EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.11.18

Links 12/7/2018: Mesa 18.1.4 RC, Curl 7.61.0

Posted in News Roundup at 11:28 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Top 10 Reasons Why Desktop Linux Failed

      1) Linux isn’t pre-installed – No matter how much we may debate it, having Windows pre-installed on PCs means that’s what people are likely to end up using. In order for someone to move over to Linux on the desktop, there must be a clear reason to do so. There is the problem. The only time I’ve personally seen users make the switch over to Linux from Windows comes down to frustration with Windows or a desire to advance their skills into an IT field.

      My own Linux story, for example, was a mixture of the two examples above. First off, I was just done with Windows. I had already been dabbling with Linux at the time I completely switched, but I become disenfranchised with the Microsoft way of doing things. So for me, the switch to Linux was based out of frustration.

      Had I not experienced any frustrations with Windows, I might not have ever thought to jump ship over to an alternative. Even when I built my own PCs myself, the OS offered at computer stores was Windows only. This is a huge hurdle for Linux adoption on the desktop.

      2) Linux freedom vs convenience – It’s been my experience that people expect a user experience that’s consistent and convenience. How one defines this depends on the individual user. For some, it’s a matter of familiarity or perceived dependability. For more advanced PC users, a consistent convenience may mean a preferred workflow or specific applications.

      The greater takeaway is that when people are aware of other operating systems, they will usually stick with that they’ve used the longest. This presents a problem when getting people to try Linux. When using a desktop platform for a long time, you develop habits and expectations that don’t lend themselves well to change.

  • Server

  • Audiocasts/Shows

  • Kernel Space

    • Linux Kernel Port Revised To China’s C-SKY CPU Architecture

      In addition to the AMD-licensed Chengdu Haiguang x86 server processors and Zhaoxin x86-compatible CPUs from VIA Centaur lineage, another CPU effort within China has been C-SKY.

      C-SKY is a 32-bit embedded CPU core out of Hangzhou, China. C-SKY is working on RISC-V designs too, but this current C-SKY embedded processor appears to be an original CPU design. Back in March they posted the original C-SKY Linux kernel patches while this past week they sent out a revised version.

    • Another Big Pull Of Intel DRM Updates Submitted For Linux 4.19

      One month ago Intel was quick following the Linux 4.18 merge material to begin sending in new feature work for Linux 4.19 by means of the DRM-Next repository. They’ve already done a few rounds of updates while now another serving of Direct Rendering Manager patches were served up.

      Sent out on Tuesday is likely their last “big pull” targeting the Linux 4.19 kernel, but Intel developer Rodrigo Vivi commented that another one or two smaller pulls are still expected in the days or week ahead to DRM-Next for 4.19.

    • Xen Hypervisor 4.11 Released, New Browsh Text-Based Browser, Finney Cryptocurrency Phone, GNOME Hiring and More

      The Xen Hypervisor 4.11 was released yesterday. In this release “PVH Dom0 support is now available as experimental feature and support for running unmodified PV guests in a PVH Container has been added. In addition, significant chunks of the ARM port have been rewritten.” Xen 4.11 also contains mitigations for Meltdown and Spectre vulnerabilities. For detailed download and build instructions, go here.

    • Oracle wants to improve Linux load balancing and failover

      Oracle reckons Linux remote direct memory access (RDMA) implementations need features like high availability and load balancing, and hopes to sling code into the kernel to do exactly that.

      The problem, as Oracle Linux kernel developer Sudhakar Dindukurti explained in this post, is that performance and security considerations mean RDMA adapters tie hardware to a “specific port and path”.

      A standard network interface card, on the other hand, can choose which netdev (network device) to use to send a packet. Failover and load balancing is native.

    • Linux 4.17.6
    • Linux 4.14.55
    • Linux 4.9.112
    • Linux 4.4.140
    • Linux 3.18.115
    • The final step for huge-page swapping

      For many years, Linux system administrators have gone out of their way to avoid swapping. The advent of nonvolatile memory is changing the equation, though, and swapping is starting to look interesting again — if it can perform well enough. That is not the case in current kernels, but a longstanding project to allow the swapping of transparent huge pages promises to improve that situation considerably. That work is reaching its final stage and might just enter the mainline soon.

      The use of huge pages can improve the performance of the system significantly, so the kernel works hard to make them available. The transparent huge pages mechanism collects application data into huge pages behind the scenes, and the memory-management subsystem as a whole works hard to ensure that appropriately sized pages are available. When it comes time to swap out a process’s pages, though, all of that work is discarded, and a huge page is split back into hundreds of normal pages to be written out. When swapping was slow and generally avoided, that didn’t matter much, but it is a bigger problem if one wants to swap to a fast device and maintain performance.

    • Revisiting the MAP_SHARED_VALIDATE hack

      One of the the most commonly repeated mistakes in system-call design is a failure to check for unknown flags wherever flags are accepted. If there is ever a point where callers can get away with setting unknown flags, then adding new flags becomes a hazardous act. In the case of mmap(), though, developers found a clever way around this problem. A recent discussion has briefly called that approach into question, though, and raised the issue of what constitutes a kernel regression. No changes are forthcoming as a result, but the discussion does provide an opportunity to look at both the specific hack and how the kernel community decides whether a change is a regression or not.

      Back in 2017, several developers were trying to figure out a way to safely allow direct user-space access to files stored on nonvolatile memory devices. The hardware allows this memory to be addressed directly by the processor, but any changes could go astray if the filesystem were to move blocks around at the same time. The solution that arose was a new mmap() flag called MAP_SYNC. When a file is mapped with this flag set (and the file is stored on a nonvolatile memory device), the kernel will take extra care to ensure that access to the mapping and filesystem-level changes will not conflict with each other. As far as applications are concerned, using this flag solves the problem.

    • Linux Foundation/CloudNative

      • What are cloud-native applications?

        As cloud computing was starting to hit its stride six or seven years ago, one of the important questions people were struggling with was: “What do my apps have to look like if I want to run them in a public, private, or hybrid cloud?”

        There were a number of takes at answering this question at the time.

        One popular metaphor came from a presentation by Bill Baker, then at Microsoft. He contrasted traditional application “pets” with cloud apps “cattle.” In the first case, you name your pets and nurse them back to health if they get sick. In the latter case, you give them numbers and, if something happens to one of them, you eat hamburger and get a new one.

      • KubeCon + CloudNativeCon, Copenhagen

        I attended KubeCon + CloudNativeCon 2018, Europe that took place from 2nd to 4th of May. It was held in Copenhagen, Denmark. I know it’s quite late since I attended it, but still I wanted to share my motivating experiences at the conference, so here it is!

        I got scholarship from the Linux Foundation which gave me a wonderful opportunity to attend this conference. This was my first developer conference aboard and I was super-excited to attend it. I got the chance to learn more about containers, straight from the best people out there.

      • Certification Plays Big Role in Open Source Hiring

        Employers increasingly want vendor neutrality in their training providers, with 77 percent of hiring managers rating this as important, up from 68 percent last year and 63 percent in 2016. Almost all types of training have increased this year, with online/virtual courses being the most popular. Sixty-six percent of employers report offering this benefit, compared to 63 percent in 2017 and 49 percent in 2016. Forty percent of hiring managers say they are providing onsite training, up from 39 percent last year and 31 percent in 2016; and 49 percent provide individual training courses, the same as last year.

      • Take Our Survey on Open Source Programs

        Please take eight minutes to complete this survey. The results will be shared publicly on The New Stack, and The Linux Foundation’s GitHub page.

    • Graphics Stack

      • NVIDIA Jetson Xavier Development Kit: Under 30 Watts, 8-Core ARMv8.2, 512 Core Volta

        The NVIDIA Jetson Xavier Development Kit is pretty darn exciting with having eight ARMv8.2 cores, a 512-core Volta GPU, 16GB of LPDDR4, and under 30 Watt power use.

        Last month NVIDIA announced the Jetson Xavier with plans to ship in August at a $1,299 USD price-tag. More details on this NVIDIA Jetson Xavier Development Kit have now been announced.

      • Mesa 18.1.4 release candidate

        Mesa 18.1.4 is planned for release this Friday, July 13th, at or around 10 AM PDT.

      • Mesa 18.1.4 Being Prepared With Intel Fixes & A Couple For Radeon

        Another routine Mesa 18.1. point release is being prepared while waiting for the August debut of the Mesa 18.2 feature update.

        Dylan Baker, the Mesa 18.1 release manager and his first stab at the task, has announced the Mesa 18.1.4 release candidate today. In its current form, Mesa 18.1.4 is comprised of just over two dozen patches.

      • Pre-AMDGPU xf86-video-ati X.Org Driver Sees A Round Of Improvements

        It’s rare in recent years to have anything to report on xf86-video-ati, the X.Org driver for the display/2D experience for pre-GCN Radeon graphics cards. But this week has been a large batch of fixes and improvements for those using this DDX driver with pre-HD7000 series hardware.

        Longtime Radeon Linux driver developer Michel Dänzer has landed a number of commits already this week of various fixes/cleanups, some of which were inspired by the xf86-video-amdgpu DDX driver that is used for current-generation hardware with the AMDGPU kernel driver (unless using xf86-video-modesetting…).

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Optimizing a Python application with C++ code

        I’ve been working lately in a command line application called Bard which is a music manager for your local music collection. Bard does an acoustic fingerprinting of your songs (using acoustid) and stores all song metadata in a sqlite database. With this, you can do queries and find song duplicates easily even if the songs are not correctly tagged. I’ll talk in another post more about Bard and its features, but here I wanted to talk about the algorithm to find song duplicates and how I optimized it to run around 8000 times faster.

        [...]

        An obvious improvement I didn’t do yet was replacing the map with a vector so I don’t have to convert it before each for_each call. Also, vectors allow to reserve space in advance, and since I know the final size the vector will have at the end of the whole algorithm, I changed to code to use reserve wisely.

        This commit gave the last increase of speed, to 7998x, 36680 songs/second and would fully process a music collection of 1000 songs in just 13 seconds..

      • How A KDE Developer Used C++17 & Boost.Python For About A 8,000x Speed-Up

        Open-source developer Antonio Larrosa who contributes to KDE and openSUSE has been developing a command-line music manager called Bard. He’s written an interesting post about how he sped up some of his operations by around eight-thousand times faster.

        In particular, Antonio was focused on speeding up the process of finding song/music duplicates in the user’s local music collection. What started out as Python code was morphed into optimized C++ code. Little surprise, the C++ code once tuned was immensely faster than Python — but the blog post is interesting for those curious about the impact of the various steps he took for tuning this implementation.

    • GNOME Desktop/GTK

      • GUADEC 2018: BoF Days

        Monday went with engagement BoF. I worked with Rosanna to finalize the annual report. Please help us proofread it! I have also started collecting information for the GNOME 3.30 release video. If you are a developer and you have exciting features for GNOME 3.30, please add them to the wiki. The sooner you do it, the happier I am.

      • GNOME Foundation opens recruitment for further expansion

        Today, July 6th 2018, the GNOME Foundation has announced a number of positions it is recruiting for to help drive the GNOME project and Free Software on the desktop. As previously announced, this has been made possible thanks to a generous grant that the Foundation has received, enabling us to accelerate this expansion.

      • Emmanuele Bassi: News from GLib 2.58

        Next September, GLib will hit version 2.58. There have been a few changes during the past two development cycles, most notably the improvement of the Meson build, which in turn led to an improved portability of GLib to platforms such as Windows, macOS, and Android. It is time to take stock of the current status of GLib, and to highlight some of the changes that will impact GLib-based code.

      • GLib 2.58 Is Looking Good With Portability Improvements, Efficient Process Launching

        The GLib low-level GNOME library while being quite mature is seeing a significant update with its version 2.58 release due out this September for GNOME 3.30.

        Two of the biggest GLib 2.58 changes we have covered up to now on Phoronix has been the new generic reference counting API and more efficient app launching. The reference counting API has been in the works for 6+ years to help GLib’s bindings/integration with languages utilizing automatic memory management / garbage collection. The more efficient process launching via the use of posix_nspawn() is also exciting for better performance, particularly on systems suffering from memory pressure.

  • Distributions

    • Red Hat Family

      • Red Hat OpenStack Platform Adopted by Fujitsu for Fujitsu Cloud Service for OSS

        Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced that Fujitsu Limited has adopted Red Hat OpenStack Platform as an Infrastructure-as-a-Service (IaaS) component of Fujitsu Cloud Service for OSS, its global hybrid cloud service offering. As a backbone for an open hybrid cloud, Fujitsu Cloud Service for OSS is designed to help enterprises more quickly develop cloud-native and traditional applications and services in an environment built from innovative, more reliable, and more secure open technologies.

      • Red Hat OpenStack platform adopted by Fujitsu

        Red Hat recently announced that Fujitsu has adopted Red Hat OpenStack Platform as an Infrastructure-as-a-Service (IaaS) component of Fujitsu Cloud Service for OSS, its global hybrid cloud service offering.

        As a backbone for an open hybrid cloud, Fujitsu Cloud Service for OSS is designed to help enterprises more quickly develop cloud-native and traditional applications and services in an environment built from innovative, more reliable, and more secure open technologies.

        This announcement shows the continued, long-standing collaboration between Red Hat and Fujitsu to offer hybrid cloud solutions based on open source.

      • Fujitsu Adopts Red Hat OpenStack Platform for Fujitsu Cloud Service for OSS
      • ISVs in APAC showcase increased Red Hat OpenShift adoption

        Red Hat recently showcased the uptake of Red Hat OpenShift Container Platform in Asia Pacific by many of the region’s leading independent software vendors (ISV).

        Red Hat director of ISV Balaji Swamy says, “Businesses in Asia Pacific are increasingly realising how a leading container platform such as Red Hat OpenShift can help them increase agility and accelerate innovation to be ahead of their competitors.

      • ISVs in APAC Showcase Increased Red Hat OpenShift Adoption Across Verticals

        Red Hat Partner Conference Asia Pacific — Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today showcased the uptake of Red Hat OpenShift Container Platform in Asia Pacific by many of the region’s leading independent software vendors (ISV).

      • ORock’s Red Hat OpenStack-Based Cloud Platform Gets FedRAMP Authorization; David Egts Comments

        ORock Technologies has received a Federal Risk and Authorization Management Program certification for its Red Hat OpenStack-based cloud platform.

        A Defense Department agency granted the FedRAMP authorization to operate to ORockCloud at the moderate impact level for hybrid cloud deployments and platform-as-a-service and infrastructure-as-a-service models, ORock said Tuesday.

        ORockCloud is built on a private fiber optic network and works to provide users on-demand access to storage, computing, performance monitoring, networking, virtualization and applications through the company’s service catalog.

      • Spraoi and Red Hat seek volunteers

        Spraoi is recruiting volunteers from all walks of life for this year’s festival, August 3rd, 4th and 5th and the volunteering programme is being supported by software giant, Red Hat, whose offices are on the Cork Road.

        Red Hat’s Director of Software Engineering, James Mernin, says the partnership is a very natural fit: “Spraoi and Red Hat are both driven by creative people with a passion for communities and this association will allow our team to become involved in this year’s festival.

        We also have an international team here and it’s great for them to have access to artists from around the world at Spraoi.”

      • Entando Announces OEM Agreement with Red Hat on Modern Applications

        Entando, a leader in open source Digital Experience Platforms, today announced that Red Hat has agreed to include access to a set of Entando’s open source low-code tools as part of Red Hat’s newly launched Red Hat Process Automation Manager. Entando has optimized the tools to run effectively on Red Hat Process Automation Manager. Together, these technologies offer customers expanded next-generation business process automation capabilities native to Red Hat OpenShift Container Platform and a user experience (UX) designed to help them create cloud-native applications faster.

      • STT Connect builds webscale private cloud infrastructure on Red Hat

        To build its cloud on a flexible, supported open source platform, STT Connect partnered with Red Hat to deploy Red Hat OpenStack Platform, Red Hat Ansible Tower, and other enterprise Red Hat software.

        These solutions helped the company create an agile and efficient — yet secure — webscale cloud infrastructure. STT Connect became the first cloud company in Singapore to achieve the highest level Multi-Tier Cloud Security (MTCS) certification with an OpenStack private cloud.

      • The Final Build of Scientific Linux 6.10 Legacy Branch Released

        Scientific Linux has announced that the 6.10 release will be the final build of their legacy branch based on Red Hat 6.10. It will only receive security updates and major bug fixes and will be supported until November 2020.

        Fermi National Accelerator Laboratory (Fermilab) and European Organization for Nuclear Research (CERN) co-develop Scientific Linux with the aim of creating a stable operating system that is supplied with packages and applications that support scientific research. They also list using “the free exchange of ideas, designs, and implementations to prepare a computing platform for the next generation of scientific computing” as one of their goals.

      • ISVs in APAC Showcase Increased Red Hat OpenShift Adoption Across Verticals
      • Finance

      • Fedora

        • Hiding the Fedora boot menu

          The venerable Linux boot menu has made its appearance at boot time since the days when LILO was the standard boot loader, through the days of GRUB, and onward to today’s GRUB 2 and others. It is sometimes configured out by distributions as something that will potentially confuse less-technical users, but it has been a mainstay of Fedora for many releases. A recent proposal to hide the menu, starting in Fedora 29, has met a mixed reaction, but those who are not in favor are also those most able to revert to the existing behavior.

