EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.07.18

Links 7/8/2018: TCP Vulnerability in Linux, Speck Crypto Code Candidate for Removal

Posted in News Roundup at 12:06 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Audiocasts/Shows

    • Episode 34 | This Week in Linux

      On this episode of This Week in Linux: Linus Torvalds gave his opinion on Wireguard, Lubuntu Takes a New Direction, LineageOS launches their annual Summer Survey, and Hiri’s Experience with Selling on Linux. Then we’ll check out some distro news from Slackware, OpenWRT, Ubuntu LTS, and RebeccaBlackOS. Later in the show, we’ll look at the new NetSpectre vulnerability varient, Forbes’ 5 Reasons to Switch to Linux, a really interesting blog post from the KDE Team about Plasma’s Engineering and finally we’ll check out some Linux Gaming news. All that and much more!

  • Kernel Space

    • Linux 4.19 Kernel Getting STACKLEAK Feature

      Another security hardening measure coming to the Linux kernel is STACKLEAK.

      Kees Cook of Google queued STACKLEAK into one of his feature branches that will be sent in for the upcoming Linux 4.19 kernel.

    • Google Decides Not To Use Speck For Disk Encryption, Instead Developing HPolyC

      While the controversial Speck crypto support was added to Linux 4.17 and with Linux 4.18 it’s being exposed via fscrypt for a disk encryption option, which Google intended to be used on low-end “Android Go” devices that don’t have CPUs with capable native encryption extensions, instead Google is backtracking.

    • Linux “PSI” Patches Report Stall/Pressure Information For CPU / Memory / Storage

      One of the interesting patch series in the works is the “PSI” work by Johannes Weiner of Facebook.

      PSI in this context is actually Pressure Stall Information. This information to be exposed by future versions of the Linux kernel make it possible to quantify resource pressure on the system across CPU, memory, and I/O — including within cgroups.

    • The Best Features Of The Linux 4.18 Kernel

      Following a one week delay, the Linux 4.18 kernel is set to be released this coming weekend. In case you forgot about the new features and improvements since the Linux 4.18 cycle kicked off back in June, here’s a look back at some of the most prominent additions for this latest kernel version.

    • Linux kernel bug: TCP flaw lets remote attackers stall devices with tiny DoS attack

      Security researchers are warning Linux system users of a bug in the Linux kernel version 4.9 and up that could be used to hit systems with a denial-of-service attack on networking kit.

      The warning comes from Carnegie Mellon University’s CERT/CC, which notes that newer versions of the Linux kernel can be “forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (DoS)”.

    • SegmentSmack: TCP Flaw In Linux Kernel Could Trigger A Remote Denial Of Service

      The Linux kernel has been hit with a TCL flaw that was recently discovered by security researcher Juha-Matti Tilli. Assigned CVE-2018-5390, this flaw could be exploited by malicious actors to trigger a resource exhaustion attack using an available open port. This flaw, named SegmentSmack by Red Hat, affects the Linux kernel 4.9 or above.

    • TCP vulnerability found in Linux versions 4.9 and above
    • CVE-2018-5390: Vulnerability in Linux Kernel Allows for DoS Attacks
    • Speck Crypto Code Called For Removal From The Linux Kernel

      Now that Google will not be using the Speck crypto code for disk encryption on low-end Android devices but instead developing “HPolyC” as outlined in the aforelinked article, a plea has already been submitted to remove the current Speck code from the mainline Linux kernel.

      Following yesterday’s mailing list announcement that Google has changed its mind on using Speck and instead investing in a new option, Linux developer Jason Donenfeld took the liberty of issuing a “request for comments” on removing the Speck crypto code. Donenfeld is the developer that’s been working on WireGuard and the new Zinc crypto library.

    • Edge Security Developer Requests Speck Crypto be Pulled From Linux Kernel, as Google Abandoned It
    • STACKLEAK Security Added to Linux 4.19 Kernel to Prevent Stack Attacks

      A few days ago we covered Enhanced IBRS as mitigation against Spectre attacks being added to Linux 4.19 kernel, and now we just found out that another security hardening measure, known as STACKLEAK, is being added to the Linux 4.19 kernel as well.

    • Graphics Stack

      • Google Open-Sources “Filament” PBR Engine Using Vulkan/OpenGL

        Filament is a physically-based rendering engine that has now been open-sourced by Google for Android, Linux, macOS, and Windows systems.

        This physically-based rendering engine is designed to be as small and efficient as possible so that it can scale down and run with ease on Android-based systems. Filament is written in C++ and requires the use of the LLVM/Clang compiler, supports OpenGL 4.1+ / OpenGL ES 3.0+ / Vulkan 1.0 for rendering back-ends, supports a wide range of rendering capabilities, and all-around looks like quite an exciting PBR engine.

      • Sway 1.0 Alpha 5 Brings Multi-GPU Support, Virtual Keyboard Protocol

        The i3-inspired Sway Wayland compositor had already introduced many features ahead of Sway 1.0 while with today’s fifth alpha release are yet more new features to advertise.

        Sway 1.0 Alpha 5 was released today and while it’s just a few weeks past the alpha 4 milestone, there are more than 250 changes and a number of new features.

    • Benchmarks

      • PHP 7.3 Beta Benchmarks Showing Good Performance

        Following last week’s PHP 7.3 beta release, which also marks the feature freeze for this next PHP7 update, I’ve been running some performance benchmarks on a couple different Linux systems.

        My latest PHP 7.3 benchmarks using the first beta copy jive with my earlier PHP 7.3 benchmarks showing this next PHP7 iteration being a nice evolution to the performance and continuing to run much better than during the PHP5 days.

  • Applications

  • Desktop Environments/WMs

    • 5 reasons the i3 window manager makes Linux better

      One of the nicest things about Linux (and open source software in general) is the freedom to choose among different alternatives to address our needs.

      I’ve been using Linux for a long time, but I was never entirely happy with the desktop environment options available. Until last year, Xfce was the closest to what I consider a good compromise between features and performance. Then I found i3, an amazing piece of software that changed my life.

      I3 is a tiling window manager. The goal of a window manager is to control the appearance and placement of windows in a windowing system. Window managers are often used as part a full-featured desktop environment (such as GNOME or Xfce), but some can also be used as standalone applications.

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.14 Desktop Environment Lets You Upgrade Your Computer’s Firmware

        One of the coolest new features of the KDE Plasma 5.14 desktop environment, as developer Nate Graham notes in his latest usability and productivity report, is the ability to upgrade your computer’s firmware through the Plasma Discover graphical package manager, which is installed by default and helps KDE Plasma users update their GNU/Linux distributions and KDE applications.

        The ability to upgrade your computer’s firmware recently landed in the Plasma Discover package manager and was implemented by developer Abjiheet Sharma. KDE Plasma 5.14 looks to be the first release of the open-source desktop environment to ship with this features, as it doesn’t look like it will be backported to Plasma 5.13.

      • Kube: new website, new flatpak

        What comes with it though is that we’ll also be publishing the flatpak and Mac OS nightlies there from now on. The CI that is building those nightlies will be integrated eventually, but that job is not complete just yet.

      • Musing About Communities Size and Activity: A Follow-up

        In my previous post I played with the team size and activity metrics on several communities and see what would come out of it. Interestingly, to me this wasn’t necessarily the most interesting of what I posted (it’s rather basic in what it presents) but somehow it’s the one which triggered the most comments, especially in the KDE community. Looks like I struck a nerve. :-)

        Anyway, it got quite a lot of good comments, so I thought it deserved a follow-up post with a different tone. For the record, I generally try to avoid putting too much of my own personal opinion in posts where I present metrics. I think it’s sane to try to shield facts on the data from my biased position. It’s obviously super hard, if not impossible. Indeed, at a minimum I’m forced to mention potential events in the time frame considered (if I know them)… it’s risky, but still I do it because otherwise things would be just very dry and super annoying to read! And I think that’s why the previous post struck a nerve, but more on that below.

      • KDE Discover Gets Fwupd Integration For Handling Firmware Updates

        While GNOME Software has long offered integration with Fwupd for offering firmware upgrades on supported devices, KDE Discover has now received similar functionality.

        Being worked on this summer by Abhijeet Sharma as a Google Summer of Code (GSoC 18) project is a fwupd back-end for Discover to handle firmware updating. Firmware upgrades can now happen via Fwupd while integrating nicely with Discover and offering notifications on new upgrades being available. Details on the effort can be found via this KDE GSoC Wiki page.

      • Chakra at KDE’s Akademy 2018

        We’ll be participating and presenting Chakra in the KDE Distro BoF, where there will be “short introductions for GNU/Linux distributions and open discussion on distribution-related topics”.

      • The State of Akademy Sponsorship

        Akademy 2018 is less than a week away. Apart from meeting up again with friends and colleagues, the KDE community has another reason to be joyful: this year we have broken the record for the number of sponsors for the event. Although there have been many sponsors of Akademy over the years, never have there been so many at one time.

        Eike Hein, Treasurer of the KDE e.V. board, believes that the extra influx of sponsors is thanks to “KDE software being loved again.” Eike points out that Plasma is reaching more kinds of devices every day, attracting larger communities and more hardware manufacturers — some of which will be at Akademy this year. KDE applications are also becoming more mainstream and reaching larger audiences. Krita and Kdenlive, for example, are making inroads within the community of graphical artists, raising awareness of KDE in a whole new sector of end users. Kirigami is becoming the go-to framework for projects that need convergence on desktop and mobile devices.

        “I would also attribute the increase in support to the fact that KDE actively engages with partners” says Eike. A case in point is the Advisory Board. The Advisory Board makes organization-to-organization interaction more rewarding and helps build a stronger network of like-minded Free Software associations and companies. Through the Advisory Board, KDE can better reach and support a larger communities, which in turn reinforces KDE’s position within Free Software.

    • GNOME Desktop/GTK

      • Lenovo Will Finally Offer Automatic Firmware Updates to Linux-Powered Computers

        According to Richard Hughes, who officially welcomed Lenovo to LVFS, tens of thousands of Linux users will soon receive automatic firmware updates in the coming weeks either through the GNOME Software graphical package manager or by running the fwupdmgr update command in a terminal emulator.

        In the coming months, hundreds of thousands of Linux users will also receive automatic firmware updates for their Lenovo computers as the team of developers behind the Linux Vendor Firmware Service initiative will move numerous Lenovo models from the testing channels to the stable ones.

        Read more

      • GNOME Keysign 0.9.8 released

        It’s been a while after my last post. This time, we have many exciting news to share. For one, we have a new release of GNOME Keysign which fixes a few bugs here and there as well as introduces Bluetooth support. That is, you can transfer your key with your buddy via Bluetooth and don’t need a network connection. In fact, it becomes more and more popular for WiFis to block clients talking to each other. A design goal is (or rather: was, see down below) to not require an Internet connection, simply because it opens up a can of worms with potential failures and attacks. Now you can transfer the key even if your WiFi doesn’t let you communicate with the other machine. Of course, both of you need have to have Bluetooth hardware and have it enabled.

      • Add a message context menu for Fractal

        Fractal is a Matrix client for GNOME and is written in Rust. Matrix is an open network for secure, decentralized communication.

      • Improving todo.txt & Todoist plugin

        The GSoC coding period just ended. I would first like to apologize for not updating about my work. I am working on improving Todo.txt and Todoist integration to GNOME To Do. During the coding period, a lot of improvements were added to Todo.txt and Todoist and in this blog post I write about my journey and describing the implementation details.

      • Talking at GUADEC 2018 in Almería, Spain

        I’ve more or less just returned from this year’s GUADEC in Almeria, Spain where I got to talk about assessing and improving the security of our apps. My main point was to make people use ASan, which I think Michael liked ;) Secondarily, I wanted to raise awareness for the security sensitivity of some seemingly minor bugs and how the importance of getting fixes out to the user should outweigh blame shifting games.

  • Distributions

    • New Releases

      • Netrunner Linux Gets Summer Release with Latest KDE Plasma 5.13 Desktop, More

        The developers behind the Netrunner Linux operating system announced over the weekend the availability of a new Rolling release with all the latest KDE technologies and recent software updates.

        Netrunner Rolling 2018.08 is here as the second installment for 2018, incorporating the KDE Plasma 5.13.3 desktop environment, along with the KDE Applications 18.04 and KDE Frameworks 5.48 software suites compiled against the Qt 5.11.1 application framework, as well as the Firefox Quantum 61.0 web browser, Mozilla Thunderbird 52.5 email and news client, and Krita 4.1.1 digital painting app.

        “Despite the hot summer in most of Europe, the Netrunner Team is happy to announce the immediate availability of Netrunner Rolling 2018.08 – 64bit ISO,” reads today’s announcement. “2018.08 comes with some new Plasma Theme that has some transparency built in to allow for experimenting with the new Blur options. It also features a new default wallpaper style, because… why not.”

    • Red Hat Family

      • CRI-O now running production workloads in OpenShift Online

        After hitting 1.0 in October of last year and being shipped as generally available (GA) in OpenShift 3.9, CRI-O has reached another important milestone—it’s now being used in production for many workloads running on OpenShift Online Starter accounts using OpenShift 3.10. Using CRI-O in a real-world production environment with diverse Kubernetes workloads is an important part of the development feedback loop for improving and extending CRI-O and OpenShift.

      • Containers are Linux. Products run the enterprise. So why are we swimming in a sea of Kubernetes project-based services? Part 2

        The rush to enable and adopt Kubernetes is evident with nearly weekly announcements of new Kubernetes distributions or services. The CNCF Kubernetes Conformance Program lists, as of this writing, at least 37 conformant software distributions of Kubernetes alone, plus additional hosted services.

        That’s a lot of choice. But many of these vendors and organizations are certifying and delivering just Kubernetes, or Kubernetes plus one or two components that add some extended functionality, not an overall solution or platform in which Kubernetes plays a part. Just like the Linux Foundation is the governing body for the upstream development of Linux, which is also one piece of the much larger operating system platform, so is CNCF the governing body for Kubernetes. Conformance in the upstream development stage does not imply a viable enterprise solution.

      • The time for change is now – channeling the digital transformation opportunity

        IT suppliers of all types live in a time of great opportunity. Organizations across industries have accepted that digital transformation has to be an integral part of their business and the channel must step forward and become a leader that helps companies to modernize infrastructure, exploit hybrid cloud capabilities and develop applications faster than ever before. However joint research we conducted in collaboration with CRN UK shows that channel partners in Europe still have work to do: just 22 percent of IT suppliers feel capable of providing a complete service to cater for digital transformations.

      • After helping launch Red Hat Amphitheater and break records, GM moves to Cary venue

        Cary’s Booth Amphitheatre has a new general manager from a familiar place.

        Taylor Traversari, who has been general manager of downtown Raleigh’s Red Hat Amphitheater since it opened in 2010, will move from one municipal-owned venue to another.

      • DLT to Distribute Red Hat Products to Gov’t Agencies Via AWS GovCloud

        Red Hat‘s (NYSE: RHT) enterprise-grade products will be available to government agencies and regulated industries on Amazon Web Services‘ GovCloud marketplace via a distribution agreement with DLT Solutions, ExecutiveBiz reported Friday.

        DLT will offer Red Hat’s products and managed services as a “Certified Cloud Service Provider” through an agreement that builds on the companies’ strategic partnership that dates back to 2004, DLT said Wednesday.

      • Red Hat’s expanding relationships with telcos

        It used to be that operators in the U.S. turned to Red Hat for their IT department needs, but for the past several years Red Hat has been increasingly involved on the network side of their businesses.

        With the emphasis on NFV and open source, Red Hat is becoming an increasingly significant player in the wireless space. “In the past few years, we’ve had interactions with every operator in the U.S.,” in some form or another, said Ian Hood, Red Hat’s chief technologist and global service provider, in an interview with Fierce.

        Publicly, of course, the company is limited on which customers it can disclose. In the U.S., Verizon has openly participated in Red Hat’s OpenStack Summits and talked about its NFV deployments, for example.

      • 14 must-read tech newsletters
      • Building more trustful teams in four steps

        Robin Dreeke’s The Code of Trust is a helpful guide to developing trustful relationships, and it’s particularly useful to people working in open organizations (where trust is fundamental to any kind of work). As its title implies, Dreeke’s book presents a “code” or set of principles people can follow when attempting to establish trust. I explained those in the first installment of this review. In this article, then, I’ll outline what Dreeke (a former FBI agent) calls “The Four Steps to Inspiring Trust”—a set of practices for enacting the principles. In other words, the Steps make the Code work in the real world.

      • Finance

      • Fedora

    • Debian Family

      • Installing Linux app on Chromebooks gets easier with support for .deb packages

        You can already run some Linux applications on some Chromebooks thanks to Google’s Project Crostini software. But as I noted when testing Crostini on the Acer Chromebook Tab 10 last month, the feature is still very much a work in progress.

        For now it’s not available if you’re using the stable channel version of Chrome OS, it doesn’t run on all Chromebooks, and you have to jump through some hoops to enable Crostini. Once you do that, you’ll find that you generally need a little Linux know-how to find and install applications using the command-line apt tool.

      • Chrome OS Can Now Install Debian Linux Packages

        A few weeks back, I was tinkering around in the Canary channel and through some hacky loops and multiple attempts, I was able to install a Linux installer that allowed me to launch Debian(.deb) Linux packages on my Chromebox.

        Granted, the workaround was in vain as I got Steam up and running just to find that GPU support is still nowhere to be seen but hey, the installation worked so the experiment was a success.

      • GHDL Back in Debian

        As I have noted, I have been working on packaging the VHDL simulator GHDL for Debian after it has dropped out of the archive for a few years. This work has been on slow burner for a while and last week I used some time at DebConf 18 to finally push this to completion and upload it. ftpmasters were also working fast, so yesterday the package got accepted and is now available from Debian unstable.

        The package you get supports up to VHDL-93, which is entirely down to VHDL library issues. The libraries published by IEEE along with the VHDL standard are not free enough to be suitable for Debian main. Instead, the package uses the openieee libraries developed as part of GHDL, which are GPL’ed from-scratch implementations of the libraries required by the VHDL standard. Currently these only implement VHDL-89 and VHDL-93, hence the limitation.

      • Paul Wise: FLOSS Activities July 2018
      • Derivatives

  • Devices/Embedded

Free Software/Open Source

  • Aricent, CableLabs Team on NFV System

    Aricent, a global design and engineering company, today announced an Open Source collaboration with CableLabs, a non-profit innovation and R&D lab founded by members of the cable television industry, on a self-managed and optimized virtual infrastructure platform on the Kubernetes and the Docker container model.

  • CableLabs Connects With Kubernetes

    Following an earlier move centered on OpenStack, CableLabs has introduced a Kubernetes stack as the industry R&D house tries to add more open source software to the mix and MSOs size up their software defined networking and network functions virtualization strategies.

  • CableLabs, Aricent launch new open-source NFV platform
  • Spot the Bot: Researchers Open-Source Tools to Hunt Twitter Bots

    Their goal? To create a means of differentiating legitimate from automated accounts and detail the process so other researchers can replicate it.

    What makes Twitter bots tick? Two researchers from Duo Security wanted to find out, so they designed bot-chasing tools and techniques to separate automated accounts from real ones.

    Automated Twitter profiles have made headlines for spreading malware and influencing online opinion. Earlier research has dug into the process of creating Twitter datasets and finding potential bots, but none has discussed how researchers can find automated accounts on their own.

    Duo’s Olabode Anise, data scientist, and Jordan Wright, principal R&D engineer, began their project to learn about how they could pinpoint characteristics of Twitter bots regardless of whether they were harmful. Hackers of all intentions can build bots and use them on Twitter.

  • Events

    • DevConf India 2018

      DevConf IN was organized at Christ University, Bangalore 05/06 August. It turned out to be totally fun-packed excited weekend for me. I really had a great time meeting people from various other open source communitites from India. I also delivered a talk on Flatpak mainly focusing on overall architecture, it’s benefits for the user and developers.

    • DevConf India-2018
  • Web Browsers

    • Mozilla

      • Mozilla Thunderbird 60 Released with New Dark & Light Themes, Many Improvements

        Mozilla released today the Mozilla Thunderbird 60 open-source email, calendar, and news client for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows.

        In development for the past several months, the Mozilla Thunderbird 60 release is a major one adding numerous new features and improvements, including new Light and Dark themes, OAuth2 authentication support for Yahoo and AOL accounts, individual update interval for RSS feeds, and support for WebExtension themes.

        Attachments handling during email compose has been greatly improved in Mozilla Thunderbird 60, which adds a new “Delete” button in the To/Cc/Bcc selector when writing emails to allow you to remove a recipient. Also, users can now re-order attachments using drag and drop, keyboard shortcuts, or a dialog.

      • Thunderbird 60 released
      • Thunderbird 60.0 Brings Light and Dark themes and adds Supports for OAuth2 for Yahoo and AOLs

        Mozilla developers have recently finalised version 60.0 of Thunderbird. This version has currently not been put up for distribution through update but can be directly downloaded from the official webpage by the users themselves.

      • Powerful Thunderbird 60 Email Client – Comes With Many Improvements

        Thunderbird is a free and open source Email client for Linux, Mac and Windows computers. It is a default email client for many Linux distribution. Thunderbird is a full featured Email client with features such as customization, calendars, Tasks, Reminders, Address Books and many more. Thunderbird is not only available for general users, also it is available for enterprises.

      • Firefox 62 Beta 14 Testday Results

        As you may already know, last Friday August 3rd – we held a new Testday event, for Firefox 62 Beta 14.

      • Firefox’s Trusted Recursive Resolver (TRR) may let Cloudflare and the US Government Spy on your Browsing Activity

        Mozilla Firefox is expected to introduce two new features in its next patch: DNS over HTTPs (DoH) and Trusted Recursive Resolver (TRR) which it has been testing in the web browser’s Nightly build. The latter is advocated by Mozilla with specific attention to security. This release attempts to override configured DNS servers with Cloudflare. This partnership has received stark criticism for security violation as this overhaul allows Cloudflare to access all DNS requests and the information that they entail.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • LLVM 7.0 RC1 Compiler Stack Available For Testing

      While the sources have been tagged in Git for several days now, the binaries are now available too with LLVM 7.0 RC1 now officially being announced.

      Hans Wennborg has announced the availability of LLVM 7.0 RC1, including sub-projects like Clang 7.0 RC1. Downloads of LLVM 7.0 RC1 are available from here.

  • Licensing/Legal

    • Flexera simplify OSS license compliance and vulnerability protection

      Flexera has released FlexNet Code 2018, according to their press release, this makes it easier for software suppliers to add a new layer of trust and transparency into their software supply chain.

      New functionality allows suppliers to analyse software assets and create an inventory Bill of Materials (BOM).

  • Openness/Sharing/Collaboration

    • UF/IFAS researchers to develop open-source library for farmers
    • Open Hardware/Modding

      • JPL releases plans for build-your-own Mars rover

        NASA’s Curiosity lander touched down on the surface of Mars in August, 2012, and its rover payload rolled out shortly after to begin its meandering mission. While the intrepid explorer did its thing, NASA needed an educational project to help explain the technology and the mission to the general public. That role was filled by a scaled down version called ROV-E, and now tinkerers, students, part-time scientists and the rover curious can build their very own mini Mars rover for exploring backyard craters and vast garden mountain ranges.

  • Programming/Development

    • 6 ways programmers from underrepresented countries can get ahead

      Becoming a programmer from an underrepresented community like Cameroon is tough. Many Africans don’t even know what computer programming is—and a lot who do think it’s only for people from Western or Asian countries.

      I didn’t own a computer until I was 18, and I didn’t start programming until I was a 19-year-old high school senior, and had to write a lot of code on paper because I couldn’t be carrying my big desktop to school. I have learned a lot over the past five years as I’ve moved up the ladder to become a successful programmer from an underrepresented community. While these lessons are from my experience in Africa, many apply to other underrepresented communities, including women.

Leftovers

  • DataOps: An Interview with Tamr CEO Andy Palmer

    Andy Palmer is the founder and CEO of Tamr, which offers a patented software platform for enterprise-scale data unification that combines machine learning and human expertise. He’s generally credited with coining the term DataOps three years ago.

  • GraphicsFuzz Acquired By Google To Focus On Fuzzing Android GPU Drivers

    GraphicsFuzz is the company that started out via university research into fuzzing GPU drivers and finding many graphics driver bugs along the way. After forming the company GraphicsFuzz, the researchers took to fuzzing from the web browser with WebGL. That company has now been acquired by Google.

  • As Google Maps Renames Neighborhoods, Residents Fume

    For decades, the district south of downtown and alongside San Francisco Bay here was known as either Rincon Hill, South Beach or South of Market. This spring, it was suddenly rebranded on Google Maps to a name few had heard: the East Cut.

    The peculiar moniker immediately spread digitally, from hotel sites to dating apps to Uber, which all use Google’s map data. The name soon spilled over into the physical world, too. Real-estate listings beckoned prospective tenants to the East Cut. And news organizations referred to the vicinity by that term.

  • Science

    • Who’s Responsible for Your Bad Tech Habits? It’s Complicated

      But tech companies aren’t the only ones shouldering responsibility for your digital well-being. Increasingly, governments are interceding. A new law in Georgia prohibits drivers from so much as touching their devices unless they’re parked. A bill recently introduced in Congress with bipartisan, bicameral support requested $95 million to study tech’s impact on kids. And in one of the most dramatic government interventions to date, France last week enacted a nationwide ban on smartphone use in schools—a measure French education minister Jean-Michel Blanquer has called “a public health message to families.”

    • Kurdish refugee wins the Fields medal – the biggest prize in maths

      Caucher Birkar, a mathematician at the University of Cambridge, UK won the award for his work on categorising different kinds of polynomial equations. He proved that the infinite variety of such equations can be split into a finite number of classifications, a major breakthrough in the field of arithmetic geometry. Born in a Kurdish village in pre-revolutionary Iran, Birkar sought and obtained political asylum in the UK while finishing his undergraduate degree in Iran.

    • Photography – Why You Should Use JPG (not RAW)

      When I started my modern journey into photography, I simply shot in JPG. I was happy with the results, and the images I was able to produce. It was only later that I was introduced to a now good friend and he said: “You should always shoot RAW! You can edit so much more if you do.”. It’s not hard to find many ‘beginner’ videos all touting the value of RAW for post editing, and how it’s the step from beginner to serious photographer (and editor).

      Today, I would like to explore why I have turned off RAW on my camera bodies for good. This is a deeply personal decision, and I hope that my experience helps you to think about your own creative choices. If you want to stay shooting RAW and editing – good on you. If this encourages you to try turning back to JPG – good on you too.

  • Hardware

  • Security

  • Defence/Aggression

  • Transparency/Investigative Reporting

    • Pamela Anderson Opens Up About ‘Romantic Kind Of Connection’ With WikiLeaks’ Julian Assange [Ed: Siege against journalism and a political refugee and this is what 'media' has to say...]

      Pamela Anderson is opening up about her relationship with WikiLeaks founder Julian Assange, who has been holed up in the Ecuadorian embassy in London since 2012, granted political asylum by Ecuador while he faces charges of sex crimes in Sweden.

      While the 51-year-old model, actress and animal-rights activist is currently dating French soccer star Adil Rami, she told TMZ’s Harvey Levin about her eyebrow-raising relationship with Assange in an interview with Levin’s Fox News series “OBJECTified”.

    • Pamela Anderson opens up about ‘romantic connection’ with Julian Assange [Ed: A reminder that the Kremlin's media from Russia (with love) is no better than gossip-centric media in the West]
    • Pamela Anderson Spills Beans on ‘Romantic Connection’ With Julian Assange
    • Pamela Anderson, Julian Assange ‘Romance’ Spices Up Wikileaks Probe
    • Are Pamela Anderson and Julian Assange Doing It or Nah?

      Former Baywatch star Pamela Anderson and WikiLeaks founder Julian Assange have been romantically linked for some time now, which is funny because Assange has been living in London’s Ecuadorian Embassy since the country granted him political asylum back in 2012. Per a report by Glenn Greenwald, Assange may leave the embassy soon, though that may lead to him being arrested “for breaching his bail conditions.”

    • Pamela Anderson says she has a ‘romantic’ connection with WikiLeaks founder Julian Assange and they talk about everything from the Bible to animal rights in Ecuadorian embassy

      Pamela Anderson has spoken of her ‘romantic’ connection with WikiLeaks founder Julian Assange.

      The Canadian-American actress, 51, said Assange is one of her favorite people in an interview with Harvey Levin that aired on Fox News on Sunday night.

      Describing him as ‘imperfect’, the former Baywatch star said: ‘He’s definitely an interesting person and there’s definitely a romantic kind of connection ’cause it’s a romantic struggle.

    • Clarifying asylum

      June 19th was the sixth anniversary of WikiLeaks Editor-in-Chief Julian Assange entering the Ecuadorian embassy in London. He was granted asylum in 2012 by then President of Ecuador, Rafael Correa. Mr. Correa’s successor, Lenin Moreno, has made his hostility to Mr. Assange clear, calling him a “hacker,” “stone in the shoe” and an “inherited problem,” among other things. Ecuador recently cut off Mr. Assange’s Internet access and has restricted phone calls and visitors, rendering him practically incommunicado. In contrast to the fierce anti-Americanism of Mr. Correa, Mr. Moreno is keen to normalise trade relations with the U.S. and attract foreign investment from American businesses.

    • Julian Assange is “in solitary confinement” and declining health
    • Julian Assange: What next for the Australian-born hacker, who may soon face eviction from Ecuadorian embassy

      Julian Assange’s six-year stay in the Ecuadorian embassy in London is drawing to a close, with Ecuador’s President Lenin Moreno signalling progress on a deal with the United Kingdom to evict the Australian-born hacker.

      Mr Assange has been living in the embassy in the Knightsbridge neighbourhood of London since 2012, when he first sought asylum there while on bail awaiting a possible extradition to Sweden to face an investigation into rape claims.

      The Swedish investigation was dropped in May of last year, but Mr Assange has remained in the embassy building, fearing a possible eventual extradition to the US on yet-to-be-laid spying charges.

      But amid reports his eviction is imminent, the ABC’s daily news podcast The Signal has been investigating what will happen when Mr Assange’s time in the embassy runs out.

    • Julian Assange will leave the Embassy because of health problems

      According to the Agency Bloomberg, the recent scandalous journalist and Creator of WikiLeaks Julian Assange was experiencing serious problems with health. In late July, the network appeared information that the authorities of South American state and British authorities started negotiations on further questioning Julian in the Embassy, and on July 27 the President of Ecuador made an official statement that Assange still leaves the UK. It is worth noting that now on the agenda is the issue of security of Assange.

    • Ecuador’s president issues new threat to Julian Assange

      In a tweet and television interview, Ecuadorian President Lenín Moreno has declared he will “take measures” against WikiLeaks editor Julian Assange unless he stops “intervening” in the politics and affairs of countries.

      Moreno’s tweet yesterday stated: “To Mr. Assange we have put a condition: That he stop intervening in politics and self-determination of the country. Otherwise, measures will be taken.”

      These “measures” can only mean forcing Assange out of Ecuador’s London embassy, to be immediately arrested by the British police and imprisoned, pending extradition proceedings by the Trump administration.

    • VIPS Pleas for Humanitarian Asylum for Julian Assange

      For six years, WikiLeaks editor Julian Assange has been effectively imprisoned without charges at Ecuador’s London embassy. In that time, two international courts and dozens of respected legal and human rights organizations have decried actions of the UK, US and Swedish governments that confine the journalist in what now amounts to torturous isolation, deprived of space, sunlight, visitors, communication with the outside and necessary medical care.

    • Ecuador bans Assange from talking about Catalonia

      The country had, in March, cut off his internet access because his “behaviour, with his messages on social media, is putting at risk [Ecuador's] good relations with the United Kingdom, with the other members of the European Union and other nations”. In the days before the ban, he had tweeted about the poisoning of a former Russian spy in the UK and had criticised the arrest of Carles Puigdemont in Germany.

      Wikileaks quickly came out in support of its founder, saying that “reporting is not a crime”. It criticises them for saying measures will be taken for what they say is him doing his job.

  • Environment/Energy/Wildlife/Nature

    • Neoliberalism drives climate breakdown, not human nature

      Many zoos have an exhibit like this: a wall with a hatch, and under the hatch words like “Do you want to see the most dangerous animal in the world?”. Of course everyone does, and before they open the hatch they speculate as to what the animal behind the hatch will be. A lion? A crocodile? However, when you open the hatch there is a mirror, and you see yourself staring back. You are the most dangerous animal in the world.

      Of course this is nonsense. Not everyone who opens that hatch and sees themselves looking back is equally dangerous. We are not all equally responsible for destruction of the world’s ecosystems. Some humans who open the hatch probably are responsible for a great deal of destruction. Other are not. Many people bear the brunt of someone else’s destruction.

  • Finance

    • Writing Business Cashflow

      Most craft businesses fail. It’s not surprising. Being an expert knitter doesn’t mean you should open a yarn shop. Lots of those hobbyist stores go broke in the first year because the excited, enthusiastic storekeeper doesn’t know how to pay himself and the landlord. In business, cashflow is king.

      [...]

      This is roughly how I do it, in both my long-gone consulting career and as a professional writer. I did not invent this method; rather, I accumulated it over decades of largely involuntary exposure to business. It covers how I decided I could afford to become a full-time writer, because that decision is an utterly critical part of cash flow management. There are other methods; I am not offering you the One Word of Truth here.

    • The Deficit That Will Eat the Budget and Other Ever-Popular Scare Stories

      A Wall Street Journal column by Greg Ip (3/28/18) gave us another rendition of this old scare story. The argument is that the interest paid on US government debt will soon impose an enormous burden on the federal government, choking off spending on important government programs.

      The key part of this story is that interest rates will jump at some point in the not-too-distant future. While this is in fact what the Congressional Budget Office predicts, it is also what it has been predicting ever since the Great Recession, and it has consistently been shown wrong.

  • AstroTurf/Lobbying/Politics

    • Can Science Save Politics?

      That could help him in a general election in a Republican-leaning district. Gupta told me he thinks it could help him even in the primary, though that’s less clear. Democrats don’t have as strong of an attraction towards inexperienced candidates — take Greimel’s lead in the primary as an example. But to Gupta, the real fight in American politics isn’t between Democrats and Republicans, it’s between average voters and the powerful special interests that professional politicians represent. In his vision, science and evidence are a thing the warring parties can agree on, and then use to fight the real enemy.

    • Court Says Comey And Other DOJ Officials Must Answer BuzzFeed’s Questions About The Steele Dossier

      Since publishing the urine-soaked “Steele Dossier,” BuzzFeed has been targeted with multiple defamation lawsuits. Trump’s former lawyer, Michael Cohen, ultimately dropped his lawsuit against the website after his own legal problems pretty much demanded he focus his legal attention elsewhere. Oh, and it was a lawsuit he was likely to lose, what with a lot of the alleged defamation being factual statements and any remaining defamation having been penned by the author of the dossier, not BuzzFeed itself.

      Another doomed lawsuit is still active — this one brought by Aleksej Gubarev and a couple of his companies (XBT Holdings and Webzilla, Inc.). Gubarev claims the next-to-last paragraph of the Steele Dossier defames him and his by linking Gubarv to Russian hacking attempts targeting the Democratic National Committee.

      This lawsuit is likely doomed to fail as well, what with the alleged defamation having been penned by Steele, not BuzzFeed. But while it rolls towards this seemingly inevitable conclusion, the process continues with the subpoenaing of witnesses for both sides. BuzzFeed wants to depose people with knowledge of the events depicted in the dossier — high-powered people like former FBI Director James Comey and other DOJ/FBI officials.

    • The Russians are coming

      This updates my last blog post where I said that we’re getting a flood of spambots. Summary: if you’re an admin affected by this, you must act now. I’ll cut to the chase.

    • Illinois House Candidate Will Walk for Votes — And Has To

      Amanda Biela was campaigning door to door in north suburban Glenview one afternoon last week when she stopped to talk with a senior watering his front lawn.

      “I’m running for 15th District state rep,” Biela told him, “and I’m basically running against the Madigan machine.”

      Biela explained that she’s challenging incumbent Rep. John D’Amico, which means she’s also taking on his ally Michael Madigan, the long-serving state House Speaker and Democratic Party leader. Biela, a former Chicago Public Schools teacher and mother of three, added that her top priority is lowering property taxes.

      She didn’t mention that she’s a Republican. Why bring it up right away in a Democrat-dominated district?

    • Mnangagwa, Chamisa, rule out GNU…ED to appoint MDC ministers

      Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.

      Mnangagwa is of the view that though a coalition government was not bad, it is not necessary at the moment.

    • Mnangagwa rules out GNU

      Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Bill Says US Tech Companies Must Let The Feds Know When Foreign Companies Poke Around In Their Source Code

      American tech companies don’t want to give up their cut of a $20 billion Russian software/hardware market, so they’ve been allowing purchasers to examine devices and vet source code before shelling out for new products. This isn’t exactly ideal for American companies, but Russia is as concerned as anyone else products might be shipping with adversaries’ backdoors pre-installed. American companies don’t necessarily like having entities linked to Russia’s government vetting source code, but the market is too big to be ignored.

      Russia has every right to suspect government backdoors may be unlisted features. Checking products and source code before purchase just makes sense, what with leaked documents showing the NSA intercepts foreign-bound hardware to install backdoors and other leaks exposing a fair bit of the agency’s exploit collection. But now that Russia appears to have engaged in cyberwarfare efforts during the 2016 election, legislators are demanding US companies let the US government know who’s been poking around in their products.

    • NSA questioned over unauthorized call-record collection by Sens. Wyden, Paul
    • The NSA routinely fails to protect privacy, but no one is fixing it

      Last week, very quietly, the National Security Agency’s Office of the Inspector General released a report on the agency that should concern us all. In it, the IG finds that the NSA routinely fails to keep data safe. Just prior to the report’s publication, the world learned that Russian hackers infiltrated hundreds of power grids. “They got to the point they could have thrown switches,” a Homeland Security official told the Wall Street Journal.

    • Battle lines drawn over US mass surveillance as senators probe NSA’s bonfire of phone records

      A fight has begun over another of the US government’s mass surveillance systems – with two Senators raising questions about an unusual data deletion by the National Security Agency (NSA).

      Senators Ron Wyden (D-OR) and Rand Paul (R-KY) have sent a letter [PDF] to the NSA’s inspector general asking him to look into the agency’s torching of metadata for hundreds of millions of phone calls.

      “We write to request that you conduct an investigation into the circumstances surrounding, and any systemic problems that may have led to, the deletion by the National Security Agency (NSA) of certain call detail records (CDRs) collected from telecommunications service providers pursuant to Title V of the Foreign Intelligence Surveillance Act (FISA),” the letter begins.

    • NSA questioned over unauthorized call-record collection by Sens. Ron Wyden, Rand Paul

      Senators from both sides of the aisle sought answers from the ’s internal watchdog Thursday involving the “technical irregularities” that resulted in the recently deleting several years’ worth of call records collected outside the scope of its authority.

      Sen. Ron Wyden, Oregon Democrat, and Sen. Rand Paul, Kentucky Republican, wrote the ’s inspector general in response to the stating recently that it was erasing call records that it had obtained from telecommunications providers but “was not authorized to receive.”

    • SpiderOak warrant canary to be replaced by ‘transparency report’
    • GDPR is eroding our privacy, not protecting it

      It’s been more than a couple of months since GDPR (the EU General Data Protection Regulation) came into force. The promise of giving the citizens back control of their personal data was brash and resonated with many of us, but apart from emboldening few data protection activists, the GDPR has not meaningfully changed the privacy…

    • BBC Wants Microsoft to Expose ‘Doctor Who’ Leaker

      New court documents suggest that the BBC has yet to find the source of the leaked ‘Doctor Who’ footage that previously appeared online. The British company is hoping that Microsoft can help. At a federal court in Washington, the BBC requested a DMCA subpoena targeted at a OneDrive user who shared the infringing material online late June.

    • How to Stay Safe on Public Wi-Fi

      Connecting to a public Wi-Fi network can put you at risk. Here’s how to minimize the damage.

    • The Terrible Things That Can Happen When VPNs Go Rogue

      Not every VPN is created equal. In fact, most of them aren’t worth their salt. Truth be told, it’s increasingly important to conduct in-depth tech reviews of VPN (virtual private network) services before you simply subscribe to one. Credible VPN providers are out there, but you’ve got to know what to look for. A VPN client encrypts your traffic through a VPN gateway. Simply put, it’s as if your online activity is masked by an invisible shroud.

    • BBC Migrates Everything To HTTPS, Immediately Finds Itself Blocked By The Chinese Government

      Move to HTTPS; lose the Chinese. That’s the revised internet maxim. China’s Great Firewall has gradually reduced the number of foreign sites accessible by Chinese citizens… “gradually” only in the sense that it’s been a continuous rollout steadily decreasing web access. The government blocked an entire content delivery network at one point, so even this gradual rollout has seen its share of spikes.

      [...]

      The BBC recommends a VPN to bypass Chinese web filtering, but that suggestion only goes so far in country where VPN use has been banned for the most part. Businesses still rely on VPNs for securing their communications and content, so the capitalist heart of the authoritarian government has granted exceptions. But the exceptions are limited to VPNs registered with the government, which presumably contain government backdoors.

    • Facebook asking major US banks for financial data: report
    • Facebook seeks access to bank data of Americans: report

      Undeterred by its recent travails, social media giant Facebook has started asking large American banks to share detailed information about their customers in order that it can offer new services to its two billion-plus users.

      The Wall Street Journal reported that among the information sought were credit and debit car[d] transactions and account balances for those who held cheque accounts.

    • Facebook: We’re not asking for financial data, we’re just partnering with banks

      Diana further explained that account linking is already live with PayPal, Citi in Singapore, and American Express in the United States.

    • Facebook Now Wants Your Banking Information As Well

      A report published today on The Wall Street Journal says that Facebook wants customers’ bank details on their platform to bolster user engagement. As per the report, Facebook wants to come to a mutual arrangement with banks to share data to improve the quality of services offered to the users.

    • Facebook to Banks: Give Us Your Data, We’ll Give You Our Users

      Facebook Inc. wants your financial data.

      The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.

    • Facebook Pushes Online Ads, Then Spends Its Cash on Billboards

      As tech companies like Facebook Inc. and Google vacuum up billions of dollars in online advertising, they’re pouring their own marketing dollars into billboards and other forms of outdoor signage. That’s driving growth in one of the oldest forms of marketing and is one reason why the category is the only traditional channel expected to grow this year.

  • Civil Rights/Policing

    • Head of German secret service advised far-right Alternative for Germany

      Whoever criticizes the far-right or rejects the brutal and inhumane refugee policy of the grand coalition in the Bundestag (parliament), is, according to the definition of the secret service, a “left-wing extremist” and a threat to the Constitution. Still more reprehensible, according to the report, is the collection of “information on alleged or actual right-wing extremists and their institutions.”

    • Surprisingly Rational TSA Plan To Drop Screening At Small Airports Has Almost Zero Chance Of Getting Off The Ground

      Of course, a lot of the risk assumption is based on another assumption: that the TSA actually prevents terrorist attacks. There’s a lot of evidence indicating it doesn’t. Screeners miss explosives and other dangerous objects at an alarming rate. And for all the bragging the TSA does about taking harmless objects away from passengers, attempted terrorist attacks have always been thwarted in the air by passengers, rather than by TSA agents on the ground or air marshals on the targeted planes.

    • Federal Judge Declares ‘Policing for Profit’ Unconstitutional

      Police in New Mexico were ignoring the state’s law against civil asset forfeiture until a federal ruling last week.

      Anybody who has watched at least one episode of Law & Order knows that in America, anyone accused of a crime is considered “innocent until proven guilty.” That’s the way it should be, at least. When a person is accused of a crime, the burden of proof belongs to the accuser.

      But what most people don’t realize is that police routinely use a constitutionally dubious form of legal jiu-jitsu called “civil asset forfeiture” to flip this basic principle of fairness on its head. With civil asset forfeiture, police literally accuse your stuff of a crime, and you as the owner have to prove that your stuff is innocent.

      Here’s an example: In 2010 Stephen Skinner and his son Jonathan, both African-American, were on a road trip to Las Vegas, Nevada, for a vacation when they were pulled over by New Mexico State Police for going 5 mph over the speed limit. The trooper searched their rental car and found several thousand dollars in cash and coins in their luggage that the two men had set aside for gaming at the casinos. The trooper called Skinner, then in his late 50s, “boy” and released him with a warning that “it’s not over.”

      And sure enough, it wasn’t.

    • A Jury May Have Sentenced a Man to Death Because He Is Gay. It’s Time for a Federal Court to Hear His Bias Claim

      Jurors in a South Dakota death penalty case thought a gay man might enjoy being sentenced to life in prison with other men, so they voted for death.

      Last week, civil rights groups, including the ACLU and Lambda Legal, urged the Eighth Circuit Court of Appeals to accept the case of Charles Rhines, a gay man in South Dakota whose sexual orientation may have played a role in his death sentence in 1993.

      In a related appeal, the Eighth Circuit denied relief on many of Mr. Rhines’s claims the day after the friend-of-the-court filing. But the federal appeals court didn’t address whether Mr. Rhines will be allowed to present evidence of anti-gay bias, as the groups had asked in their friend-of-the-court brief. The Eighth Circuit can still take the case, and it should. Here’s why.

    • Saudi Arabia suspends Toronto flights

      It comes after Canada called for the release of women’s rights activists, including Samar Badawi.

    • Using the Power of the Crowd to Document Hate

      Today we’re debuting a documentary with Frontline that chronicles some of our reporting on hate groups over the past year.

      Reporters A.C. Thompson and Ali Winston have been investigating the rise of white supremacist groups in the U.S. after the violent August 2017 Unite the Right rally in Charlottesville. Their work is part of a project at ProPublica called Documenting Hate.

      The project, which started shortly after Election Day in 2016, has an ambitious goal: collect as much data as we can to make up for the wholly inadequate records collected by the government.

    • For Charlottesville Authorities, a Painful Post-Mortem on Preparedness

      On Aug. 2, 2017, Charlottesville Mayor Michael Signer convened a closed meeting of the City Council. The Unite the Right rally was days off, and Signer was concerned about how to manage the potential for trouble. The Virginia State Police were there. So, too, was the chief of the Charlottesville Police Department.

      Signer and the council members asked the law enforcement officers present directly: Was there a “specific, credible threat” of violence?

      There was none, the elected officials said they were told.

      Mayhem, of course, ensued some 10 days later, as marches by white supremacists turned bloody and left a 32-year-old woman dead. The violence set off a national political firestorm, and also a great deal of soul-searching by the city of Charlottesville.

      Months later, a 200-page independent review of law enforcement’s handling of the rally excoriated the local and state police for failing to intervene earlier and more effectively to limit the bloodshed.

    • Is the Proposed Sentence for NSA Whistleblower Reality Winner Too Harsh?

      On June 26th, National Security Agency (NSA) whistleblower Reality Winner pleaded guilty in federal court, agreeing to 63 months in prison in plea agreement for a single charge of espionage. Winner’s case has made national headlines throughout the past year after she was arrested in June 2017 for leaking NSA documents regarding a Russian hack in the 2016 election to a news outlet. Ms. Winner was arrested under the Espionage Act, a federal law that was created for spies, not whistleblowers.

      Ms. Winner, 26, was the first person to be accused of leaking classified information by the Trump administration. Ms. Winner, who is also a decorated Air Force veteran, has served over a year in jail in Lincoln County, Georgia, under harsh conditions.

  • Internet Policy/Net Neutrality

    • Trump Admin Hopes Kavanaugh Supreme Court Delivers The Killing Blow To Net Neutrality

      So you’ll recall that before Comcast, AT&T, Verizon and friends convinced the Trump FCC to ignore the public and kill net neutrality, they had attempted to dismantle the rules legally. That effort didn’t go very well, with the U.S. Court of Appeals for the D.C. Circuit upholding the FCC’s Open Internet Order in June of 2016, and ISPs losing a subsequent en banc appeal. More specifically, the courts found that the former Wheeler-run FCC was well within its legal right to reclassify ISPs as common carriers under the Telecom Act.

      The 2016 FCC victory made sense, especially if you recall that the agency lost its 2014 legal fight with Verizon in part because it tried to implement net neutrality without first putting itself on legal footing by classifying ISPs as common carriers under Title II. You might also recall that Wheeler at the time initially wasn’t sure about the Title II route, but changed his mind based on available facts and evidence, back when people, you know, actually still did that.

      But that was then and this is now. Lawyers for the FCC and Department of Justice filed a brief (pdf) with the Supreme Court last Friday, urging it to vacate the 2016 court ruling that upheld the Wheeler-era net neutrality rules.

    • Decentralising the web: Maintaining the momentum

      The Decentralized Web Summit played host to a gathering of web luminaries such as Sir Tim Berners-Lee, Brewster Kahle and Vint Cerf. On top of that, activists and authors and screenwriters such as Jennifer Stisa Granick, Emili Jacobi, Mike Judge and Corey Doctorow put in an appearance, as did cryptocurrency pioneers like Zooko Wilcox, blockchain developers, and academics.

    • Facebook Killed the Feed

      There’s a movement to reclaim blogging as a vibrant, vital space in academia. Dan Cohen, Kathleen Fitzpatrick, and Alan Jacobs have written about their renewed efforts to have smart exchanges of ideas take place on blogs of their own. Rather than taking place on, say Twitter, where well-intentioned discussions are easily derailed by trolls, bots, or careless ¯\_(ツ)_/¯. Or on Facebook, where Good Conversations Go to Die™.

  • Intellectual Monopolies

    • Analysis: CJEU SPC basic patent ruling “doesn’t give any more clarity”

      The CJEU attempted to clarify the meaning of “protected by a basic patent” in Teva v Gilead, but practitioners and in-house counsel say it raises more questions than it has answered including a new test that is not clear

    • Why Chinese biotech inventions have yet to make an impact globally, despite patenting surge

      A new academic article about patenting in the BRICS countries makes fascinating reading for life sciences IP professionals interested in gauging the development and current state of China’s biotechnology patent landscape. On the one hand, it highlights the drastic increases achieved in the number of biotech patent applications made by China-based innovators over recent years – a surge that far exceeds that in other emerging economies. But, on the other hand, the study casts doubt on the commercial value of the resultant grants. Life sciences patent professionals have strong reason to be interested in the development of China’s IP landscape

    • Pinduoduo and its IPO in the U.S. — The dark force rises?

      Even this Chinese Kat who is currently located in The Netherlands did not find Pinduoduo (or PDD) and its advertisements unfamiliar — simply no escape is possible from its brain-washing marketing campaigns launched everywhere in the Chinese media.

      On July 19, days ahead of its IPO on the Nasdaq, PDD was sued by a Chinese diaper manufacturer, Beijing Daddy’s Choice Science and Technology Co., Ltd. (hereinafter referred to as Daddy’s Choice or the plaintiff), for trade mark infringements before the New York Federal Court. See the document here.

      In a nutshell, based on the two trade mark registrations in the U.S. (No. 5463121 and No. 5238282), the plaintiff accused PDD of knowingly allowing the sale of counterfeited and unauthorized products bearing the Daddy’s Choice name.

      The infringement lawsuit itself, in this Kat’s viewpoint, is quite straightforward. What seems more intriguing is the nation-wide discussions triggered by PDD and its IPO in China, on which from this Kat’s observation are mostly one-sided criticism.

    • Ericsson and LG Electronics Sign Global Patent License Agreement

      Ericsson (NASDAQ: ERIC) and LG Electronics have renewed a global patent license agreement on FRAND terms and conditions between the two companies. Ericsson and LG Electronics are two of the leading contributors to the GSM (2G), UMTS (3G), and LTE (4G) cellular communication standards and both companies are making significant investments in the development of the NR (5G) standard. The agreement includes a cross license that covers patents relating to both companies’ 2G, 3G, and 4G standard-essential patents. The terms of the agreement are confidential.

    • Beware of “added matter” in Spain

      On 13 April 2018, the Barcelona Court of Appeal (Section 15) wrote a decision highly illustrative of the challenges that an “added matter” objection may raise in Spain, particularly in the context of preliminary injunction proceedings. The decision confirmed a ruling of 18 July 2017 from Barcelona Commercial Court number 4, which had lifted a preliminary injunction ordered against a manufacturer of generic medicaments, for considering that the patent was unlikely to overcome an “added matter” objection in the main proceedings.

      The first question addressed by the Barcelona Court of Appeal (Section 15) was to what extent “nullity” may be raised as a defence in preliminary injunction proceedings, where life is very short. The Court reiterated, citing the case law stemming from its decisions of 4 January 2006 (amlodipine), that in the context of preliminary injunction proceedings the validity of a patent cannot be examined in depth. The patent will be deemed to be valid unless the defendant alleges “very clear and evident indicia” supporting nullity. After clarifying that the burden of proving these “very clear and evident indicia” lies with the defendant, the Court examined whether or not the arguments alleged to found the “added matter” objection in the case at hand were sufficiently robust as to lift the preliminary injunction, as the Court of First Instance had done.

    • The need to protect ideas

      Intellectual properties must be guarded if the country wants to push towards an innovation economy.

      Getting a patent is like buying insurance – it’s not something people think they need until it’s too late.

      Australian patent attorney Leon Allen enjoys drawing parallels between the two.

      Running with the metaphor, he says it’s like an insurance policy – there are good and bad ones. In the case of patents, the quality of the initial application defines how likely it will hold up to challenges in the future.

    • Copyrights

      • MPAA: To Save Free Speech, We Must Broadly Censor Free Speech

        Earlier this year, we wrote about a thought-provoking article by Zeynep Tufecki discussing how some people were deliberately trying to use the open “marketplace of ideas” to effectively attempt to poison the marketplace of ideas. Also mentioned in that article was an excellent Yale Journal Article called Real Talk About Fake News by Nabiha Syed, which raised similar issues, and wondered if we needed a new framework for thinking about free speech online. We later had Syed on our podcast to discuss this further. Both Tufecki and Syed were raising important, thought-provoking issues that were not at all like the usual attacks on free speech — because neither was an attack on free speech. Instead, they were attempting to protect free speech by pointing out that the way we often frame these discussions may not be the most effective way of thinking about these issues — and that might actually lead to the silencing of voices.

        This has certainly spurred many more thoughtful discussions on these topics. But… it won’t surprise you that some are now looking to exploit this open discussion in their own way. The MPAA recently filed some comments with the NTIA, and what’s striking about them, is how they appear to be co-opting the language of Tufecki to attack free speech online, and push for legal changes that would lead to massive censorship. But, in doing so, they claim these changes are necessary to “protect” free speech. The MPAA’s VP Neil Fried also put out a somewhat snarky blog post about the filing, in which the MPAA insists that CDA 230 and DMCA 512 must be changed because “the status quo does not seem to be working.”

      • Evidence Mounts: UK Study Shows Better Legal Alternatives Pushing Pirates To Become Customers

        The theory that piracy enforcement is a far inferior method for combating copyright infringement when compared with better and innovative business models and offerings is certainly old hat for us here. And, while there have certainly been studies going back years showing that to be the case, it seems notable that the past few months have seen a wave of these studies all coming on top of each other. We had MUSO, of all organizations, essentially concluding a survey it did in the UK showing how much content “pirates” actually buy legitimately by saying, “Hey, content industries, get your shit together!” That was followed quite recently by a study performed by Dutch researchers that did an amazing and large-sampled survey that concluded quite clearly that user-friendly legal alternatives depressed piracy rates at a far greater clip than enforcement measures.

        And, now, because good things always come in threes, yet another study in the UK has shown that once-pirates of music are morphing into very real customers due to convenient and user-friendly streaming services.

      • Major Labels Sue More YouTube Ripper Sites

        Major labels including Universal, Warner Bros, Sony, and others have teamed up to sue two more YouTube-ripping sites. FLVTO.biz and 2conv.com are reportedly operated out of Russia, but according to information provided to the US Trade Representative by rightsholders earlier this year, the sites provide MP3 downloads to users from servers hosted in Germany.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

Leave a Comment

You must be logged in to post a comment.

What Else is New


  1. From the Eastern District of Texas (US) to Australia Patent Quality Remains a Problem

    Patents on anything from thoughts to nature/life (in the US and in Australia, respectively) demonstrate the wildly wide range (or spectrum) of patents nowadays granted irrespective of their impact on innovation



  2. Alice/35 U.S.C. § 101 and PTAB Are Here to Stay and Even Their Critics (Patent Maximalists) Have Come to Accept That

    Taking stock of the latest PTAB news and rants; the latter has become scarce because efforts to undermine PTAB have all failed



  3. Patent Trolls Roundup: Conversant Wireless Licensing (Formerly Core Wireless) and Blackbird 'Technologies' Still Prey on Real Companies

    A quick recap of recent decisions and motions, which serve to show that patent trolls can be beaten, avoided, and sometimes even 'disarmed'



  4. Links 19/8/2018: Skrooge 2.15.0, Wine 3.14, End of Akademy 2018

    Links for the day



  5. David Ruschke, the PTAB's Chief, is Moving So the Patent Maximalists Push Their Anti-PTAB Agenda

    As the chief judge of the Patent Trial and Appeal Board (PTAB) moves elsewhere at the USPTO there are those who hope that a replacement will undo PTAB inter partes reviews (IPRs), which generally improve the quality of granted patents



  6. If David Chiles Turned the USPTO Into a 'Microsoft Shop' That Might Explain Three Days (or More) of Outages

    The U.S. Patent and Trademark Office (USPTO) is having profound technical issues; some already point their fingers at David Chiles, alleged to have been hired/promoted for the wrong reasons



  7. Links 17/8/2018: GNU/Linux From ASUS, Debian at 25, Lubuntu Plans

    Links for the day



  8. Links 16/8/2018: MAAS 2.4.1, Mesa 18.2 RC3

    Links for the day



  9. USPTO Craziness: Changing Rules to Punish PTAB Petitioners and Reward Microsoft for Corruption at ISO

    The US patent office proposes charging/imposing on applicants that are not customers of Microsoft a penalty; there’s also an overtly and blatantly malicious move whose purpose is to discourage petitions against wrongly-granted (by the USPTO) patents



  10. The Demise of US Software Patents Continues at the Federal Circuit

    Software patents are rotting away in the United States; it remains to be seen when the U.S. Patent and Trademark Office (USPTO) will truly/fully honour 35 U.S.C. § 101 and stop granting such patents



  11. Almost Two Months After the ILO Ruling Staff Representative Brumme is Finally Back on the Job at EPO

    Ion Brumme gets his position at the EPO back, owing to the Administrative Tribunal of the International Labour Organization (ILO-AT) ruling back in July; things, however, aren't rosy for the Office as a whole



  12. Links 15/8/2018: Akademy 2018 Wrapups and More Intel Defects

    Links for the day



  13. Antiquated Patenting Trick: Adding Words Like 'Apparatus' to Make Abstract Ideas Look/Sound Like They Pertain to or Contain a 'Device'

    35 U.S.C. § 101 (Section 101) still maintains that abstract ideas are not patent-eligible; so applicants and law firms go out of their way to make their ideas seem as though they're physical



  14. Open Invention Network (OIN) Member Companies Need to Become Unanimous in Opposition to Software Patents

    Opposition to abstract software patents, which even the SCOTUS and the Federal Circuit nowadays reject, would be strategically smart for OIN; but instead it issues a statement in support of a GPL compliance initiative



  15. President Battistelli 'Killed' the EPO; António Campinos Will 'Finish the Job'

    The EPO is shrinking, but this is being shrewdly disguised using terms like "efficiency" and a low-profile President who keeps himself in the dark



  16. Links 14/8/2018: Virtlyst 1.2.0, Blender 2.8 Planning Update, Zorin OS 12.4, FreeBSD 12.0 Alpha

    Links for the day



  17. Berkheimer Changed Nothing and Invalidation Rates of Abstract Software Patents Remain Very High

    Contrary to repetitive misinformation from firms that 'sell' services around patents, there is no turnaround or comeback for software patents; the latest numbers suggest a marginal difference at best — one that may be negligible considering the correlation between expected outcomes and actions (the nature of risk analysis)



  18. Lockton Insurance Brokers Exploiting Patent Trolls to Sell Insurance to the Gullible

    Demonstrating what some people have dubbed (and popularised) "disaster capitalism", Lockton now looks for opportunities to profit from patent trolls, in the form of "insurance" (the same thing Microsoft does)



  19. Patent Lawyers Writing Patent Law for Their Own Enrichment Rather Than for Innovation

    We have become detached from the original goals and come to the point where patent offices aren't necessarily run by people qualified for the job of advancing science and technology; they, unlike judges, only seem to care about how many patents get granted, irrespective of their quality/merit



  20. Links 13/8/2018: Linux 4.18 and GNU Linux-libre 4.18 Arrive

    Links for the day



  21. PTAB is Loathed by Patent Maximalists Because It Can Potentially Invalidate Thousands of Software Patents (More Than Courts Can Handle)

    The US patent system has become more resistant to software patents; courts, however, are still needed to invalidate such patents (a potentially expensive process) because the USPTO continues to grant these provided some fashionable buzzwords/hype waves are utilised (e.g. "facial recognition", "blockchain", "autonomous vehicles")



  22. Gene Quinn and 'Dallas Innovates' as Couriers of Agenda for Patent Trolls Like iPEL

    Failing to hide their real purpose and malicious agenda, sites whose real purpose is to promote a lot of patent litigation produce puff pieces, even for patently unethical trolls such as iPEL



  23. Software Patents, Secured by 'Smart' and 'Intelligent' Tricks, Help Microsoft and Others Bypass Alice/Section 101

    A look at the use of fashionable trends and buzzwords to acquire and pass around dubious software patents, then attempting to guard these from much-needed post-Alice scrutiny



  24. Keep Boston (and Massachusetts in General) From Becoming an Infestation Zone for Patent Litigation

    Boston, renowned for research and innovation, has become somewhat of a litigation hotbed; this jeopardises the state's attractiveness (except perhaps to lawyers)



  25. Links 12/8/2018: Academy of Motion Picture Arts and Sciences, Mesa 18.1.6 Release Notice, New Linux Imminent

    Links for the day



  26. Thomas Massie's “Restoring America’s Leadership in Innovation Act of 2018” (RALIA) Would Put the US Patent System in the Lions' (or Trolls') Mouth Again

    An anti-§ 101 and anti-PTAB bill from Rep. Thomas Massie (R-KY) strives to remove quality control; but by handing the system back to patent trolls he and his proponents simply strive to create more business of litigation, at the expense of innovation



  27. EPO-Style Problem-Solution: Tackling Backlog by Granting Lots of Low-Quality (Bogus) European Patents, Causing a Surge in Troll/Frivolous Litigation

    The EPO's lack of interest in genuine patent quality (measuring "quality" in terms of speed, not actual quality) may mean nothing but a litigation epidemic; many of these lawsuits would be abusive, baseless; those harmed the most would be small businesses that cannot afford a legal defense and would rather settle with those who exploit questionable patents, notably patent trolls



  28. Links 11/8/2018: PGP Clean Room 1.0, Ring-KDE 3.0.0, Julia 1.0

    Links for the day



  29. Propaganda Sites of Patent Trolls and Litigators Have Quit Trying to Appear Impartial or Having Integrity

    The lobbying groups of patent trolls (which receive money from such trolls) carry on meddling in policy and altering perception that drives policy; we present some new examples



  30. Months After Oil States the Patent Maximalists Still Try to Undermine Inter Partes Reviews (“IPRs”), Refusing to Accept Patent Quality

    The patent maximalists in the United States, seeing that the USPTO is moving away from patent maximalism, is desperate for a turnaround; prominent patent maximalists take it all out on PTAB


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts