Bonum Certa Men Certa

Links 11/9/2018: OpenSSL 1.1.1, Alpine Linux 3.8.1, Copyright Fight in EU





GNOME bluefish

Contents





GNU/Linux



  • Desktop



  • Server



    • Difference between Docker swarm and Kubernetes
      When you are on learning curve of application containerization, there will be a stage when you come across orchestration tools for containers. If you have started your learning with Docker then Docker swarm is the first cluster management tool you must have learnt and then Kubernetes. So its time to compare docker swarm and Kubernetes. In this article, we will quickly see what is docker, what is kubernetes and then comparison between the two.


    • Stop Killing Your Cattle: Server Infrastructure Advice


      If you've spent enough time at DevOps conferences, you've heard the phrase "pets versus cattle" used to describe server infrastructure. The idea behind this concept is that traditional infrastructure was built by hand without much automation, and therefore, servers were treated more like special pets—you would do anything you could to keep your pet alive, and you knew it by name because you hand-crafted its configuration. As a result, it would take a lot of effort to create a duplicate server if it ever went down. By contrast, modern DevOps concepts encourage creating "cattle", which means that instead of unique, hand-crafted servers, you use automation tools to build your servers so that no individual server is special—they are all just farm animals—and therefore, if a particular server dies, it's no problem, because you can respawn an exact copy with your automation tools in no time.

      If you want your infrastructure and your team to scale, there's a lot of wisdom in treating servers more like cattle than pets. Unfortunately, there's also a downside to this approach. Some administrators, particularly those that are more junior-level, have extended the concept of disposable servers to the point that it has affected their troubleshooting process. Since servers are disposable, and sysadmins can spawn a replacement so easily, at the first hint of trouble with a particular server or service, these administrators destroy and replace it in hopes that the replacement won't show the problem. Essentially, this is the "reboot the Windows machine" approach IT teams used in the 1990s (and Linux admins sneered at) only applied to the cloud.


    • Running Apache Cassandra on Kubernetes
      The Cassandra controller can, of course, perform operations within the Cassandra cluster. For example, want to scale down your Cassandra cluster? Instead of manipulating the StatefulSet to handle this task, the controller will see the CRD change. The node count will change to a lower number (say from six to five). The controller will get that state change, and it will first run a decommission operation on the Cassandra node that will be removed. This ensures that the Cassandra node stops gracefully and redistributes and rebalances the data it holds across the remaining nodes. Once the Cassandra controller sees this has happened successfully, it will modify that StatefulSet definition to allow Kubernetes to decommission that pod. Thus, the Cassandra controller brings needed intelligence to the Kubernetes environment to run Cassandra properly and ensure smoother operations.

      As we continue this project and iterate on the Cassandra operator, our goal is to add new components that will continue to expand the tool's features and value. A good example is Cassandra SideCar (shown in the diagram above), which can take responsibility for tasks like backups and repairs. Current and future features of the project can be viewed on GitHub. Our goal for the Cassandra operator is to give devs a powerful, open source option for running Cassandra on Kubernetes with a simplicity and grace that has not yet been all that easy to achieve.


    • Ubuntu Server development summary – 11 September 2018
      Cloud-init version 18.3.39 adds jinja template support for user-data scripts and cloud config. As part of this feature, any cloud metadata crawled by cloud-init is presented as template variables. Any cloud-provided metadata such as ip addresses, hostname, region, availability_zone can be referenced in user-data cloud config or scripts without having to crawl and parse metadata in separate tooling.

      Since cloud-init generalizes some of this instance metadata across all clouds, it now allows user-data to be more flexible when deploying to different cloud platforms. See Using instance metadata for more information.


    • What is multi-cloud?
      Tech companies, Canonical included, have a problem. That problem is living in buzzwords and jargon, and then assuming everyone knows what we are talking about.

      At Canonical we call them ‘Canonicalisms’, other companies have their own names for it.

      Whilst we can joke about it, this over-reliance on jargon is a genuine barrier to our audience, developers, customers, people in need of technical help, people in need of assistance in understanding what all these buzzwords are. The jargon is a barrier to people understand what something like the cloud is, in its many different guises, and how these different architectures and strategies can be used for tangible business benefits.

      Fortunately, that’s a problem which is solvable.

      Canonical has decided to produce a whitepaper that details everything you need to know to understand every type of cloud from public to private and managed to multi-cloud. But, we haven’t stopped there, because these technologies don’t live in a bubble, they’re connected to technologies such as Kubernetes, containers, serverless computing, servers and virtual machines.

      Still, understanding the basics about these different technologies is only a piece of the picture, which is why we’ve also included guidance on the best strategies to use, use cases, when and where to deploy and make it a success.


    • Know Your Storage: Block, File & Object
      Dealing with the tremendous amount of data generated today presents a big challenge for companies who create or consume such data. It’s a challenge for tech companies that are dealing with related storage issues.




  • Audiocasts/Shows



    • What the gamer means to open source coder culture
      The first episode of Season 2 of the Command Line Heroes podcast drops today. (New episodes will be available every other week, and there's also bonus material you can get via the newsletter.) The new season focuses on seven big influencers that have shaped IT infrastructure and modern development over the last 40 years.


    • Go from gaming to Mars with season 2 of Red Hat's podcast series, Command Line Heroes
      Last January we embarked on a journey to capture the spirit of the developers, programmers, hackers, geeks and open source champions on the front line, transforming technology from the command line up. The result was a new podcast—Command Line Heroes—that dove into the epic stories of how the technology industry became what it is today.
    • Command Line Heroes: The Game
      I sat down with Michael Clayton and Jared Sprague to talk about Command Line Heroes: The Game. Michael and Jared work for Red Hat on the team that supports the award-winning Red Hat Customer Portal. In their “spare time,” they moonlight as open source game developers. That said, I don’t want to spoil too much… so without further ado, here’s the interview.






  • Kernel Space



    • ZFS On Linux 0.8-RC1 Delivers Native Encryption, Direct I/O & More


      The native encryption, direct I/O, sequential scrub and resilver, and other changes are all great. An infrastructure change with ZFS On Linux 0.8 too is that the SPL (Solaris Portability Layer) is now bundled within ZOL itself rather than being a separate component.
    • Looking forward to the Kernel Summit at LPC 2018
      The LPC 2018 program committee would like to reiterate that the Kernel Summit is going ahead as planned as a track within the Linux Plumbers Conference in Vancouver, BC, November 13th through 15th. However, the Maintainers Summit half day, which is by invitation only, has been rescheduled to be colocated with OSS Europe in Edinburgh, Scotland on October 22nd. Attendees of the Maintainers Summit, once known, will still receive free passes to LPC and thus will probably be present in Vancouver as well.


    • Tech Topics for Kernel Summit


      If you missed the refereed-track deadline and you have a kernel-related topic (or, for that matter, if you just now thought of a kernel-related topic), please consider submitting it for the Kernel Summit.


    • Linux Foundation



      • The Linux Foundation launches new Hyperledger training courses and certification


        The Linux Foundation is offering an educational opportunity for students to enrol for its latest LFD271 – Hyperledger Fabric Fundamentals training course, which introduces the fundamental concepts of blockchain and distributed ledger technologies.

        Students who sign up will also learn about the core architecture and components that make up typical decentralised Hyperledger Fabric applications. Enrolled students will also get to work with Hyperledger Fabric, Hyperledger Fabric Certificate Authority and the Hyperledger Fabric SDK.




    • Graphics Stack



      • Nvidia’s New Update For SHIELD Brings 120Hz Support And Increased Keyboard And Mouse Compatibility


      • NVIDIA Vulkan Beta Driver Updated With New Extensions (v396.54.05)
        With Khronos' Vulkan working group yesterday having released Vulkan 1.1.84 that introduces new extensions, the NVIDIA driver team today released a new beta that incorporates support for some of these extensions.

        The Vulkan 1.1.84 release incorporates three new extensions in the form of VK_KHR_vulkan_memory_model, EXT_astc_decode_mode, and EXT_inline_uniform_block. Today's NVIDIA Vulkan 396.54.02 Linux driver beta (and 399.17 for Windows) adds support for the Vulkan memory model and inline uniform block extensions. The ASTC decode mode really isn't too relevant for them on the desktop side. See the aforelinked article for more details on these extensions.


      • VMWare Updates Its Gallium3D Driver Ahead Of Fusion 11 / Workstation 15
        VMware has landed more than fifty Mesa patches today adding a lot of new functionality to its "SVGA" Gallium3D driver that is used for providing OpenGL/GPU acceleration to guest virtual machines with its virtualization products.

        This big set of feature work is in preparation for the upcoming VMware Workstation 15 and Fusion 11 product releases. The new features in their SVGA Gallium3D driver require the bits to be found in their Workstation / Fusion product updates.


      • AMD Patches in Support for FreeSync to Linux


        AMD developer Nicholas Kazlauskas has uploaded a series of patches, that when eventually added to the Linux kernel, will enable 'FreeSync' within Linux. Adaptive sync is the Displayport spec and variable refresh rate is the same but pertains to the HDMI spec that allows for graphics adapters to drive displays with varying frame timings. Michael Larabel from Phoronix is optimistic that they will become available with the Linux 4.20~5.0 kernel.


      • AMD Finally Rolls Out New Linux Patches For Adaptive-Sync / VRR (FreeSync)
        While the open-source AMD Radeon Linux graphics stack has gotten into particularly good shape the past two years or so, one of the areas that has left the red Linux gamers unsatisfied is the lack of FreeSync support (or DisplayPort Adaptive-Sync / HDMI Variable Refresh Rate) when using the fully open-source stack. It looks like that could be changing soon with the new set of patches under review.


      • Libinput 1.12 Released With New Quirks System, Touchpad Improvements
        Peter Hutterer announced the release today of libinput v1.12 as the widely used Linux input handling library on Wayland/Mir/X.Org desktops.

        Libinput 1.12 is a big release that has been in development the past few months and features its own quirks system to replace their use of the hwdb hardware database, new documentation, better support for FreeBSD, new trackpoints code, improved touchpad behavior, better palm detection, new pointer jump detection code, and a variety of other fixes and improvements for this generic input handling library.




    • Benchmarks



      • A Look At The Linux Graphics/Gaming Performance With GNOME 3.30 X.Org/Wayland
        Given last week's big GNOME 3.30 release I was eager to test the updated desktop environment with its Mutter compositor improvements on Wayland as well as seeing how its performance under the conventional X.Org Server. Here are some of these benchmarks of various graphics applications and games tested under both GNOME 3.28.3 and GNOME 3.30.0 with both Wayland and X.Org sessions.

        Intel's Clear Linux rolling-release distribution shipped same-day GNOME 3.30 packages, making for an easy comparison of the GNOME Shell/Mutter 3.28.3 and other packages against that of the newly-minuted GNOME 3.30. Those comparisons were done on both X.Org Server 1.20.1 and Wayland with the desktops.


      • September 2018 Drivers: The Current Linux Performance & Perf-Per-Watt From NVIDIA Kepler To Pascal vs. AMD
        There is one week to go until NVIDIA begins shipping the GeForce RTX 2080 "Turing" series but while waiting for that hardware, here is a look back at how various graphics cards are performing for Linux games from the GTX 1000 Pascal series back through the GTX 600 Kepler series. On the AMD side in this comparison is also going from Vega back to the GCN 1.0 Southern Islands. The Vulkan/OpenGL Linux gaming performance is being looked at as well as the overall system power consumption and performance-per-Watt.


      • Phoronix Test Suite 8.2 Released With Official Docker Benchmarking Image, New Testing Improvements
        Phoronix Test Suite 8.2.0-Rakkestad is officially shipping today as the latest quarterly feature release to our open-source, cross-platform automated benchmarking software. In addition to the Phoronix Test Suite 8.2 itself, there is the first official release of the newly-introduced "phoronix/pts" Docker image on Docker Hub for easily carrying out the benchmarks with the pre-seeded image.






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • Okular – A Universal Cross-Platform Document Viewer
        If there is one thing the open source community is not short of it is document viewers. We have published articles on a couple of them in the past not excluding Buka, Bookworm, and Easy Ebook Viewer.

        Today, we introduce to you another document viewer you can use to read ePub ebooks and PDFs and it goes by the name of Okular, is an open source and cross-platform KDE-developed document viewer and it ships together with the KDE application release.

        This means that if you run KDE then you probably have Okular installed on your system. The document viewer has support for a variety of document formats including PDF, ePub, XPS, DjVu, CHM, and Postscript, among others.

        With PDF documents, users can add comments, highlight sections, and add several shapes without affecting the original file. Okular also features an inbuilt reading service (Jovie), along with the ability to extract text from eBooks into separate text files.


      • Unified Mailboxes in KMail


        Today KMail has gained a new cool feature that has been repeatedly requested in the User survey last year as well as on forums and social networks: Unified mailboxes.

        Unified mailboxes offer not only a unified inbox – a single “Inbox” folder showing emails from inboxes of all your accounts, it also provides unified sent and drafts folders by default. But we did not stop there: you can create completely custom unified mailboxes consisting of any folders you choose. You can even customize the default ones (for example exclude an Inbox from a particular account).




    • GNOME Desktop/GTK



      • Get A Terminal Embedded In Nautilus File Manager With Nautilus Terminal 3
        Nautilus Terminal 3 embeds a terminal into Nautilus (Files, the default Gnome browser), similar to KDE's Dolphin file manager. The terminal automatically changes directories based on the user's navigation in the file browser.

        This Nautilus extension is a re-implementation of the old Nautilus Terminal that was initially only available for Nautilus 2.x, and later 3.0 and 3.2, which should work with recent Nautilus versions.
      • GNOME.Asia Summit 2018


        Last year I’d been COSCUP 2017 at first time, it gave a great impression of COSCUP. It’s open, freedom and very energetic. It’s very nice this year GNOME.Asia Summit joint with COSCUP and openSUSE.Asia.

        [...]

        And at night we had a GNOME.Asia BoF to review the Good vs. Bad, we collected a lot of ideas to make the GNOME.Asia better in future.

        In the second day, I made a topic about “flatpak vs. snap”, introduced some concepts and basic usages. And I also listened Max’s “Community experience”, Kukuh’s “GNOME Recipes”, Shobha’s “Humanitarian FOSS projects” and Wen’s “GNOME.Asia experience”.
      • Gtranslator Resurrection
        The last week I received a telegram message about Gtranslator, that was unmaintained for a long time. GNOME translators uses different tools to translate .po files, Gtranslator is a tool for translator that is integrated with the GNOME desktop, but with the time, Gtranslator is getting old and there are several known bugs that never get fixed.

        So I decided to go ahead and become the maintainer of Gtranslator with the main idea of update the interface and fix mayor bugs.






  • Distributions



    • New Releases



      • Alpine Linux 3.8.1 released
        The Alpine Linux project is pleased to announce the immediate availability of version 3.8.1 of its Alpine Linux operating system.

        This is a bugfix release of the v3.8 stable branch, based on linux-4.14.69 kernels and it contains bugfixes. It contains an important security update for apk-tools which fixes a potential remote execution. A CVE is pending.




    • Slackware Family



      • Last week’s [Slackware] updates: Chromium and VLC
        Last week the Chrome (and Chromium) update to release 69 was in the news. The UI changed significantly, sporting more of Google’s material design elements. Also the password manager has been improved: it will suggest random passwords in cases where you have to create a Web account and will offer to remember the random password in its vault so you don’t have to write it down or remember it (you’ll have to be signed into your Google account to be able to use this feature though). The ‘omnibox‘ (the area where you type your URLS and search queries) is more powerful now, showing many more related results while you are typing. My package for Chromium supports direct playback of H.265/HEVC video by the way, and has done so for the past releases. Check it out for instance on https://www.h265files.com/embed-h265-video.php . Not many other browsers (even other distros’ Chromium browsers) will do that.




    • Red Hat Family



    • Debian Family



      • PSA: the.earth.li ceasing Debian mirror service


        This is a public service announcement that the.earth.li (the machine that hosts this blog) will cease service as a Debian mirror on 1st February 2019 at the latest.

        It has already been removed from the official list of Debian mirrors. Please update your sources.list to point to an alternative sooner rather than later.


      • Debian/TeX Live binaries update 2018.20180907.48586-1
        A new set of TeX Live binaries has been uploaded to Debian, based on the Subversion status as of 7 September (rev 48586). Aim was mostly fixing a bug of (x)dvipdfm(x) introduced by a previous upload. But besides fixing this, it also brought the new version of dvisvgm (2.5) into Debian.

        [...]

        The current sources also contain another cherry picked bug fix for dvipdfmx, but unfortunately I will have to stop now using the subversion tree as is, due to the inclusion of an intermediate luatex release I am not convinced I want to see in Debian before the proper release of TeX Live 2019. That means, from now on I have to cherry pick till the next TeX Live release.


      • Derivatives



        • Elive 3.0 is out! And it is FREE!!
          After a long period of development, Elive 3.0 has been finally released today.

          Wow, I still remember the first day I saw Elive Topaz 2.0. Never had I seen a distro most beautiful and efficient. However, back then, the live CD asked for payment to download an installation module, which put me (and many other Linux users, I learned later) off.

          Of course, those days, I was still discovering the world of Linux and Free/Open Source Software, so I had many inaccurate ideas about distros. I did not know much about KDE or Gnome, let alone mention Enlightenment. I struggled with GRUB. I still did not understand the functionality of multiple work spaces and, obviously, I assumed that "free software" was meant to be free of cost.

          Gradually, I became more supportive toward the idea of paying for Linux-related work that I loved and that, understandably, was something that I could not do myself due to my technical limitations. I began paying for Mandriva Powerpacks, for example. And I donated money, too.


        • Dust off that old Pentium, Linux fans: It's Elive
          What were you doing in 2010? The Space Shuttles were still flying, Toy Story 3 ruled the cinemas, and Apple released its very first iPad. Oh, and Linux distro Elive locked down its last stable build. Until now.

          Designed to run on minimal hardware, Elive is very much a passion project of its leader, Samuel F Baggen. Based on Debian, the first version took a bow in 2005. The second stable version made an appearance in 2010 and it has been a long eight years for the third stable version to become available.

          Elive has an impressively low bar to entry, with hardware requirements for the distribution coming in at 256 MB RAM and a 500 MHz CPU, meaning that some very elderly silicon is theoretically going to be able to enjoy the highly polished Enlightenment desktop.

          "Theoretically" because after The Register took Elive 3.0.0 out for a spin on a relatively low-powered laptop, we'd frankly baulk at running it on anything much slower than a 533MHz Core 2 with at least 512 MB RAM. However, the Enlightenment UI is undeniably an attractive desktop, particularly if a macOS-alike dock is your thing, and runs at an impressive lick even on hardware that lacks graphics acceleration.


        • Canonical/Ubuntu



          • Canonical Releases Linux Kernel Security Patch for Ubuntu 18.04 LTS, Update Now
            The kernel security update released by Canonical for Ubuntu 18.04 LTS users patches a security flaw (CVE-2018-1118) discovered in Linux kernel's VirtIO subsystem, which could allow a local attacker to expose sensitive information (kernel memory) as it improperly initialized memory under certain conditions.

            The second security vulnerability patched by today's kernel update addresses an information leak (CVE-2017-13695) discovered by Seunghun Han in Linux kernel's ACPI (Advanced Configuration and Power Interface) handling code, allowing a local attacker to expose sensitive information (kernel address locations).


          • How to install the Dolibarr ERP/CRM on Ubuntu 18.04


          • Ubuntu Weekly Newsletter Issue 544
            Welcome to the Ubuntu Weekly Newsletter, Issue 544 for the week of September 3 – 9, 2018.










  • Devices/Embedded





Free Software/Open Source



  • Decawave and Runtime accelerate development of indoor location services through open source
    Decawave and Runtime today announced support for the open source Apache Mynewt Operating System (OS) on Decawave’s DW1000 Ultra-Wideband (UWB) transceiver. The combination of these technologies provides developers of real-time location (RTLS) applications with an open and reusable development environment and a framework for device-to-cloud lifecycle management and messaging.

    Decawave, the global leader in UWB-based silicon for RTLS and proximity applications, and Runtime, a leading IoT platform-as-a-service and open source solution provider, worked collaboratively on the implementation of Apache Mynewt support for the DW1000. The addition of the Apache Mynewt OS enables support for multiple hardware platforms and a wide range of network protocols, allowing Decawave to offer a unified code base across its development kits and hardware platforms. This lowers barriers to adoption of UWB technology and reduces time-to-market for developers.


  • Open source: The next 20 years
    In the future, I expect open source software to maintain, if not broaden, its central role in the broad software ecosystem. Open source will continue to invade domains dominated by proprietary software, with more and more large companies, like Microsoft, investing heavily in open source and releasing both existing and new software under open source licenses. I specifically think, as more software gets consumed as a service rather than as source, it’ll be interesting to see how open source principles keep pace.

    Beyond the software ecosystem, open source principles are permeating into other fields: open source hardware is growing rapidly and allowing for an entire ecosystem of hardware development never seen before. Open collaboration in academia is on the rise, enabling researchers in all sorts of fields, not just computer science, to share information in ways that is speeding up discoveries by leaps and bounds.


  • Open Mainframe Project Announces Open Source Framework for Modernization
    The Open Mainframe Project has announced Zowe, an open source software framework that bridges the divide between modern applications and the mainframe, intended to provide easier interoperability and scalability among products and solutions from multiple vendors. Zowe is the first open source project based on z/OS.

    Zowe's mission is to enable delivery of a more integrated environment for z/OS systems through an extensible open source framework and the creation of an ecosystem of independent software vendors, system integrators, clients and end users. This new framework will help engender a simpler, more intuitive environment for a variety of IT professionals performing administrative, development, test and operation tasks on z/OS, and help onboard the next generation of mainframe users.


  • Shelter is an open source sandboxing app to isolate apps from your data
    Big data is a big business right now and this can come in the form of just about any type of information that someone can get their hands on. Whether it’s a business tracking your location for monetization or a malicious application abusing various permissions to gain access to as much of your data as possible. For those who are very cautious about their personal data, you should know there is a new open source application called Shelter that lets you sandbox applications to isolate them from your data.


  • Can Open Source Improve Japan’s New Blockchain-based Voting System?


    Besides Switzerland and the USA, Japan is now the most recent implementer of Blockchain in its voting system. Let’s take a look at the news in brief and also the current challenges in the model. Can Open Source help in tackling them?

    [...]

    Complete details of the initiative (translated) are available on the Tsukuba city page.

    Though integrating Blockchain with the “My Number” system makes the voting process easier, there really are some notable setbacks, one of which is described in the video that needs to be dealt with in order to improve this voting system.


  • ​Nextcloud 14 rolls out with two major security features
    Are you worried about storing your business files on a public cloud, but don't have the in-house staff to install a high-end, do-everything cloud like OpenStack? If that's your situation, you need to look into Nextcloud.

    Nextcloud, the fork of ownCloud, is a fully open-source Infrastructure-as-a-Service (IaaS) cloud with some Platform-as-a-Service (PaaS) services. You can install it on your own Linux server or on on a server at many hosting companies.


  • Events



  • Web Browsers



    • Browsh – A Modern Text Based Browser Which Supports Graphics And Video
      We had wrote many articles about text based browser in the past such as Links, Links2, ELinks, Lynx, w3m and Netrik.

      Why we need a text-based browser in Linux? As you already know most of the Linux servers are running without GUI. It helps Linux administrator to browse the website from CLI.

      As i know, all these text-based browsers renders only web pages and supports color but browsh is advanced, well-established, feature-rich modern text based browser which supports graphics and video.


    • Mozilla



      • Mozilla identifies 10 open source personas: What you need to know
        Participating in open source communities—or in any open organization, for that matter—means collaborating with others who might not operate the same way you do. Their motivations may differ. Their governance models might seem foreign. Their goals might not immediately speak to you. So if you're going to work together, you'll need to develop a clear sense of what makes the project tick—and decide quickly whether working together is best for your team and your business.

        Similarly, if you're instigating an open source project, you should ask yourself, "what kind of community do I want to attract?" Then you can plan for and signal that accordingly.


      • Firefox Just Dropped Windows XP and Vista Support, and Soon Steam Will Too
        Version 52 of Firefox’s Extended Support Edition (ESR) was the last version of Firefox compatible with Windows XP and Vista machines, but it is no longer getting security updates as of last week. This means any security flaws will never be patched, potentially putting users in danger of breaches.


      • IRC's 30th Birthday; Mozilla Working on New JavaScript APIs for VR; Arch Linux Answering Questions on Reddit; Microsoft Splits Its Visual Studio Team Services; and Hortonworks, IBM and Red Hat Announce the Open Hybrid Architecture Initiative
        Mozilla yesterday announced it is beginning a new phase of work on JavaScript APIs "that will help everyone create and share virtual reality (VR) and augmented reality (AR) projects on the open web". Mozilla's new WebXR Device API has two goals: 1) "To support a wider variety of user inputs, such as voice and gestures, giving users options for navigating and interacting in virtual spaces"; and 2) "To establish a technical foundation for development of AR experiences, letting creators integrate real-world media with contextual overlays that elevate the experience." For more information, see the Immersive Web Community Group.


      • Converting a WebGL application to WebVR
        A couple months ago I ported the Pathfinder demo app to WebVR. It was an interesting experience, and I feel like I learned a bunch of things about porting WebGL applications to WebVR that would be generally useful to folks, especially folks coming to WebVR from non-web programming backgrounds.

        Pathfinder is a GPU-based font rasterizer in Rust, and it comes with a demo app that runs the Rust code on the server side but does all the GPU work in WebGL in a TypeScript website.

        We had a 3D demo showing a representation of the Mozilla Monument as a way to demo text rasterization in 3D. What I was hoping to do was to convert this to a WebVR application that would let you view the monument by moving your head instead of using arrow keys.


      • Mozilla Security Blog: Protecting Mozilla’s GitHub Repositories from Malicious Modification
        At Mozilla, we’ve been working to ensure our repositories hosted on GitHub are protected from malicious modification. As the recent Gentoo incident demonstrated, such attacks are possible.

        Mozilla’s original usage of GitHub was an alternative way to provide access to our source code. Similar to Gentoo, the “source of truth” repositories were maintained on our own infrastructure. While we still do utilize our own infrastructure for much of the Firefox browser code, Mozilla has many projects which exist only on GitHub. While some of those project are just experiments, others are used in production (e.g. Firefox Accounts). We need to protect such “sensitive repositories” against malicious modification, while also keeping the barrier to contribution as low as practical.

        This describes the mitigations we have put in place to prevent shipping (or deploying) from a compromised repository. We are sharing both our findings and some tooling to support auditing. These add the protections with minimal disruption to common GitHub workflows.

        The risk we are addressing here is the compromise of a GitHub user’s account, via mechanisms unique to GitHub. As the Gentoo and other incidents show, when a user account is compromised, any resource the user has permissions to can be affected.






  • Pseudo-Open Source (Openwashing)



  • FSF/FSFE/GNU/SFLC



    • More Details On The AMD GCN Back-End For GCC That's Expected To Merge For GCC 9
      - Last week I reported on Code Sourcery / Mentor Graphics posting their new AMD GCN port to the GNU Compiler Collection (GCC). This GPU back-end for the widely-used GCC compiler is hoped for merging ahead of the GCC 9 stable release expected in early 2019. At this past weekend's GNU Tools Cauldron 2018 conference was a briefing by Mentor Graphics on undertaking funded by AMD.




  • Public Services/Government



    • HopHacks participants will pursue solutions for cities


      More than 300 undergraduate and graduate students from across the country will gather at Johns Hopkins University this weekend for HopHacks, an annual hackathon event that challenges students to work intensively on a technology- or software-based design.

      Held every fall and spring on the university's Homewood campus, this year's HopHacks features a new design track: the Civic Hack challenges participants to develop apps aimed at improving urban living.


    • HopHacks adds civic track, using open source platform from Paris
      HopHacks is adding a design track focused building technology to improve city life at its fall event.

      The 36-hour student hackathon is scheduled to be held at Johns Hopkins’ Homewood campus from Sept. 14-16. Registration is already closed, according to its website, but there’s some news relevant to all of Baltimore to pass along. For the first time in the series, the biannual event will include a Civic Hack design track among the options for building, according to the JHU Hub.




  • Licensing/Legal



    • The Commons Clause doesn't help the commons
      The Commons Clause was announced recently, along with several projects moving portions of their codebase under it. It's an additional restriction intended to be applied to existing open source licenses with the effect of preventing the work from being sold[1], where the definition of being sold includes being used as a component of an online pay-for service. As described in the FAQ, this changes the effective license of the work from an open source license to a source-available license. However, the site doesn't go into a great deal of detail as to why you'd want to do that.

      Fortunately one of the VCs behind this move wrote an opinion article that goes into more detail. The central argument is that Amazon make use of a great deal of open source software and integrate it into commercial products that are incredibly lucrative, but give little back to the community in return. By adopting the commons clause, Amazon will be forced to negotiate with the projects before being able to use covered versions of the software. This will, apparently, prevent behaviour that is "not conducive to sustainable open-source communities".

      But this is where things get somewhat confusing.




  • Openness/Sharing/Collaboration



    • Open Access/Content



      • Book review: The Economics of Open Access – on the Future of Academic Publishing
        Two decades ago, the world of academic publishing was taken by a storm called ‘open access’. The movement of ‘open access’ advocates for making published content available to the public for free. No fees and no (or little) right-based restrictions to limit access (apparently, the wisdom that authors need financial incentives to create does not apply to scholars who write for pleasure or reputation alone). The aim of open access is [was] to democratize access to knowledge. In ‘The Economics Open Access’, Thomas Eger and Marc Scheufen investigate whether ‘open access’ strategies have delivered on their promises.

        Combined with the rise of the Internet and digital technologies, open access strategies should have made the dissemination of knowledge (via academic publications) cheaper than ever. Instead, we find libraries facing higher subscription fees which forces them to cut back on their catalogue listing and monograph in-take…so what went wrong?

        The book offers an economic empirical analysis the impact of ‘open access’ has had on the academic publishing market world-wide. The analysis is based on two different sets of data: an ‘objective’ data set capturing the state of the academic publishing markets (i.e. growth in publication numbers, publishers, levels of open-access practices etc.), and a ‘subjective’ data set which documents scholars’ views on open access policies and how they engage with them in practice. This second set of data, based on over 10,000 responses from 25 different countries, is undoubtedly the most novel and original contribution of the book to the debate.


      • Europe's New 'Plan S' For Open Access: Daft Name, Great News


        Keeping copyright in the hands of authors is crucial: too often, academics have been cajoled or bullied into handing over copyright for their articles to publishers, thus losing the ability to determine who can read them, and under what conditions. Similarly, the CC-BY license would allow commercial use by anyone -- many publishers try to release so-called open access articles under restrictive licenses like CC-BY-NC, which stop other publishers from distributing them.

        Embargo periods are routinely used by publishers to delay the appearance of open access versions of articles; under Plan S, that would no longer be allowed. Finally, the new initiative discourages the use of "hybrid" journals that have often enabled publishers to "double dip". That is, they charge researchers who want to release their work as open access, but also require libraries to take out full-price subscriptions for journals that include these freely-available articles.

        Suber has a number of (relatively minor) criticisms of Plan S, which are well-worth reading. All-in-all, though, this is a major breakthrough for open access in Europe, and thus the world. Once "admirably strong" open access mandates like Plan S have been established in one region, others tend to follow in due course. Let's just hope they choose better names.






  • Programming/Development



    • Open Jam, the open source game jam, returns for 2018
      Team Scripta is back with the second annual Open Jam, a game jam that promotes open source games and game creation tools.


    • AsioHeaders 1.12.1-1


      A first update to the AsioHeaders package arrived on CRAN today. Asio provides a cross-platform C++ library for network and low-level I/O programming. It is also included in Boost – but requires linking when used as part of Boost. This standalone version of Asio is a header-only C++ library which can be used without linking (just like our BH package with parts of Boost).


    • Python joins movement to dump 'offensive' master, slave terms
      Python creator Guido van Rossum retired as "benevolent dictator for life" in July, but like Michael Corleone in The Godfather III, he's been pulled back in to resolve a debate about politically incorrect language.

      Like other open source communities, Python's minders have been asked whether they really want to continue using the terms "master" and "slave" to describe technical operations and relationships, given that the words remind some people of America's peculiar institution, a historical legacy that fires political passions to this day.

      Last week Victor Stinner, a Python developer who works for Red Hat, published four pull requests seeking to change "master" and "slave" in Python documentation and code to terms like "parent," "worker," or something similarly anodyne.






Leftovers



  • How Tor.com went from website to publisher of sci-fi’s most innovative stories

    Since its founding, Tor.com has gone from a simple website to a full-fledged publishing operation. In addition to publishing shorter works of fiction, it also publishes a range of novelettes, novellas, and even some short novels, with books like Nnedi Okorafor’s Binti and Martha Wells’ All Systems Red earning considerable acclaim from the science fiction community. This week, the site published the anthology Worlds Seen in Passing: 10 Years of Tor.com Short Fiction, which celebrates the best of the site’s fiction in the decade that it’s been in operation.



  • Hardware



    • NXP Charts Post-Qualcomm Future
      NXP Semiconductors NV, frozen for almost two years by Qualcomm Inc.’s failed bid to buy it, now must convince shareholders to support the Dutch chip maker’s new go-it-alone strategy, which includes a new quarterly dividend.




  • Health/Nutrition



    • Shhh … UN Declaration On Tuberculosis Draft Text Out For Approval
      Negotiators’ agreed draft text for a United Nations political declaration on ending tuberculosis worldwide has been posted for all member states to see, and negotiators hope, not comment on. Under a UN procedure, the text has been placed “under silence” until 10:00am New York time on 14 September. If no one breaks the silence, the text is considered agreed and will advance to the High-Level Meeting on tuberculosis on 26 September as part of the annual UN General Assembly.

      The draft text was made available by the co-facilitators for review here.

      The text includes a letter from the co-facilitators explaining the silence process. The co-facilitators are Walton Alfonso Webson, ambassador of Antigua & Barbuda to the UN, and Koro Bessho, ambassador of Japan to the UN.

      Intellectual Property Watch last week (IPW, United Nations, 5 September 2018) released a leaked version of the final compromise paragraphs, which relate to intellectual property.





  • Security



    • Greens happy big tech has spoken out against encryption backdoors

      Australian Greens' Digital Rights spokesperson Senator Jordon Steele-John says he is thrilled that some of the world's big technology firms have put the privacy of their users ahead of their own profits by condemning the Federal Government's Assistance and Access Bill.

    • Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob
      Tesla has taken plenty of innovative steps to protect the driving systems of its kitted-out cars against digital attacks. It's hired top-notch security engineers, pushed over-the-internet software updates, and added code integrity checks. But one team of academic hackers has now found that Tesla left its Model S cars open to a far more straightforward form of hacking: stealthily cloning the car's key fob in seconds, opening the car door, and driving away.

      A team of researchers at the KU Leuven university in Belgium on Monday plan to present a paper at the Cryptographic Hardware and Embedded Systems conference in Amsterdam, revealing a technique for defeating the encryption used in the wireless key fobs of Tesla's Model S luxury sedans. With about $600 in radio and computing equipment, they can wirelessly read signals from a nearby Tesla owner's fob. Less than two seconds of computation yields the fob's cryptographic key, allowing them to steal the associated car without a trace. "Today it’s very easy for us to clone these key fobs in a matter of seconds," says Lennert Wouters, one of the KU Leuven researchers. "We can completely impersonate the key fob and open and drive the vehicle."


    • Tesla Model S Can Be Hacked In Seconds With This Raspberry Pi-powered Equipment
      Tesla is the epitome of innovation combined with unmatched features, including utmost comfort and tight security that provides a completely digitized driving experience. However, it seems that hackers are always a step ahead.

      Researchers from KU Leuven University in Belgium were successful in hacking the key fob of the Tesla Model S with equipment worth $600.


    • Reproducible Builds: Weekly report #176


    • Does Publicly Shaming Companies Improve Security?
      ou might think security teams inside big companies hate it when researchers and the press point out vulnerabilities, but that’s not always the case.

      Security teams are just one voice among many, and often they have trouble convincing bosses that security and privacy should be a priority. An embarrassing story in the press can change that quickly.


    • Security updates for Tuesday




  • Defence/Aggression



    • ‘Maverick’ Media Use McCain Funeral to Shore Up US Imperialism
      Elite media insist they’re engaged in challenging the imperious presidency of Donald Trump. But their support for US imperialism itself remains vigorous, as coverage of the funeral of Sen. John McCain showed clearly.


    • Was Bin Laden Right About 9/11?
      Bergen is an idiot. Al Qaeda got much, much more than it ever hoped for out of 9/11, and Bergen’s silly retelling of al Qaeda’s goals is part and parcel of what drives American foreign policy off a cliff on a daily basis in the Middle East.

      Japan was a nation set on territorial conquest in WWII. It bombed Pearl Harbor to destroy as much of America’s Navy as it could to buy itself as much time as it could to conquer as much as it could across the Pacific before America got back on its naval feet. Standard war as it has been since Caesar.

      Terrorists fight a different war, a political one. They don’t have navies. They have guys who hijack planes.


    • ACTION ALERT: Venezuela Poses No ‘Threat to the World’—but WaPo’s Claim That Is Does Is Dangerous
      A Washington Post article by Ishaan Tharoor (9/10/18) states that it “can be plausibly argued” that Venezuela is “a threat to the world.” The justification for the remark is unclear, but seems to be based on his claim that a “hemispheric humanitarian calamity is now straining Venezuela’s neighbors, who are struggling to cope with the vast influx of refugees fleeing hunger and depredation.”

      The phrase “a threat to the world” has a hyperlink to an earlier Tharoor piece (3/1/18), which includes the claim, “As many as 4 million Venezuelans—more than 10 percent of the population—have already left the country, according to the Brookings Institution,” and goes on to assert, “That displacement threatens to create problems beyond Venezuela’s borders.”

      If you follow the link to Brookings, you see that the think think (2/12/18) only says, “Some estimates suggest that there are already 4 million Venezuelans who have left the country in search of better living conditions: over 10 percent of the country’s population.” No source is offered beyond “some estimates.”

      I’ve written recently on the scale of Venezuela’s migration (FAIR.org, 8/31/18), given the comparisons to Syria that Tharoor and others have tossed around. According to the UN’s International Organization for Migration figures, by July 2018, about 1.6 million Venezuelans had fled its economic crisis, far from the 5 million that have fled Syria’s civil war to live abroad, and whom no decent person would call a “threat to the world.”


    • United States overseas operations: Role of CIA – Jacob G. Hornberger
      Yesterday, President Trump, yielding to the overwhelming power of the Pentagon, CIA, and NSA, announced that he has decided to keep U.S. troops in Syria indefinitely, thereby abandoning his intention announced last March to instead bring U.S. troops in Syria home. Of course, keeping the troops in Syria has been the position that the U.S. national security establishment has been demanding of Trump since the beginning of his presidency, especially since that increases the risk of confrontation with Russia, the decades-old enemy, and rival of the U.S. national-security establishment.


    • Security Brief: Pentagon Draws Up 'Options' for Striking Assad; Trump Expands CIA's Drone Mission in Africa




  • Transparency/Investigative Reporting



    • Dutch investigators search for missing WikiLeaks associate in Norway
      "Kamphuis has still not been found and the case is open for different outcomes, but we still haven't found anything that indicates that a crime has been committed," they added.

      WikiLeaks, which publishes secret information, tweeted on September 2 that his disappearance was "strange".


    • Dutch investigators search for missing WikiLeaks associate in Norway
      The Norwegian police on Monday said Dutch investigators were helping them search for WikiLeaks founder Julian Assange's associate Arjen Kamphuis, who mysteriously disappeared in northern Norway three weeks ago.

      The 47-year-old Dutch cyber security expert has been missing since August 20th when he left his hotel in the northern Norwegian town of Bodø, triggering numerous conspiracy theories on social media.

      Two Dutch investigators have arrived in Bodø to help the investigation, the Norwegian police said in a statement on Monday, adding they would stay there for the rest of the week.

      "Kamphuis has still not been found and the case is open for different outcomes, but we still haven't found anything that indicates that a crime has been committed," they added.


    • Dutch investigators search for missing WikiLeaks associate in Norway


    • Dutch investigators search for missing WikiLeaks associate in Norway


    • Petition to give Assange refuge to be presented to NZ Parliament


      More than 2000 New Zealanders have signed a petition urging their government to offer WikiLeaks publisher Julian Assange permanent political asylum in the country and also safe passage to the country from his present place of residence – the Ecuadorian embassy in London.

      The petition was launched by activist Greg Rzesniowiecki on 5 July. It said the reason behind it was because, "Julian Assange (Wikileaks editor) is under effective house arrest in UK".

      "On 5 February 2016, the UN's Working Group on Arbitrary Detention concluded that Assange had been subject to arbitrary detention since 7 Dec 2010."


    • “Provide Assange Asylum in NZ” Petition Handover
      “Provide Assange Asylum in NZ” Petition Handover 3pm Thursday 13 September NZ Parliament

      ‘Free Assange NZ’ is a group of New Zealanders who support freedom for Wikileaks editor-in-chief, Julian Assange. One part of the campaign involves the initiative to provide Assange with asylum in New Zealand – that one place on the planet where the political leadership supports ethical governance, free speech and human rights.

      To that effect Free Assange NZ initiated a parliamentary petition to instrumentalise the asylum initiative. Parliamentary petitions require a sponsoring member of parliament.


    • Bring Assange home


    • Sweden Will Not Give Assange To US In Case Of Death Penalty Threat - Ambassador To Moscow
      If WikiLeaks founder Julian Assange is extradited to Sweden from the Ecuadorian Embassy in London, where he has taken refuge in since 2012, he will be subject to investigation there, but Stockholm would never hand him over to the United States if there was the risk of him facing capital punishment in the country, the Swedish ambassador to Moscow told Sputnik on Tuesday.

      "In Sweden, [Assange] is wanted for suspected sexual assaults, we do not know if he has done it or not, as he has not been tried yet. If he is released from the Ecuadorian Embassy and given to Sweden, then investigation will certainly be launched," Peter Ericson said.

      He went on to say that if the United States had any complaint against Assange, it could ask Sweden to extradite him.


    • Sweden Won't Give Assange to US if Death Penalty Threat Exists - Swedish Envoy
      While the investigation into the sex-related crimes was dropped in May 2017 and the arrest warrant was officially revoked, the probe can be relaunched if Assange is extradited to Sweden before August 2020, when the statute of limitations expires. Assange's extradition to Sweden may result in his eventual extradition to the United States, where he could face capital punishment over leaking classified documents.


    • “Provide Assange Asylum in NZ” Petition Handover
      ‘Free Assange NZ’ is a group of New Zealanders who support freedom for Wikileaks editor-in-chief, Julian Assange. One part of the campaign involves the initiative to provide Assange with asylum in New Zealand – that one place on the planet where the political leadership supports ethical governance, free speech and human rights.

      To that effect Free Assange NZ initiated a parliamentary petition to instrumentalise the asylum initiative. Parliamentary petitions require a sponsoring member of parliament.

      Free Assange NZ spokesperson, Greg Rzesniowiecki reports, “We’ve had a breakthrough with Labour MP for Ohariu, Greg O’Connor agreeing to formally sponsor the Assange Asylum petition’s presentation to the Parliamentary Clerk for allocation to a select committee for report to the House.


    • “Provide Assange Asylum in New Zealand” Petitioners Head to Parliament
      Ohariu MP Greg O’Connor will present the petition to the New Zealand parliament but he says that he does not support Assange coming to New Zealand.

      Over 2,000 New Zealanders from the group “Free Assange NZ," which supports freedom for Wikileaks Editor-in-Chief Julian Assange, have signed a petition urging the New Zealand government to offer permanent political asylum to Assange. The petition, which also calls on the country's government to provide Assange with safe passage to the country from his current location at the Ecuadorean embassy in London, will be hand delivered to Parliament Thursday.

      [...]

      At a demonstration in support of Assange in Wellington held Sunday where Chelsea Manning, former U.S. soldier, and whistleblower was a speaker, Alex Hills stated that the world seems to have forgotten about Assange and his struggle.

      “Wikileaks has published accurate information on war crimes and corrupt government behavior for over 11 years without need for a single retraction. They are a non-partisan and publish verified source documents no matter the country or political party of origin. The United Nations Human Rights Council has ruled that Assange is illegally detained and should be immediately freed and compensated,” said Hills.






  • Finance



    • How Struggling Dayton, Ohio, Reveals the Chasm Among American Cities


      The news this past year has been full of the tribulations facing the cities at the vanguard of the great urban rebirth. There are fights over Uber limits in New York, cash-free purchasing in Washington, D.C., and extreme housing costs in San Francisco.

      Dayton, Ohio, has been grappling with a different set of concerns. For example, there was a spate of disturbing, unexplained deaths in a formerly middle-class neighborhood just northwest of downtown. Over the span of seven months, five women’s bodies were found scattered around the area, at least three of them the victims of homicides, the others likely dead by overdose. Three had gone undiscovered for so long that they’d been partly eaten by animals. The deaths, and their aftermath, seemed to capture three of the city’s pathologies — violence, drug abuse and abandonment — inside an area of little more than a few square blocks

      The plight of small and mid-sized post-industrial cities like Dayton is hardly new, but it’s gotten obscured in recent years. The 2016 election drew a lot of attention to the urban-rural divide — between vibrant blue islands and fading red expanses that turned out so strongly for Donald Trump. What all the talk of the urban-rural gap overlooks is the growing divide among cities, too.

      There have always been more and less wealthy cities, but nothing like what is on display today, as a select group of hyper-prosperous cities put ever-greater distance between themselves and their counterparts. Consider this. In 1980, even after the first wave of deindustrialization, Middle American cities such as Dayton were remarkably close to par with their coastal peers. Per capita income in the Seattle area was only 16 percent greater than in the Dayton area. In metro Boston, the edge was only 6 percent. In New York, 14 percent. In Washington, 31 percent. And in the San Francisco Bay Area, 33 percent.
    • What Happens When the Next Financial Crisis Strikes?


      Most business journalists — including me — failed to see the 2008 disaster until it was almost upon us. But these days, predicting meltdowns has become positively trendy. With stocks at or near record levels, unemployment low and the economy booming, it’s become conventional journalistic wisdom to predict that evil days lie ahead. And not very far ahead. The recent New York Times editorial, “Inviting the Next Financial Crisis,” is just one example.

      But I don’t think that today’s obvious problems will cause tomorrow’s crisis. Why? Because obvious problems usually don’t cause crises. You get a crisis when problems combine in unpredictable and unforeseen ways.

      In 2008, complex financial instruments that almost no one understood — based on various pools of shaky loans — inflicted huge losses on giant companies like Bear Stearns, Lehman Brothers and American International Group almost overnight. Those institutions didn’t realize their portfolios were toxic until financial sepsis had already set in. Worse, a series of financial relationships among those players and others, intended to reduce risk, ended up accelerating it.
    • Why has Brexit become a legal matter when it should be a political matter?
      Any legal commentator on public affairs is faced with a common criticism: why don’t you understand this is all about politics, not law?

      And often this is fair criticism.

      An approach which is too legalistic is, of course, one which is too narrow.

      (For example, I once thought no government, acting rationally and in the national interest, would do something as mad as making the Article 50 notification, for reasons which are now too apparent.)

      But as Brexit continues, in a fashion, Brexit seems to become ever more legalistic.




  • AstroTurf/Lobbying/Politics



    • Apple looking to get into the news business: report

      Apple appears to be looking to start its own news service, using as the base a magazine app known as Texture which the company purchased in March.



    • Apple is talking to big newspapers about joining its subscription service

      Apple has been talking to some of the biggest newspapers in the U.S. about adding their stories to Texture, the magazine app Apple bought in March. Apple executives, led by content boss Eddy Cue, have reached out to the New York Times, the Wall Street Journal and the Washington Post about joining the app, according to people familiar with the conversations, which began this summer.



    • ‘We love the CIA!’ – or how the left lost its mind


      That’s just one instance of “The Resistance” steering so much of the left, including even Pacifica’s KPFA Radio-Berkeley, into a hard-right turn. One Saturday I was still working on a KPFA Evening News story about the Ethiopian uprising when the newscast started, so I didn’t hear the first few reports, but later, when I listened to the audio archive, I was more than startled. The lead story was the first Mueller indictment of 13 Russians, and Anchor David Rosenberg had invited freelance journalist and blogger Richard Silverstein to share his opinion:

      “We’ve had very damaging impact on countries like Guatemala, Iran, y’know Central American countries. We’ve gone through major adventures like this. I don’t think that we have ever succeeded, if we’ve ever tried, on this sort of a scale.
    • Bob Woodward: "People better wake up to what's going on" in the Oval Office
      For his 19th book, "Fear: Trump in the White House," the veteran reporter interviewed more than 100 officials and staffers, who describe chaos and discord in the administration
    • Brett Kavanaugh Should Be Impeached


      A key lawyer says: “He lied. Under oath.” That’s impeachable.
    • How Duterte Used Facebook To Fuel the Philippine Drug War
      In August 2016, a handful of crude images began circulating widely throughout Facebook’s Filipino community: a middle-aged man and woman having clumsy sex atop a tacky floral bedspread. The man’s face, obscured by shadows, was impossible to make out. The woman’s was not. She appeared to be Sen. Leila de Lima — a fierce critic of Philippine President Rodrigo Duterte and his bloody war on drugs.




  • Censorship/Free Speech



  • Privacy/Surveillance



    • New Surveillance Court Orders Show That Even Judges Have Difficulty Understanding and Limiting Government Spying
      In the United States, a secret federal surveillance court approves some of the government’s most enormous, opaque spying programs. It is near-impossible for the public to learn details about these programs, but, as it turns out, even the court has trouble, too.

      According to new opinions obtained by EFF last month, the Foreign Intelligence Surveillance Court (FISC) struggled to get full accounts of the government’s misuse of its spying powers for years. After learning about the misuse, the court also struggled to rein it in.

      In a trio of opinions, a judge on the FISC raised questions about unauthorized surveillance and potential misuse of a request he had previously granted. In those cases, the secrecy inherent in the proceedings and the government’s obfuscation of its activities made it difficult for the court to grasp the scope of the problems and to prevent them from happening again.


    • Trademark Enforcement Implications of Europe’s General Data Protection Regulation (GDPR)
    • App Stores Can’t Protect You From Apps Abusing Your Data
      Apps you get from an app store aren’t necessarily trustworthy. A top app in the Mac App Store hoovering up browsing data is just the latest example. Even an app you get from an app store might do bad things with your data.


    • India’s UIDAI Aadhaar System Compromised; Software Hack Available For Rs. 2500
    • UIDAI’s Aadhaar Software Hacked, ID Database Compromised, Experts Confirm
      The authenticity of the data stored in India's controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users, a three month-long investigation by HuffPost India reveals.

      The patch—freely available for as little as Rs 2,500 (around $35)— allows unauthorised persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use.


    • Helping IoT developers to assess ethics, privacy, and social impact


      GDPR (General Data Protection Regulation) introduces a mandatory Data Protection Impact Assessment. This is to help organisations to identify and minimise the data protection risks of a project to individuals. But there are other consequences to collecting and using personal data beyond privacy and data protection considerations. We should also be thinking about the ethical and societal outcomes of what we do with data. Open Rights Group (ORG) is exploring these issues as part of the VIRT-EU consortium alongside the London School of Economics, Uppsala University, Polytechnic University of Turin, and Copenhagen Institute for Interaction Design.

      The project is researching Internet of Things (IoT) development and development culture. It is also creating tools and frameworks to help foster ethical thinking among IoT developers. One of these tools will be the Privacy Ethical and Social Impact Assessment (PESIA), which augments and interacts with the Data Protection Impact Assessment from GDPR. The PESIA is being developed predominantly by Alessandro Mantelero at the Polytechnic University of Turin with the help of ORG. It will be a voluntary, self-assessment tool to help organisations who collect and process personal data to assess the wide variety of risks and repercussions related to how they use data.




  • Civil Rights/Policing



    • California Bill on Police Militarization Reaches Governor’s Desk
      Among the many bills awaiting the signature—or veto—of Governor Jerry Brown is AB 3131, a measure that would ensure transparency about police militarization across the State of California. While we are disappointed in recent legislative amendments that weakened the original bill, we remain eager to see it signed into law. Today’s pervasive secrecy about police acquisition of military hardware—including high tech spying devices—impedes a long overdue public debate.

      EFF is troubled by the transfer of powerful spying technologies from our armed forces to state and local police.

      Police militarization has prompted concerns from across the political spectrum. For instance, progressives and racial justice advocates decry the frequency with which police use force, which all too often has lethal consequences partly driven by the use of military training and equipment. Meanwhile, libertarians and many conservatives with fiscal concerns bemoan spending public tax dollars on expensive weapons (often built by powerful corporations).


    • Congress Moves Forward with Dangerous Attack on Private Drones


      When government agencies hide their activities from the public, private drones can be a crucial tool for transparency and public oversight. But now, some members of Congress want to give the federal government the power to intercept and destroy private drones it considers a “threat,” with no safeguards ensuring that power isn’t abused.

      Even more troubling, they’re specifically aiming to give those powers to the Department of Homeland Security and the Department of Justice, two government offices notorious for their hostility to public oversight. And worst of all, we expect these powers to come in a routine Federal Aviation Administration (FAA) reauthorization bill, with no chance for meaningful debate on how best to limit the government’s authority to intercept or destroy drones.

      Please join us in telling Congress to reject the FAA reauthorization unless these provisions are removed from it.


    • Officer Who Killed Unarmed Man Now Teaching Officers How To Go About The Difficult Business Of Being Alive
      If a cop shoots an unarmed citizen, nothing much happens to the cop. Maybe some paid vacation. Maybe a desk stint. Maybe an internal investigation will deliver a "no policy violated" determination months down the road. Maybe a DA will make a disinterested presentation to an uninterested grand jury and shrug about how no charges will be forthcoming. Sometimes cops quit rather than face investigations. Sometimes cops quit rather than get fired. Every so often, a cop does time, but it's such a rarity it's viewed as breathtaking turn of events.

      What no one really expects from this predictable life cycle is someone upcycling their homicide into an instructional career. That's what former Tulsa police officer Betty Jo Shelby is doing. Two years ago, Shelby shot an unarmed Terence Crutcher during a traffic stop, rationalizing the shooting by claiming he was exhibiting "zombie-like behavior." Can't have zombies without a corpse, so Shelby shot Crutcher, killing him. Another officer on the scene only felt the need to deploy a taser, making Shelby's stated fear much more subjective than objective. The other three officers did not open fire or deploy their tasers.


    • TSA Decides The Path To Flight Safety Runs Through A Passenger's Prosthetic Leg
      Apparently, the intensive training [waits for laughter to subside] TSA agents receive before hitting security checkpoints sends them the message that the more humiliating the search is for the passenger, the safer our skies are. TSA agents can find cash, but not bombs. They can find water bottles, but not weapons. And they can damn sure search the hell out of anyone with a medical condition because those citizens are the most terroristic citizens of all.

      Here's the TSA getting into a wrestling match with a 19-year-old woman with a brain tumor on her way to treatment. Here's the thuggish agency searching a three-year-old with a rare cardiovascular disorder. Here are the boys in airport blue splattering the contents of a urostomy bag all over themselves and the person wearing it. Here's the thin blue line between us and air insecurity deciding a portable defib carried by an 85-year-old must be a bomb. Here's the agency deciding agents' inability to read a card informing them about breast implants' ability to set off scanners -- handed to them by a breast cancer patient -- is just part of the TSA's proper screening processes.


    • Authorities Can Now Deny Visa and Green Card Applications Without Giving Applicants a Chance to Fix Errors
      As President Donald Trump wages a vocal battle against illegal immigration, his administration has been working more quietly to cut down on legal pathways to immigrate to the U.S.

      On Tuesday, a new policy kicks in, allowing officers with the U.S. Citizenship and Immigration Services to outright deny any visa or green card application that is missing evidence or contains an error. Around 7 million people apply every year.

      Previously, officers were required by an Obama-era policy to send notices, giving applicants a chance to correct such problems instead of closing the process. Officers can still choose to do so, but they can also opt to skip that step if the application is deemed frivolous.

      Without the notices, applicants won’t have the opportunity to intervene before a decision is made, potentially adding months or years of extra paperwork and thousands of dollars in fees to the already lengthy process. In the case of those trying to renew their visas while they’re still in the U.S., they could be placed in deportation proceedings the moment their visas expire.


    • Why Are So Many Indigenous People in Montana Incarcerated?
      A new report from the ACLU of Montana documents the disproportionate way Indigenous people are incarcerated for parole and probation violations.

      Indigenous people have suffered several centuries of injustice at the hands of the United States government. In Montana, the injustices continue, particularly when it comes to the scourge of mass incarceration.

      Indigenous people comprise approximately 6.5 percent of the Montana state population and yet account for 20 percent of the men’s state prison population, 34 percent of the women’s state prison population, and 27 percent of the state’s arrests for failures to appear in court or for probation or parole violations.

      Most Indigenous people incarcerated in Montana are not going to prison for a new crime but rather for a violation of their probation or parole conditions. These violations can include failure to enroll in or finish substance abuse treatment, failure to check in with supervision officers, or drug or alcohol use.

      Over the past year, the ACLU investigated why Indigenous people in Montana are placed in custody at such an alarming rate when they are unable to comply with community supervision requirements. The data we analyzed and published on Monday shows that Indigenous people in Montana are not only overrepresented in Montana prisons and arrests for probation or parole violations, but they are also more likely than white Montanans to be sent to prison for those violations.
    • Trump Administration Threatens International Criminal Court Judges and Prosecutors for Doing Their Jobs
      John Bolton’s threats against ICC judges and prosecutors give solace and comfort to war criminals.

      In an unprecedented attack on one of the most important judicial bodies in the world, National Security Advisor John Bolton on Monday threatened to sanction the International Criminal Court and its staff if the court approves a full investigation into U.S. torture in Afghanistan. The U.S. is not a member of the court, but it has supported the court’s efforts to hold perpetrators of war crimes accountable — as long as those efforts don’t involve U.S. or close allies.

      In a speech at the Federalist Society, Bolton said of the ICC, “We will ban its judges and prosecutors from entering the United States. We will sanction their funds in the U.S. financial system, and we will prosecute them in the U.S. criminal system.”

      While Bolton’s hostility to international bodies in general — and to the ICC in particular — is not new, he is now setting a new policy on behalf of the U.S. government.

      He also made misleading statements and old, half-baked arguments to support the U.S.’s new approach of treating well-respected judges and prosecutors like it treats international drug traffickers or suspected foreign war criminals.

      For example, Bolton suggested that the court could investigate and prosecute “acts of aggression” by the United States, warning that the term could be used to cover many U.S. policies. This is fear-mongering and incorrect. In reality, the court doesn’t have jurisdiction over the crime of aggression by non-members — and even members must specifically agree to it.
    • Establishment Media Shy Away From Claims of Perjury by Kavanaugh


      Trump Supreme Court Nominee Brett Kavanaugh was subject to a wringer of testy Senate confirmation hearings last week. The current DC Circuit Court judge has come under fire from Democrats on the Judiciary Committee for his stances against the landmark pro-abortion decision Roe v. Wade, affirmative action and programs for Native Hawaiians, as well as his support for torture.

      But some Democrats have also said that Kavanaugh lied under oath in both current and past hearings, and groups like Free Speech for People, Demand Justice, MoveOn and NARAL Pro-Choice America have all advocated perjury probes against him. However, these serious allegations of perjury have received sparse coverage from establishment media outlets like the New York Times, Washington Post, CNN and NPR.

      Democratic Sen. Patrick Leahy noted that while Kavanaugh was working in the Bush administration as White House staff secretary in 2004, he received thousands of stolen documents that were circulated by Manuel Miranda, a GOP Senate staffer, which revealed Democratic opposition strategies and questions to be asked of Bush judicial nominees. Leahy offered examples of his own stolen emails as proof. In Judiciary committee hearings in 2004 and 2006, Kavanaugh denied under oath that he knew the documents were stolen, even though one of the email chains he was copied on was titled “spying.”

      In the 2004 hearing, Kavanaugh also denied under oath that he “personally handled” the nomination of controversial anti-abortion judge William Pryor to the DC Circuit Court, although emails from 2002 and 2003 say otherwise.
    • Protest Song Of The Week: ‘Would You Take My Blood?’ By Shemekia Copeland
      Shemekia Copeland is a blue musician who has been part of the Alligator Records family in Chicago since her debut in 1998. Her latest album, “America’s Child,” grapples with the resurgence of hate in the United States, particularly since the election of President Donald Trump.

      One of the more moving tracks is “Would You Take My Blood?”, where Copeland, a black woman, rhetorically confronts a racist or white supremacist. She wonders if they would take her blood if they were dying and needed a transfusion.

      “You made it clear a thousand times that you think I’m not your kind. But if your life was fading fast, your next breath was your last,” Copeland sings, “Would you take my blood? Or would you rather die than share your life with mine?”


    • Congress Adds A Bunch Of Non-Violent Crimes To The Violent Crimes List


      Car chases are now crimes of violence. Suspects are better off ditching the vehicle and running like they sell drugs in the school zone. Pull over immediately or get evicted from the country. It's a weird thing to throw into a list of crimes known for their inherent violence. Then again, the list of "violent" crimes is already weird -- a seeming overcorrection by Congress to expel as many "permanent" residents from the country as possible. Then there's insertion of "conspiracy," which makes thinking or talking about the "violent" criminal acts listed a violent crime itself.

      The law was unconstitutionally vague prior to this. If this bill is passed, the problem shifts from vagueness to overbreadth. And it very likely will pass. It was rushed through the House on a party line vote, and the party controlling the House will be passing it on to a president (assuming the Senate likes the House's idea) aligned with the controlling party -- one who's partial to legislation that makes it easier to kick out non-Americans while also rubbing the belly of the nation's law enforcement agencies.




  • Internet Policy/Net Neutrality

    • Facebook Is Not The Internet: Philippines Propaganda Highlights Perils Of Company's 'Free Basics' Walled Garden
      We've talked at great lengths about Facebook's pretty transparent effort to dominate the advertising industry in developing markets. That has come largely via internet.org and the company's "Free Basics" service, which provides a curated selection of Facebook-approved content exempt from mobile usage caps (aka "zero rated"). While Facebook has often hyped this service as a wonderful way to connect impoverished third-world farmers to the internet, net neutrality and gatekeeper concerns resulted in the program being banned in India as part of a growing tide of criticism over the programs' less noble aspects.

      Many groups (like Mozilla) have pointed out that if Facebook really wants to connect poor people to the internet, they should just connect poor people to the internet, not some curated, AOL-esque version of it where Facebook dictates what content and services users get to see. Others have quite correctly pointed out the perils of conflating such a walled garden with the actual internet, especially in places like Myanmar just emerging from under the umbrella of violent dictatorship where the internet is a relatively new phenomenon with an even more profound impact than usual.

      That point was driven home again this week via this Buzzfeed report on Facebook's propaganda problem in the Philippines. While Facebook was ultimately forced to retreat from Free Basics in many areas due to the above criticisms, Zuckerberg initially and repeatedly praised the service's 2013 launch in the Philippines as a smashing success, calling the program a "home run" at a conference in Barcelona in 2014.

      But as the report notes, Philippine President Rodrigo Duterte has used Facebook -- more specifically Facebook's Free Basics service -- to wage a major disinformation war against his political opponents, shore up support via a cacophony of fake user accounts, and amplify smear campaigns and any number of bogus news reports. And because only Facebook-approved content was exempt from usage caps, users quickly began to see Facebook as the end all be all of connectivity and information, exactly as Facebook designed it.


    • ISPs Engage In Last Gasp Bid to Derail California’s Net Neutrality Law

      ISPs are engaged in a last gasp effort to scuttle California’s looming net neutrality law, including a zero hour request for employees to lend a hand. Last week the law, SB822, was passed by both the California Assembly and the Senate after massive public pressure. It currently awaits signature by California Governor Jerry Brown.

      [...]

      With those efforts failing to gain traction in activist-heavy California, ISPs like Frontier Communications have now taken to begging their employees to oppose the law.



    • Ajit Pai helped Charter kill consumer-protection rules in Minnesota

      The new court ruling found that Minnesota's state government cannot regulate VoIP phone services offered by Charter and other cable companies because VoIP is an "information service" under federal law. Pai argues that the case is consistent with the FCC's attempt to preempt state-level net neutrality rules, in which the commission reclassified broadband as a Title I information service instead of a Title II telecommunications service.

      The ruling was issued Friday by the US Court of Appeals for the 8th Circuit, following a lawsuit filed by Charter Communications against the Minnesota Public Utilities Commission (MPUC). A three-judge panel ruled against Minnesota in a 2-1 vote—the FCC had filed a brief supporting Charter's position in the case.



    • Net neutrality gives “free” Internet to Netflix and Google, ISP claims

      The Frontier form letter claims that the company "supports an open Internet where providers do not block, throttle, or interfere with customers' ability to access and navigate the Internet" but says nothing about paid prioritization or zero-rating.

    • It’s Time For California to Finally Give Internet Access to Youth In Detention and Foster Care
      In modern society, getting young people an education isn’t optional. For youths who are under the care of the state—whether in foster care, or in the juvenile justice system—it’s the state that must be responsible for making sure they get a proper education.

      While incarcerated youths don’t lose their right to an education, current law doesn’t guarantee them Internet access. That’s a serious problem. With so much information in our society moving online, the Internet has become a critical starting point for research of all kinds. Getting kids a proper education also maximizes their chance of making a successful integration back into society.

      For the second year in a row, the California legislature has moved to correct this problem. Last week, lawmakers passed A.B. 2448, a bill that would mandate that kids who are incarcerated or in foster care in California get Internet access so they can further their education.




  • DRM



    • Bring back the headphone jack: Why USB-C audio still doesn't work

      Smartphone makers, it’s time to have that come-to-Apple moment, where we tell you that it’s time to put the 3.5mm analog headset jack back on the phone—at least until you get your USB-C audio act in order. After plugging in a fistful of USB-C dongles and USB-C headsets into a stack of USB-C phones, I’ve discovered that it’s a mess, especially for third-party headsets. Here's why.





  • Intellectual Monopolies



    • Should The WIPO Director General Fly First Class?
      There are often big issues at stake at the global center for international intellectual property policy in Geneva, but sometimes, the nearly 200 governments that direct the UN World Intellectual Property Organization have to ask themselves questions like, should the director general of WIPO get to fly around the world first-class? Turns out, the answers can vary, but for now, he can carry on.


    • Bargaining Power and the Hypothetical Negotiation


      The paper points to one interesting combination, though: territorial restrictions. Contracts with territorial restrictions have higher rates. You would think they have lower rates because the license covers less. But the contrary implication here is that a territorial restriction is imposed where the owner has the leverage to impose it, and that means a higher rate. That could be due to value or bargaining power, I suppose. I wonder, though, how many expert reports say that a royalty rate should be greater because the comparable license only covered a territory. Any readers who want to chime in would be appreciated.

      There is a definite selection effect here, though, which further implies that use of preexisting licenses gathered via SEC filings be treated carefully. First, the authors note that there is a selection effect in the redactions. They find that not only are lower rates redacted, but that these redactions are driven by non-exclusive licenses, because firms want to hide their lowest willingness to sell (reservation) price. This finding is as valuable as the rest, in my opinion. It means, as the authors note, that any reliance on reported licenses may be over-weighting. It also means, in terms of my own views, that the hypothetical negotiation is not a useful way to calculate damages, because the value of the patent shouldn't change based on who is buying and selling. A second selection effect is not within the data, but what is not in the data: these are only material licenses. If the licenses are not material, they will not be reported. Those licenses are likely to be smaller, whether due to patent value or bargaining power.


    • The IP implications of the US taking aim at China’s tech ambitions
      The US’s FIRRMA and ECRA regulations and WesternGeco v ION Geophysical ruling will make Chinese tech acquisitions and tech export to China an uphill battle



    • Copyrights



      • Thanks for fighting against the European copyright directive
        As I am writing this, the European Parliament is debating the disastrously liberticide copyright Directive.

        After out previous mailing campaign (The European Parliament has rejected the copyright directive, for now (http://ageinghacker.net/blog/posts/20)) organized along with a group of GNU friends, we again contacted the Members of the European Parliament before the forthcoming vote.


      • The Intellectual Dishonesty Of Those Supporting The Existing Text Of The EU Copyright Directive
        As the EU gets ready to vote (again) on various amendments for the EU Copyright Directive, there has been an incredibly dishonest push by supporters of the original directive (often incorrectly claiming they're thinking of creators' best interests), to argue that the warnings of those who think these proposals are dangerous are misleading. What they are doing is unfortunate, but it deserves to be called out -- because of just how dishonest it is. They usually involve misrepresenting the law and its impact in order to completely misrepresent what will happen.

        There are numerous examples of this in practice, but I'll use this article in the German site FAZ as just one example of the kind of rhetoric being used, as it is an impressively intellectually bankrupt version of the argument I'm seeing quite a bit lately. It was written by a guy named Volker Rieck who has shown up in a bunch of places attacking critics of the EU Copyright Directive. He apparently runs some sort of anti-piracy organization, which perhaps shouldn't be surprising. But, that doesn't excuse the sheer dishonesty of his arguments.


      • Is Europe really (*still*) moving away from protecting platforms and internet intermediaries?
        Some months ago I wrote a summary of where the debate had got to in Europe on the question of new obligations for online platforms and other internet intermediaries regarding the availability of unlawful content online. Today, this article provides an update, in advance of a highly anticipated vote in the European Parliament in September 2018 concerning EU copyright reform.
      • Wanting It Badly Is Not Enough: Real Problems For Creators Deserve Real Solutions
        As the European Parliament prepares for tomorrow's vote on the new Copyright Directive with its provisions requiring mass-scale filtering of the majority of public communications to check for copyright infringement (Article 13) and its provisions requiring paid permission to link to the news if you include as little as two words from the headline in your link text (Article 11), a dismaying number of "creators groups" are supporting it, telling their members that this will be good for them and their flagging financial fortunes.

        The real incomes of real creators are really important (disclosure: my primary income source comes from writing science fiction novels for Tor Books, a division of Macmillan). Improving the incomes of the creators who enliven our days, inform, shock, delight and frighten us is a genuine Good Thing.

        [...]

        But this will not happen on its own. A tax on linking means that smaller news sites—where writers are paid to analyze and criticize the news—will be frozen out of the market. They will face legal jeopardy if they link to the news they are discussing, and they will be unable to pay expensive linking fees geared to multinational tech platforms. Publishers have little incentive to negotiate licenses with small players – particularly if those writers wish to criticize the publisher’s work. Meanwhile, experience has shown that in the absence of competitive or legal pressure, news proprietors are more apt to disburse profits to shareholders, not journalists. The most likely outcome of Article 11 is fewer places to sell our work, and a windfall for the corporations who have been slicing our pay for decades.
      • Creators Supporting Link Taxes And Mandatory Filters Are Handing The Internet Over To The Companies They Hate
        On Wednesday, the EU Parliament will vote yet again on the EU Copyright Directive and a series of amendments that might fix some of the worst problems of the Directive. MEP Julia Reda has a detailed list of many of the proposals and what they would do to the current proposals on the table. While there are a few attempts to "improve" Articles 11 and 13, many of those improvements are, unfortunately, very limited in nature, and will still create massive problems for the way the internet works.

        Unfortunately, as with the situation earlier this year, many groups claiming to represent content creators are arguing in support of the original proposals, and spreading pure FUD about the attempts to fix them. Author Cory Doctrow has a very thorough debunking of each of their talking points.
      • How developers can defend open source from the EU copyright proposal
        On September 12 the European Parliament will vote on amendments to the EU Copyright Directive, which will greatly impact the future of open source, European competitiveness, and software development in general. We urge you in the EU to contact your Members of European Parliament (MEPs) to tell them how important open source is to all software development and to the EU. Check out our previous post for background and talking points.

        [...]

        We kicked off the event with our own Julio Avalos giving a big-picture look at where this proposal fits into the tech policy landscape. We explained that the copyright proposal would affect developers by requiring upload filters (Article 13), imposing a “link tax” (Article 11), and leaving text and data mining restricted (Article 3). MÃ¥rten Mickos, CEO of HackerOne, emphasized the proposal’s impacts on open source software for HackerOne and in the EU. Then, we moderated a panel with Wikimedia Foundation’s Senior Public Policy Manager, Jan Gerlach, Reddit’s Director of Policy, Jessica Ashooh, and EFF’s International Director, Danny O’Brien covering their communities’ involvement in advocacy and their thoughts on future implications of the proposal.

        For example, recognizing that copyright law in many ways hasn’t kept up with the digital age, Wikimedia identified priorities for copyright reform, including protecting the public domain and freedom of panorama, as well as allowing sufficiently broad exceptions to copyright for user-generated content and for text and data mining. Learn more on their Fix Copyright landing page.


      • News Corp slams report claiming that Google a net positive to online publishers

        Rupert Murdoch's News Corporation has rubbished a Google-funded report that claims news aggregators - like the search engine firm - can help struggling publishers by easing some of the negative consequences of digital disruption.

      • How the EU's Copyright Filters Will Make it Trivial For Anyone to Censor the Internet
        On Wednesday, the EU will vote on whether to accept two controversial proposals in the new Copyright Directive; one of these clauses, Article 13, has the potential to allow anyone, anywhere in the world, to effect mass, rolling waves of censorship across the Internet.

        The way things stand today, companies that let their users communicate in public (by posting videos, text, images, etc) are required to respond to claims of copyright infringement by removing their users' posts, unless the user steps up to contest the notice. Sites can choose not to remove work if they think the copyright claims are bogus, but if they do, they can be sued for copyright infringement (in the United States at least), alongside their users, with huge penalties at stake. Given that risk, the companies usually do not take a stand to defend user speech, and many users are too afraid to stand up for their own speech because they face bankruptcy if a court disagrees with their assessment of the law.

        This system, embodied in the United States' Digital Millennium Copyright Act (DMCA) and exported to many countries around the world, is called "notice and takedown," and it offers rightsholders the ability to unilaterally censor the Internet on their say-so, without any evidence or judicial oversight. This is an extraordinary privilege without precedent in the world of physical copyright infringement (you can't walk into a cinema, point at the screen, declare "I own that," and get the movie shut down!).


      • Dish Wants $1,950,000 From ‘ZemTV’ Kodi Addon Developer

        American satellite and broadcast provider Dish Network is requesting a default judgment of nearly $2 million against the man behind the defunct Kodi-addon ZemTV. UK-based developer "Shani" willingly offered access to hundreds if not thousands of infringing works which hurt Dish's revenues, the company argues.



      • MPAA Hires Law Firm to Tackle Streaming Piracy Threat

        As part of its ongoing battle against online copyright infringement, the MPAA has hired law firm Becker & Poliakoff to represent its interests on Capitol Hill. According to lobbying registration documents recently filed with Congress, the firm will discuss streaming piracy devices and applications, and the economic impact of film industry production.









Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024