          Hans de Goede raised the issue back at the end of May. He suggested that Fedora had at one time hidden the boot menu, but changed. As a longtime Fedora user, I don’t remember that switch, but my memory is faulty and that may be the case here. In any case, De Goede’s idea is to not have the distribution print any confusing messages at boot time: “the end goal being a user pressing the on button and then going to the graphical login manager without him seeing any text messages / menus filled with technical jargon.”

          The response was somewhat mixed, as might be expected. Stephen Gallagher was concerned about boots that failed and gave the user no alternatives to try. De Goede said that the plan was to detect failed boots and then show the boot menu on the next boot. He muddied the waters somewhat by mentioning a “fastboot” feature that he is planning for Fedora 30. It would effectively provide no way for a user sitting at the console to override the boot sequence (with a key press, say) and get the boot menu once the system has started booting.

        • Fedora tackles Southeast Linux Fest 2018
        • Fedora 29 Dropping GCC From Their Default Build Root Has Been Causing A Heated Debate

          One of the surprisingly controversial changes being implemented for Fedora 29 is dropping GCC and GCC-C++ from the default BuildRoot for assembling Fedora packages with Koji and Mock.

          Up to now it’s always just been implied that GCC (including the GCC C++ compiler) is there by default with every build-root. But these days with more packages being written in languages like Go, Rust, Python, Node.js, and other modern languages, the proportion of C/C++ applications is decreasing. As such, the GCC C/C++ support is no longer being implied with the default build environments in Koji/Mock, which in turn should help package build times for non-C/C++ packages as they will no longer need to pull in the gcc/gcc-c++ packages and in turn a cleaner buildroot environment too.

    • Debian Family

      • Taiwan Travel Blog – Day 2 & 3

        My Taiwan Travel blog continues! I was expecting the weather to go bad on July 10th, but the typhoon arrived late and the rain only started around 20:00. I’m pretty happy because that means I got to enjoy another beautiful day of hiking in Taroko National Park.

        I couldn’t find time on the 10th to sit down and blog about my trip, so this blog will also include what I did on the 11th.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed? [Ed: Physical access = PC compromised; there are many other ways around it, including reboots with recovery mode, so...]

            It was just reported that a bug filed on Ubuntu Launchpad (dubbed Local authorization bypass by using suspend mode) about a month ago has been confirmed by several users. The bug allows an individual with physical access to a machine to evade the lock screen simply by removing its hard drive.

          • We shall call him Mini-U – Ubuntu reveals tiny cloudy server

            Canonical has released a new cut of Ubuntu it recommends for use in the cloud and containers.

            “Minimal Ubuntu” is based on either Ubuntu 16.04 LTS or 18.04 LTS. A Docker image of the latter weighs in at 29 megabytes. Images of the OS for the cloud are said to be “less than 50% the size of the standard Ubuntu server image, and boot up to 40% faster.” We think that makes them around 400MB.

          • Canonical Releases Minimal Ubuntu, Optimised for Multicloud

            Canonical, the company behind popular Linux system Ubuntu, has released Minimal Ubuntu, a pared-back, significantly faster iteration of its server operating system (OS).

  • Devices/Embedded

Free Software/Open Source

  • Open Source GraphQL Engine Launched

    An open source GraphQL Engine has been launched that can be used with applications based on Postgres without the need for backend GraphQL processing code.

    The new GraphQL as a service can be used by front-end developers to build scaleable GraphQL apps on Postgres.

    Hasura’s GraphQL Engine automates the implementation and linking of databases to the graph. The APIs can be used to choose tables from new or existing database for use with GraphQL and link those existing tables into a graph. The engine has built-in authorization and authentication with granular authentication and a dynamic access control system that integrates with existing authentication systems such as Auth0 or custom implementations. The engine is also lightweight, consuming only 50MB of RAM even while serving more than a thousand requests per second.

  • Hasura Launches Open Source GraphQL Engine That Provides Instant GraphQL-as-a-Service on Any Existing Postgres Application
  • R3 has commercially launched its open-source blockchain platform

    Blockchain consortium R3 has commercially rolled out its open-source blockchain platform, dubbed Corda Enterprise, which aims to enable more businesses to leverage blockchain technologies. This comes after R3 launched version 1.0 of the platform in October 2017.

  • Algo Development 2.0 Looks to Open Source, Cloud & Big Data

    While the financial services industry was an early adopter of open source software going back to the Linux operating system in 1991 and the FIX Protocol in the late 1990s, financial firms may have restrictions on contributing code back to the wider open source community.

    “When it comes to trading algorithms there is a secret sauce embedded there that I don’t think people ever want to open source,” said Bill Harts, senior advisor to the Modern Markets Initiative, who moderated the panel. Harts, who has been an early adopter of algorithmic trading at Citi, Goldman Sachs and Bank of America, said: “That’s how they make money. Where do you draw the line?” asked Harts.

  • 5 open source principles that help DevOps teams excel

    While open source has more than a decade head start on DevOps, the two have steadily converged over time. As a CIO, you can support the use of some key open source cultural values to empower your organization’s DevOps team and ensure maximum success.

  • Open source hasn’t made tech more open

    Democratic ideals have given way to governments and corporate giants.

  • Event management with Indico

    There are many things to love about the Linux Plumbers Conference (LPC), but the event’s web site has not often been considered one of them. This year, your editor took on the task of finding a new system to handle proposal submission, review, and scheduling, despite his own poor track record when it comes to creating attractive web sites. The search finally settled on a system called Indico; read on for some impressions of this interesting free event-management system.

    There are a number of free systems out there for handling the needs of conferences. Among the others that were considered are Symposion, which is used by linux.conf.au, and OSEM, the openSUSE event-management system. Both are capable systems, but neither seems to have been developed with the idea that others might want to pick it up and run it. In particular, every Symposion installation seems to require a fair amount of low-level customization. The installation documentation for both is, to put it charitably, a bit scant. Indico, instead, comes with a nice installation manual that makes the task something that is, if not actually easy, at least achievable without having to actually learn the entire code base first.

    [...]

    Events in Indico have most of the features needed to track their life cycle. Each event has a home page with a reasonable degree of customization; pages of information can be attached to the home page. There is an elaborate mechanism for proposal submission and review. Events can be split into tracks and sessions, with a different coordinator for each session; the schedule for the whole thing can be managed in a reasonably straightforward way. For those who need it, Indico also offers a registration system, though LPC is not using it.

  • Web Browsers

    • Chrome

      • Chrome 67 to Counter Spectre on Mac, Windows, Linux, Chrome OS via Site Isolation

        The Spectre and Meltdown vulnerabilities, discovered earlier this year, caught everyone off guard including hardware and software companies. Since then, several vendors have patched them, and today, Google Chrome implemented measures to protect the browser against Spectre. The exploit uses the a feature found in most CPUs to access parts of memory that should be off-limits to a piece of code and potentially discover the values stored in that memory. Effectively, this means that untrustworthy code may be able to read any memory in its process’s address space. In theory, a website could use such an attack to steal information from other websites via malicious JavaScript code. Google Chrome is implementing a technique known as site isolation to prevent any future Spectre-based attacks from leaking data.

      • Google Chrome is getting a Material Design revamp – here’s how to test the new features

        Google has been promising a Material Design revamp of its desktop Chrome web browser for quite some time – and now we have our first look.

        An update to the experimental Chrome Canary browser on Windows, Linux and Mac, offers a preview of what we can expect when Google builds the changes into the main browser later this year.

      • Google Chrome Gets A Big Material Design Makeover, Here’s How To Try It On Windows, Linux And macOS

        Google’s dominate Chrome web browser is set to receive a big Material Design makeover later this year. However, if you want to give a try right now, you can do so by downloading the latest build of Chrome Canary. For those not in the know, Canary is the developmental branch of Chrome where new features are tested before they roll out widely to the public.

        As you can see in the image below, this is a total revamp of the browser, with a completely new address bar and look for the tabs interface. Tabs have a more rounded shape and colors have been refreshed through the UI.

      • Chrome 67 features Site Isolation to counter Spectre on Mac, Windows, Linux, Chrome OS

        Following the disclosure of Spectre and Meltdown CPU vulnerabilities earlier this year, the entire tech industry has been working to secure devices. In the current stable version of Chrome, Google has widely rolled out a security feature called Site Isolation to protect desktop browsers against Spectre.

    • Mozilla

      • FTAPI SecuTransfer – the secure alternative to emails? Not quite…

        Emails aren’t private, so much should be known by now. When you communicate via email, the contents are not only visible to yours and the other side’s email providers, but potentially also to numerous others like the NSA who intercepted your email on the network. Encrypting emails is possible via PGP or S/MIME, but neither is particularly easy to deploy and use. Worse yet, both standard were found to have security deficits recently. So it is not surprising that people and especially companies look for better alternatives.

        It appears that the German company FTAPI gained a good standing in this market, at least in Germany, Austria and Switzerland. Their website continues to stress how simple and secure their solution is. And the list of references is impressive, featuring a number of known names that should have a very high standard when it comes to data security: Bavarian tax authorities, a bank, lawyers etc. A few years ago they even developed a “Secure E-Mail” service for Vodafone customers.

      • Mozilla Open Policy & Advocacy Blog: Searching for sustainable and progressive policy solutions for illegal content in Europe

        As we’ve previously blogged, lawmakers in the European Union are reflecting intensively on the problem of illegal and harmful content on the internet, and whether the mechanisms that exist to tackle those phenomena are working well. In that context, we’ve just filed comment with the European Commission, where we address some of the key issues around how to efficiently tackle illegal content online within a rights and ecosystem-protective framework.

      • Notes by Firefox Now Lets You Sync Notes Between Desktop and Android

        Mozilla has released a note taking app for Android that syncs with the Firefox browser on the desktop. Called (rather simply) ‘Notes by Firefox‘, the feature offers basic, encrypted note taking in the browser and via a standalone app for Android phones and tablets.

      • Mozilla applauds passage of Brazilian data protection law

        Mozilla’s previous statement supporting the Brazilian Data Protection Bill can be found here. The bill will now go to Brazilian President Michel Temer for his signature.

      • My Journey to Tech Speaking about WebVR/XR

        Ever since a close encounter with burning out (thankfully, I didn’t quite get there) forced me to leave my job with Mozilla more than two years ago, I have been looking for a place and role that feels good for me in the Mozilla community. I immediately signed up to join Tech Speakers as I always loved talking about Mozilla tech topics and after all breaking down complicated content and communicating it to different groups is probably my biggest strength – but finding the topics I want to present at conferences and other events has been a somewhat harder journey.

      • Mozilla Funds Top Research Projects

        We are very happy to announce the results of the 2018H1 Mozilla Research Grants. This was an extremely competitive process, with over 115 applicants. We selected a total of eight proposals, ranging from tools to fight online harassment to systems for generating speech. All these projects support Mozilla’s mission to make the Internet safer, more empowering, and more accessible.

        The Mozilla Research Grants program is part of Mozilla’s Emerging Technologies commitment to being a world-class example of inclusive innovation and impact culture-and reflects Mozilla’s commitment to open innovation, continuously exploring new possibilities with and for diverse communities. We will open the 2018H2 round in Fall of 2018: see our Research Grant webpage for more details and to sign up to be notified when applications open.

      • 4 add-ons to improve your privacy on Thunderbird

        Thunderbird is a popular free email client developed by Mozilla. Similar to Firefox, Thunderbird offers a large choice of add-ons for extra features and customization. This article focuses on four add-ons to improve your privacy.

      • Mozilla’s Test Pilot Program For Mobile Apps: Launches “Lockbox” and “Notes” App
  • Codecs and Patents

    • An Invisible Tax on the Web: Video Codecs

      Here’s a surprising fact: It costs money to watch video online, even on free sites like YouTube. That’s because about 4 in 5 videos on the web today rely on a patented technology called the H.264 video codec.

      A codec is a piece of software that lets engineers shrink large media files and transmit them quickly over the internet. In browsers, codecs decode video files so we can play them on our phones, tablets, computers, and TVs. As web users, we take this performance for granted. But the truth is, companies pay millions of dollars in licensing fees to bring us free video.

      It took years for companies to put this complex, global set of legal and business agreements in place, so H.264 web video works everywhere. Now, as the industry shifts to using more efficient video codecs, those businesses are picking and choosing which next-generation technologies they will support. The fragmentation in the market is raising concerns about whether our favorite web past-time, watching videos, will continue to be accessible and affordable to all.

    • AV1, Opportunity or Threat for POWER and ARM Servers?

      While I haven’t seen an official announcement, Phoronix reported that the AV1 git repository was tagged 1.0, so the launch announcement is imminent. If you haven’t heard about it already, AOMedia Video 1 (AV1) is an open, royalty-free video coding format by the Alliance for Open Media.

    • VP9 & AV1 Have More Room To Improve For POWER & ARM Architectures

      Luc Trudeau, a video compression wizard and co-author of the AV1 royalty-free video format, has written a piece about the optimization state for video formats like VP9 and AV1 on POWER and ARM CPU architectures.

  • Pseudo-Open Source (Openwashing)

  • Funding

    • Best Bug Bounty Programs On Internet

      ​The software revolution brought many opportunities for programmers. The modern software industry is not just limited to development. The developed software or service might have backdoors or glitches. These can cause vulnerabilities that hackers use to their benefit by exploiting such services.

  • FSF/FSFE/GNU/SFLC

    • Minimum GCC Version Likely to Jump from 3.2 to 4.8

      The question of the earliest GCC compiler version to support for building the Linux kernel comes up periodically. The ideal would be for Linux to compile under all GCC versions, because you never know what kind of system someone is running. Maybe their company’s security team has to approve all software upgrades for their highly sensitive devices, and GCC is low on that list. Maybe they need to save as much space as possible, and recent versions of GCC are too big. There are all sorts of reasons why someone might be stuck with old software. But, they may need the latest Linux kernel because it’s the foundation of their entire product, so they’re stuck trying to compile it with an old compiler.

      However, Linux can’t really support every single GCC version. Sometimes the GCC people and the kernel people have disagreed on the manner in which GCC should produce code. Sometimes this means that the kernel really doesn’t compile well on a particular version of GCC. So, there are the occasional project wars emerging from those conflicts. The GCC people will say the compiler is doing the best thing possible, and the kernel people will say the compiler is messing up their code. Sometimes the GCC people change the behavior in a later release, but that still leaves a particular GCC version that makes bad Linux code.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • ARM Takes Down Boneheaded Website Attacking Open-Source Rival

        ARM, the incredibly successful developer of CPU designs, appears to be getting a little nervous about an open-source rival that’s gaining traction. At the end of June, ARM launched a website outlining why it’s better than its competitor’s offerings and it quickly blew up in its face. Realizing the site was a bad look, ARM has now taken it down.

        For the uninitiated, ARM Holdings designs various architectures and cores that it licenses to major chipmakers around the world. Its tech can be found in over 100 billion chips manufactured by huge names like Apple and Nvidia as well as many other lesser-known players in the low-power market. If ARM is Windows, you can think of RISC-V as an early Linux. Like ARM, it’s an architecture based on reduced instruction set computing (RISC), but it’s free to use and open to anyone to contribute or modify. While ARM has been around since 1991, RISC-V just got started in 2010 but it’s gaining a lot of ground and ARM’s pitiful website could easily be seen as a legitimizing moment for the tech.

      • A Landmark Legal Shift Opens Pandora’s Box for DIY Guns

        Two months ago, the Department of Justice quietly offered Wilson a settlement to end a lawsuit he and a group of co-plaintiffs have pursued since 2015 against the United States government. Wilson and his team of lawyers focused their legal argument on a free speech claim: They pointed out that by forbidding Wilson from posting his 3-D-printable data, the State Department was not only violating his right to bear arms but his right to freely share information. By blurring the line between a gun and a digital file, Wilson had also successfully blurred the lines between the Second Amendment and the First.

        “If code is speech, the constitutional contradictions are evident,” Wilson explained to WIRED when he first launched the lawsuit in 2015. “So what if this code is a gun?”

  • Programming/Development

    • This Week in Rust 242

      Always wanted to contribute to open-source projects but didn’t know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

    • Kindness and open-source projects

      Brett Cannon is a longtime Python core developer and member of the open-source community. He got to check off one of his bucket-list items when he gave a keynote [YouTube video] at PyCon 2018. That keynote was a rather personal look at what he sees as some problem areas in the expectations of the users of open-source software with respect to those who produce it. While there is lots to be happy for in the open-source world, there are some sharp edges (and worse) that need filing down.

      He started with his background as a way to show that he has the experience to give this talk. He is the development lead on the Python extension for Visual Studio Code, which is Microsoft’s cross-platform open-source code editor. He noted that the two qualifiers for the editor are probably shocking to some. It was originally a community open-source project; Microsoft hired the developer behind it and it is now “corporate open source”, Cannon said. That means there is a company backstopping the project; if the community fell away, the project would continue.

      He has been a Python core developer since April 2003; he got the commit bit shortly after attending the first PyCon (and he has attended every PyCon since as well). In contrast, Python is community open source; if the community disappeared, the project “would probably collapse within a month”. He has contributed to over 80 open-source projects along the way; many of those were simply typo fixes of various sorts, but it has given him exposure to a lot of different development processes. “I’ve been lucky enough to have a broad range of exposure to open source overall.”

    • Python and the web

      Dan Callahan is a developer advocate at Mozilla and no stranger to PyCon (we covered a talk of his at PyCon 2013). He was also the champion at Mozilla for the grant that helped revamp the Python Package Index (PyPI). At PyCon 2018, he gave a keynote talk [YouTube video] that focused on platforms of various sorts—and where Python fits into the platforms of the future.

      He began with a slide showing the IBM PCjr, which was the first computer IBM made for the home market. It was released in 1984 and immediately drew a bad reaction from the public and the press (Time magazine called it “one of the biggest flops in the history of computing”). Commercially and even objectively, the PCjr was a bad platform, he said.

      But when he was old enough to become interested in computers, that was the computer that was available to him—his father had bought one during the roughly one year they were available. He learned BASIC as his first language because the PCjr came with BASIC. He didn’t think about it at the time, but his first language was chosen for him; he didn’t get to consider what features he wanted or how the language’s community was. His platform had determined the tool he would use.

      Fast-forward a few years to when he was in high school and had his own computer; even though he had access to Linux, PHP, and Perl, he still found himself programming in BASIC. This was the pre-smartphone era, so when he was bored in class, he had to find some other way to distract himself; he and his friends turned to TI-82 graphing calculators. Those were programmable in BASIC, so even though he had more sophisticated tools available to him, if he wanted to share something with his friends, it would have to be written in BASIC for the TI-82. That platform also dictated the tool that he would use.

Leftovers

  • Security

    • D-Link security certificates are being used to sign industry espionage malware

      Two strains of Plead exist – one straightforward beastie, and one password stealer capable of lifting from Google Chrome, Microsoft Internet Explorer, Microsoft Outlook and Mozilla Firefox.

    • DOD seeks classification “Clippy” to help classify data, control access [iophk: "if they have Microsoft Office they have already failed security]
    • Malware Attack On Arch Linux AUR Repository; Three Packages Infected So Far
    • Arch Linux PDF reader package poisoned
    • Security updates for Wednesday
    • Another Linux distro poisoned with malware

      Last time it was Gentoo, a hard-core, source-based Linux distribution that is popular with techies who like to spend hours tweaking their entire operating sytem and rebuilding all their software from scratch to wring a few percentage points of performance out of it.

    • Arch Linux AUR packages found to be laced with malware

      Three Arch Linux packages have been pulled from AUR (Arch User Repository) after they were discovered to contain malware. The PDF viewer acroread and two other packages that are yet to be named were taken over by a malicious user after they were abandoned by their original authors.

    • ​The return of Spectre

      The return of Spectre sounds like the next James Bond movie, but it’s really the discovery of two new Spectre-style CPU attacks.

      Vladimir Kiriansky, a Ph.D. candidate at MIT, and independent researcher Carl Waldspurger found the latest two security holes. They have since published a MIT paper, Speculative Buffer Overflows: Attacks and Defenses, which go over these bugs in great detail. Together, these problems are called “speculative execution side-channel attacks.”

      These discoveries can’t really come as a surprise. Spectre and Meltdown are a new class of security holes. They’re deeply embedded in the fundamental design of recent generations of processors. To go faster, modern chips use a combination of pipelining, out-of-order execution, branch prediction, and speculative execution to run the next branch of a program before it’s called on. This way, no time is wasted if your application goes down that path. Unfortunately, Spectre and Meltdown has shown the chip makers’ implementations used to maximize performance have fundamental security flaws.

    • Mercury Security Introduces New Linux Intelligent Controller Line

      Mercury Security, a leader in OEM access control hardware and part of HID Global, announces the launch of its next-generation LP intelligent controller platform built on the Linux operating system.

      The new controllers are said to offer advanced security and performance, plus extensive support for third-party applications and integrations. The controllers are based on an identical form factor that enables seamless upgrades for existing Mercury-based deployments, according to the company.

  • Defence/Aggression

    • Engineer stashed Navy drone trade secrets in his personal Dropbox

      A Connecticut federal court has found electrical engineer Jared Sparks guilty of six trade secret theft and transmission charges after he took files relating to underwater drones built for the US Navy’s Office of Naval Research. When contemplating a switch of jobs from drone builder LBI to its software partner Charles River Analytics, he uploaded “thousands” of his then-current employer’s sensitive files to his personal Dropbox account, including accounting and engineering data as well as design-related photos and renders.

    • A Call to Ease Tensions Between the Nuclear Superpowers

      Many Americans remain deeply concerned about reports of Russian interference with the 2016 election. Meanwhile, relations between the United States and Russia are at their lowest and most dangerous point in several decades. For the sake of democracy at home and true national security, we must reach common ground to safeguard common interests—taking steps to protect the nation’s elections and to prevent war between the world’s two nuclear superpowers.

      Whatever the truth of varied charges that Russia interfered with the election, there should be no doubt that America’s digital-age infrastructure for the electoral process is in urgent need of protection. The overarching fact remains that the system is vulnerable to would-be hackers based anywhere. Solutions will require a much higher level of security for everything from voter-registration records to tabulation of ballots with verifiable paper trails. As a nation, we must fortify our election system against unlawful intrusions as well as official policies of voter suppression.

    • Mental Illness Serves as Easy Scapegoat in Mass Murder Accounts

      After the May 18 mass murder at a high school in Santa Fe, Texas, a local CBS station (5/18/18) published an article headlined, “Looking for Signs of Mental Illness in Wake of Recent Shootings.” It described the Santa Fe shooter, Dimitrios Pagourtzis, as a “person who kept to himself,” citing this trait as a possible warning sign of mental disorder.

      [...]

      A study that analyzed 235 mass killings in the US between 1913 and 2015 found 22 percent of perpetrators demonstrated signs of mental illness. An American Psychiatric Association study from 2013 notes only 1 percent of yearly gun-related homicides are carried out by people with mental illness (New York Times, 2/16/18).

      Stephen Paddock, who killed 59 people at a Las Vegas concert, had no history of mental illness. Even an autopsy of Paddock’s brain revealed nothing of note. But the Washington Post (10/2/17) quoted the Las Vegas Metropolitan sheriff saying, “I can’t get into the mind of a psychopath.”

  • Environment/Energy/Wildlife/Nature

    • Drones survey African wildlife

      A new technique developed by Swiss researchers enables fast and accurate counting of gnu, oryx and other large mammals living in wildlife reserves. Drones are used to remotely photograph wilderness areas, and the images are then analysed using object recognition software and verified by humans. The work is reported in a paper published in the journal Remote Sensing of Environment. (*)

      The challenge is daunting: some African national parks extend over areas that are half the size of Switzerland, says Devis Tuia, an SNSF Professor now at the University of Wageningen (Netherlands) and a member of the team behind the Savmap project, launched in 2014 at EPFL. “Automating part of the animal counting makes it easier to collect more accurate and up-to-date information.”

  • Finance

  • AstroTurf/Lobbying/Politics

    • In Wake of AMLO Victory, US Media Fear Chavismo and Hope for ‘Business-Friendly’ Change

      Neoliberal capitalist dogma pervades mainstream media. A case in point is coverage of Andrés Manuel López Obrador’s resounding victory in Mexico’s presidential election.

      [...]

      Another New York Times article (7/2/18), this one by Ahmed and Kirk Semple, said that López Obrador “must still convince investors that his policies will be business friendly.” Ensuring that “investors” are happy is apparently a nonnegotiable imperative.

      Revealingly, the authors failed to consider how this supposed essential can co-exist with another necessity they describe, which is that “Mr. López Obrador will also have to deliver on his promises to address widespread poverty and yawning inequality.” Ahmed and Semple decline to point out the contradiction here: “Investors” rarely deem policies that “address widespread poverty and yawning inequality”—say, a higher minimum wage and the redistribution of wealth through social programs—to be “business friendly.” By glossing over such inconsistencies, and proffering magical thinking according to which capital can be appeased while poverty and inequality are successfully fought, the authors performed a service for advocates of neoliberal capitalist scripture.

    • Democrats Reintroduce DISCLOSE Act to Combat Dark Money “Poison”

      On June 27, Democrats in both chambers of Congress reintroduced the DISCLOSE Act to provide what the lead Senate sponsor, Sheldon Whitehouse (RI-D), calls “a commonsense solution to restore transparency and accountability in our political system.”

      The DISCLOSE Act of 2018 is the most recent iteration of a bill that Democrats have pushed since the Supreme Court’s ruling in Citizens United v. FEC, which eliminated a century-old federal ban on political spending by corporations.

      The “Democracy Is Strengthened by Casting Light On Spending in Elections Act” (DISCLOSE) was first introduced in 2010 by Representative Chris Van Hollen and Senator Chuck Schumer. DISCLOSE passed in the House that year but a Republican filibuster threat doomed it in the Senate, despite support from 59 senators.

  • Censorship/Free Speech

    • German writer sues Random House

      A German author is taking Random House to court for declining to release his book Hostile Takeover: How Islam Hampers Progress and Threatens Society which it originally signed on the basis of a 10-page proposal.

  • Privacy/Surveillance

    • State Appeals Court Says Exigency Beats A Warrant Requirement If A Phone Has A Passcode

      The Supreme Court’s Riley decision made one thing clear: cellphones are not to be searched without a warrant. Somehow, the Georgia Court of Appeals has reached a different conclusion than the Supreme Court of the United States, even as it cites the ruling. [h/t Andrew Fleischman]

      It’s a decision [PDF] that’s decidedly law enforcement-friendly. And it’s one that will pair nicely with the FBI’s overblown “going dark” assertions. An arrested individual requested his phone so he could retrieve a phone number to give to the officers questioning him. Here’s what happened once he had retrieved that info.

    • How We Can ‘Free’ Our Facebook Friends

      In the wake of the recent privacy controversy over Facebook and Cambridge Analytica, internet users and policymakers have had a lot of questions on the topic of “data portability”: Is my social network data really mine? Can I take it with me to another platform if I’m unhappy with Facebook? What does the new European privacy law, the General Data Protection Regulation (GDPR), demand in terms of my being able to export my data? What even counts as my data that I should be able to download or share, and as my friends’ data that I shouldn’t?

      There’s a growing consensus that being able to easily move your data between social platforms, and perhaps even being able to communicate between different platforms, is necessary to promote competition online and enable new services to emerge. But that raises some difficult technical and policy questions about how to balance such portability and interoperability with your and your friends’ privacy interests—and how to guarantee that new privacy efforts don’t have the unintended consequence of locking in current platforms’ dominance by locking down their control over your data.

      To investigate a potential path forward, New America’s Open Technology Institute partnered with Mozilla to host an event earlier this month, “A Deep Dive Into Data Portability: How Can We Enable Platform Competition and Protect Privacy at the Same Time.” It included a tutorial from OTI’s senior policy technologist Ross Schulman on the basic terminology and technologies at issue—for instance, distinguishing between “data portability” and “interoperability,” and explaining what the heck an “Application Programming Interface,” or “API,” is.

    • Post-Carpenter Ruling Says Call Records Aren’t Content Or Cell Site Location Info; Thus, No 4th Amendment Protection

      Judicial citations and applications of the recent Supreme Court decision in the Carpenter case continue to roll in. The narrow holding by the Supreme Court was that acquisition of cell site location info (CSLI) now requires a warrant, seeing as it can be used to effectively “track” someone over a period of days or months. Historical CSLI — especially large amounts of it — is far more revealing than many other records covered by the Third Party Doctrine. An “equilibrium shift” was needed and the court applied it.

      The shift is trickling down to lower courts, leading to some examinations of the Carpenter ruling in cases that don’t appear to call for it. The Supreme Court of California, ruling [PDF] on a case that originated 15 years ago, takes a brief moment to weigh the Carpenter ruling against the specifics of this appeal. (via FourthAmendment.com)

      At stake here — one of the several challenges raised by the defendant — are phone records gathered with an SCA court order. Phone records were left undisturbed by the Carpenter ruling, but here’s the court’s brief examination of the issue.

    • Facebook faces £500,000 fine from UK data watchdog
    • Facebook is slapped with first fine for Cambridge Analytica scandal
    • Facebook Slapped With “Maximum” U.K. Fine For Cambridge Analytica Scandal

      If you calculate Facebook’s estimated revenue for a period of just 7 minutes, it’ll turn out to be around $665,000. When you compare it to the fine imposed by the U.K. Information Commissioner for Facebook data leak of as many as 87 million users, you won’t notice much difference.

    • Facebook under fresh political pressure as UK watchdog calls for “ethical pause” of ad ops

      The UK’s privacy watchdog revealed yesterday that it intends to fine Facebook the maximum possible (£500k) under the country’s 1998 data protection regime for breaches related to the Cambridge Analytica data misuse scandal.

      But that’s just the tip of the regulatory missiles now being directed at the platform and its ad-targeting methods — and indeed, at the wider big data economy’s corrosive undermining of individuals’ rights.

      Alongside yesterday’s update on its investigation into the Facebook-Cambridge Analytica data scandal, the Information Commissioner’s Office (ICO) has published a policy report — entitled Democracy Disrupted? Personal information and political influence — in which it sets out a series of policy recommendations related to how personal information is used in modern political campaigns.

    • How I Fully Quit Google (And You Can, Too)

      This guide is to show you how I quit the Googleverse, and the alternatives I choose based on my own research and personal needs. I’m not a technologist or a coder, but my work as a journalist requires me to be aware of security and privacy issues.

    • Polar disables activity map feature over privacy concerns

      The decision was made following a report that the data collected by the map feature can be accessed – relatively easily – by third parties to determine the addresses and other personal details of users, who include military and intelligence officers around the world.

      The report was published by Long Play, a Finnish collective of investigative journalists, De Correspondent, a Dutch news website, and Bellingcat, a British website for citizen journalist investigations. The vulnerability identified in the report is real, Marco Suvilaakso, the chief strategy officer at Polar, confirmed to Uusi Suomi on Monday.

  • Civil Rights/Policing

    • Journalist Held by ICE Speaks: ‘Without a Doubt’ I Was Targeted for My Work

      “ICE is targeting people who speak against them,” he said, “We see cases from all over the country where activists who speak out against ICE are being arrested.”

    • They Thought They’d Left The Surveillance State Behind. They Were Wrong.

      China is using its huge digital surveillance system, and the threat of sending family members to reeducation camps, to pressure minorities to spy on their fellow exiles.

    • Europe Shows a Polarized Supreme Court is Not Inevitable

      United States President Donald Trump has nominated Brett Kavanaugh to replace retiring Supreme Court Justice Anthony Kennedy. His choice solidifies a conservative majority on the nation’s nine-member highest court.

      Trump’s conservative bench could overrule Roe v. Wade, eliminating women’s constitutional right to abortion. It also could condone political gerrymandering and put LGBTQ people at further risk for discrimination by employers, landlords and business owners.

      A politically polarizing court is not inevitable. In some European countries, the judicial appointment process is actually designed to ensure the court’s ideological balance, and justices work together to render consensus-based decisions.

    • Two Sides To Every Coin: When “Security Measures” Become Imprisonment

      The bad (and sadly ironic) part is that we the taxpayers are the source of funding for these unconstitutional measures: our taxes pay for the cages being constructed around us and before our very eyes. The masses are unaware and/or they do not care. A shift is being fostered: a “need” for more security [translation: more surveillance] and more accountability [translation: more control] are forced upon us.

      The public is being shaped and manipulated: having lost conscience, its consciousness is now being molded and made to feel as if there is a need for security, safety, and being led. By appealing to the hierarchy of needs, the powers that be are fostering a climate of fear and creating a need for increased government intervention and control in the interests of security.

    • Reality and the Espionage Act

      Winner’s only crime, literally, was to share information with journalists and the American people about a foreign government’s attempt to hack [sic] U.S. voting systems. State election boards reportedly appreciated Winner’s leak, which gave them the information needed to investigate Russian hacking [sic] attempts and better secure their electronic voting infrastructure.

    • Giants newcomer accuses TSA of spilling mom’s ashes

      There’s no recovering this fumble. New York Giants defensive lineman A.J. Francis is slamming Transportation Security Administration inspectors who he says spilled his dead mother’s ashes….

    • How the Fight Against Affirmative Action at Harvard Could Threaten Rich Whites

      Perpetually in jeopardy, the use of racial preferences in college admissions is under greater threat than ever.

      President Donald Trump has scrapped Obama-era guidelines that encouraged universities to consider race as a factor. He has proposed replacing Justice Anthony Kennedy, who wrote the majority opinion in a 2016 case upholding affirmative action by one vote, with the more conservative Brett Kavanaugh. Meanwhile, a lawsuit challenging Harvard’s preferences for Hispanics and African Americans has uncovered the university’s dubious pattern of rejecting academically outstanding Asian-American candidates — who don’t qualify for a race-related boost — by giving them low marks for personality. Either the Harvard case, or a similar lawsuit against the University of North Carolina at Chapel Hill, could put an end to affirmative action.

      If it is abolished, though, there will undoubtedly be increased pressure to also eliminate admissions criteria that favor a very different demographic — children of alumni and donors. Colleges are reluctant to drop these preferences of privilege for fear of hurting fundraising. But the political price of clinging to them could be significant.

    • Trump pardons Oregon ranchers who sparked 2016 militia standoff

      President Donald Trump has pardoned two Oregon cattle ranchers whose sentence for arson led armed militiamen to seize control of a wildlife refuge in 2016.

      Dwight Hammond, 76, and his son Steven Hammond, 49, were convicted in 2012 after a prescribed burn on their land spread to nearby public lands in 2001.

      The pair served time in jail, but a judge later ruled that they must serve their full five-year sentence.

      The ruling sparked anti-government protests that left one rancher dead.

      “The Hammonds are devoted family men, respected contributors to their local community and have widespread support from their neighbours, local law enforcement and farmers and ranchers across the West,” the White House said in statement on Tuesday announcing their full pardon.

      “Justice is overdue for Dwight and Steven Hammond, both of whom are entirely deserving of these Grants of Executive Clemency.”

    • The Supreme Court Doesn’t Have to Overturn Roe to Eviscerate Abortion Rights

      A new Supreme Court could effectively decimate women’s access to abortion, even without overturning Roe outright.

      Now that President Donald Trump has nominated Brett Kavanaugh to replace Justice Anthony Kennedy on the Supreme Court, it will be up to the Senate to fully vet him so that the American people can determine whether he will uphold the basic civil rights and liberties relied on by everyone in this country. This is particularly true when it comes to abortion rights, where Kavanaugh’s prior opinions on the subject, coupled with the fact that Donald Trump vowed to only nominate justices who would overturn Roe v. Wade, give rise to serious concern about women’s continued ability to access abortion if Kavanaugh is confirmed.

      The ACLU as a matter of policy does not endorse or oppose nominees to the Supreme Court. But we do think it’s essential, given Trump’s promise, that any nominee is questioned extensively and directly about their commitment to the 45-year-old precedent of Roe v. Wade.

      Some background is in order. Roe v. Wade made abortion legal in all 50 states by holding that politicians cannot constitutionally ban abortion — except after the point in pregnancy at which the fetus could survive outside the woman’s body. The 1973 decision nullified abortion bans across the country, but it provided imperfect protection for abortion access. Shortly after the decision, the Supreme Court held that politicians may exclude abortion coverage from Medicaid and may require parental or judicial involvement in a minor’s abortion decision. Those rulings cruelly placed abortion out of reach for many people — especially low-income women and, disproportionately, women of color.

    • Nevada Plans to Execute Prisoner Using a Risky and Experimental Drug Cocktail

      The state will use a controversial execution drug known to have played a part in numerous botched executions.

      On July 11, the state of Nevada will execute death-row prisoner Scott Dozier. To do so, the state has decided to use an experimental protocol that incorporates a drug — Midazolam — that has been associated with multiple botched executions across the United States. Allowing the government to execute a person using a protocol that risks torture would be a grave injustice. Nevadans must demand better.

      The road to this upcoming execution has been a tumultuous one.

      The state previously planned to execute Dozier in November of 2017 using an untested and unusual three-drug cocktail comprised of Diazepam, a sedative; Fentanyl, a narcotic; and Cisatracurium, a paralytic. Although Dozier volunteered for execution, he still recognized the state’s independent responsibility to act in a constitutional manner and brought a motion to determine the lawfulness of using a paralytic in his execution. Dozier argued that use of a paralytic needlessly risked inflicting death by suffocation, with physical abuse akin to waterboarding.

      The Nevada trial court agreed. It found that the use of a paralytic would carry a substantial and “objectively intolerable risk of harm” to Dozier in violation of his Eighth Amendment rights under the U.S. Constitution to be free of cruel and unusual punishment and corresponding rights under Article 1, Section 6 of the Nevada Constitution.

      The state of Nevada, however, refused to move forward without the paralytic and appealed to the Nevada Supreme Court. Although the Nevada Supreme Court eventually overturned the trial court decision on procedural grounds, it never ruled on the constitutionality of using a paralytic in connection with Dozier’s execution, leaving an open question of whether the state is acting within the bounds of the U.S. and Nevada Constitutions.

    • When Your Constitutional Rights Are Violated but You Lose Anyway

      The Supreme Court must close an unjust loophole it created, which allows constitutional misconduct to go unpunished.

      Beginning in 2010, a Connecticut man, Almighty Supreme Born Allah, spent over six months in solitary confinement. He was alone for 23 hours a day, allowed to shower just three times a week in underwear and leg shackles, and permitted only one 30-minute visit each week with a family member, whom he was not allowed to embrace, let alone touch. Studies have shown that this kind of isolation can result in clinical outcomes similar to those of physical torture, which is why numerous international human rights bodies have condemned the prolonged use of solitary confinement.

    • Federal Court Says Taking People’s Drivers Licenses Away For Failure To Pay Court Fees Is Unconstitutional

      Good news out of Tennessee, via Christian Farias: a federal court has struck down the state’s modern debtor’s prison system.

      In Tennessee, if you fail to pay court fines and other fees associated with an arrest or imprisonment for more than a year, your driver’s license is revoked. While it may not be as punitive as rounding up debtors and locking them up again (which obviously severely restricts their ability to pay off their debt), it basically serves the same purpose. Someone without a valid driver’s license will find their ability to earn income restricted. Driving to and from work with a revoked license just raises the risk of being fined or arrested, placing residents even further away from settling their debts with the government.

  • Internet Policy/Net Neutrality

    • Charter Spectrum’s New ‘Unlimited’ Wireless Service Bans HD Video Entirely

      Last week we noted how Comcast had imposed new limits on its shiny new “unlimited” wireless plans. The company informed users of its Xfinity Wireless service that moving forward, all video on the service would be throttled back to 480p, with plans to begin charging you more if you want to watch your video in full HD quality. As we noted then, this was just a continuation of a theme already established by wireless carriers like T-Mobile and Sprint, which involved imposing arbitrary throttling thresholds for games, music and video, then charging you additional money to get around those bogus limitations.

      It shouldn’t be particularly hard to see how imposing arbitrary limits that impede your ability to experience content as the originators intended sets a terrible precedent. And should the FCC’s net neutrality repeal survive its looming legal challenge, you’re going to see wireless carriers and ISPs slowly embrace more and more of this sort of thing, at least once they know for sure that the government has zero interest in actually policing such “creative” abuse of a broken market. What we’re seeing now is just the orchestra getting warmed up.

  • DRM

    • Latest Denuvo Version Cracked Again By One Solo Hacker On A Personal Mission

      Denuvo is… look, just go read this trove of backlinks, because I’ve written far too many of these intros to be able to come up with one that is even remotely original. Rather than plagiarize myself, let me just assume that most of you know that Denuvo is a DRM that was once thought to be invincible but has since been broken in every iteration developed, with cracking times often now down to days and hours rather than weeks or months. Key in this post is that much if not most of the work cracking Denuvo has been done by a single person going by the handle Voksi. Voksi is notable not only for their nearly singlehandedly torpedoing the once-daunting Denuvo DRM, but also for their devotion to the gaming industry and developers that do things the right way, even going so far as to help them succeed.

      Well, Voksi is back in the news again, having once again defeated the latest build of Denuvo DRM.

    • Latest Denuvo Anti-Piracy Protection Falls, Cracker ‘Voksi’ On Fire

      The latest variant of the infamous Denuvo anti-piracy system has fallen. Rising crack star Voksi is again the man behind the wheel, defeating protection on both Puyo Puyo Tetris and Injustice 2. The Bulgarian coder doesn’t want to share too many of his secrets but informs TorrentFreak that he won’t stop until Denuvo is a thing of the past, which he hopes will be sooner rather than later.

  • Intellectual Monopolies

    • Datamaran’s Non-financial Risk Management Patents have been Published

      Datamaran – the global leader in Software as a Service (SaaS) solutions for non-financial risk management – has announced today that three of its patent applications have been published with their approval pending. Through its technology, Datamaran enables a systematic and thorough monitoring and analysis of Environmental Social Governance (ESG) risks.

      The three patents Datamaran has applied for in 2016 have now been published and are available on the World Intellectual Property Organisation website – the United Nations’ agency that oversees and promotes the protection of intellectual property. The patents support the company software’s backbone as they cover its business intelligence, regulatory and data processing methods and systems. As a result of years of collaboration between the leading ESG and risk management experts as well as data scientists and technology professionals, these inventions protect Datamaran’s proprietary technology.

    • Study Reconsiders “Public Domain” In The Protection Of Traditional Knowledge

      The study, entitled, “Wandering footloose: Traditional knowledge and the ‘Public Domain’ revisited,” by University of Ottawa law professor Chidi Oguamanam, is available here.

      The idea of a public domain in intellectual property rights is that of limited term rights where such rights are seen as a trade-off as part of a social contract.

      “The state incentivises those who have made useful innovations or other creative works by way of a state sanctioned monopoly,” the paper states. “At the end of the monopoly, they are required to hands-off or take off tolls on the innovation so that it would be flushed into the sinkhole of the public domain for members of the public to freely access for various ends, including the creation of more useful innovation(s).”

      Regarding this public domain, the study highlights that the United States and its allies have been putting pressure on traditional knowledge stakeholders concerning the protection of traditional knowledge. These countries are of the view that effective protection of traditional knowledge will “undermine” the public domain, the study explains.

    • Artificial intelligence and the future of the patent system

      There are myriad issues facing the global patent system which, if not addressed, could lead to a decline in its use. Put simply, there is way too much data for humans to properly digest. In this month’s Clarivate Analytics guest piece, Ed White – director of IP analytics at the firm – argues that a closer focus on artificial intelligence could help to solve this existential problem.

    • Cantargia Receives Intention to Grant Notification From EPO for Expanded Patent Protection in Treatment of Solid Tumours [Ed: patents on cancer treatments are bad. What’s wrong with them? See [1, 2].]

      Cantargia AB announce that the European Patent Office (EPO) has issued an Intention to grant notification for the company’s divisional (second, follow-up) patent application regarding use of IL1RAP as a target for antibody therapy in solid tumours. The patent application has application number 15197139.7. Cantargia has previously received formal patent approval in Europe and other major territories for use of IL1RAP as target molecule for antibody therapy of several types of tumours.

    • WIPO Launches Coordinated Examination before Top Five Patent Offices

      The World Intellectual Property Organization (WIPO) launched a pilot program on July 1st termed Collaborative Search and Examination (CS&E) that will enable an applicant to have searching performed by all five of the major global patent offices (the USPTO, European Patent Office (EPO), Chinese Patent Office (SIPO), Japan Patent Office (JPO), and Korean Intellectual Property Office (KIPO)).

      According to WIPO, the program has the following features: it is “applicant driven,” insofar as applicants must request searching under the pilot program. It envisions a “balanced workload distribution,” wherein each office will perform a search as a “main ISA” for 100 applications and perform “peer ISA” searches for another 400 applications for the two years of the pilot program. Finally, each ISA will use a “common set of quality and operational standards” in performing the searches. Initially, all applications accepted into the pilot program must be filed in the English language (although WIPO anticipates that it may accept applications in other languages later in the program).

    • Women in IP Global Network Interview: Gender inequality in Germany

      The Act on Equal Participation of Women and Men regarding Leadership Positions within the Sectors of Private Economy and Public Service is one piece of legislation that has been brought in to improve gender balance at work.

    • Spain: Rosuvastatina, Court of Appeal of Barcelona, Ruling no. 59/2018, 16 May 2018

      The influential Barcelona Court of Appeal corrected a finding of the Barcelona Patents Court, which – to great surprise – had lifted an injunction on finding that Swiss-type claims were affected by the Spanish Reservation to the European Patent Convention, and thereby ineffective in Spain. Although this decision arrived only after SPC expiry and thus much too late for this particular case, which concerned a top-selling blockbuster, it is nevertheless a welcome relief for Spanish patentees in similar situations.

    • Trading Partners Led By US, EU, Take China To Task In WTO Forum Over Weak Protection Of IP Rights

      Dennis Shea, the US ambassador to the WTO, cited “inadequate protection and enforcement of intellectual property rights” among a long list of alleged Chinese unfair trade measures that adversely affect the commercial interests of foreign competitors.

      On 10 July, US Trade Representative Robert Lighthizer in announcing the initiation of a new batch of punitive measures (10% tariffs on an additional $200 billion of Chinese imports) under Section 301 of the Trade Act of 1974, said, “for many years, China has pursued abusive trading practices with regard to intellectual property and innovation.”

      However, Wang Shouwen, China’s vice minister of Commerce, called on WTO members attending a review of China’s trade regime in Geneva on 11 July “to firmly stand up to trade bully, protectionism and unilateralism… and to tackle the systemic threats posed by such unilateralism actions as Section 232 and 301 investigations to the WTO.”

    • Copyrights

      • UK copyright infringement falls among young consumers

        New research suggests young people are infringing less and indicates that more people are paying for content

      • We’ve Redesigned the CC License “Legal Code” Pages

        Last week, we launched a redesign of Creative Commons’ various license (aka “legal code”) pages. See one for yourself. In this post, I’ll spell out what the changes are and why we made them.

        The most obvious change we made is updating the overall look of the pages so that they resemble the rest of the Creative Commons website, which was redesigned back in September 2016, as well as the CC license “deed” pages (e.g. the CC BY 4.0 deed), which were redesigned in 2017. We’d always intended to pull the design of the license/legal code pages up in line with the deeds, but the deeds took precedence, since they are the most frequently viewed pages on our website. I’m happy to say that we’ve finished the project with this latest design update.

      • Shocker: DOJ’s Computer Crimes And Intellectual Property Section Supports Security Researchers DMCA Exemptions

        Well here’s a surprise for you. The DOJ’s Computer Crime and Intellectual Property Section (CCIPS) has weighed in to support DMCA 1201 exemptions proposed by computer security researchers. This is… flabbergasting.

        In case you don’t know, Section 1201 of the Digital Millennium Copyright Act (DMCA) is the “anti-circumvention” part of the law. It’s the part of the law that makes it infringement to get around any “technological measure” to lock down copyright covered material, even if breaking those locks has nothing whatsoever to do with copyright infringement. It’s a horrible law that has created all sorts of negative consequences, including costly and ridiculous lawsuits about things having nothing to do with copyright — including garage door openers and printer ink cartridges. In fact, Congress knew the law was dumb from the beginning, but rather than dump it entirely as it should have done, a really silly “safety valve” was added in the form of the “triennial review” process.

        The triennial review is a process that happens every three years (obviously, per the name), in which anyone can basically beg the Copyright Office and the Librarian of Congress to create exemptions for cracking DRM for the next three years (an exemption — stupidly — only lasts those three years, meaning people have to keep reapplying). Over the years, this has resulted in lots of silliness, including the famous decision by the Librarian of Congress to not renew an exemption to unlock mobile phones a few years back. Many of the exemption requests come from security researchers who want to be able to crack systems without being accused of copyright infringement — which happens more frequently than you might think.

      • Google’s “View Image” Is Gone, Here Are 3 Alternatives To Get Your Favorite Images

        In early 2018, Google’s move of removing the “View Image” button from the image search results might have broken the hearts of many. Particularly those who rely on the platform to source images for their different needs.

        The change was the result of an agreement Google had with Getty Images over the display of copyrighted content in Google Images search results. In addition to it, the ‘Search by Image’ option has also been removed.

      • Swedish Court Sentences ‘Pirate’ IPTV Operators to Prison

        Three men connected to the IPTV operation ATN have been sentenced to prison and ordered to pay damages of $24 million. The company, which generated millions in profits and served over 70,000 customers at its height, has since gone bankrupt. The case was filed by the Qatari company beIN Sports, which is battling unauthorized broadcasts on several fronts.

      • The EU’s Controversial Digital Single Market Directive – Part I: Why the Proposed Internet Content Filtering Mandate Was So Controversial

        While it is certainly good news that the EU Parliament decided against giving a rubber stamp to the DSM proposal in its current form, the battle over Article 13 is far from over. The EU Parliament will be taking up further proceedings about it in the fall of 2018, but its proponents can be expected to mount a new campaign for its retention.

Texas: When Trade Secret ‘Damages’ Are Almost 1,000 Times Higher Than Patent ‘Damages’

Posted in America, Courtroom, Law, Patents at 4:14 am by Dr. Roy Schestowitz

The demise of patent litigation as a ‘business model’?

Will Delaware Be Different? An Empirical Study of TC Heartland and the Shift to Defendant Choice of Venue
Reference: Will Delaware Be Different? An Empirical Study of TC Heartland and the Shift to Defendant Choice of Venue (via Professor Michael Risch)

Summary: It’s possible to deal with conflicts and disputes using means other than patents; a new trade secret misappropriation case and a new study from Ofer Eldar (Duke Law) and Neel Sukhatme (Georgetown Law) bring examples from Texas

IT is often said that in the absence of patents on software one can rely on copyright, copyleft, or secrecy. Either way, algorithms don’t merit patents and never should. In fact, patents on software aren't worth pursuing anymore.

Yesterday an interesting case from Texas got highlighted because of the financial breakdown:

TAOS v. Renesas, focuses on the interplay between trade secret misappropriation (under Texas law), and patent law. TAOS patented an ambient light sensor using a photodiode array. See U.S. Patent No. 6,596,981. This type of sensor is widely used in smartphones to adjust the display brightness. Following failed merger negotiations, Intersil developed a competing product — which the district court found relied upon confidential information received during the negotiations. A jury found Intersil liable for patent infringement, trade secret misappropriation, breach of contract, and tortious interference with prospective business.

[...]

The damages verdict was as follows:

Patent Infringement: $74,000
Trade Secret Misappropriation – Disgorgment of D’s Profits: $48,000,000
Trade Secret Misappropriation – Punitive Damages: $10,000,000
Reasonable Royalty for Breach of Contract: $12,000,000
Retention of Documents Breach of Contract: $1
Tortious Interference – Lost Profits: $8,000,000
Tortious Interference – Punitive Damages: $10,000,000

[...]

Still, the state law trade secret damages were more than 500 times greater than the federal patent law damages.

What can we deduce from the above? Well, there are many protections against gross injustices and patents aren’t even needed. When one consents to copyright assignment agreements, for instance, code is then protected from blatant plagiarism or reassignment. The above case isn’t about software, but much can be said about application of the law beyond patent law.

“…Texas was already deterring legitimate businesses because of all these lawsuits. TC Heartland made it more so.”Texas no longer receives as many patent filings as it used to receive. TC Heartland has a lot to do with that, as we noted earlier this week and earlier this summer (e.g. "A Post-TC Heartland (and Post-Alice) Patent System is Bad if Not Fatal News to Patent Trolls Like Microsoft’s Intellectual Ventures").

Professor Michael Risch wrote about TC Heartland yesterday, focusing on the impact the decision may have had on firms’ value:

In Recalibrating Patent Venue, Colleen Chien and I did a nationwide study of forum shopping in patent cases (shocker – everybody did it, and not just in Texas), and predicted that many patent cases would shift from the Eastern District to the District of Delaware. And, lo, it has come to pass. Delaware is super busy.

[...]

But how much did firms value not being sued in Texas? The TC Heartland case is a clear shock event, so an event study can measure this. In Will Delaware Be Different? An Empirical Study of TC Heartland and the Shift to Defendant Choice of Venue, Ofer Eldar (Duke Law) and Neel Sukhatme (Georgetown Law) examine this question.

As we said before, Texas was already deterring legitimate businesses because of all these lawsuits. TC Heartland made it more so.

Texas made a serious strategic mistake (the eastern part of it in particular); it invited all the patent trolls over, scaring actual (productive) firms in the process. Now it has neither. The boat has sailed away. What does that mean to the value of the region? There’s more to life (and commerce) than patents.

Cellspin Soft Will Likely Need to Pay the Accused Party’s Lawyers Too After Frivolous Litigation With Patents Eliminated Under 35 U.S.C. § 101

Posted in Deception, Patents at 3:07 am by Dr. Roy Schestowitz

Moral of the story: stop pursuing such patents and suing with them

Business oriented finance keywords relating to sales, marketing and banking

Summary: Pursuing bogus (questionable) patents and going even further by asserting them in court can be worse than a waste of time and money; it can actually cause the target of assertion to be compensated (legal fees) at the plaintiff’s expense — a critical fact largely ignored by the patent ‘industry’

We very recently mentioned Cellspin Soft (Cellspin Soft, Inc. v Fitbit, Inc.), a case which is interesting to us because it involves abstract (and thus bogus) patents. After 35 U.S.C. § 101 eliminated the patents in question it looks like the victim of the frivolous lawsuit — not the plaintiff — is to be compensated. Quite a reversal of fates, eh? Here are the details from yesterday:

Following a dismissal for lack of patentable subject matter, the court granted defendants’ motions for attorney fees under 35 U.S.C. § 285 because plaintiff’s litigation positions were exceptionally meritless.

“After 35 U.S.C. § 101 eliminated the patents in question it looks like the victim of the frivolous lawsuit — not the plaintiff — is to be compensated.”Why did the USPTO issue such patents in the first place? Cellspin Soft got burned pretty badly and it’s not the fault of Fitbit. When patent quality is lowered so much by the Office only the lawyers win. The only question is, “who pays their bills?”

We are rather disturbed to see the daily bad advice from law firms, which are egging on and encouraging firms to pursue software patents, sometimes even taking these to courts. These law firms certainly know that this is bad advice, but this is the kind of advice they profit from.

“Sadly these have become very common, exploiting the death of proper journalism.”Here in the UK, for example, Marks & Clerk members of staff habitually promote such bad advice. They not only give bad advice but also lobby for software patents, UPC etc. Mind this new puff piece about promotions there. Those aren’t news; they’re just marketing disguised as ‘journalism’. Also mind this other article from yesterday. Bad advice, as usual, from patent maximalists looking for (and profiting from) legal chaos. It’s Withers & Rogers in this case, just trying to sell very bad advice. To quote:

Tech companies should shop for patents to bolster their portfolios

[...]

According to Michael Jaeger, partner and patent attorney, specialising in the fields of consumer electronics, telecoms and medical devices at intellectual property firm, Withers & Rogers, this is a missed opportunity. He said:

[...]

There are many ways to find patents to acquire. Patent buying events, such as the IP3 event organised by Allied Security Trust (AST), offer easy access to information about bundles of patents, which are grouped according to their technological focus. This year’s IP3 event, which is inviting offers from 9 – 20 July 2018, features patents in eight categories: artificial intelligence, augmented and virtual reality, automotive, blockchain, internet-connected devices, smart home, software and communications. In addition, patent brokerage firms can help companies to locate and obtain patents in their area of technology.

Allied Security Trust (AST) was last mentioned here in May. They’re actually promoting patent predators and encouraging companies to shell out money for the predators. This Ground Six/Bdaily-affiliated site (hard to know who exactly is behind it, but it seems rather dodgy) perpetually reminds us that patent “news” is not really news but just marketing disguised as such. We wrote about such sites 12 days ago. Sadly these have become very common, exploiting the death of proper journalism.

The Lack of Genuine, Honest Discussion About Patent Quality Means That Under António Campinos Software Patents Will Continue to be Granted, Campinos Strives to Make Them ‘Unitary’

Posted in Europe, Patents at 2:01 am by Dr. Roy Schestowitz

Still basking in and glorifying Battistelli’s “Quality Report 2017″ rather than what examiners say

Napoleonic cannon
The Napoleonic President just wanted lots of patent wars in Europe

Summary: The agenda of the litigation ‘industry’ is still being served by the existing EPO administration; this is a problem because not only do they grant patents on just about anything but they also attempt to broaden litigation jurisdiction

THE EPO appears to be changing its management (not just António Campinos), but will it change its policies too? So far, judging by the first week of Campinos, it doesn’t seem so because they actively deny the decline in patent quality and still viciously pursue ‘unitary’ effect, effectively spreading low-quality patents and rulings about them to the whole of Europe in defiance of local patent laws, constitutions etc.

“Several times yesterday Boult Wade Tennant was acting like a mouthpiece for Battistelli and his team, parroting whatever it takes to distract from EPO crises (such as patent quality plunging).”Will the EPO mention the apparent collapse of Team Battistelli or leave that ‘buried’ in the “Jobs” section while posting fluff like this? Battistelli’s corruption isn’t forgotten/forgettable, nor is the role of his enablers.

Several times yesterday Boult Wade Tennant was acting like a mouthpiece for Battistelli and his team, parroting whatever it takes to distract from EPO crises (such as patent quality plunging). Matthew Ridley posted this thing in Lexology, noting: “My guess is that many users of the patent system would much prefer to see the quality of granted European patents increase rather than see further increases in the speed of grant or rejection.”

Also in Lexology his colleague Phil Merchant (Boult Wade Tennant) cited Battistelli’s “Quality Report 2017,” missing the point that the EPO now fakes ‘quality’ by conflating it with speed, or “timeliness”. To quote Merchant:

As those familiar with the experience will attest, applying for a patent is often not a quick process. It takes time for a patent office to process an application, perform a search on relevant prior art and conduct an examination on whether an invention should be granted a patent. This delay can be frustrating for applicants, who would prefer to be able to commercialise their Intellectual Property as soon as possible.

In recognition of applicants’ desires, the European Patent Office (EPO) launched the ‘Early Certainty’ initiative in 2014 to attempt to speed up the patent granting process – initially to speed up delivery of search results, but revised in 2016 to speed up substantive examination and opposition. The EPO’s Quality Report 2017 (found here), published this week, reports on the progress towards achieving these goals.

[...]

The Quality Report 2017 provides some reassurance that the EPO is taking such concerns seriously, including positive steps toward quality assurance. We in the profession are therefore hopeful that the progress in timeliness at the EPO can continue to be made without sacrificing the high quality for which it is well respected across the world.

António Campinos just kept repeating the word "quality" and, as expected, a roundup of this spiel of his was written up at the end (warning: epo.org link, via Twitter).

“The EPO pretends that the ‘epoch’ was 8 years ago. It’s always 8 years. Always Battistelli. They still pretend it was some kind of “golden era” rather than the collapse of the EPO.”The EPO has also just mentioned the Boards of Appeal (page contents repeated in Twitter yesterday), making it all about Battistelli. To reproduce their own words (warning: epo.org link): “In the past eight years the event has attracted more than 1.400 participants to attend and engage with Boards of Appeal members and each other on key topics relating to Boards of Appeal decisions.”

The EPO pretends that the ‘epoch’ was 8 years ago. It’s always 8 years. Always Battistelli. They still pretend it was some kind of “golden era” rather than the collapse of the EPO. What happened to patent quality? What happened to staff quality? What happened to the EPO’s reputation? How about the death of the UPC? The vision of ‘unitary’ patents is dead and only Bristows is still delusional enough (or sufficiently self-deluding) to speak about the CMS that will never be used. Yesterday it wrote this:

Over the last nine months, various members of the judiciary, their clerks, lawyers (including our own Luke Maunder), and others have been engaged in user acceptance testing (UAT) of the ‘sunrise’ version of the Unified Patent Court (UPC) Case Management System (CMS) test site.

It’s never going to be used. They might as well call off development, having wasted a lot of money and time on this unconstitutional pile of rubbish. UPC was never desirable; it’s a patent trolls’ fantasy, which is being promoted by sites that support patent trolls. Mind Watchtroll’s EPO interview from yesterday and mention of a new lawsuit in Eastern Texas, which typically attracts patent trolls. “U.S. Patent No. 10,000,000 just issued June 19, 2018,” it said, “and already a patent in the 10 million series is being enforced. On July 3, 2018, the day the patent issued, Whirlpool Corporation filed a patent infringement lawsuit in the United States Federal District Court for the Eastern District of Texas.”

“It ought to be noted that the EPO too has been promoting software patents; is this what Battistelli had in mind for ‘unitary’ patents? Abstract ideas as monopolies EU-wide?”The vision/purpose of ‘unitary’, low-quality European Patents was supposed to attract much of such litigation to Germany, causing a headache to a lot of companies for the sake of the litigation ‘industry’.

The patent trolls’ lobby, IAM, meanwhile reports another new lawsuit in Eastern Texas. Richard Lloyd wrote about the former owner of SUSE (UK-based with German pedigree) getting sued in the patent trolls-friendly courts. To quote:

Hewlett Packard Enterprise (HPE) and British software company Micro Focus have been accused of infringing three patents relating to the development of mobile applications in a pair of lawsuits filed last week in the Eastern District of Texas. The plaintiff, which is demanding damages of at least $400 million, is listed on the court filing as Wapp Tech Limited Partnership and Wapp Tech Corp, although the three patents in question were developed and are owned by inventor Donavan Paul Poulin.

These are software patents. This is why they target the courts in Texas. It ought to be noted that the EPO too has been promoting software patents; is this what Battistelli had in mind for ‘unitary’ patents? Abstract ideas as monopolies EU-wide?

“The EPO (in collaboration with IAM) has already admitted this is about software patents…”Yesterday we noticed that the University of Detroit Mercy promotes buzzwords which Battistelli and the EPO used to promote/popularise even in the US, notably “Fourth Industrial Revolution” or “4IR” (“Industry 4.0″), adding to other (older) buzzwords, e.g. “ICT”, “CII”, “AI” and so on.

Wissam Aoun (University of Detroit Mercy’s School of Law) wrote this abstract:

During the first Industrial Revolution, the patent system developed in an era of democratized invention. Individual inventors dominated patent filings and helped create a narrative surrounding the transformative impact of the patent system on the lives of inventors and society. Existing scholarship often overlooks the role of patent agents, those individuals who assisted inventors in securing patent rights, during this era. Industrial Revolution era patent agency was broad and indiscrete compared to its current form, which was largely a product of the needs of individual inventors and a pre-professionalization view of the discipline. As corporatization slowly replaced the individual inventor and professionalization began to dominate many occupational fields, the professional patent agent materialized. However, the emergence of disruptive technologies in our new Fourth Industrial Revolution may be reversing both of these trends, with the re-emergence of democratized invention and challenging the discretization of many fields of professional service.

The EPO (in collaboration with IAM) has already admitted this is about software patents and here is how they excuse this internally in the Gazette.

Software patents in Europe

Links 11/7/2018: Xen 4.11, Ubuntu Infographics, Lockbox and Notes

Posted in News Roundup at 12:52 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Server

    • Shippable’s Software

      What’s interesting is that Shippable isn’t targeting developers for the Internet of Things or smartphones, ARM’s typical base, but is betting that the reduced instruction set architecture is on its way to having a big impact in data centers.

    • Cloud Computing in HPC Surges [Ed: No, it doesn't. They just came up with this buzzword. These are still just servers.]

      According to the two leading analyst firms covering the high performance computing market, the use of the cloud for HPC workloads is looking a lot more attractive to users these days.

    • Clear Linux Now Supports Kata Containers

      At the end of last year the Intel Clear Linux project’s Clear Containers initiative morphed into OpenStack’s Kata Containers. Clear Linux now supports the resulting Kata Containers.

      Clear Containers had been the Intel / Clear Linux project focused on providing performant Linux containers as well as greater security through Intel VT-d and other engineering improvements. Kata Containers took that foundation and has evolved it under the stewardship of OpenStack and participation from many different organizations.

  • Audiocasts/Shows

    • Episode 31 | This Week in Linux

      Linux Mint 19 “Tara” was Released. Elementary releases a Developer Preview for their new version called “Juno”. Kdenlive issues a request to the community for beta testing of the next generation of Kdenlive. We do a follow up on the EU’s Copyright Reform Directive, this time it’s good news, at least for now. We discuss the SUSE acquisition by EQT. Ubuntu Studio created a cool guide to Audio Production on Linux. Later in the show we look at what is coming for Xubuntu 18.10 and also the latest release from Redcore Linux. All that and much more.

  • Kernel Space

    • USB Type-C DisplayPort Alternate Mode Driver Coming To Linux 4.19

      The USB Type-C DisplayPort Alternate Mode driver will be coming to the Linux 4.19 kernel.

      Intel developers have been working on a USB Type-C DisplayPort Alternate Mode support for the mainline Linux kernel so it can play nicely with hardware supporting DP displays/adapters over the USB Type-C interface.

      That work is now ready for mainline with USB subsystem maintainer Greg Kroah-Hartman pulling the USB Type-C DisplayPort Alternate Mode support into his usb-next Git branch of material that will end up landing in Linux 4.19.

    • Linux Foundation

      • What’s New in the Xen Project Hypervisor 4.11

        I am pleased to announce the release of the Xen Project Hypervisor 4.11. One of our long-term development goals since the introduction of Xen Project Hypervisor 4.8 has been to create a cleaner architecture for core technology, less code and a smaller computing base for security and performance. The Xen 4.11 release has followed this approach by delivering more PVH related functionality: PVH Dom0 support is now available as experimental feature and support for running unmodified PV guests in a PVH Container has been added. In addition, significant chunks of the ARM port have been rewritten.

      • Xen Project Hypervisor: Virtualization and Power Management are Coalescing into an Energy-Aware Hypervisor

        Power management in the Xen Project Hypervisor historically targets server applications to improve power consumption and heat management in data centers reducing electricity and cooling costs. In the embedded space, the Xen Project Hypervisor faces very different applications, architectures and power-related requirements, which focus on battery life, heat, and size.

        Although the same fundamental principles of power management apply, the power management infrastructure in the Xen Project Hypervisor requires new interfaces, methods, and policies tailored to embedded architectures and applications. This post recaps Xen Project power management, how the requirements change in the embedded space, and how this change may unite the hypervisor and power manager functions.

      • Xen Hypervisor 4.11 Released With Many Core Improvements

        It’s one month late but the Xen Project Hypervisor 4.11 release is available today with great scads of new features.

      • Xen 4.11 Improves Server Virtualization with PVH

        The open source Xen Project, which is hosted as a Linux Foundation effort, issued its first major release of 2018 on July 10.

        The Xen Project Hypervisor 4.11 release comes after months of development, and follows the 4.10 update that became available at the end of 2017. Xen 4.10 included some initial support for PVH (Paravirtualization Hardware), which has been further extended in the 4.11 update.

      • ​Re-engineering Xen: The important open-source hypervisor gets remodeled

        Xen is open-source royalty. This hypervisor, which runs and manages virtual machines (VMs), powers some of the largest clouds. You know their names: Amazon Web Services (AWS), Tencent, Alibaba Cloud, Oracle Cloud, and IBM SoftLayer. It’s also the foundation for VM products from Citrix, Huawei, Inspur, and Oracle. But, with the release of its latest edition, Xen Project Hypervisor 4.11, there are major changes under the hood.

      • Xen 4.11 debuts new ‘PVH’ guest type, for the sake of security

        The Xen Project has released version 4.11 of its hypervisor.

        As we reported last week, it’s more than a month late, but the projects leaders thinks it is worth the wait because this release delivers on an ambition to “create a cleaner architecture for core technology, less code and a smaller computing base for security and performance.”

        A big part of delivering on that is increased use of PVH – a type of virtualization that Xen reckons blends the best of paravirtualization (PV) and Hardware Virtual Machines (HVM). PV virtualizes hardware so a guest can offer kit not found on its host, but doesn’t use virtualization extensions in silicon. HVM can use those extensions and therefore offers each VM isolated emulated hardware.

      • Last Chance to Speak at Hyperledger Global Forum | Deadline is This Friday

        Hyperledger Global Forum is the premier event showcasing the real uses of distributed ledger technologies for businesses and how these innovative technologies run live in production networks today. Hyperledger Global Forum unites the industry’s most respected thought leaders, domain experts, and key maintainers behind popular frameworks and tools like Hyperledger Fabric, Sawtooth, Indy, Iroha, Composer, Explorer, and more.

    • Graphics Stack

      • Linux 4.18 AMDGPU Tests: Vega Taking A Hit

        Being roughly mid-way through the Linux 4.18 kernel development cycle, I spent some time this weekend running benchmarks of the AMDGPU DRM driver on Linux 4.18 Git compared to Linux 4.17 stable on three different Radeon graphics cards while using the Mesa 18.1.3 based drivers.

      • Radeon ROCm 1.8.2 Compute Stack In Beta, Might Work Under Ubuntu 18.04 LTS

        A new beta of the Radeon Open Compute “ROCm” stack was quietly made available for v1.8.2.

        While ROCm 1.9 will officially support Ubuntu 18.04 LTS, it looks like the ROCm 1.8.2 beta might contain preliminary Ubuntu 18.04 LTS “Bionic Beaver” support. A ROCm 1.8.2 beta user has commented that he was able to get 1.8.2 working on Ubuntu 18.04 with the Linux 4.16 kernel with the AMDKFD kernel driver.

      • Vulkan-Virgl Continues Progressing For Getting Vulkan Within VMs

        One of the most exciting Google Summer of Code 2018 projects is Vulkan-Virgl for supporting this modern graphics/compute API within virtual machines.

        Vulkan-Virgl is based off the existing Virgl initiative that has been providing OpenGL hardware acceleration to guest VMs using VirtIO-GPU and paired with some Mesa code and the Virgl rendering library. The GSoC 2018 project is making Virgl work with both OpenGL and Vulkan APIs.

    • Benchmarks

      • A Look At The Windows 10 vs. Linux Power Consumption On A Dell XPS 13 Laptop

        With the current-generation Dell XPS 13 XPS9370-7002SLV currently being tested at Phoronix, one of the areas I was most anxious to benchmark was the power consumption… For years it has been a problem of Linux on laptops generally leading to less battery life than on Windows, but in the past ~2+ years there has been some nice improvements within the Linux kernel and a renewed effort by developers at Red Hat and elsewhere on improving the Linux laptop battery life. Here are some initial power consumption numbers for this Dell XPS 13 under Windows 10 and then various Linux distributions.

        The Dell XPS 13.3-inch laptop for testing features the Intel Core i7 8550U (quad-core + HT) CPU with UHD Graphics 620, 2 x 4GB RAM, 256GB PM961 NVMe Samsung SSD, and its panel is a 1920 x 1080 resolution. For some initial basic tests I ran Windows 10 out-of-the-box and compared that to fresh installs of Ubuntu 18.04 LTS, Fedora Workstation 28, openSUSE Tumbleweed, and Clear Linux.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.13.3 Desktop Environment Released with More Than 30 Improvements

        The fast release cycle of the short-lived KDE Plasma 5.13 desktop environment continues today with the KDE Plasma 5.13.3 maintenance update, which comes just two weeks after the KDE Plasma 5.13.2 point release and three weeks after the first one. KDE Plasma 5.13.3 continues to improve the stability and security of the desktop environment by fixing various issues.

        A total of 33 changes have been recorded for the KDE Plasma 5.13.3 point release, which will soon be available in the official repositories of various popular GNU/Linux distributions, across several components, including Plasma Discover, Plasma Desktop, Plasma Workspace, plasma-integration, plasma-browser-integration, KWin, Plasma Addons, KDE GTK Config, and others.

      • WikiToLearn web app course editor almost done

        Hi, it’s a bit of time that I didn’t write a blog post and many things on WikiToLearn ecosystem happened. Course editor mode is almost finished: now you can add, remove and edit chapter on a course, with new revamped Dialog and Modal components for confirming and editing views. You can see it below in action.

    • GNOME Desktop/GTK

      • GUADEC 2018

        I’m feeling extremely grateful for the shot in the arm GUADEC provides by way of old friends, new friends, expert advice, enthusiasm, time-worn wisdom, and so many reminders of why we do this.

        I use FreeCAD for freelance work, and build the development version from git periodically. There is a copr nightly build for recent versions of Fedora, but not for Rawhide. The first person to whom I related this experience, David King, said the software would be ideal for the Flatpak treatment. Since then I’ve been getting a tutorial on building the YAML manifest, and after four days of hard work (thanks Dave!), it’s on the very brink of completion.

      • The GNOME Foundation Is Hiring

        Since its inception in 1997 by Miguel de Icaza and Federico Mena Quintero, who were university students at the time, GNOME has become one of the largest open source projects. It is best known for its desktop, which is a key part of the most popular GNU/Linux distributions, including Ubuntu, Debian, SuSE and Fedora. The project also has a long history of producing critical pieces of software infrastructure: common parts of countless open source systems and its software is found in televisions, e-book readers, in-vehicle infotainment systems, medical devices and much more.

        GNOME has also been a key player in the social evolution of the free software community. By founding the Outreach Program for Women (OPW), GNOME pioneered a program to help make its community more gender diverse. That program expanded its scope to encourage more types of diversity and has been adopted by many other open source projects and has evolved into the larger Outreachy program = run outside of GNOME.

  • Distributions

    • Arch Family

      • Arch Linux at FrOSCon

        Yet another shoutout for FrOSCon, which will be held 25th and 26th of August. Arch Linux will have a devroom with talks so far about Linux Pro Audio and our general Infrastructure / Reproducible build.

    • OpenSUSE/SUSE

      • Dolphin-Emu under openSUSE Leap 42.3

        A day after I formally announced my game console emulator repository, the Dolphin Emulator guys decided to merge a patch that makes Qt 5.9 mandatory. That means Dolphin is no longer compatible with openSUSE Leap 42.3 which comes with Qt 5.6.

        I take pride in myself for having a high-quality product, even if it’s just free video game stuff. Therefore my plan is this instead of simply disabling 42.3 and calling it a day:

        I’ll pick the last commit before that patch and build that Dolphin revision. Then I’ll disable the 42.3 target and build the most recent version for the other distributions. That way the last 42.3-compatible binaries stay on the download server until I remove the 42.3 target entirely which will be either when Leap 15.1 gets released or maybe even earlier.

    • Red Hat Family

      • Red Hat Security: Red Hat’s disclosure process

        Last week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around responsible disclosure. It has caused us to look back to see what went wrong so as to prevent this from happening in the future.

        Because of how important our relationships with the community and industry partners are and how seriously we treat non-public information irrespective of where it originates, we are taking this event as an opportunity to look internally at improvements and challenge assumptions we have held.

        We conducted a review and are using this to develop training around the handling of non-public information relating to security vulnerabilities, and ensuring that our relevant associates have a full understanding of the importance of engaging with upstreams as per their, and our, responsible disclosure guidelines. We are also clarifying communication mechanisms so that our associates are aware of the importance of and methods for notifying upstream of a vulnerability prior to public disclosure.

      • Celebrating Red Hat’s 25th anniversary: Red Hat partners have played an important role in our company journey

        As Red Hat celebrates 25 years, I would be remiss not to mention the role Red Hat partners have played in our company’s story. Partners have been an important multiplier for Red Hat and building our customer success. They are important to our future.

      • DH2i signs strategic-alignment agreement with Red Hat

        DH2i Co., a Fort Collins-based company that provides disaster-recovery solutions for Windows, Linux and Oracle databases, has signed a strategic-alignment agreement with Red Hat.

        After testing and validation, DH2i will become a Red Hat Technology Partner and has been certified on Red Hat Enterprise Linux 7.

      • Red Hat targets regional system integrators through program launch

        Red Hat has launched an Asia Pacific (APAC) program targeted at helping system integrators (SIs) build and modernise applications for the cloud.

        The new initiative is designed to allow partners to deliver new services at a lower cost and accelerate development for faster return on investment.

        Specifically, the Red Hat OpenShift Practice Builder Program has been designed to do just that, using the vendor’s container application platform, Openshift, and a portfolio of enterprise-class application and integration middleware software products, JBoss Middleware.

      • Virtualize your OpenStack control plane with Red Hat Virtualization and Red Hat OpenStack Platform 13

        With the release of Red Hat OpenStack Platform 13 (Queens) we’ve added support to Red Hat OpenStack Platform director to deploy the overcloud controllers as virtual machines in a Red Hat Virtualization cluster. This allows you to have your controllers, along with other supporting services such as Red Hat Satellite, Red Hat CloudForms, Red Hat Ansible Tower, DNS servers, monitoring servers, and of course, the undercloud node (which hosts director), all within a Red Hat Virtualization cluster. This can reduce the physical server footprint of your architecture and provide an extra layer of availability.

        Please note: this is not using Red Hat Virtualization as an OpenStack hypervisor (i.e. the compute service, which is already nicely done with nova via libvirt and KVM) nor is this about hosting the OpenStack control plane on OpenStack compute nodes.

      • ORock Technologies Achieves FedRAMP Moderate Authorization for ORockCloud

        As a Red Hat Premier Certified Cloud and Service Provider (CCSP), ORock Technologies architected ORockCloud as a “pure-play” Red Hat cloud that incorporates a suite of Red Hat’s open source solutions for enhanced flexibility, security features and control. These include: Red Hat Enterprise Linux; Red Hat OpenStack Platform; Red Hat Virtualization; Red Hat Ceph Storage; Red Hat CloudForms; Red Hat Ansible Tower; Red Hat Satellite; and associated cloud APIs.

      • Finance

    • Debian Family

      • Derivatives

        • Debian LTS work, June 2018

          I was assigned 15 hours of work by Freexian’s Debian LTS initiative and worked 12 hours, so I have carried 3 hours over to July. Since Debian 7 “wheezy” LTS ended at the end of May, I prepared for Debian 8 “jessie” to enter LTS status.

          I prepared a stable update of Linux 3.16, sent it out for review, and then released it. I rebased jessie’s linux package on this, but didn’t yet upload it.

        • Canonical/Ubuntu

          • Infographic: Ubuntu connects everything

            As highlighted in the Ubuntu is Everywhere infographic to coincide with the 16.04 LTS, Ubuntu is used by millions across every sector and technology imaginable. Two years on, and with 18.04 LTS now released, we take a new look at how Ubuntu has evolved and is at the heart of emerging technologies including AI, blockchain, robotics and more. We also share the growth of Ubuntu’s cloud presence and how Ubuntu continues to pervade multiple industries, devices and is used by millions globally.

          • Canonical launches Minimal Ubuntu for automated use at scale

            Canonical wants to optimize Ubuntu for scaled automated usage with the release of Minimal Ubuntu.

            According to the company, Minimal Ubuntu is the smallest base image of Ubuntu, with images less than half the size of the standard Ubuntu server image and a boot time that is 40 percent faster. Even with a small footprint, Canonical explained Minimal Ubuntu still preserves full compatibility with standard Ubuntu operations.

            It is designed for entirely automated operations and does not include the usual user-friendly utilities for interactive usage. The solution removes editors, documentation, locales, and other user-oriented features of Ubuntu Server, leaving only the vital parts of the boot sequence.

          • Canonical Releases Minimal Ubuntu, Mozilla Launches Two Mobile Test Pilot Experiments, Google Announces Jib for Java Developers, New Ubuntu Bug Discovered and Wine 3.12 Now Available

            Canonical released its new Minimal Ubuntu yesterday. According to the Ubuntu blog, Minimal Ubuntu is “optimized for automated use at scale, with a tiny package set and minimal security cross-section. Speed, performance and stability are primary concerns for cloud developers and ops.” The images are 50% smaller than the standard Ubuntu server images and they boot up to 40% faster. Minimal Ubuntu also is fully compatible with standard Ubuntu operations. You can download it here.

          • Graphical environments in the world of IoT

            The IoT promises to bring about a revolution in the way we interact with devices around us. While many IoT devices will be hidden away, from sensors that measure manufacturing tolerances in a factory to hubs that control lighting around the home, there are a class of devices that need to provide some sort of graphical output or display to the user. Some examples include digital signage, interactive kiosks, automotive in-car entertainment gateways, smart meters, and the plethora of display screens seen on everything from washing machines to smart thermostats. All of these examples need some way to output graphics to a screen display but in an embedded environment that is not always easy.

            Linux is one of the most popular OS choices for manufacturers and solution providers to use in IoT devices and with it there are a few options available for graphical environments. From custom software to drive the display, through direct frame buffer access with toolkits such as QT, to a full X windowing server. All of these options have their pros and cons and often it is a trade-off between custom software and off-the-shelf components to speed up development. Custom software takes time and requires developers to continue to maintain a code base for the lifetime of the device, while using a graphical toolkit such as QT requires less code but comes with commercial licencing. The open source X windowing server is a popular choice but, being over 30 years old, has some shortcomings. It has been well documented that the design of X windows, although revolutionary at the time, has some security risks especially around application isolation and privilege escalation which has led to efforts to replace it by redesigning the graphical server from the ground up. One such effort is Mir.

          • Canonical releases new infographic to show how Ubuntu Linux ‘connects everything’

            To highlight the ubiquitous nature of Ubuntu in particular, Canonical today releases an all-new infographic showing how this distribution “connects everything.” I urge you to give it a look, as it will open your eyes to just how important Ubuntu — and Linux overall — really is. Apparently, this is an update to a previous infographic released in 2016, refreshed for 2018 following the release of Ubuntu 18.04 Bionic Beaver.

          • This Infographic Reveals the Sheer Scale of Ubuntu’s Success

            Ever wondered just how widely used Ubuntu is? Well, wonder no more! Canonical has put together a new infographic to highlight the scale and success Ubuntu has achieved across an enviable assortment of computing sectors. And it’s compelling stuff.

          • Infographic: Ubuntu Linux Is Used by Millions Worldwide and Connects Everything

            Canonical has shared with us today a new infographic that shows how their Ubuntu Linux operating system is being used all over the world by big-name companies the offer their services to millions of consumers.

            More than two years ago, when Ubuntu 16.04 LTS (Xenial Xerus) was released, Canonical put together an infographic to show the world how many people use Ubuntu and on which devices. With Ubuntu 18.04 LTS (Bionic Beaver) out the door this year, they did it again and published a brand-new infographic to show the world that Ubuntu and Linux are everywhere.

          • Flavours and Variants

            • KDE Plasma bugfix release 5.12.6 is now available for Kubuntu 18.04 LTS

              The Kubuntu Community is please to announce that KDE Plasma 5.12.6, the latest bugfix release for Plasma 5.12 was made available for Kubuntu 18.04 LTS (the Bionic Beaver) users via normal updates.

              The full changelog for 5.12.6 contains scores of fixes, including fixes and polish for Discover and the desktop.

              These fixes should be immediately available through normal updates.

              The Kubuntu team wishes users a happy experience with the excellent 5.12 LTS desktop, and thanks the KDE/Plasma team for such a wonderful desktop to package.

            • Kubuntu 18.04 LTS Users Can Now Update to the KDE Plasma 5.12.6 LTS Desktop

              The Kubuntu team announced today the immediate availability of the latest KDE Plasma 5.12.6 LTS desktop environment for the Kubuntu 18.04 LTS (Bionic Beaver) operating system series.

              Released on April 26, 2018, Kubuntu 18.04 LTS (Bionic Beaver) operating system is supported for three years with software and security updates, which means that is ships with the long-term supported version of the KDE Plasma desktop environment, KDE Plasma 5.12 LTS.

  • Devices/Embedded

Free Software/Open Source

  • Alfresco Becomes First Open Source Vendor to Achieve DoD 5015.02 Chapter 3 Certification

    -Alfresco Software, a leading enterprise open source provider of process automation, content management, and information governance software, today announced that its Governance Services solution has been certified against the DoD 5015.02 CH3, the Department of Defense (DoD) standard for records management. The company is the first open source vendor to achieve this distinction.

  • Cavium CN81xx SoCs Now Supported By Upstream Coreboot

    Thanks to Facebook / Open Compute Project, the Octeon CN81xx SoCs are now supported by upstream Coreboot and happen to be the first Cavium ARM SoCs supported by this project.

    The Cavium Octeon CN81xx SoC family come in dual and quad-core ARMv8 designs and the intended use-case for these SoCs are within IoT, industrial control, networking equipment, and related fields.

  • Web Browsers

    • Browsh: A Modern, Text-Based Web Browser

      If the Lynx open-source text-based browser isn’t satisfying your needs with viewing modern web sites via the terminal, Browsh is a new entrant into the text-based web-browser space that seeks to support modern web standards.

      Phoronix reader Julius reports in this morning on the availability of Browsh, a text-based web browser that supports HTML5, CSS3, JavaScript, and even video and WebGL content. Granted, due to terminal limitations, the multimedia content becomes rather pixelated due to the low resolution.

    • Chrome

      • Are You a Fan of Google Chrome’s New Look?

        Perhaps it’s just me, but I don’t think the look of Google Chrome has altered all that much since it blinked into life in 2009.

        But that will shortly change.

        Rumour has it that Google plans to debut a new-look Google Chrome ahead of the browser’s 10th birthday in September.

        And if you’re a spoiler fan, the new look is already available for testing.

        Now, we’re not talking a revamp based on the old ‘boxy’ Material Design here. Oh no. The visual rejig Is based on the rounder, softer and more tactile Material Design 2 (on full display in Android P and arriving piecemeal to the Chrome OS desktop).

    • Mozilla

      • Notes is available on Android

        The mobile companion application supports the same multi-note and end-to-end encryption features as the WebExtension. After you sign in into the app, it will sync all your existing notes from Firefox desktop, so you can access them on the go. You can also use the app standalone, but we suggest you pair it with the WebExtension for maximum efficiency.

        Please provide any feedback and share your experience using the “Feedback” button in the app drawer. This is one of the first mobile Test Pilot experiments and we would like to hear from you and understand your expectations for future Test Pilot mobile applications.

      • Take your passwords everywhere with Firefox Lockbox

        Firefox users, you can now easily access the passwords you save in the browser in a lightweight iOS app!

        Download Firefox Lockbox from the App Store. Sign in with your Firefox Account, and your saved usernames and passwords will securely sync to your device using 256-bit encryption, giving you convenient access to your apps and websites, wherever you are. Find out more about the experiment on Firefox Test Pilot.

        We have so many online accounts, and it’s hard to keep track of them all. The browser can save them, but they’re not always easy to find or access later, especially when trying to get into the same account on mobile. The Firefox Lockbox iOS app is our first experiment to help you find and use your passwords everywhere.

      • Introducing Firefox’s First Mobile Test Pilot Experiments: Lockbox and Notes

        This summer, the Test Pilot team has been heads down working on experiments for our Firefox users. On the heels of our most recent and successful desktop Test Pilot experiments, Firefox Color and Side View, it was inevitable that the Test Pilot Program would expand to mobile.

        Today, we’re excited to announce the first Test Pilot experiments for your mobile devices. With these two experiences, we are pushing beyond the boundaries of the desktop browser and into mobile apps. We’re taking the first steps toward bringing Mozilla’s mission of privacy, security and control to mobile apps beyond the browser.

      • Review of Igalia’s Web Platform activities (H1 2018)

        Igalia has proposed and developed the specification for BigInt, enabling math on arbitrary-sized integers in JavaScript. Igalia has been developing implementations in SpiderMonkey and JSC, where core patches have landed. Chrome and Node.js shipped implementations of BigInt, and the proposal is at Stage 3 in TC39.

        Igalia is also continuing to develop several features for JavaScript classes, including class fields. We developed a prototype implementation of class fields in JSC. We have maintained Stage 3 in TC39 for our specification of class features, including static variants.

        We also participated to WebAssembly (now at First Public Working Draft) and internationalization features for new features such as Intl.RelativeTimeFormat (currently at Stage 3).

      • Firefox Lockbox: An iPhone App For All Your Passwords
      • Notes by Firefox is a simple Google Keep/Evernote alternative for Firefox users
      • Firefox Test Pilot Program Expands to Mobile With ‘Firefox Lockbox’ Password Storage iOS App
      • Mozilla tests a password manager for Firefox on iOS
      • With Lockbox and Notes, Mozilla launches its first set of mobile Test Pilot experiments
      • Firefox Launches a Password Manager for iPhone and Notes for Android
      • Firefox expands iOS footprint with new experimental ‘Lockbox’ password manager
      • Mozilla wants to make Firefox your iOS password manager
      • Mozilla Announces Firefox Lockbox, a Face ID-Compatible Password Manager for iOS

        After it made sure Firefox is one of the most popular web browsers on the desktop, Mozilla continues their quest to conquer the mobile world with new and innovative apps.

        Today, Mozilla announced that it had developed two new apps for Apple’s iOS and Google’s Android mobile operating systems, Firefox Lockbox for iOS and Notes by Firefox for Android. The two apps are currently available for testing through the company’s Mobile Test Pilot Experiments initiative.

        The Firefox Lockbox for iOS promises to be a password manager that you can take anywhere, so you won’t have to reset your new passwords when you forget them. While the app can sync passwords across devices, it’s only compatible with passwords save through the Firefox web browser via a Firefox Sync account.

      • New Site for Thunderbird and SeaMonkey Add-ons

        When Firefox Quantum (version 57) launched in November 2017, it exclusively supported add-ons built using WebExtensions APIs. addons.mozilla.org (AMO) has followed a parallel development path to Firefox and will soon only support WebExtensions-based add-ons.

        As Thunderbird and SeaMonkey do not plan to fully switch over to the WebExtensions API in the near future, the Thunderbird Council has agreed to host and manage a new site for Thunderbird and SeaMonkey add-ons. This new site, addons.thunderbird.net, will go live in July 2018.

        Starting on July 12th, all add-ons that support Thunderbird and SeaMonkey will be automatically ported to addons.thunderbird.net. The update URLs of these add-ons will be redirected from AMO to the new site and all users will continue to receive automatic updates. Developer accounts will also be ported and developers will be able to log in and manage their listings on the new site.

      • A Vision for Engineering Workflow at Mozilla (Part Three)

        This is the last post in a three-part series on A Vision for Engineering Workflow at Mozilla.

      • Why Isn’t Debugging Treated As A First-Class Activity?

        One thing developers spend a lot of time on is completely absent from both of these lists: debugging! Gitlab doesn’t even list anything debugging-related in its missing features. Why isn’t debugging treated as worthy of attention? I genuinely don’t know — I’d like to hear your theories!

        One of my theories is that debugging is ignored because people working on these systems aren’t aware of anything they could do to improve it. “If there’s no solution, there’s no problem.” With Pernosco we need to raise awareness that progress is possible and therefore debugging does demand investment. Not only is progress possible, but debugging solutions can deeply integrate into the increasingly cloud-based development workflows described above.

      • Bug futures: business models

        Recent question about futures markets on software bugs: what’s the business model?

        As far as I can tell, there are several available models, just as there are multiple kinds of companies that can participate in any securities or commodities market.

  • Databases

    • New CTIO at HIMSS is excited about big data streaming, open-source and noSQL databases

      HIMSS announced its first-ever chief technology and innovation officer this past month, with the hiring of Steve Wretling, a veteran CTO and CIO with deep experience in IT standards and specifications, enterprise architecture, mobile tech and more from his years in various positions at DaVita and Kaiser Permanente.

      Having been on the job for several weeks now, Wretling has some big ideas about the challenges healthcare is facing and the ways he can guide HIMSS in harnessing emerging technologies and innovative clinical and operational practices to help fix them.

      Wretling spoke to Healthcare IT News about his plans for improving stakeholder collaboration, homing in on more effective patient-centered care, tapping the potential of emerging data management technologies and more.

    • Call for Speakers Now Open for Percona Live Open Source Database Conference Europe 2018
  • Pseudo-Open Source (Openwashing)

  • BSD

  • Openness/Sharing/Collaboration

  • Programming/Development

    • Announcing Rust 1.27.1

      The Rust team is happy to announce a new version of Rust, 1.27.1. Rust is a systems programming language focused on safety, speed, and concurrency.

    • 6 IDEs you need to know about

      Linux has long been a favourite platform with developers due to the rich array of languages and toolchains available. In this article we highlight 6 IDEs that can boost your productivity. Each IDE is just a Snap away so you can easily craft your complete development workstation in seconds. Here are six of the best IDEs every developer should know about and an additional 14 bonus IDEs mentioned throughout the article for you to discover.

Leftovers

  • Health/Nutrition

    • Monopolies: State And Corporate Interests Surrounding Access To Medicines

      Amongst the many issues faced by developing countries to ensure access to medicines, cost is a primary one. Proposals to tackle it include limiting the price and regulating competitive conditions. Monopolies created by patents are seen by many as an impediment to accessing basic healthcare. Meanwhile, countries have realised that imposing stringent criteria for granting patents and taking a long duration to process them could be detrimental to them as much as resisting the regime.

      [...]

      Carlos Correa, executive director elect of the South Centre, opened the discussion of monopoly being an obstacle to affordable medicines as it drives the prices up. Setting the price according to market rates does not work for medicines due to the inelasticity of demand, he explained. People who can afford it or those insured can pay what the pharmaceutical company deems fit while others continue to suffer despite the existence of a cure.

      Dr Tedros, in his brief address, referred to turning a blind eye to such suffering as ‘moral decay’ of the society.

      Echoing those sentiments, Brazilian Ambassador ‎Maria Azevêdo termed access to medicines a human rights issue touching upon the right to life and the right to health. As she pointed out, public health is now a political issue where governments ‘have to deliver.’

  • Security

    • Security updates for Tuesday
    • Why you might want to wrap your car key fob in foil

      Given that the best way to store your car keys at night is by putting them in a coffee can, what’s an ex-FBI agent’s advice to protect cars from theft during the day?

      Wrap car fobs in aluminum foil.

      [...]

      He held up his fob and said, “This should be something we don’t need to wrap with foil. It’s 2018. Car companies need to find a way so no one can replicate the messages and the communication between the key and the vehicle.”

      [...]

      While auto industry engineers know a lot about traditional safety, quality, compliance and reliability challenges, cyber is an “adaptive adversary,” said Faye Francy, executive director of the nonprofit Automotive Information Sharing and Analysis Center, which specializes in cybersecurity strategies. “Automakers are starting to implement security features in every stage of design and manufacturing. This includes the key fob.”

    • Crooks install skimmer on point-of-sale machine in 2 seconds
    • Facebook add-on TimeHop has been pwned by hackers [sic]

      The big problem doesn’t affect UK users, but will be making our US cousins sweat – phone numbers were leaked. TimeHop recommends adding a PIN to your phone account because if abused, this could be used for identity theft – starting with, but not limited to, porting the number without permission.`

    • Malware Found in Arch Linux AUR Package Repository

      Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages.

      The malicious code has been removed thanks to the quick intervention of the AUR team.

    • Amateur bid to add code to Arch Linux packages found and squashed
    • Arch Linux AUR Repository Found to Contain Malware

      The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is yet another incident that showcases that Linux users should not explicitly trust user-controlled repositories.

    • Malware found in the Arch Linux AUR repository

      Here’s a report in Sensors Tech Forum on the discovery of a set of hostile packages in the Arch Linux AUR repository system. AUR contains user-contributed packages, of course; it’s not a part of the Arch distribution itself.

    • Fun with DAC_OVERRIDE and SELinux
    • Lukas Vrabec: Why do you see DAC_OVERRIDE SELinux denials?
    • With So Many Eyeballs, Is Open Source Security Better? [Ed: Ask a FOSS company. Not VMware. VMware puts back doors in its proprietary software blobs.]

      Back in 1999, Eric Raymond coined the term “Linus’ Law,” which stipulates that given enough eyeballs, all bugs are shallow.

      Linus’ Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security. In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus’ Law isn’t valid?

      According to Dirk Hohndel, VP and Chief Open Source Officer at VMware, Linus’ Law still works, but there are larger software development issues that impact both open source as well as closed source code that are of equal or greater importance.

    • The aftermath of the Gentoo GitHub hack [Ed: What a bad choice of password leads to.]

      Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.

    • New Variant of Spectre Security Flaw Discovered: Speculative Buffer Overflows

      Security researchers Vladimir Kiriansky (MIT) and Carl Waldspurger (Carl Waldspurger Consulting) have published a paper to disclose a new variant of the infamous Spectre security vulnerability, which creates speculative buffer overflows.

      In their paper, the two security researchers explain the attacks and defenses for the new Spectre variant they discover, which they call Spectre1.1 (CVE-2018-3693), a new variant of the first Spectre security vulnerability unearthed earlier this year and later discovered to have multiple other variants.

      The new Spectre flaw leverages speculative stores to create speculative buffer overflows. Similar to the classic buffer overflow security flaws, the new Spectre vulnerability is also known as “Bounds Check Bypass Store” or BCBS to distinguish it from the original speculative execution attack.

    • AT&T acquires open-source threat intelligence firm

      As AT&T continues down its network virtualization efforts using the open-source Open Networking Automation Platform (ONAP), the operator has acquired cybersecurity firm AlienVault, which uses open-source software to provide what the companies call “threat intelligence.” Financial details of the transaction were not disclosed; AT&T expects the deal to close in Q3 this year.

  • Environment/Energy/Wildlife/Nature

    • Nissan Falsifies Exhaust Emission Data in New Issue for Saikawa

      The data falsification, which occurred on 19 models across five plants in Japan, was found out when the company was carrying out an internal check about employees conducting final inspection of vehicles, Nissan said at its Yokohama headquarters Monday. The incident won’t lead to any recalls as the vehicles meet catalog specifications for fuel economy and emissions.

  • Finance

    • ‘They’ve Been Doing This Massive, Anti-Democratic Model of Education Reform’

      A new report from the RAND Corporation concludes that the multi-million-dollar teacher evaluation project, championed and partially bankrolled by Bill Gates, did not increase teachers’ effectiveness or improve students’ academic performance, including the low-income minority students that were presented as the initiative’s major beneficiaries.

      The Washington Post’s Valerie Strauss, a generally critical assessor of what’s called “education philanthropy,” covered this new report. But most corporate media appear uninterested in this challenge to a set of ideas about “failing public schools” and how to fix them, that they themselves play a notable role in promoting.

      Our next guest has critically engaged the Gates Foundation’s educational forays for years now. Wayne Au is professor at the University of Washington/Bothell Campus, and interim dean for diversity and equity on campus. He’s also editor at Rethinking Schools. He joins us now by phone from Seattle. Welcome back to CounterSpin, Wayne Au.

    • How to make the case for blockchain: 5 steps

      If you’re soliciting support for an early blockchain pilot test or project in your organization, you’ll need to explain both the underlying technology and how it can help the business.

      That’s true for any emerging technology, but this pair of tasks could be particularly tricky for IT leaders who want do a blockchain project. For starters, blockchain is tough to explain and understand, especially for non-technical people. Moreover, the hype surrounding Bitcoin and other cryptocurrencies tends to create some misconceptions about the fundamental blockchain tech behind those digital currencies.

      [...]

      For starters, completely separate blockchain from Bitcoin and other digital currencies.

      “The key is to divorce the innovation of blockchain and its value to enterprise from the headlines people may have seen about Bitcoin speculation or cryptocurrency scams,” says Wes Levitt, head of strategy at Theta Labs, makers of a decentralized, blockchain-powered video delivery network, Theta Token.

    • Trump’s Mar-a-Lago Resort Seeks to Hire 61 Foreign Workers

      Meanwhile, the Trump Organization is seeking to hire 61 foreign guest workers through the H-2B visa program to cook and clean at Trump’s private Mar-a-Lago resort in Palm Beach, Florida. While Trump has sought to crack down dramatically on nearly every form of immigration into the U.S. during his time in office, he has expanded the H-2B visa program, which benefits companies seeking to hire foreign workers for seasonal, low-wage work.

  • AstroTurf/Lobbying/Politics

    • India: WhatsApp under pressure to prevent misuse after spate of mob lynchings

      At least 20 people have been killed in mostly rural villages in several Indian states in attacks by mobs that had been inflamed by social media. Victims were accused in the viral messages of belonging to gangs trying to abduct children. The brutal attacks, which began in early May, have also left dozens of people injured.

      Although Indian authorities have clarified that there was no truth to the rumors and the targeted people were innocent, the deadly and brutal attacks, often captured on cellphones and shared on social media, have spread across the country.

    • EU Android anti-trust fine delayed due to Trump visit

      But sources said that the meeting had now been postponed to 17 July. Wednesdays are the days on which the EU executive normally announces decisions taken at its weekly meetings.

      On 8 June, reports said that the fine was due to be announced in the second week of July.

    • How Silicon Valley Fuels an Informal Caste System

      San Francisco residents seem to be divided into four broad classes, or perhaps even castes:

      [...]

      Inequality rarely decreases, and when it does it’s often as the result of wars, revolutions, pandemics, or state collapse. If there’s any nonviolent political hope here, it’s probably to be found among the Outer Party. The Inner Party lives estranged from reality. But the Outer Party still has to teach their kids not to pick up street needles and occasionally feels the depredations of crime to person or property (our household has experienced both within the past few months). Though the Outer Party has little collective identity, they have common interests around street cleanliness, crime, schools, and transit. Those interests expressed themselves in the recent mayoral election, where pro-development, pro-techie London Breed, a favorite among the tech Outer Party, narrowly defeated two mutually endorsing candidates in an electoral nail-biter. Breed broke from typical San Francisco progressive politics, proposing to eliminate homeless camps via government conservatorship (essentially forced institutionalization).1 Perhaps a city founded in a literal gold rush can foster a newfound civic spirit, at least among the gold miners, while in the midst of a figurative gold rush.

    • How Trump is Reshaping US Foreign Policy

      Other states, whether friend or foe, will be less willing to bargain with the United States when it is governed by an administration that reneges on previous agreements and that, other governments believe, bargains in bad faith. Such mistrust impedes the reaching not only of the sort of multilateral agreements that Trump rejects but also the sort of bilateral agreements that he says he favors. To return to Kagan’s typology, Trump’s America is moving closer to isolationism—in diplomacy, if not in the use of military force—not because isolationism is part of any Trump Doctrine but because it is a byproduct of Trump’s way of doing business.

  • Censorship/Free Speech

    • The Dark Money Behind Campus Speech Wars

      But Speech First looks like something else: a highly professional astro-turfing campaign, with a board of former Bush administration lawyers and longtime affiliates of the Koch family. The group is new to the campus culture wars: It incorporated in December and launched in February. But it has already received endorsements from the Department of Justice, which filed a statement of interest supporting Speech First in the Michigan case, stating in a subsequent press release that “freedom of speech and expression on the American campus are under attack.”

    • Reddit CEO tells user, “we are not the thought police,” then suspends that user

      Reddit has confirmed to Ars Technica that Huffman’s conversation, as posted by user “whatllmyusernamebe” on Sunday, is legitimate. The conversation begins with Huffman responding to the question, “Why do you admins not just ban hate speech?”

    • YouTube is fighting conspiracy theories with ‘authoritative’ context and outside links

      YouTube is also funding a number of partnerships. It’s establishing a working group that will provide input on how it handles news, and it’s providing money for “sustainable” video operations across 20 markets across the world, in addition to expanding an internal support team for publishers. (Vox Media, The Verge’s parent company, is a member of the working group.) It’s previously invested money in digital literacy programs for teenagers, recruiting prominent YouTube creators to promote the cause.

    • The rise of ‘pseudo-AI’: how tech firms quietly use humans to do bots’ work

      “Using a human to do the job lets you skip over a load of technical and business development challenges. It doesn’t scale, obviously, but it allows you to build something and skip the hard part early on,” said Gregory Koberger, CEO of ReadMe, who says he has come across a lot of “pseudo-AIs”.

    • A Numerical Exploration Of How The EU’s Article 13 Will Lead To Massive Censorship

      One of the key talking points from those in favor of Article 13 in the EU Copyright Directive is that people who claim it will lead to widespread censorship are simply making it up. We’ve explained many times why this is untrue, and how any time you put in place a system for taking down content, tons of perfectly legitimate content gets caught up in it. Some of this is from malicious takedowns, but much of it is just because algorithms make mistakes. And when you make mistakes at scale, bad things happen. Most of you are familiar with the concept of “Type 1″ and “Type 2″ errors in statistics. These can be more simply described as false positives and false negatives. Over the weekend, Alec Muffett decided to put together a quick “false positive” emulator to show how much of an impact this would have at scale and tweeted out quite a thread, that has since been un-threaded into a webpage for easier reading. In short, at scale, the “false positive” problem is pretty intense. A ton of non-infringing content is likely to get swept up in the mess.

      [...]

      This is one of the major problems that people don’t seem to comprehend when they talk about filtering (or even human moderating) content at scale. Even at impossibly high accuracy rates, a “small” percentage of false positives leads to a massive amount of non-infringing content being taken offline.

      Perhaps some people feel that this is acceptable “collateral damage” to deal with the relatively small amount of infringement on various platforms, but to deny that it will create widespread censorship of legitimate and non-infringing content is to deny reality.

    • Prominent Texas Surgeon Sues ProPublica and the Houston Chronicle

      A Texas heart surgeon whose practices recently have been the subject of stories by ProPublica and the Houston Chronicle filed a lawsuit this week against the news organizations alleging defamation.

      Dr. O.H. “Bud” Frazier brought the suit in Harris County (Texas) District Court, challenging a May story that examined concerns with the doctor’s conduct, as well as one last month addressing criticism of the first article. The suit also names the stories’ authors, reporters Charles Ornstein of ProPublica and Mike Hixenbaugh of the Chronicle, as defendants.

      Frazier, a famed heart transplant surgeon at Baylor St. Luke’s Medical Center and the Texas Heart Institute, asserts that the articles included errors and misleading statements “calculated to falsely portray Dr. Frazier as an inhumane physician.”

      “We have seen the complaint in this case, although we have not yet been served,” said Richard Tofel, president of ProPublica. “We think the lawsuit lacks merit, and we intend to defend it vigorously.”

    • Fake News Is A Meaningless Term, And Our Obsession Over It Continues To Harm Actual News

      Many people forget now, but in the wake of the 2016 election, it was mainly those opposed to Donald Trump who were screaming about “fake news.” They wanted an explanation for what they believed was impossible — and one thing that many, especially in the journalism field focused on, were the made up stories that got shared wildly on Facebook. At the time, we warned that nothing good would come from so many people blaming “fake news” for the election, and I think it’s fair to say we were correct on that. President Trump quickly co-opted the phrase and turned it into a mantra directed at any news story about him or his administration that he didn’t like.

      And, of course, the term was always meaningless. It encompassed such a broad spectrum of things — from completely made up stories, to stories with bad sourcing or an error, to stories that were spun in a way people didn’t like or found misleading, to stories with a minor mistake, to just stories someone didn’t like. But each of those is very, very different, and the way that different news organizations respond to these issues can be very different as well. For example, professional publications that make mistakes will publish corrections when they discover they’ve made an error. Sometimes they don’t do so well, and they don’t always do a very good job of publicizing the correction — but they do strive to get things right. That’s different than publications that simply put up purely fake stuff, just for the hell of it. And there really aren’t that many such sites. But by lumping them all in as fake news, people start to blur the distinctions, and think that basically everyone is just making shit up all the time.

    • ESPN Latest To Nix User Comments, Abdicate Its Responsibility For Fostering A Good Community

      Readers of this site will be aware of the trend over the past several years for news and media sites across the internet deciding to nix their respective comments sections. This wave of muzzles on the communities that previously participated in these sites has come with a variety of reasons or excuses, depending on your perspective. Some sites have noted that comments sections devolve into the worst humanity has to offer, with vile speech and spam-bots sucking up all of the digital oxygen. Other sites have suggested that some sort of liability comes along with any proper moderation of their comments sections. Still others have pointed towards social media platforms that can better take over the duties as some sort of 3rd party community gathering place, be it on Facebook or Twitter. All of these reasons are silly and false, or they simply abdicate the site’s responsibility for fostering a well-functioning community of commenters. Here at Techdirt, we love our own community and value the ever-living hell out of our comments, be they supporters of our positions or well-meaning dissenters. Trolls come along for the ride, of course, but we trust our own community to act as a moderating force against them.

  • Privacy/Surveillance

    • Proxies Vs. VPNs Vs. Tor Browser

      In a world where global transactions take place within seconds of initiation. Where Millions of cryptocurrency coins are exchanged across the framework of distributed systems. Internet security is and will always remain a major concern.
      It is estimated that a half of the world’s population will prioritize their network privacy more than their homeland security by the year 2025. This is accounted for the rapid shift from physical business to online digital business as well as increased social media activity.

      ​Proxies, VPNs, and TOR are all tool for ensuring internet security. They all share a common goal of ensuring the internet user anonymity while using the network. At least in this one respect, they are all look-alikes and therefore why most people find it difficult to differentiate them. In this article, we are going to take a look at three of them, their pros and cons and when to favour any of them against the rest. ​

    • FBI Decides To Ruin A Man’s Life Over Nude Photos Of His Legal Girlfriend He Took Seven Years Ago

      The relationship was completely legal. The pictures somehow aren’t, even though no one could legally call the relationship (as it existed seven years ago) “exploitation” or “enticement.” But they can call the photos illegal and they can retcon the consensual relationship into a predator/prey dynamic using federal child porn charges.

      The testimony referenced above wasn’t meant to incriminate Edward Marrero. He was testifying on behalf of another person facing child porn charges. When he detailed the pictures he took while in a consensual relationship with a 17-year-old, the feds decided to swear out an arrest warrant. While Marrero was informed of his Fifth Amendment rights, he most likely thought what he stated in court wasn’t incriminating (because the girlfriend was over the age of consent) or that the government would view his statements rationally and not immediately move to have him arrested.

      As Guy Hamilton-Smith pointed out on Twitter, the federal government is being as punitive as possible, as quickly as possible. Marrero’s initial appearance was greeted with immediate detention and he’s been placed in the custody of the US Marshals. All this is happening over photos taken seven years ago by people in a consensual relationship. The accused wasn’t producing child porn by any rational definition of the statute. But it can be read in irrational ways to ruin lives just because.

    • Grassroots Group Confronts Privacy-Invasive WiFi Kiosks in New York

      Free WiFi all across New York City? It might sound like a dream to many New Yorkers, until the public learned that it wasn’t “free” at all. LinkNYC, a communications network that is replacing public pay phones with WiFi kiosks across New York City, is paid for by advertising that tracks users, festooned with cameras and microphones, and has questionable processes for allowing the public to influence its data handling policies.

      These kiosks also gave birth to ReThink LinkNYC, a grassroots community group that’s uniting New Yorkers from different backgrounds in standing up for their privacy. In a recent interview with EFF, organizers Adsilla Amani and Mari Dej described the organization as a “hodgepodge of New Yorkers” who were shocked by the surveillance-fueled WiFi kiosks entering their neighborhoods. More importantly, they saw opportunity. As Dej described, “As we began scratching the surface, [we] saw that this was an opportunity as well to highlight some of the problems that are largely invisible with data brokers and surveillance capitalism.”

    • California Shopping Centers Are Spying for an ICE Contractor

      A company that operates 46 shopping centers up and down California has been providing sensitive information collected by automated license plate readers (ALPRs) to Vigilant Solutions, a surveillance technology vendor that in turn sells location data to Immigrations & Customs Enforcement.

      The Irvine Company—a real estate company that operates malls in Irvine, La Jolla, Newport Beach, Redwood City, San Jose, Santa Clara and Sunnyvale—has been conducting the ALPR surveillance since just before Christmas 2016, according to an ALPR Usage and Privacy Policy published on its website (archived version). The policy does not say which of its malls use the technology, only disclosing that the company and its contractors operates ALPRs at “one or more” of its locations.

      Automated license plate recognition is a form of mass surveillance in which cameras capture images of license plates, convert the plate into plaintext characters, and append a time, date, and GPS location. This data is usually fed into a database, allowing the operator to search for a particular vehicle’s travel patterns or identify visitors to a particular location. By adding certain vehicles to a “hot list,” an ALPR operator can receive near-real time alerts on a person’s whereabouts.

      EFF contacted the Irvine Company with a series of questions about the surveillance program, including which malls deploy ALPRs and how much data has been collected and shared about its customers and employees. After accepting the questions via phone, Irvine Company did not provide further response or answer questions.

    • NYT Sees ‘Dystopia’ in Chinese Surveillance—Which Looks a Lot Like US Surveillance

      The China piece does have a couple of acknowledgements that these issues are not totally foreign to the United States. At one point it notes: “Already, China has an estimated 200 million surveillance cameras — four times as many as the United States.” Not noted: China has a bit more than four times the population of the United States. At another point, it mentions that the US director of national intelligence held an “open contest for facial recognition algorithms” in 2017—which a Chinese company won. But you won’t likely see New York Times headlines about the “dystopian dreams” of the US surveillance state.

      In an indication that surveillance isn’t the only area where the Times has the ability to report on woes in other countries without recognizing that its own country has troubles that are similar or worse, the article describes the impetus behind China’s population-monitoring drive: “China’s economy isn’t growing at the same pace. It suffers from a severe wealth gap.”

      As it happens, by the standard measure of inequality, the GINI coefficient, the US and China are almost exactly as unequal—41 vs. 42.2, according to the World Bank—and China’s GDP is growing almost twice as fast. Would the New York Times ever cite the US’s wealth gap and slowing growth as an explanation for the expansion of the NSA’s powers?

    • How New Jersey keeps online gamblers from crossing digital state lines

      The last piece of technology used by New Jersey online casinos use to pinpoint your location is through your IP address (Internet Protocol). Any computer logged onto the web will show its IP address, which is a fairly accurate way to track the location of the network used to log online. Of course there are now plenty of highly sophisticated virtual private networks available which dedicated gamblers can use to divert their IP address, making it appear as though they are logging in from New Jersey when in fact they can be located at any other point around the globe. However, to get the most out of a VPN, one has to pay for it, which may be a bridge too far for most gamblers. Professional gamblers on the other hand, may be quite prepared to offset the cost of a good VPN with the winnings they can potentially make at New Jersey online casinos.

    • 3 charged in elaborate robberies using Snapchat
  • Civil Rights/Policing

    • DNA Collection is Not the Answer to Reuniting Families Split Apart by Trump’s “Zero Tolerance” Program

      The Trump Administration’s “zero tolerance” program of criminally prosecuting all undocumented adult immigrants who cross the U.S.-Mexico border has had the disastrous result of separating as many as 3,000 children—many no older than toddlers—from their parents and family members. The federal government doesn’t appear to have kept track of where each family member has ended up. Now politicians, agency officials, and private companies argue DNA collection is the way to bring these families back together. DNA is not the answer.

      Politicians argue DNA collection is the way to bring these families back together. DNA is not the answer.

      Two main DNA-related proposals appear to be on the table. First, in response to requests from U.S. Representative Jackie Speier, two private commercial DNA-collection companies proposed donating DNA sampling kits to verify familial relationships between children and their parents. Second, the federal Department of Health and Human Services has said it is either planning to or has already started collecting DNA from immigrants, also to verify kinship.

      Both of these proposals threaten not just the privacy, security, and liberty of undocumented immigrants swept up in Trump’s Zero Tolerance program but also the privacy, security, and liberty of everyone related to them.

    • Family Separation in Court: What You Need to Know

      Reunifications, government foot-dragging, and a federal judge determined to hold the administration accountable.

      On June 26, a federal judge issued a national injunction in the ACLU’s class action lawsuit against the Trump administration’s policy of separating children and parents at the border. He ordered the government to reunite all children under five with their parents by Tuesday, July 10, and all remaining children by July 26.

      Since then, the administration has been scrambling to create a plan and process to meet the court’s deadlines and reunite thousands of families.

    • It’s Not Just Roe: How the Future Supreme Court Could Gut Abortion Rights

      A new Supreme Court could effectively decimate women’s access to abortion, even without overturning Roe outright.

      Now that President Donald Trump has nominated Brett Kavanaugh to replace Justice Anthony Kennedy on the Supreme Court, it will be up to the Senate to fully vet him so that the American people can determine whether he will uphold the basic civil rights and liberties relied on by everyone in this country. This is particularly true when it comes to abortion rights, where Kavanaugh’s prior opinions on the subject, coupled with the fact that Donald Trump vowed to only nominate justices who would overturn Roe v. Wade, give rise to serious concern about women’s continued ability to access abortion if Kavanaugh is confirmed.

  • Internet Policy/Net Neutrality

    • AT&T Is Very Excited To Try And Ruin HBO

      Ma bell isn’t much fun at parties. While traditional telcos desperately want to pivot from broadband and cable to video and online advertising, that transition has been challenging. Especially for a sector that has spent the last 30 years as government-pampered regional mono/duopolies. Many of these companies are good at running a network or lobbying government to stifle competition, but they’re simply not very good at things like creativity, innovation, or disruption. That was recently made abundantly clear by Verizon’s face plant after it tried to launch a sexy new Millennial-focused video platform dubbed Go90.

      AT&T suffers from the same disease, and it may soon manifest in abundance.

      You’ll recall that AT&T’s $86 billion acquisition of Time Warner was allowed to proceed after a comically narrow reading of the market by U.S. District Court Judge Richard Leon. At absolutely no point in his 172-page ruling, did Leon show the faintest awareness that AT&T wants to use the gutting of the FCC, the elimination of net neutrality rules, and vertical integration synergistically to behave anti-competitively in the broadband and streaming video space, something that’s obvious to anybody that has spent thirty seconds watching AT&T do business.

    • SCOTUS Nominee Kavanaugh Bought Verizon’s Silly Argument That Breaking Net Neutrality Is A 1st Amendment Right

      Telling Verizon that it can’t abuse a lack of broadband competition to hinder certain services from working online is not a free speech issue, full stop. That said, painting Verizon as the victim when it’s the company’s own anti-competitive actions that were threatening small businesses and legitimate expression gives you a pretty solid grasp of the hubris of large, incumbent telecom operators.

      Ultimately Verizon won the 2010 fight and had the rules scuttled due to FCC over reach (which is why Wheeler ultimately embraced Title II in 2015), but it had absolutely nothing to do with the ISP’s First Amendment argument. Still, that argument played a starring role when ISPs again sued to overturn the FCC’s tougher, 2015 rules. Comcast, AT&T, Verizon, and other major ISPs all again clung tightly to the flimsy First Amendment claim, despite even they knowing it was absurd and fundamentally unsound.

  • Intellectual Monopolies

    • Copyrights

      • YouTuber in row over copyright infringement of his own song

        “Just like probably all the music YouTubers out there,” he explained in a video to his 625,000 subscribers, “once in a while I get an email stating I’m infringing on someone’s copyrighted material.”

        [...]

        Paul had been accused of plagiarising his own music – and worse, all the money that video was earning would now be directed towards the person who copied his content.

        [...]

        At the heart of the controversy is YouTube’s Content ID system – the automatic process which decides whether a video contains copyright infringement.At the heart of the controversy is YouTube’s Content ID system – the automatic process which decides whether a video contains copyright infringement.

      • Two Men Sentenced to Jail For Selling ‘Ooberstick’ Kodi Devices

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts