EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.11.18

Links 11/7/2018: Xen 4.11, Ubuntu Infographics, Lockbox and Notes

Posted in News Roundup at 12:52 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Server

    • Shippable’s Software

      What’s interesting is that Shippable isn’t targeting developers for the Internet of Things or smartphones, ARM’s typical base, but is betting that the reduced instruction set architecture is on its way to having a big impact in data centers.

    • Cloud Computing in HPC Surges [Ed: No, it doesn't. They just came up with this buzzword. These are still just servers.]

      According to the two leading analyst firms covering the high performance computing market, the use of the cloud for HPC workloads is looking a lot more attractive to users these days.

    • Clear Linux Now Supports Kata Containers

      At the end of last year the Intel Clear Linux project’s Clear Containers initiative morphed into OpenStack’s Kata Containers. Clear Linux now supports the resulting Kata Containers.

      Clear Containers had been the Intel / Clear Linux project focused on providing performant Linux containers as well as greater security through Intel VT-d and other engineering improvements. Kata Containers took that foundation and has evolved it under the stewardship of OpenStack and participation from many different organizations.

  • Audiocasts/Shows

    • Episode 31 | This Week in Linux

      Linux Mint 19 “Tara” was Released. Elementary releases a Developer Preview for their new version called “Juno”. Kdenlive issues a request to the community for beta testing of the next generation of Kdenlive. We do a follow up on the EU’s Copyright Reform Directive, this time it’s good news, at least for now. We discuss the SUSE acquisition by EQT. Ubuntu Studio created a cool guide to Audio Production on Linux. Later in the show we look at what is coming for Xubuntu 18.10 and also the latest release from Redcore Linux. All that and much more.

  • Kernel Space

    • USB Type-C DisplayPort Alternate Mode Driver Coming To Linux 4.19

      The USB Type-C DisplayPort Alternate Mode driver will be coming to the Linux 4.19 kernel.

      Intel developers have been working on a USB Type-C DisplayPort Alternate Mode support for the mainline Linux kernel so it can play nicely with hardware supporting DP displays/adapters over the USB Type-C interface.

      That work is now ready for mainline with USB subsystem maintainer Greg Kroah-Hartman pulling the USB Type-C DisplayPort Alternate Mode support into his usb-next Git branch of material that will end up landing in Linux 4.19.

    • Linux Foundation

      • What’s New in the Xen Project Hypervisor 4.11

        I am pleased to announce the release of the Xen Project Hypervisor 4.11. One of our long-term development goals since the introduction of Xen Project Hypervisor 4.8 has been to create a cleaner architecture for core technology, less code and a smaller computing base for security and performance. The Xen 4.11 release has followed this approach by delivering more PVH related functionality: PVH Dom0 support is now available as experimental feature and support for running unmodified PV guests in a PVH Container has been added. In addition, significant chunks of the ARM port have been rewritten.

      • Xen Project Hypervisor: Virtualization and Power Management are Coalescing into an Energy-Aware Hypervisor

        Power management in the Xen Project Hypervisor historically targets server applications to improve power consumption and heat management in data centers reducing electricity and cooling costs. In the embedded space, the Xen Project Hypervisor faces very different applications, architectures and power-related requirements, which focus on battery life, heat, and size.

        Although the same fundamental principles of power management apply, the power management infrastructure in the Xen Project Hypervisor requires new interfaces, methods, and policies tailored to embedded architectures and applications. This post recaps Xen Project power management, how the requirements change in the embedded space, and how this change may unite the hypervisor and power manager functions.

      • Xen Hypervisor 4.11 Released With Many Core Improvements

        It’s one month late but the Xen Project Hypervisor 4.11 release is available today with great scads of new features.

      • Xen 4.11 Improves Server Virtualization with PVH

        The open source Xen Project, which is hosted as a Linux Foundation effort, issued its first major release of 2018 on July 10.

        The Xen Project Hypervisor 4.11 release comes after months of development, and follows the 4.10 update that became available at the end of 2017. Xen 4.10 included some initial support for PVH (Paravirtualization Hardware), which has been further extended in the 4.11 update.

      • ​Re-engineering Xen: The important open-source hypervisor gets remodeled

        Xen is open-source royalty. This hypervisor, which runs and manages virtual machines (VMs), powers some of the largest clouds. You know their names: Amazon Web Services (AWS), Tencent, Alibaba Cloud, Oracle Cloud, and IBM SoftLayer. It’s also the foundation for VM products from Citrix, Huawei, Inspur, and Oracle. But, with the release of its latest edition, Xen Project Hypervisor 4.11, there are major changes under the hood.

      • Xen 4.11 debuts new ‘PVH’ guest type, for the sake of security

        The Xen Project has released version 4.11 of its hypervisor.

        As we reported last week, it’s more than a month late, but the projects leaders thinks it is worth the wait because this release delivers on an ambition to “create a cleaner architecture for core technology, less code and a smaller computing base for security and performance.”

        A big part of delivering on that is increased use of PVH – a type of virtualization that Xen reckons blends the best of paravirtualization (PV) and Hardware Virtual Machines (HVM). PV virtualizes hardware so a guest can offer kit not found on its host, but doesn’t use virtualization extensions in silicon. HVM can use those extensions and therefore offers each VM isolated emulated hardware.

      • Last Chance to Speak at Hyperledger Global Forum | Deadline is This Friday

        Hyperledger Global Forum is the premier event showcasing the real uses of distributed ledger technologies for businesses and how these innovative technologies run live in production networks today. Hyperledger Global Forum unites the industry’s most respected thought leaders, domain experts, and key maintainers behind popular frameworks and tools like Hyperledger Fabric, Sawtooth, Indy, Iroha, Composer, Explorer, and more.

    • Graphics Stack

      • Linux 4.18 AMDGPU Tests: Vega Taking A Hit

        Being roughly mid-way through the Linux 4.18 kernel development cycle, I spent some time this weekend running benchmarks of the AMDGPU DRM driver on Linux 4.18 Git compared to Linux 4.17 stable on three different Radeon graphics cards while using the Mesa 18.1.3 based drivers.

      • Radeon ROCm 1.8.2 Compute Stack In Beta, Might Work Under Ubuntu 18.04 LTS

        A new beta of the Radeon Open Compute “ROCm” stack was quietly made available for v1.8.2.

        While ROCm 1.9 will officially support Ubuntu 18.04 LTS, it looks like the ROCm 1.8.2 beta might contain preliminary Ubuntu 18.04 LTS “Bionic Beaver” support. A ROCm 1.8.2 beta user has commented that he was able to get 1.8.2 working on Ubuntu 18.04 with the Linux 4.16 kernel with the AMDKFD kernel driver.

      • Vulkan-Virgl Continues Progressing For Getting Vulkan Within VMs

        One of the most exciting Google Summer of Code 2018 projects is Vulkan-Virgl for supporting this modern graphics/compute API within virtual machines.

        Vulkan-Virgl is based off the existing Virgl initiative that has been providing OpenGL hardware acceleration to guest VMs using VirtIO-GPU and paired with some Mesa code and the Virgl rendering library. The GSoC 2018 project is making Virgl work with both OpenGL and Vulkan APIs.

    • Benchmarks

      • A Look At The Windows 10 vs. Linux Power Consumption On A Dell XPS 13 Laptop

        With the current-generation Dell XPS 13 XPS9370-7002SLV currently being tested at Phoronix, one of the areas I was most anxious to benchmark was the power consumption… For years it has been a problem of Linux on laptops generally leading to less battery life than on Windows, but in the past ~2+ years there has been some nice improvements within the Linux kernel and a renewed effort by developers at Red Hat and elsewhere on improving the Linux laptop battery life. Here are some initial power consumption numbers for this Dell XPS 13 under Windows 10 and then various Linux distributions.

