian Assange, grand master of WikiLeaks. And American attorney Adam Waldman, who has a Forrest Gump-like penchant for showing up in major cases of intrigue.

      Each played a role in the early days of the Trump administration to try to get Assange to agree to “risk mitigation” — essentially, limiting some classified CIA information he might release in the future.

    • WikiLeaks publishes database showing personal data of ICE employees

      WikiLeaks on Thursday published a database that it claims reveals personal information on more than 9,000 current and former Immigration and Customs Enforcement employees.

    • Activist, WikiLeaks Publish Personal Info Of ICE Employees

      Activists publish private information of ICE employees in protest of the current immigration policies, putting their lives in danger.

      Activists, including a New York University professor, obtained the phone numbers and home addresses of more than 1,500 employees and published the information online.

      Wikileaks also published personal information and photos and named the agency’s more than 9,000 current and former employees.

    • WikiLeaks says it published ICE employees’ LinkedIn profiles
    • WikiLeaks posts ICE employees’ personal data, report says

      WikiLeaks this week published a database containing personal data on more than 9,000 current and former employees of U.S. Immigration and Customs Enforcement, a report said.

      ICEPatrol is an important public resource for understanding ICE programs and increasing accountability, especially in light of the actions taken by ICE lately, such as the separation of children and parents at the US border.

    • GitHub, Medium, and Twitter take down database of ICE employee LinkedIn accounts

      GitHub, Medium, and Twitter have scrubbed a database of ICE employees off their platforms, soon after a New York-based artist posted the scraped LinkedIn information.

      Sam Lavigne, who has previously worked on projects like a white collar predictive policing program, wrote in a Medium post today that, “As ICE continues to ramp up its inhumane surveillance and detention efforts, I believe it’s important to document what’s happening, and by whom, in any way we can.”

      In an attempt to do that, Lavigne wrote a program that scraped LinkedIn for profiles that listed ICE as an employer. The program returned information on nearly 1,600 people, and Lavigne posted the resulting data publicly on GitHub. The database included information like job title, profile picture, and general location of work.

    • WikiLeaks says it published ICE employees’ LinkedIn profiles

      Professional information and LinkedIn profiles of U.S. Immigration and Customs Enforcement employees were published in a searchable online database by WikiLeaks, the organization said Thursday.

      “ICEPatrol” appeared to provide professional information and profiles from the professional social networking site of government employees.

      Information such as job titles, work history, education and city of employment appeared on many of the profiles. It was not immediately clear how many employees were targeted, but the site said more than 9,300 profiles were listed.

      The Department of Homeland Security did not immediately respond to a request for comment.

    • WikiLeaks publishes database with personal info on thousands of ICE employees
    • The Persecution of Julian Assange Proves that Western Values No Longer Exist

      The Western world never ceases to speak of its “democratic values.” In Western political theory, the way democracy works is by free speech and a free press. By speaking out, citizens and media keep the government accountable.

      This liberal tradition means that there are no words or terms that cannot be used because some designated “victim group” can claim to feel offended. The inroads into free speech made by political correctness, now institutionalized in universities and the public school system, in the presstitute media, in American corporations such as Google, and in the enculturated habits of Americans, demonstrate a decline in the status of free speech. Governments have also made inroads, with the “war on terror” becoming a justification for warrantless spying, mass surveillance, and a clampdown on dissent.

      The free press has declined even more dramatically than free speech. The NY Times of the Pentagon Papers disappeared during George W. Bush’s first term when the newspaper sat on the story that the Bush regime was spying without warrants. The NY Times sat on the story for a year, allowing Bush to be reelected without controversy and allowing the government time to legalize the spying on an ex post facto basis.

    • Whistleblower Explains How US Court Ruling to Affect NSA ‘Treasure Map’ Project

      The US Supreme Court ruling upholding the right to digital privacy will destroy the National Security Agency’s “Treasure Map” project which is designed to map the entire global internet to locate all devices on earth, former NSA Technical Director and whistleblower Bill Binney told Sputnik.

      The Supreme Court ruled on Friday that US authorities must obtain a warrant to tap cellphone towers for personal location data, Chief Justice John Roberts Jr. said in a court document.

    • Reality Winner accepts guilty plea for 63 months in prison on espionage charge

      In a federal courthouse in Augusta today, former intelligence contractor Reality Winner accepted a plea agreement for a single charge of espionage, in exchange for a sentence of 63 months in prison and three years of supervised release. The plea agreement is still tentative, pending a pre-sentencing investigation ordered by the court. Winner has already spent over a year in prison, and would be due for release in 2023.

      Winner was arrested in June 2017, just days after The Intercept published a secret NSA report on Russian efforts to hack the 2016 election. Winner served in the Air Force for six years, and was working as an intelligence contractor at the time of her arrest. She held a top secret clearance.

      The NSA’s election report, which was verified by The Intercept and published with voluntary redactions, detailed an attempt to hack a supplier of US election software and more than 100 election officials in the months leading up to the 2016 election. There’s no indication that the attacks succeeded in compromising vote tallies, although the attackers were able to maintain significant access to electoral boards.

    • Former government contractor Reality Winner will plead guilty to leaking NSA election hacking information
    • Ex-NSA contractor Reality Winner reaches plea deal in leak case: Court records

      Court records indicate a woman charged with leaking U.S. secrets to a news outlet has reached a deal with prosecutors.

      U.S. Department of Justice spokesman Ian Prior confirmed in an email Thursday that former National Security Agency contractor Reality Winner plans to plead guilty.

      A change of plea hearing is scheduled Tuesday. Online court records show a plea agreement was filed Thursday.

      Winner’s lawyers couldn’t immediately be reached.

  • Environment/Energy/Wildlife/Nature

    • Disease afflicting frogs becoming deadlier

      A disease-inducing fungus in amphibians worldwide could become deadlier as different genetic variations emerge, according to research led by The University of Alabama.

      Biologists tested the harmfulness of a Brazilian hybrid form of Batrachochytrium dendrobatidis, known simply as Bd or the amphibian chytrid fungus, as well as both parent forms, on species of frogs from the Brazilian Atlantic Forest. They found infections and strength of the illness increased with the hybrid form.

  • Finance

    • I Delivered Packages for Amazon and It Was a Nightmare

      I’m sure I looked comical as I staggered down a downtown San Francisco street on a recent weekday, arms full of packages—as I dropped one and bent down to pick it up, another fell, and as I tried to rein that one in, another toppled.

      Yet it wasn’t funny, not really. There I was, wearing a bright-yellow safety vest and working for Amazon Flex, a program in which the e-commerce giant pays regular people to deliver packages from their own vehicles for $18 to $25 an hour, before expenses. I was racing to make the deliveries before I got a ticket—there are few places for drivers without commercial vehicles to park in downtown San Francisco during the day—and also battling a growing rage as I lugged parcels to offices of tech companies that offered free food and impressive salaries to their employees, who seemed to spend their days ordering stuff online. Technology was allowing these people a good life, but it was just making me stressed and cranky.

  • Censorship/Free Speech

    • John Oliver Is Censored In China For Joking About Chinese Censorship

      Sometimes art imitates life imitates art, and that happened this week after comedian John Oliver did an episode on censorship in China on his HBO show Last Week Tonight. Now China has blocked him for doing a show on Chinese censorship.

      The New York Times reported that Oliver did a 20-plus minute segment on China and its leader, President Xi Jinping, and among other things, Oliver talked about Xi’s resemblance to the fictional character, Winnie the Pooh. This and talk of censorship touched a nerve in China, which caused them to block access to the show which can be seen around the world normally.

    • China blocks HBO website after comedian John Oliver mocks censorship
    • China will lift part of its ‘Great Firewall’ to give foreigners access to Facebook, YouTube, and Twitter on a tropical island dubbed ‘Hawaii of the East’
    • Chinese island eyes oasis from web censorship for foreigners

      China’s Hainan island has proposed allowing foreign visitors access to censored websites such as YouTube and Facebook, a double standard that has raised cries of indignation from the country’s internet users.

      The province, known as China’s Hawaii thanks to its resorts and tropical beaches, is set to become the country’s largest free trade zone and hopes to attract increased investment in hi-tech industries, as well as more tourist dollars.

      Part of that effort includes making the island more hospitable to foreign tourists through such steps as instituting visa-free travel and making it easier to use foreign credit cards.

    • Chinese island may lift web censorship to lure tourists

      China’s Hainan island has proposed allowing foreign visitors access to censored websites such as YouTube and Facebook, a double standard that has raised cries of indignation from the country’s internet users.

      The province, known as China’s Hawaii thanks to its resorts and tropical beaches, is set to become the country’s largest free trade zone and hopes to attract increased investment in hi-tech industries, as well as more tourist dollars.

    • The Only Place In China Where It’ll Allow You To Access Censored Sites

      There’s finally a place in China where people can access previously banned social media sites. The provincial government of Hainan has drawn the plan in order to boost tourism in the area.

      China is set to lift the ban on the southern tropical island of Hainan. Chinese President Xi Jinping announced his plan to turn “China’s Hawaii,” a spot famous for its palm-lined beaches, into a free-trade port by 2020.

    • WikiLeaks Compiles 9,000 ICE Officers’ Information & Shares It Online

      In the midst of the backlash over the actions of the Trump Administration and US Immigration and Customs Enforcement (ICE), WikiLeaks compiled and shared over 9,000 ICE employees information online. “ICEPatrol is an important public resource for understanding ICE programs and increasing accountability, especially in light of the actions taken by ICE lately, such as the separation of children and parents at the US border,” tweeted WikiLeaks. WikiLeaks included information and photos collected from LinkedIn of 9,243 former and current ICE employees. Users can search the database by location, current position, school attended, and field of study. According to The Washington Post, WikiLeaks seems to have expanded and published a project created by Sam Lavigne, a New York-based artist and programmer who taught at New York University’s Tisch School of the Arts. Lavigne attempted to publish a smaller ICE employee database on GitHub and Medium, but both were taken down.

    • Turks turn to VPNs to overcome censorship ahead of election

      BestVPN.com said it saw a 131 percent increase in traffic to its VPN guides for Turkish citizens in the past 24 hours and ahead of the Turkish presidential elections on 24 June. This data shows Turkish political opposition parties, journalists and citizens are in increasingly turning to VPN technology to bypass internet censorship which was imposed in March through a new law.

  • Privacy/Surveillance

    • AT&T collaborates on NSA spying through a web of secretive buildings in the US

      A new report from The Intercept sheds light on the NSA’s close relationship with communications provider AT&T.

      The Intercept identified eight facilities across the U.S. that function as hubs for AT&T’s efforts to collaborate with the intelligence agency. The site first identified one potential hub of this kind in 2017 in lower Manhattan.

      The report reveals that eight AT&T data facilities in the U.S. are regarded as high-value sites to the NSA for giving the agency direct “backbone” access to raw data that passes through, including emails, web browsing, social media and any other form of unencrypted online activity. The NSA uses the web of eight AT&T hubs for a surveillance operation code-named FAIRVIEW, a program previously reported by The New York Times. The program, first established in 1985, “involves tapping into international telecommunications cables, routers, and switches” and only coordinates directly with AT&T and not the other major U.S. mobile carriers.

    • The NSA’s Hidden Spy Hubs in Eight U.S. Cities

      The secrets are hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.

    • NSA Spying Centers Hidden Inside AT&T Buildings In 8 US Cities

      The Intercept, the publication known for its groundbreaking reports, has come up with another revealing piece (via TechCrunch) about the National Security Agency. The report describes 8 AT&T data facilities that serve as hubs for NSA’s spying activities.

      The eight facilities are located in major US cities, including Atlanta, Chicago, Dallas, LA, New York City, San Francisco, Seattle, and Washington DC.

    • A new GDPR digital service: the crowdsourced ideas

      A few months ago we put out a call for ideas for a new digital service that would help people use their rights under General Data Protection Regulation (GDPR).

      Open Rights Group supporters sent in some great ideas for a new digital service about rights under GDPR. We take a look at some of the best ones.

    • New ICANN access model could make online enforcement more onerous

      The proposed system to stop a GDPR-caused block on access to website holders’ data could introduce fees and tip off online infringers. It’s also uncertain whether rights holders would get access

    • FBI, NSA use ‘gray market’ companies to help unlock phones: report

      The NSA also reportedly purchased exploits from a France-based gray market company known as Vupen.

      The company closed in 2015 and reopened under the name Zerodium.

      The agency budgeted for $25.1 million to buy zero-days service, which involves leveraging unknown weaknesses in devices, in 2013, according to Slate.

      The use of the gray market by government agencies permits the agencies to bypass the Vulnerabilities Equities Process, which involves the government deciding whether to flag zero-day vulnerabilities to tech companies or keep them under wraps.

      The report comes as tensions rise between tech companies and the federal government over the issue of accessing encrypted information.

    • NSA Moving Data to a Cloud-based Service Such as That Built and Used by Amazon, Google

      Nearly all the data collected by the National Security Agency (NSA) is being transferred to the cloud. The database — Intelligence Community GovCloud — is reportedly classified and will help the federal surveillance organization to “connect the dots” among the scores of systems currently employed by the agency to store and sort data.

    • NSA moves top secret data to cloud developed by Amazon

      The US National Security Agency is “systematically moving” all its data to a cloud-computing service, the chief information officer has said. In 2017 alone the agency tripled collection of data through US telecom companies.

      The cloud – designed to harvest and store all sorts of NSA-relevant data, including foreign surveillance and intelligence information around the world – offers easy access to the data to “connect dots,” Greg Smithberger told NextGov.

    • Facebook can predict when you’ll get married, change jobs and even DIE: Patents reveal the shocking algorithms the firm runs on its users

      Facebook has been widely recognized for the extreme lengths it takes to collect data on its users.

      But several recently filed patents show just how widespread those efforts have become, ranging from anticipating your daily routine to predicting when you might die.

      What’s more, many of these techniques simply rely on your smartphone’s geolocation data in order to learn more about you and your habits.

      In perhaps one of the most shocking filings, Facebook researchers describe the ability to ‘predict a life change event’ for users, such as marriage status, birthdays, new jobs, a birth in the family, graduation, or even death.

    • Aadhaar Card now mandatory for NEET counselling in Tamil Nadu: Madras High Court

      On June 23, 2018 Madras High Court made it clear that Aadhaar card and its photocopy are compulsory during counselling to medical admissions in Tamil Nadu, despite the Supreme Court had in March this year ordered that it is not imperative during the NEET registration process.

    • As Facebook ages, teens look elsewhere to connect

      Manon maintains her Facebook account to be able to stay in touch with the large number of users on the huge social network and as a “gateway” to log into other apps.

  • Civil Rights/Policing

    • ACLU to Court: Order the Government to Reunite the Families

      The ACLU’s class action lawsuit to end family separation and immediately reunite children and parents has reached a pivotal point, following a June 22 status conference where the government was unable to articulate a plan to reunite thousands of children in its custody with their parents.

      The lack of foresight and planning is galling. For each day the government stalls, thousands of children are subjected to irreparable trauma. What’s more, there have been reports that immigration officers are actively pressuring parents to give up their asylum claims in order to be reunited with their children.

      This cruelty and utter contempt for the welfare of children and the rule of law cannot stand. Our government cannot be allowed to hold children hostage in order to sabotage the legal claims of people seeking refuge.

      On Monday, we asked the court to hold the Trump administration to account, and require it to reunify all children with their parents within 30 days, and within 10 days for children under five; provide parents, within seven days, telephonic contact with their children; stop future separations of children from their parents; and not remove separated parents from the United States without their children, unless the parent affirmatively, knowingly, and voluntarily waives the right to reunification before removal.

    • Another Police Accountability Miracle: Five Officers, Zero Body Cam Footage, One Dead Body

      We know body cameras haven’t been the police accountability godsend some imagined they would be. (I admit I saw a far rosier future when they first started being put into service.) So far, the research jury’s still out on the effectiveness of cameras in deterring misconduct and excessive force deployment. And, so far, they’ve been far more useful to prosecutors than plaintiffs in civil rights lawsuits.

      You can put a camera on a cop but you can’t change the system that leads to abusive behavior and practices. Nothing’s changing much for officers other than the attachment of a lightweight ride-along. Policies may require officers to activate their cameras in nearly every situation, but if no one’s willing to hold them accountable for refusing to do so, then nothing’s going to improve.

      Since law enforcement agencies maintain control of equipment and recordings, there’s not much the public can do when critical footage goes missing. Cops learned early on device tampering can reduce discrepancies in paperwork and shore up lies delivered as testimony. What went unpunished when it was just dashcams and body mics has continued forward to swallow the accountability body cams seemed to promise.

  • Internet Policy/Net Neutrality

    • Judge In AT&T Merger Ruling Had Zero Understanding Of The Markets AT&T Now Dominates

      So, we already discussed how the Judge that let the AT&T merger proceed showed a comically narrow reading of the media and telecom markets when he approved AT&T’s $86 billion Time Warner merger without a single condition. At no point in his 172-page ruling (pdf) did U.S. District Court Judge Richard Leon even utter the phrase “net neutrality,” showing a complete failure to understand how AT&T intends to use regulatory capture, vertical media integration (ownership of must-have content like HBO) and its stranglehold over broadband markets in synergistically anti-competitive ways.

      Leon focused almost exclusively on bickering between AT&T and DOJ-hired economists over whether the merger would result in higher rates for consumers (which, if you’ve watched AT&T do business should be a foregone conclusion). But because U.S. antitrust law is already ill-equipped to help police these kinds of vertical integrations, DOJ economists were locked into very specific confines of economic theory, even if it should be obvious to everybody and their uncle that AT&T will use its ownership of CNN, HBO, and other media properties to jack up licensing costs for streaming competitors.

      Of course higher costs for licensing (which in turn means higher costs for consumers) is just one way AT&T intends to leverage its greater scale anti-competitively. It also couldn’t be more clear that with net neutrality rules out of the way, AT&T has an absolute arsenal of creatively anti-competitive tools at their disposal, whether that means hijinks at interconnection points (something else Leon likely has never heard of), to the use of usage caps to “zero rate” AT&T’s own content, while still penalizing competitors like Netflix.

  • Intellectual Monopolies

    • US ITC Not Keeping Pace With Digital Revolution, New Report Argues

      The rapid rise of digital technology in the twenty-first century places new demands on intellectual property protections, while presenting new challenges. A new report suggests that a leading US agency that investigates patent infringement may need to be updated to keep up.

    • Interview: Wade Zhu, DuPont’s China IP counsel, outlines hopes for Patent Act changes

      Karry Lai speaks with the US conglomerate’s China IP counsel to find out about challenges in patent litigation, what Patent Law changes he would like to see and how big picture thinking has been key to his success

    • Copyrights

      • Portuguese Translation of 4.0 now available

        In a unique joint translation process, community members from Creative Commons Portugal and Brazil came together to release a single Portuguese translation of the CC 4.0 license suite.

      • An EU copyright law threatens to kill memes for everyone

        Pepe the Frog, the “Distracted Boyfriend” meme and Arthur’s balled-up fist are all under threat. So are reactions GIFs such as the one of a confused Zach Galifianakis, or the clip of Steve Carrell shouting ‘No!’ in The Office.

        EU lawmakers may inadvertently destroy the internet’s robust meme culture with a proposed law designed to fight online piracy. One article in the legislation would force online platforms such as Google, Facebook, YouTube and Twitter to automatically censor copyrighted content uploaded by anyone who isn’t licensed to share it.

      • Bahnhof Continues Its Crusade Against Copyright Trolls, Claims Swedish Copyright Law Divorced From Reality

        While it’s always great to have ISPs side with their customers rather than capitulate to copyright trolls or the governments that allow them to operate, few go to equal lengths as Swedish ISP Bahnhof. Bahnhof is known for taking all kinds of actions to protect its customers and for fighting back against copyright trolls as viciously as possible. Happily, Sweden’s Pirate Party has recently declared its own war on copyright trolls, giving the ISP an ally in the region.

        But as the crusade by Bahnhof continues, the person in charge of the ISP’s communications has published an open post on the company’s site attacking the very heart of the laws that allow copyright trolls to operate in the first place. Here’s how Carolina Lindahl sets the stage for what is currently going on in Sweden.

      • Wikipedia Makes The Case For Google & Facebook To Give Back To The Commons, Rather Than Just Take

        Over the past decade or so we’ve seen lots of arguments from legacy industries — mainly recording industries, publishing industries, and film industries — freaking out about Google and Facebook. The go-to response generally seems to be to run to the government and demand that they force the successful internet companies to transfer some of their wealth to the legacy industries. In some cases, these pleas appear to be working — such as with the link tax proposal in the EU.

        Generally speaking, this whole thing is pretty disgusting. It’s usually legacy private companies which had a successful business model under a previous system, failed to adapt to a changing world, and then act as if they’re magically entitled to someone else’s money. Of course, that’s not how it should work (even if sometimes it does). But I’m interested in comparing this approach to the approach of Wikipedia, whose executive director, Katherine Maher, has an article in Wired arguing that Google and Facebook should consider giving back to the site, especially seeing as those platforms are increasingly relying on the information within Wikipedia.

Something is Clearly Wrong and Patently Defunct at ILO/ILO-AT (Updated)

Posted in Europe, Patents at 10:36 am by Dr. Roy Schestowitz

It’s almost like the EPO controls ILO (a symptom of Battistelli infiltrating and meddling in everything)

ILO postpones

EPO ILO decisions

Summary: The decisions from ILO-AT have just been posted in ILO’s Web site, but quite a few decisions are missing and it’s not entirely clear why (albeit the culprit seems to be EPO management)

As expected, ILO decisions regarding the EPO (European Patent Organisation) are out, but not all of them. As someone points out to us, half a dozen are missing. We do not yet know which cases and why. SUEPO might provide some explanation soon. Are the Hardon and Brumme decisions out? They’re both staff leaders, unfairly fired by Battistelli (against the recommendations from the disciplinary committee). Are they suppressed? Is Guy Ryder and his suspicious workers in the Tribunal (the subject of much debate lately) trying to spare António Campinos the embarrassment? We shall update this post as soon as we have more details. “Think Ion B [Brumme] and Malika M won their cases at ILO,” one source told us, but we’re not sure about Hardon (needs digging). We also have not seen the pertinent outcomes just yet. Will Brumme get his job back and manage to provide for his family?

Update: The omitted decisions turn out not to include (or not entirely include) the staff representatives.

On Malika Weaver (SUEPO): “The EPO shall restore the complainant with retroactive effect to the grade and step she would have held but for the imposition of the disciplinary sanction, with all legal consequences.” (full decision [PDF])

On Ion Brumme (SUEPO): “The EPO shall reinstate the complainant to the position he held immediately before his dismissal with all legal consequences.” (full decision [PDF])

On Els Hardon (SUEPO): “The matter is remitted to the EPO to enable the charges against the complainant to be considered afresh by a differently constituted Disciplinary Committee and the President of the Office to make a new decision.” (full decision [PDF])

And someone else: “The EPO shall reinstate the complainant in accordance with consideration 14 of this judgment.” (full decision [PDF])

The EPO has said nothing about it. The EPO‘s PR people are linking directly to the PDF of the latest publication of the Office. It’s the same old lies. Page 4 is pure propaganda for Battistelli. I’ve told them already, “you need to reboot the whole Organisation,” otherwise they’ll continue to lionise the very person who ruined the Office and António Campinos will go down the same route. Will Campinos give Hardon and Brumme their jobs back? Will Weaver get her old position/pay grade? Or will Campinos — like Battistelli — defy court orders? Many will be watching…

Perfect Metaphor for Benoît Battistelli: Unfinished Work That Nobody Likes and Which Causes Truly Massive Losses

Posted in Europe, Patents at 5:49 am by Dr. Roy Schestowitz

…And which seriously injures people (workers reportedly fell), including stakeholders

EPO construction site
Picture from this month. It’s still a construction site and it’s clearly not finished. On the right: the “old” tower, which will later be demolished. June 2018 (street view).

EPO construction site 2016
Picture from two years ago. The contractor had already made massive losses on this project while Battistelli used the money/budget to secretly build himself a posh pub in Munich.

Summary: A reminder that tomorrow’s ‘inauguration’ [sic] ceremony in the Netherlands will actually be celebration of an unfinished project that grossly overran its budget (at the expense of the contractor) and which locals do not want anyway

“According to a VP1 announcement,” told us a reader, “his Majesty the King of the Netherlands will be present at the inauguration ceremony for the new building, which takes place on 27 June 2018.”

As readers may recall, the EPO actually prematurely celebrates an unfinished piece of work which is a fire hazard [1, 2].

But there’s more to it. “Project New Main TH,” told us a reader, or “The Blatterstelli Complex,” as some call it, “is a class of its own. The following information is from the “Project New Main TH” November 2016 Newsletter…”

EPO construction specs/challenge

The Sky is the Limit?

Not quite.

EPO construction site 2018

Pictures of the new tower, “Project New Main TH,” reveal the creases and issues. This photo was taken in June 2018 (entrance canopy, waste containers still to be removed).

“The interior of the building is not finished,” we got told. “The guests who attend the inauguration ceremony will only be able to visit few parts of the building.”

They’re going to visit a ‘spiced up’ construction site with a designated area for Battistelli’s little festival. He loves festivals and, as usual, it’s all about him (at the expense of the EPO).

“Most inhabitants of the historical town Delft (in direction south-east) dislike the building since it is visible from far,” a source told us. “They say it ruins the landscape.”

Eye sore
Eye sore for the locals. August 2017 (view from south-east).

Was the following issue foreseen?

Blinding effect
Blinding effect of the glass front.

“The Blatterstelli Complex” — just like Battistelli — is lots of glamour around very bad ideas. How about this?

A satire of EPO

As our source told us: “Satiric illustration of “Project New Main TH”: entrance controls with X-ray machines, camera surveillance (about 500 cameras on the EPO site, 200 in the new building alone). That’s called “transparency” of staff and visitors, including patent attorneys. What shall remain in the dark is the wheeling and dealing of top management (President and VPs).”

Battistelli is ‘Pulling a Lamy’ With a Lot More Money at Stake (and Examiners’ Future)

Posted in Europe, Finance, Patents at 2:03 am by Dr. Roy Schestowitz

Quietly during the last Christmas holiday when nobody paid any attention: EPO Has Become an ‘Investment Bank’

SIPO Lamy and Battistelli
Saint-Germain-en-Laye as the EPO’s clandestine ‘branch’? Battistelli and Lamy with Commissioner Shen of the Chinese State Intellectual Property Office and Raimund Lutz lurking in the background.

Summary: Benoît Battistelli is gambling with the future of EPO examiners and the EPO at large (applicants and EP holders rely on the EPO’s stability), as even SUEPO belatedly notes in a letter one anonymous source has passed to us

It was exactly one month ago (May 26th) that we concluded our toxic loan series and its relevance to the EPO. Here are all the relevant posts:

Readers may also want to read parts 1, 2 and 3 of St. Germain’s “Système Lamy” and Its EPO Clone.

As we noted a few days ago, Wirtschaftswoche WIWO now covers these issues. Better late than never, right? German media belatedly covers EPO scandals (while Battistelli has 5 days of diplomatic immunity left). SUEPO took note of it (two pages/articles) and we expect translations to show up soon. Petra Sorge authored it and Thorsten Bausch is mentioned in it. We presume they also used our information (as above) in their research; Bausch had certainly read that with interest.

“What would that make stakeholders think (if they all knew about it)?”What will António Campinos, a former banker (at a notorious Portuguese bank), do about all this? He can’t quite defy Battistelli’s will, can he? He knows where his job came from and they’ve long been close. Will he carry on gambling with stakeholders’ money? What would that make stakeholders think (if they all knew about it)?

Well, the main stakeholder in all this is EPO staff, e.g. their pensions. And SUEPO has just written about this as follows:

22 June 2018

The new EPO Treasury Investment Fund – institutionalized gambling with someone else’s1 money?

Dear colleagues,

Through a combination of reduced career progression and extraordinary productivity gains, the Office has made an operating surplus of the order of several hundred million Euros each year as well as paid for in full for its new building in The Hague. Yet the Office’s cash reserve today still amounts to around €2.4 billion.

It was foreseen by a decision2 of the Administrative Council (AC) that any such surplus generated by staff’s work was to be transferred into the Reserve Fund for Pensions and Social Security (RFPSS) to cover future obligations. The RFPSS was set up and financed by staff (1/3rd) and the Office (2/3rd) and has performed very well since its inception: it now has a value of over €8 billion.

However, in more recent years the Office has departed from this decision and instead injected only a fraction of the operating surplus into the RFPSS while retaining large parts of the money within the EPO treasury.

According to the IFRS2 accounting method, the EPO accounts show a negative equity of about €12 billion, mainly due to long term obligations such as pension obligations4. As should be apparent from the example in the footnote below, this negative equity is very sensitive to the discount rate applied to these obligations. The discount rate applied according to the

IFRS depends on the bond markets and is thus inherently volatile from one year to the next. For example, in 2011, this negative equity was €1.9 billion (applying a discount rate of
5.38%), which is less than the start-up capital for the EPOTIF. In 2014, it was calculated at some €12 billion (applying a discount rate of 1,61%),very similar to today’s figure. However, in 2015 some €4,5 billion of the negative equity “disappeared” without any substantive change in the operational income, simply due to applying the higher discount rate of 2,6%. Therefore, there would appear is no reason to now panic and take hasty or rushed decisions.

The President has followed a proposal in the second financial study to invest the present and future office treasury money to cover for these huge, fictive obligations in a new fund under new management. The more straight forward approach would have been to simply invest the money in the existing RFPSS.

However, on the proposal of the President, the Budget and Finance Committee (BFC) approved the setting-up of a new external EPO Treasury Investment Fund (EPOTIF)5.

The staff representation is strongly opposed to the creation of another fund, in particular one that is managed externally and whose investment strategy will lack the necessary internal checks & balances to avoid high risk investments, see sc17207cl, su18038cl and su18039cl (letters sent to AC and Auditors). At the last BFC meeting, the delegations also
asked for more information: the German Delegation requested to review any contracts ahead of any decision on fund management. In 2017, the German Bundesrechnungshof gave a negative opinion on setting up such risky funds in 2017. Perhaps unsurprisingly, the President declined all requests to provide any detailed contract data to the BFC, the very body who are supposed to make informed decisions based on the financial situation of the EPO.

The RFPSS fund management provides already for the appropriate checks and balances and risk limiting mechanisms. Furthermore, the costs of the RFPSS management are only a third of those estimated for the new outsourced EPOTIF. Finally, the RFPSS has to date performed very well, producing higher returns on average than those predicted for the EPOTIF.

It is extraordinary that this far reaching proposal with no meaningful risk limits (the only one contained in the proposal is ill-defined and therefore does not cover a number of risks6) has not been put to the AC for vote, rather only to the BFC in 2017. As such, we believe that this decision was taken ultra-vires by the BFC. Further to the above obvious argument raised by the staff representation, a number of AC delegations stated back in 2017 that this important and far reaching decision should be deferred until the new President takes up office next month. However, the incumbent President stated that it would be only a further loss of time and money if the cash reserves (€2.4 billion) were not be invested as soon as possible. According to his estimates, the gain foreseen for the first year is estimated to €70 million and then €100 million per annum from the next year onwards.

Had the President, however, simply followed the AC decision in the early 1980’s (CA/27/83 point 19) to transfer any surplus into the RFPSS, then the EPO would have already accumulated gains in the order of several hundred million Euros over the past years and the money would have been safely placed in low-risk investments.
SUEPO strongly opposes such risky institutionalized gambling with the staff’s and the applicant’s money. If it all goes wrong, who will foot the bill?

SUEPO have informed the Auditors on the situation and asked them for their opinion.

SUEPO will urgently address this issue with the new President Mr. Campinos: a swift return to a more meaningful and safe financing of our own social security. Meanwhile, all legal means will be explored to minimise the impact of the new fund on the Office’s finances and any appropriate action will be taken.

SUEPO fights for your rights.

Your SUEPO Central

_____
1 EPO staff and the applicants
2 BFC document CA/27/83 point 19 endorsed by the AC in June 1983 with CA/PV 16 pg 69, para 195ff
3 a method introduced for listed companies and which is not properly adapted for “business models” such as public services, particularly for those of patent offices like the EPO
4 The vast majority of the EPO’s long term obligations are pension obligations whose present value strongly depends on the discount rate applied. For illustration, to pay someone €1000 pension in 50 years’ time, you would have to put aside today either €68,77 [1000/(1+5.5%)50] if you apply a discount rate of 5,5% or €475 [1000/(1+1.5%)50] with a discount rate of 1,5%,a difference of €406. The actuaries who make a recommendation for the EPO’s pension contributions use the same calculation method as IFRS for this calculation, but apply a discount rate of 5.5%. Since the IFRS discount rate is currently much lower than that, the apparent long term pension obligations calculated according to the IFRS method are much higher, thereby suggesting that the EPO should have put much more money aside to cover these pension obligations than it actually did. This over-valued obligation directly inflates the negative equity. Consequently, it is this perceived underfunding that contributes the lion share to the negative equity. This would change drastically through raising discount rates and rates do change considerably with time. For example, in the first years of this century, with higher discount rates, the equity gap was rather small. If the discount rate were to increase to figures like we enjoyed in the 1980’s, then any lingering negative equity due to pension obligations could be transformed into a high surplus.
5 The German delegation voted against as the Bundesrechnunghof had not provided its consensus; three delegations abstained (IT, IE, CZ); two delegations (PT, LI) were absent. All others voted in favour.
6 There, actually, isn‘t a single risk measure which can cover all the aspects of financial risks arising from different assets. This is why the RFPSS and similar funds use a combination of different risk measures.

This won’t end well and we certainly don’t expect Mr. Campinos to do anything about it. Maybe he too stands to benefit from the gamble.

This Afternoon ILO Has an Opportunity to Salvage Its Reputation (or Reaffirm Growing Suspicions That It Has Been Compromised by the EPO)

Posted in Europe, Patents at 1:21 am by Dr. Roy Schestowitz

Battistellius

Summary: The fate of SUEPO leaders may be known quite soon, as the tribunal at ILO is due to announce its latest judgments later today

THIS WEEK IS Battistelli’s very last week and it’s a very busy one (I’ve taken the whole week off work). An unfinished building will bear Battistelli’s name (funny story behind that) and we shall be writing about that soon. Today (this afternoon) ILO will deliver many decisions on staff appeals and tomorrow the administered (by Battistelli) council of the EPO will meet again. Last night we saw a comment to the effect that the EPO stopped hiring (even people whose applications were successful), which merely reinforces suspicions of upcoming layoffs.

“…the spirit may remain largely the same, bar the annoying photo ops of the lunatic in chief.”We already published two articles about ILO-AT yesterday [1, 2]; it’s expected that fired staff representatives (from SUEPO) will hear their fate a week before António Campinos takes over. Considering what happened to Judge Corcoran (even after ILO had ruled in his favour several times), it doesn’t look too promising. At no point did Campinos insinuate that he would reintegrate such people into the workforce. “The Tribunal’s judgments will be announced in public on Tuesday, 26 June 2018 at 3pm at the ILO (Room IX, floor R2),” ILO says. What would happen tomorrow if ILO ordered the reintegration of SUEPO leaders?

Some EPO employees try to stay optimistic and positive, foreseeing perhaps a turnaround. But we’re just not seeing it the same way and readers who write to us don’t see it that way, either. Yes, Battistelli’s departure is imminent, but Campinos — according to insiders we heard from — has no intention of sacking anyone from Team Battistelli. So the spirit may remain largely the same, bar the annoying photo ops of the lunatic in chief.

As somebody put it yesterday:

My career as patent attorney goes back to the early 1970’s. I remember the pioneering days at the EPO and the building of an organisation that was the world-wide benchmark for patent administration and law. Pure exhilaration! A rare example of Europe doing something better than countries elsewhere in the world.

And I have seen how, in the last few years,how it has all come to be trashed.

But who exactly is to blame, for this wanton and wilful destruction? Readers, that’s always the problem, isn’t it.

Take the disgraceful gutter press in England? Their defence is that they have no alternative. To survive, they must print garbage, because that’s what readers demand, what creates a market for their papers. Now, who creates the gullible readers that demand the myths and untruths the papers print? Must we blame the schoolteachers?

Likewise, what sort of organisation appoints as its President the complacent and self-satisfied man that this month moves out of his self-commissioned presidential palace on the banks of the Isar? Is BB’s [Battistelli's] defence that he was merely delivering the wishes of his employer, the EPO’s owners, its Administrative Council? Must we place the blame at the AC’s door?

When we see how the AC relates to the incoming new EPO President, we shall be able to reach a better-informed opinion, who to blame for the shameful trashing of the EPO.

Battistelli will be remembered as the person who destroyed the EPO and Campinos as the first person to initiative layoffs. All they want is UPC.

Campinos and Battistelli in 2011
Campinos and Battistelli in 2011

Number of US Patent Lawsuits Was More Than 50% Higher Half a Decade Ago

Posted in America, Patents at 12:52 am by Dr. Roy Schestowitz

Patent Lawyers’ Tears

Patent Lawyers' Tears

Summary: With 35 U.S.C. § 101 (Section 101) in tact, tribunals continue to squash software patents and many firms no longer bother taking these to courts, knowing they’d lose the legal battle

THE USPTO can grant all the patents it wants, but the Patent Trial and Appeal Board (PTAB) will then squash many of them, with the Federal Circuit affirming. There’s a big difference between getting a patent and using a patent in court. Many would not dare suing with a patent, knowing or predicting a negative outcome.

“There’s a big difference between getting a patent and using a patent in court. Many would not dare suing with a patent, knowing or predicting a negative outcome.”Patent lawyers’ agony is rather revealing.

Yesterday, for example, the Watchtroll patent extremists (Aaric Eisenstein, a “patent licensing” guy) kept smearing PTAB and referring to invalidation of patents wrongly granted as “kill” (as if someone died). At around the same time we learned that PTAB targets patents of patent trolls once more, this time IPVal’s. It happened after a petition (IPR) from Unified Patents and yesterday afternoon it wrote

On June 22, 2018, Unified filed a petition for inter partes review (IPR) against U.S. Patent 7,769,830 owned and asserted by Hypermedia Navigation LLC, an IP Valuation Partners subsidiary and known NPE. The ’830 patent, related to methods for presenting and searching for hypermedia elements stored at a web server, has been asserted in district court litigation against Yahoo!, Facebook and Microsoft.

This is quite clearly a software patent. Judging by the number, it’s an older patent than most and it predates Alice. It was granted in 2010. Expect it to be rendered invalid soon, 8 years after its issuance. Docket Navigator is meanwhile speaking of a “plaintiffs’ invalidity expert” — we presume a person who is dedicated to such legal arguments. From yesterday’s sole Docket Report: “The court denied plaintiffs’ motion to reconsider an earlier order granting defendant’s motion to strike opinions from plaintiffs’ invalidity expert that were submitted in support of summary judgment briefing because of the substantial unfair prejudice to defendant.”

“Not too shockingly, litigation numbers are down sharply.”Invalidity at the courts, not just at PTAB, has become pretty common. This means that many patent-holding entities are simply too afraid to sue; they’d rather settle out of court, but the targets of intimidation are harder to intimidate because they know they would win in court (if it ever came to that).

Not too shockingly, litigation numbers are down sharply. Yesterday IAM wrote: “Still a few days to go until the end of the month and the first half but @LexMachina’s case counter is currently at 1775 new patents suits filed so far this year. At this rate the US is on course to see fewer than 4000 suits filed this year which would be well below recent highs…”

“The bottom line is, the way things are going the number of lawsuits hinged on software patents truly nosedived.”Richard Lloyd from IAM added: “Recent high was 6130 cases filed in 2013. Last year total was 4045…”

So expect just over 3,000 lawsuits this year, i.e. way below 6,130. “Volume of US patent litigation continues to drop,” IBM’s Manny Schecter wrote. Remember that IBM is by far the biggest foe of Section 101 and it is suing a lot of companies, only to see PTAB invalidating many of its bogus software patents.

The bottom line is, the way things are going the number of lawsuits hinged on software patents truly nosedived. This can only be good news for software developers.

US Supreme Court is Not Revisiting Patent Scope After Alice

Posted in America, Law, Patents at 12:11 am by Dr. Roy Schestowitz

Book

Summary: 35 U.S.C. § 101 remains untouched as SCOTUS Justices prefer talking about § 102 and § 284/§ 271, which have nothing to do with software patents

EIGHT years after Bilski and four years after Alice there’s still no sign of a turnaround for software patents in the US, irrespective of what the USPTO grants and does not grant (what matters is the outcome in the courts, not the Office).

“The Justices don’t open up to the possibility of altering patent scope, notably § 101.”As it turns out, prior art (§ 102) will be looked at next, at least in relation to a case that Dennis Crouch has been writing about for quite some time. Yesterday he wrote that “[t]he Supreme Court has granted Helsinn’s petition for writ of certiori in the first case focusing on the 2011 rewriting of the prior art and novelty statute 35 U.S.C. 102.”

That’s it? So it’s good news again. The Justices don’t open up to the possibility of altering patent scope, notably § 101.

There’s meanwhile plenty of discussion about a “damages” case, the WesternGeco case (WesternGeco LLC v. ION Geophysical Corp.), which we mentioned here a few times prior to the outcome. Richard Lloyd (patent trolls’ lobby, IAM) wrote about it yesterday, as did Kevin E. Noonan and George “Trey” Lyons, III. Here are a couple of portions:

On Friday, the Supreme Court reversed the judgment of the Federal Circuit in WesternGeco LLC v. ION Geophysical Corp. Justice Thomas (joined by Chief Justice Roberts and Justices Kennedy, Ginsburg, Alito, Sotomayor, and Kagan) held that, based on the “focus” of 35 U.S.C. § 284 of the Patent Act (the general damages provision) when read in light of domestic infringement under 35 U.S.C. § 271(f)(2) (barring exportation of components specifically adapted for a patented invention), a patent owner could recover lost foreign profits. The decision overruled the Federal Circuit’s general practice of interpreting damages under § 271(f)(2) in the same fashion as § 271(a) (the general infringement provision, which does not allow patent owners to recover lost foreign profits).

[...]

For the time being, one practical consequence of this decision is that U.S. patent owners may now recover foreign lost profits tied to domestic acts of infringement under § 271(f)(2).

Crouch’s colleague reposted something for Professor Holbrook, who had “authored an amicus brief in WesternGeco v. Ion,” according to him. The opening paragraph:

When the Supreme Court agreed to review WesternGeco LLC v. ION Geophysical Corp., it was unclear how sweeping the decision would be. The case had clear implications for patent law. It would be the first time the Supreme Court had addressed patent infringement damages under 35 U.S.C. § 284 since its 1984 decision General Motors Corp. v. Devex Corp. The briefing and oral argument suggested the Court had some interest in assessing proximate cause in patent damages, an issue that has not been addressed by the Supreme Court or revisited by the Federal Circuit since its seminal en banc decision in Rite Hite Corp. v. Kelly Company Inc. Finally, beyond patent law, this case had implications for the Court’s jurisprudence on the presumption against extraterritoriality, particularly as to whether the presumption applies to remedial provisions.

Professor Risch alludes to Professor Holbrook and says:

The Supreme Court issued its opinion in WesternGeco last week. The holding (7-2) was relatively straightforward: if an infringer exports a component in violation of 35 USC 271(f)(2) (that is, the component has no substantial noninfringing use), then the presumption of extraterritoriality will not bar damages that occur overseas. And that’s about all it ruled. It left harder questions, like proximate cause, for another day.

I spent the end of the week and weekend reading commentary on the case (and tussling a bit on Facebook and Twitter). A couple blog posts worth checking out are Tim Holbrook’s and Tom Cotter’s. I had just a few thoughts to add.

As we said last year, WesternGeco LLC v. ION Geophysical Corp. is almost of zero relevance to us because we always focus on patent scope. It did, however, show that the Justices don’t have the alleged “anti-patent” bias and we’re glad to see that nothing over the horizon can challenge Alice. As we’ll note in our next post, the patent litigation ‘industry’ is in collapse.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts