EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.24.18

Links 24/8/2018: Intel’s Gag Backfires, Red Hat Takes Aim at VMware

Posted in News Roundup at 11:22 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Microsoft Investigated For Alleged Bribery and Corruption in Hungary

    U.S. Justice Department and the Securities and Exchange Commission are investigating Microsoft for possible bribery and corruption in its pursuit of software sales in Hungary, the Wall Street Journal reported on Thursday.

  • Desktop

    • You want how much?! Israel opts not to renew its Office 365 vows

      Microsoft’s desire to move users into the exciting world of Office 365 subscriptions has been dealt a blow as the Israeli government took a look and said “no thanks.”

      In a statement given to The Register, the Israeli Ministry of Finance explained that it currently spends more than 100m Israel New Shekels (£21.3m) per year on Microsoft’s software products.

    • Big List of Most Popular Chromebook Brands Will Not Receive Linux Support Due to 3.14 Kernel

      It turns out that unfortunately a lot of Chromebooks with the Linux 3.14 kernel aren’t going to be getting any Linux app support from Google – including Google’s own Chromebook Pixel series. This is quite a blow to the Chromebook Linux community, as many developers were always working on backporting the essential kernel modules such as vsock, trying their best to make vsock backward compatible – though it turned out that vsock isn’t backwards compatible with Linux kernel 3.14, but the point remains.

    • Old Chromebooks won’t get Linux app support after all
    • Chromebooks with Linux kernel 3.14 & older won’t get Linux app support
    • Linux apps are NOT coming to many still-supported Chromebooks
    • Older Chromebooks including the 3-year-old Chromebook Pixel won’t get Linux apps
    • Linux Apps Won’t Come To Many Older Chromebooks Including the 2015 Pixel – But There’s A Catch
    • Linux Apps On Chrome OS To Require Kernel Version Above 3.14
    • Chromebook Linux support: not everyone’s invited to the party
    • Older Chromebooks may not run Linux programs due to outdated software

      Not all Chromebooks will support Linux software when the feature comes to Chrome OS later this year. So far, 14 devices may be excluded from the list including Google’s own Chromebook Pixel introduced in 2015. The current list, generated on Reddit, consists of four models from Acer, four models from Asus, two from AOpen, and more.

      Google revealed support for Linux software on Chrome OS during its developer conference earlier this year. The idea is for developers to test their Android- and web-based apps on Chromebooks. Linux would run inside a virtual machine designed specifically for Chrome OS, which is simply an emulated high-end computer running within your PC’s real-world system memory.

    • Organizing a Market for Applications

      The “Year of the Desktop” has been a perennial call to arms that’s sunken into a joke that’s way past its expiration date. We frequently talk about the “Year of the Desktop”, but we don’t really talk about how we would achieve that goal. What does the “Year of the Desktop” even look like?

      What it comes down to is applications—rather, a market for applications. There is no market for applications because of a number of cultural artifacts that began when the Free Software was just getting up on wobbly legs.

      Today, what we have is a distribution-centric model. Software is distributed by an OSV (operating system vendor), and users get their software directly from there via whatever packaging mechanism that OSV supports. This model evolved, because in the early-to-mid 1990s, those OSVs existed to compile the kernel and userspace into a cohesive product. Packaging of applications was the next step as a convenience factor to save users from having to compile their own applications, which always was a hit-or-miss endeavor as developers had different development environment from the users. Ultimately, OSVs enjoyed being gatekeepers as part of keeping developers honest and fixing issues that were unique to their operating system. OSVs saw themselves as agents representing users to provide high-quality software, and there was a feeling that developers were not to be trusted, as of course, nobody knows the state of their operating system better than they would.

  • Server

    • Aqua Security Open Sources Container Pen Test

      Aqua Security is trying to level the container security playing field by making available as an open source project an open source edition of a penetration testing tool designed specifically for container clusters.

      Rani Osnat, vice president of product marketing for Aqua Security, says kube-hunter is an automated penetration testing tool that developers and cybersecurity teams can employ to discover vulnerabilities within containers.

      That tool is designed to be run in two modes. Passive hunters run by default and are designed to execute a series of tests that probe for potential access points within your cluster. An active hunting mode then can be employed to execute additional tests against any weaknesses found with the passive hunter. Results from those tests are then shown on a website hosted by Aqua Security.

    • Getting started with Linux containers

      A major drawback of an OS-based model is that it is slow, and to deploy a new application, IT administrators might need to install a new server, which incurs operational costs and requires time.

      When every application has its own copy of the OS, operations are often inefficient. For example, to guarantee security, every application needs its own dedicated server, which results in lots of under-utilized hardware in the data center.

      A container is an isolated environment where the OS uses namespaces to create barriers. Linux containers have all the necessary components to run an application and make it easy to run a container on top of an operating system.

      From a hardware standpoint, containers utilize resources more efficiently. If there is still hardware capacity available, containers can use that and admins won’t need to install a new server.

  • Audiocasts/Shows

  • Kernel Space

    • UBIFS & OverlayFS Updates Hit The Linux 4.19 Kernel

      For the Linux 4.19 kernel there’s been a lot of F2FS performance enhancements and more, the new EROFS file-system, low-level Btrfs improvements, and more. Some of the file-system work less in the spotlight are the OverlayFS and UBIFS updates sent in this week.

      On the OverlayFS front it’s a fairly notable merge window. OverlayFS now has support for stack file operations and metadata-only copy-up. The stack file operation support alone will allow cleaning up some “hacks” in the kernel’s VFS code and other code improvements. The details on the OverlayFS work via this pull from a few days ago.

    • Linux 4.19 ARM Updates Bring Raspberry Pi Voltage Driver, Samsung Aires Phone Support

      Olof Johansson has sent in his usual batch of multiple pull requests updating the ARM hardware support, this time for the nearly-over Linux 4.19 kernel merge window.

      There is some good additions to the ARM hardware support in Linux 4.19 like the Raspberry Pi voltage driver as well as the Raspberry Pi Compute Module CM1 support in mainline, a few new SoCs, and various new hardware devices supported — including the $100 Chinese Pinebook ARM 64-bit laptop recently making rounds. Though not part of the Linux 4.19 cycle is anything more on the lack of NXP i.MX8 support and has us increasingly wondering not if Purism will make their Librem 5 ship goal for this Linux smartphone but how far they will be off that ship date… Their Librem 5 developer kits also appear to have not begun shipping yet.

    • Linux 4.19 Adds Deferred Console Takeover Support For FBDEV – Cleaner Boot Process

      While FBDEV has been on its last leg for years with some calling for its deprecation and encouraging instead DRM/KMS drivers rather than (mostly embedded vendors) focusing on FBDEV frame-buffer drivers, with Linux 4.19 the FBDEV subsystem is bringing a useful addition to the kernel.

      Hans de Goede, who has done a range of useful kernel contributions over the years at Red Hat from working out better Linux laptop power management to a cleaner boot process, has been working this summer on deferred console takeover support.

    • OpenRISC Continues Puttering Along With Linux 4.19 Improvements, New GCC Port

      While OpenRISC has been around longer than RISC-V as an open-source processor ISA, with not having as many commercial stakeholders involved, it hasn’t been off to the races as quickly, but it’s still marching to the beat of its own drum.

      OpenRISC developer Stafford Horne today sent in the kernel patches for the Linux 4.19 cycle. The only changes on the OpenRISC front for the Linux 4.19 cycle is work done by Christoph Hellwig to allow this CPU architecture code to use the kernel’s generic DMA interfaces.

    • Linux Foundation

      • Open Source Akraino Edge Computing Project Leaps Into Action

        The ubiquitous topic of edge computing has so far primarily focused on IoT and machine learning. A new Linux Foundation project called Akraino Edge Stack intends to standardize similar concepts for use on edge telecom and networking systems in addition to IoT gateways. The goal to build an “open source software stack that supports high-availability cloud services optimized for edge computing systems and applications,” says the project.

        “The Akraino Edge Stack project is focused on anything related to the edge, including both telco and enterprise use cases,” said Akraino evangelist Kandan Kathirvel, Director of Cloud Strategy & Architecture at AT&T, in an interview with Linux.com.

    • Graphics Stack

      • Patches Prep The Merging Of AMDKFD + AMDGPU Linux Drivers

        The plans talked about in early July for merging the AMDKFD driver into the AMDGPU DRM driver are moving ahead and out today are the initial patches working towards this merger.

        AMDKFD is the graphics vendor’s “Kernel Fusion Driver” with the name originating from the Fusion days and is the kernel bits needed for HSA/compute on Radeon graphics hardware.

    • Benchmarks

      • AMDGPU-PRO 18.30 Pro/Open vs. Upstream Mesa OpenGL/Vulkan Radeon Benchmarks

        Last week AMD released the AMDGPU-PRO 18.30 hybrid driver featuring their latest optional proprietary Linux driver components as well as the “all-open” driver stack option. Here are some initial benchmarks of that driver stack compared to what’s shipped by default in Ubuntu 18.04.1 LTS as well as the latest upstream Mesa/AMDGPU support.

        AMDGPU-PRO 18.30 was introduced with Ubuntu 18.04.1 LTS support as well as for Ubuntu 16.04.5 and RHEL/CentOS 6.10 and 7.5. AMDGPU-PRO doesn’t see new releases too often these days so also coming with 18.30 is the Radeon Pro WX 8200 graphics card support, CLI-based WattMan-like functionality, and other updates.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • The $99 Laptop That Can Run KDE Neon

        A $99 laptop that can run KDE Neon and the full Plasma desktop? I’m intrigued!

        But that’s exactly what KDE Neon’s Jonathan Riddell has shared word of on his blog, highlighting a new collaborative version of the distro designed for the Pinebook ARM laptop.

        “Blue Systems has worked together with the manufacturer of the Pinebook to create a showcase test image that runs well on these devices,” he writes.

      • Last week in Kube
      • Optimizing Kube’s storage

        Near the middle / end of my internship, I got to modify parts of the storage system in Sink, the library handling all the data of Kube.

        The goal was to both to speed up the storage and reducing disk space. These two goals often go hands in hand in databases, since smaller data means faster disk lookup, and more data put in memory, available for direct usage.

      • digiKam 6.0.0 beta 1 is released

        Dear digiKam fans and users, following the long stage of integrating a lots of work from students during the Summer of Code we are proud to announce the first beta of digiKam 6.0.0.

      • digiKam 6.0 Beta Brings Full Video File Management, Greater Camera Coverage

        Just over two years since digiKam 5.0 shipped, this Qt/KDE-aligned open-source photo management software has debuted its 6.0 beta release.

        The headlining feature of digiKam 6.0 Beta is that there is now full support for the management of video files, in a similar manner to digiKam’s photo management. The meta-data on video files are now fully extracted and the video files can be dealt with in the same manner as one would manage a photograph using this software.

      • I was at Akademy 2018!

        It was a very productive week of intense discussion and hacking. This year it was hosted by the Technical University of the beautiful City of Vienna.

    • GNOME Desktop/GTK

      • Fun with SuperIO

        While I’m waiting back for NVMe vendors (already one tentatively onboard!) I’ve started looking at “embedded controller” devices. The EC on your laptop historically used to just control the PS/2 keyboard and mouse, but now does fan control, power management, UARTs, GPIOs, LEDs, SMBUS, and various tasks the main CPU is too important to care about. Vendors issue firmware updates for this kind of device, but normally wrap up the EC update as part of the “BIOS” update as the system firmware and EC work together using various ACPI methods. Some vendors do the EC update out-of-band and so we need to teach fwupd about how to query the EC to get the model and version on that specific hardware. The Linux laptop vendor Tuxedo wants to update the EC and system firmware separately using the LVFS, and helpfully loaned me an InfinityBook Pro 13 that was immediately disassembled and connected to all kinds of exotic external programmers. On first impressions the N131WU seems quick, stable and really well designed internally — I’m sure would get a 10/10 for repairability.

      • Please welcome AKiTiO to the LVFS

        Over the last few weeks AKiTiO added support for the Node and Node Lite devices, and I’m sure they’ll be more in the future. It’s been a pleasure working with the engineers and getting them up to speed with uploading to the LVFS.

        In other news, Lenovo also added support for the ThinkPad T460 on the LVFS, so get any updates while they’re hot. If you want to try this you’ll have to enable the lvfs-testing remote either using fwupdmgr enable-remote lvfs-testing or using the sources dialog in recent versions of GNOME Software. More Lenovo updates coming soon, and hopefully even more vendor announcements too.

      • AKiTiO Thunderbolt Devices Begin Receiving Firmware Upgrade Support Under Linux

        AKiTiO is the latest hardware vendor beginning to allow for firmware upgrades in an easy and reliable manner under Linux.

        Red Hat’s Richard Hughes has shared that AKiTiO has begun supporting the Linux Vendor Firmware Service (LVFS) for distributing firmware updates to Linux users and the subsequent firmware upgrades being carried out by the fwupd utility.

  • Distributions

    • Intel ‘gags’ Linux distros from revealing performance hit from Spectre patches

      Open-source champion Bruce Perens has called out Intel for adding a new restriction to its software license agreement along with its latest CPU security patches to prevent developers from publishing software benchmark results.

      The new clause appears to be a move by Intel to legally gag developers from revealing performance degradation caused by its mitigations for Spectre and Foreshadow or ‘L1 Terminal Fault’ (L1FT) flaw speculative attacks.

      “You will not, and will not allow any third party to … publish or provide any software benchmark or comparison test results,” Intel’s new agreement states.

      The new term appeared with the fixes for ‘L1 Terminal Fault’ that were recently delivered to Microsoft and Linux distributions.

    • Intel Clears Up Microcode Licensing Controversy – Simpler License, Allows Benchmarking

      Over the past day online there has been lots of controversy following some high-profile sites reporting about Intel’s “un-friendly microcode license update” and its “ban on benchmarking”, among other catch phrases. It’s now been officially cleared up by Intel with a simpler license that doesn’t forbid benchmarking, allows distribution vendors to re-distributed these binary files to their users, and doesn’t have any other nastiness integrated into the legal text.

    • Perens: Intel Publishes Microcode Security Patches, No Benchmarking Or Comparison Allowed

      Bruce Perens looks at the license agreement for Intel’s latest CPU microcode update and does not like what he sees.

    • Intel Publishes Microcode Security Patches, No Benchmarking Or Comparison Allowed!

      UPDATE: Intel has resolved their microcode licensing issue which I complained about in this blog post.

    • Use Debian? Want Intel’s latest CPU patch? Small print sparks big problem

      At least one Linux distribution is withholding security patches that mitigate the latest round of Intel CPU design flaws – due to a problematic license clash.

      Specifically, the patch is Chipzilla’s processor microcode update emitted this month to stop malware stealing sensitive data from memory by exploiting the L1 Terminal Fault vulnerability in Intel’s silicon. The biz had released microcode in July that corrected the underlying problem mostly for server-grade CPUs; this latest fix now covers desktop processors.

      Ideally, Intel’s CPU microcode is updated by the motherboard firmware during boot. However, manufacturers may be slow to emit patches, so operating system kernels can also push updates to the chipset during startup. Since microcode updated in this way is discarded every time the power is cycled, it is up to the firmware and OS to reapply the update as early as it can during the boot process.

    • Debian Withholding Intel Security Patches, Linus Torvalds on the XArray Pull Request, Red Hat Transitioning Its Container Registry, Akraino Edge Stack Moves to Execution Phase, openSUSE Tumbleweed Snapshots Released and digiKam 6.0.0 Beta 1 Now Available

      Debian is withholding security patches for the latest Intel CPU design flaw due to licensing issues. The Register reports that the end-user license file Intel added to the archive “prohibits, among other things, users from using any portion of the software without agreeing to be legally bound by the terms of the license”, and Debian is not having it. See also Bruce Perens’ blog post on this issue.

    • Intel rips up microcode security fix license that banned benchmarking
    • Intel Statement on Benchmark Clause: “We Are Updating the License”
    • (Updated) Intel says no more benchmarks on Linux in new terms of microcode update
    • Intel catches heat for CPU benchmarking clause, responds to complaints
    • Intel Included Gag-Order In Microcode Update – Update: Gag-Order Removed
    • Updated: Intel Answers Complaints About Microcode Benchmarking Ban
    • Debian rejects Intel code update
    • Controversial T&C clause found in Intel’s latest microcode update
    • Intel EULA Agreement Forbids Linux Users From Sharing CPU Benchmarks of L1TF Performance Hit
    • Intel makes CPU benchmark publishing illegal after security patch
    • Intel backtracks on controversial benchmark clause, updating its T&Cs
    • Intel Puts Microcode Benchmarking Ban On Linux Distros; Retracts Later

      Well-known open-source programmer Bruce Perens has called out Intel for placing new restrictions on its software license agreement that prevents developers from publishing software benchmark results.

    • Intel EULA License prohibits benchmarks on new Linux microcode Patches

      Intel recently has provided its microcode updates for Linux distributions. The Register reports that Debian is rejecting a new Intel microcode update because of a new license term prohibiting the use of the CPU for benchmarks and profiling.

      There is a new license term applied to the new microcode: “You will not, and will not allow any third party to (i) use, copy, distribute, sell or offer to sell the Software or associated documentation; (ii) modify, adapt, enhance, disassemble, decompile, reverse engineer, change or create derivative works from the Software except and only to the extent as specifically required by mandatory applicable laws or any applicable third party license terms accompanying the Software; (iii) use or make the Software available for the use or benefit of third parties; or (iv) use the Software on Your products other than those that include the Intel hardware product(s), platform(s), or software identified in the Software; or (v) publish or provide any Software benchmark or comparison test results.”

    • Reviews

      • Quirky Linux: Pleasingly Peculiar

        Quirky Linux is a classic example of what makes Linux such a varied and useful operating system.

        Puppy Linux developer Barry Kauler earlier this month released Quirky Xerus 64 version 8.6, which comes packed with the latest innovations for doing Linux stuff differently.

        This latest in the “Xerus” series is a must-try if you like to push your computing experience envelope. It offers a slightly different approach to blending a traditional Linux desktop with the latest in usability options.

    • New Releases

      • Bodhi Linux 5.0.0 released with updated Ubuntu core 18.04 and a modern look

        The Bodhi Team have announced the fifth major release of their Linux distribution. Bodhi Linux 5.0.0 comes with an updated Ubuntu core 18.04 and an overall modern look for its Moksha Window Manager.

        Bodhi Linux was first released as a stable version seven years ago, as a lightweight Linux distribution based on Ubuntu and Moksha window manager. It uses a minimal base system allowing users to populate it with the software of their choice.

        Bodhi Linux 5.0.0 features disc images which have a fresh new look; a modified version of the popular ‘Arc Dark’ theme colorized in Bodhi Green. They have also included a fresh default wallpaper, login screen, and splash scenes as your system boots.

    • OpenSUSE/SUSE

      • Tumbleweed Snapshots Bring Changes for KVM, QEMU, Xen

        The most recent snapshot, 20180818, updated the kernel to version 4.18.0, which brought many changes for KVM (Kernel-based Virtual Machine). Mozilla Firefox 61.0.2 improved website rendering with the Retained Display List feature enabled and also fixed broken DevTools panels. The ffmpeg 4.0.2 package in the snapshot added conditional package configuration and AOMedia Video 1 (AV1) support. Netfilter project nftables was restored as the default backend with firewalld 0.6.1 and now nftables and iptables can co-exist after a bug fix with the ‘nat’ table form the 4.18 kernel. The Command Line Interface configuration utility for wireless devices known as iw added support in its 4.14 for all new kernel features of kernel 4.14. The HTTP client/server library for GNOME, libsoup 2.62.3, now uses an atomic-refcounting in classes that are not using GObject-refcounting. The Linux Kernel 4.16 or higher is needed for the strace 4.24 package, which implemented decoding of KVM vcpu (virtual central processing unit) exit reason as an option, and yast2-http-server 4.1.1 fixed PHP support by dropping php5 and using php7.

      • openSUSE Tumbleweed Is Now Powered by Linux Kernel 4.18, Introduces AV1 Support

        Even though it’s the holidays season and most developers take a break from all the heavy work they do all year, the OpenSuSE Tumbleweed operating system continues to receive some of the freshest updates, and this week it received a major kernel bump with the latest Linux 4.18 kernel series, which brings lots of new features.

        “The most recent snapshot, 20180818, updated the kernel to version 4.18.0, which brought many changes for KVM (Kernel-based Virtual Machine),” said Douglas DeMaio. “Netfilter project nftables was restored as the default backend with firewalld 0.6.1 and now nftables and iptables can co-exist after a bug fix with the ‘nat’ table form the [Linux] 4.18 kernel.”

    • Red Hat Family

      • Red Hat Enterprise Linux 7.6 Beta released with focus on security, cloud, and automation

        Red Hat has rolled out their Red Hat Enterprise Linux 7.6 beta in their goal of becoming the cloud powerhouse. This release focuses on security and compliance, automation, and cloud deployment features.

      • Red Hat’s Open Source Migration Service

        New service aims to help users avoid vendor lock-in and proprietary virtualisation silos

        Red Hat has rolled out a a new managed infrastructure migration service that aims to help enterprises shift to open source infrastructure.

        The service from the North Carolina-headquartered open source giant bundles together a range of existing and forthcoming Red Hat offerings into a three-step mechanism.

        This aims to help enterprises tackle legacy virtualisation infrastructure issues, from closed vendor systems to onerous licencing costs.

        James Labocki Director of Product Management at Red Hat told Computer Business Review that the rationale for the product was fundamentally simple.

      • Red Hat Virtualization hypervisor adoption considerations

        RHV offers centralized management with Red Hat Virtualization Manager and is integrated with Red Hat’s cloud tools, including Red Hat Ansible Automation and Red Hat CloudForms, which enables customers to orchestrate and automate events, handle reporting, and enforce compliance requirements.

        RHV also supports OpenStack Glance and Neutron, which means RHV works in private and hybrid cloud infrastructures. Simple network management protocol messaging handles third-party monitoring.

      • Red Hat Takes Virtualization Aim at VMware
      • Red Hat Takes Aim At VMware

        Red Hat thinks VMware is an anchor dragging enterprise IT departments down, and it’s looking provide wings to help them soar. The ruby-lidded guys are launching infrastructure migration tools and professional services to migrate “legacy virtualization solutions” (Red Hat’s euphemism for the V-team) to open source.

        In a blog post scheduled to go live Thursday, Red Hat Inc. (NYSE: RHT) takes aim at the financial cost of running these “legacy virtualization solutions,” and promises to help enterprises “cut costs and speed innovation through cloud-native and container-based technologies.” Red Hat says the cost of running legacy infrastructure starves enterprises of the resources needed for digital transformation. Red Hat is looking to fix that.

      • Red Hat Goals To Assist Firms Migrate To A Modern IT Infrastructure

        Business enterprises nowadays aren’t shy about their desire embrace “digital transformation,” and the companies that provide much of their information technology infrastructure are falling over themselves which is happening again and again.

      • How the Boston Children’s Hospital Is Innovating on Top of an Open Cloud

        Pienaar says that it’s very important that it is all open source and, again, not just because of the cost savings. Having been using Linux from the start of the project, he believes they wouldn’t have access to the different development environments and languages they’d want to use if they were tied to a proprietary cloud.

        “I very much am inspired by the idea that, with these open source approaches, we can build things that really affect data that has real connections to the world behind it,” Pienaar said.

        “Right now if we were trying to collaborate deep down into the Amazon cloud, I would imagine we would have to set up a licensing agreement with Amazon. I wouldn’t be able to download the Amazon Cloud to run up my own environment. And while the full power of ChRIS lies in its connection to the Mass Open Cloud, nothing stops you from downloading and running ChRIS right now on your laptop. The entire ChRIS is available. Your experience is identical — albeit your laptop might not quite muster the grade for heavy computing. Still, you can troubleshoot and develop to your own mini-but-complete ChRIS in totality and then with a click deploy to any number of other ‘ChRISes’ that live out on clouds.”

        [...]

        Both this use case and the medical ones follow an operational pattern of bringing in the data and code, running on the optimum numbers of data, and sharing the input data and the temporary data that are required for the application itself. ChRIS also has mechanisms that can facilitate visualizing the data for clinicians.

        The end goal is not to just make applications run faster on a single machine, but to open source data itself, while still remaining compliant to regulations like the U.S.’s HIPAA and Europe’s GDPR.

      • [PodCTL] PodCTL #46 – KubeVirt and Container Native Virtualization

        Does it feel like sometimes the new Kubernetes updates are only targeted at new, cloud-native applications? What about all those existing applications that aren’t microservices or are running in virtual machines today? Today’s show looks at the intersection of container, virtual machines and Kubernetes. We talk about the KubeVirt project and the work that Red Hat is doing with Container Native Virtualization. It’s a great look at how new Kubernetes capabilities like Customer Resource Definitions (CRDs) are allowing Kubernetes to expand it’s capabilities without making the core project less stable.

      • Eclipse MicroProfile and Red Hat Update: Thorntail and SmallRye

        With the name, we also changed versioning to come back to a more semantic version numbering. Thus the last release version of WildFly Swarm was 2018.5.0 and the first version of Thorntail (same code, different name) was 2.0.0.Final.

        Changing the version numbering makes it easier for us to communicate about new features and have better links to downstream project versions.

        You’ll find more information on the project renaming and versioning changes in this interview that Bob McWhirter gave to InfoQ.

      • Can I catch up with Linux containers?

        Cloud, Linux containers, and container orchestration (in the form of Kubernetes) are the topics I hear being discussed the most today. Most IT organizations are discussing DevOps and microservices. The will to deep dive into that pool of fresh new experiences is leading many organizations to rethink tooling, culture, and processes in-house. Businesses want all the benefits of this digital transformation, but are you really prepared for this new paradigm? Are you really ready for containers?

        In order to standardize environments, isolate processes or increase modularity, to be able to better produce code, services and provide maintenance, the solution that comes in handy is containers. A smaller footprint which is standardized and isolated while consuming the resources of the host was the perfect recipe. Click here to understand what containers are.

      • Transitioning the Red Hat container registry

        Red Hat has seen significant adoption of our container ecosystem since we began shipping Red Hat Enterprise Linux with support for Linux containers more than four years ago. To support our existing users and users to come, we will be transitioning our product portfolio and customers to a new container registry for Red Hat container images available at registry.redhat.io over the next year. We have several reasons to make this change, and we’re also taking a number of steps to make the move away from registry.access.redhat.com as minimally disruptive as possible.

      • Maxta Launches Hyperconverged (Un)Appliance for Red Hat Virtualization Pre-Configured on Intel® Data Center Blocks
      • Introducing Red Hat infrastructure migration solution: An enterprise-grade remedy designed for proprietary virtualization silo ills

        For many organizations, legacy virtualization solutions can stifle innovation and IT advancement, which can limit the path to hybrid cloud infrastructure, where workloads and resources span physical, virtual and cloud-based environments. The cost of maintaining these existing infrastructure investments can tie up a significant portion of IT budgets. Compounding this, Gartner states, “IT organizations with goals for “doing more with less” find it difficult to quantify, estimate and communicate the level of non-discretionary IT spending needed to sustain business transformation.” With the budget remaining, an organization can be forced to put digital transformation, the modernization of IT environments through digital technologies, on hold.

      • Finance

      • Fedora

        • Flock 2018

          A couple weeks ago I had the pleasure of traveling to Dresden, Germany to attend Flock, the annual gathering of Fedora contributors. This was my third Flock and it was fun and quite productive.

          One of the things I enjoyed about this year’s schedule was the built-in coffee breaks. Most conferences pack the schedule completely full with many simultaneous tracks, so that attending the “hallway track” means that you are missing talks. The built-in coffee breaks were such that there were no other scheduled activities, which was great for having sanctioned hallway track time. It was a great idea and I hope it is also incorporated into next year’s event.

        • IBus 1.5.19 is released

          IBus 1.5.19 is now released and it’s available in Fedora 29.

        • [ES] Docker Meetup 05 Panamá [Docker+Fedora]
        • Civility in a systemd World

          Let me just say that I don’t really know much of anything about systemd and as such, I’m not even sure I care. I know that people either like systemd or really, really, hate systemd and that there is a very slim slice of global users that don’t care one way or the other. I also know that literally everything in life can be turned into a punchline joke if you link it to systemd. You don’t even have to understand the specifics of the joke, you just know that if systemd is part of the punch line that you are supposed to laugh. Now after all that, here is the real reason for this post.

          I was listening to episode 262 of the Linux Unplugged podcast in which there is a discussion of Benno Rice’s BSDCan 2018 keynote called “The Tragedy of systemd. First, the discussion was really, really good and certainly thought provoking. I would highly recommend listening to the discussion. It was interesting enough that I had to go and actually find the keynote presentation and watch it in it’s entirety. Remember what I said at the start of this post, I don’t really know anything about systemd nor do I know if I even care. And yet I am willing to say it was a very good presentation.

    • Debian Family

      • Derivatives

        • Deepin OS 15.7 – Enjoy The Better Performance

          Deepin OS is among the most awesome Operating Systems in the world, period. The Debian-based distro has successfully won the hearts of everybody that I know has used it for over a day and its latest release (in the form of version 15.7) brings so many improvements I could have a field day reviewing them all.

          If you are not already familiar with this OS then don’t skip this article.

          Deepin OS is an open-source, Debian-based desktop distribution whose aim is to provide users with a beautiful, security-conscious, and user-friendly Operating System. It was initially based on Ubuntu until the release of its current major version, 15 when it switched to model Debian.

          As at the time of writing, it sits at #28 on Distrowatch and has a 9/10 rating out of 301 reviews with approx. 325 hits per day.

        • Canonical/Ubuntu

          • The Road to K8s/vSphere Integration

            Recently, Juju began supporting cloud-native features via “integrator” charms (e.g.: aws-integrator, gcp-integrator, openstack-integrator). These allow charms to request things like persistent storage from a cloud provider without having to shuffle your super-secret credentials around to all the applications in your deployment.

            The way an integrator charm works is simple: you entrust it (and only it) with your Juju credentials for a particular cloud and then relate it to charms that want to make cloud-native requests. The integrator will ensure appropriate roles are created, submit a request to the cloud, and then notify the requesting charm that enough data is available to start using the new resource.

            Lately I’ve been testing Canonical Kubernetes (CDK) on the VMware vSphere platform — to Juju, vSphere is supported like any other cloud. I really needed persistent storage for my pods and thought, “it sure would be nice if there was a vsphere-integrator that I could use for this.” So I wrote one.

          • Ubuntu/Debian Add LZ4-Compressed Initramfs Support, Will Auto Decide LZ4/XZ Choice

            Back in March was the discussion about Ubuntu 18.10 considering an LZ4-compressed kernel image (initamfs) by default while now action has been taken on this support and coming up with a new default.

            With the latest Ubuntu and Debian packages, compressing the initramfs using LZ4 is now supported. Ubuntu up to this point has been using the basic Gzip compression support. The benefit to using an LZ4-compressed image is much quicker decompression than alternative algorithms but it does mean a slightly larger file size.

  • Devices/Embedded

Free Software/Open Source

  • SD Times Open-Source Project of the Week: TransmogrifAI

    Salesforce is open sourcing a tool that aims to make it easier to build scaled machine learning systems for enterprises, TransmogrifAI.

    TransmogrifAI is a automated machine learning library for structured data that enables data teams to transform customer data into meaningful predictions, according to the company.

    Salesforce explained it has been using TransmogrifAI to power its Einstein AI platform, but it wants to open up the project to empower other developers to build machine learning solutions at scale.

  • Channeling Community Wisdom: Recent Open Source Momentum And What’s To Come
  • The “Sign-in with Facebook” problem and the open source solution

    Managing accounts, credentials and personal information on the Internet has become a nightmare. Almost every website today encourages users to register, or even requires them to do so to be able to access content. They usually want some combination of your email, a password, your name and date of birth. This information is always the same, yet you spend your time typing it again and again, then double checking it for mistakes and correcting typos before pressing Enter and being granted access.

    And you often reuse the same password that you already used for countless other websites, because there are only so many passwords that you can remember – until you find a website with an annoying password policy that your ordinary password does not meet, and then you have to add a punctuation symbol, a Greek letter and a B flat note played on a horn.

    Some people try to solve this by using password managers, such as the ones included in modern browsers – and then they have to remember and secure the password to their password manager, and there is no way to recover their accounts if they lose it; and if they end up using someone else’s device, or a PC in an Internet café, they cannot log in anywhere, as they do not know any of their passwords any more. So they will save their credentials on their mobile phone, which then gets stolen, putting all their online affairs at risk.

  • What is Qiskit, IBM’s open source quantum computing framework

    Researchers, scientists, academics, hobbyists, businesses – all of these groups are represented in the community of Qiskit, the open source framework based on IBM’s quantum computing programme that’s opening up access to real quantum computing in the cloud for everyone.

    Qiskit (Quantum Information Science Kit) is just over a year old, and it followed up the IBM Quantum Experience – IBM Q Experience for short – a program that put quantum computers on the cloud (for the first time) so researchers and developers could tinker with the almost brand-new field of computation.

    Since opening up the Q Experience, hobbyists have created games and composed music using real quantum computers, while scientists and researchers are using qubits to solve problems that were previously too difficult to solve.

  • Potential for Open Source for Health IT Software Development

    Open source development supports health IT software innovation as healthcare technology vendors and provider organizations work on improving the same source code.

    “Open source is a methodology on how to develop software,” Red Hat Director of Healthcare Craig Klein told HITInfrastructure.com. “The premise behind open source is you have a group of people collaborating on a particular piece of code. For example, if you have someone building an operating system, there may be one hundred thousand people contributing that particular piece of code from thousands of organizations.”

    The number of developers lends open source as an avenue for health IT innovation. Industry professionals are constantly improving on available source code and sharing their improvements with the open standards community.

    Open standards encourage competing implementations of the same standard, rather than creating competing platforms. This can benefit consumers, according to a report published by the Journal of Medical Internet Research.

  • FairEmail is an open source, privacy-friendly email app

    As they say, Big Data is Big Money, and it’s hard to get around online these days. There are even toggles in the operating system themselves that let you disable location services but will continue storing your location data on their servers. Thankfully, Android is open source and many have gone for the pure AOSP flavor without letting any of Google’s code touch their device. That’s why it was interesting when XDA Recognized Developer M66B released an email application called FairEmail with the goal of being privacy-friendly.

    FairEmail is open source, available on GitHub, and even has a testing program available in the Play Store (as of the writing of this article, the program is not live). Some would assume this means the application is light on features, but FairEmail is feature packed. Check out the full list of features below.

  • Web Browsers

    • Mozilla

      • Screenshots from the Console

        To access the command, open the Web Console via Tools → Web Developer → Console, type in :screenshot and press ENTER. A screenshot of the current document will be downloaded to your downloads directory.

      • These Weeks in Firefox: Issue 43
      • More on the RLS and a 1.0 release

        In my last post, I announced a release candidate for the RLS 1.0. There has been a lot of feedback (and quite a lot of that was negative on the general idea), so I wanted to expand on what 1.0 means for the RLS, and why I think it is ready. I also want to share some of my vision for the future of the RLS, in particular changes that might warrant a major version release.

      • Good First Bugs

        One great way (of many) to get started in software development, particularly in open source, is to find good first bugs. This is a class of software bugs (which should be called issues, since they’re not always bugs) that are easy to fix with little experience. It can also be a great way, once you have software development skills, to learn a new domain or set of tools. Many projects, even well funded ones, are very happy to receive community contributions, if nothing else it’s one other way they can provide opportunities to the community.

        At Mozilla we use bugzilla to track our bugs, and use the good first bug keyword to identify such bugs. You’re welcome to contribute patches for these bugs, and potentially have your work included in Firefox. You can also search by component, so the list of open good first bugs for the garbage collector is here and I’d be happy to help with any of these.

      • Let Firefox’s Side-View extension give you an edge for fantasy football, basketball, hockey and all the other sportsballs

        It’s that time of year again. When we find ourselves pouring over player rosters, reading frustratingly vague injury reports and trying to shake down our friends and colleagues to reveal how they’re planning to make their picks. Yes, with autumn just around the corner in the northern hemisphere it means that it’s time to make your fantasy sports league picks.

      • Share your favorite images and videos in VR with Mozilla Hubs

        Last April we released Mozilla Hubs, a VR chat system that lets you walk and talk in VR with your friends, no matter where in the world they are. Now we have a game changing new feature: you can share virtually any kind of media with everyone in your Hubs room by just pasting in a URL. Anything you share becomes a virtual object that everyone can interact with. From images to videos to 3D models, Hubs is the best way to collaborate across devices (laptops, phones, headsets) and OSes. Let’s look at a few details.

      • Thunderbird Monterail Themes Redux

        It just got easier to install the stylish Monterail themes in Thunderbird, the free and open source email client.

        The Monterail themes for Thunderbird were created last year by the open source community based on concept designs from a Polish design company.

        And they proved an instant hit.

      • Firefox DevEdition 62 Beta 18 Testday Results

        As you may already know, last Friday August 17th – we held a new Testday event, for Firefox DevEdition 62 Beta 18.

  • SaaS/Back End

    • New Mirantis Product Empowers Customers with Workload-Centric Cloud Configurations
    • Mirantis CEO: ‘Choose Your Cloud’ Using Open Source

      An update to Mirantis’ open source private cloud platform allows users to change their infrastructure to best suit individual workloads, Mirantis CEO Adrian Ionel says.

      The latest version of Mirantis Cloud Platform (MCP) is built around the idea of a tuned infrastructure stack — a pre-defined configuration template that can be edited using a tool called infrastructure model designer. This software is built on top of open source tools including Cookiecutter, Reclass, and Salt. It allows operations teams to define cluster configuration using declarative scripting.

  • CMS

    • Overview of Popular Static Site Generators

      All static page generators have a single and seemingly straightforward task: to produce a static HTML file and all its assets.

       

      There are many obvious benefits to serving a static HTML file, such as easier caching, faster load times, and a more secure environment overall. Each static page generator produces the HTML output differently.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • FreeBSD & DragonFlyBSD Put Up A Strong Fight On AMD’s Threadripper 2990WX, Benchmarks Against Linux

      The past two weeks I have been delivering a great deal of AMD Threadripper 2990WX benchmarks on Linux as well as some against Windows and Windows Server. But recently I got around to trying out some of the BSD operating systems on this 32-core / 64-thread processor to see how they would run and to see whether they would have similar scaling issues or not like we’ve seen on the Windows side against Linux. In this article are FreeBSD and DragonFlyBSD benchmarks with the X399 + 2990WX compared to a few Linux distributions.

    • OpenSSH 7.8 released
    • DragonFlyBSD Gets Performance Tuning For Threadripper 2990WX Topology, Scheduler Tuning

      While it was just days ago that DragonFlyBSD lead developer Matthew Dillon got his hands on a Threadripper 2990WX 32-core / 64-thread “beast”, got it working under this long ago forked operating system from FreeBSD, and proceeded to exclaim with joy how powerful this system is, he’s now made it even better. Dillon has landed some additional kernel work to benefit the AMD Ryzen Threadripper 2990WX.

      On top of the kernel changes made at the end of last week to bring-up the 2990WX support, Matthew Dillon has now had the time to do some tuning to make this 64-thread system perform even faster. Hitting DragonFlyBSD Git overnight was a patch to update the AMD topology detection as seeing four nodes with eight cores and two threads per core, per node. Previously it was just exposed as a CPU with 32 cores and 2 threads per core.

      The DragonFly patch also now is able to expose how much memory is accessible from each node, an instability fix in the kernel’s scheduler when dealing with large core counts, and memory-on-node weighting in the scheduler.

  • Public Services/Government

    • Los Angeles County Officials Announce New Voting System For Upcoming Midterm Elections (VIDEO)

      The newly implemented system — named the Voting Solutions for All People (VSAP) Tally Version 1.0 — is designed to improve and secure the ways in which Vote-by-Mail (VBM) ballots are counted, according to officials.

      “This is a significant milestone in our efforts to implement a new voting experience for the voters of Los Angeles County,” said Dean C. Logan, registrar-recorder/county clerk. “The VSAP Tally System will ensure that new Vote-by-Mail ballots cast in the upcoming November election will be counted accurately and securely.”

      The newly redesigned packets necessary for VSAP are scheduled to be distributed on Oct. 9, and are set to include the new full-face ballot, return envelope, secrecy sleeve and an “I voted” sticker, according to officials.

    • L.A. County first in state certified to use open-source election technology

      A new vote tally system in Los Angeles County was approved Tuesday, making it the first publicly owned, open-source technology certified under the California voting systems standards.

      Certification of the Voting Solutions for All People Tally, made by California Secretary of State Alex Padilla, now allows the county to move forward with its newly redesigned vote by mail ballots for the Nov. 6 general election.

    • LA County will switch to all open source vote-counting machines

      California voting officials have certified an open source vote-counting package for use in the upcoming LA elections, in the first of a series of planned improvements to the County’s voting system (other plans include improved absentee voting ballots).

      It’s the first time in US history that vote-tallying will be done with open, public, universally auditable source-code. As an LA County resident, this makes me very happy.

    • Los Angeles County’s new ‘open source’ vote tallying system isn’t open source just yet
    • New Voting System Comes to LA County

      On Tuesday, California Secretary of State Alex Padilla certified Los Angeles County’s Voting Solutions for All People (VSAP) Tally Version 1.0, making it the first publicly-owned, open-source election tally system certified under the California voting systems standards.

      “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security, and transparency,” said Secretary of State Alex Padilla. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

    • LA County gets open source election tally system

      California Secretary of State Alex Padilla has certified the first publicly owned, open-source election tally system under his state’s voting systems standards. Los Angeles County’s Voting Solutions for All People Tally Version 1.0 had to undergo rigorous functional and security testing by the secretary of state’s office and a certified voting testing lab.

      “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology,” Padilla said. “This publicly-owned technology represents a significant step in the future of elections in California and across the country.” The certification of the VASP Tally solution allows Los Angeles County to move forward with its new redesigned VSAP vote-by-mail ballots for the November elections.

  • Licensing/Legal

    • Redis has a license to kill: Open-source database maker takes some code proprietary

      Database maker Redis Labs this week moved the Redis Modules developed by the company from the AGPL to a license that combines Apache v2.0 with Commons Clause, which restricts the sale of covered software.

      The licensing change means that house-made Redis Modules – RediSearch, Redis Graph, ReJSON, ReBloom and Redis-ML – are no longer open-source software, as the term is generally defined. Instead, they become “source available.”

      Practically speaking, the new license limits the ability of cloud providers to offer these Redis Modules to customers; Redis Labs presumably aims to be the sole seller of services incorporating these add-ons. The Redis database code, however, remains under the BSD license.

      Redis Labs is not the only company to make such a change. In May, Neo4j, which makes the Neo4j graph database, added the Commons Clause to its AGPL license.

  • Openness/Sharing/Collaboration

    • Open Data

      • Understanding Niamey’s flood risk through open source mapping, drones, and modeling

        For thousands of years, the Niger River has been the lifeblood for not only Niger, but also its neighboring countries in the Niger River Basin. Yet, even as many Nigeriens depend on the mighty waterway for food, water, and livelihoods, the Niger River also poses a severe flood risk to the West African country during the rainy season. In the third quarter of 2017, widespread flooding due to heavy rains claimed the lives of over 50 people and displaced nearly 200,000.

        Lying on the banks of the Niger River, the Nigerien capital Niamey is especially vulnerable to flood risk. Poorly planned development in the city, which has contributed to land degradation and soil erosion, has only exacerbated the risk. To make matters even worse, many parts of Niamey, which has seen its population balloon to over one million people, lack proper drainage infrastructure.

  • Programming/Development

    • Codeplay Outs SYCL-Based ComputeCpp 1.0, Running Parallel C++ Code On Multiple Platforms

      Codeplay, the company behind tools like clspv for running OpenCL C code on Vulkan, today released ComputeCpp 1.0.

      ComputeCpp 1.0 is built upon the Khronos Group’s SYCL 1.2.1 standard and is designed to write standard C++ code for heterogeneous systems that in turn can run across processors and accelerators from a variety of vendors — in effect, everywhere.

    • New podcast interview

      Apparently August 2018 is Shamelessly Shill Yourself Month. I appeared on the IT in the D podcast last week. A fun time was had by all–well, at least by me. And that’s the important thing, right? We talked about my books, decades of IT, SSH, ed, and general nerdery.

Leftovers

  • Passport queues vex airlines

    Airlines and airports are starting to worry that the queues could discourage flying for business. Austerity is a primary cause of the waits, according to Andrew Charlton of Aviation Advocacy, a research firm based in Geneva. Since the 2007-09 financial crisis, air traffic has increased and budgets for passport controllers have been slashed. The number of passengers going through Britain’s airports has risen by a quarter since 2012, for example, but its border force’s budget has fallen by a tenth. America’s international passenger numbers have risen three times faster than its border-patrol budget in the same period.

  • Hardware

    • Fujitsu Presents Post-K CPU Specifications

      Fujitsu today announced publication of specifications for the A64FX™ CPU to be featured in the post-K computer, a supercomputer being developed by Fujitsu and RIKEN as a successor to the K computer, which achieved the world’s highest performance in 2011. The organizations are striving to achieve post-K application execution performance up to 100 times that of the K computer.

      A64FX is the world’s first CPU to adopt the Scalable Vector Extension (SVE), an extension of Armv8-A instruction set architecture for supercomputers. Building on over 60 years’ worth of Fujitsu-developed microarchitecture, this chip offers peak performance of over 2.7 TFLOPS, demonstrating superior HPC and AI performance.

    • Fujitsu unveils details on Post-K Supercomputer processor powered by ARM

      Today Fujitsu published specifications for the A64FX CPU to be featured in the post-K computer, a future machine designed to be 100 times faster than the legendary K computer that dominated the TOP500 for years.

  • Health/Nutrition

    • STI which rots genitals found in UK for first time

      A sexually transmitted disease which can rot the genitals has been detected in the UK for the first time.

      Rare STI Donovanosis is usually only found in tropical countries but there have now been three recorded incidents in the UK.

      The nasty bug causes genital ulcers to grow and spread. If left untreated flesh in the groin literally starts to eat itself.

      And according to a Freedom of Information request, submitted by online pharmacy chemist-4-u.com, the rare sexually transmitted disease Donovanosis has been diagnosed three times.

      Twice in Bolton and once in a woman, between the age of 15 and 25, in Southport in the past 12 months.

    • Negotiators On UN TB Resolution May Have A Deal

      Negotiators for a United Nations declaration on tuberculosis, meeting intensively in New York this week, may have reached agreement today on a key sticking point related to intellectual property, innovation and access to new medicines, according to sources. An agreement, if accepted by other delegations, could allow the text to proceed to the high-profile High-Level Meeting scheduled to take place at the UN General Assembly next month.

    • SCOTUS petition on HIV drug patents poses reputational as well as legal risks for pharma companies [Ed: The patent trolls' lobby IAM worries that the public might find out that patent greed harms health because SCOTUS looks into this matter.]

      The AIDS Healthcare Foundation (AHF) last week announced it had filed a petition asking the US Supreme Court to review lower courts’ decisions to dismiss its attempts to invalidate patents protecting a Gilead HIV treatment. It has asked the high court to determine the circumstances under which a party can file suit for declaratory judgment. A favourable decision for the foundation could have significant ramifications for pharmaceuticals patent litigation, clearing the path for federal court invalidity suits to be launched prior to ANDA filing by a generic competitor and by a wider range of potential plaintiffs.

  • Security

    • Security updates for Thursday
    • The Untold Story of NotPetya, the Most Devastating [Windows] Cyberattack in History

      The result was more than $10 billion in total damages, according to a White House assessment confirmed to WIRED by former Homeland Security adviser Tom Bossert, who at the time of the attack was President Trump’s most senior cybersecurity-­focused official. Bossert and US intelligence agencies also confirmed in February that Russia’s military—the prime suspect in any cyberwar attack targeting Ukraine—was responsible for launching the malicious code. (The Russian foreign ministry declined to answer repeated requests for comment.)

    • Aussie gov bans Huawei and ZTE from supplying 5G kit

      The Australian government announced the ban on Thursday morning, just a day ahead of the country’s 5G auction, citing – unsurprisingly – concerns over national security.

    • Government Provides 5G Security Guidance To Australian Carriers
    • Kids at hacking conference show how easily US elections could be sabotaged

      The bad news is that it doesn’t really matter. While the actual risk of a hacker seizing thousands of voting machines and altering their records may be remote, the risk of a hacker casting the validity of an election into question through one of any number of other entry points is huge, and the actual difficulty of such an attack is child’s play. Literally.

    • Former Facebook security chief says it’s ‘too late’ to protect 2018 elections

      Facebook’s recently departed security chief says US government inaction has ensured that the upcoming midterm elections will be vulnerable to hacking and online manipulation campaigns.

    • Adobe Patches 2 Code Execution Vulnerabilities in Photoshop CC 2017 & 2018

      Hot off the discovery board is news of two important vulnerabilities that have been found in Adobe’s Photoshop CC versions 19.1.5 and prior for the 2018 edition and versions 18.1.5 and prior for the 2017 edition. The discovery of these vulnerabilities was made by a Fortinet security researcher, Kushal Arvind Shah, but nothing has been officially released in the level of detail expected for CVE vulnerabilities.

      It appears that a combined update has been rolled out through the Adobe Creative Cloud for the respective editions and versions of Adobe Photoshop CC 2018 / 2017 to patch the two found vulnerabilities. The flaws are seen to impact the said versions of the software on both the Windows operating system and the Apple Mac operating system.

    • New Mirai Variants Leverage Open Source Project [Ed: DarkReading looking to blame "Open Source" because yes, people can craft things with FOSS. Sometimes even malicious things.]

      Mirai, the IoT botnet responsible for enormous DDoS attacks in 2016, has continued to evolve: it’s now leveraging an open-source project named Aboriginal Linux to make cross-compiling the malicious code easier, more effective, and less prone to error.

    • Mirai leveraging Aboriginal Linux to target multiple platforms [Ed: Did Steve Ragan copy Catalin Cimpanu (below) or the other way around (almost identical spin)?]
    • Mirai IoT Malware Uses Aboriginal Linux to Target Multiple Platforms
    • Mirai botnet strikes again: This time it’s going after a specific open source project [Ed: So, long story short, devices with holes or hand-coded passwords in them are blamed on "Linux" and/or "Open Source"]
    • Vulnerability in OpenSSH “for two decades” (no, the sky isn’t falling!) [Ed: Responding to the likes of Catalin Cimpanu]

      The OpenSSH software came out of the super-security-conscious operating system project OpenBSD, the “free, functional and secure” operating system that boasts on its website that it’s suffered “only two remote holes in the default install, in a heck of a long time!”

      Compared to the average Linux distro, or Windows, or macOS, or pretty much any mobile phone you care to mention, that isn’t an idle boast, even if it’s not the sort of claim a traditional marketing department might go for.

    • Huawei slams Australia ban as being ‘politically motivated’

      Australia’s decision to ban Huawei Technologies from playing a role in the country’s 5G networks is “politically motivated, not the result of a fact-based, transparent, or equitable decision-making process”, a spokesperson from the company’s headquarters in Shenzhen says.

    • Huawei ban: China asks Australia to drop ‘ideological bias’

      The Chinese Government has told its Australian counterpart to get rid of its “ideological biases” and create a “fair environment” for business in the country in the wake of the 5G ban imposed on Chinese companies Huawei Technologies and ZTE Corporation.

    • Australia’s Huawei ban meant to please Uncle Sam

      For more than a few decades now, Huawei has been supplying telecommunications equipment to all parts of the world, 170 countries in all. Chances are that if there were any backdoors planted in that equipment, then some man or woman in some part of the world would have cottoned onto it.

    • Disable SMT/Hyperthreading in all Intel BIOSes

      Solving these bugs requires new cpu microcode, a coding workaround,
      *AND* the disabling of SMT / Hyperthreading.

      SMT is fundamentally broken because it shares resources between the two
      cpu instances and those shared resources lack security differentiators.
      Some of these side channel attacks aren’t trivial, but we can expect
      most of them to eventually work and leak kernel or cross-VM memory in
      common usage circumstances, even such as javascript directly in a
      browser.

      There will be more hardware bugs and artifacts disclosed. Due to the
      way SMT interacts with speculative execution on Intel cpus, I expect SMT
      to exacerbate most of the future problems.

    • Why the DNC Thought a Phishing Test Was a Real Attack [iophk: "turns out all the disinformation yesterday was just that -- disinformation; fat chance of the facts getting as much coverage though"]

      Lookout had alerted the DNC as well as DigitalOcean—the server company hosting the imposter—within hours of the fake site going live. The incident was initially touted as a success: A cyberespionage campaign thwarted before any data was stolen. Now, it instead raises questions about how a covert phishing simulation could have taken an understandably guarded group totally unaware.

    • Nearly half of English councils are using end of life server software

      Although the vast majority (between 88 and 94 per cent, depending on product) say that they intend to upgrade inside two years, by using such outdated software in the meantime, they continue to run the gauntlet of potential zero-day vulnerabilities with the power to bring down the entire infrastructure of the council.

    • Security updates for Friday
  • Transparency/Investigative Reporting

    • Reality Winner, who pleaded guilty to leaking [sic] secret U.S. report, gets 63-month sentence

      Reality Winner, 26, pleaded guilty in June to a single count of transmitting national security information. The former Air Force translator worked as a contractor at a National Security Agency’s office in Augusta, Georgia, when she printed a classified report and left the building with it tucked into her pantyhose. Winner told the FBI she mailed the document to an online news outlet.

    • Reality Winner, leaker of secret report on Russian election hacking, gets more than 5 years for espionage [sic]

      “The vulnerability of the American electoral system is a national topic of immense gravity, but it took Winner’s act of bravery to bring key details of an attempt to compromise the democratic process in 2016 to public attention,” The Intercept’s statement continues. “Reality Winner’s courage and sacrifice for the good of her country should be honored, not punished.”

    • NSA leaker who mailed doc outlining Russian hacking gets 5 years in prison
    • Download Chicago’s Parking Ticket Data Yourself

      ProPublica Illinois has been reporting all year on how ticketing in Chicago is pushing tens of thousands of drivers into debt and hitting black and low-income motorists the hardest. Last month, as part of a collaboration with WBEZ, we reported on how a city decision to raise the cost of citations for not having a required vehicle sticker has led to more debt — and not much more revenue.

      We were able to tell these stories, in part, because we obtained the city of Chicago’s internal database for tracking parking and vehicle compliance tickets through a Freedom of Information request jointly filed by both news organizations. The records start in 2007, and they show you details on when and where police officers, parking enforcement aides, private contractors and others have issued millions of tickets for everything from overstaying parking meters to broken headlights. The database contains nearly 28.3 million tickets. Altogether, Chicago drivers still owe a collective $1 billion for these tickets, including late penalties and collections fees.

    • A first-timer’s guide to anonymously leaking information via SecureDrop

      Well, meet The IT Cooler. For there is no computer, printer or phone which I cannot jinx with my innate inability to log on, download, upload or any load, more or less.

      So, let me be frank, being tasked, as a guinea pig, with uploading a document to ICIJ’s SecureDrop did not fill the chambers of my heart with sparkledust.

      No, dear reader, I sallied forth with four heavy chambers in the center of my chest, certain in the knowledge that SecureDrop and I would never be BFFs. Never, ever.

  • Environment/Energy/Wildlife/Nature

  • Finance

    • ‘We Don’t Want to See People Who Are Homeless in Our Cities’

      In the winter of 2017, seven people were arrested in Florida for the crime of serving food to homeless people in a public park. Media didn’t take much notice, though one wire report explained that while you might think feeding the hungry sounds good, it’s “actually a legally complicated matter that could violate laws and even send you to jail.”

    • Besieged Facebook Says New Ad Limits Aren’t Response to Lawsuits

      Facebook’s move to eliminate 5,000 options that enable advertisers on its platform to limit their audiences is unrelated to lawsuits accusing it of fostering housing and employment discrimination, the company said Wednesday.

      “We’ve been building these tools for a long time and collecting input from different outside groups,” Facebook spokesman Joe Osborne told ProPublica.

      Tuesday’s blog post announcing the elimination of categories that the company has described as “sensitive personal attributes” came four days after the Department of Justice joined a lawsuit brought by fair housing groups against Facebook in federal court in New York City. The suit contends that advertisers could use Facebook’s options to prevent racial and religious minorities and other protected groups from seeing housing ads.

      Raising the prospect of tighter regulation, the Justice Department said that the Communications Decency Act of 1996, which gives immunity to internet companies from liability for content on their platforms, did not apply to Facebook’s advertising portal. Facebook has repeatedly cited the act in legal proceedings in claiming immunity from anti-discrimination law. Congress restricted the law’s scope in March by making internet companies more liable for ads and posts related to child sex-trafficking.

  • AstroTurf/Lobbying/Politics

    • Find out who’s manipulating you through Facebook political ads with ProPublica’s free tool
    • Facebook: Iran has been posting hundreds of fake pages since 2011
    • Louisiana Senate President Sank Ride-Sharing Bill. His Close Pal Sells Insurance to Cabs.

      Gordy Dove has begged Uber and Lyft to make their ride-sharing services available in Terrebonne Parish, where he serves as parish president.

      The sprawling coastal parish of 112,000 people is not easily walkable, and Dove worries about how students at colleges in the area will get home from the bars after they’ve had a few drinks.

      But the big ride-sharing companies aren’t coming to places like Houma, the parish’s biggest city, or many other parts of Louisiana anytime soon. That’s because Louisiana does not have legislation in place allowing them to operate. The state is one of only five that lacks such a law, instead requiring the companies to go through the costly and time-intensive process of getting approval in each locality.

      A bill to change that has garnered widespread and bipartisan support. It was backed by the governor, a Democrat, and sponsored by the House speaker, a Republican. It had 56 co-sponsors from both parties — nearly 40 percent of the state’s lawmakers — in both chambers and from all corners of the state. It was favored by the potent Louisiana Association of Business and Industry and other economic development groups.

    • Mass Media Is The Enemy Of The People Like The Cage Is The Enemy Of The Bird

      They say that Corbyn is a secret Nazi who loves antisemitism over and over and over again like it’s a real thing despite the complete absence of anything remotely resembling facts or evidence, then publish op-eds by ostensibly terrified mothers citing “accusations of antisemitism in the Labour party making headline news virtually every day” as the basis for her fear of her three year-old daughter winding up like Anne Frank. And then when this unconscionable behavior sees Corbyn decrying the mass media and pushing for reforms, the British press responds with headlines like “Corbyn is following the Donald Trump playbook on persecuting the media”.

    • Distorting Past and Present: Reuters on Nicaragua’s Armed Uprising

      From April 18 until late July 2018, an armed insurrection in Nicaragua left hundreds of people dead. The uprising, backed enthusiastically by private media outlets in Nicaragua (in particular one of its largest circulating newspapers, La Prensa, and the TV network 100%Noticias), was also supported by local NGOs funded by the US government through the National Endowment for Democracy (NED). The Trump administration and others (the EU parliament, UN officials) publicly backed the opposition’s version of events, as did Amnesty international and Human Rights Watch. Nicaraguan President Daniel Ortega and his supporters were held responsible for the vast majority of the “protest”-related deaths, and Ortega (who had been re-elected in 2016) was pressured at first to resign outright, and later to hold “early elections.”

      I examined 45 Reuters news articles about the uprising in Nicaragua since April 18, as the London-based wire service, whose news articles are widely reprinted throughout English-language Western media, provides a good sense of the ostensible facts about the conflict as portrayed by corporate journalism. The story conveyed by Reuters is that the Sandinista government is opposed to democracy and human rights in Nicaragua, while the US government supports these things. Various other sources, which may provoke less distrust than a US government led by Donald Trump, were cited in support of this scenario. But a closer look at the picture presented by Reuters reveals numerous distortions about Nicaragua’s past and present.

  • Censorship/Free Speech

    • The Web-Hosting Service for Sex Workers, by Sex Workers, Against SESTA/FOSTA

      That need took on sudden urgency in 2018 when the Stop Enabling Sex Traffickers Act and the Allow States and Victims to Fight Online Sex Trafficking Act came into effect. Alternately referred to as SESTA, FOSTA, or both (SESTA/FOSTA), these laws empower federal and state law-enforcement agencies to target websites that supposedly facilitate sex trafficking. But the legislation’s definition of trafficking is so broad that it has also ensnared sex workers who rely on digital platforms for their safety and livelihood. Sites that had previously been used by sex workers to vet clients, such as Backpage, were seized by the federal government; others, like Craigslist’s “Personals” sections, voluntarily shuttered; and now all kinds of online service providers, from social networks to blogging platforms, are booting users suspected of engaging in sex work.

    • Pakistan records protest with Netherlands against blasphemous cartoon competition

      The Foreign Office (FO) on Monday called the charge d’affaires of the Netherlands to record a protest against the “announcement by the leader of Dutch Freedom Party and Parliamentarian Geert Wilders to hold a competition of blasphemous caricatures.”

    • Sacrilegious sketches: Govt urged to sever diplomatic ties with the Netherlands

      The JI members gathered outside Peshawar Press Club. They burnt the flag of the Netherlands and portraits of a Dutch politician to express anger against the sacrilegious act.

      They were also holding banners and placards inscribed with slogans, asking the government to end diplomatic ties with the Netherlands.

    • Ban Trump, Twitter and Free Speech

      Chief among those opposing ideas they want silenced are Donald Trump’s. His remarks — from the silly, labeled unpresidential, to the more extreme labeled racist/sexist/misogynist/hateful — have attracted a surprising group of otherwise intelligent people demanding he be shut up.

    • Forget About Social Media Content Moderation; Get Ready For Internet Infrastructure Content Moderation

      The big topic du jour, of course, has been about content moderation on social media. But that may only be just the very beginning of where all of this heads. It didn’t get that much attention, but last week Microsoft threatened to take down all of Gab.ai based on some (really awful) posts on that site. Gab, if you don’t know, is the social network “alternative” that claims to be free speech supporting (even if that’s a bit of an exaggeration), when it really has basically become the home to all the assholes who have been kicked off of Twitter. It’s generally a cesspool of idiocy, so it’s not clear what suddenly inspired Microsoft — which hosts Gab on its Azure cloud platform — to suddenly speak up.

      As we’ve noted many times in the past, Microsoft, like any company, has certain rights, including First Amendment rights for what speech lives on its own computers and who it associates with. But, we’re talking about a different kind of ballgame when we start getting to the infrastructure level, rather than just talking about content moderation at the edge provider level. This hearkens back to the big post I did nearly a year ago when Cloudflare stopped providing service to the Daily Stormer. As I noted at the time, there were no easy answers, and the situation is incredibly complicated. Simply kicking bad services off the internet doesn’t make their hatred/ignorance/stupidity go away (and sometimes allows it to fester in even darker corners, where it can’t be monitored or countered).

      [...]

      And, as I wrote in last year’s post about the Cloudflare situation, I’m a lot more worried about infrastructure players suddenly deciding that they should have an editorial say as well, as that seems well beyond what role they should be playing. Yes, again, they have every right to stop working with services they dislike, but we should be discussing the potential impact of infrastructure players as censors. With edge services, one point that is regularly brought up is that if you don’t like how a service is running you can just go to another one or build your own. But that gets a lot more complicated when you get to the infrastructure level where you can’t just “build your own” and the number of options may be greatly limited.

      [...]

      Indeed, infrastructure providers are the next battleground, and we should start thinking about what that means earlier, rather than waiting until everything is a total mess.

    • Protecting Free Speech in Fearful Times

      In the absence of (1) people “capable of deliberating and choosing on the basis of knowledge,” (2) access to “authentic information,” and (3) evaluation based on “autonomous thought,” Marcuse argued that democracy veered towards a form of totalitarianism (pp. 95, 97): Under democracy “with totalitarian organization,” he observed, “radically negative news” is relegated to “an obscure place” and commitments to impartiality and objectivity unintentionally foster “a mental attitude which tends to obliterate the difference between true and false, information and indoctrination, right and wrong” (97).

      Recent controversies remind us all too clearly that anyone interested in promoting free speech must contend with the possibility that some speakers will abuse their license to it by making unthinking or dangerous remarks that could weaken or demolish democracy. Milo Yiannopoulos and Alex Jones, for example, have made careers for themselves by manufacturing controversy in order to generate attention. Jones has said that decisions by Facebook and other social media platforms to limit his access are part of “a war on free speech.” Similarly, as Steve Coll has observed in the New Yorker, Donald Trump and his far-right allies have “vigorously exploited the neutrality of social-media platforms.”

  • Privacy/Surveillance

    • ICANN appeals German court injunction rejection

      The internet overseer says the court was wrong to rule that it did not “sufficiently explain” or provide a “credible reason” why it wanted to force one of its registrars to collect data on new registrants

    • Facebook violates Apple’s data-gathering rules, pulls VPN from App Store

      Facebook is the latest company to violate Apple’s new app guidelines surrounding data collection. According to a report by The Wall Street Journal, Facebook pulled Onavo Protect, a VPN app, from Apple’s App Store after the iPhone maker determined that Onavo violated its data-collection rules.

    • Facebook Removed Their Spying VPN From The App Store (But It’s Still on Google Play)

      Facebook removed Onavo—a free VPN run by the social networking company—from the iOS App Store today. The voluntary move by Facebook was prompted by discussions with Apple about privacy policy.

      Onavo promises to help “secure your personal details” on the product’s website, but the VPN service exists primarily so Facebook can monitor user activity on rival sites. In other words, Facebook uses it to spy on you.

    • Facebook Removes Data-Security App From Apple Store

      Facebook Inc. pulled its data-security app from Apple Inc.’s app store after the iPhone maker ruled that the service violated its data-collection policies, according to a person familiar with the matter.

    • Apple Removes Facebook’s VPN App From App Store

      Apple has removed Facebook’s VPN app Onavo Protect after it violated Apple’s data collection policies.

      As reported by The Wall Street Journal, Apple warned Facebook that the VPN app does not comply with the new privacy rules set up in June this year. The latest set of regulations are charted to limit the data harvested by third-party apps.

    • Don’t Shoot Messenger

      Late last week, Reuters reported that Facebook is being asked to “break the encryption” in its Messenger application to assist the Justice Department in wiretapping a suspect’s voice calls, and that Facebook is refusing to cooperate. The report alarmed us in light of the government’s ongoing calls for backdoors to encrypted communications, but on reflection we think it’s unlikely that Facebook is being ordered to break encryption in Messenger and that the reality is more complicated.

      The wiretap order and related court proceedings arise from an investigation of the MS-13 gang in Fresno, California and is entirely under seal. So while we don’t know exactly what method for assisting with the wiretap the government is proposing Facebook use, if any, we can offer our informed speculation based on how Messenger works. This post explains our best guess(es) as to what’s going on, and why we don’t think this case should result in a landmark legal precedent on encryption.

    • Chinese Surveillance State Is Basically The US Surveillance Apparatus Minus The Constitutional Rights

      Reuters has a long, detailed examination of the Chinese surveillance state. China’s intrusion into the lives of its citizens has never been minimal, but advances in technology have allowed the government to keep tabs on pretty much every aspect of citizens’ lives.

      Facial recognition has been deployed at scale and it’s not limited to finding criminals. It’s used to identify regular citizens as they go about their daily lives. This is paired with license plate readers and a wealth of information gathered from online activity to provide the government dozens of data points for every citizen that wanders into the path of its cameras. Other biometric information is gathered and analyzed to help the security and law enforcement agencies better pin down exactly who it is they’re looking at.

    • Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path

      In this paper, we perform a large-scale analysis of on-path DNS interception and shed light on its scope and characteristics. We design novel approaches to detect DNS interception and leverage 148,478 residential and cellular IP addresses around the world for analysis. As a result, we find that 259 of the 3,047 ASes (8.5%) that we inspect exhibit DNS interception behavior, including large providers, such as China Mobile. Moreover, we find that the DNS servers of the ASes which intercept requests may use outdated vulnerable software (deprecated before 2009) and lack security-related functionality, such as handling DNSSEC requests. Our work highlights the issues around on-path DNS interception and provides new insights for addressing such issues.

    • Court rules that you need a warrant to read someone’s smart meter

      A US JUDGE has ruled that any data collected by smart meters is protected by the Fourth Amendment, meaning any examination of that data constitutes a government search requirement.

    • Chrome’s anonymous browsing feature isn’t as secret as we assumed

      A researcher from Vanderbilt University in Nashville, Tennessee found that although the data collected appears to be anonymised, in reality, Google can retroactively identify it from the usernames and other account data used during the session.

  • Civil Rights/Policing

    • Women don’t have penises

      In Britain it might soon be a crime to express this scientific fact.

      Is it now a crime to tell the truth in Britain? It’s heading that way. At the weekend it was revealed that Merseyside Police are making ‘enquiries’ into a trans-sceptical group that distributed stickers saying ‘Women don’t have penises’. Yes, that’s right: the police, the actual police, are investigating a group for expressing what the vast majority of people consider to be a biological, social, actual fact: that if you have a penis you are not a female. What next: arrest people for saying the sky is blue or that Piers Morgan is a muppet?

    • Rotherham: the silencing of Muslim voices

      Rotherham is a town whose very name has become synonymous with the horrific cases of Child Sexual Exploitation (CSE) which have occurred there in recent years. The media narrative around these cases – appalling crimes committed by a tiny minority of the population – is so powerful that it has been extremely difficult to challenge or even question. However as Islamophobia escalates to an unprecedented level with Boris Johnson’s comments emboldening the far right and racists and poisonous tropes of Muslims as terrorists and sexual predators sweep the country, it becomes particularly important to do so.

      Once a thriving town built round coal mines and steel, Rotherham today is a bleak place. The coal mines are closed and the steel industry is in decline. Unemployment is high. However, as many people emphasise, until six or seven years ago, racial violence had never been an issue. The comparatively small Pakistani community had lived cheek by jowl with white people. As playwright Emteaz Hussain puts it, “we were a working class community struggling to make ends meet, everyone lived in close proximity, and we naturally found a way of getting on.”

    • Alabama Abortion Decision Raises Alarms Ahead of Kavanaugh Hearings

      This week, a federal appeals court struck down Alabama’s ban on a safe, medically proven abortion method. The decision shows just how high the stakes are ahead of next month’s Senate confirmation hearings for Brett Kavanaugh, President Trump’s nominee to the Supreme Court.

      In recent years, anti-abortion politicians across the country have enacted hundreds of dangerous restrictions aimed at preventing women from obtaining abortions. Alabama has been at the forefront of this coordinated national campaign, with politicians there enacting a multitude of restrictions designed to make it impossible for a woman to get the medical care she needs.

      The latest legal battle concerned Alabama’s ban on dilation and evacuation (D&E) abortions. On Wednesday, the Eleventh Circuit Court of Appeals affirmed a lower court order invalidating the ban. The statute we challenged in the case, West Alabama Women’s Center v. Miller, made it a crime for physicians to provide D&E abortions. Had Alabama been permitted to enforce the ban, it would have prevented hundreds of women each year from being able to have an abortion, because D&E is the only outpatient procedure that is available after the earliest weeks of the second trimester. As the trial court that heard the case explained, the state could not “justify such a substantial obstacle to the constitutionally protected right to terminate a pregnancy.” The Eleventh Circuit judges affirmed that decision, explaining that their “role is to apply the law the Supreme Court has laid down,” and as a result of previous Supreme Court’s decisions, the Alabama statute plainly could not stand.

    • Michigan teacher who runs porn site under investigation

      The Michigan Court of Appeals had ruled that a public school teacher can’t be fired for private behavior that doesn’t adversely affect students, the Free Press reported at the time.

    • Looking at the Archives From the Time of the 1968 Democratic National Convention in Chicago and Seeing Familiar Themes

      This week, ProPublica Illinois reporter Mick Dumke wrote a column about the letters people sent to Chicago Mayor Richard J. Daley after the 1968 Democratic National Convention, held in the city, praising him for how he and the police handled protesters. Amid demonstrations, violence broke out, and Daley attacked the press for its coverage of those events.

      In one letter that touches on what the convention came to represent, a national simmering point of truth, facts, police violence and Chicago’s reputation, the manager of the Shannon Rovers Irish Pipe Band — the “official band of Chicago’s St. Patrick’s Day Parade” — thanked Daley and said “we regret” the “biased coverage of the television media.”

      “We will do whatever we can as individuals and as a band to keep Chicago where it should be — the leading city in the nation — in education, in economic growth and in social justice,” the letter read.

      An independent report found that police violence was “often inflicted upon persons who had broken no law, disobeyed no order, made no threat.” And it concluded that Chicago police and Daley specifically targeted journalists during the clashes.

    • When They Decide to Get You

      Alex Salmond’s jeopardy has caused me a dreadful shudder of recognition and empathy. I too was accused of hideous offences under a civil service disciplinary code and barred from taking any action to defend myself. I was not allowed to speak to anybody at all about the charges, and particularly not allowed to know the identity of my accusers, or to organise witnesses in my defence – which appears the exact procedure which Alex Salmond now, with absolute justice, complains of. These Civil Service disciplinary investigations are contrary to all rules of natural justice, and designed to facilitate executive stitch-ups, not to uncover the truth.

      As with Alex Salmond, some of the accusations against me were hideous – offering visas in exchange for sex, for example. They were so hideous that the mental anguish of not being permitted to take any normal steps to defend myself caused me a mental breakdown. I know what Salmond must be feeling. I received psychiatric treatment in St Thomas’ Hospital for a condition called “learnt helplessness” – meaning it was the dreadful experience of having things done to me which I was not permitted to take any normal steps to counter, which caused my clinical depression.

      The charges against me were entirely fake and entirely vexatious, even malicious, issued after I had objected to British complicity in torture in the “War on Terror”, which the government denied at the time, calling me a liar, though now admits. The charges were designed to destroy my reputation. You can read the full story in my book “Murder in Samarkand”, widely available in libraries. I believe it conveys the anguish that “learnt helplessness” can cause.

      To be plain, I was told not to reveal the existence of the charges to anybody at all and specifically forbidden from contacting witnesses. Nevertheless the charges were such obvious nonsense they eventually collapsed and I was found not guilty of all eighteen charges – but found guilty of breaking the order to keep the charges secret, in organising my defence. Not keeping the charges secret is the only disciplinary offence of which I was ever convicted.

      The extreme Kafkaesque nature of this is only increased by the fact that the government themselves had revealed the charges in the widest possible manner, by leaking them to the Daily Mail, in the effort to permanently ruin my reputation. A number of the charges were sexual, such as having a secret flat to entertain prostitutes – again, totally untrue, but great for the tabloids. The use of false sexual allegations to destroy threats to the political elite is routinely deployed – Alex Salmond joins Julian Assange, Tommy Sheridan (whose recent court victories against the Murdoch press went totally unreported), Scott Ritter and myself among recent victims of this tactic.

  • Internet Policy/Net Neutrality

    • California’s Resurrected Net Neutrality Bill Just Passed a Major Hurdle
    • Just Because The Internet Didn’t Implode The Day After Repeal Doesn’t Mean Killing Net Neutrality Was A Good Idea

      By now we’ve well established that the FCC ignored the public, ignored the experts, and ignored all objective data when it killed net neutrality rules at the behest of telecom monopolies.

      While the vote to kill the rules occurred last year, the rules didn’t technically die until last June 11. And one common refrain by Pai and pals (and many folks who don’t understand how the broken telecom market works) is that because the internet didn’t immediately collapse upon itself post-repeal in a rainbow-colored explosion, that the repeal itself must not be that big of a deal. For example, Ajit Pai tried to make that point again last week at an FCC oversight hearing that was severely lacking in the actual oversight department.

    • Verizon Incompetence and Greed Leaves Firefighters Throttled During Wildfire

      As part of the settlement, Verizon was forced to reimburse consumers to the tune of $1 million after a nine-month investigation found it was advertising wireless connections as “unlimited,” but then kicking users off of the Verizon Wireless network for “excessive use”—without disclosing the hidden limits of these connections.

      Ten years later and it’s not clear that Verizon has learned much of anything from the experience.

      The company made headlines again this week after a brief filed by net neutrality advocates highlighted that Verizon had throttled the “unlimited” data connection of the Santa Clara County Fire Department as it struggled to battle the Mendocino Complex Fire, one of the largest forest fires in California’s history.

    • Verizon’s Throttling of Fire Fighters Could Go Unpunished Because the FCC Repealed the Open Internet Order

      People are mad about the revelation that Verizon throttled the wireless service of the Santa Clara Fire Department in the middle of fighting a massive fire. In response, Verizon is making the very narrow claim that this wasn’t a clear violation of the 2015 Open Internet Order’s ban on throttling. That intentionally misses the point. The 2015 order, by reclassifying ISPs under Title II of the Federal Communications Act, would have likely made what happened with the fire department illegal.

      Under the 2015 Open Internet Order, the Federal Communications Commission did two things. First, it established that all broadband Internet service providers were common carriers subject to the federal laws that protect consumers, promote competition, and guard user privacy. Second, it established a set of “net neutrality” rules based on its Title II authority through the bright line rules of “no blocking, no throttling, no paid prioritization” as well as a general conduct rule.

    • History of Gopher
    • Internet Relay Chat, or IRC, turns 30

      Internet Relay Chat, better known by its acronym IRC, is celebrating a birthday. In fact this year the chat protocol is turning 30, University of Oulu, the birthplace of IRC, reports.
      IRC was developed in University of Oulu in Finland in the late 80s. The messaging platform was created in the Computer Science department as a replacement for their BBS-based messaging platform called MultiUser Talk, or MUT.

      In August of 1988, exact date unknown, Computer Science student Jarkko Oikarinen released IRC, both server and client software, that he had developed over the summer. The first server was run by a Sun-3 computer in the Department of Information Processing Science lab.

    • Internet chat system IRC turns thirty

      IRC (Internet Relay Chat) was born at the Department of Information Processing Science of the University of Oulu 30 years ago. Jarkko Oikarinen developed the internet chat system back in 1988 in addition to his summer job. Today, people are still using IRC.

    • Senate Commerce Committee Holds FCC Oversight Hearing to Discuss Net Neutrality and Rural Broadband Deployment

      Last week the Senate Committee on Commerce, Science, and Transportation held a hearing to conduct oversight of the Federal Communications Commission (FCC). Although there was the typical overblown bickering over the FCC’s action on net neutrality rules taken in recent months under FCC Chairman Ajit Pai that one might expect, much of the day’s hearing focused on the poor quality of current broadband coverage maps employed by the FCC in distributing subsidies as well as the need to improve rural broadband deployment to reach millions of Americans living in rural communities.

    • Karl Grossman on Space Force, Evan Greer on Net Neutrality Cyber Fraud

      This week on CounterSpin: A popular internet meme says, “I have a question about Space Force; when is Flint getting clean water?” But while social media reflect complaints that the Trump administration’s plans to “address space as a developing war-fighting domain,” as Defense Secretary Jim Mattis has it, will mean still more resources channeled away from social programs to Warmongering, Inc., that line of questioning has so far had little place in corporate media coverage.

      We’ll talk about the prospect of war in space with longtime FAIR associate Karl Grossman, journalism professor at State University of New York/College at Old Westbury, and author of the books Weapons in Space and The Wrong Stuff: The Space Program’s Nuclear Threat to Our Planet, among others.

  • DRM

    • GOG Launches FCKDRM to Promote DRM-Free Art and Media

      GOG, the digital distribution platform for DRM-free video games and video, has launched a new initiative designed to promote content without embedded DRM. While Digital Rights Management is seen by many companies as necessary to prevent piracy, GOG believes that its restrictions are anti-consumer and run counter to freedoms that should exist alongside content ownership.

  • Intellectual Monopolies

    • Japan to extend design patent term by five years in bid to spark corporate creativity

      The Japan Patent Office (JPO) will ask the country’s legislature to extend design patent protection to 25 years during its next session, according to a report in Nikkei. The policy change has a dual aim of making Japanese companies more brand-conscious and enhancing coverage for innovations that combine visual and technical features, such as user interfaces.

    • A 5G iPhone will cost Apple about $21 in licensing fees to Nokia, Qualcomm, and others

      Nokia on Wednesday announced a flat, 3 euro ($3.48) per-device licensing fee for its 5G standards-essential patents, according to VentureBeat. That contrasts with Ericsson, which is charging on a sliding scale between $2.50 and $5 based on the cost of a device.

      Qualcomm, however, is licensing its 5G patents at 2.275 percent of a single-mode phone’s total price, and 3.25 percent for multi-mode phones, albeit with a $400 price cap.

      A modern smartphone could potentially be saddled with over $21 in combined royalty payments. Around $13 will go to Qualcomm regardless of any current spats.

    • Copyrights

      • Movie Company Sues Post-Production Studio For $5 Million For Leaking ‘Kickboxer’ Film That Grossed $5k Domestically

        It is no revelation that film studios have been in a sustained freakout for years over films that leak to the internet before they hit the theaters. While the freakout is somewhat understandable (nobody wants to plan out a film release only to have the product appear in a way outside those well-laid plans), much of the reasoning in the freakouts has to do with claims that the leaks eat into the profits the company would generate at the theater. This reasoning has been debunked many times over, most notably by AAA movies that leak online still making a killing at the box office. What should be immediately apparent is that much of this is driven by emotion and outrage rather than anything resembling facts or clear-thinking.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts