Bonum Certa Men Certa

Links 29/8/2018: Solaris 11.4, More Intel Issues





GNOME bluefish

Contents





GNU/Linux



  • Desktop



    • 10 Reasons To Replace Windows With Linux
      A lot of people run Windows on their laptop and desktop computers and quite often the reason for that is because it was already installed when they bought the machine.

      What is interesting though is that if you give people a better option then there is every chance they will switch to something else.

      If you don’t believe me look at the rise of Google Chrome. Internet Explorer used to dominate the browser market share but now Chrome controls over 60% compared to Internet Explorer which has under 10%.

      Linux is better than Windows, especially for home use and in this guide I will provide 10 reasons why.






  • Kernel Space



    • The world's largest open source project, Linux, turned 27
      27 years ago, on the 25th of August in 1991 to be exact, a student from University of Helsinki posted on a newsgroup seeking for feedback for what he called a hobby project. That is of course Linux, the hobby project started by Linus Torvals, that has since conquered the world. In the original post Linus was looking for feedback for fellow Minix users. He had been working on his replacement for Minix since April, and was ready to get it out there.

      It obviously still took a while before Linux was ready for a proper spotlight, but the cat was out of the bag.


    • Is the Linux 4.18 kernel heading your way?
      In case this URL isn't familiar, www.kernel.org is the web site of the organization that distributes the Linux kernel and other Open Source software to the public without charge. The site provides kernel archives where anyone can download source. And, yes, even you, can go and download source code for Linux.

      The latest stable version is currently 4.18.5. The kernel.org site provides extensive and easily navigated directories that can shed as much light on the Linux kernel as you might care to absorb. That includes the ability to view individual files that represent portions of the code base or download past or current releases.

      If you go to www.kernel.org, you will see options for downloading kernel tarballs, viewing the verification signatures for the tarballs, and investigating patches. If you have never considered the amount of code that comprises the Linux kernel or imagined how accessible it is, visiting the site and spending a little time wandering around might prove to be quite an exciting experience. Try drilling down to a single script as in this example picked at random and you'll see how easy it is to probe into code that makes up the core of Linux.
    • Linux 4.4.153
    • Linux 3.18.120


    • Realtek USB3 Hubs Will See Firmware Updates Delivered On Linux Via Fwupd/LVFS
      Linux firmware updating is on a roll with the fwupd updating utility and the Linux Vendor Firmware Service (LVFS) for the distribution of these firmware files recently seeing AKiTiO Thunderbolt device support and NVMe SSD firmware updating being the next big task. Richard Hughes of Red Hat has also revealed he's been working on USB3 hub firmware support in conjunction with Realtek.


    • Linux 4.19 lets you declare your trust in AMD, IBM and Intel
      Linux v4.19-rc1, release candidate code published on Sunday, allows those building their own kernel or Linux distribution to choose whether or not to trust the CPU hardware random number generator, a decision that has become complicated in the wake of the revelations about government surveillance over the past five years.

      When random number generation is insufficiently random, encryption based on such numbers can be broken with less effort. Among the security-minded, there's concern that hardware makers might offer subpar randomization unknowingly, as a result of espionage, or to accommodate demands from government law enforcement or intelligence agencies.

      The paranoia wasn't always so palpable. Back in 2013, Linus Torvalds, Lord of the Linux, dismissed calls to ditch Intel's RDRAND processor instruction, noting that the Linux kernel uses multiple sources of input to generate random numbers.

    • Intel's 13 Patches For SGX Linux Support See Their 13th Revision
      One of the features sadly not making it into the in-development Linux 4.19 kernel is the support for Intel's SGX -- the Software Guard Extensions.

      Intel Software Guard Extensions allow for allocating "enclaves" or private regions of memory for secure computing, DRM, and other purposes. SGX support was introduced to Intel CPUs with Skylake while the Linux support has remained a work-in-progress.


    • Bug in Linux 4.18 Kernel Causes CPU Stall and System Freezes on Older Hardware
      If ever you needed a good reason to upgrade your old CPU, it seems a “show-stopping” bug has found its way into the Linux 4.18 stable kernel series – though its only effecting older hardware, mostly the Intel Core 2 Duo era processors. This bug in Linux 4.18 kernel currently has two submitted bug reports on the bugzilla tracker.


    • Linux 4.18 Is Appearing To Cause Problems For Those Running Older CPUs
      As a P.S.A. for those tending to quickly upgrade to new major kernel releases but are doing so on older hardware, there appears to be a show-stopping bug that made it into the stable Linux 4.18 series.

      [...]

      Those encountering this problem have bisected it to clocksource: Remove kthread as the problematic commit. If building the Linux 4.18 kernel with that commit reverted, those old CPUs begin to happily run on this latest stable kernel release. Another alternative to workaround this problem is booting with the kernel parameter of clocksource=hpet. Of course, if you are running on a system as old as the Core 2 Duo days (2006~2010), you can choose any number of older stable Linux LTS releases to boot your system until this situation is resolved upstream and back-ported to the 4.18 series.


    • Graphics Stack



      • NVIDIA 390.87 Linux Driver Backports That Important Performance Fix
        NVIDIA has today shipped the 390.87 Linux driver as their latest update to the 390 "long-lived" driver series
      • GPUOpen's Vulkan Memory Allocator 2.1 Being Prepped With Many Additions
        AMD's GPUOpen group has released their first beta of the Vulkan Memory Allocator 2.1 release after "many months of development" and as such comes with many new features.

        VulkanMemoryAllocator as a refresher is the open-source AMD effort to provide an easy-to-use and integrate Vulkan memory allocation library to ease the process of bringing up new Vulkan code. The VulkanMemoryAllocator is used by the likes of Google's Filament renderer, vkDoom3, LWJGL, the Anvil framework, and others.


      • Mir's EGMDE "Edge" Now Has Experimental X11 Support, Static Display Configuration
        Ubuntu's Mir display server that has been chasing Wayland support and earlier this year introduced EGMDE as the example Mir desktop environment has picked up some extra functionality on its "edge" channel.

        Thanks to Ubuntu's Snappy, via Snap it's now possible to have both beta and edge channels of EGMDE with easy installation. Their edge channel of EGMDE will be where they ship their experimental/bleeding-edge features. In making use of this new functionality, to the EGMDE edge channel they have introduced some new capabilities.


      • More Vega 20 Enablement Heading To Linux 4.20~5.0, No Longer Marked Experimental
        While the Linux 4.19 kernel merge window just ended this past weekend and the development cycle for Linux 4.20 (or most likely to be called Linux 5.0) won't kick off until around the middle of October, AMD has already begun staging a ton of changes for this next kernel version. In particular, it looks like with this next kernel release their Vega 20 enablement will be in order.


      • The DRM GPU Scheduler Got Beefed Up This Summer, More Improvements Possible
        In addition to the VKMS driver for virtual kernel mode-setting, the other successful Google Summer of Code (GSoC) project this summer under the X.Org umbrella was improving the DRM GPU scheduler.

        The DRM GPU scheduler is what was the AMDGPU scheduler before it was punted out into DRM common code so this GPU scheduler could be re-used by other Direct Rendering Manager drivers like Etnaviv and Linux-Lima. As part of GSoC 2018, Nayan Deshmukh worked on improvements to the DRM GPU scheduler with a particular focus on being able to feed one entity into multiple run queues.


      • wineSHOCK: The Automated Direct3D Game Benchmarks On Wine
        Given Valve's now public Steam Play for Linux using the Wine-derived Proton and their ongoing relationship with Code Weavers to improve the experience for Windows games on Linux, it perhaps adds better context why this summer for GSoC there was the automated Direct3D game benchmarking work with mentorship by a CodeWeavers developer.

        This summer we've been covering the work by student developer Dimitris Gounaridis on better Direct3D game benchmarks within Wine. After all, this Google Summer of Code project is facilitated using the Phoronix Test Suite and OpenBenchmarking.org.


      • Vulkan VirGL Ends The Summer Being Able To Execute A Compute Shader
        One of the most interesting projects we've seen attempted for Google Summer of Code 2018 was adding Vulkan support to VirGL for allowing Vulkan access within guest virtual machines.

        The VirGL stack has been getting into great shape with its OpenGL 4 support while up until this summer there wasn't much effort on getting the Vulkan graphics/compute API handled by this stack that leverages Mesa, VirtIO-GPU, and the "virglrenderer" component to make all of this magic happen.




    • Benchmarks



      • Benchmarks Of Intel's Latest Linux Microcode Update
        With all of the confusion last week over Intel's short-lived CPU microcode license change that forbid benchmarking only for them to change it a short time later -- to a much nicer license in that the microcode files can be easily redistributed and don't curtail it in other manners (and also re-licensing their FSP too), here are some performance benchmarks when trying out this latest Intel microcode on Linux.

        [...]

        In the benchmarks run over the weekend, the latest Intel microcode files for August (taking Xeon Scalable CPUs to 0x200004d appeared to have only minimal impact on the system performance... Mostly in I/O cases were there some slight differences in performance, but nothing overly shocking and not as bad as the L1TF Linux kernel mitigation itself -- see those benchmarks for all the details. Going into this microcode comparison I was expecting much more volatile results given their short-lived benchmark restriction, but it looks like it may have just been an overzealous Intel lawyer who thought it would be a good idea to forbid benchmarking and further lock-down their microcode license...


      • Fresh NVIDIA vs. AMD Radeon OpenCL GPU Benchmarks For August 2018
        It has been a while since last delivering some OpenCL GPU compute benchmarks across several different graphics cards on the latest Linux drivers, so here is a fresh look.

        Tests were done using the the NVIDIA 396.54 Linux driver with the GeForce GTX 1070 / 1070 Ti / 1080 / 1080 Ti graphics cards. On the AMD side was the newest AMDGPU-PRO 18.30 driver release with testing a Radeon RX Vega 56 and RX Vega 64.


      • The Tighter NVIDIA GeForce vs. AMD Radeon Linux Gaming Battle With 396.54 + Mesa 18.3-dev Drivers
        Last week NVIDIA released the 396.54 driver that has a significant performance fix for OpenGL/Vulkan Linux performance due to a resource leak regression introduced at the start of the 390 driver series. With that updated driver (also as of yesterday back-ported to 390.87 too), there is a measurable boost in performance after running a few games on NVIDIA Linux systems. But at the same time, the Mesa 18.3-dev open-source graphics driver stack with RadeonSI/RADV continues improving on the open-source AMD front. Here is a fresh look at how the latest AMD Radeon and NVIDIA GeForce graphics cards compare using these latest drivers.


      • Clear Linux Rolling Out KDE Plasma Desktop Support, Plus Some Benchmarks Against GNOME Shell
        The performance-optimized Clear Linux distribution out of Intel's Open-Source Technology Center started out with Xfce as its lone desktop option and then added and moved over to the GNOME Shell as the default desktop. While GNOME Shell remains the default desktop choice for this rolling-release Linux distribution, KDE components have begun appearing in recent days.

        On Clear Linux it's now just a swupd bundle-add desktop-kde command away from getting a Plasma 5 desktop on this high-performance Linux stack. Also new are the desktop-kde-apps and desktop-kde-libs bundles, though they are included as part of the desktop-kde bundle. Over the weekend the KDE Plasma desktop became functional on Clear Linux.






  • Applications



  • Desktop Environments/WMs



    • Getting started with the i3 window manager on Linux
      In my article 5 reasons the i3 window manager makes Linux better, I shared the top five reasons I use and recommend the i3 window manager as an alternative Linux desktop experience.

      In this post, I will walk through the installation and basic configuration of i3 on Fedora 28 Linux.


    • K Desktop Environment/KDE SC/Qt



      • KD Chart 2.6.1 Released
        This is the latest release of our powerful open-source Qt component, KD Chart, that allows you to create business charts and much more.
      • KDAB at SIGGRAPH – 2018


      • KDAB Talks at Qt World Summit – Boston
        KDAB is offering two talks at Qt World Summit in Boston. Here’s a preview before the full program is published.

        The first, from Qt 3D expert Mike Krus, gives an in-depth look at how to make the collaboration between designers and developers smoother.


      • Akademy 2018 Trip Report
        I recently had the opportunity to attend Akademy - the annual world summit of KDE. This blog post covers my experience of the event, and is mostly a brain-dump memory aide. Akademy attracts KDE developers, enthusiast users and others from the wider Qt, KDE and distro communities. The event is a week-long in-person combination of talks and BoF (Birds of a Feather) sessions. This year Akademy was held at TU Wein in Vienna, Austria.

        I'd never attended Akademy before, as I am not a KDE developer, and only recently starting running Plasma on my ThinkPad T450. My employer - Canonical - is a sponsor of the KDE project, and a silver level sponsor of Akademy. A recent reorganisation inside Canonical meant I was able to take someone else's place at the last minute. So I booked travel and accomodation to attend from Saturday to Tuesday.


      • Plasma Mobile at a demoparty?
        Chaos Constructions is an annual computer festival held in Saint Petersburg, Russia. It is centered around demoscene — a form of computer art where participants write programs that produce short audio-visual presentations. Apart from the demoscene contests, you can enjoy computer-related seminars, live acts, and a computer exhibition.


      • Human Interface Guidelines
        The Visual Design Group has been hard at work to improve our Human Interface Guidelines. These set of rules and guidelines are meant for our developers and designers to use when creating applications, submitting patches, suggesting UI changes, etc. Every developer that we work with will feel a little more safe that their application is headed in the right visual direction for KDE.

        However, as with most things, our guidelines have become outdated. Recent development into Kirigami and further work into the desktop have made it clear that we must change and update our guidelines to accommodate for these new developments.

        In fact, during Akademy 2018 in Vienna, updating our guidelines was one of the most cited suggestions that I received.


      • TableView
        I’m happy to announce that in Qt 5.12, a new TableView item will be available in the QtQuick module. TableView is similar to the existing ListView, but with additional support for showing multiple columns.

        Like with ListView, you can assign data models of any kind to TableView, like ListModels or plain Javascript arrays. But to create models with more than one column, you currently need to subclass QAbstractItemModel in C++. A QML TableModel is also in the works, but will come later.


      • Calendar progress


        As we’re closing in on a simple but functional calendar for Kube, I’d like to share our progress with you.

        We’ve decided to start with a week view, as that seems to be a good compromise between information density and enough information for day-to-day use. We will eventually complement that with a month view, which is probably all we need for the time being.


      • Krita Comic Managemer: Improving the other exporters.


        There’s still more that can be done, like for example accessibility metadata entries, but for now I am pretty pleased with this.

        It is in master, so Krita 4.2 will carry the updated plugin!




    • GNOME Desktop/GTK



      • GTK+ and the application id
        tl;dr: If you want to be sure your application will be displayed with the correct icon under different Wayland compositors make sure that your GApplication (or GtkApplication) uses

        g_set_prgname(your_g_application_id);

        on GTK+3. On GTK+4 this is handled for you.
      • What ails GHashTable?


        I promised a closer look at GHashTable and ways to improve it; here’s that look and another batch of benchmarks to boot.

        This time around I’ve dropped most of the other tables from the plots, keeping only khash and adding results from my GLib branch and Rust’s HashMap, the latter thanks to a pull request from Josh Stone. These tables have closely comparable performance and therefore provide a good reference. Besides, every table tested previously is either generally slower or more memory-hungry (or both), and including them would compress the interesting parts of the plot.
      • What this blog will become after GSoC
        Hello everyone, I am back after some weeks of vacation!

        So GSoC 2018 officially ended last week but I’ve decided to keep using this blog for posting news of the work I will be doing for some time (i.e. until I find a better place for this).






  • Distributions



    • Intel To Develop Safety-Critical Linux OS Distribution
      Imad Sousou of Intel's Open-Source Technology Center has announced their plans to develop a safety-critical Linux distribution. This Linux distribution will be geared for running on safety-compliant solutions from autonomous vehicles to drones and more.


    • Slackware Family



      • Calibre 3.30.0 for Slackware with internal Qt5 libraries
        It took me quite a while to release a new package for Calibre, the e-book library manager. That had a reason.

        In July I switched the Qt5 package in my repositories to version 5.11 to support the latest KDE Plasma5 software and because it offers advantages over the previous 5.9 releases. Unfortunately, as I found out soon afterwards, the Calibre software fails to work with Qt 5.11 – its GUI components were not built and there was no obvious error to explain why.

        Therefore I had to re-visit the calibre.SlackBuild‘s internals and try to revive the internal functions that compile an embedded Qt library set. This was last tested in the early days of my Calibre packages when Qt4 was the running champion. Adding internal Qt5 support was quite a different beast. Qt5 is a lot bigger than the venerable Qt4 so the build process needed some pruning to keep the compilation times acceptable and the package size under control.




    • Red Hat Family



      • Red Hat to Explore Blockchain Software Tracking Benefits for Cloud Computing Usage


        Multinational firm offering open-source software essentials, Red Hat is apparently seeking the help of blockchain technology to better assess consumer usage of cloud computing platforms. News regarding Red Hat’s recent endeavor was publicised via a patent filed with the U.S Patent & Trademark Office, officially dubbed, “Blockchain-based Software Instance Usage Determination,” as of Thursday, August 23.

        The reason for considering blockchain stems from the challenges that arise when it comes to keeping track of cloud computing costs. In general, software products are licensed annually and have some fixed fee attached to them. This, however, is not the case with cloud computing, as both the necessary licenses and fees are dependent on usage. Therefore, Red Hat’s need to understand usage in terms of the number of users and amount of time used came about.
      • Red Hat Announces Changes to RHCA Certification


      • FusionLayer Joins Red Hat Partner Program


      • Securing apps and services with Keycloak (Watch DevNation Live video)


        The video from the last DevNation Live: Securing apps and services with Keycloak is now available to watch online. In this session, you will learn how to secure web/HTML5 applications, single-page and mobile applications, and services with Keycloak. Keycloak can be used to secure traditional monolithic applications as well as microservices and service mesh-based applications that need secure end-to-end authentication for all front- and back-end services. The examples in the video cover PHP, Node.js, and HTML/JavaScript.

        Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.



      • Breaking the legacy virtualization cycle: How Red Hat and our partners are transforming IT through open source
        Across nearly every industry, organizations of all shapes and sizes are embracing digital transformation in an effort to modernize their IT departments. They want to deliver better, faster and more dynamic services to customers -- and they’re starting from their infrastructure, up. But for companies locked into legacy technologies, transformation isn’t always an option.

        Organizations with proprietary virtualization solutions know all too well how this technology can stifle enterprise IT innovation and advancement. For many, the cost of simply maintaining existing infrastructure investments ties up an overwhelming majority of budgets, leaving little room to invest in new technologies, and the closed vendor ecosystem can make integrating and adopting cloud-native solutions based on Kubernetes and Linux containers nearly impossible.


      • Finance



      • Fedora





    • Debian Family



      • Debian Stretch Gets Patch for Regression Causing Boot Failures on ARM Systems
        In a recent security advisory, Salvatore Bonaccorso writes that the last Linux kernel update released for Debian GNU/Linux 9 "Stretch" to mitigate the L1 Terminal Fault (L1TF) security vulnerabilities is causing boot failures for users on the ARM architecture.

        Also known as Foreshadow, these security vulnerabilities are similar to the Spectre security vulnerabilities and allow an attacker that has access to an unprivileged process to read the memory from arbitrary addresses that aren't controlled by users, including from the kernel.


      • Debian Policy call for participation -- August 2018
        Here’s a summary of some of the bugs against the Debian Policy Manual. Please consider getting involved, whether or not you’re an existing contributor.


      • Derivatives



        • Debian-Based Neptune Linux 5.5 Operating System Released with LibreOffice 6.1
          Coming only a month after the Neptune 5.4 release that introduced a new dark theme and updated several components, Neptune 5.5 bumps the kernel version to Linux kernel 4.17.8 and updates the graphics stack to Mesa 18.1.6, AMDGPU DDX 18.0.1, Nouveau DDX 1.0.15, and ATI/Radeon DDX 18.0.1.

          "This update represents the current state of Neptune 5 and renews the ISO file so if you install Neptune you don't have to download tons of Updates," writes Leszek Lesner in today's announcement. "In this update we improved hardware support further by providing Linux Kernel 4.17.8 with improved drivers and bugfixes."


        • Canonical/Ubuntu



          • Ubuntu Weekly Newsletter Issue 542
            Welcome to the Ubuntu Weekly Newsletter, Issue 542 for the week of August 19 – 25, 2018. The full version of this issue is available here.


          • UBports releases Ubuntu Touch OTA-4, the biggest update yet


            When Canonical ceased development of Ubuntu Touch for smartphones and tablets last year, an independent group of developers formed the UBports project to continue supporting and updating the Linux-based smartphone operating system.

            Now the team has released Ubuntu Touch OTA-4, a major update that fixes bugs, updates software packages, adds new features and performance enhancements, and updates the base of the operating system from Ubuntu 15.04 to Ubuntu 16.04 LTS.


          • Ubuntu 18.10 Will (Once Again) Ship with an Older Version of Nautilus
            April’s release of Ubuntu 18.04 LTS offered up the majority of GNOME 3.28 but devs chose to include Nautilus 3.26 rather than the newer v38 release. That made sense; it was an LTS release and v3.26 was the last version of the file manager to support desktop icons.

            This time around Ubuntu 18.10 will offer up the majority of GNOME 3.30 but, where the file manager is considered, once again stick with Nautilus 3.26.

            We speculated several months back that Ubuntu’s preference for keeping desktop icons around (a feature that newer version of Nautilus do not provide) would override the lure of sure-wrought ‘newness’.


          • Minimal Ubuntu for the cloud delivers some maximum benefits
            Ubuntu is used everywhere. In fact, I’m writing this on an Ubuntu machine, specifically, the oh-so-elegant Ubuntu Mate distro. Hundreds of millions of personal computers, servers, mobile devices, and containers are booting Ubuntu, and aren’t looking back. Ubuntu even runs inside the International Space Station and controls the BYU Mars Rover. Ubuntu phones are being rolled out by Meizu and BQ, and it is worth mentioning that Ubuntu can even be installed on Google Nexus tablets and phones. Ubuntu is also running on Hubu, the world’s cleverest robot. Ubuntu powers the infrastructure at leading organizations like Snapchat, Instagram, Pinterest, Reddit, Netflix, Walmart, Bloomberg, WETA Digital, and even Wikipedia. Ubuntu is also behind the largest supercomputer Tianhe-2. Ever since cloud computing has taken off, Ubuntu has become a big key player in the market. Over 60 million Ubuntu images are launched by Docker users. There’s plenty of Ubuntu in Kubernetes, Apache Mesos, Cloud Foundry, and Heroku. And now, there is a brand new version of Ubuntu on the block — Minimal Ubuntu.


          • Canonical Outs Intel Microcode Security Update for All Supported Ubuntu Releases
            According to the advisory, the new Intel microcode firmware security update mitigates the L1 Terminal Fault (L1TF) vulnerability documented as CVE-2018-3646, which could allow an attacker in a guest virtual machine to expose sensitive information from either the host operating system or other guests.

            It also fixes the well known Spectre Variant 4 security vulnerability (CVE-2018-3639) that could allow an attacker to expose sensitive information, including kernel memory via a side-channel attack, and another side-channel attack known as Rogue System Register Read (RSRE) and documented as (CVE-2018-3640).


          • Ubuntu Server development summary – 28 August 2018
            The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.


          • Flavours and Variants











  • Devices/Embedded





Free Software/Open Source



  • Open Mainframe Project Announces Zowe: A Platform for the Mainframe
    The Open Mainframe Project today announced Zowe. Zowe provides an open source software framework to bridge the gap between modern applications and the mainframe. It gives users easier interoperability and scalability for tools from multiple vendors. Zowe is the first open source project based on z/OS.

    As hybrid cloud architectures grow in popularity, organizations will need intuitive, productive, and better-integrated capabilities for z/OS. The project’s mission centers around hybrid delivery through an open source framework. It will also build an ecosystem of independent software vendors, system integrations, clients, and end users. This framework enables an ecosystem of software solutions intended to provide a simple, intuitive environment for IT professionals across teams.


  • Google releases open source reinforcement learning framework for training AI models
    Reinforcement learning — an artificial intelligence (AI) technique that uses rewards (or punishments) to drive agents in the direction of specific goals — trained the systems that defeated Alpha Go world champions and mastered Valve’s Dota 2. And it’s a core part of Google subsidiary DeepMind’s deep Q-network (DQN), which can distribute learning across multiple workers in the pursuit of, for example, achieving “superhuman” performance in Atari 2600 games. The trouble is, reinforcement learning frameworks take time to master a goal, tend to be inflexible, and aren’t always stable.

    That’s why Google is proposing an alternative: an open source reinforcement framework based on TensorFlow, its machine learning library. It’s available from Github starting today.


  • Liberty Activists Migrating from Twitter to Censorship-Proof “Mastodon” Decentralized Platform
    There has been a lot of controversy recently over social media websites like Twitter swinging their ban hammer on personalities with opinions they don’t like. As a libertarian, I believe in property rights and so Twitter, Facebook, Youtube, and the like should certainly be free to ban people for whatever reason they want. I also believe in the free market’s potential reactions to bad decisions by business owners, which include boycott and competition.

    Thankfully, the competition has arrived! Mastodon is a decentralized social media replacement for Twitter and it does an excellent job. I recently joined the “Liberdon” server intended for libertarians and voluntarists. Not only is Mastodon decentralized, in that anyone who wants to can run a server, but it’s also “federated”. Federated means your server can be connected to all the other Mastodon servers, that is so long as the other servers want to be connected to you. Each server sets its own rules for which other servers they’ll federate with. So if the NAZIs or Communists start a server, no one has to link up to them – the market decides instead of a centralized corporation like Twitter. However, even if no other servers federate with, say Chris Cantwell‘s server (I don’t think he has one – just as an example), he can still run his server and hate-filled bigots and racists can join it and talk to each other. Of course, each server can be controlled and its policy set by its administrator, so intra-server censorship is still possible (most servers prohibit spam, for instance), but given you are free to start your own server and set your own policy, you can’t be censored if you start your own platform.


  • Now available: The open source guide to DevOps monitoring tools
    Once upon a time, I was troubleshooting some vexing problems in an application that needed to be scaled several orders of magnitude, with only a couple of weeks to re-architect it. We had no log aggregation, no metrics aggregation, no distributed tracing, and no visualization. Most of our work had to be done on the actual production nodes using tools like strace and grepping through logs. These are great tools, but they don’t make it easy to analyze a distributed system across dozens of hosts. We got the job done, but it was painful and involved a lot more guessing and risk than I prefer.

    At a different job, I helped troubleshoot an app in production that was suffering from an out-of-memory (OOM) issue. The problem was inconsistent, as it didn’t seem to correlate with running time, load, time of day, or any other aspect that would provide some predictability. This was obviously going to be a difficult problem to diagnose on a system that spanned hundreds of hosts with many applications calling it. Luckily, we had log aggregation, distributed tracing, metrics aggregation, and a plethora of visualizations. We looked at our memory graph and saw a distinct spike in memory usage, so we used that spike to alert us so we could diagnose the issue in real time when it occurred.


  • 4 open source monitoring tools
    Isn’t monitoring just monitoring? Doesn’t it include logging, visualization, and time-series data?

    The terminology around monitoring has caused a lot of confusion over the years and has led to some poor tools that tout the ability to do everything in one format. Observability proponents recognize there are many levels for observing a system. Metrics aggregation is primarily time-series data, and that’s what we’ll discuss in this article.


  • Google improves AI model training by open-sourcing framework


  • AI: Google releases open source framework for reinforcement learning


  • An Introduction to Quantum Computing with Open Source Cirq Framework
    As the title suggests what we are about to begin discussing, this article is an effort to understand how far we have come in Quantum Computing and where we are headed in the field in order to accelerate scientific and technological research, through an Open Source perspective with Cirq.

    First, we will introduce you to the world of Quantum Computing. We will try our best to explain the basic idea behind the same before we look into how Cirq would be playing a significant role in the future of Quantum Computing. Cirq, as you might have heard of recently, has been breaking news in the field and in this Open Science article, we will try to find out why.

    [...]

    It will be easier for us to understand Quantum Computing by comparing it first to Classical Computing. Classical Computing refers to how today’s conventional computers are designed to work. The device with which you are reading this article right now, can also be referred to as a Classical Computing Device.


  • Events



    • Reports from Netdev 0x12
      The Netdev 0x12 networking conference was held in mid-July. Participants at the event have put together a set of reports of the talks that were held on the last two days; Day 2 includes eleven talks, including the keynote by Van Jacobson, while Day 3 covers another ten topics.


    • Netdev day 3
      In this talk Tushar Dave presents his work on using eBPF for Reliable Datagram Socket (RDS) filtering. Tushar started his talk by explaining that RDS is a high performance, low latency connectionless protocol that sits on top of TCP (sk_buff) and IB (scatterlist) transport layers.

      The problem Tushar tried to solve was to implement RDS filtering and firewall to do DPI of a full RDS packet in a unified solution for both TCP and IB. Netfilter is a possibility but Netfilter only uses sk_buff. An alternative is eBPF which has been adopted into the Linux kernel and used for a lot of things.

      In order to use eBPF as it was, Tushar had to add a new BPF prog type (similar to socket filter) that deals with scatterlist. In addition he had to create a new function to setup needed data structures to run filter program attached to the socket. As POC Tushar created a BPF helper to help users to traverse the sg elements in the scatterlist.


    • Netdev 2018 day 2
      The first of these saved us until ~1995, then the second and third until ~2012. Since then the problem has been increasing. Dennard's scaling stopped. Usually, the switch's speed was faster than the host speed. CPU upgrades cannot solve network problems anymore. This had a big impact on the network. Google has been working to try and address some of these issues; Van mentioned several Google authored papers: - Hull, BwE, FQ/pacing, Timely, BBR, Carousel. All these papers tried to figure out how to find the bottleneck link downstream and prevent pressure in downstream buffers. BwE discussed how to fix things at the host to prevent queue buildup in switches. FQ/pacing was about desire to prevent many packets traveling to the same destinations in bursts.

      Van argued that AFAP isn't working for us now because it's local to the host and our problems aren't local. We need a mechanism that allows for more control of packet spacing on the wire. To enforce relationships between all outgoing packets, the enforcement mechanism needs to be just in front of the NIC. Carousel is a great example of this.




  • Web Browsers



    • Chrome



    • Mozilla



      • Thank You, Cathy Davidson
        Cathy Davidson joined the Mozilla Foundation board in 2012, and has been a force helping us broaden our horizons and enter new areas. Cathy was the first person to join the Foundation board without a multi-year history with browsers or open source. This was an act of bravery!


      • SUMO Days Firefox 62: you are invited!
        On these days, Support contributors will be online answering questions live and hanging out. If you do not see anyone active online, please contact Rachel (username: guigs) or another Administrator or Operator in the #sumo IRC channel listed in the wiki.

        There is also the two Telegram channels that are active for assignments of tweets and collaboration. You may need an account to participate, so just send a message to social Telegram group – there are guidelines on how to set up Tweetdeck for social if you would like your own workspace, or you can message guigs to add your trello account to the trello board with delegated tweets for the day.


      • Experiment: Adjusting SETA to run individual files instead of individual jobs
        I did an experiment in June (was PTO and busy on migrating a lot of tests in July/August) where I did some queries on the treeherder database to find the actual test cases that caused the failures instead of only the job names. I came up with a list of 171 tests that we needed to run and these ran in 6 jobs in the tree using 147 minutes of CPU time.


      • Dear Venmo: Update Your Privacy Settings
        Last month, privacy researcher and Mozilla Fellow Hang Do Thi Duc released Public By Default, a sobering look at the vast amount of personal data that’s easily accessible on Venmo, the mobile payment app.

        By using Venmo’s public API and its “public by default” setting for user transactions, Hang was able to watch a couple feud on Valentine’s Day, observe a woman’s junk food habits, and peer into a marijuana dealer’s business operations. Seven million people use Venmo every month — and many may not know that their transactions are available for anyone to see.

        Privacy, and not publicity, should be the default.

        Despite widespread coverage of Hang’s work — and a petition by Mozilla that has garnered more than 17,000 signatures — Venmo transactions are still public by default.


      • Taskcluster Credential Derivation in EC2 using S/MIME, OpenSSL's C api and Node.js's N-API


      • Shrinking Go Binaries


      • Firefox Nightly Secure DNS Experimental Results
        A previous post discussed a planned Firefox Nightly experiment involving secure DNS via the DNS over HTTPS (DoH) protocol. That experiment is now complete and this post discusses the results.

        Browser users are currently experiencing spying and spoofing of their DNS information due to reliance on the unsecured traditional DNS protocol. A paper from the 2018 Usenix Security Symposium provides a new data point on how often DNS is actively interfered with – to say nothing of the passive data collection that it also endures. DoH will let Firefox securely and privately obtain DNS information from one or more services that it trusts to give correct answers and keep the interaction private.


      • Taskcluster Artifact API extended to support content verification and improve error detection


      • Let’s be Transparent
        Two years ago, we released the Firefox Hardware Report to share with the public the state of desktop hardware. Whether you’re a web developer deciding what hardware settings to test against or someone just interested in CPUs and GPUs, we wanted to provide a public resource to show exactly what technologies are running in the wild.

        This year, we’re continuing the tradition by releasing the Firefox Public Data Report. This report expands on the hardware report by adding data on how Firefox desktop users are using the browser and the web. Ever wanted to know the effect of Spring Festival on internet use in China? (it goes down.) What add-on is most popular this week in Russia? (it’s Визуальные закладки.) What country averages the most browser use per day? (Americans, with about 6 to 6.5 hours of use a day.) In total there are 10 metrics, broken down by the top 10 countries, with plans to add more in the future.






  • Oracle/Java/LibreOffice



    • Oracle Solaris 11.4 Released for General Availability
      I'm pleased to announce the release of Oracle Solaris 11.4. Of the four releases of Oracle Solaris that I've been involved in, this is the best one yet!

      Oracle Solaris is the trusted business platform that you depend on. Oracle Solaris 11 gives you consistent compatibility, is simple to use and is designed to always be secure.
    • Solaris 11.4 released
      Congrats to my colleagues in the Solaris team who released Solaris 11.4 today. Despite the 11.x moniker, this is actually a major Solaris release; Oracle has just decided to go down the perpetual macOS X / Windows 10 version numbering route from now on. (This development is unlikely to faze Solaris veterans, who have been using SunOS 5.x since 1992.)


    • Oracle Solaris 11.4 Officially Released
      Two years after Solaris 11.3 and Oracle opting for a "continuous delivery" model of 11.next updates instead of a "Solaris 12", Solaris 11.4 is out the door today.

      Oracle is talking up Solaris 11.4 with its general availability release as "the trusted business platform", "consistent compatibility, is simple to use and is designed to always be secure", "more than 3,000 applications certified to run on it", and "the only operating system that has completed UNIX V7 certification."




  • Pseudo-Open Source (Openwashing)



    • No lasers or Linux hacks, but Better Call Saul remains one of TV’s techiest shows [Ed: Conde Nast throws terms like "Linux hacks" into headlines that have nothing to do with Linux. Knowing that many people associate "hacks" with malice...]
    • Open Source Components Save Time but Need to be Closely Monitored [Ed: Proprietary software also needs to be closely monitored, but I understand that some rather parasitic firms -- some connected closely to Microsoft -- create a stigma to sell their blobs. Zev Brodsky from WhiteSource, which works with Microsoft, is attacking FOSS here, as usual.]
    • Opening Doors to Collaboration with Open Source Projects [Ed: Here we have the Linux Foundation once again propping up Microsoft; this is the company currently investigated by DoJ for corruption and bribery. If the Linux Foundation was a wild animal, it would not survive very long. It’s putting its head inside the lion’s mouth, expecting the lion to lick it instead of biting it. Or maybe the Linux Foundation no longer pursues the success of Linux but instead just wants to get as much money and influence as possible...]




  • BSD



    • OBSD.ams : The setup

      For all the people who want to know what our setup looks like. Below is a write-up of our setup and configuration. There aren't any packages installed on the servers running the Virtual Machines.





  • FSF/FSFE/GNU/SFLC



    • bison-3.1 released [stable]
      We are very happy to announce the release of GNU Bison 3.1. It introduces new features such as typed midrule actions, brings improvements in the diagnostics, fixes several bugs and portability issues, improves the examples, and more.




  • Licensing/Legal



    • GPL Violations Cost Creality a US Distributor
      One of the core tenets of free and open source software licenses is that you’re being provided source code for a project with the hope that you’ll “pay it forward” if and when you utilize that code. In fact some licenses, such as the GNU Public License (GPL), require that you keep the source code for subsequent spin-offs or forks open. These are known as viral licenses, and the hope is that they will help spread the use of open source as derivative works can’t turn around and refuse to release their source code.


    • Sign up for the FSF's next seminar on GPL Enforcement and Legal Ethics
      The Free Software Foundation (FSF) is the recognized canonical source on best practices for the use of GNU licenses. As stewards of the GNU family of licenses, we provide a wide variety of resources for helping developers and lawyers alike to improve their understanding of software freedom. In addition to published resources, we also routinely provide in-person instruction in the form of continuing legal education seminars. The FSF is proud to announce again that we are offering a seminar to take place on the west coast on September 27th.


    • Open-source licensing war: Commons Clause
      Most people wouldn't know an open-source license from their driver's license. For those who work with open-source software, it's a different story. Open-source license fights can be vicious, cost serious coin, and determine the fate of multi-million dollar companies. So, when Redis Labs added a new license clause, Commons Clause, on top of Redis, an open-source, BSD licensed, in-memory data structure store, all hell broke loose.

      Why? First, you need to understand that while you may never have heard of Redis, it's a big deal. It enables real-time applications such as advertising, gaming financial services, and IoT to work at speed. That's because it can deliver sub-millisecond response times to millions of requests per second.

      But Redis Labs has been unsuccessful in monetizing Redis, or at least not as successful as they'd like. Their executives were discovering, like the far more well-known Docker, that having a great open-source technology did not mean you'd be making millions. Redis' solution was to embrace Commons Clause.




  • Programming/Development



    • Stop! Don't blindly take that coding challenge.

      If we can collectively reject awful hiring practices, we all win. Employers already have most of the power in this relationship, so we need to band together and consider how each of our individual actions affect the community as a whole.

      € 

      Don't ever do a code test before speaking with an engineer on the team. You have the power to stop employers from lazily looking at your "hacker rank" or some other arbitrarily defined score. If you want to be treated like a human being, just stop doing things that put you in a box and force you to be seen as a number.

      € 

      You have the power. You can do this.



    • Is “C Programming language” Still Worth Learning in 2018?
      C has been an evergreen language and played a prominent role for most of the system developments that took place in the last few decades. C programming was originally developed by Dennis Ritchie between 1969 and 1973 at Bell Labs and was made for general-purpose, imperative computer programming, that supported structured programming, lexical variable, scope, and recursion etc.

      Today, we have lots of programming languages to choose and learn but as a beginner, everybody has a question “Which programming language should I learn first?” and most of the answers that we get on the internet or through suggestions are “C”. In this article, we’ll try to find out if C Programming is still worth learning in 2018. If yes then why?


    • This Week in Rust 249
      This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.


    • Add GUIs to your programs and scripts easily with PySimpleGUI
      Few people run Python programs by double-clicking the .py file as if it were a .exe file. When a typical user (non-programmer types) double-clicks an .exe file, they expect it to pop open with a window they can interact with. While GUIs, using tkinter, are possible using standard Python installations, it's unlikely many programs do this.

      What if it were so easy to open a Python program into a GUI that complete beginners could do it? Would anyone care? Would anyone use it? It's difficult to answer because to date it's not been easy to build a custom GUI.

      There seems to be a gap in the ability to add a GUI onto a Python program/script. Complete beginners are left using only the command line and many advanced programmers don't want to take the time required to code up a tkinter GUI.
    • Containers in Perl 6
      In the first article in this series comparing Perl 5 to Perl 6, we looked into some of the issues you might encounter when migrating code into Perl 6. In the second article, we examined how garbage collection works in Perl 6. Here, in the third article, we'll focus on Perl 5's references and how they're handled in Perl 6, and introduce the concepts of binding and containers.






Leftovers



  • Health/Nutrition

    • What is the stance on plain packaging across Asia?
      IP practitioners are concerned that the WTO ruling on plain packaging encroaches on IP rights and could spell trouble for other industries


    • Brexit no-deal could send cigarette packaging up in flames
      The UK government’s Brexit no-deal guidance has raised uncertainty over tobacco plain packaging that uses EU copyrighted images. IP practitioners say the potential disruption to UK cigarette companies will depend on the EU Commission’s attitude to its IP


    • Indonesia, Cuba Do Not Appeal WTO Plain-Packaging Ruling
      The governments of Cuba and Indonesia today chose not to appeal a June ruling at the World Trade Organization that upheld Australia’s law requiring tobacco products sold in the country to be packaged without logos or other trademarked designs. That leaves Honduras and the Dominican Republic alone in their appeals of the decision.

      [...]

      Cuba called the panel’s report “very deceiving,” said it relied on fundamentally non-objective analysis, and that it was structured to reach a predetermined outcome. “In other words,” it said, the report was subjected to “reverse engineering.” Notwithstanding its serious concerns about the report, the country chose not to participate in the next phase. Indonesia reportedly also indicated its displeasure with the ruling but chose not to appeal.

      Australia, for its part, praised the panel for confirming that WTO rules do not inhibit the right of members to “implement legitimate, non-discriminatory public health measures.” It also noted the number of other countries which have since adopted their own plain packaging laws, including the United Kingdom, France, Ireland, New Zealand, Hungary and Slovenia. It named others that are currently working to adopt such measures, including Canada, Uruguay, Singapore, Belgium and Chile.

      Canada, a third party to the case, applauded the panel’s decision, saying it reflects a “careful balance struck between rights and obligations to facilitate trade and a Member’s right to take legitimate public health measures.” Canada confirmed it is currently working to adopt plain packaging measures.




  • Security



    • Kali Linux 2018.3 Release


      Another edition of Hacker Summer Camp has come and gone. We had a great time meeting our users, new and old, particularly at our Black Hat and DEF CON Dojos, which were led by our great friend @ihackstuff and the rest of the Offensive Security crew. Now that everyone is back home, it’s time for our third Kali release of 2018, which is available for immediate download.

      Kali 2018.3 brings the kernel up to version 4.17.0 and while 4.17.0 did not introduce many changes, 4.16.0 had a huge number of additions and improvements including more Spectre and Meltdown fixes, improved power management, and better GPU support.


    • Kali Linux 2018.3 Ethical Hacking OS Adds iOS Research, Penetration Testing Tool
      Offensive Security announced today the release of Kali Linux 2018.3, a new snapshot of the Debian-based ethical hacking and penetration testing operating system formerly known as BackTrack Linux that brings updated components and several new tools.

      Powered by the Linux 4.17 kernel series, Kali Linux 2018.3 adds more fixes for the latest Spectre and Meltdown security vulnerabilities, better power management, improved GPU support, and lots of updated hacking and penetration testing tools, including Aircrack-ng, Burp Suite, OpenVAS, Wifite, and WPScan. A full changelog with all the fixes and updates is available here.https://bugs.kali.org/changelog_page.php

      "Another edition of Hacker Summer Camp has come and gone. We had a great time meeting our users, new and old, particularly at our Black Hat and DEF CON Dojos," writes the Offensive Security team. "Now that everyone is back home, it’s time for our third Kali release of 2018, which is available for immediate download."
    • Fortnite Installer Vulnerabilities Highlight Mobile App Store Risks
      There are many good reasons why it's often best for organizations looking to deploy or consume Android applications to use the Google Play mobile apps store.

      The discovery of a high-profile flaw in one of the world's most popular games highlights why you should stick to apps in Google Play. Epic Games' Fortnite is played by millions of players around the world on different platforms, including Android. Fortnite, however, isn't available on the Google Play store for Android; rather, Epic Games decided to bypass Google and use a third-party store to deliver its game. That fact, however, didn't stop Google from discovering a serious vulnerability that was publicly disclosed on Aug. 25.


    • Command Injection Vulnerability found in WordPress Plainview Activity Monitor v20161228 and Prior
      A command injection vulnerability has been found in the renowned personal blogging and website creation management platform: WordPress. The vulnerability is found to exist in the Plainview Activity Monitor WordPress Plugin component, and it has been assigned a CVE identifier of CVE-2018-15877.


    • Reproducible Builds: Weekly report #174
    • Latest Mirai variant leverages open source project for cross platform infections [Ed: Actually, it leverages bad devices where the passwords and usernames are both uniform, the same, among other issues]


    • Bubblewrap Security Feature Will Be Removed From Ubuntu and CentOS
      Ubuntu and CentOS are disabling a security feature which was added to the GNOME Desktop environment last year. The Security feature named Bubblewrap creates a sandbox environment that secures GNOME’s thumbnail parsers.

      Thumbnail parsers are the scripts that read files inside a folder and create a thumbnail image that can be used with the GNOME, KDE and different Linux Desktop Environments. The operation takes place whenever the user navigates to directories within the OS where there is a need to display thumbnail images.


    • Security updates for Tuesday


    • DLL Injection and Code Execution Vulnerability in v54.5.90 lets Hackers spread Malware


    • Back to School Essentials for Security
      Going back to school? This is a perfect time for a digital security refresh to ensure the privacy of you and your friends is protected!

      It’s a good time to change your passwords. The best practice is to have passwords that are unique, long, and random. In order to keep track of these unique, long and random passwords, consider downloading a password manager.

      As a great additional measure: You can add login notifications to your accounts, so that you can monitor logins from devices you don’t recognize.

      If you’re a regular user of a public computer, like at the school library or lab, keep in mind that public computers can remember information from your logins. Adding two factor authentication to your accounts is a great way to bolster your security. Adding a second factor in addition to your unique, long, and random password makes it much harder for someone else to access your account. There are many types of two factor authentication, including SMS text messages, apps like Authenticator, or hardware tokens like Yubikey.


    • Security reviews and microservices


      Humans don’t scale, not even linearly. In fact adding more humans probably results in worse performance. If you need to review a thousand services you will need an incredible number of people, and anytime people are involved there are going to be a lot of mistakes made. There is no secret option three where we just staff up to get this done. Staffing up probably just means you now have two problems instead of one.

      Automation is the only plausible solution.


    • WhatsApp Vulnerable to Memory Corruption and DoS Crash with Crafted Message in v2.18.61
      WhatsApp is not new to memory corruption vulnerabilities. After a series of infamous and chronically frustrating special character message circulations which would cause the application to crash fiercely until the troublesome message was deleted (note that deleting the message was a feat immensely difficult to accomplish as the application would crash repeatedly and not launch properly in the first place to allow you to delete the message), there is now another such crafted message which is lending itself to a memory corruption vulnerability in the popular instant messaging social media platform.

      The new-found Memory corruption vulnerability has been found to affect the iPhones 5, 6s, and X with iOS 10 and 11.4.1 which was the latest iOS version when the tests were conducted. The vulnerability exists in WhatsApp’s versions 2.18.61 and older on these platforms.




  • Defence/Aggression



    • Skripals – When the BBC Hide the Truth
      On 8 July 2018 a lady named Kirsty Eccles asked what, in its enormous ramifications, historians may one day see as the most important Freedom of Information request ever made. The rest of this post requires extremely close and careful reading, and some thought, for you to understand that claim.


    • [Likely fabricated, see below] Bob Marley Assassination Rumours Surface: Ex-CIA Agent Allegedly Claims His Murder
      A report has many Bob Marley fans tripping. The piece contains quotes from a supposed CIA retiree named Bill Oxley. The 79-year-old is said to have confessed to the assassination of Marley. Oxley was inspired by his mortality to share his secrets from his deathbed.


    • FAKE NEWS ALERT: The CIA did NOT kill Bob Marley
      The report was first posted online by YourNewsWire.com.

      It’s one of the most notorious Fake News websites. For instance, it spread rumours that Hillary Clinton was linked to a paedophile ring.

      Another time, it claimed US authorities were plotting to assassinate Donald Trump.

      The site is registered by Sean Adl-Tabatabai, a former BBC producer who went on to work for the conspiracy theory website of David Icke, who believes the world is controlled by predatory lizards who demand human sacrifice.

      The Bob Marley article is written by Baxter Dmitry, whose other articles include fake claims that the FBI carefully deleted evidence from the Las Vegas shooting, the Pope believes Jesus has turned into Satan, and that Britney Spears had admitted to escaping from the Illuminati.


    • Germany to Shield 9/11 Plotter from CIA Amid Repatriation to Morocco – Report
      Former Al-Qaeda member Mounir al-Motassadeq, convicted of preparing the 2001 terrorist attacks, is to be released after 15 years in a German prison and sent home to Morocco. According to German media he will be taken there on board of a chartered plane in a special operation, as local security services fear that US intelligence may intercept him.

      Forty-four-year-old Mounir el-Motassadeq, imprisoned in Germany for taking part in organizing terror attacks on the US on September 11, 2001, is to be secretly deported to his homeland of Morocco after October 15, the Bild news outlet reported.


    • Ex-CIA Officer: US Intelligence 'Likely Bluffing' About Its Agents in Kremlin
      The New York Times reported on Friday, citing unnamed US intelligence officials, that US sources in the Kremlin who had warned about Russian intervention in the US 2016 presidential election were now remaining silent about any possible Russian plans to intervene in the upcoming congressional elections in November.

      [...]

      The story that had been fed to the New York Times reporters was also probably an attempt to spread disinformation among the Russian security services and authorities, Giraldi advised.

      "It is far more likely that US intelligence officials are trying to pull off a double bluff and convince the Russians that they have agents there in order to set off a fruitless and distracting counter-intelligence search," he said.

      Also, contrary to insinuations in the New York Times article, there was no evidence to indicate that Russia was trying to kill US sources or intelligence agents, Giraldi added.


    • US Intelligence Sources 'Likely Bluffing' About Human Agents In Kremlin - Ex-CIA Officer
      US intelligence officials who told the New York Times they had high level intelligence sources in the Kremlin were probably bluffing to bolster their discredited allegations about Russia interfering in the 2016 US elections, retired CIA case officer Philip Giraldi told Sputnik.

      "Senior US intelligence officers would never so casually and publicly admit they had high-level intelligence sources in the Kremlin," Giraldi said on Monday. "That is the most elementary of procedures."




  • Transparency/Investigative Reporting



  • AstroTurf/Lobbying/Politics



    • ‘Using Media to Create This Idea There’s a Gang on Every Street Corner’
      Janine Jackson: When local and federal law enforcement conducted an early morning raid in the Bronx in May 2016, arresting more than 100 people accused of “gang membership,” tabloids didn’t waste any ink on words like “alleged.” But the New York Times wasn’t less cartoonish: They told readers, “For the last ten years, life in the northern Bronx has largely been defined by wanton violence.” And the Times was no less quick to cheer for this kind of militarized intervention, supposedly aimed at reducing violence. CounterSpin asked writer and organizer Josmar Trujillo for some context.

      Josmar Trujillo: Raids, and gang raids in particular, aren’t new in New York City, or really in the United States. But last Wednesday’s raid, the size of it and the media hype around it, they’re expanding from the last, I’d say, two to three years. And probably even more so since the death of a police officer in my neighborhood, Spanish Harlem, last October. A lot of that had to do with the strategy of the district attorney there, Cy Vance.
    • The President Is a White-Nationalist Mob Boss—and His Base Doesn’t Care
      Diehard Trump supporters represent at most a quarter of the electorate, but dominate media discussions of the president’s standing. They shouldn’t.
    • How Do We Verify Anonymous Sources?
      In the movie “All the President’s Men,” a young Bob Woodward repeatedly goes to a dimly lit parking garage to meet with a man whose face was shrouded by shadows as he dispenses bits of information. That information fuels the Washington Post’s reporting on Watergate and, ultimately, helps lead to the resignation of President Richard Nixon.

      The source was known as “Deep Throat,” and he became perhaps the most famous anonymous source in modern journalism history. But he wasn’t anonymous to Woodward, who near the beginning of the movie calls him from a pay phone hoping he’ll provide information about the break-in at the Democratic National Committee headquarters, located in the Watergate complex.
    • Media Continues Writing Premature Obituaries for the Democratic Left
      Despite these eager obituaries, there were also plenty of wins for insurgent Democrats on August 7. Democratic Socialist and Our Revolution candidate Rashida Tlaib won her primary for the House seat in Michigan’s 13th district; since she is running unopposed in the general election, she will become the first Palestinian-American woman in Congress. James Thompson also won the Democratic nomination in Kansas’s 4th district, and will face Ron Estes in a tough race in a deep-red district. Sarah Smith came in second in Washington’s 9th district top-two primary, and will face incumbent Democrat Adam Smith in the general election. Progressive candidates also earned big wins in a number of state and local races, and Missouri voters overwhelmingly approved a ballot measure to overturn the state’s anti-union right-to-work laws.

      More wins for left-leaning candidates came the following week on August 14. Somali refugee Ilhan Omar, who won her primary in Minnesota’s 5th district, will join Rashida Tlaib to become the first Muslim women to be elected to Congress. Randy Bryce won his primary to run for Paul Ryan’s soon-to-be-vacant seat in Wisconsin’s 1st district. Progressive Jahana Hayes won against Mary Glassman (who was surprisingly supported by a local Our Revolution chapter) in Connecticut’s 5th district, and will likely become the state’s first female African-American Democrat in Congress. Sanders-endorsee Christine Hallquist won the gubernatorial primary in Vermont, becoming the first trans woman nominated for a major political office.

      There were losses as well as wins in the August 14 primary, like Kaniela Saito Ing in Hawaii’s 11th district. Yet the major wins on August 14 made the premature obituaries of Sanders’s candidates look like wishful reporting.




  • Censorship/Free Speech



    • Internet Content Moderation Isn't Politically Biased, It's Just Impossible To Do Well At Scale
      The narrative making the political rounds recently is that the big social media platforms are somehow "biased against conservatives" and deliberately trying to silence them (meanwhile, there are some in the liberal camp who are complaining that sites like Twitter have not killed off certain accounts, arguing -- incorrectly -- that they're now overcompensating in trying to not kick off angry ideologues). This has been a stupid narrative from the beginning, but the refrain on it has only been getting louder and louder, especially as Donald Trump has gone off on one of his ill-informed rants claming that "Social Media Giants are silencing millions of people." Let's be clear: this is all nonsense.

      The real issue -- as we've been trying to explain for quite some time now -- is that basic content moderation at scale is nearly impossible to do well. That doesn't mean sites can't do better, but the failures are not because of some institutional bias. Will Oremus, over at Slate, has a good article up detailing why this narrative is nonsense, and he points to the episode of Radiolab we recently wrote about, that digs deep on how Facebook moderation choices happen, where you quickly begin to get a sense of why it's impossible to do it well. I would add to that a recent piece from Motherboard, accurately titled The Impossible Job: Inside Facebook’s Struggle to Moderate Two Billion People.
    • Event: Amnesty International Hong Kong hosts 8th Human Rights Documentary Film Festival
      The festival will feature six documentaries focusing on five human rights themes: peace and freedom, migrant workers, freedom of speech, civil society, Israeli-Palestinian conflict, democracy, and internet surveillance.

    • When Freedom of Expression Isn't Free: Journalism, Facebook, and Censorship in Bhutan
      On August 6, a Bhutanese journalist was sentenced to three months in prison for libel. The journalist had written a post on her personal Facebook account about a woman mistreating her 6-year-old stepdaughter. The post went viral, the police and other related agencies became involved. There were testimonies made in defense of the journalist by several parties, but the court found them to be “inadmissible.” The court verdict, besides meting out this punishment, asked the journalist to post an “apology statement” addressed to the “victim” – not the child, but the stepmother – on Facebook and to keep it for a month.

      This is the second time a Bhutanese journalist has been dragged to court for defamation via Facebook. I was the other journalist, the first to be the defendant of such a defamation suit in the country in 2016. The case, which involved a property dispute, received international attention and was considered important for freedom of expression in Bhutan. I would have been sentenced to three years in prison for libel had the case not been withdrawn at the end of the trial by the plaintiff. I did not see the end as having been a victory for me. There was no judgment in favor of a constitutional right.

      The Constitution of Bhutan guarantees every Bhutanese the fundamental right to free speech, opinion, and expression. But there are many ways in which this is curtailed. For instance, civil servants are “gagged” by the Bhutan Civil Service Rules and Regulations, a section of which, called Civil Service Core Values, states: “A civil servant shall not criticise his agency and the Royal Government.”
    • When the news media is news: A new book details censorship and self-censorship in the Chávez regime
      Since Hugo Chávez became President of Venezuela in 1999, approximately 21 journalists have been attacked every year; others lost their jobs, or were murdered. The escalation of violence against the press was because of the implementation of a systematic policy of harassment of freedom of expression that ended up framing the press as the main enemy of the revolution.

      [...]

      Which media organizations supported Chávez’s candidacy and his rise to power? Which channel was the first to make the decision to split the screen between government programming and their own content during the coup d’état attempt on April 11, 2002? Who was behind the departure of Teodoro Petkoff from El Mundo? The book answers these questions, and many more.
    • Defending the Digital Commons: A Left-Libertarian Critique of Speech and Censorship in the Virtual Public Square


      Is it now progressive to argue that essential liberties and rights should yield to private corporate power? I ask because the notion that the freedom to transmit and receive information is properly limited on the grounds that businesses profit from the control of ideas has always struck me as a rightwing position: liberty exists beyond the government—or in spite of it. In the rightwing view, the government is not something that should necessarily defend the civil rights of individuals in all circumstances, but something that, in its neutrality, perpetuates the privileges of elites as a class. Yet an argument has emerged on the left appealing to the supposed right of private corporations to legally censor speech as justification for suppressing objectionable expressions and opinions.

      The case that prompts this essay is the suppression of Alex Jones and InfoWars (its podcasts, webcasts, etc.), a fringe media outfit with a rightwing bent and an aggressive edge, by several large social media platforms—including Facebook, YouTube, Apple, and Spotify—for violating their policies against “glorifying violence” and “hate speech.” Jones is notorious for promoting what are popularly called “conspiracy theories,” such as the claim that the terrorist attack on the United States on September 11, 2001 was a false flag operation designed to bring the population under greater government control. Although Facebook, for example, has been aggressively censoring pages and posts for more than a decade, Jones’ infamy has drawn attention to the practice. “Glorifying violence,” Facebook explains in a statement released to the media, “violates our graphic violence policy.” “Hate speech” is evidenced by “dehumanizing language to describe people who are transgender, Muslims and immigrants.”
    • Facebook Censorship, Mad Ben Nimmo and the Atlantic Council
      Facebook has deleted all of my posts from July 2017 to last week because I am, apparently, a Russian Bot. For a while I could not add any new posts either, but we recently found a way around that, at least for now. To those of you tempted to say “So what?”, I would point out that over two thirds of visitors to my website arrive via my posting of the articles to Facebook and Twitter. Social media outlets like this blog, which offer an alternative to MSM propaganda, are hugely at the mercy of these corporate gatekeepers.

      Facebook’s plunge into censorship is completely open and admitted, as is the fact it is operated for Facebook by the Atlantic Council – the extreme neo-con group part funded by NATO and whose board includes serial war criminal Henry Kissinger, Former CIA Heads Michael Hayden and Michael Morrell, and George Bush’s chief of Homeland Security Michael Chertoff, among a whole list of horrors.

      The staff are worse than the Board. Their lead expert on Russian bot detection is an obsessed nutter named Ben Nimmo, whose fragile grip on reality has been completely broken by his elevation to be the internet’s Witchfinder-General. Nimmo, grandly titled “Senior Fellow for Information Defense at the Atlantic Council’s Digital Forensic Research Lab”, is the go-to man for Establishment rubbishing of citizen journalists, and as with Joseph McCarthy or Matthew Clarke, one day society will sufficiently recover its balance for it to be generally acknowledged that this kind of witch-hunt nonsense was not just an aberration, but a manifestation of the evil it claimed to fight.

      There is no Establishment cause Nimmo will not aid by labeling its opponents as Bots. This from the Herald newspaper two days ago, where Nimmo uncovers the secret web of Scottish Nationalist bots that dominate the internet, and had the temerity to question the stitch-up of Alex Salmond.


    • Billionaire Steve Wynn, Who Once Tried To Kill Nevada's Anti-SLAPP Law, Loses Defamation Case Under That Law
      Back in 2015, we wrote about some apparent backroom dealing in Nevada, in which the legislature seemed poised to get rid of that state's very good and thorough anti-SLAPP law. As a reminder, anti-SLAPP laws are designed to stop an unfortunately common practice of wealthy individuals and companies from suing critics and reporters for defamation, even though the defamation cases themselves had no chance. The plaintiffs knew that merely dragging the defendant to court would be costly in terms of time, money and general stress. Anti-SLAPP laws were a way to deal with that unfortunately common practice usually by (1) putting the immediate burden on the plaintiff to show a likelihood of success and then dismissing the case quickly if they fail to do so, (2) halting the expensive and time-consuming discovery process, and (3) often making the plaintiffs pay the defendants' legal fees. The idea is that this is a deterrent to frivolous lawsuits, while leaving legitimate defamation lawsuits unharmed. As we've pointed out for years, unfortunately, only about half of the states have such anti-SLAPP laws, of varying quality, and there is still no federal anti-SLAPP law.

      In 2013, Nevada passed one of the best anti-SLAPP laws in the country. But, by 2015, there was an effort underway to throw it out. Nevada-based lawyer, Marc Randazza, pointed out that it appeared that billionaire Steve Wynn was a driving force behind the effort to kill Nevada's anti-SLAPP law, perhaps in response to having recently lost a defamation lawsuit in California, thanks to California's own anti-SLAPP law. Thankfully, that effort failed.


    • Conservatives: Stop Crying Wolf On Tech Bias Or No One Will Ever Take You Seriously


      Aha! A big tech company caught red handed pushing its progressive agenda. Well...not so fast. Rather than uncovering compelling evidence of bias, this article's author and its promoters merely reveal their ignorance of how search engines work.

      First, the author seems to conflate Google Search and Google News, two products which use different algorithms and serve different functions. Google News is a searchable news aggregator and app (with some overt editorial functions), whereas Google Search tries to give users the most useful and relevant information in response to a query.

      In order to determine what constitutes a relevant and useful result, search engines use complex algorithms to rank the quality of different pages based on a variety of signals such as keywords, authoritativeness, freshness or site architecture. A big part of this quality determination is based on outside links to a site – an idea going back to Larry Page and Sergey Brin's work at Stanford in the late 1990s that culminated in the creation of the PageRank algorithm.

      Page and Brin realized that incoming links to a site served as a proxy for quality markers like authoritativeness, trustworthiness and popularity. Today, Google Search is much more complex, utilizing complex machine-learning functions like RankBrain and an evolving set of algorithms with names like Hummingbird, Panda, Penguin and Pigeon. However, incoming links are still a key factor. Additionally, while Google uses manual quality raters to test new algorithm changes, they do not use them on live search results.


    • Donald Trump: “Rigged” Google Search Is Hiding Positive News About Me
      Fake news and manipulated content are rapidly becoming prevalent in our daily life. While many common people have been subjected to appalling abuse and digital misinformation, the USA President himself has claimed to have become a target of “bad stories.” And this time, he has blamed Google. Look at the tweets and see it for yourself.


    • How To Get Your Dissident Ideas Heard In The New Media Environment
      I often say that my long-term goal here is to become obsolete so that I can focus on making art and poetry. Ideally this will look like our society shifting to a mode of operation that is so healthy that there is no longer any demand for an Australian political blogger who points out the fact that it’s wrong to manipulate public thought with mass media and drop explosives on children, but I’ll also settle for a world in which there are enough people doing this sort of thing that I’m no longer wanted or needed in this role.




  • Privacy/Surveillance



    • Fugitive Fraudster Who Demanded Half Of Facebook Arrested After Three Years On The Run
      It's been a while since we last wrote about Paul Ceglia. If you don't recall, way back in 2010, Ceglia suddenly claimed that years earlier, he had hired Mark Zuckerberg to do some software development, and bizarrely (and literally unbelievably), that part of the contract for Zuck to work on Ceglia's project... was an agreement to hand over 50% of Facebook, which didn't even exist yet. Making it more ridiculous, Ceglia then claimed some weird interest amounts, and therefore was demanding ownership of 84% of Facebook. The whole thing was nonsensical, and while Zuckerberg admitted he had done some work for Ceglia prior to starting Facebook, nothing about the supposed contract made any sense at all. Beyond the bizarre nature of the contract Ceglia claimed he had with Zuckerberg, it quickly became clear that other evidence Ceglia presented, including purported emails, didn't look real.
    • Trust Us, We’re Secretly Working for a Foreign Government: How Australia’s Proposed Surveillance Laws Will Break The Trust Tech Depends On
      In the last few years, we’ve discovered just how much trust — whether we like it or not — we have all been obliged to place in modern technology. Third-party software, of unknown composition and security, runs on everything around us: from the phones we carry around, to the smart devices with microphones and cameras in our homes and offices, to voting machines, to critical infrastructure. The insecurity of much of that technology, and increasingly discomforting motives of the tech giants that control it from afar, has rightly shaken many of us.

      But latest challenge to our collective security comes not from Facebook or Google or Russian hackers or Cambridge Analytica: it comes from the Australian government. Their new proposed “Access and Assistance” bill would require the operators of all of that technology to comply with broad and secret government orders, free from liability, and hidden from independent oversight. Software could be rewritten to spy on end-users; websites re-engineered to deliver spyware. Our technology would have to serve two masters: their customers, and what a broad array of Australian government departments decides are the “interests of Australia’s national security.” Australia would not be the last to demand these powers: a long line of countries are waiting to demand the same kind of “assistance.”

      In fact, Australia is not the first nation to think of granting itself such powers, even in the West. In 2016, the British government took advantage of the country’s political chaos at the time to push through, largely untouched, the first post-Snowden law that expanded not contracted Western domestic spying powers. At the time, EFF warned of its dangers —- particularly orders called “technical capability notices”, which could allow the UK to demand modifications to tech companies’ hardware, software, and services to deliver spyware or place backdoors in secure communications systems. These notices would remain secret from the public.


    • Ron Wyden Wants The DOJ To Provide Answers On Stingray Devices' Disruption Of Emergency Call Service
      The FBI has admitted -- albeit not that publicly -- that Stingray devices disrupt phone service. Spoofing a cell tower has negative effects on innocent phone users as the device plays man-in-the-middle while trying to locate the targeted device. An unsealed document from a criminal prosecution and assertions made in warrant affidavits alleging "minimal" disruption are all we have to go on, at least in terms of official statements.

      Supposedly, Stingrays are supposed to allow 911 service to continue uninterrupted. But it's hard to square that with the fact every phone in the device's range is forced to connect to the Stingray first before being allowed to connect with a real cell tower. In some cases, the device might force every phone in range to drop to a 2G connection. This may still allow 911 calls to take place, but almost any other form of communication will be impossible as long as the Stingray is in use.

      Ron Wyden's staff technologist, Chris Soghoian (formerly of the ACLU), will be fielding answers from the DOJ and FBI about 911 service disruptions, if those answers ever arrive. Wyden's office has sent a letter [PDF] demanding to know the extent of cell service disruption when Stingrays are deployed. And he'd also like to know if these agencies are being honest about the negative side effects when agents seek warrants.


    • Sen. Wyden Confirms Cell-Site Simulators Disrupt Emergency Calls


      It is striking, but unfortunately not surprising, that law enforcement has been allowed to use these technologies and has continued to use them despite the significant and undisclosed risk to public safety posed by disabling 911 service, not to mention the myriad privacy concerns related to CSS use. What’s more, a cell-site simulator wouldn’t just disrupt service for the specific person or persons being tracked but would likely disrupt service for every mobile device in the area as it tricks every phone in the area into connecting to the fake base station in search of the target phone. This could be especially dangerous during a natural disaster when IMSI catchers are being used to locate missing persons in damaged buildings or other infrastructure, cutting off 911 service at a time like that could be a grave danger to others trapped in dangerous situations.

      Harris Corporation claims that they have the ability to detect and deliver calls to 911, but they admit that this feature hasn’t been tested. Put bluntly, there is no way for the public or policy makers to know if this technology works as intended. Thanks to the onerous non-disclosure agreements that customers of Harris Corp and other CSS vendors’ customers have regularly been required to enter into there is very little public information about how CSS work and what their capabilities are. Even if a security researcher did audit a CSS, the results would be unlikely to ever see the light of day.

      Furthermore, even if Harris’ technology works the way they claim it does, they are far from the only manufacturer of CSS devices. There are several other companies that manufacture such technology and we know even less about the workings of their technologies or whether they have any protections against blocking 911 calls. Cell-site simulators are now easy to acquire or build, with homemade devices costing less than $1000 in parts. Criminals, spies, and anyone else with malicious intent could easily build a CSS specifically to disrupt phone service, or use it without caring whether it disrupts 911 service.




  • Civil Rights/Policing



    • American Muslim Challenges Warrantless Border Device Search From An Unexpected Legal Angle
      This motion is normally used in criminal cases to argue for the return of property seized by the government. Lazoja was never accused of a crime, nor was she given any justification for the phone search. Her phone was returned to her intact 130 days[!] after it was seized, so she technically has her property back already. But with the help of the Council on American-Islamic Relations (last seen challenging the TSA's suspicionless surveillance program "Quiet Skies"), Lazoja is hoping to force the federal government to delete any of her data it still has in its possession.

      The motion [PDF] details Lazoja's experience with US customs officials, who took her into a room and demanded she unlock her phone for them. She refused, so the CBP seized it, giving her a receipt for her phone and sent her on her way without her personal property. Lazoja alleges a number of Constitutional violations and cites recent phone-related Supreme Court decisions, but it's unlikely these arguments will be availing, what with the courts' deference to the government's assertions that border security trumps individual rights.


    • Suspected CIA black site in Thailand to become tourist destination
      Not many tourist attractions promote themselves by saying “there’s nothing to see here”. But the Ramasun Camp Historical Museum in north-eastern Thailand isn’t your average destination: it’s among the locations suspected of hosting a CIA black site and secret torture prison.


    • CIA 'black site' in Thailand where terrorists linked to 9/11 and the Bali bombings 'were waterboarded and tortured' opens to tourists


    • More Than 60 Years After His Brutal Murder, Emmett Till Deserves Justice
      The Justice Department has reopened the Emmett Till case at a time when we’re constantly reminded of how much racial injustice persists in the US.

      Sixty-three years ago, Mamie Elizabeth Till-Mobley made the unbearably painful decision to have an open coffin funeral for her 14-year-old son Emmett. On Aug. 28, 1955, Emmett was tortured and murdered by white men in Mississippi for allegedly acting disrespectfully toward a white woman.

      The sight of Emmett’s body, mutilated beyond recognition, spread throughout the world in photographs published in Jet Magazine and other outlets. The shocking sight so outraged people in the United States and in other countries that it helped spark the civil rights movement of the 1950s and 60s. That outrage did nothing to assure accountability for Till’s death — no one was ever found guilty in spite of confessions in Look Magazine by one of the murderers.

      In July, the United States Department of Justice announced that an investigation of Emmett Till’s lynching will be reopened. Skepticism about the motives of the administration and the fact that such an investigation is decades late does not change the fact that a new, credible investigation is sorely needed as a necessary examination of the inexcusable racism that existed in 1955 and, sadly, persists today.

      Till’s murder was not the aberrational act of two men whose behavior fell outside of the norms of society. It was instead just one of a long series of examples of racial violence perpetrated in the name of preserving white supremacy and protecting white women from black men. Given the accusation that Till had wolf-whistled at the white wife of one of the murderers, it was not surprising that violence would result in 1955 Mississippi. Nor was it a surprise that an all-white, all-male jury would refuse to hold the white defendants responsible for the murder despite clear and convincing evidence of their guilt.


    • FBI, Border Patrol Bypass Hate Groups As Leading Perpetrators Of Anti-Muslim Incidents
      The Council on American-Islamic Relations filed suit on August 8 against Customs and Border Protection, the Federal Bureau of Investigation, and other federal agencies, which it accuses of creating “a kind of second-class citizenship” for American Muslims.

      The lawsuit argues these agencies use an interagency watchlisting system that separates American Muslims from their children, denies them employment opportunities, prevents them from traveling by air, and rejects or delays their immigration benefits.

      CAIR’s challenge comes months after an annual report on the status of civil rights for Muslims in the United States, which found more Islamophobic episodes were instigated by federal agencies than either hate groups or individual bigots.

      The report, based on complaints made to or investigated by CAIR, found the number of anti-Muslim incidents rose 17 percent between 2016 and 2017. It described some of the personal experiences of discrimination.
    • Embattled Garbage Hauler Co-Owns Dump With Person Expelled From Trash Industry, Records Show
      On Friday, the agency that oversees New York City’s commercial trash industry suspended the license of Sanitation Salvage, saying the Bronx company posed an “imminent danger to life and property” after two fatal accidents and a spate of other collisions. The agency outlined a pattern of unsafe practices including unlicensed vehicle operators, drivers working excessive hours and high rates of failed safety inspections for Sanitation Salvage trucks.

      But a ProPublica review of records shows that the oversight agency may have overlooked another potential impropriety hiding in plain sight: The owners of Sanitation Salvage are co-owners of a Bronx garbage dump with a person who was expelled from New York City’s commercial trash industry years ago.

      State and city records show that the Squitieri brothers, who run Sanitation Salvage, jointly own Metropolitan Transfer Station with Rosemarie Isabella, who was a principal of Isabella City Carting. In 2013, the Business Integrity Commission, or BIC, the city agency charged with oversight of private trash companies, revoked Isabella City Carting’s license, citing its long and troubled history in the mob-controlled industry and the fact that the company’s barred founder was still actively collecting payments from its clients.
    • Protest Song Of The Week: ‘Move Along’ By Sihasin
      Several hundred immigrant children remain in the custody of the United States government, separated from their parents. Attorney General Jeff Sessions and the Justice Department have escalated the war on immigrants by deciding domestic violence and gang violence are no reason to grant individuals asylum. The family of a child that died shortly after she was released from the custody of Immigration and Customs Enforcement filed a $40 million lawsuit.

      To challenge the anti-immigrant policies of the government under President Donald Trump, a collective of artists compiled songs for an album called “Never Illegal.”

      “Never Illegal” is a “collective statement from artists across the U.S. that we are better than the events that are taking place at the Mexican border. No human being is never illegal, and no child should ever be separated from their loving parents,” the album’s Bandcamp page states.




  • Internet Policy/Net Neutrality



    • When ISPs Tell Seniors Net Neutrality Laws Will Increase Their Bills, They’re Lying and Losing
      The fight to secure net neutrality protections for Californians keeps showing how far ISPs and their surrogates will go to make a buck off of ending the free and open Internet. The latest maneuver is a flood of deceptive robocalls targeting seniors and stating that net neutrality will raise their cell phone bills by $30 a month and slow down the Internet. It’s not just a lie, it’s proof that you’ve successfully put them on the defensive by contacting your representatives about net neutrality.

      The robocalls don’t mention net neutrality by name. Instead, they simply assert that S.B. 822 will raise their bills and slow down their Internet. If ISPs decided to make this true by coordinating to raise prices in reaction to net neutrality legislation it would probably be illegal under federal antitrust law. There is no evidence that says net neutrality harms ISPs to the point where they must raise prices to make money. In fact, the evidence says the exact opposite. The fact that this is even possible reveals that we seriously lack sufficient competition in the wireless market. Such intentional misrepresentations demonstrate the extent major ISPs oppose any legal requirements to keep the Internet free and open, even after it has been discovered that they would go so far as to upsell public safety during an emergency in California.

      The thing is, we know that none of these large companies is operating on so small a margin that complying with net neutrality would “force” them to raise their prices. We also know net neutrality rules have never raised their operational costs. We know these things because the evidence is already publicly available.


    • Verizon couldn't have restricted Santa Clara County's internet service during the fires under net neutrality
      Federal Communications Commission Chairman Ajit Pai and his staff are fond of taking to Twitter to assert that, in the just over two months since the repeal of the FCC’s 2015 network neutrality rules took effect, the “Internet remains free and open” — and that opponents’ concerns that unconstrained broadband providers will act in a way that harms consumers and competition are overblown. The 2015 rules prohibited broadband providers like Verizon, Comcast and AT&T from picking winners and losers by blocking, throttling or otherwise discriminating against or favoring certain Internet traffic.


    • Don't Hold Your Breath Waiting For The FCC, FTC To Punish Verizon For Screwing Firefighters
      We've noted how the telecom industry been having great success in the Trump era eliminating FCC, FTC, and state authority over telecom monopolies. The underlying industry justification is that gutting consumer protections will somehow magically improve competition and spur investment by regional telecom monopolies, a decades-old claim that has never been true, and yet somehow never dies. In reality, when you kill regulatory oversight of natural monopolies (without shoring up the underlying competition issues beneath), the problem only tends to get worse. It's something you probably noticed if you've had any interactions with Comcast lately.

      Last week the perils in this particular course of action were laid bare when Verizon was busted first throttling and then trying to upsell first responders while they were trying to combat wildfires in California. Gigi Sohn, one of the ex-FCC staffers that helped craft the rules, did a good job pointing out how the FCC's "Restoring Internet Freedom" order didn't just kill net neutrality,




  • DRM



    • Denuvo Announces Plan To Fail To Combat Online Game Cheaters After Failing To Stop Piracy With Its DRM


      On the one hand, look, cheaters in online games suck out loud. These cheaters break the online gaming experience for all the non-cheaters out there. Perhaps more importantly, anti-cheating software is going to become a very real market ripe to be exploited, given the explosive growth in competitive online eSports and online gaming in general. If any company or group of companies could manage to end this infestation for gamers, they'd deserve a hero's parade.

      On the other hand: this is Denuvo. Few companies have rivaled Denuvo's boisterous claims and posture coupled with the failure of its product. It would be very easy to change out the references to anti-cheating software in the Irdeto quote above and replace them with references to Denuvo's DRM and map that onto how Denuvo talked about its DRM product but a few years ago. Same promises, different product. I can only assume that anyone partnering with Irdeto for Denuvo anti-cheating software are basing that decision more on the reputation of Irdeto than Denuvo.




  • Intellectual Monopolies



    • Brazil’s patent backlog may resolve without fast-track procedure
      Forces against Brazil’s patent system may have killed the proposal to fast-track pending applications, but examiners’ individual productivity could solve the backlog in the long term


    • Trademarks



      • Tai Chi Tea: Beware of TM Infringement


        A difficulty here is that Zheng Cai represented himself pro se and did not exactly follow either TTAB or Federal Circuit procedure. In particular, Cai presented a set of factual assertions and images in his brief, but did not follow the particular brief filing rules. Because of the procedural failure, the TTAB refused to consider the materials presented — finding that Mr. Cai “introduced no evidence.” As Manafort can attest — it is difficult to win a case without presenting any evidence.




    • Copyrights



      • Honest Government Ads Takes On EU Parliament's Plan To Censor The Internet With Article 13


        If you're in the EU and this kind of clueless, dangerous regulating concerns you, speak out now. If you're not in the EU, it still helps to speak out about this. Contact the EU Parliament or just spread the word so that others know just how much damage the EU may do to the internet if this moves forward.


      • How The EU May Be About To Kill The Public Domain: Copyright Filters Takedown Beethoven
        Over in the EU Parliament, they're getting ready to vote yet again on the absolutely terrible Copyright Directive, which has serious problems for the future of the internet, including Article 13's mandatory censorship filters and Article 11's link tax. Regrading the mandatory filters, German music professor Ulrich Kaiser, has written about a a very disturbing experiment he ran on YouTube, in which he kept having public domain music he had uploaded for his students get taken down by ContentID copyright claims.
      • Save the date: CC Global Summit is happening May 9-11 in Lisbon!
        Since 2015, the CC Summit has nearly doubled in size. We’ve lined up two great venues to host this international event. Workshops, talks, planning sessions, and small group sessions will be held in Museu do Oriente, a vibrant new museum in a refurbished industrial building on the Alcântara Waterfront. Our keynotes and our Friday night party will be held at Cineteatro Capitólio, a major Art Deco cultural landmark that recently reopened its doors. The event will be co-hosted by CC and CC Portugal, and we owe tremendous gratitude to the CC Portugal team for their insight and assistance. We also want to congratulate and thank Teresa Nobre and Timothy Vollmer, our Program Committee Chairs, for stepping up to lead our community planning.
      • US Copyright Office Review Board denies UEFA copyright protection over Starball logo
        Although the World Cup is over, this Kat can’t keep his mind off thinking about MORE football … or soccer (as Americans call it).

        In 2016, the Union des Associations Européennes de Footbal (UEFA) filed an application with the US Copyright Office to have the famous Starball logo registered as a copyright work of two-dimensional visual art. The Starball logo is composed of a round ball, made up of black stars, with white polygons in the negative space between the stars. The shapes are arranged into a circular space, with the outer stars curved to follow the circumference (see below).


      • USTR: Mexico Agrees To Raise IP Enforcement Standards With The US
        Mexico and the United States have reached a preliminary agreement to raise standards of enforcement of intellectual property rights, according to the Office of the US Trade Representative (USTR). Among the terms, the agreement appears to toughen requirements for internet service providers in protecting against copyright theft and extend copyright terms, and might make it harder for Mexico to agree elsewhere to strengthen its protection of geographical indications.


      • US Trade Rep Appears To Misreport Its Own Trade Agreement To Include Copyright Extension
        Soooooooo, you've probably heard the news on Monday about how the Trump adminstration had struck a preliminary trade agreement with Mexico to replace NAFTA. Most of the attention over the deal has to do with the lack of Canada being a part of it, with Mexico making it clear it still thought that this was a new deal with both the US and Canada and President Trump repeatedly acting as if this deal was a "take it or leave it" deal for Canada, and if they left it, it would just be US and Mexico.

        There will, of course, be plenty of time to dig into the details of what's in the actual agreement, but on stuff that matters to us, it already looks bizarre. The USTR put out a "fact sheet" about the intellectual property part of the agreement and it's causing quite a bit of consternation. In particular, it claims that copyright will be extended to life+75 years. Literally no one has been asking for this. While the movie and recording industries have pushed to extend copyrights in the past, this time around, they more or less acknowledged that it was a bridge too far to keep extending copyrights this long, and some have even expressed a willingness to shorten copyright terms.

        But there's been a lot of confusion about what the "life+75 years" even means here -- and it now seems quite likely that the USTR simply misunderstood its own agreement (yes, really). Current in the US, for works made for hire or corporate works, copyright lasts 95 years, and for those made by individuals, it's life+70 years. In Mexico, it's been an upward ratchet from life+50 years, to life+75 years, to life+100 years as of 2003. There were some stories that during TPP negotiations, Mexico had pushed for life+100 years in the US as well, but that seemed like a non-starter.

        So why would the USTR give an okay for life+75 years when basically no one in the US is still pushing for such a thing, and in fact seem to be in general agreement that, if anything, the term should go in the other direction? Either the USTR negotiators have no idea what they're doing (possible!), don't realize why this is a big deal (also possible) or are misreporting what's actually in the agreement. It appears the last one is likely. While the USTR told reporters on a call that they absolutely mean extending copyright to life+75 years, after that, USTR representatives started claiming that this is not an extension of copyright, but was merely supposed to be setting the floor on copyright terms of 75 years, not "life plus 75 years," in which case copyright wouldn't change in either country. But, because this administration appears to be so clueless, someone at the USTR may have taken this news and mistakenly claimed it was now life plus 75, rather than a 75 year floor.


      • New Campaign Aims to “Save Music” Ahead of EU Copyright Filter Vote

        In just 15 days' time, MEPs will again vote on the now-controversial copyright proposals of Article 13. The legislation would see platforms such as YouTube compelled to introduce upload filters, to prevent unlicensed content being offered to the public. The new 'Love Music' campaign, supported by powerful industry players, aims to ensure a thumbs-up from MEPs. But the opposition is out, in force









Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024