Bonum Certa Men Certa

Links 22/9/2018: Mesa 18.2.1, CLIP OS, GPL Settlement in Artifex/First National Title Insurance Company





GNOME bluefish

Contents





GNU/Linux



  • Desktop



    • Google Keeps Pushing ChromeOS and Android Closer Together
      A supposed merge of Android and Chrome OS has been rumored for years—to the point where some people believe one will eventually replace the other. That’s not what’s really going to happen—but the two are joining forces.

      This started with the introduction of Android apps into Chrome OS, which was a massive leap forward for the platform—but it was also just the beginning of this “combining” of operating systems. Chrome OS as we have known it for years is changing dramatically.

      [...]

      It’s clear that Google’s future is still with Android, and now it’s pushing Chrome OS in that direction. Android is not replacing Chrome OS, nor is Chrome OS replacing Android. But the two will absolutely and undoubtedly work in tandem moving forward.

      The biggest changes to Chrome OS are happening now. Chrome OS 69—which just hit the stable channel—is starting to show the direction Google is moving. Chrome OS features a new overall look with a material design theme, bringing it very close to what you find on Android.






  • Kernel Space



    • A Time Namespace Has Been Proposed For The Linux Kernel
      A set of experimental patches were sent out on Wednesday for implementing a time namespace within the kernel, part of an effort that's been going on for more than a decade around time virtualization.

      These 20 patches under a "request for comments" flag allow for per-namespace offsets to the system clocks, including for monotonic and boot-time clocks.

      But why have a time namespace and allowing for these clock offsets? It's mostly for container purposes. The expressed use-cases for this time namespace are for allowing the date/time to be changed within a container and for adjusting clocks for a container that have been restored from a snapshot/checkpoint.


    • On the topic of being part of a large and diverse community, including people whose identities you might not be able to personally understand [Ed: Microsoft employees push anti-Torvalds messages into Planet GNOME now]


    • Linux - The beginning of the end


      You should never swear at people under you - I use the word under in the hierarchical sense. Colleagues? Well, probably not, although you should never hold back on your opinion. Those above you in the food chain? It's fair game. You risk it to biscuit it.

      I say, Linus shouldn't have used the language he did in about 55-65% of the cases. In those 55-65% of the cases, he swore at people when he should have focused on swearing at the technical solution. The thing is, people can make bad products but that does not make them bad people. It is important to distinguish this. People often forget this. And yes, sometimes, there is genuine malice. My experience shows that malice usually comes with a smile and lots of sloganeering. The typical corporate setup is an excellent breeding ground for the aspiring ladder climber.

      Speaking of Linus, it is also vital to remember that the choice of language does not always define people, especially when there are cultural differences - it's their actions. In the remainder of the cases where "bad" language was used (if we judge it based on the approved corporate lingo vocab), the exchange was completely impersonal - or personal from the start on all sides - in which case, it's a different game.

      The problem is, it's the whole package. You don't selective get to pick a person's attributes. Genius comes with its flaws. If Linus was an extroverted stage speaker who liked to gushy-mushy chitchat and phrase work problems in empty statements full of "inspiring" and "quotable" one-liners, he probably wouldn't be the developer that he is, and we wouldn't have Linux.

      So was he wrong in some of those cases? Yes. Should he have apologized? Yes, privately, because it's a private matter. Definitely not the way it was done. Not a corporate-approved kangaroo court.

      The outcome of this story is disturbing. A public, humiliating apology is just as bad. It's part of the wider corporate show, where you say how sorry you are on screen (the actual remorse is irrelevant). Linus might actually be sorry, and he might actually be seeking to improve his communication style - empathy won't be part of that equation, I guarantee that.

      But this case - and a few similar ones - set a precedence.

      People will realize, if someone like Linus gets snubbed for voicing his opinion - and that's what it is after all, an opinion, regardless of the choice of words and expletives - how will they be judged if they do something similar. But not just judged. Placed in the (social) media spotlight and asked to dance to a tune of fake humility in order to satisfy the public thirst for theatrics.

      You are not expected to just feel remorse. You need to do a whole stage grovel.

      And once the seed of doubt creeps in, people start normalizing.

      It's a paradox that it's the liberal, democratic societies that are putting so much strain on the freedom of communication and speech. People forget the harsh lessons of the past and the bloody struggles their nations went through to ensure people could freely express themselves. Now, we're seeing a partial reversal.

      But it's happening. The basket of "not allowed" words is getting bigger by the day. This affects how people talk, how they frame their issues, how they express themselves. This directly affects their work. There is less and less distinction between professional disagreement and personal slight. In fact, people deliberately blur the lines so they can present their business ineptitude as some sort of Dreyfuss witchhunt against their glorious selves.

      As an ordinary person slaving in an office so you can pay your bills and raise your mediocre children, you may actually not want to say something that may be construed as "offensive" even though it could be a legitimate complaint, related to your actual work. This leads to self-censored, mind-numbing normalization. People just swallow their pride, suppress their problems, focus on the paycheck, and just play the life-draining corporate game. Or they have an early stroke.


    • Torvalds Steps Back From Linux Leadership to Fix 'Tooling' Issues
      Torvalds has always been known to have strong opinions on issues and hasn't always used the politest language or approaches to communicate those opinions, but he said he now sees the need to step back to focus on improving his own empathy to others. "I need to take a break to get help on how to behave differently and fix some issues in my tooling and workflow," Torvalds said.

      In his stead, Greg Kroah-Hartman, who currently maintains the stable branch of the Linux kernel, will step up and manage the rest of the Linux 4.19 release cycle.


    • With Linux’s founder stepping back, will the community change its culture?
      The revamped Linux code of conduct encourages behaviors like accepting constructive criticism gracefully, using inclusive language, and being respectful of “differing viewpoints and experiences.” It bars “sexualized language or imagery,” derogatory comments and personal or political attacks, and “public or private harassment,” among other behaviors. Community members can report violations to the Linux Foundation’s Technical Advisory Board or TAB, a 10-person committee that fosters communication between the community and the official Linux Foundation.


    • Linux Foundation



      • Open Source Summit EU Registration Deadline, Sept. 22, Register Now to Save $150 [Ed: Microsoft is the "DIAMOND" sponsor of this event, the highest sponsorship level! Linux Foundation, or the Zemlin PAC, seems to be more about Microsoft than about Linux.]


      • Building a Secure Ecosystem for Node.js [Ed: Earlier the Zemlin PAC did this puff piece for Microsoft (a sponsor)]


      • The Human Side of Digital Transformation: 7 Recommendations and 3 Pitfalls [Ed: New Zemlin PAC-sponsored and self-serving puff piece]
        Not so long ago, business leaders repeatedly asked: “What exactly is digital transformation and what will it do for my business?” Today we’re more likely to hear, “How do we chart a course?”

        Our answer: the path to digital involves more than selecting a cloud application platform. Instead, digital, at its heart, is a human journey. It’s about cultivating a mindset, processes, organization and culture that encourages constant innovation to meet ever-changing customer expectations and business goals.

        In this two-part blog series we’ll share seven guidelines for getting digital right. Read on for the first three.




    • Graphics Stack



      • NVIDIA GeForce RTX 2080 Ti Shows Very Strong Compute Performance Potential
        Besides the new GeForce RTX 2080 series being attractive for developers wanting to make use of new technologies like RTX/ray-tracing, mesh shaders, and DLSS (Deep Learning Super Sampling), CUDA and OpenCL benchmarking so far on the GeForce RTX 2080 Ti is yielding impressive performance -- even outside of the obvious AI / deep learning potential workloads with the Turing tensor cores. Here are some benchmarks looking at the OpenCL/CUDA performance on the high-end Maxwell, Pascal, and Turing cards as well as an AMD Radeon RX Vega 64 for reference. System power consumption, performance-per-Watt, and performance-per-dollar metrics also round out this latest Ubuntu Linux GPU compute comparison.


      • IoT Graphics: Mir Release 1.0
        The Mir team is pleased to announce the milestone release of Mir 1.0.0. This is the first major release targeted at IoT device makers and enthusiasts looking to build the next-generation of graphical solutions.


      • Mir 1.0 Released For "Next-Generation of Graphical Solutions"
        As we were expecting over the last few days, the long-awaited release of Mir 1.0 is now available. It's certainly a different beast now than when "Mir 1.0" was talked about in the past now that it's focused on providing Wayland support.


      • Intel Preparing A Final Batch Of Graphics Driver Changes For Linux 4.20~5.0
        Intel open-source developers have already sent in multiple pull requests of feature work to DRM-Next that in turn will be pulled into the Linux 4.20~5.0 kernel merge window and they have one final batch of feature changes on the way.

        The cut-off is quickly approaching for new feature work slated for this next kernel cycle (Linux 4.20, or renamed to Linux 5.0 if Linus Torvalds sticks to his usual versioning preference) and Intel has announced a batch of changes ready for testing ahead of issuing it as a pull request to DRM-Next.


      • NVIDIA Sends Out DRM Display Patches For Tegra's Xavier SoC
        Going back to the beginning of the year NVIDIA developers have been contributing "Tegra194" enablement to the upstream Linux kernel. They've now moved on to contributing T194 support to the Tegra Direct Rendering Manager (DRM) driver for display support on this SoC that's better known as Xavier.

        The Tegra194 / Xavier is NVIDIA's latest SoC with the eight Carmel ARMv8 cores and Volta-based GPU. The NVIDIA Xavier Developer Kits have begun shipping and now with all of the other necessary hardware enablement bits upstream or on their way to mainline, the latest patches being published are for the display support with the Tegra DRM driver.


      • More Linux Tests & Driver Observations With The GeForce RTX 2080 Ti
        Here are some additional notes to complement my GeForce RTX 2080 Ti Linux review from yesterday now that I've had more time with this card and a working Linux driver.


      • Mesa 18.2.1 Is Coming This Week With Dozens Of Fixes
        As the first stable point release to the newly-christened Mesa 18.2, the Mesa 18.2.1 release is going to be a big one.

        The release candidate to Mesa 18.2.1 was issued on Wednesday and has nearly 60 patches over the recent 18.2.0 stable release. This includes Vulkan header updates for v1.1.84 and many RADV / ANV Vulkan driver fixes ranging from CTS issues to hangs to other fixes.


      • Mesa 18.2.1 Released With A Number Of Fixes For The Vulkan Drivers
        Mesa 18.2.1 is out this morning as the first stable point release to the recently introduced Mesa 18.2 series. Mesa 18.2.1 marks the point at which it should be relatively safe for stable-minded users to switch over to this quarterly release stream.

        Given it's the first point release after a very active development cycle, there are a lot of fixes: around five dozen changes are making up today's release coming two weeks after v18.2.0.


      • AMD Adds A Seemingly New Polaris ID To Their Linux Driver
        It looks like another re-branded AMD Polaris graphics card might be on the way given the latest AMDGPU Linux kernel patch.

        Either there's a new AMD Radeon "Polaris" graphics card coming, some new modem for OEMs, or just very tardy maintenance in adding the necessary PCI ID for an existing Polaris graphics card revision... But two years after Polaris RX 400 cards first debuted (and a year and a half since the RX 500 series), there is now a new Polaris PCI ID being added to the AMD Linux graphics driver.


      • Mesa Can Finally Build With Almost No Compiler Warnings
        Quite a feat for modern open-source projects with large C/C++ code-bases developed over the years, Mesa3D can almost be compiled now without any warnings -- there's just one remaining.

        When paired with the latest GCC 8 stable compiler, Mesa paired with some pending patches is down to just one compiler warning left in the build process -- quite an improvement compared to in the past with older versions of GCC and Mesa.






  • Applications



  • Desktop Environments/WMs



    • GNOME Desktop/GTK



      • GSConnect v13 Alpha Includes Do Not Disturb Feature, Experimental Bluetooth And SMS/Contacts Sync
        The v13 alpha release is a rewrite with changes to the architecture, settings and default behavior, and it includes new features like Do Not Disturb, experimental Bluetooth and SMS/Contacts sync, and more.

        GSConnect is a Gnome Shell implementation of KDE Connect, which integrates Android devices with the Gnome desktop. Using it you can mirror notifications from your phone to your desktop (and the other way around), control a desktop music player from your phone, browse your phone wirelessly from your desktop, synchronize the clipboard between Android devices and your desktop, and much more.

        GSConnect v13 alpha requires Gnome Shell version 3.28 or newer, and one of the most interesting changes for users is probably the new Do Not Disturb button which lets users silence mobile device notifications:


      • GUADEC 2018 Reminiscences
        This year’s GUADEC in Almería, Spain, was over two months ago, and so here is a long overdue post about it. It was so long ago that I might as well call it a reminiscence! This will be a different kind of post than the ones I’ve done in past years, as plenty of other bloggers have already posted summaries about the talks.






  • Distributions



    • Top Linux Distros for Software Developers


      A major factor in the choice of Linux distro is your personal preference. You may try one of the most popular Linux distros but find that you prefer one that’s less often used. Your experience with Linux will also factor into which distro is suited to you. With the benefits Linux can offer — including flexibility, stability, and support — it’s worth evaluating your options.


    • New Releases



      • Solus Releases Version "3.9999" With Newer Kernel, Desktop Updates
        It's not quite yet time for Solus 4 but version 3.9999 of this popular Linux distribution, which is designed for desktop workflows and based in part on optimizations from Intel's Clear Linux, is now available.

        Solus 3.9999 ships with better hardware support over Solus 3 thanks to the upgrade to the Linux 4.18.5 kernel, Intel GVT-g graphics virtualization support is now enabled, various other kernel modules now come enabled, and there are various other package updates -- mostly on the desktop side.


      • Purism Launches the Librem Key, Mir 1.0 Released, Solus 3 ISO Refresh Now Available, New Malware as a Service Botnet Discovered and Sparky 5.5 Is Out
        Solus 3 ISO Refresh was released yesterday. This refresh of the operating system designed for home computing "enables support for a variety of new hardware released since Solus 3, introduces an updated set of default applications and theming, as well as enables users to immediately take advantage of new Solus infrastructure". You can download Solus Budgie, Solus GNOME or Solus MATE from here.




    • Red Hat Family



    • Debian Family



      • Derivatives



        • Deepin Linux: As Gorgeous As It Is User-Friendly
          Deepin Linux. You may not have heard much about this distribution, and the fact that it’s often left out of the conversation is a shame. Why? Because Deepin Linux is as beautiful as it is user-friendly. This distribution has plenty of “wow” factor and very little disappointment.

          For the longest time, Deepin Linux was based on Ubuntu. But with the release of 15.7, that all changed. Now, Deepin’s foundation is Debian, but the desktop is still that beautiful Deepin Desktop. And when I say it’s beautiful, it truly is one of the most gorgeous desktop environments you’ll find on any operating system. That desktop uses a custom-built QT5 toolkit, which runs as smoothly and with as much polish as any I’ve ever used. Along with that desktop, comes a few task-specific apps, built with the same toolkit, so the experience is consistent and integrated.


        • Q4OS 3.4 Centaurus, testing
          A significant update to the Q4OS Centaurus testing version is available for download, you can find 64bit iso image at the dedicated Testing releases site. Anybody is invited to try it out and report bugs and glitches.

          This release brings quite significant changes and improvements, the most important one is that Q4OS switched to the Calamares installer. That offers nice new installation features, for example fully encrypt target system, easy disk drive partitioning and many others. Another important change is move to the new Trinity 14.0.6 development version. All dependencies from the current stable Q4OS Scorpion has been removed, so the Centaurus now becomes fully independent getting its own repositories and dependencies. Secure boot support has been improved too. The Calamares installer detects, if secure boot is active and adjusts the target system accordingly. If secure boot is switched off in the firmware, no Secure boot stuff is installed.

          Q4OS Centaurus 3.4 is based on the current Debian 'Buster' and Trinity desktop 14.0.6 development branches. Q4OS Centaurus will be in development until Debian Buster becomes stable, and will be supported at least five years from the official release date.


        • Canonical/Ubuntu



          • How to install PlayOnLinux in Ubuntu Desktop 18.04
            If you need to install a Windows desktop app on Linux, your best bet is PlayOnLinux.


          • Help needed to improve proposed migration
            Every once in a while, in the Foundations team, we do a coding day. A year ago, Lukasz and I wrote a script, following an idea from Steve Langasek, to provide "hints" and help for the next steps necessary for a package to migrate from -proposed to -release.

            "ubuntu-archive-assistant" was born. I just pushed this to lp:ubuntu-dev-tools, after it being on its own in a separate git tree for a long while. I'd love to get help for feedback, as well as more people contributing fixes, etc. ubuntu-archive-assistant is designed to let you look at a specific package in -proposed and try to tell you what to do next to ensure it migrates from -proposed.


          • Ubuntu Podcast from the UK LoCo: S11E28 – Twenty-Eight and a Half Wishes - Ubuntu Podcast
            This week we’ve been playing Two Point Hospital and experimenting with ChromiumOS. We bring you some command line love and go over all your feedback.


          • Ubuntu does Kubernetes
            Canonical also does Kubernetes, but not in a ‘me too!’ kind of way. The Canonical Distribution of Kubernetes (CDK) is pure upstream Kubernetes tested across the widest range of clouds — from public clouds to private data centres, from bare metal to virtualised infrastructure.


          • Ubuntu 18.10's SDL2 Build Will Ship With Vulkan Support Enabled
            Released almost exactly one year ago to the day was SDL 2.0.6 that brought with it some Vulkan helpers. Finally with the upcoming Ubuntu 18.10 "Cosmic Cuttlefish" release, those Vulkan bits will be enabled.


          • NVIDIA PRIME in Ubuntu 18.04 and 18.10, and a call for testing
            Ubuntu 18.04 marked the transition to a new, more granular, packaging of the NVIDIA drivers, which, unfortunately, combined with a change in logind, and with the previous migration from Lightdm to Gdm3, caused (Intel+NVIDIA) hybrid laptops to stop working the way they used to in Ubuntu 16.xx and older.


          • Flavours and Variants



            • Ubuntu-based elementary OS 5.0 'Juno' Beta 2 Linux distro now available
              Why don’t more desktop computer users use Linux? Well, software compatibility aside, there is fear of change and the unknown. For a user to switch from Windows, it must be a fairly simple affair. For years, just installing a Linux-based operating system was a daunting task. These days, it can be faster and easier than installing Windows 10 -- depending on distro, of course.

              For beginners, once installed, their chosen Linux distro should be easy to use with an intuitive desktop environment. I'm a big fan of GNOME, but understandably, not all folks like it -- especially Linux novices. One particular Linux-based desktop operating system has been focusing on accessibility to all -- elementary OS. This distro is polished and aims to be easy to use for both experts and beginners alike. Today, version 5.0 of the OS -- called "Juno" -- reaches Beta 2. Impressively, there have been over 200 fixes implemented since Beta 1.


            • Elementary OS Juno Beta 2 Released
              Elementary OS June beta 2 is now available to download.

              This second beta build of the Ubuntu-based Linux distribution touts a number of changes over the elementary OS june beta released back in July.

              Due to the shifting sands on which Juno is built the elementary team advise those planning on testing the release to do so by making a fresh install rather than doing an upgrade from beta 1 or (worse) an older version of elementary OS.












  • Devices/Embedded





Free Software/Open Source



  • Vilnius: “Open source improves our public services”

    The city of Vilnius, Lithuania’s capital and with over half a million inhabitants the country’s largest city, is increasingly using open source software. The most recent example is WordPress: in July the city unveiled its new portal built on this content management system. “Open source enables us to improve our public services and empowers us to share our solutions and data,” says Dalius Kazlauskas, senior project manager at Vilnius’ E-City department.



  • Reply to Rick Moen on DNG

    Ah, deliciously vague language. Useful to, in time, get uncooperative maintainers thrown off the project to be replaced by more cooperative, on-message maintainers. Remember that technical merit or quality is not the goal of the author of the Contributor Covenant on which this CoC is directly based.

  • IssueHunt: A New Bounty Hunting Platform for Open Source Software
    IssueHunt is a new bounty hunting platform for open source software that aims to bridge the gap between open source projects and open source developers.


  • More curl bug bounty


    The idea is that sponsors donate money to the bounty fund, and we will use that fund to hand out rewards for reported issues. It is a way for the curl project to help compensate researchers for the time and effort they spend helping us improving our security.

    Right now the bounty fund is very small as we just started this project, but hopefully we can get a few sponsors interested and soon offer "proper" rewards at decent levels in case serious flaws are detected and reported here.

    If you're a company using curl or libcurl and value security, you know what you can do...


  • Edge compute platform is open source
    Deutsche Telekom and Aricent have partnered for the creation of an Open Source, low latency Edge compute platform available to operators, to enable them to develop and launch 5G mobile applications and services faster.



  • Deutsche Telekom and Aricent Create Open Source Edge Software Framework
    Deutsche Telekom and Aricent today announced the creation of an Open Source, Low Latency Edge Compute Platform available to operators, to enable them to develop and launch 5G mobile applications and services faster. The cost-effective Edge platform is built for software-defined data centers (SDDC) and is decentralized, to accelerate the deployment of ultra-low latency applications. The joint solution will include a software framework with key capabilities for developers, delivered as a platform-as-a-service (PaaS) and will incorporate cloud-native Multi-access edge computing (MEC) technologies.


  • DT and Aricent announce telco Open Source Edge framework for 5G


    Deutsche Telekom and Aricent have announced the creation of an Open Source Edge software framework, designed especially for developers, platform-as-a-service and cloud-native multi-access edge computing technologies and on-track to intersect with the deployment of 5G enabled network edge facilities to tackle ultra-low latency network applications.

    The Edge platform has been built for software-defined data centers (SDDC) and will include a software framework with key capabilities for developers, delivered as a platform-as-a-service (PaaS) and will incorporate cloud-native Multi-access edge computing (MEC) technologies.


  • Deutsche Telekom, Aricent brew up edge compute platform for 5G apps and services


    In order to speed up the rollout of 5G applications and services, Duetsche Telekom and Aricent have teamed up to build an edge compute platform.

    The open source, edge software framework was built for use in software-defined data centers in decentralized locations. It also uses cloud-native multiaccess edge computing (MEC) technologies.


  • Deutsche Telekom, Aricent Bridge Cloud Native, Telco MEC Gap
    German telecom giant Deutsche Telekom and Aricent threw their collective weight behind an open source edge computing platform targeted at software-defined data centers (SDDC). The initiative gamely joins a growing list of open source multi-access edge computing (MEC) initiatives.

    The DT-Aricent collaboration is at its core a decentralized platform designed to help telecom operators develop and launch low-latency 5G mobile applications and services. It includes a software framework with features delivered through a platform-as-a-service (PaaS) model.


  • French Government Open Sources Secure Operating System


    The French government’s national cybersecurity agency has released an operating system built using open source components internally over the course of more than 10 years for use by the French administration.

    Dubbed CLIP OS, the operating system is based on the open source Linux kernel, but focuses on security hardening and provides partitioning mechanisms that allow the processing of both public and sensitive information in isolation on the same computer.


  • AxonIQ Launches New Open Source Server
    AxonIQ, the company behind the open source Axon Framework, launches Axon 4.0 the open, integrated development and operations tool for Microservices and Event Sourcing on the JVM.


  • Events



    • Outreachy Opens Applications For Open-Source Winter 2018 Internship Program
      For eligible students or others with time to participate, the winter 2018 round of the Outreachy program openened this week for applications.

      This next round of the Outreachy program runs from December to March and accepted participants receive a $5,500 USD stipend as well as a $500 travel allowance. As is always the case with Outreachy, the program isn't limited to programming tasks but also include documentation, UI/UX work, illustrations, and other areas. These projects are very diverse and range from a coloring book to this year's VKMS work.




  • Web Browsers



  • Databases



    • PostgreSQL 11 Beta 4 Released With JIT Compilation Disabled By Default
      The fourth and likely last beta release of PostgreSQL 11 is now available.

      One of the headlining features of PostgreSQL 11 was the new LLVM JIT compiler option but as of a few days ago it's been disabled by default due to some performance problems and at this stage seeming to really only help long and complex queries. But for those wanting to try out this just-in-time support can easily enable it with a configuration option in this beta as well as for the final release.




  • Pseudo-Open Source (Openwashing)



  • Funding



    • Tidelift surpasses $1M to pay open source software maintainers
      Tidelift announced that it has surpassed one million dollars committed via its platform to pay open source software maintainers to provide professional assurances for their projects, as momentum behind this new approach to professional open source continues to build. Over 100 packages are already on the Tidelift platform, with maintainers getting paid to provide support for their packages through the Tidelift Subscription. Top packages featured include Vue, Material-UI, Babel, Gulp, Fabric, Active Admin, Doctrine, and StandardJS.

      With Tidelift, software development teams receive assurances around maintenance, security, and licensing from a single source. By bringing together maintainers with a global market of customers, Tidelift is helping make open source work better for everyone.


  • BSD



    • FreeBSD Desktop – Part 16 – Configuration – Pause Any Application
      After using UNIX for so many years I knew that I could freeze (or pause) any process in the system with kill -17 (SIGSTOP) signal and then unfreeze it with with kill -19 (SIGCONT) signal as I described in the Process Management section of the Ghost in the Shell – Part 2 article. Doing it that way for the desktop applications is PITA to say the least. Can you imagine opening xterm(1) terminal and searching for all Chromium or Firefox processes and then freezing them one by one every time you need it? Me neither.

      Fortunately with introduction of so called X11 helper utilities – like xdotool(1) – it is now possible to implement it in more usable manner.




  • FSF/FSFE/GNU/SFLC



    • Sonali's Internship work on the Free Software Directory, part 2


    • Internship work on the Free Software Directory, part 2


    • Office Hours #0: Debugging with GDB
      This is a report on the first “office hours”, in which we discussed debugging Rust programs with gdb. I’m very grateful to Ramana Venkata for suggesting the topic, and to Tom Tromey, who joined in. (Tom has been doing a lot of the work of integrating rustc into gdb and lldb lately.)

      This blog post is just going to be a quick summary of the basic workflow of using Rust with gdb on the command line. I’m assuming you are using Linux here, since I think otherwise you would prefer a different debugger. There are probably also nifty graphical tools you can use and maybe even IDE integrations, I’m not sure.




  • Licensing/Legal



    • Artifex and First National Title Insurance Company Reach Settlement Over MuPDF Open Source Dispute
      Artifex Software, Inc. and First National Title Insurance Company announced today a confidential agreement to settle their legal dispute. Case No. 4: 18-cv-00503-SBA, filed by Artifex in the United States District Court for the Northern District of California, concerned the use of Artifex's open source software MuPDF under the GNU Affero General Public License and the GNU General Public License. While the parties had their differences in the interpretation of the open source licenses, the companies were able to reach an amicable resolution based on their mutual respect for and recognition of copyright protection and the open source philosophy. Terms of the settlement remain confidential.





  • Programming/Development



    • C Programming | Introduction | Features – For Beginners


      C is a general-purpose programming language developed by the ultimate god of the programming world, “Mr.Dennis Ritchie” (Creator of C programming ).

      The language is mainly used to create a wide range of applications for operating systems like windows and iOS. The popularity of the language can be clearly seen as this language has made to the list of top 10 programming languages in the world.






Leftovers



  • Health/Nutrition



    • Trump Administration Proposes Weakening Rules Governing Organ Transplant Centers
      The Trump administration this week proposed eliminating a decade-old regulation that puts hospitals at risk of losing their Medicare funding if too many of their patients die or suffer organ failure after receiving transplants.

      The rule the government is proposing to scrap is the same one that led the Centers for Medicare and Medicaid Services to cut off funding last month for heart transplants at Baylor St. Luke’s Medical Center in Houston after an investigation by ProPublica and the Houston Chronicle revealed an outsized number of patient deaths and complications in recent years.

      The proposal was unveiled Monday as part of the White House’s push to “cut the red tape” and do away with “burdensome regulation” that officials said put paperwork ahead of patients. In a speech announcing the proposed changes, CMS Administrator Seema Verma said the agency’s existing policies have “put lives in danger.”

      “We are proposing to remove those inefficiencies to reduce the amount of time patients have to wait, so that they can begin healing,” Verma said.

      The proposal, now subject to public comment and revision before it is finalized, surprised many transplant physicians who have long called for relaxed federal oversight. They’ve argued that the rules requiring that hospitals meet certain survival thresholds for transplants discourage them from taking on risky patients or accepting less-than-perfect organs, lengthening the time patients spend on the waiting list.




  • Security



    • Security updates for Friday


    • Mirai botnet hackers [sic] avoid jail time by helping FBI

      The three men, Josiah White, 21, Dalton Norman, 22, and Paras Jha, 22, all from the US, managed to avoid the clink by providing "substantial assistance in other complex cybercrime investigations", according to the US Department of Justice. Who'd have thought young hacker [sic] types would roll over and show their bellies when faced with prison time....



    • A healthcare IT foundation built on gooey clay
      Today, there was a report from the Solicitor General of Singapore about the data breach of the SingHealth systems that happened in July.

      These systems have been in place for many years. They are almost exclusively running Microsoft Windows along with a mix of other proprietary software including Citrix and Allscript. The article referred to above failed to highlight that the compromised “end-user workstation” was a Windows machine. That is the very crucial information that always gets left out in all of these reports of breaches.

      I have had the privilege of being part of an IT advisory committee for a local hospital since about 2004 (that committee has disbanded a couple of years ago, btw).

      [...]

      Part of the reason is because decision makers (then and now) only have experience in dealing with proprietary vendor solutions. Some of it might be the only ones available and the open source world has not created equivalent or better offerings. But where there are possibly good enough or even superior open source offerings, they would never be considered – “Rather go with the devil I know, than the devil I don’t know. After all, this is only a job. When I leave, it is someone else’s problem.” (Yeah, I am paraphrasing many conversations and not only from the healthcare sector).

      I recall a project that I was involved with – before being a Red Hatter – to create a solution to create a “computer on wheels” solution to help with blood collection. As part of that solution, there was a need to check the particulars of the patient who the nurse was taking samples from. That patient info was stored on some admission system that did not provide a means for remote, API-based query. The vendor of that system wanted tens of thousands of dollars to just allow the query to happen. Daylight robbery. I worked around it – did screen scrapping to extract the relevant information.

      Healthcare IT providers look at healthcare systems as a cashcow and want to milk it to the fullest extent possible (the end consumer bears the cost in the end).

      Add that to the dearth of technical IT skills supporting the healthcare providers, you quickly fall into that vendor lock-in scenario where the healthcare systems are at the total mercy of the proprietary vendors.
    • Leaked NSA Exploits Shifting From Ransomware To Cryptocurrency Mining
      This report, from Zack Whittaker at TechCrunch, says there's really no endpoint in sight for the unintended consequences of exploit hoarding. But at this point, it's really no longer the NSA or Microsoft to blame for the continued rampage. Stats from Shodan show more than 300,000 unpatched machines in the United States alone.

      EternalBlue-based malware still runs rampant, but the focus has shifted from ransom to cryptocurrency. An unnamed company recently watched the NSA's exploit turn its computers into CPU ATMs.

      [...]

      There will never be a full accounting of the damage done. Yes, the NSA never thought its secret stash would go public, but that doesn't excuse its informal policy of never disclosing massive vulnerabilities until it's able to wring every last piece of intel from their deployment. And there's a chance this will happen again in the future if the agency isn't more proactive on the disclosure front. It was foolhardy to believe its tools would remain secret indefinitely. It's especially insane to believe this now.


    • The Rust Programming Language Blog: Security advisory for the standard library
      The Rust team was recently notified of a security vulnerability affecting the standard library’s str::repeat function. When passed a large number this function has an integer overflow which can lead to an out of bounds write. If you are not using str::repeat, you are not affected.

      We’re in the process of applying for a CVE number for this vulnerability. Fixes for this issue have landed in the Rust repository for the stable/beta/master branches. Nightlies and betas with the fix will be produced tonight, and 1.29.1 will be released on 2018-09-25 with the fix for stable Rust.


    • Cloudflare Secures Time With Roughtime Protocol Service
      If time is money, then how important is it to secure the integrity of time itself? Time across many computing devices is often synchronized via the Network Time Protocol (NTP), which isn't a secure approach, but there is another option.

      On Sept. 21, Cloudflare announced that it is deploying a new authenticated time service called Roughtime, in an effort to secure certain timekeeping efforts. The publicly available service is based on an open-source project of the same name that was started by Google.

      "NTP is the dominant protocol used for time synchronisation and, although recent versions provide for the possibility of authentication, in practice that‘s not used," Google's project page for Roughtime states. " Most computers will trust an unauthenticated NTP reply to set the system clock meaning that a MITM [man-in-the-middle] attacker can control a victim’s clock and, probably, violate the security properties of some of the protocols listed above."


    • DDoS Vulnerability Can Disrupt The Whole Bitcoin Infrastructure [Ed: Latest FUD about Bitcoin. A DDOS attack can disrupt anything at sufficient capacity levels, including Wall Street and ANY financial market.]


    • Crippling DDoS vulnerability put the entire Bitcoin market at risk


    • This Russian botnet mimics your click to prevent Android device factory resets
      According to researchers from Check Point, the botnet has been developed by a group of Russian-speaking hackers known as "The Lucy Gang," and demos have already been provided to potential subscribers to the system looking for Malware-as-a-Service (MaaS) solutions.

      Botnets are a thorn in the side for cybersecurity firms, hosting providers, and everyday businesses alike. The systems are made up of enslaved devices including mobile devices, Internet of Things (IoT) gadgets, and PCs.

    • DigiCert, Gemalto, ISARA Partner on Quantum-Safe Encryption


    • ICANN sets plan to reinforce internet DNS security
      The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or "roll" the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.

      During its meeting ICANN spelled out the driving forces behind the need for improved DNS security that the rollover will bring. For example, the continued evolution of Internet technologies and facilities, and deployment of IoT devices and increased capacity of networks all over the world, coupled with the unfortunate lack of sufficient security in those devices and networks, attackers have increasing power to cripple Internet infrastructure, ICANN stated.

      “Specifically, the growth in attack capacity risks outstripping the ability of the root server operator community to expand defensive capacity. While it remains necessary to continue to expand defensive capacity in the near-term, the long-term outlook for the traditional approach appears bleak,” ICANN stated.
    • Microsoft's Jet crash: Zero-day flaw drops after deadline passes
      The Zero Day Initiative has gone public with an unpatched remote-code execution bug in Microsoft's Jet database engine, after giving Redmond 120 days to fix it. The Windows giant did not address the security blunder in time, so now everyone knows about the flaw, and no official patch is available.

      The bug, reported to Microsoft on May 8 with a 120-day deadline before full disclosure, was described on Thursday by ZDI, here. It was discovered by Lucas Leong of Trend Micro Security Research.


    • Canonical extends security support for Ubuntu 14.04 LTS
      Ubuntu 14.04 LTS, which is the basis for many cloud and enterprise services, is coming up on its end of life this April. Canonical will begin offering an Extended Security Maintenance service in April that will continue rolling out security patches. However, the service is designed primarily for enterprise customers.


    • Canonical announces Extended Security Maintenance for Ubuntu


    • Custom Sustes Malware Infects Linux and IoT Servers Worldwide [Ed: This only impacts poorly-secured and already-cracked servers. The article overstates the risk.]
      The dangerous characteristic is the fact that an estimate of the infected computers cannot be made at this time. The only way to prevent the infiltrations is to strengthen the network security of the Linux and IoT servers exposed in public. It is very possible that further attacks will be carried out with other distribution tactics.




  • Transparency/Investigative Reporting



    • Assange Reveals Biggest Threat to Humanity in Latest Released Recording
      Before being cut from almost all means of communication with the outside world in March, WikiLeaks founder Julian Assange, who remains in the Ecuadorian Embassy in London, has shared his outlook on threats the humanity faces in connection with AI development and data protection.

      One of the world’s most famous whistleblowers, Julian Assange, sought by the US for leaking classified documents through his site WikiLeaks on the Iraqi war for almost a decade, has predicted a grim scenario which is “very unstable about technological civilization,” claiming it “doesn’t go on for long” because of very rapid competition in the wired-up world.


    • Generation being born now is the last to be free – Assange in last interview before blackout (VIDEO)
      Before his links to the world were cut by his Ecuadorian hosts, WikiLeaks founder Julian Assange gave an interview on how technological advances are changing humankind. He said global surveillance will soon be totally unavoidable.

      The interview was provided to RT by organizers of the World Ethical Data Forum in Barcelona. Assange, who is currently stranded in the Ecuadorian Embassy in London with no outside communication except with his legal team, has a pretty grim outlook on where humanity is going. He says it will soon be impossible for any human being to not be included in global databases collected by governments and state-like entities.


    • Julian Assange warns this generation is the last to be free of surveillance and says 'idiotic parents plastering photos all over Facebook' are partly to blame
      Julian Assange has warned that global surveillance of citizens will soon be 'unavoidable' thanks to social media and online applications of official documents such as passports.

      The Wikileaks founder said that within a year of being born, children are now known to 'all major world powers' because their 'idiotic parents' post their names and pictures on Facebook.

      Assange, who is into his seventh year living at the at the Ecuadorian embassy in London, gave an interview during the World Ethical Data Forum in Barcelona.


    • Pledge of no extradition could resolve Julian Assange impasse, lawyer says
      The impasse over Julian Assange could be resolved immediately if the UK Government gave an assurance that he would not be extradited to the US if he leaves the embassy where he has been living for more than six years, one of his legal team said on Thursday.

      Jennifer Robinson told a conference in Barcelona that the WikiLeaks founder had been under some form of restrictions on his liberty for almost eight years without ever being charged.


    • Pledge of no extradition could resolve Julian Assange impasse, lawyer says


    • Pledge of no extradition could resolve Julian Assange impasse, lawyer says


    • Assange lawyer in no extradition plea
    • Julian Assange’s lawyer in no extradition plea
      A member of Julian Assange’s legal team says the impasse over the Australian WikiLeaks founder could be resolved immediately if the UK Government gave an assurance he would not be extradited to the United States.

      Assange has been living in the Ecuadorian embassy in London since 2012, fearing he will be extradited to the US for questioning over the activities of WikiLeaks if he leaves.

      Jennifer Robinson told a conference in Barcelona that the 47-year-old had been under some form of restrictions on his liberty for almost eight years without ever being charged.


    • Lawmaker urges Ecuador to strip Assange of citizenship


    • Assange: Today’s Generation Last to be Free; Technology May End Civilization
      Is despotism our descendants’ destiny? Are they fated to live in a “Marxtrix”? And will rogue artificial intelligence put us out of our misery before any of this is too far along? These are good questions now with Wikileaks founder Julian Assange’s assertion that “the last free generation” is upon us and that “technologically advanced civilization” is “unstable” and may not “go on for long.”

      Assange (shown), now in his seventh year living at the Ecuadorian embassy in London, made the remarks in an interview — the last one before the Ecuadorian government terminated his Internet and telephone — during the World Ethical Data Forum in Barcelona, Spain.


    • Julian Assange Predicts ‘AI Model’ will Replace Capitalism


    • Reports on Moscow Plans to Help Assange Escape Are 'Fake News' - Russian Embassy
      The Russian Embassy to the United Kingdom on Friday dismissed media reports claiming Russia tried to help WikiLeaks founder Julian Assange flee London, where he has been stuck in Ecuador’s Embassy for years.

      [...]

      The embassy's response comes as a reaction to claims made by the Guardian newspaper that the plan on Assange’s escape involved Ecuador trying to grant him diplomatic immunity in 2017 that would allow the whistleblower to flee the United Kingdom, with Russia considered as one of the options for the final destination. The newspaper also claimed that Russian diplomats have allegedly expressed willingness to help Assange receive asylum in Russia.

      Earlier, the Guardian reported, citing unnamed sources, that Russian diplomats have allegedly held secret talks in the UK capital with Assange’s associates in order to help the whistleblower escape from the United Kingdom, and former Ecuadorian Consul to London Fidel Narvaez allegedly served as an intermediary in talks with Russia.


    • ‘Special designation’? Ecuador reportedly mulled sending Assange as a diplomat to Russia
      The Russian embassy in London called the article a clear example of "disinformation and fake news by British media," while the Foreign Ministry also rejected the report. "It is worth noting that attempts to picture Ecuadorian diplomats' meetings at the Russian embassy in the light of conspiracy theories do not stand up to criticism," the ministry stressed.






  • Finance



    • Singapore Says It Needs Foreign Tech Talent

      A key issue is whether Singapore has a critical mass of workers to make itself a vibrant economy that will attract investments and encourage enterprise, Education Minister Ong Ye Kung said. The nation will maintain little restriction on foreign labor for high-end jobs such as in artificial intelligence, while keeping a quota system for lower-skilled industries including construction.



    • Dean Baker on Bank Bailout, Nathan Schneider on the Next Economy


      Hundreds of thousands of people lost homes or jobs or savings in the financial meltdown of 2008, but those casualties were not a big part of media’s “10 years later” stories. Those foreground the personal reminiscences of policymakers like former Federal Reserve chair Ben Bernanke, who suggest that they did what had to be done, but maybe didn’t sell it properly to the public. We’ll discuss how things could’ve gone differently with Dean Baker, senior economist at the Center for Economic and Policy Research. His column “The Bank Bailout of 2008 Was Unnecessary” appeared recently in the Los Angeles Times.
    • Objects from Titanic wreck set for multimillion-dollar auction
      Thousands of items salvaged from the wreck of the RMS Titanic are set to go to auction next month to satisfy bankruptcy debts piled up by the company that owns them. The collection features more than 5,500 artifacts rescued from the shipwreck of the famous ocean liner, including a bronze cherub from its grand staircase, sets of china from its dining rooms and a section of its hull.
    • Bollocks to Brexit: the Plumber Sings
      That Frank Sinatra’s recording of “Who Wants to be a Millionaire” and Bobby Darin’s “Splish Splash I was Takin’ a Bath” are both among Charlie Mullins’s declared musical favorites might come as something of surprise—Cole Porter’s ironic exercise in faux-sophistication from the 1958 movie High Society romping with boisterous teen trifle from the same decade—until one learns that the sixty-four-year-old Mullins is Britain’s richest plumber, his wealth estimated at some seventy million pounds. This well-washed, blondly-coiffed businessman believes Britain is taking a bath on Brexit. Deal or not, Mullins wants to pull the plug on the whole thing, branzely broadcasting his views as the Brexit negotiations in Brussels clog and sputter, threatening even to bring down Prime Minister Theresa May’s government.

      For the last decade the mogul from meager beginnings has spent much of his time at his villa on the Costa del Sol, that stretch of decimated Spanish beachfront running northeast from Gibraltar towards the EasyJet destination of Malaga and thick with hundreds of thousands of British pensioners and holiday-makers.

      But since last January, when he announced his intention to run for London Mayor at the next election for that post in two years, Mullins has been increasingly present in his hometown, London. Indeed, he is trying as best he can to make political waves with a position shared by many liberals at home and by British expats on the Costa del Sol, where Mullins also opened up a branch of his plumbing empire a decade ago and where Brits have recently been snapping up property in advance of their own country’s divorce from the mainland.

      A few blocks from where I’m staying on the Kennington Road—a wide street busy with busses and swarms of mad bicyclists not far from the south bank of the River Thames—is the headquarters of Mullins’ Pimlico Plumbers. The company’s building has a rounded façade of two-storeys that turns the corner of Juxton and Sail Streets amidst large housing projects built in the middle of the twentieth century and a stone’s throw from the upscale gallery of one-time bad-boy artist, Damien Hirst, now comfortably ensconced in the establishment. Such near-collisions have for a long time been typical of the district, a Labour Party stronghold that has been rapidly gentrifying for some two decades. The Houses of Parliament are just across the river.

      A plumbers’ depot might be the last place one expects to find political slogans shouted from the rooftops, but since before the 2016 referendum that led to the UK’s imminent departure from the EU, Pimlico HQ has been crowned by a banner. Last week it read: “BREXIT—Nobody voted to be poorer!” This week it shouts: “BOLLOCKS TO BREXIT: IT’S NOT A DONE DEAL.” The imagery cladding the building sends a mixed message, however. Below these slogans runs a row of flags of St. George, symbols of English nationalism. Nowhere to be seen is the European Union’s circle of gold stars on a blue background.

      [...]

      As for political and professional aims, Mullins’ musical tastes are more illuminating than his brash sloganeering. Also on his playlist are Beyonce’s Runnin’, the video of which is set underwater, its breath-holding lovers running in slow-motion across what seems to be a Mediterranean sea bed: the aqueous imagery suggests a plumbers’ paradise of true romance in waters rather more alluring than those of a toilet tank. ABBA’s Waterloo from Mullins’ 1970s youth is another coy choice, since water—its flow and containment—are the source of his wealth, as is “-loo”—another British word (there are so many!) for toilet. Given the current trouble being made by French President Emmanuel Macron, who is seen here as unyielding in his rough treatment of the departing Brits, the reference to the glorious victory of a British-led European coalition over French aggression seems to betray at best an ambivalence towards Brexit.

      Another tune tapped by Mullins is Tina Tuner’s “Simply the Best.” It begins with what could well be the tagline of a plumbing service that’s at the ready 24/7, 365 days a year: “I call you when I need you.” Later Tina sings “Don’t let go,” but the Brits are doing just that. And as for Mullins’s avowed admiration for David Bowie’s Major Tom songs, he falls towards earth from space—a Hard Brexit, indeed. Many here think and hope that Mullins’s political fortunes will never lift off, and if they do a crash will be soon to follow. The same might be said of the militantly down-to-earth Mullins as what he has said about Brexit: “You can’t sugar-coat a turd.”
    • Brexit is Coming, But Which Will It Be?
      The real crisis is thus an internal matter for the UK, and here there is no way forward for anything that approximates to its possible resolution.

      [...]

      BoJo is Britain’s facsimile of the orange inhabitant of the White House. Congenitally incapable of paying serious attention to anything, he has failed dismally in the major positions (London mayor, UK foreign secretary) he’s occupied, and this week was dumped by his wife of 24 years, who finally had enough of his multiple infidelities, and penchant for a certain stimulative white powder. It is a reflection of the Tory party’s wretched state today that this shallow narcissist and shameless self-promoter is in the running for its future leadership.




  • AstroTurf/Lobbying/Politics



    • What’s in a Resume? A Lot, When It Comes to Trump Staffers
      It’s no surprise that hundreds of staffers on 2016 presidential and congressional campaigns parlayed their work into political jobs in the Trump administration. But you wouldn’t always know about those roles from reading their financial disclosures, which sometimes reveal them and sometimes don’t.

      Details about the past jobs and work histories of these staffers — from on-the-ground field work for Donald Trump’s presidential campaign to fundraising for super PACs supporting Republican congressional candidates — can be found in the place where people tend to exhaustively list their credentials: their resumes.

      The Washington-based transparency group Property of the People took information from ProPublica’s Trump Town database and submitted Freedom of Information Act requests seeking the resumes of more than 2,700 political appointees in the Trump administration.

      We’ve added the documents the group collected to the Trump Town app and created a separate page so that you can examine them yourself. We’ll update the page as we get more.
    • They Think It Would Be Fun to Run a Newspaper


      The announcement that Time magazine would be bought by software CEO Marc Benioff highlighted the growing trend of billionaires buying up media outlets. While media moguls have always been wealthy—with press barons (Rupert Murdoch, Michael Bloomberg, Donald Newhouse, etc.) still well-represented on Forbes’ running list of the world’s billionaires—what distinguishes this new breed of press magnate is that they bought their media properties with fortunes made in other industries.

      Some, like Benioff, come out of the tech industry; tech tycoons like Amazon’s Jeff Bezos, eBay’s Pierre Omidyar and Steve Jobs’ widow Laurene Powell Jobs have profited from a tech boom (or bubble) that gives them plenty of cash to spend. Others come out of the financial sector, which has doubled its share of the US economy over the past 70 years. Real estate developer Mort Zuckerman—who owned The Atlantic from 1980–1999, the Daily News from 1993–2017, and still owns US News & World Report, which he bought in 1984—was a harbinger of non-media money coming into the media sector.




  • Privacy/Surveillance



    • Samsung Is Struggling With the Slowly Dawning Realization That No One Cares About Bixby
      In a new update to the Galaxy Note 9, Samsung is changing how that dedicated Bixby button works. Instead of clicking it once to activate Bixby, you’ll have to click it twice.

      To say that Bixby is unpopular would be an understatement. This has led to plenty of demand to let users turn the dang thing off. On some older phones, you could disable the dedicated Bixby button, but the Note 9 didn’t allow this option. This was particularly frustrating since, as an Android phone, Google Assistant is readily available. Most usage of the Bixby button is accidental. Users naturally asked for the ability to turn the button off entirely or, even better, reassign it to a more useful function.
    • Are Your Smarthome Devices Spying on You?
      Don’t get me wrong; there are plenty of different products out there that are spying on you, like smart televisions and browser extensions, but what about things like smart speakers, Wi-Fi cams, and other smarthome devices? Let’s talk about it.


    • GDPR Being Used To Try To Disappear Public US Court Docket
      Way back when the GDPR was still under consideration, we were among those who warned that, in the name of "protecting privacy," Europe was about to create a tool for massive censorship by encapsulating a massive "right to be forgotten." As we noted at the time, a big part of the problem was that the GDPR was written by privacy and data protection experts, with little to no consideration given to free speech experts, who could have told the drafters how "right to be forgotten" rules would likely be abused. The basic idea behind them seems sound -- allowing people to delete data from services they no longer use -- but the ability to turn that into a tool to take down public information is a real problem.

      And, now that the GDPR is official, we're already seeing it in practice. Aaron Greenspan, from Plainsite -- a site that hosts court dockets -- recently noted that he had received a RTBF demand from a guy named Michael Francois Bujaldon, who was seeking to disappear a docket involving a case in which Bujualdon was sued for real estate and securities fraud. The complaint against Bujaldon is fairly damning, and while Bujaldon tried to get the case dismissed, the court was not at all impressed. The current docket suggests that the parties are attempting to work out a settlement, but having yourself be a defendant accused of real estate and securities fraud can't be good for the old reputation.
    • Ron Wyden Wants Federal Government To Do More To Protect Personal Devices/Accounts Used By Senators And Staffers


      To protect against hacking attempts, Wyden is introducing legislation that would eliminate the SAA silos. The bill would allow the SAA to "provide cybersecurity assistance" for personal devices on an opt-in basis. We'll have to see how this plays out when implemented. It may make it more difficult to discern if any federal funds were misused by Senators or their staff.

      On the other hand, it will help secure devices some government employees mistakenly believe aren't prime targets for state-sponsored hacking. It takes a certain amount of obtuseness to reach this conclusion, considering how heavily some government officials rely on their personal devices for communications with other government officials. The old FOIA dodge is still a popular one, and the difficulty of separating official work from personal work -- especially during election years -- likely means personal devices are used far more frequently than their government-issued ones.

      While it's good the government as a whole is continually working towards more robust security, the fact is the private sector offers plenty of options for government officials to better secure their personal devices. Personal responsibility is still underutilized at the federal level, which makes them no better (or worse) than much of the general public.


    • Privacy activism in the era of the GDPR


    • Labor asks govt to proceed with care on encryption bill

      The Australian Labor Party has termed "unacceptable" the government's introduction of its encryption bill into Parliament on Thursday, just 10 days after public submissions to the draft ended and with no response released to stakeholders.



    • BSA urges judicial oversight, challenge mechanism for encryption bill

      Global software industry advocate [sic] BSA, the software alliance, has urged the Australian Government to include in its encryption bill a judicial oversight and challenge mechanism in order to ensure that any new powers given to law enforcement are not abused.



    • Facebook Is Testing Its Dating Service. Here’s How It’s Different From Tinder

      Facebook begins publicly testing its online-dating product, called Dating, in Colombia today. The service was first announced at the annual F8 conference in May this year, and will likely be available in other locations in the future. For now, users aged 18 and older in Colombia will be able to create dating profiles and, once those reach a critical mass, find some matches. WIRED got to preview an early version of the service, and it looks promising—especially for users looking for meaningful long-term relationships rather than hookups.



    • Google defends third-party developers' scanning of Gmail inboxes

      Google has mounted a defence of the way it scrutinises the activities of third-party add-ons within its Gmail email service, telling a number of US senators in a letter on Thursday that most add-ons which had malicious intentions were caught in a review before they were allowed to be deployed.



    • Google defends Gmail data sharing, gives few details on violations

      Google said in a letter to U.S. senators made public on Thursday that it relies on automated scans and reports from security researchers to monitor add-ons after launch, but did not respond to lawmakers’ request to say how many have been caught violating the company’s policies.



    • No, Google Doesn’t Just Let Apps Read Your Email


      There’s a story spreading in the news today that Google is letting companies scan through your email and sell the data, but this is really misleading. So what’s actually going on?

      The way the story is framed makes it sound like something very nefarious is being allowed. Google is letting companies scan my Gmail account? What?


    • Ensuring your security and privacy within Gmail
      A vibrant ecosystem of non-Google apps gives you choice and helps you get the most out of your email. However, before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app’s privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does.
    • Google Admits: Third-Party Apps Can Still Access Your Gmail Data
      Back in July 2018, it was reported that Google shares Gmail user data with third-party apps and US lawmakers had asked the company to explain what it was up to.

      Now Google has officially admitted to not giving Gmail account data to third-party developers, but also allowing them to share that data with other third parties as well.




  • Civil Rights/Policing



    • What More Can We Learn From Chicago Ticket Data?
      A few weeks ago, Melissa Sanchez and I presented our team’s reporting on parking tickets at Chi Hack Night, a weekly gathering that welcomes anyone who is curious about data and civic technology. Most Chi Hack Night events include a presentation followed by hands-on working groups. During the question-and-answer period of our presentation, someone in the audience asked us if we hope to create a “layered map” combining all kinds of disparities to show the plight of African-American communities in Chicago.

      This is a common question for anyone who reports on systemic issues with data and code. My first response is to be somewhat dismissive because a single reporter at a tiny organization simply can’t cover that many data sources with enough rigor to have impact. Instead of being dismissive, we need to be creative by working with others outside of journalism.

      That’s why it’s so exciting that our readers have downloaded the Chicago parking ticket data and Chicago gang database so often that they have become two of the most popular recent additions to the ProPublica Data Store, our collection of free and commercial datasets. A small newsroom can only do so much. But together we can amplify the impact of work like our reporting on tickets and ticket debt with open data and open-source software.


    • Colleges and Universities Have a Racial Profiling Problem
      College students and employees being reported to 911 for “living while Black” are part of a larger issue in the U.S. Our new campaign will address it.

      We have seen it again and again: A Black or brown person is sitting in a Starbucks, barbequing in a public park, touring a college they hope to attend, or sitting down in the college they already attend. Then someone calls the cops on them for looking like they “don’t belong” or are “out of place.”

      These calls target former White House staffers and longtime university employees just as aggressively as they target any other person of color. And when the police arrive, they often enforce the caller’s biases, leaving people of color traumatized by the experience of being detained, interrogated, or even arrested solely for occupying space while Black or brown. As Lolade Siyonbola, a Yale graduate student, recently said in response to having the police called on her for taking a nap, “We’re constantly having to prove that we’re allowed to be where we are, that we have permission — that we have freedom papers.”

      Police keep acting as the instruments of biased 911 callers for two reasons: first, the bias-driven assumptions and cultural overreliance on police intervention of the people who call the police, and second, the failure of law enforcement agencies to adopt policies and training that help them avoid being used to weaponize the biases of those who call them.

      Programs that vaguely advise people to act on poorly articulated feelings that someone is out of place — most notably the “See Something, Say Something” programs that have proliferated since 9/11 — often result in race-based “suspicious person” calls and put an official stamp of approval on these biases. But even without such ill-advised programs, the BBQ Beckies and racist ranters of the country will keep calling the cops on people of color for simply living their lives.


    • A Tale of Two New York Cities When It Comes to Policing
      A new New York Civil Liberties Union report reveals the fear and distrust of a violent New York Police Department.

      New Yorkers know that the New York Police Department will treat us differently depending on our zip code and the color of our skin. But many New Yorkers don’t know the intensity and the violence of police contact in neighborhoods heavily targeted by the NYPD.

      A new report from the NYCLU exposes the radically different ways in which NYPD officers behave depending on what neighborhood they’re working in and the impacts of that discrimination on everyday New Yorkers. “Shattered: The Continuing, Damaging, and Disparate Legacy of Broken Windows Policing in New York City” is based on the findings of an NYCLU survey that documents the disparate impacts of policing on heavily policed and lightly policed communities. It may surprise you to know that neighborhoods across New York City have similar rates of serious crime, especially given how astoundingly different the police treat them.

      But our survey reveals a tale of two cities when it comes to policing.

      Nearly nine out of 10 survey respondents in heavily policed communities said they actively changed things about their behavior, relationships, use of space, or schedule to avoid police surveillance. Nevertheless, almost half of respondents in heavily policed communities said the police wrongly accused them of committing a crime. And nearly one in five respondents in heavily policed communities reported at least one incident of sexual harassment by police versus five percent for those in lightly policed neighborhoods.


    • “Humanitarian Crisis” Looms as Arizona Threatens to Revoke Immigrant Children Shelter Licenses
      Arizona health officials threatened on Wednesday to revoke the licenses of 13 federally funded immigrant children shelters, accusing the facilities’ operator, Southwest Key, of displaying an “astonishingly flippant attitude” toward complying with the state’s child protection laws.

      But a day after the state sent its blistering letter to Southwest Key CEO Juan Sanchez, it became clear that any shutdown would create a tumultuous chain of events for federal and state regulators, who lack options for housing tens of thousands of unaccompanied children who cross the border every year.

      “Shutting down the shelters would create a crisis for the federal Office of Refugee Resettlement, which is charged with housing children caught at the border,” said Maria Cancian, deputy assistant secretary for policy at the U.S. Department of Health and Human Services’ Administration for Children and Families from 2015 to 2016.


    • Judge Says Student Can Sue School For Suspending Her After She Called A Fictional Cop A 'Pig'


      Where do you even start? The bullshit "bullying" accusation? Well, the lawsuit states the student supposedly offended by this wasn't even in the room when the "pig" comment was made. K.C. apologized for referring to a fictional cop character as a "pig," even though there was no reason for her to do so.

      From there, it's just an embarrassment of richly embarrassing -- if not downright insulting -- conversational tactics by a bunch of disciplinarians who apparently felt compelled to straighten out a gay, multiracial student by [checks notes] using the words "nigger" and "fag" in an entirely abhorrent analogy that presumes "cop" is a race or sexual orientation.

      Also: Black Lives Matter is to "sexually-degrading conversation between two teachers" as Colin Kaepernick is to:

      A: gumball machine B: complete works of Proust C: narcolepsy D: deciduous

      This atrocious trainwreck of judgment calls was followed by a one-day suspension. This, in turn, was followed by the lawsuit.


    • California Police Officers Used Self-Destructing Messaging App For Years


      This may be true. But even if this was the full extent of TigerText usage, it's still a problem. Personnel issues can become matters of public interest, especially in civil rights lawsuits. Details of police operations are normally inaccessible to the public, but in rare cases, these too become matters of public interest.

      On top of that, there's a good possibility some of these vanished discussions may have been pertinent to criminal trials. Defendants should have the chance to obtain relevant discussions that may help their defense, but Tiger Text ensures information that prosecutors might be obligated to turn over to the defense is now completely inaccessible.

      In fact, the Al-Jazeera article quotes two former officers as claiming their superiors told them to use TigerText specifically to prevent conversations from being discoverable. The department has denied giving officers these instructions, but former officers claim the PD's participation in the discovery process is anything but "on the up and up."

      The Long Beach PD had more than 100 officers using TigerText to preemptively destroy possible public records and/or evidence. The use of self-destructing messages, if nothing else, violates record preservation laws. Depending on what disappeared into the ether, there's a good chance criminal cases were also affected by the rolling destruction of communications.




  • Internet Policy/Net Neutrality

    • GAO Again Points Out That Terrible U.S. Broadband Maps Drive (Intentionally) Terrible Broadband Policy
      We've made it pretty clear by now that U.S. broadband policy generally stinks because the nation's biggest broadband providers (and the politicians who adore their campaign contributions) want to keep the U.S. broadband market as it is: uncompetitive, expensive, and broken. There are myriad ways they accomplish this, from quite literally writing and lobbying for the passage of protectionist state laws, to convincing regulators like Ajit Pai to turn a blind eye to pretty much all of the worst habits of entrenched telecom mono/duopolies.

      But at the heart of the problem sits the flawed form 477 broadband mapping data the FCC collects from broadband providers. With a vested interest in portraying a healthy market, ISPs have long submitted data that over-states broadband speed and availability. And, like a loyal servant to the industry it's supposed to hold accountable, the FCC (under both parties) rarely does much to actually verify that this data is accurate. This bad data then goes on to inform bad FCC policy.

      Case in point: the GAO released a study last week noting that the FCC routinely overstates broadband availability in tribal areas, which in turn results in policy that doesn't do a good job fixing the problem.


    • Former Google CEO predicts the internet will split in two — and one part will be led by China
      Eric Schmidt, who has been the CEO of Google and executive chairman of its parent company, Alphabet, predicts that within the next decade there will be two distinct internets: one led by the U.S. and the other by China.

      Schmidt shared his thoughts at a private event in San Francisco on Wednesday night convened by investment firm Village Global VC. The firm enlists tech luminaries — including Schmidt, Jeff Bezos, Bill Gates and Diane Green — as limited partners, then invests their money into early-stage tech ventures.


    • Ex-Google CEO: There Will Be Two Versions of The Internet by 2028
      Eric Schmidt, Google’s former CEO, has made a bold prediction about the internet. According to him, by 2028 the internet will be divided into two parts – one led by China and the other by the US.

      [...]

      His prediction is considered important as Google is pushing hard to launch a Chinese and censored version of its search engine named; the secret search engine is named “Project Dragonfly.”

      Through this, Google is trying to penetrate the Chinese market which has long eluded from the tech giant owing to strict laws. The censored search engine, to avoid government policies, would block sensitive search queries related to democracy, religion, peaceful protest, and humans rights.




  • Intellectual Monopolies



    • Trademarks



      • Top Brexit considerations for trade mark owners
        Taylor Wessing’s Roland Mallinson spoke to MARQUES delegates about what they should do to prepare for a Brexit no-deal scenario if they have trade mark registrations or oppositions pending


      • An overview of the post-graphical representation landscape
        Speakers at MARQUES looked at non-traditional trade mark filing practices since the scrapping of the graphical representation requirement last year


      • US Copyright Office Review Board denies registration of ‘Vodafone Speechmark’
        Readers might recall last month’s post concerning the US Copyright Office Review Board’s refusal to register UEFA’s Starball logo. This work was denied registration because it was not sufficiently original to sustain a claim for copyright.

        On similar grounds, the Review Board has now delivered yet another blow – this time against Vodafone.


      • Russian Company Wants To Gift A Trademark For 'Chemical Production' On Two Accused Russian Assassins
        Strangest trademark story of the month? Strangest trademark story of the month! As you may have heard, back in March, a former Russian spy who had been a double agent for the UK, Sergei Skirpal (and his daughter), was poisoned in the UK with a nerve agent. Earlier this month, UK officials moved to charge two Russians with attempted murder over that event. They named Alexander Petrov and Ruslan Boshirov as being behind the plot. Along with the announcement, the Crown Prosecution Service admitted that it will not seek to extradite the men from Russia, as Russia will not extradite its own nationals.

        Somewhat bizarrely, the two men (who many believe are not actually named Petrov and Boshirov) then decided to go on Russian TV to profess their innocence, claiming, improbably, that they were just tourists with no connections to Russian intelligence who had really wanted to go visit a cathedral in Salisbury where the attacks took place. A somewhat fascinating Bellingcat investigation has torn to shreds most of their story and suggested pretty strong evidence connecting them to the Russian government (and that their names are fake).




    • Copyrights



      • Articles 11 and 13 in the New EU Copyright Directive Enable More Surveillance

        Privacy activists were caught off guard last week when the EU passed its controversial copyright legislation. The new law has far reaching consequences that technical experts and internet companies alike have strongly advised would damage EU businesses and change fundamentally how the Internet works.

        This article is intended to show you WHY these two directives (articles 11 and 13, known as the link-tax and upload filter) are highly problematic from a technical point of view, and how these laws will further weaken privacy on the Internet.



      • Japan raises music royalty for foreign films
        Japanese largest musical copyright administration society JASRAC reached an agreement with a movie theater group on September 6 2018 that, for foreign films which will be released from November 2018 to March 2021, JASRAC will collect 6-level of music royalty of JPY 150,000 (approx. USD 1,350) to JPY 300,000 (approx. USD 2,700) in accordance with the number of screens. Currently, JASRAC is collecting JPY 180,000 (approx. USD 1,600) per film work. Reportedly, JASRAC is calculating on increased revenue by 15% to 20% by this agreement. For Japanese films, JASRAC is collecting the royalty for each of the musics in accordance with the number of screens, which is different from the collection for foreign films even after this agreement. JASRAC will continue to negotiate with them for foreign films to change to the collection of the royalty for each of the musics.
      • Top 14 Free Movie Download Websites | Completely Legal Places For 2018
        We love movies and we love them even more if they are for free. Right? If you open your web browser and type free movie download websites, you’ll be presented with a long list of illegal websites promising to grab your favorite blockbuster in a matter of seconds. Even Google keeps recommending such collections of websites at the top. Apart from being illegal, these websites are also a gateway to a torrent of malware.
      • Artist Inspired By Andy Warhol, Creates Truly Astounding Work... Ends Up Giving It Away Over 'Copyright Infringement'
        Well, here's yet another crazy story of copyright interfering with art (ht to Jean for sending this over). Buckle in, because there's a lot to explain, starting with some truly astounding art, followed by more truly astounding art, with an extra helping of even more astounding art... and then an apparent claim of copyright infringement. What follows is truly amazing work by artist CJ Hendry. Most of this is taken from a long Instagram story in which she documented this entire process, so forgive the image heavy explanation here, but it helps to explain what happened -- so I'll include some explanatory screenshots.

        [...]

        Again, it's not entirely clear who is behind this. The book publisher Taschen published the book of Andy Warhol's Polaroids, so perhaps they have a copyright interest here? The only other one I can think of would be Campbell's Soup, though that would be crazy. Of course, a decade ago, we wrote about the letter that Campbell's Soup sent to Warhol back in 1964, joking that if Warhol had tried to do the same thing today, he undoubtedly would have received a cease and desist from a humorless corporate trademark lawyer. Instead, Campbell's celebrated Warhol's creativity:


      • FAB IPTV Says it Has Shut Down Following Europol-led Raid

        FAB IPTV, one of the major providers of unlicensed streaming content in the UK, says it has shut down completely following a Europol-led raid. The statement follows raids and arrests in both England and Southern Ireland last week. Europol previously indicated that a warrant had been executed in Scotland, where FAB IPTV is reportedly based, but is yet to confirm the news.









Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024