        The Dell XPS 13.3-inch laptop for testing features the Intel Core i7 8550U (quad-core + HT) CPU with UHD Graphics 620, 2 x 4GB RAM, 256GB PM961 NVMe Samsung SSD, and its panel is a 1920 x 1080 resolution. For some initial basic tests I ran Windows 10 out-of-the-box and compared that to fresh installs of Ubuntu 18.04 LTS, Fedora Workstation 28, openSUSE Tumbleweed, and Clear Linux.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.13.3 Desktop Environment Released with More Than 30 Improvements

        The fast release cycle of the short-lived KDE Plasma 5.13 desktop environment continues today with the KDE Plasma 5.13.3 maintenance update, which comes just two weeks after the KDE Plasma 5.13.2 point release and three weeks after the first one. KDE Plasma 5.13.3 continues to improve the stability and security of the desktop environment by fixing various issues.

        A total of 33 changes have been recorded for the KDE Plasma 5.13.3 point release, which will soon be available in the official repositories of various popular GNU/Linux distributions, across several components, including Plasma Discover, Plasma Desktop, Plasma Workspace, plasma-integration, plasma-browser-integration, KWin, Plasma Addons, KDE GTK Config, and others.

      • WikiToLearn web app course editor almost done

        Hi, it’s a bit of time that I didn’t write a blog post and many things on WikiToLearn ecosystem happened. Course editor mode is almost finished: now you can add, remove and edit chapter on a course, with new revamped Dialog and Modal components for confirming and editing views. You can see it below in action.

    • GNOME Desktop/GTK

      • GUADEC 2018

        I’m feeling extremely grateful for the shot in the arm GUADEC provides by way of old friends, new friends, expert advice, enthusiasm, time-worn wisdom, and so many reminders of why we do this.

        I use FreeCAD for freelance work, and build the development version from git periodically. There is a copr nightly build for recent versions of Fedora, but not for Rawhide. The first person to whom I related this experience, David King, said the software would be ideal for the Flatpak treatment. Since then I’ve been getting a tutorial on building the YAML manifest, and after four days of hard work (thanks Dave!), it’s on the very brink of completion.

      • The GNOME Foundation Is Hiring

        Since its inception in 1997 by Miguel de Icaza and Federico Mena Quintero, who were university students at the time, GNOME has become one of the largest open source projects. It is best known for its desktop, which is a key part of the most popular GNU/Linux distributions, including Ubuntu, Debian, SuSE and Fedora. The project also has a long history of producing critical pieces of software infrastructure: common parts of countless open source systems and its software is found in televisions, e-book readers, in-vehicle infotainment systems, medical devices and much more.

        GNOME has also been a key player in the social evolution of the free software community. By founding the Outreach Program for Women (OPW), GNOME pioneered a program to help make its community more gender diverse. That program expanded its scope to encourage more types of diversity and has been adopted by many other open source projects and has evolved into the larger Outreachy program = run outside of GNOME.

  • Distributions

    • Arch Family

      • Arch Linux at FrOSCon

        Yet another shoutout for FrOSCon, which will be held 25th and 26th of August. Arch Linux will have a devroom with talks so far about Linux Pro Audio and our general Infrastructure / Reproducible build.

    • OpenSUSE/SUSE

      • Dolphin-Emu under openSUSE Leap 42.3

        A day after I formally announced my game console emulator repository, the Dolphin Emulator guys decided to merge a patch that makes Qt 5.9 mandatory. That means Dolphin is no longer compatible with openSUSE Leap 42.3 which comes with Qt 5.6.

        I take pride in myself for having a high-quality product, even if it’s just free video game stuff. Therefore my plan is this instead of simply disabling 42.3 and calling it a day:

        I’ll pick the last commit before that patch and build that Dolphin revision. Then I’ll disable the 42.3 target and build the most recent version for the other distributions. That way the last 42.3-compatible binaries stay on the download server until I remove the 42.3 target entirely which will be either when Leap 15.1 gets released or maybe even earlier.

    • Red Hat Family

      • Red Hat Security: Red Hat’s disclosure process

        Last week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around responsible disclosure. It has caused us to look back to see what went wrong so as to prevent this from happening in the future.

        Because of how important our relationships with the community and industry partners are and how seriously we treat non-public information irrespective of where it originates, we are taking this event as an opportunity to look internally at improvements and challenge assumptions we have held.

        We conducted a review and are using this to develop training around the handling of non-public information relating to security vulnerabilities, and ensuring that our relevant associates have a full understanding of the importance of engaging with upstreams as per their, and our, responsible disclosure guidelines. We are also clarifying communication mechanisms so that our associates are aware of the importance of and methods for notifying upstream of a vulnerability prior to public disclosure.

      • Celebrating Red Hat’s 25th anniversary: Red Hat partners have played an important role in our company journey

        As Red Hat celebrates 25 years, I would be remiss not to mention the role Red Hat partners have played in our company’s story. Partners have been an important multiplier for Red Hat and building our customer success. They are important to our future.

      • DH2i signs strategic-alignment agreement with Red Hat

        DH2i Co., a Fort Collins-based company that provides disaster-recovery solutions for Windows, Linux and Oracle databases, has signed a strategic-alignment agreement with Red Hat.

        After testing and validation, DH2i will become a Red Hat Technology Partner and has been certified on Red Hat Enterprise Linux 7.

      • Red Hat targets regional system integrators through program launch

        Red Hat has launched an Asia Pacific (APAC) program targeted at helping system integrators (SIs) build and modernise applications for the cloud.

        The new initiative is designed to allow partners to deliver new services at a lower cost and accelerate development for faster return on investment.

        Specifically, the Red Hat OpenShift Practice Builder Program has been designed to do just that, using the vendor’s container application platform, Openshift, and a portfolio of enterprise-class application and integration middleware software products, JBoss Middleware.

      • Virtualize your OpenStack control plane with Red Hat Virtualization and Red Hat OpenStack Platform 13

        With the release of Red Hat OpenStack Platform 13 (Queens) we’ve added support to Red Hat OpenStack Platform director to deploy the overcloud controllers as virtual machines in a Red Hat Virtualization cluster. This allows you to have your controllers, along with other supporting services such as Red Hat Satellite, Red Hat CloudForms, Red Hat Ansible Tower, DNS servers, monitoring servers, and of course, the undercloud node (which hosts director), all within a Red Hat Virtualization cluster. This can reduce the physical server footprint of your architecture and provide an extra layer of availability.

        Please note: this is not using Red Hat Virtualization as an OpenStack hypervisor (i.e. the compute service, which is already nicely done with nova via libvirt and KVM) nor is this about hosting the OpenStack control plane on OpenStack compute nodes.

      • ORock Technologies Achieves FedRAMP Moderate Authorization for ORockCloud

        As a Red Hat Premier Certified Cloud and Service Provider (CCSP), ORock Technologies architected ORockCloud as a “pure-play” Red Hat cloud that incorporates a suite of Red Hat’s open source solutions for enhanced flexibility, security features and control. These include: Red Hat Enterprise Linux; Red Hat OpenStack Platform; Red Hat Virtualization; Red Hat Ceph Storage; Red Hat CloudForms; Red Hat Ansible Tower; Red Hat Satellite; and associated cloud APIs.

      • Finance

    • Debian Family

      • Derivatives

        • Debian LTS work, June 2018

          I was assigned 15 hours of work by Freexian’s Debian LTS initiative and worked 12 hours, so I have carried 3 hours over to July. Since Debian 7 “wheezy” LTS ended at the end of May, I prepared for Debian 8 “jessie” to enter LTS status.

          I prepared a stable update of Linux 3.16, sent it out for review, and then released it. I rebased jessie’s linux package on this, but didn’t yet upload it.

        • Canonical/Ubuntu

          • Infographic: Ubuntu connects everything

            As highlighted in the Ubuntu is Everywhere infographic to coincide with the 16.04 LTS, Ubuntu is used by millions across every sector and technology imaginable. Two years on, and with 18.04 LTS now released, we take a new look at how Ubuntu has evolved and is at the heart of emerging technologies including AI, blockchain, robotics and more. We also share the growth of Ubuntu’s cloud presence and how Ubuntu continues to pervade multiple industries, devices and is used by millions globally.

          • Canonical launches Minimal Ubuntu for automated use at scale

            Canonical wants to optimize Ubuntu for scaled automated usage with the release of Minimal Ubuntu.

            According to the company, Minimal Ubuntu is the smallest base image of Ubuntu, with images less than half the size of the standard Ubuntu server image and a boot time that is 40 percent faster. Even with a small footprint, Canonical explained Minimal Ubuntu still preserves full compatibility with standard Ubuntu operations.

            It is designed for entirely automated operations and does not include the usual user-friendly utilities for interactive usage. The solution removes editors, documentation, locales, and other user-oriented features of Ubuntu Server, leaving only the vital parts of the boot sequence.

          • Canonical Releases Minimal Ubuntu, Mozilla Launches Two Mobile Test Pilot Experiments, Google Announces Jib for Java Developers, New Ubuntu Bug Discovered and Wine 3.12 Now Available

            Canonical released its new Minimal Ubuntu yesterday. According to the Ubuntu blog, Minimal Ubuntu is “optimized for automated use at scale, with a tiny package set and minimal security cross-section. Speed, performance and stability are primary concerns for cloud developers and ops.” The images are 50% smaller than the standard Ubuntu server images and they boot up to 40% faster. Minimal Ubuntu also is fully compatible with standard Ubuntu operations. You can download it here.

          • Graphical environments in the world of IoT

            The IoT promises to bring about a revolution in the way we interact with devices around us. While many IoT devices will be hidden away, from sensors that measure manufacturing tolerances in a factory to hubs that control lighting around the home, there are a class of devices that need to provide some sort of graphical output or display to the user. Some examples include digital signage, interactive kiosks, automotive in-car entertainment gateways, smart meters, and the plethora of display screens seen on everything from washing machines to smart thermostats. All of these examples need some way to output graphics to a screen display but in an embedded environment that is not always easy.

            Linux is one of the most popular OS choices for manufacturers and solution providers to use in IoT devices and with it there are a few options available for graphical environments. From custom software to drive the display, through direct frame buffer access with toolkits such as QT, to a full X windowing server. All of these options have their pros and cons and often it is a trade-off between custom software and off-the-shelf components to speed up development. Custom software takes time and requires developers to continue to maintain a code base for the lifetime of the device, while using a graphical toolkit such as QT requires less code but comes with commercial licencing. The open source X windowing server is a popular choice but, being over 30 years old, has some shortcomings. It has been well documented that the design of X windows, although revolutionary at the time, has some security risks especially around application isolation and privilege escalation which has led to efforts to replace it by redesigning the graphical server from the ground up. One such effort is Mir.

          • Canonical releases new infographic to show how Ubuntu Linux ‘connects everything’

            To highlight the ubiquitous nature of Ubuntu in particular, Canonical today releases an all-new infographic showing how this distribution “connects everything.” I urge you to give it a look, as it will open your eyes to just how important Ubuntu — and Linux overall — really is. Apparently, this is an update to a previous infographic released in 2016, refreshed for 2018 following the release of Ubuntu 18.04 Bionic Beaver.

          • This Infographic Reveals the Sheer Scale of Ubuntu’s Success

            Ever wondered just how widely used Ubuntu is? Well, wonder no more! Canonical has put together a new infographic to highlight the scale and success Ubuntu has achieved across an enviable assortment of computing sectors. And it’s compelling stuff.

          • Infographic: Ubuntu Linux Is Used by Millions Worldwide and Connects Everything

            Canonical has shared with us today a new infographic that shows how their Ubuntu Linux operating system is being used all over the world by big-name companies the offer their services to millions of consumers.

            More than two years ago, when Ubuntu 16.04 LTS (Xenial Xerus) was released, Canonical put together an infographic to show the world how many people use Ubuntu and on which devices. With Ubuntu 18.04 LTS (Bionic Beaver) out the door this year, they did it again and published a brand-new infographic to show the world that Ubuntu and Linux are everywhere.

          • Flavours and Variants

            • KDE Plasma bugfix release 5.12.6 is now available for Kubuntu 18.04 LTS

              The Kubuntu Community is please to announce that KDE Plasma 5.12.6, the latest bugfix release for Plasma 5.12 was made available for Kubuntu 18.04 LTS (the Bionic Beaver) users via normal updates.

              The full changelog for 5.12.6 contains scores of fixes, including fixes and polish for Discover and the desktop.

              These fixes should be immediately available through normal updates.

              The Kubuntu team wishes users a happy experience with the excellent 5.12 LTS desktop, and thanks the KDE/Plasma team for such a wonderful desktop to package.

            • Kubuntu 18.04 LTS Users Can Now Update to the KDE Plasma 5.12.6 LTS Desktop

              The Kubuntu team announced today the immediate availability of the latest KDE Plasma 5.12.6 LTS desktop environment for the Kubuntu 18.04 LTS (Bionic Beaver) operating system series.

              Released on April 26, 2018, Kubuntu 18.04 LTS (Bionic Beaver) operating system is supported for three years with software and security updates, which means that is ships with the long-term supported version of the KDE Plasma desktop environment, KDE Plasma 5.12 LTS.

  • Devices/Embedded

Free Software/Open Source

  • Alfresco Becomes First Open Source Vendor to Achieve DoD 5015.02 Chapter 3 Certification

    -Alfresco Software, a leading enterprise open source provider of process automation, content management, and information governance software, today announced that its Governance Services solution has been certified against the DoD 5015.02 CH3, the Department of Defense (DoD) standard for records management. The company is the first open source vendor to achieve this distinction.

  • Cavium CN81xx SoCs Now Supported By Upstream Coreboot

    Thanks to Facebook / Open Compute Project, the Octeon CN81xx SoCs are now supported by upstream Coreboot and happen to be the first Cavium ARM SoCs supported by this project.

    The Cavium Octeon CN81xx SoC family come in dual and quad-core ARMv8 designs and the intended use-case for these SoCs are within IoT, industrial control, networking equipment, and related fields.

  • Web Browsers

    • Browsh: A Modern, Text-Based Web Browser

      If the Lynx open-source text-based browser isn’t satisfying your needs with viewing modern web sites via the terminal, Browsh is a new entrant into the text-based web-browser space that seeks to support modern web standards.

      Phoronix reader Julius reports in this morning on the availability of Browsh, a text-based web browser that supports HTML5, CSS3, JavaScript, and even video and WebGL content. Granted, due to terminal limitations, the multimedia content becomes rather pixelated due to the low resolution.

    • Chrome

      • Are You a Fan of Google Chrome’s New Look?

        Perhaps it’s just me, but I don’t think the look of Google Chrome has altered all that much since it blinked into life in 2009.

        But that will shortly change.

        Rumour has it that Google plans to debut a new-look Google Chrome ahead of the browser’s 10th birthday in September.

        And if you’re a spoiler fan, the new look is already available for testing.

        Now, we’re not talking a revamp based on the old ‘boxy’ Material Design here. Oh no. The visual rejig Is based on the rounder, softer and more tactile Material Design 2 (on full display in Android P and arriving piecemeal to the Chrome OS desktop).

    • Mozilla

      • Notes is available on Android

        The mobile companion application supports the same multi-note and end-to-end encryption features as the WebExtension. After you sign in into the app, it will sync all your existing notes from Firefox desktop, so you can access them on the go. You can also use the app standalone, but we suggest you pair it with the WebExtension for maximum efficiency.

        Please provide any feedback and share your experience using the “Feedback” button in the app drawer. This is one of the first mobile Test Pilot experiments and we would like to hear from you and understand your expectations for future Test Pilot mobile applications.

      • Take your passwords everywhere with Firefox Lockbox

        Firefox users, you can now easily access the passwords you save in the browser in a lightweight iOS app!

        Download Firefox Lockbox from the App Store. Sign in with your Firefox Account, and your saved usernames and passwords will securely sync to your device using 256-bit encryption, giving you convenient access to your apps and websites, wherever you are. Find out more about the experiment on Firefox Test Pilot.

        We have so many online accounts, and it’s hard to keep track of them all. The browser can save them, but they’re not always easy to find or access later, especially when trying to get into the same account on mobile. The Firefox Lockbox iOS app is our first experiment to help you find and use your passwords everywhere.

      • Introducing Firefox’s First Mobile Test Pilot Experiments: Lockbox and Notes

        This summer, the Test Pilot team has been heads down working on experiments for our Firefox users. On the heels of our most recent and successful desktop Test Pilot experiments, Firefox Color and Side View, it was inevitable that the Test Pilot Program would expand to mobile.

        Today, we’re excited to announce the first Test Pilot experiments for your mobile devices. With these two experiences, we are pushing beyond the boundaries of the desktop browser and into mobile apps. We’re taking the first steps toward bringing Mozilla’s mission of privacy, security and control to mobile apps beyond the browser.

      • Review of Igalia’s Web Platform activities (H1 2018)

        Igalia has proposed and developed the specification for BigInt, enabling math on arbitrary-sized integers in JavaScript. Igalia has been developing implementations in SpiderMonkey and JSC, where core patches have landed. Chrome and Node.js shipped implementations of BigInt, and the proposal is at Stage 3 in TC39.

        Igalia is also continuing to develop several features for JavaScript classes, including class fields. We developed a prototype implementation of class fields in JSC. We have maintained Stage 3 in TC39 for our specification of class features, including static variants.

        We also participated to WebAssembly (now at First Public Working Draft) and internationalization features for new features such as Intl.RelativeTimeFormat (currently at Stage 3).

      • Firefox Lockbox: An iPhone App For All Your Passwords
      • Notes by Firefox is a simple Google Keep/Evernote alternative for Firefox users
      • Firefox Test Pilot Program Expands to Mobile With ‘Firefox Lockbox’ Password Storage iOS App
      • Mozilla tests a password manager for Firefox on iOS
      • With Lockbox and Notes, Mozilla launches its first set of mobile Test Pilot experiments
      • Firefox Launches a Password Manager for iPhone and Notes for Android
      • Firefox expands iOS footprint with new experimental ‘Lockbox’ password manager
      • Mozilla wants to make Firefox your iOS password manager
      • Mozilla Announces Firefox Lockbox, a Face ID-Compatible Password Manager for iOS

        After it made sure Firefox is one of the most popular web browsers on the desktop, Mozilla continues their quest to conquer the mobile world with new and innovative apps.

        Today, Mozilla announced that it had developed two new apps for Apple’s iOS and Google’s Android mobile operating systems, Firefox Lockbox for iOS and Notes by Firefox for Android. The two apps are currently available for testing through the company’s Mobile Test Pilot Experiments initiative.

        The Firefox Lockbox for iOS promises to be a password manager that you can take anywhere, so you won’t have to reset your new passwords when you forget them. While the app can sync passwords across devices, it’s only compatible with passwords save through the Firefox web browser via a Firefox Sync account.

      • New Site for Thunderbird and SeaMonkey Add-ons

        When Firefox Quantum (version 57) launched in November 2017, it exclusively supported add-ons built using WebExtensions APIs. addons.mozilla.org (AMO) has followed a parallel development path to Firefox and will soon only support WebExtensions-based add-ons.

        As Thunderbird and SeaMonkey do not plan to fully switch over to the WebExtensions API in the near future, the Thunderbird Council has agreed to host and manage a new site for Thunderbird and SeaMonkey add-ons. This new site, addons.thunderbird.net, will go live in July 2018.

        Starting on July 12th, all add-ons that support Thunderbird and SeaMonkey will be automatically ported to addons.thunderbird.net. The update URLs of these add-ons will be redirected from AMO to the new site and all users will continue to receive automatic updates. Developer accounts will also be ported and developers will be able to log in and manage their listings on the new site.

      • A Vision for Engineering Workflow at Mozilla (Part Three)

        This is the last post in a three-part series on A Vision for Engineering Workflow at Mozilla.

      • Why Isn’t Debugging Treated As A First-Class Activity?

        One thing developers spend a lot of time on is completely absent from both of these lists: debugging! Gitlab doesn’t even list anything debugging-related in its missing features. Why isn’t debugging treated as worthy of attention? I genuinely don’t know — I’d like to hear your theories!

        One of my theories is that debugging is ignored because people working on these systems aren’t aware of anything they could do to improve it. “If there’s no solution, there’s no problem.” With Pernosco we need to raise awareness that progress is possible and therefore debugging does demand investment. Not only is progress possible, but debugging solutions can deeply integrate into the increasingly cloud-based development workflows described above.

      • Bug futures: business models

        Recent question about futures markets on software bugs: what’s the business model?

        As far as I can tell, there are several available models, just as there are multiple kinds of companies that can participate in any securities or commodities market.

  • Databases

    • New CTIO at HIMSS is excited about big data streaming, open-source and noSQL databases

      HIMSS announced its first-ever chief technology and innovation officer this past month, with the hiring of Steve Wretling, a veteran CTO and CIO with deep experience in IT standards and specifications, enterprise architecture, mobile tech and more from his years in various positions at DaVita and Kaiser Permanente.

      Having been on the job for several weeks now, Wretling has some big ideas about the challenges healthcare is facing and the ways he can guide HIMSS in harnessing emerging technologies and innovative clinical and operational practices to help fix them.

      Wretling spoke to Healthcare IT News about his plans for improving stakeholder collaboration, homing in on more effective patient-centered care, tapping the potential of emerging data management technologies and more.

    • Call for Speakers Now Open for Percona Live Open Source Database Conference Europe 2018
  • Pseudo-Open Source (Openwashing)

  • BSD

  • Openness/Sharing/Collaboration

  • Programming/Development

    • Announcing Rust 1.27.1

      The Rust team is happy to announce a new version of Rust, 1.27.1. Rust is a systems programming language focused on safety, speed, and concurrency.

    • 6 IDEs you need to know about

      Linux has long been a favourite platform with developers due to the rich array of languages and toolchains available. In this article we highlight 6 IDEs that can boost your productivity. Each IDE is just a Snap away so you can easily craft your complete development workstation in seconds. Here are six of the best IDEs every developer should know about and an additional 14 bonus IDEs mentioned throughout the article for you to discover.

Leftovers

  • Health/Nutrition

    • Monopolies: State And Corporate Interests Surrounding Access To Medicines

      Amongst the many issues faced by developing countries to ensure access to medicines, cost is a primary one. Proposals to tackle it include limiting the price and regulating competitive conditions. Monopolies created by patents are seen by many as an impediment to accessing basic healthcare. Meanwhile, countries have realised that imposing stringent criteria for granting patents and taking a long duration to process them could be detrimental to them as much as resisting the regime.

      [...]

      Carlos Correa, executive director elect of the South Centre, opened the discussion of monopoly being an obstacle to affordable medicines as it drives the prices up. Setting the price according to market rates does not work for medicines due to the inelasticity of demand, he explained. People who can afford it or those insured can pay what the pharmaceutical company deems fit while others continue to suffer despite the existence of a cure.

      Dr Tedros, in his brief address, referred to turning a blind eye to such suffering as ‘moral decay’ of the society.

      Echoing those sentiments, Brazilian Ambassador ‎Maria Azevêdo termed access to medicines a human rights issue touching upon the right to life and the right to health. As she pointed out, public health is now a political issue where governments ‘have to deliver.’

  • Security

    • Security updates for Tuesday
    • Why you might want to wrap your car key fob in foil

      Given that the best way to store your car keys at night is by putting them in a coffee can, what’s an ex-FBI agent’s advice to protect cars from theft during the day?

      Wrap car fobs in aluminum foil.

      [...]

      He held up his fob and said, “This should be something we don’t need to wrap with foil. It’s 2018. Car companies need to find a way so no one can replicate the messages and the communication between the key and the vehicle.”

      [...]

      While auto industry engineers know a lot about traditional safety, quality, compliance and reliability challenges, cyber is an “adaptive adversary,” said Faye Francy, executive director of the nonprofit Automotive Information Sharing and Analysis Center, which specializes in cybersecurity strategies. “Automakers are starting to implement security features in every stage of design and manufacturing. This includes the key fob.”

    • Crooks install skimmer on point-of-sale machine in 2 seconds
    • Facebook add-on TimeHop has been pwned by hackers [sic]

      The big problem doesn’t affect UK users, but will be making our US cousins sweat – phone numbers were leaked. TimeHop recommends adding a PIN to your phone account because if abused, this could be used for identity theft – starting with, but not limited to, porting the number without permission.`

    • Malware Found in Arch Linux AUR Package Repository

      Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages.

      The malicious code has been removed thanks to the quick intervention of the AUR team.

    • Amateur bid to add code to Arch Linux packages found and squashed
    • Arch Linux AUR Repository Found to Contain Malware

      The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is yet another incident that showcases that Linux users should not explicitly trust user-controlled repositories.

    • Malware found in the Arch Linux AUR repository

      Here’s a report in Sensors Tech Forum on the discovery of a set of hostile packages in the Arch Linux AUR repository system. AUR contains user-contributed packages, of course; it’s not a part of the Arch distribution itself.

    • Fun with DAC_OVERRIDE and SELinux
    • Lukas Vrabec: Why do you see DAC_OVERRIDE SELinux denials?
    • With So Many Eyeballs, Is Open Source Security Better? [Ed: Ask a FOSS company. Not VMware. VMware puts back doors in its proprietary software blobs.]

      Back in 1999, Eric Raymond coined the term “Linus’ Law,” which stipulates that given enough eyeballs, all bugs are shallow.

      Linus’ Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security. In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus’ Law isn’t valid?

      According to Dirk Hohndel, VP and Chief Open Source Officer at VMware, Linus’ Law still works, but there are larger software development issues that impact both open source as well as closed source code that are of equal or greater importance.

    • The aftermath of the Gentoo GitHub hack [Ed: What a bad choice of password leads to.]

      Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.

    • New Variant of Spectre Security Flaw Discovered: Speculative Buffer Overflows

      Security researchers Vladimir Kiriansky (MIT) and Carl Waldspurger (Carl Waldspurger Consulting) have published a paper to disclose a new variant of the infamous Spectre security vulnerability, which creates speculative buffer overflows.

      In their paper, the two security researchers explain the attacks and defenses for the new Spectre variant they discover, which they call Spectre1.1 (CVE-2018-3693), a new variant of the first Spectre security vulnerability unearthed earlier this year and later discovered to have multiple other variants.

      The new Spectre flaw leverages speculative stores to create speculative buffer overflows. Similar to the classic buffer overflow security flaws, the new Spectre vulnerability is also known as “Bounds Check Bypass Store” or BCBS to distinguish it from the original speculative execution attack.

    • AT&T acquires open-source threat intelligence firm

      As AT&T continues down its network virtualization efforts using the open-source Open Networking Automation Platform (ONAP), the operator has acquired cybersecurity firm AlienVault, which uses open-source software to provide what the companies call “threat intelligence.” Financial details of the transaction were not disclosed; AT&T expects the deal to close in Q3 this year.

  • Environment/Energy/Wildlife/Nature

    • Nissan Falsifies Exhaust Emission Data in New Issue for Saikawa

      The data falsification, which occurred on 19 models across five plants in Japan, was found out when the company was carrying out an internal check about employees conducting final inspection of vehicles, Nissan said at its Yokohama headquarters Monday. The incident won’t lead to any recalls as the vehicles meet catalog specifications for fuel economy and emissions.

  • Finance

    • ‘They’ve Been Doing This Massive, Anti-Democratic Model of Education Reform’

      A new report from the RAND Corporation concludes that the multi-million-dollar teacher evaluation project, championed and partially bankrolled by Bill Gates, did not increase teachers’ effectiveness or improve students’ academic performance, including the low-income minority students that were presented as the initiative’s major beneficiaries.

      The Washington Post’s Valerie Strauss, a generally critical assessor of what’s called “education philanthropy,” covered this new report. But most corporate media appear uninterested in this challenge to a set of ideas about “failing public schools” and how to fix them, that they themselves play a notable role in promoting.

      Our next guest has critically engaged the Gates Foundation’s educational forays for years now. Wayne Au is professor at the University of Washington/Bothell Campus, and interim dean for diversity and equity on campus. He’s also editor at Rethinking Schools. He joins us now by phone from Seattle. Welcome back to CounterSpin, Wayne Au.

    • How to make the case for blockchain: 5 steps

      If you’re soliciting support for an early blockchain pilot test or project in your organization, you’ll need to explain both the underlying technology and how it can help the business.

      That’s true for any emerging technology, but this pair of tasks could be particularly tricky for IT leaders who want do a blockchain project. For starters, blockchain is tough to explain and understand, especially for non-technical people. Moreover, the hype surrounding Bitcoin and other cryptocurrencies tends to create some misconceptions about the fundamental blockchain tech behind those digital currencies.

      [...]

      For starters, completely separate blockchain from Bitcoin and other digital currencies.

      “The key is to divorce the innovation of blockchain and its value to enterprise from the headlines people may have seen about Bitcoin speculation or cryptocurrency scams,” says Wes Levitt, head of strategy at Theta Labs, makers of a decentralized, blockchain-powered video delivery network, Theta Token.

    • Trump’s Mar-a-Lago Resort Seeks to Hire 61 Foreign Workers

      Meanwhile, the Trump Organization is seeking to hire 61 foreign guest workers through the H-2B visa program to cook and clean at Trump’s private Mar-a-Lago resort in Palm Beach, Florida. While Trump has sought to crack down dramatically on nearly every form of immigration into the U.S. during his time in office, he has expanded the H-2B visa program, which benefits companies seeking to hire foreign workers for seasonal, low-wage work.

  • AstroTurf/Lobbying/Politics

    • India: WhatsApp under pressure to prevent misuse after spate of mob lynchings

      At least 20 people have been killed in mostly rural villages in several Indian states in attacks by mobs that had been inflamed by social media. Victims were accused in the viral messages of belonging to gangs trying to abduct children. The brutal attacks, which began in early May, have also left dozens of people injured.

      Although Indian authorities have clarified that there was no truth to the rumors and the targeted people were innocent, the deadly and brutal attacks, often captured on cellphones and shared on social media, have spread across the country.

    • EU Android anti-trust fine delayed due to Trump visit

      But sources said that the meeting had now been postponed to 17 July. Wednesdays are the days on which the EU executive normally announces decisions taken at its weekly meetings.

      On 8 June, reports said that the fine was due to be announced in the second week of July.

    • How Silicon Valley Fuels an Informal Caste System

      San Francisco residents seem to be divided into four broad classes, or perhaps even castes:

      [...]

      Inequality rarely decreases, and when it does it’s often as the result of wars, revolutions, pandemics, or state collapse. If there’s any nonviolent political hope here, it’s probably to be found among the Outer Party. The Inner Party lives estranged from reality. But the Outer Party still has to teach their kids not to pick up street needles and occasionally feels the depredations of crime to person or property (our household has experienced both within the past few months). Though the Outer Party has little collective identity, they have common interests around street cleanliness, crime, schools, and transit. Those interests expressed themselves in the recent mayoral election, where pro-development, pro-techie London Breed, a favorite among the tech Outer Party, narrowly defeated two mutually endorsing candidates in an electoral nail-biter. Breed broke from typical San Francisco progressive politics, proposing to eliminate homeless camps via government conservatorship (essentially forced institutionalization).1 Perhaps a city founded in a literal gold rush can foster a newfound civic spirit, at least among the gold miners, while in the midst of a figurative gold rush.

    • How Trump is Reshaping US Foreign Policy

      Other states, whether friend or foe, will be less willing to bargain with the United States when it is governed by an administration that reneges on previous agreements and that, other governments believe, bargains in bad faith. Such mistrust impedes the reaching not only of the sort of multilateral agreements that Trump rejects but also the sort of bilateral agreements that he says he favors. To return to Kagan’s typology, Trump’s America is moving closer to isolationism—in diplomacy, if not in the use of military force—not because isolationism is part of any Trump Doctrine but because it is a byproduct of Trump’s way of doing business.

  • Censorship/Free Speech

    • The Dark Money Behind Campus Speech Wars

      But Speech First looks like something else: a highly professional astro-turfing campaign, with a board of former Bush administration lawyers and longtime affiliates of the Koch family. The group is new to the campus culture wars: It incorporated in December and launched in February. But it has already received endorsements from the Department of Justice, which filed a statement of interest supporting Speech First in the Michigan case, stating in a subsequent press release that “freedom of speech and expression on the American campus are under attack.”

    • Reddit CEO tells user, “we are not the thought police,” then suspends that user

      Reddit has confirmed to Ars Technica that Huffman’s conversation, as posted by user “whatllmyusernamebe” on Sunday, is legitimate. The conversation begins with Huffman responding to the question, “Why do you admins not just ban hate speech?”

    • YouTube is fighting conspiracy theories with ‘authoritative’ context and outside links

      YouTube is also funding a number of partnerships. It’s establishing a working group that will provide input on how it handles news, and it’s providing money for “sustainable” video operations across 20 markets across the world, in addition to expanding an internal support team for publishers. (Vox Media, The Verge’s parent company, is a member of the working group.) It’s previously invested money in digital literacy programs for teenagers, recruiting prominent YouTube creators to promote the cause.

    • The rise of ‘pseudo-AI’: how tech firms quietly use humans to do bots’ work

      “Using a human to do the job lets you skip over a load of technical and business development challenges. It doesn’t scale, obviously, but it allows you to build something and skip the hard part early on,” said Gregory Koberger, CEO of ReadMe, who says he has come across a lot of “pseudo-AIs”.

    • A Numerical Exploration Of How The EU’s Article 13 Will Lead To Massive Censorship

      One of the key talking points from those in favor of Article 13 in the EU Copyright Directive is that people who claim it will lead to widespread censorship are simply making it up. We’ve explained many times why this is untrue, and how any time you put in place a system for taking down content, tons of perfectly legitimate content gets caught up in it. Some of this is from malicious takedowns, but much of it is just because algorithms make mistakes. And when you make mistakes at scale, bad things happen. Most of you are familiar with the concept of “Type 1″ and “Type 2″ errors in statistics. These can be more simply described as false positives and false negatives. Over the weekend, Alec Muffett decided to put together a quick “false positive” emulator to show how much of an impact this would have at scale and tweeted out quite a thread, that has since been un-threaded into a webpage for easier reading. In short, at scale, the “false positive” problem is pretty intense. A ton of non-infringing content is likely to get swept up in the mess.

      [...]

      This is one of the major problems that people don’t seem to comprehend when they talk about filtering (or even human moderating) content at scale. Even at impossibly high accuracy rates, a “small” percentage of false positives leads to a massive amount of non-infringing content being taken offline.

      Perhaps some people feel that this is acceptable “collateral damage” to deal with the relatively small amount of infringement on various platforms, but to deny that it will create widespread censorship of legitimate and non-infringing content is to deny reality.

    • Prominent Texas Surgeon Sues ProPublica and the Houston Chronicle

      A Texas heart surgeon whose practices recently have been the subject of stories by ProPublica and the Houston Chronicle filed a lawsuit this week against the news organizations alleging defamation.

      Dr. O.H. “Bud” Frazier brought the suit in Harris County (Texas) District Court, challenging a May story that examined concerns with the doctor’s conduct, as well as one last month addressing criticism of the first article. The suit also names the stories’ authors, reporters Charles Ornstein of ProPublica and Mike Hixenbaugh of the Chronicle, as defendants.

      Frazier, a famed heart transplant surgeon at Baylor St. Luke’s Medical Center and the Texas Heart Institute, asserts that the articles included errors and misleading statements “calculated to falsely portray Dr. Frazier as an inhumane physician.”

      “We have seen the complaint in this case, although we have not yet been served,” said Richard Tofel, president of ProPublica. “We think the lawsuit lacks merit, and we intend to defend it vigorously.”

    • Fake News Is A Meaningless Term, And Our Obsession Over It Continues To Harm Actual News

      Many people forget now, but in the wake of the 2016 election, it was mainly those opposed to Donald Trump who were screaming about “fake news.” They wanted an explanation for what they believed was impossible — and one thing that many, especially in the journalism field focused on, were the made up stories that got shared wildly on Facebook. At the time, we warned that nothing good would come from so many people blaming “fake news” for the election, and I think it’s fair to say we were correct on that. President Trump quickly co-opted the phrase and turned it into a mantra directed at any news story about him or his administration that he didn’t like.

      And, of course, the term was always meaningless. It encompassed such a broad spectrum of things — from completely made up stories, to stories with bad sourcing or an error, to stories that were spun in a way people didn’t like or found misleading, to stories with a minor mistake, to just stories someone didn’t like. But each of those is very, very different, and the way that different news organizations respond to these issues can be very different as well. For example, professional publications that make mistakes will publish corrections when they discover they’ve made an error. Sometimes they don’t do so well, and they don’t always do a very good job of publicizing the correction — but they do strive to get things right. That’s different than publications that simply put up purely fake stuff, just for the hell of it. And there really aren’t that many such sites. But by lumping them all in as fake news, people start to blur the distinctions, and think that basically everyone is just making shit up all the time.

    • ESPN Latest To Nix User Comments, Abdicate Its Responsibility For Fostering A Good Community

      Readers of this site will be aware of the trend over the past several years for news and media sites across the internet deciding to nix their respective comments sections. This wave of muzzles on the communities that previously participated in these sites has come with a variety of reasons or excuses, depending on your perspective. Some sites have noted that comments sections devolve into the worst humanity has to offer, with vile speech and spam-bots sucking up all of the digital oxygen. Other sites have suggested that some sort of liability comes along with any proper moderation of their comments sections. Still others have pointed towards social media platforms that can better take over the duties as some sort of 3rd party community gathering place, be it on Facebook or Twitter. All of these reasons are silly and false, or they simply abdicate the site’s responsibility for fostering a well-functioning community of commenters. Here at Techdirt, we love our own community and value the ever-living hell out of our comments, be they supporters of our positions or well-meaning dissenters. Trolls come along for the ride, of course, but we trust our own community to act as a moderating force against them.

  • Privacy/Surveillance

    • Proxies Vs. VPNs Vs. Tor Browser

      In a world where global transactions take place within seconds of initiation. Where Millions of cryptocurrency coins are exchanged across the framework of distributed systems. Internet security is and will always remain a major concern.
      It is estimated that a half of the world’s population will prioritize their network privacy more than their homeland security by the year 2025. This is accounted for the rapid shift from physical business to online digital business as well as increased social media activity.

      ​Proxies, VPNs, and TOR are all tool for ensuring internet security. They all share a common goal of ensuring the internet user anonymity while using the network. At least in this one respect, they are all look-alikes and therefore why most people find it difficult to differentiate them. In this article, we are going to take a look at three of them, their pros and cons and when to favour any of them against the rest. ​

    • FBI Decides To Ruin A Man’s Life Over Nude Photos Of His Legal Girlfriend He Took Seven Years Ago

      The relationship was completely legal. The pictures somehow aren’t, even though no one could legally call the relationship (as it existed seven years ago) “exploitation” or “enticement.” But they can call the photos illegal and they can retcon the consensual relationship into a predator/prey dynamic using federal child porn charges.

      The testimony referenced above wasn’t meant to incriminate Edward Marrero. He was testifying on behalf of another person facing child porn charges. When he detailed the pictures he took while in a consensual relationship with a 17-year-old, the feds decided to swear out an arrest warrant. While Marrero was informed of his Fifth Amendment rights, he most likely thought what he stated in court wasn’t incriminating (because the girlfriend was over the age of consent) or that the government would view his statements rationally and not immediately move to have him arrested.

      As Guy Hamilton-Smith pointed out on Twitter, the federal government is being as punitive as possible, as quickly as possible. Marrero’s initial appearance was greeted with immediate detention and he’s been placed in the custody of the US Marshals. All this is happening over photos taken seven years ago by people in a consensual relationship. The accused wasn’t producing child porn by any rational definition of the statute. But it can be read in irrational ways to ruin lives just because.

    • Grassroots Group Confronts Privacy-Invasive WiFi Kiosks in New York

      Free WiFi all across New York City? It might sound like a dream to many New Yorkers, until the public learned that it wasn’t “free” at all. LinkNYC, a communications network that is replacing public pay phones with WiFi kiosks across New York City, is paid for by advertising that tracks users, festooned with cameras and microphones, and has questionable processes for allowing the public to influence its data handling policies.

      These kiosks also gave birth to ReThink LinkNYC, a grassroots community group that’s uniting New Yorkers from different backgrounds in standing up for their privacy. In a recent interview with EFF, organizers Adsilla Amani and Mari Dej described the organization as a “hodgepodge of New Yorkers” who were shocked by the surveillance-fueled WiFi kiosks entering their neighborhoods. More importantly, they saw opportunity. As Dej described, “As we began scratching the surface, [we] saw that this was an opportunity as well to highlight some of the problems that are largely invisible with data brokers and surveillance capitalism.”

    • California Shopping Centers Are Spying for an ICE Contractor

      A company that operates 46 shopping centers up and down California has been providing sensitive information collected by automated license plate readers (ALPRs) to Vigilant Solutions, a surveillance technology vendor that in turn sells location data to Immigrations & Customs Enforcement.

      The Irvine Company—a real estate company that operates malls in Irvine, La Jolla, Newport Beach, Redwood City, San Jose, Santa Clara and Sunnyvale—has been conducting the ALPR surveillance since just before Christmas 2016, according to an ALPR Usage and Privacy Policy published on its website (archived version). The policy does not say which of its malls use the technology, only disclosing that the company and its contractors operates ALPRs at “one or more” of its locations.

      Automated license plate recognition is a form of mass surveillance in which cameras capture images of license plates, convert the plate into plaintext characters, and append a time, date, and GPS location. This data is usually fed into a database, allowing the operator to search for a particular vehicle’s travel patterns or identify visitors to a particular location. By adding certain vehicles to a “hot list,” an ALPR operator can receive near-real time alerts on a person’s whereabouts.

      EFF contacted the Irvine Company with a series of questions about the surveillance program, including which malls deploy ALPRs and how much data has been collected and shared about its customers and employees. After accepting the questions via phone, Irvine Company did not provide further response or answer questions.

    • NYT Sees ‘Dystopia’ in Chinese Surveillance—Which Looks a Lot Like US Surveillance

      The China piece does have a couple of acknowledgements that these issues are not totally foreign to the United States. At one point it notes: “Already, China has an estimated 200 million surveillance cameras — four times as many as the United States.” Not noted: China has a bit more than four times the population of the United States. At another point, it mentions that the US director of national intelligence held an “open contest for facial recognition algorithms” in 2017—which a Chinese company won. But you won’t likely see New York Times headlines about the “dystopian dreams” of the US surveillance state.

      In an indication that surveillance isn’t the only area where the Times has the ability to report on woes in other countries without recognizing that its own country has troubles that are similar or worse, the article describes the impetus behind China’s population-monitoring drive: “China’s economy isn’t growing at the same pace. It suffers from a severe wealth gap.”

      As it happens, by the standard measure of inequality, the GINI coefficient, the US and China are almost exactly as unequal—41 vs. 42.2, according to the World Bank—and China’s GDP is growing almost twice as fast. Would the New York Times ever cite the US’s wealth gap and slowing growth as an explanation for the expansion of the NSA’s powers?

    • How New Jersey keeps online gamblers from crossing digital state lines

      The last piece of technology used by New Jersey online casinos use to pinpoint your location is through your IP address (Internet Protocol). Any computer logged onto the web will show its IP address, which is a fairly accurate way to track the location of the network used to log online. Of course there are now plenty of highly sophisticated virtual private networks available which dedicated gamblers can use to divert their IP address, making it appear as though they are logging in from New Jersey when in fact they can be located at any other point around the globe. However, to get the most out of a VPN, one has to pay for it, which may be a bridge too far for most gamblers. Professional gamblers on the other hand, may be quite prepared to offset the cost of a good VPN with the winnings they can potentially make at New Jersey online casinos.

    • 3 charged in elaborate robberies using Snapchat
  • Civil Rights/Policing

    • DNA Collection is Not the Answer to Reuniting Families Split Apart by Trump’s “Zero Tolerance” Program

      The Trump Administration’s “zero tolerance” program of criminally prosecuting all undocumented adult immigrants who cross the U.S.-Mexico border has had the disastrous result of separating as many as 3,000 children—many no older than toddlers—from their parents and family members. The federal government doesn’t appear to have kept track of where each family member has ended up. Now politicians, agency officials, and private companies argue DNA collection is the way to bring these families back together. DNA is not the answer.

      Politicians argue DNA collection is the way to bring these families back together. DNA is not the answer.

      Two main DNA-related proposals appear to be on the table. First, in response to requests from U.S. Representative Jackie Speier, two private commercial DNA-collection companies proposed donating DNA sampling kits to verify familial relationships between children and their parents. Second, the federal Department of Health and Human Services has said it is either planning to or has already started collecting DNA from immigrants, also to verify kinship.

      Both of these proposals threaten not just the privacy, security, and liberty of undocumented immigrants swept up in Trump’s Zero Tolerance program but also the privacy, security, and liberty of everyone related to them.

    • Family Separation in Court: What You Need to Know

      Reunifications, government foot-dragging, and a federal judge determined to hold the administration accountable.

      On June 26, a federal judge issued a national injunction in the ACLU’s class action lawsuit against the Trump administration’s policy of separating children and parents at the border. He ordered the government to reunite all children under five with their parents by Tuesday, July 10, and all remaining children by July 26.

      Since then, the administration has been scrambling to create a plan and process to meet the court’s deadlines and reunite thousands of families.

    • It’s Not Just Roe: How the Future Supreme Court Could Gut Abortion Rights

      A new Supreme Court could effectively decimate women’s access to abortion, even without overturning Roe outright.

      Now that President Donald Trump has nominated Brett Kavanaugh to replace Justice Anthony Kennedy on the Supreme Court, it will be up to the Senate to fully vet him so that the American people can determine whether he will uphold the basic civil rights and liberties relied on by everyone in this country. This is particularly true when it comes to abortion rights, where Kavanaugh’s prior opinions on the subject, coupled with the fact that Donald Trump vowed to only nominate justices who would overturn Roe v. Wade, give rise to serious concern about women’s continued ability to access abortion if Kavanaugh is confirmed.

  • Internet Policy/Net Neutrality

    • AT&T Is Very Excited To Try And Ruin HBO

      Ma bell isn’t much fun at parties. While traditional telcos desperately want to pivot from broadband and cable to video and online advertising, that transition has been challenging. Especially for a sector that has spent the last 30 years as government-pampered regional mono/duopolies. Many of these companies are good at running a network or lobbying government to stifle competition, but they’re simply not very good at things like creativity, innovation, or disruption. That was recently made abundantly clear by Verizon’s face plant after it tried to launch a sexy new Millennial-focused video platform dubbed Go90.

      AT&T suffers from the same disease, and it may soon manifest in abundance.

      You’ll recall that AT&T’s $86 billion acquisition of Time Warner was allowed to proceed after a comically narrow reading of the market by U.S. District Court Judge Richard Leon. At absolutely no point in his 172-page ruling, did Leon show the faintest awareness that AT&T wants to use the gutting of the FCC, the elimination of net neutrality rules, and vertical integration synergistically to behave anti-competitively in the broadband and streaming video space, something that’s obvious to anybody that has spent thirty seconds watching AT&T do business.

    • SCOTUS Nominee Kavanaugh Bought Verizon’s Silly Argument That Breaking Net Neutrality Is A 1st Amendment Right

      Telling Verizon that it can’t abuse a lack of broadband competition to hinder certain services from working online is not a free speech issue, full stop. That said, painting Verizon as the victim when it’s the company’s own anti-competitive actions that were threatening small businesses and legitimate expression gives you a pretty solid grasp of the hubris of large, incumbent telecom operators.

      Ultimately Verizon won the 2010 fight and had the rules scuttled due to FCC over reach (which is why Wheeler ultimately embraced Title II in 2015), but it had absolutely nothing to do with the ISP’s First Amendment argument. Still, that argument played a starring role when ISPs again sued to overturn the FCC’s tougher, 2015 rules. Comcast, AT&T, Verizon, and other major ISPs all again clung tightly to the flimsy First Amendment claim, despite even they knowing it was absurd and fundamentally unsound.

  • Intellectual Monopolies

    • Copyrights

      • YouTuber in row over copyright infringement of his own song

        “Just like probably all the music YouTubers out there,” he explained in a video to his 625,000 subscribers, “once in a while I get an email stating I’m infringing on someone’s copyrighted material.”

        [...]

        Paul had been accused of plagiarising his own music – and worse, all the money that video was earning would now be directed towards the person who copied his content.

        [...]

        At the heart of the controversy is YouTube’s Content ID system – the automatic process which decides whether a video contains copyright infringement.At the heart of the controversy is YouTube’s Content ID system – the automatic process which decides whether a video contains copyright infringement.

      • Two Men Sentenced to Jail For Selling ‘Ooberstick’ Kodi Devices
Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Berkheimer or No Berkheimer, Software Patents Remain Mostly Unenforceable in the United States and the Supreme Court is Fine With That

    35 U.S.C. § 101, which is based on cases like Alice and Mayo, offers the 'perfect storm' against software patents; it doesn't look like any of that will change any time soon (if ever)



  2. Ignoring and Bashing Courts: Is This the Future of Patent Offices in the West?

    Andrei Iancu, who is trying to water down 35 U.S.C. § 101 while Trump ‘waters down’ SCOTUS (which delivered Alice), isn’t alone; António Campinos, the new President of the EPO, is constantly promoting software patents (which European courts reject, citing the EPC) and even Australia’s litigation ‘industry’ is dissenting against Australian courts that stubbornly reject software patents



  3. Patent Maximalists Are Still Trying to Figure Out How to Stop PTAB or Prevent US Patent Quality From Ever Improving

    Improvements are being made to US patents because of the Patent Trial and Appeal Board (PTAB), which amends/culls/pro-actively rejects (at application phases) bad patents; but the likes of Andrei Iancu cannot stand that because they're patent maximalists, who personally gain from an over-saturation of patents



  4. Links 15/11/2018: Zentyal 6.0, Deepin 15.8, Thunderbird Project Hiring

    Links for the day



  5. A Question of Debt: António Campinos, Lexology, Law Gazette, and Sam Gyimah

    Ineptitude in the media which dominates if not monopolises UPC coverage means that laws detrimental to everyone but patent lawyers are nowadays being pushed even by ministers (not just those whose clandestine vote is used/bought to steal democracy overnight)



  6. Science Minister Sam Gyimah and the EPO Are Eager to Attack Science by Bringing Patent Trolls to Europe/European Union and the United Kingdom

    Team UPC has managed to indoctrinate or hijack key positions, causing those whose job is to promote science to actually promote patent trolls and litigation (suppressing science rather than advancing it)



  7. USF Revisits EPO Abuses, Highlighting an Urgent Need for Action

    “Staff Representation Disciplinary Cases” — a message circulated at the end of last week — reveals the persistence of union-busting agenda and injustice at the EPO



  8. Links 14/11/2018: KDevelop 5.3, Omarine 5.3, Canonical Not for Sale

    Links for the day



  9. Second Day of EPOPIC: Yet More Promotion of Software Patents in Europe in Defiance of Courts, EPC, Parliament and Common Sense

    Using bogus interpretations of the EPC — ones that courts have repeatedly rejected — the EPO continues to grant bogus/fake/bunk patents on abstract ideas, then justifies that practice (when the audience comes from the litigation ‘industry’)



  10. Allegations That António Campinos 'Bought' His Presidency and is Still Paying for it

    Rumours persist that after Battistelli had rigged the election in favour of his compatriot nefarious things related to that were still visible



  11. WIPO Corruption and Coverup Mirror EPO Tactics

    Suppression of staff representatives and whistleblowers carries on at WIPO and the EPO; people who speak out about abuses are themselves being treated like abusers



  12. Links 13/11/2018: HPC Domination (Top 500 All GNU/Linux) and OpenStack News

    Links for the day



  13. The USPTO and EPO Pretend to Care About Patent Quality by Mingling With the Terms “Patent” and “Quality”

    The whole "patent quality" propaganda from EPO and USPTO management continues unabated; they strive to maintain the fiction that quality rather than money is their prime motivator



  14. Yannis Skulikaris Promotes Software Patents at EPOPIC, Defending the Questionable Practice Under António Campinos

    The reckless advocacy for abstract patents on mere algorithms from a new and less familiar face; the EPO is definitely eager to grant software patents and it explains to stakeholders how to do it



  15. The U.S. Chamber of Commerce is Working for Patent Trolls and Patent Maximalists

    The patent trolls' propagandists are joining forces and pushing for a patent system that is hostile to science, technology, and innovation in general (so as to enable a bunch of aggressive law firms to tax everybody)



  16. Team UPC, Fronting for Patent Trolls From the US, is Calling Facts “Resistance”

    The tactics of Team UPC have gotten so tastelessly bad and its motivation so shallow (extortion in Europe) that one begins to wonder why these people are willing to tarnish everything that's left of their reputation



  17. The Federal Circuit Bar Association (FCBA) Will Spread the Berkheimer Lie While Legal Certainty Associated With Patents Remains Low and Few Lawsuits Filed

    New figures regarding patent litigation in the United States (number of lawsuits) show a decrease by about a tenth in just one year; there's still no sign of software patents making any kind of return/rebound in the United States, contrary to lies told by the litigation 'industry' (those who profit from frivolous lawsuits/threats)



  18. Links 12/11/2018: Linux 4.20 RC2, Denuvo DRM Defeated Again

    Links for the day



  19. Automation of Searches Will Not Solve the Legitimacy Problem Caused by Patents Lust

    The false belief that better searches and so-called 'AI' can miraculously assess patents will simply drive/motivate bad decisions and already steers bad management towards patent maximalism (presumption of examination/validation where none actually exists)



  20. The Federal Circuit and PTAB Are Not Slowing Down; Patent Maximalists Claim It's 'Harassment' to Question a Patent's Validity

    There’s no sign of stopping when it comes to harassment of judges and courts; those who make a living from patent threats and litigation do anything conceivable to stop the ‘bloodbath’ of US patents which were never supposed to have been granted in the first place



  21. Patent Maximalists Will Latch Onto Return Mail v US Postal Service in an Effort to Weaken or Limit Post-Grant Reviews of US Patents

    An upcoming case, dealing with what governments can and cannot do with/to patents (specifically the US government and US patents), interests the litigation 'industry' because it loathes reviews of low-quality and/or controversial patents (these reviews discourage litigation or stop lawsuits early on in the cycle)



  22. Guest Post: EPO Spins Censorship of Staff Representation

    Another concrete example of Campinos' cynical story-telling



  23. Andrei Iancu and Laura Peter Are Two Proponents of Patent Trolls at the Top of the USPTO

    Patent offices do not seem to care about the law, about the courts, about judges and so on; all they care about is money (and litigation costs) and that’s a very major problem



  24. The Patent 'Industry' Wants Incitations and Feuds, Not Innovation and Collaboration

    The litigation giants and their drones keep insisting that they're interested in helping scientists; but sooner or later the real (productive) industry learns to kick them to the curb and work together instead of suing



  25. EPO 'Outsourcing' Rumours

    The EPO advertises jobs in Prague and Lisbon; this leads to speculations less than a year after António Campinos sent EU-IPO jobs to India (for cost reduction)



  26. Links 11/11/2018: Bison 3.2.1 and FreeBSD 12.0 Beta 4

    Links for the day



  27. Pro-Litigation Front Groups Like CIPA and Team UPC Control the EPO, Which Shamelessly Grants Software Patents

    With buzzwords and hype like "insurtech", "fintech", "blockchains" and "AI" the EPO (and to some degree the USPTO as well) looks to allow a very wide range of software patents; the sole goal is to grant millions of low-quality patents, creating unnecessary litigation in Europe



  28. Latest Loophole: To Get Software Patents From the EPO One Can Just Claim That They're 'on a Car'

    The EPO has a new 'study' (accompanied by an extensive media/PR campaign) that paints software as "SDV" if it runs on a car, celebrating growth of such software patents



  29. The Huge Cost of Wrongly-Granted European Patents, Recklessly Granted by the European Patent Office (EPO)

    It took 4 years for many thousands of people to have just one patent of Monsanto/Bayer revoked; what does that say about the impact of erroneous patent awards?



  30. Links 10/11/2018: Mesa 18.3 RC2, ‘Linux on DeX’ Beta and Windows Breaking Itself Again

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts