Bonum Certa Men Certa

Links 27/9/2018: KDE Neon, Linux Security Patches, and GNU Shepherd 0.5.0





GNOME bluefish

Contents





GNU/Linux



  • Audiocasts/Shows



    • Episode 38 | This Week in Linux
      On this episode of This Week in Linux, we discuss the new Code of Conduct in the Linux kernel. Purism announces a new product offering with the Librem Key. We’ll also check out some distro releases from Solus, Quirky, and Escuelas Linux. Then we’ll cover some of the latest beta releases from elementary OS and Fedora. Later in the show, we’ll cover so great Linux Gaming sales going on this week. All that and much more!






  • Kernel Space



    • ​Linus Torvalds and Linux Code of Conduct: 7 myths debunked
      Since Linus Torvalds announced he was taking time off to work on his behavior in the Linux developer community and a new Linux kernel developer Code of Conduct (CoC) was introduced, there has been endless malarkey written about both moves.


    • Linux kernel's 'seat warmer' drops 4.19-rc5 with – wow – little drama
      Speculation and debate still surround Linus Torvald's decision to step back from Linux kernel development for a while, but the next kernel release candidate landed with far less sturm und drang.

      Greg Kroah-Hartman, anointed by Torvalds to keep things rolling while the Linux supremo takes a break and gets some help, dropped Linux 4.19-rc5 on Sunday evening.

      Describing his role as "keeping the seat warm for a few weeks", Kroah-Hartman wrote: "As almost everyone knows, it's been an 'interesting' week from a social point-of-view. But from the technical side, -rc5 looks totally normal.

      "The diffstat is a bit higher than previous -rc5's, but the number of trees pulled is lower, so overall, pretty much all is on track."


    • Linux programmers opposed to new Code of Conduct threaten to pull code from project
      Linux’s move from its Code of Conflicts to a new Code of Conduct has not been received well by many of its developers. Some have threatened to pull out their blocks of code important to the project to revolt against the change.

      This could have serious consequences because Linux is one of the most important pieces of open source software in the world. If threats are put into action, large parts of the internet would be left vulnerable to exploits. Applications that use Linux would be like an incomplete Jenga stack that could collapse any minute.


    • Linus Torvalds, the UNIX Wars and history repeating itself
      If Linus can make this change, and we see one less cyberattack because of it, then this is a positive change. If we see more people developing for Linux, this is a positive change. If we see more bugs reported in and fixed, this is also positive.

      More importantly, if Linus can make this change, so can others. We need to make this change so that we can focus our effort on addressing issues and building a better community, not starting Unix Wars II.


    • How Linux Logo "Tux" Came About
      Linux is a very popular topic among computer geeks, especially FOSS enthusiast. It is a kernel that manages the computer hardware at the lowest level. Many associates Linux as another popular Operating System like Microsoft Windows and OS X. It is invented by a Finnish computer science student Linus Torvalds on September 17, 1991 and around that time, there arose the need for creating a Linux logo in the year 1996.


    • WireGuard v6 Might Be Ready For The Mainline Kernel, ARM Changes Added
      The lead developer of the WireGuard in-kernel secure VPN tunnel, Jason Donenfeld, published his sixth round of patches on Tuesday for getting this important networking code and its related Zinc crypto code into the mainline kernel. It's looking like the code might have baked enough for debut in the upcoming 4.20~5.0 kernel cycle.


    • Linux 4.18.10
    • Linux 4.14.72
    • Linux 4.9.129
    • Linux 4.4.158
    • Linux 3.18.123


    • What happens if you try to take your code out of Linux?
      A side-effect of Linus Torvalds taking leave from Linux to work on how he deals with people and the new Linux contributors' Code of Conduct (CoC) was one person suggesting that programmers forced out of Linux could take their contributed code out of the operating system. Well, can they?


    • A cache invalidation bug in Linux memory management
      This blogpost describes a way to exploit a Linux kernel bug (CVE-2018-17182) that exists since kernel version 3.16. While the bug itself is in code that is reachable even from relatively strongly sandboxed contexts, this blogpost only describes a way to exploit it in environments that use Linux kernels that haven't been configured for increased security (specifically, Ubuntu 18.04 with kernel linux-image-4.15.0-34-generic at version 4.15.0-34.37). This demonstrates how the kernel configuration can have a big impact on the difficulty of exploiting a kernel bug.

      The bug report and the exploit are filed in our issue tracker as issue 1664.

      Fixes for the issue are in the upstream stable releases 4.18.9, 4.14.71, 4.9.128, 4.4.157 and 3.16.58.


    • Support for a GNSS and GPS Subsystem


      Recently, there was a disagreement over whether a subsystem really addressed its core purpose or not. That's an unusual debate to have. Generally developers know if they're writing support for one feature or another.

      In this particular case, Johan Hovold posted patches to add a GNSS subsystem (Global Navigation Satellite System), used by GPS devices. His idea was that commercial GPS devices might use any input/output ports and protocols—serial, USB and whatnot—forcing user code to perform difficult probes in order to determine which hardware it was dealing with. Johan's code would unify the user interface under a /dev/gnss0 file that would hide the various hardware differences.

      But, Pavel Machek didn't like this at all. He said that there wasn't any actual GNSS-specific code in Johan's GNSS subsystem. There were a number of GPS devices that wouldn't work with Johan's code. And, Pavel felt that at best Johan's patch was a general power management system for serial devices. He felt it should not use names (like "GNSS") that then would be unavailable for a "real" GNSS subsystem that might be written in the future.

      However, in kernel development, "good enough" tends to trump "good but not implemented". Johan acknowledged that his code didn't support all GPS devices, but he said that many were proprietary devices using proprietary interfaces, and those companies could submit their own patches. Also, Johan had included two GPS drivers in his patch, indicating that even though his subsystem might not contain GNSS-specific code, it was still useful for its intended purpose—regularizing the GPS device interface.


    • Linux Foundation



      • Communications Service Providers Overwhelmingly Confident in Open Source Networking Solutions, Survey Finds
        The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the results of an industry survey to gauge industry perceptions of open source across networking technologies. Top takeaways from the survey indicate an increasing maturity of open source technology use from operators, ongoing innovation in areas such as DevOps and CI/CD, and a glimpse into emerging technologies in areas such as cloud native and more.


      • The Linux Foundation Brings Network Automation and Cloud Native Communities Together as Network Functions evolve to CNFs
        Open Networking Summit Europe -- The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced further collaboration between telecom and cloud industry leaders enabled by the Cloud Native Computing Foundation (CNCF) and LF Networking (LFN), fueling migrations of Virtual Network Function (VNFs) to Cloud-native Network Functions (CNFs).


      • LF Networking Unites End-to-End Open Network Stack, Simplifies Open Source Software Consumption
        Open Networking Summit Europe -- LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects like ONAP and OPNFV, today announced continued ecosystem value chain disruption across its projects.


      • Linux Foundation helps blend automation and cloud-native communities


        The Linux Foundation announced a deeper collaboration between telecom and cloud industry leaders that should lead to better cloud-native use cases.

        The Linux Foundation's LF Networking (LFN) is formally working with the Cloud Native Computing Foundation (CNCF) to improve the migration of virtual network function (VNFs) to cloud-native network functions (CNFs).

        ONAP, which is a part of LF Networking, and CNCF's Kubernetes are coming together as operators start to look at how VNFs could evolve into CNFs running on Kubernetes.


      • Linux Plumbers Conference: Regular Registration Quota Reached


        Thank you all for the extremely strong interest in participation to the 2018 Linux Plumbers Conference this year.

        At this point, all of the regular registration slots for LPC 2018 have sold out.


      • Why didn't Linux Foundation chief Zemlin pull Torvalds into line?
        Why didn't Zemlin have a quiet word with Torvalds about his behaviour if it was that big an issue?

        In the first fortnight of September, when Zemlin got wind of the impending publication of a hit job on Torvalds, he must have got a serious jolt.

        Torvalds has been a milch cow for for the Linux Foundation all these years. He has been the drawcard for all the big corporations that have agreed to pay big money to be members of the Foundation.

        In effect, what they were paying for was access. Something that is more typical of the political world. For all these companies that benefitted from using Linux, what could be better than being able, now and then, to drop a few hints into the ear of the man who was heading development of the software?




    • Graphics Stack



      • ZINK: OpenGL Over Vulkan Comes As New Mesa Gallium3D Driver
        Collabora has been developing a new "Zink" Gallium3D driver for Mesa that gets OpenGL running over Vulkan.

        While Google has been working on OpenGL ES translations over Vulkan, VKGL for core OpenGL over Vulkan as a user-space translation library, and also GLOVE for OpenGL ES over Vulkan, there is a new option in development with Zink.


      • Vulkan Working On New Timeline Semaphores Feature
        You may have remembered when the XDC2018 agenda was published there was "Untitled Vulkan break-out kick-off. Topic still under NDA." We now know what that was about.

        Jason Ekstrand of Intel's open-source Vulkan driver team just wrapped up presenting at XDC2018 in Spain where the topic ended up being Vulkan Timeline Semaphores.


      • AMDGPU Driver Gets Patches Enabling Two More Interrupt Rings On Vega 10
        While AMD's open-source Linux driver developers have been busy on bringing up Vega 20 support as well as Picasso APUs, they aren't done yet optimizing their Vega 10 support.

        Published today were a set of 12 patches that enable two more IH rings for interrupt handling with the Vega 10 hardware. Up to now there's just been the main interrupt ring programmed by the AMDGPU driver and these two other rings left uninitialized.


      • AMD Picasso APUs To Support VCN Dynamic Power Gating
        Earlier this month AMD sent out the initial Linux graphics driver patches for "Picasso" APUs and now a new patch series today sheds some light on a new capability for these new APUs reported to be similar to current Raven Ridge hardware.

        While the initial AMDGPU DRM driver Picasso code drop happened earlier this month -- and it's already been queued for Linux 4.20~5.0 along with initial Raven 2 support -- as is usually the case, over weeks/months that follow are more of the new feature work for the driver gets ironed out beyond the initial hardware enablement.




    • Benchmarks



      • AMD EPYC On Ubuntu 18.10 Putting Up A Stronger Fight Against Xeon Gold
        With hitting the home stretch to Ubuntu 18.10, I've started with my usual benchmark process for checking out this next Ubuntu Linux release dubbed the Cosmic Cuttlefish. Yesterday were Ubuntu 18.10 benchmarks on seven desktop systems from Intel and AMD while next on my agenda has been checking out the server performance. Here's the first of those server tests on Ubuntu 18.10 with some initial AMD EPYC and Intel Xeon Gold tests.


      • Initial Tests: Windows 10 vs. Ubuntu With NVIDIA GeForce GTX 1060 / GTX 1080 Ti / RTX 2080 Ti
        The latest in our GeForce RTX 2080 Ti Linux benchmarking is a look at how the NVIDIA Linux graphics driver performance on Ubuntu 18.04 is comparing to that of Microsoft Windows 10 when using these initial launch drivers. For additional perspective are also some basic Ubuntu vs. Windows NVIDIA tests on the GeForce GTX 1060 and GTX 1080 Ti.

        This article is intended to deliver some basic Windows 10 vs. Ubuntu Linux benchmarks for the new GeForce RTX 2080 Ti high-end Turing graphics card and then the mature GeForce GTX 1060 and GTX 1080 Ti graphics cards to see if there is any disparity in the support between generations and/or operating systems. Windows 10 Pro x64 was running on the Windows side with the newest 411.63 driver as of testing time.






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • KDE Plasma 5.12.7 LTS Desktop Environment Released with 65 Changes, Update Now
        The KDE Plasma 5.12.7 point release comes three months after the KDE Plasma 5.12.6 maintenance update to improve the stability and reliability of the KDE Plasma 5.12 LTS desktop environment. Updated components include the Plasma Discover package manager, Plasma Desktop, Plasma Workspace, System Settings, KWin, KScreenlocker, KScreen, Plasma Addons, Info Center, and Breeze GTK theme.

        Highlights include better support for LibreOffice's scrollbars in the Breeze GTK theme, update notification improvements in Plasma Discover, improved file indexer monitor in Info Center, support for scaling the appearance of the preview widget twice in KScreen, better keyboard navigation of Kicker search results, and the ability for KWin to avoid global static for effects.


      • KDE neon Rebased on Ubuntu 18.04 LTS "Bionic Beaver"
        KDE neon is a project to deliver KDE's wonderful suite of software quickly. We use modern DevOps techniques to automatically build, QA and deploy our packages. We work directly with the KDE community rather than staying far away in a separate project.

        Our packages are built on the latest Ubuntu LTS edition and today we have moved to their new 18.04 release. This means our users can get newer drivers and third party packages. There is an upgrade process from the previous 16.04 LTS base which we have spent the last few months writing and running QA on to ensure it runs smoothly.

        We have three editions for different use cases. A user edition for those wanting to use the latest released KDE software updated daily but only released when it passes QA tests. And two developer editions built from unstable and beta Git branches without QA checks for those wanting to test or develop our forthcoming software.

        You can use our output via the .deb package archive, installable ISOs and Docker images. We also have work-in-progress Snap packages which we can put more development effort into now that we have rebased on 18.04.


      • KDE Neon Rebased To Ubuntu 18.04 LTS Now Official


      • KDE neon GNU/Linux Distribution Is Now Based on Ubuntu 18.04 LTS (Bionic Beaver)
        KDE neon project leader Jonathan Riddell announced today that the Linux-based operating system is now officially based on the latest Ubuntu 18.04 LTS (Bionic Beaver) operating system series.

        Built on top of an Ubuntu base and using the latest KDE technologies, the KDE neon operating system offers Linux users quick and trustworthy access to the most recent KDE Plasma desktop environment releases on their personal computers while being powered by up-to-date packages from latest Ubuntu releases.

        Using modern DevOps techniques to automatically build, test, and deploy its packages, KDE neon follows a rolling release model where the user installs once and receives updates forever. However, from time to time, the KDE neon developers rebased the entire OS on newer Ubuntu LTS releases, and now they are proud to announce that the latest KDE neon images are based on Ubuntu 18.04 LTS.


      • The State Of Wayland Support For KDE Plasma 5.14
        KDE developer Roman Gilg has shared the current state of Wayland support for the upcoming KDE Plasma 5.14 release as well as an outlook to improvements on the horizon.

        The latest code in the works (awaiting review) has support for drag and drop between native Wayland clients and XWayland clients. Pointer locking and confinement has been merged for Plasma 5.14. There are also input handling improvements and other work.


      • Announcing QtCon Brazil 2018
        We are happy to announce that the 2nd edition of the first Qt conference in America Latina (QtCon Brazil 2018) is gonna happen from 8th to 11th November, in São Paulo. The first edition of QtCon Brazil happened last year, also in São Paulo, and brought together 180 participants from universities, government institutions, and companies acting in the fields of IT services, simulation, medicine and biology, physics, embedded systems, mobile systems, and web services, just to mention a few. It was very revealing to see how much work has been built on top of Qt lately in Brazil. As a indirect result, the "Qt Brasil" telegram group — created during QtCon Brasil 2017 — has currently 320 participants, engaged in a number of daily discussions about all things related to Qt.


      • Bugs.kde.org improvements
        I’d like to share some welcome changes that we’ve recently made to https://bugs.kde.org, KDE’s venerable bug tracker. Improving our bug submission process was one of the ideas I submitted to KDE’s 2017 goal setting initiative, and while it wasn’t formally chosen the way the Usability & Productivity goal was, people seemed to think that it was worthwhile to do anyway. The overall task tracking this effort is https://phabricator.kde.org/T6832.


      • Cisco Confirms 88 Products Vulnerable to FragmentStack Bug, KDE neon Rebased on Ubuntu 18.04 LTS, GNOME 3.30.1 Released, Rust Announces Version 1.29.1 and Mozilla Launches Firefox Monitor
        The KDE neon team announces the rebase of its packages onto Ubuntu 18.04 LTS "Bionic Beaver" and encourages users to upgrade now. You also can download a clean installation from here.


      • Efficient custom shapes in Qt Quick
        QtQuick includes basic visual item to construct many common user-interface components, but people often ask how to create different visual appearances, beyond rectangles, round-rectangles and images. There’s various solutions to this problem, and with Qt 5.10, there’s the new Shapes module which makes it easy to define paths, ellipses and other standard SVG drawing elements.


      • KDE Bugsquad – Kickoff with Krita! – Part 2 on October 2nd, 2018
        Thank you everyone who participated in the first Bugsquad event! We saw the team page on Phabricator double in membership, and had seven people contribute triaging bugs. Thank you xyquadrat, emmet, spaliwal, eoinoneill, and jtamate! Many of them continued triaging past their assigned blocks, knocking out the majority of the bugs. Absolute rockstars!


      • A First Timer Review of KDE neon Operating System
        KDE neon is a stable OS that is pretty, useful, easy to learn and teach, integrated, but powerful when needed, with the latest KDE Software Compilation. Stable, as you can see it's the official OS of the modern KDE Slimbook Laptop and as one of the basis of Plasma Mobile OS; while at the same time based on a stable Ubuntu LTS version. It's also lightweight! Pretty, as you can see it uses Plasma desktop with all its benefits for you. Easy, as it's consistent and modular, easily used while unchanged and powerful if you want customization. Integrated, as it connects to your phone in both ways to easily transfer files and control each other. Plus, its desktop integration is fun either for searching or running programs thanks to KDE features.

        It has a benefit Kubuntu doesn't have: latest KDE without waiting the next release! It also has benefit over other distros with perhaps rolling KDE version: it's based on Ubuntu, an easy OS you all are familiar with. What are you waiting for? If you love KDE or simply want to test it, KDE neon is the right OS for you. You can try it in LiveCD first or simply install once and use forever. Happy running!




    • GNOME Desktop/GTK





  • Distributions



    • Spanish Education Distribution Escuelas Linux is Now Available in English
      Escuelas Linux is an educational Linux Distribution based on Bodhi Linux. Escuelas (Escuela is Spanish for “School”) includes a host of educational software.

      It is used by more than 180,000 students and teachers in schools. So what makes Escuelas Linux a preferred choice for educational institutes? Well, apart from a vast selection of educational softwares, Escuelas Linux completely configured user accounts and thus it can be immediately used by a new user (student) without any configuration changes.


    • New Releases



      • Puppy Linux's Sister Quirky Linux Is Now Binary Compatible with Ubuntu 18.04 LTS
        Being built using DEB packages from Ubuntu 18.04.1 LTS, Quirky Linux 8.7.1 codename "Quirky Beaver" is binary-compatible with the Ubuntu 18.04.1 LTS (Bionic Beaver) operating system and it's available only for 64-bit (x86_64) hardware architectures. However, Quirky Linux 8.7.1 is quite similar to the Quirky Linux 8.6 "Xerus" series, but with upgraded components.

        "Quirky Linux 8.7.1 is the first in the "Beaver" series, binary-compatible with x86_64 Ubuntu 18.04.1 LTS, though built with woofQ and architecturally very different from Ubuntu," Barry Kauler wrote in the release announcement. "Quirky is an experimental distribution, that forked from Puppy Linux a few years ago, and has followed a different path, exploring some new ideas."


      • Linux Lite 4.2 Enters Beta Based on Ubuntu 18.04.1 LTS, Here's What's New
        Based on the Ubuntu 18.04.1 LTS (Bionic Beaver) operating system, Linux Lite 4.2 isn't the major update everyone was waiting for, but a minor, incremental update that brings various small improvements to the Lite Welcome app, an updated Help Manual that will be available in the final release, as well as updated components.

        The Linux Lite 4.2 beta is powered by the Linux 4.15 kernel (Linux kernel 4.18 is also available) and ships with up-to-date apps including the Mozilla Firefox 62.0.2 "Quantum" web browser, Mozilla Thunderbird 52.9.1 email and news client, LibreOffice 6.0.6.2 office suite, VLC 3.0.3 media player, and GIMP 2.10.6 image editor.




    • Red Hat Family



      • Running Microsoft SQL Server on Red Hat OpenShift [Ed: Maybe Torvalds was right about Red Hat “deep-throating” (his words) Microsoft]


      • Connect to service value and pass the competition in the fast lane
        Red Hat provides essential technologies that enable automotive manufacturers to transform their infrastructures and strategically modernize operations. By harnessing open source innovation and architecting solutions that apply information technology and operational technology to solving enterprise challenges, Red Hat powers a new generation of flexible, interoperable manufacturing and supply chain systems.

        Ongoing technology advances are delivering the means to build intelligent communication into automobiles. Red Hat offers a path to achieving this vision by delivering technologies that help automotive manufacturers become more competitive and more efficient.


      • Using Red Hat Identity Management as a Domain Controller for systems in a DMZ
        The IdM server in the DMZ will play the role of the domain controller for Linux systems. To solve the problem of proxying Kerberos traffic make sure that the kdcproxy component is enabled on the IdM server that is inside the firewall. See corresponding documentation for more details.

        Linux systems in the DMZ will be connected to the IdM server by using ipa-client-install or realmd.

        The SSSD component will need to be configured on the clients. After the installation and enrollment the client systems would need to be reconfigured to start leveraging kdcproxy rather than a standard Kerberos protocol. For more details on how to achieve this see Configuring a Kerberos Client section in the System-Level Authentication Guide.


      • Finance



      • Fedora



        • Announcing the release of Fedora 29 Beta
          The Fedora Project is pleased to announce the immediate availability of Fedora 29 Beta, the next big step on our journey to the exciting Fedora 29 release.

          Download the prerelease from our Get Fedora site:

          Get Fedora 29 Beta Workstation Get Fedora 29 Beta Server Get Fedora 29 Beta Atomic Get Fedora 29 Beta Silverblue

          Or, check out one of our popular variants, including KDE Plasma, Xfce, and other desktop environments, as well as images for ARM devices like the Raspberry Pi 2 and 3...


        • Fedora Linux 29 beta rolls out


        • Fedora 29 Beta Released - Begin Trying Out Modularity, Silverblue & Other New Features
          The Fedora project has officially announced the beta release this morning of Fedora 29.

          There are a lot of new features for Fedora 29 from Fedora Silverblue to offering modules to all Fedora users, toolchain updates and other package upgrades, the GNOME Shell 3.30 desktop, and much more.


        • Fedora 29 Beta now available
          We’re pleased to announce that Fedora 29, the latest version of the Fedora operating system, is now available in beta. The Fedora Project is a global community that works together to help the advancement of free and open source software, culminating in the innovative Fedora operating system designed to answer end user needs across the computing spectrum. Delivered as three separate editions (Fedora Server, Fedora Atomic Host, and Fedora Workstation), each is designed to provide a free, Linux-based system tailored to meet specific use cases.


        • Fedora Project announces availability of Fedora 29 beta
          Note that RedHat seeks volunteers to report bugs and in many other aspects of working with this important and popular Linux distro — translating, testing, creating content, marketing, and more. See what they need at What's your area of interest? page.
        • Fedora 29 Linux Enters Beta, Introduces SilverBlue for Container Workloads
          Fedora 29 also improves on the modularity of the Linux platform which first debuted in from Fedora 28, which was released on May 1. With modularity, Fedora enables system administrators to choose which version of software they want to run.

          In Fedora 28, modularity was limited to the server edition, while in Fedora 29, modularity has been extended to all editions of Fedora, which include "Spins" for different desktop editions including KDE, xFCE, LXDE, MATE and Cinammon desktops.

          The default desktop for the Fedora 29 Workstation edition is the GNOME 3.30 desktop environment, which was first released on Sept. 6. GNOME 3.30, codenamed "Almeria" benefits from improved desktop performance that uses fewer system resources.
        • Fedora 29 Beta Linux distro now available for download with improved Raspberry Pi support
          If you are going to use Linux on the desktop, you might as well use Fedora. Why? Well, it is a pure open source experience. I mean, why switch from Windows to a distro that isn't entirely focused on FOSS? You should go all in! Not to mention, it uses very modern packages while retaining stability. Oh, and it uses the best overall desktop environment, GNOME, by default. It's no wonder the father of Linux, Linus Torvalds, uses it.

          The next version of the operating system is Fedora 29, and today, it achieves Beta status. It features updated packages, improved support for Raspberry Pi, and more.


        • LAMP stack for Fedora






    • Debian Family



      • GSoC 2018: Final Report


        This is my final report of my Google Summer of Code 2018, it also serves as my final code submission.

        For the last 3 months I have been working with Debian on the project Extracting Data from PDF Invoices and Bills Details.


      • Derivatives



        • Canonical/Ubuntu



          • Ubuntu 18.10’s New Wallpaper is Cosmically Cute
            The striking new background was attached to a bug report on Launchpad, and arrives just in the nick of time. The sole Ubuntu 18.10 beta is released tomorrow.

            If you’re running the Ubuntu 18.10 daily builds you’ll get the new Ubuntu 18.10 wallpaper as an update to the Ubuntu wallpapers package, so keep an eye on update manager.


          • Ubuntu Minimal Install
            Today we will be going over the installation of the minimalist version of Ubuntu 18.04. You may be thinking of a minimalistic version of a Linux distro as the bare minimum version of a system. If so, you would be correct. The system we are going to install from comes in a 64MB ISO image. ​You can find the image to download in the Ubuntu help wiki for minimalist versions. You will find some important information regarding the burning of images to a CD or a USB stick (I use dd), and even a few pointers to get started. You will also see information about installation on UEFI based systems. It does lack support for UEFI; however, for the purposes of this guide, the system will be installed on a virtual machine.


          • Flavours and Variants



            • [Linux Mint] Monthly News – September 2018
              Many thanks to all the people who donate to us. Numbers were lower than normal last month but we’re still getting a tremendous amount of support. We’re at an average of $10,000 per month. Although that average decreased slightly over the last three years it is very high, it covers all our expenses, when we need something money is never an issue (whether it’s to scale slowly, invest in security, hosting, CI services or to tackle an emergency) and it allows us to send money upstream when needed and to donate funds internally within our moderation and development teams. We’re able to facilitate development and boost our productivity by making tools available and delegate aspects which would otherwise get in the way. It’s a real help for us, I know I say it every month but I don’t think we’ll ever be thankful enough. If you’re helping us, thank you.

              Now, without further ado, let’s talk about development. With Mint 19 and LMDE 3 officially released our hands are now free to develop and improve our software on top of the new bases (respectively Ubuntu 18.04 and Debian Stretch).


            • Linux Mint / Cinnamon Speeds Up Its File Manager, Updates Other Apps
              Linux Mint lead developer Clément Lefèbvrehas has issued his latest monthly update concerning the activities within this Ubuntu/Debian-derived camp and their work on the GNOME-forked Cinnamon desktop environment.

              The Linux Mint crew is moving forward with their Cinnamon efforts and original Linux desktop applications now that Linux Mint 19 and Linux Mint Debian Edition 3 have shipped. Of their original applications, the Nemo 4.0 file manager is becoming "lightning fast" with numerous optimizations having been added. Nemo's start time as well as folder load times are much faster. There has also been user-interface improvements to Nemo along with the ability to show file creation times when on an EXT4 file-system with Linux 4.15 kernel and newer.












  • Devices/Embedded





Free Software/Open Source



  • Orchestration & Open Source for 5G
    A 2016 survey by TMForum, Orchestration: Get Ready for the Platform Revolution, found that "orchestrating services end to end across virtualized and physical infrastructure, including partners' networks, is proving to be one of the most difficult operational challenges for communications service providers and their suppliers." As early as 2014, Axel Clauberg, VP of Aggregation, Transport, IP and Infrastructure Cloud Architecture at Deutsche Telekom, coined the phrase "zoo of orchestrators" to describe the mish-mash of management systems vendors were pushing to manage their siloed NFV solutions.


  • 3 open source distributed tracing tools
    Distributed tracing systems enable users to track a request through a software system that is distributed across multiple applications, services, and databases as well as intermediaries like proxies. This allows for a deeper understanding of what is happening within the software system. These systems produce graphical representations that show how much time the request took on each step and list each known step.

    A user reviewing this content can determine where the system is experiencing latencies or blockages. Instead of testing the system like a binary search tree when requests start failing, operators and developers can see exactly where the issues begin. This can also reveal where performance changes might be occurring from deployment to deployment. It’s always better to catch regressions automatically by alerting to the anomalous behavior than to have your customers tell you.


  • OBS Studio Now Supports VA-API For Video Encoding
    For those of you using OBS Studio for screen recording on the Linux desktop or screencasting, the latest code now supports GPU-offloading to VA-API for the H.264 video encode process.

    The Open Broadcaster Software has already supported Intel QuickSync on Windows as well as NVIDIA NVENC on supported platforms for NVIDIA GPU video encoding or AMD AMF as well. But for Intel Linux users, FFmpeg VA-API support has been merged for faster H.264 video encoding by making use of the HD/Iris/UHD Graphics hardware via this Video Acceleration API.


  • Google Open-Sources "GraphicsFuzz" For Helping To Spot GPU Driver Bugs
    Remember GraphicsFuzz? That was the effort started by university students for fuzzing GPU drivers via WebGL in the browser and over the course of their research found various OpenGL driver bugs, including for mobile drivers. Last month the start-up born out of that university research was acquired by Google and now their work is open-source.


  • Open-Source Software In Connected Vehicles: Pros And Cons


  • Lyft Launches Open-Source Design Tool


  • Web Browsers



    • Chrome



      • Chrome 70 Will Let Users Opt Out of the New Auto-Sign In Feature
        An upcoming Chrome option allows users to log into Google accounts without logging into the browser. The change was prompted by a backlash among users and privacy advocates.

        Chrome 69, which came out earlier this month, logs all Google users into Chrome, even if they’ve previously opted out of signing into Chrome. This did not enable Chrome’s sync feature, but some users saw it as intrusive.


      • Google Does Damage Control After Chrome Faces A lot Of Backlash For Automatic Sign In Feature In Recent Update
        The first thing that most of us noticed was the UI redesign in the latest chrome update underlying which were many small and big changes alike that were not as easy to catch the eye. One of these was the feature that would automatically sign people into Chrome when they sign into a spate Google service such as Gmail.

        Google faced a lot of criticism this past week as even security experts are calling out Google for breaching individual’s privacy and point that this is a method which involves tricking the less technically adept people into sharing or rather handing over more data to Google.


      • How to stop Chrome running in the background

        Whilst I use Firefox personally, I understand that some people like to use Chrome due to the availability of a lot more extensions. So what do you do to stop Google tracking your activity even when it’s not signed in?





    • Mozilla



      • Firefox Accounts offer recovery key option
        Firefox Accounts help you get more out of your Firefox experience. With a Firefox Account, you can get all your bookmarks, passwords, open tabs and more — everywhere you use Firefox. Working on your desktop, browsing on your couch with a tablet, out and about in the world on your mobile device.


      • Account recovery keys in Firefox Accounts


        The Firefox Accounts team is in the process of releasing a new feature called Account Recovery. Previously, when a user resets their password, they would be given new encryption keys and could potentially risk losing any synced bookmarks, passwords and browsing history. With Account Recovery, a user can keep their encryption keys and not lose any data.

        A more technical overview of how this feature works can be found here.

        If you are interested in trying it out, simply goto your Firefox Account settings and click Account Recovery. If you do not see the Account Recovery option, you might not be in the rollout group yet. However, it can be manually enabled using these instructions.


      • EU Code published: another step forward in the fight against disinformation
        Today, the advertising and technology sectors presented the world’s first ever Code of Practice on Disinformation. Brokered in Europe, and motivated by the European Commission’s Communication on Tackling Disinformation and the report of the High Level Expert Group on Fake News, the Code represents another step towards countering the spread of disinformation.

        This initiative complements the work we’ve been doing at Mozilla to invest in technologies and tools, research and communities, to fight against information pollution and honour our commitment to an internet that elevates critical thinking, reasoned argument, shared knowledge, and verifiable facts.


      • This Week in Rust 253
        This week's crate is packed_simd, a crate with portable SIMD vector types. Thanks to Gabriel Majeri for the suggestion!


      • The Rust Programming Language Blog: Announcing Rust 1.29.1
        The Rust team is happy to announce a new version of Rust, 1.29.1. Rust is a systems programming language focused on safety, speed, and concurrency.


      • This Week In Servo 114


        Big shout-out to @eijebong for digging into the underlying cause of an ongoing, frustrating intermittent problem with running websocket tests in CI.


      • Mozilla Launches Firefox Monitor To Alert You When Your Data Is Breached
        Mozilla just launched a free service called Firefox Monitor to help users find out whether their accounts have been a part of the numerous data breaches that occur every year.

        Just enter your email ID on the Firefox Monitor website and get it scanned to find any cases of compromised online accounts.


      • Daniel Stenberg: 10,000 stars
        On github, you can 'star' a project. It's a fairly meaningless way to mark your appreciation of a project hosted on that site and of course, the number doesn't really mean anything and it certainly doesn't reflect how popular or widely used or unused that particular software project is. But here I am, highlighting the fact that today I snapped the screenshot shown above when the curl project just reached this milestone: 10,000 stars.

        In the great scheme of things, the most popular and starred projects on github of course have magnitudes more stars. Right now, curl ranks as roughly the 885th most starred project on github. According to github themselves, they host an amazing 25 million public repositories which thus puts curl in the top 0.004% star-wise.






  • BSD



  • FSF/FSFE/GNU/SFLC



    • GNU Shepherd 0.5.0 released


      The GNU Daemon Shepherd or GNU Shepherd is a service manager written in Guile that looks after the herd of system services. It provides a replacement for the service-managing capabilities of SysV-init (or any other init) with a dependency-based system with a convenient interface. The GNU Shepherd may also be used by unprivileged users to manage per-user daemons (e.g., tor, privoxy, mcron, etc.) It is written in Guile Scheme, and is configured and extended using Guile.


    • GNU Shepherd 0.5 Init System Released
      Shepherd, the init/service manager of the GNU system with GNU Herd and can be used as an alternative to systemd on Linux systems as well, is up to version 0.5.

      With GNU Shepherd 0.5, the init system now gracefully halts with Ctrl+Alt+Del when running as PID 1 on Linux systems and restarting a service now also restarts any dependent services... Plus services now have a "replacement" slot as well and there are various other fixes.




  • Licensing/Legal



    • The Software Freedom Conservancy on GPLv2 irrevocability
      For anybody who has been concerned by the talk from a few outsiders about revoking GPL licensing, this new section in the Software Freedom Conservancy's copyleft guide is worth a read.


    • Conservancy Adds Expanded Section To Copyleft Guide On GPLv2 Irrevocability
      In discussion of the Linux project's new Code of Conduct, a few people have suggested that contributors who reject the Code of Conduct might disrupt Linux licensing in response. This seems unlikely to most, but to ensure that uncertainty around this issue casts no shadow over contributions to GPLv2 works, Conservancy engaged our outside counsel, Pamela Chestek, to update the Copyleft and the GNU General Public License: A Comprehensive Tutorial and Guide (called the Copyleft Guide for short) on copyleft.org to clarify this issue.

      Copyleft.org is an initiative that fosters a collaborative community to share and improve information about copyleft licenses (especially the GNU General Public License (GPL)) and best compliance practices for those licenses. It's primary output is the Copyleft Guide, an extensive 157 page tutorial on GPL and other forms of copyleft licensing, available as an online book and as a PDF.




  • Openness/Sharing/Collaboration



    • Open Hardware/Modding



      • OTTO modular open source music maker
        If you enjoy making electronic music OTTO the open source music maker offers a complete hardware and software solution offering synthesisers, sampler, effects, sequencers and studio modules. The OTTO has been created to be built in very different ways depending on your skills, requirements and available resources, tools and priorities.

        “Making electronic music is awesome! But for most of us, it requires a lot of setup, a lot of moving a mouse around on a laptop that’s probably not quite equipped to handle realtime audio processing. Don’t you wish you had one single device, which was built to do it all for you, easily and on the fly?”






  • Programming/Development



    • Troubleshooting Node.js Issues with llnode
      The llnode plugin lets you inspect Node.js processes and core dumps; it adds the ability to inspect JavaScript stack frames, objects, source code and more. At Node+JS Interactive, Matheus Marchini, Node.js Collaborator and Lead Software Engineer at Sthima, will host a workshop on how to use llnode to find and fix issues quickly and reliably, without bloating your application with logs or compromising performance. He explains more in this interview.


    • Bytes, Characters and Python 2


      An old joke asks "What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American."

      Now that I've successfully enraged all of my American readers, I can get to the point, which is that because so many computer technologies were developed in English-speaking countries—and particularly in the United States—the needs of other languages often were left out of early computer technologies. The standard established in the 1960s for translating numbers into characters (and back), known as ASCII (the American Standard Code for Information Interchange), took into account all of the letters, numbers and symbols needed to work with English. And that's all that it could handle, given that it was a seven-byte (that is, 128-character) encoding.


    • SDL's 2D Render API Getting Improved With New Batching System
      Prolific Linux game porter/developer Ryan Gordon has been tackling improvements to the SDL2 library's 2D rendering code with the introduction of a batching system.

      With the current SDL2 library when using its render API, calls are immediately dispatched where as with this batching system the draw requests are stored in batches and then dispatched to the GPU when needed. Those batches are sent to the GPU when needed via SDL_RenderPresent or other relevant operations.


    • Writing well
      Code gets read more than it gets written, so it’s worth taking extra time so that it’s easy for future developers to read. The same is true of emails that you write to project mailing lists. If you want to make a positive change to development of your project, don’t just focus on the code — see if you can find 3 ways to improve the clarity of your writing.


    • How we rolled out one of the largest Python 3 migrations ever
      Dropbox is one of the most popular desktop applications in the world: You can install it today on Windows, macOS, and some flavors of Linux. What you may not know is that much of the application is written using Python. In fact, Drew’s very first lines of code for Dropbox were written in Python for Windows using venerable libraries such as pywin32.

      [...]

      Initially, we relied on “freezer” scripts to create the native applications for each of our supported platforms. However, rather than use the native toolchains directly, such as Xcode for macOS, we delegated the creation of platform-compliant binaries to py2exe for Windows, py2app for macOS, and bbfreeze for Linux. This Python-focused build system was inspired by distutils: Our application was initially little more than a Python package, so we had a single setup.py-like script to build it.

      Over time, our codebase became more and more heterogenous. Today, Python is no longer the only language used for development. In fact, our code now consists of a mix of TypeScript/HTML, Rust, and Python, as well as Objective-C and C++ for some specific platform integrations. To support all these components, this setup.py script—internally named build-all.py—grew to be so large and messy that it became difficult to maintain.

      The tipping point came from changes to how we integrate with each operating system: First, we began introducing increasingly advanced OS extensions—like Smart Sync’s kernel components—that can’t and often shouldn’t be written in Python. Second, vendors like Microsoft and Apple began introducing new requirements for deploying applications that imposed the use of new, more sophisticated and often proprietary tools (e.g. code signing).


    • Java 11 Released As The First Java LTS Release
      Java 11 (JDK 11) is officially out today as the first Java Long-Term Support (LTS) release under Oracle's new six month release strategy.






Leftovers



  • Australia’s eftpos 'Tap & Pay' fast-tracks for transport

    eftpos managing director Stephen Benton said that while eftpos "had been working on transport for some time, the company had this week formed a dedicated technical and business team to complete the capability rollout to financial institutions across Australia by April 2019, and was already in discussions with a number of State Governments".



  • Flocking

    When combined, these three simple rules have created complex emergent behavoir.

  • Has the Internet Changed Fact-Checking? Well, It Depends.


    When my friends tell me stories that sound too good to be true, I do what’s in every reporter’s DNA: I ask what their source is for the information. Knowing the source helps me judge the truth of what they’re saying, and whether I should believe, say, that it’s illegal to sell Irish butter in Wisconsin. (Pretty much true until last year, when butter lovers went to court.) The same goes for any story we report. Before we include a fact or a statement, we have to ensure it is correct and the source is credible — even if it takes weeks or months to do so.

    Ms. Beaumont is right. Back in the day, reporters used books and other paper documents to check their facts. You confirmed Pulaski was a road, not a street, on a paper map. You pored over the city of Chicago’s budget to determine what the Police Department was slated to spend on overtime. You called the Illinois Department of Financial and Professional Regulation to check if a doctor had a disciplinary record.


  • We Need to Talk about Indyref2
    A senior SNP elected representative told me a couple of weeks ago that the party hierarchy were intent on making sure there would be strict control over debate at the upcoming conference. The leadership fear pressure from the membership on holding another Independence referendum, using the mandate won at the last Holyrood elections. You will recall that the SNP was elected on a promise of a new referendum in the event of a significant change in the status quo, specifically including Brexit.

    Being well aware from the AUOB marches and other events that the grassroots are ready for another campaign, and with the opinion polls very encouraging, it seemed to me that the foot soldiers deserved at least to be able to voice an opinion on when and how they went into battle. So I suggested back to my friend that, as I am attending as a delegate, I would hold a fringe meeting within the Conference venue on the routes to Independence. This might include how we get a new Indyref in the face of Westminster opposition, its timing, and lessons learned for the Yes movement from 2014 on how to win it. The idea was also to explore other potential routes to Independence including a National Assembly.

    They replied that I would not be allowed to hold a fringe meeting on Indyref2. I thought they were being over-dramatic. So I asked my friend the doughty Peter A Bell to join me as a speaker (he agreed in principle), and I was planning to ask James Kelly and Stuart Campbell as well, but first applied for a room in the Conference Centre so I could give them a date.


  • Health/Nutrition



    • Prisons’ Refusal to Provide Adequate Opioid Treatment is Cruel and Unlawful
      In 2016, after overdosing three times in less than 48 hours, he was scared for his life and committed to recovery. That’s when his physician prescribed methadone, a prescription medication approved by the FDA for treatment of opioid use disorder.

      For nearly two years, Geoffrey has invested in his recovery, rededicated himself to his young son, rebuilt his relationships with his parents, and found a job that he loves. While he also participates in counseling and therapy, he credits his recovery to his medication-assisted treatment (MAT).

      Geoffrey generally relies on his parents to drive him to the clinic where he receives the treatment. But on July 19, his mother was unexpectedly unavailable to drive him, and in fear of a relapse, he drove himself. He was pulled over and charged with driving with a revoked or suspended license.

      He currently faces imprisonment at the Middleton House of Correction in Massachusetts, where his medication will not be made available to him. In fact, the Essex County jail denies MAT to prisoners diagnosed with opioid use disorder, including those who arrive with a prescription for such medication and are already in sustained recovery as a result — like Geoffrey.

      People with opioid use disorder who are denied their medication suffer painful withdrawal. It disrupts their treatment plan, leading to a sevenfold decrease in continued treatment after release. It increases the risk of relapse into active addiction: Over 82 percent of patients who leave methadone treatment relapse within a year. And, most alarming, patients are more likely to suffer from overdose and potential death as a consequence of forced withdrawal.


    • Cancer Center Switches Focus on Fundraising as Problems Mount
      Memorial Sloan Kettering Cancer Center has abruptly changed the focus of an annual fundraising campaign amid a widening crisis that has already led to the resignation of its chief medical officer and a sweeping re-examination of its policies.

      The campaign, initially titled “Harnessing Big Data,” was to have focused on the cancer center’s research into the use of artificial intelligence in cancer treatment, according to a brochure on Memorial Sloan Kettering’s website.

      The move follows an article Thursday by ProPublica and The New York Times about an exclusive deal that Memorial Sloan Kettering made with an artificial intelligence startup to use digital images of 25 million tissue slides analyzed over decades. The company, Paige.AI, was founded by three hospital insiders, and also involved investors who were Memorial Sloan Kettering board members.

      [...]

      Kenneth Manotti, the cancer center’s senior vice president and chief development officer, made a reference to the article in an email sent Friday to board members of the Society of MSK, the hospital’s volunteer fundraising arm, and an affiliated committee. It said the fundraising effort, which would have accelerated the center’s research on artificial intelligence, would be postponed “under the current circumstances, as we navigate through the issues at hand.”


    • WIPO And Pharma Industry Launch Medicines Patent Database For Easier Access To Medicines
      A new initiative, the Patent Information Initiative for Medicines (Pat-INFORMED), was launched today at the World Intellectual Property Organization to help health agencies procure medicines. The collaboration between WIPO and the pharmaceutical industry, a free and open-access database, provides information on the legal status of patents on approved medicines.


    • The Child Abuse Contrarian
      In September 2016, Jenn Thompson and her boyfriend, Robbie Ray, discovered that she was pregnant. They had met just over a month earlier, through the dating app Tinder, and quickly became inseparable. Robbie would stay at Jenn’s place several nights a week, and on the weekends, they tailgated at football games. The pregnancy was unplanned, but both had recently turned 30 and were ready to start a family. When they went in for an ultrasound appointment, a technician pointed out two tiny circles on the screen: twins. They bought a baby Doppler and Robbie would hold the monitor on Jenn’s stomach so they could listen to the two hearts beating in tandem.

      They got married five months later, at the Lutheran church Jenn attended. Robbie moved into her house, in Columbia, South Carolina, across the street from her parents in a tightly packed development of modest, newish homes tucked behind a shopping complex. They converted the second bedroom into a nursery. Jenn found the crib she slept in as an infant and gave it a fresh coat of paint. The babies arrived more than a week early, by C-section — a boy first, and then a girl.

      [...]

      To find an explanation, the Rays said, they searched the Internet and eventually discovered a group called Fractured Families. The website was filled with stories of parents who were accused of abuse — falsely, it said — after their children were found to have bone injuries. Jenn told me that she was struck by how similar their experiences were to her own. Jenn made contact with several of the mothers in Fractured Families. They told her that there was a doctor in Boston who might be able to help her.

      [...]

      Holick regularly diagnoses children with EDS without seeing them in person. “I already know on the phone they have EDS,” he said, adding that he questions the parents about potential symptoms. “I almost don’t have to ask. I know the answer.”




  • Security



    • Security updates for Tuesday


    • Reproducible Builds: Weekly report #178


    • Yubico launches new lineup of multifactor FIDO2 security keys
      It’s an open secret that passwords aren’t the most effective way to protect online accounts. Alarmingly, three out of four people use duplicate passwords, and 21 percent of people use codes that are over 10 years old. (In 2014, among the five most popular passwords were “password,” “123456,” and “qwerty.”) Two-factor SMS authentication adds a layer of protection, but it isn’t foolproof — hackers can fairly easily redirect text messages to another number.


    • The new YubiKey 5 security keys offer physical protection for your private data


    • YubiKey 5’s FIDO2 support will help you ditch passwords entirely


    • Lilbits 338: Multi-factor security
      You may already be using multi-factor authentication to login to some devices or services. Your bank may send you a text message with a security code when you attempt to login to its website. I use a smartphone app that gives me a code to use when logging into Google, LastPass, or a handful of other services.


    • Introducing the YubiKey 5 Series with New NFC and FIDO2 Passwordless Features

      Our new YubiKey 5 Series is comprised of four multi-protocol security keys, including two much anticipated new features: FIDO2 / WebAuthn and NFC (near field communication).



    • New Linux 'Mutagen Astronomy' security flaw impacts Red Hat and CentOS distros
      This is a type of vulnerability that requires an attacker to have a foothold on a vulnerable system, but it's one of those security flaws that can turn a simple hack into a very bad one, as it can be used to give an intruder root access and complete control over infected systems.


    • Responsible disclosure: retrieving a user's private Facebook friends.
      Data access control isn’t easy. While it can sound quite simple (just give access to the authorized entities), it is very difficult, both on a theoretical side (who is an authorized entity? What does authorized mean? And how do we identify an entity?) and on a pratical side.

      On the pratical side, how we will see, disclose of private data is often a unwanted side effect of an useful feature.

      Facebook and Instagram

      Facebook bought Instagram back in 2012. Since then, a lot of integrations have been implemented between them: among the others, when you suscribe to Instagram, it will suggest you who to follow based on your Facebook friends.

      Your Instagram and Facebook accounts are then somehow linked: it happens both if you sign up to Instagram using your Facebook account (doh!), but also if you sign up to Instagram creating a new account but using the same email you use in your Facebook account (there are also other way Instagram links your new account with an existing Facebook account, but they are not of our interest here).

      So if you want to create a secret Instagram account, create a new mail for it ;-)

      Back in topic: Instagram used to enable all its feature to new users, before they have confirmed their email address. This was to do not “interrupt” usage of the website / app, they would have been time to confirm the email later in their usage.

      Email address confirmation is useful to confirm you are signing up using your own email address, and not one of someone else.


    • Security updates for Wednesday


    • Linux Readying Spectre V2 Userspace-Userspace Protection
      While the Linux kernel has been patched for months (and updated CPU microcode available) to mitigate Spectre Variant Two "Branch Target Injection" this has been focused on kernel-space protection while patches are pending now for userspace-userspace protection.

      Spectre V2 mitigation for application to application attacks hasn't been a priority since its more difficult to exploit due to ASLR (Address Space Layout Randomization). This protection is being worked on and these new patches enable app-to-app mitigation for Spectre Variant Two via IBPB (Indirect Branch Prediction Barrier) and STIBP (Single Thread Indirect Branch Predictors). This protection via the new Linux kernel patches is for both Intel and AMD CPUs.


    • Cisco: Linux kernel FragmentSmack bug now affects 88 of our products
      Cisco has confirmed that more of its products that rely on the Linux kernel are vulnerable to a potentially dangerous denial-of-service flaw.

      The bug, dubbed FragmentSmack, was in August revealed to affect the IP networking stack in the Linux kernel, prompting a round of patches for numerous Linux distributions and patches at Akamai, Amazon, and Juniper Networks, and more.

      The bug can saturate a CPU's capacity when under a low-speed attack using fragmented IPv4 and IPv6 packets, which could cause a denial-of-service condition on the affected device.


    • More Spectre Variant Two Patches Queued For The Linux Kernel
      Besides the Spectre V2 userspace-userspace mitigation patches revised and sent out earlier today, some related Spectre V2 changes are now queued for soon merging to the mainline Linux kernel.

      Thomas Gleixner has queued a few new patches today in his x86/pti tree for soon calling upon Linus/Greg for merging into the mainline kernel.


    • The Crypto-Criminal Bar Brawl [Ed: NanoVMs marketing disguised as article, where the selling method is badmouthing Linux security]




  • Defence/Aggression



    • Interview With Mike Prysner And Spenser Rapone: Creating Conditions For Resistance Within US Military
      If you would like to support the show and help keep us going strong, please become a subscriber on our Patreon page.

      Hosts of the “Eyes Left” podcast join the “Unauthorized Disclosure” weekly podcast to talk about creating the conditions for more resistance within the United States military.

      Spenser Rapone, known as the “Commie Cadet,” spoke out for NFL quarterback Colin Kaepernick and expressed his support for left-wing politics. He unconditionally resigned from the military a little more than a year ago.

      Michael Prysner enlisted in the military following the 9/11 attacks and later became an antiwar activist after leaving the military. He is also a producer of the “Empire Files.”

      Together, they share their thoughts on antiwar organizing under President Donald Trump and whether the terrain has shifted considerably since President Barack Obama was in office. They share their back stories, address the never-ending war in Afghanistan, discuss U.S. support for a right-wing coup in Venezuela, and more.




  • Transparency/Investigative Reporting



    • Julian Assange and Russia’s UK embassy
      Your article (Revealed: Russia’s Christmas Eve plot to smuggle Assange out of UK, 22 September) claiming that Russian diplomats held secret talks to assess whether they could help Julian Assange flee the UK has nothing to do with the reality. The embassy has never engaged with Ecuadorean colleagues, or with anyone else, in discussions on any kind of Russian participation in ending Mr Assange’s stay within the diplomatic mission of Ecuador. As regards the idea that “the Kremlin was willing to offer support” to a secret plan by “allowing Assange to travel to Russia”, we are puzzled by the sensational attitude of the authors. Russia is always happy to welcome international guests if they arrive in a lawful manner and with good intentions.

      As recently as 18 September, the culture secretary, Jeremy Wright, speaking at the Royal Television Society, called for increased efforts to combat media and online disinformation. Your article is a brilliant example of the kind of journalism that the British reader should be protected from.


    • Being Julian Assange
      In 2016 an accused serial sexual predator ran for the US presidency against the notoriously corrupt wife of a previously impeached President – who is also an accused serial sexual predator.

      That these facts alone were insufficient to invalidate the entire race is testament to the audacity with which corrupt power operates in the West, and how conditioned the public is to consuming the warped byproducts of its naked machinations.

      Arguably the most contentious election in recent history, the accused serial sexual predator won.

      During the race, WikiLeaks Editor-in-Chief Julian Assange aptly described the two candidates as “cholera vs gonorrhoea.” Edward Snowden ran a Twitter poll asking his followers whether they would rather vote for a “calculating villain”, an “unthinking monster” or “literally anyone else”. 67% chose the latter. Yet those who didn’t want to be forced into a false choice between Clinton or Trump became the forgotten voices, the silent majority; largely excluded from the endless, vapid mainstream media debates about the outcome.

      Julian and Edward’s descriptors were flawless metaphors for the Presidential contestants; cartoon-like characters that when paired together and portrayed as a legitimate democratic choice, made a mockery of the entire concept of political representation.






  • Finance



    • Uber scores a big win in legal fight to keep drivers as independent contractors

      A three-judge panel ruled in favor of Uber in a long-standing lawsuit that could have a profound impact on the future of ride-sharing and the gig economy.

      The Ninth US Circuit Court of Appeals issued a decision Tuesday reversing the class certification order in the case of O’Connor v. Uber, in which Uber drivers argued they should be categorized as employees rather than independent contractors. The judges nullified the decision on the ground that Uber’s arbitration clause prohibits class actions.



    • Uber wins key ruling in its fight against treating drivers as employees

      Uber says that its drivers are legally independent contractors, not employees. That's significant because federal law strictly regulates the relationship between employers and employees. Employees are guaranteed to earn federal minimum wage and are entitled to overtime pay if they work more than 40 hours per week. Uber employees, in contrast, are paid by the ride and might earn much less than minimum wage if they drive at a slow time of day.

      California law also gives employees the right to be reimbursed for expenses they incur on the job, which would be significant for Uber drivers who otherwise are responsible for gas, maintenance, insurance, and other expenses of operating an Uber vehicle.



    • Google to allow certain cryptocurrency advertising next month

      It’s unclear why Google is lifting its ban now, but it would appear that the company thinks the crypto hype over skyrocketing digital currency values and all of the negative side effects associated with that has died down. Facebook, which put in place the first large-scale crypto advertising ban back in January, lifted its ban on certain types of crypto-related ads in June. Similarly, Facebook is still banning ICOs and requires companies to fill out an application to run ads. So Google may be simply following suit in an effort to ensure it does not lose out on valuable ad dollars. The company was not immediately available for comment.



    • Google ends cryptocurrency ad ban — but only for certain kinds of ads

      Google is reversing part of its sweeping ban on cryptocurrency-related advertising and plans to allow regulated crypto exchanges to buy ads in the United States and Japan.

      The new policy starts in October.



    • The contexts of Thatcher’s Bruges speech of 1988


      Last week was the thirtieth anniversary of the “Bruges speech” by the then prime minister Margaret Thatcher.

      Over at the FT I did a piece on the anniversary, contending that the speech was not the start of the road to Brexit (a view put forward by a number of pundits).

      Instead I suggested that it was that by disregarding that speech that Conservatives took us on the road to Brexit.

    • Theresa May’s Bad Faith
      The Salzburg debacle was a low point of British diplomacy, because neither Number 10 nor the Brexit ministers paid any attention to the information being provided by Britain’s Embassies, which was that there is fizzing resentment in major capitals at what is viewed as Theresa May’s rank bad faith.

      Good faith is an intangible, but it is the most important asset you can have in diplomatic negotiations, and building up trust is the most important skill in international relations. The EU remains genuinely concerned for the future of Ireland, which unlike the UK is a continuing member.

      In December, after hard talks, the UK signed up to the Joint Report as the basis for negotiation. This contained the famous “backstop” on North/South Ireland relations. It is worth looking on what the text of the “backstop” actually says.

      [...]

      I have refrained from comment on the Brexit negotiations, but among the rafts of mainstream media coverage, I have not seen this issue of May’s bad faith given the prominence it deserves. Whatever your stance on Brexit, conducting negotiations in this manner – the cliche of perfidious is in fact the best description – is a ludicrously ineffective way to behave. On the most profound political, economic and social transformation the UK has embarked on in decades, the Tory government is an utter shambles.

      I personally changed my rose-tinted view of the EU after seeing its leaders line-up to applaud the Francoist paramilitary forces for clubbing grandmothers over the head for having the temerity to try to vote in Catalonia. My interest in Third Pillar cooperation ended there. But leaving the customs union appears to me a ridiculous act of self harm.




  • AstroTurf/Lobbying/Politics

    • Election security bill won't pass ahead of midterms, says key Republican [iophk: "voting fraud goes for one more round"]

      Some secretaries of state and election organizations had raised concerns about the legislation, which would have required that states use backup paper ballots and conduct audits after elections to ensure that no votes or voting systems were compromised.



    • Why Am I Seeing This? Interesting Facebook Ads From Our Political Ad Collector
      Norcross is a big buyer of Facebook ads. According to a ProPublica analysis, he is one of the top spenders on Facebook ads in the House. According to the House’s Statement of Disbursements, he spent $24,570 from his office budget on Facebook ads during the first six months of 2018, more than any other member, counting only direct spending. Other members may have spent more through digital marketing agencies, but the disclosure data does not break out spending by advertising platform.

      Constituents of Norcross’ who like “beaches” saw ads focused on the environment, including one referencing his opposition to offshore drilling. Constituents who like “politics & social issues” — a Facebook category often used as a proxy for political engagement — saw ads touting Norcross’ support of protections for people in the LGBTQ community.
    • Facebook’s New Propaganda Partners


      Media giant Facebook recently announced (Reuters, 9/19/18) it would combat “fake news” by partnering with two propaganda organizations founded and funded by the US government: the National Democratic Institute (NDI) and the International Republican Institute (IRI). The social media platform was already working closely with the NATO-sponsored Atlantic Council think tank (FAIR.org, 5/21/18).

      In a previous FAIR article (8/22/18), I noted that the “fake news” issue was being used as a pretext to attack the left and progressive news sites. Changes to Facebook’s algorithm have reduced traffic significantly for progressive outlets like Common Dreams (5/3/18), while the pages of Venezuelan government–backed TeleSur English and the independent Venezuelanalysis were shut down without warning, and only reinstated after a public outcry.

      The Washington, DC–based NDI and IRI are staffed with senior Democratic and Republican politicians; the NDI is chaired by former Secretary of State Madeleine Albright, while the late Sen. John McCain was the longtime IRI chair. Both groups were created in 1983 as arms of the National Endowment for Democracy (NED), a Cold War enterprise backed by then–CIA director William Casey (Jacobin, 3/7/18). That these two US government creations, along with a NATO offshoot like the Atlantic Council, are used by Facebook to distinguish real from fake news is effectively state censorship.


    • US tech think tank lambasts moves to investigate social media giants

      The Information Technology Innovation Foundation, a self-proclaimed non-partisan Washington DC think tank which includes representatives of the largest US tech multinationals on its board, has slammed moves by the Trump Government to investigate the big three US social media giants amid “escalating complaints about anti-conservative bias” on their platforms.

      An ominously titled open letter published in USA Today, which has the undertones of a threat, warned US Federal Attorney-General Jeff Sessions and “conservatives” not to “mess with Google, Facebook or Twitter".

    • Elliott Broidy’s All-Access Pass — “Trump, Inc.” Podcast


      “Trump, Inc.” is back. Our podcast with WNYC focused earlier this year on the many mysteries around President Donald Trump’s businesses. This season, we’re widening the lens to look at the people around Trump and how they are benefitting from his presidency.

      Our first episode looks at Elliott Broidy. You might remember him as the Republican financier who agreed to pay a Playboy model $1.6 million in return for her silence. (Broidy has said it was just to help her financially.)

      Before that scandal, Broidy was at the center of another one. A decade ago, he pleaded guilty to bribing New York State pension officials — “an old-fashioned payoff,“ as then-state Attorney General Andrew Cuomo put it. (Before the plea was finalized, a judge allowed Broidy to change his plea from a felony to a misdemeanor.)




  • Censorship/Free Speech



    • Twitter Releases New Policy on 'Dehumanizing Speech'

      The policy will prohibit “content that dehumanizes others based on their membership in an identifiable group, even when the material does not include a direct target.” It expands upon Twitter’s existing hateful conduct policy prohibiting users from threatening violence or directly attacking a specific individual on the basis of characteristics such as race, sexual orientation, or gender. Twitter’s users, especially women and minority groups, long have complained that the company’s rules have been ineffective and inconsistent in addressing harassment and abuse.



    • Facebook failing to protect moderators from mental trauma, lawsuit claims

      Facebook in the past has said all of its content reviewers have access to mental health resources, including trained professionals onsite for both individual and group counseling, and they receive full healthcare benefits.

      It did not respond to a request by Reuters for comment on Monday.

      Currently, more than 7,500 content reviewers work for Facebook, including full-time employees and contractors.



    • Maldives sculpture by British artist torn down for being threat to 'Islamic unity'

      The islands' autocratic government said that the work, which included hybrid form sculptures – part-human, part-plant, part-coral - represented "idols" and ordered its demolition. The work had been subject to a series of complaints from religious scholars.



    • Here's Why ‘The Satanic Verses’ Remains So Controversial 30 Years Later

      One of the most controversial books in recent literary history, Salman Rushdie’s “The Satanic Verses,” was published three decades ago this month and almost immediately set off angry demonstrations all over the world, some of them violent.



    • We must have the right to insult politicians

      It is worth reminding ourselves what MPs actually mean when they say they want to curb online ‘abuse’. Given that it is impossible to harm someone physically online, what they really mean by abuse is criticism, ridicule and insult. They mean bad language and bad words. What qualifies as abuse can encompass anything from death threats and misogyny to levelling jibes like ‘gammon’ or ‘snowflake’. Many politicians hold ordinary members of the public in such contempt that even the mildest criticism is seen as abusive. For instance, when Tory MP Antoinette Sandbach received an email from a constituent rebuking her for backing pro-Remain amendments in a crucial parliamentary vote on Brexit, she replied to say that she had referred the constituent to the police.



    • Louisiana's Attorney General Wants To Break Up Google Over 'Bias'
      Again, it's not at all proven that the internet giants are "suppressing conservative agendas." If they were, that would be quite remarkable, given that apparent "conservatives" control the White House, both houses of Congress, the judiciary and the vast majority of state houses. It would certainly then suggest that these internet companies aren't very good at suppressing such an agenda if they really were attempting to do so (and, spoiler alert: they're not).

      But, of course, the larger point still stands: this is clearly a government official, looking to use not just executive power, but law enforcement powers, to intimidate companies regarding speech on their platforms. That is 100% unconstitutional. I already detailed a variety of cases that make this point, but it appears that law enforcement officials are going to ignore that, so long as they can politically grandstand on this issue.

      But, just to flip this around: would Louisiana Attorney General Jeff Landry agree that Fox News or Breitbart should be hit with legal action for "suppressing liberal agendas?" Of course not.
    • District Court Misses The Forest For The Trees In Dismissing Constitutional Challenge To FOSTA
      It's like the scene in the Naked Gun, where Leslie Nielsen stands outside the exploding fireworks factory telling everyone, "Nothing to see here. Please disperse." Such is the decision by the district court dismissing the EFF's lawsuit challenging the constitutionality of FOSTA.

      [...]

      It's a statutory parsing that would be a lot more assuring if it didn't ignore another perfectly plausible read of the statute. Of course it's ridiculous to say that Maley intended to promote prostitution. But that's not what the statute forbids. In a subsequent passage the court dismisses the argument that FOSTA's amendments to 18 U.S.C. Sec. 1591 create any additional legal risk for platforms. But the amendments expand the prohibition against the "participation in a venture" to engage in sex trafficking to include "knowingly assisting, supporting, or facilitating" such a venture. This language suggests that liability does not require knowledge of a specific act of sex trafficking. Instead, merely providing services to sex traffickers – even ones unsuccessful in their sex trafficking venture – would seem to trigger liability. In other words, knowledge seems to hinge not on knowledge of a sex trafficking act but on knowledge of a sex trafficking venture (including one that may even be victimless), yet both the statute and the court are silent as to how much, or how little, a platform would need to actually know in order to have "knowledge" for purposes of the statute. This vagueness is what is so chilling to them, because it forces them to guess conservatively. But the court provides little relief, and in dismissing the case denies the opportunity to even attempt to gain any.

      Also, while these plaintiffs were suing because they feared prospective injury, plaintiff Eric Koszyk has already experienced a tangible injury directly traceable to the changes in the law wrought by FOSTA. He was a massage therapist who relied on Craigslist to advertise his services. In the wake of FOSTA, Craigslist shut down its Therapeutic Services section, thus limiting his ability to find customers. Without FOSTA (which would result if it were declared unconstitutional) it would seem that the shutdown decision could be reversed.


    • FOSTA Case Update: Court Dismisses Lawsuit Without Ruling on Whether the Statute is Unconstitutional
      A federal court considering a challenge to the Allow States and Victims to Fight Online Sex Trafficking Act of 2017, or FOSTA, dismissed the case on Monday.

      EFF and partner law firms filed a lawsuit in June against the Justice Department on behalf of two human rights organizations, a digital library, an activist for sex workers, and a certified massage therapist to block enforcement of FOSTA.

      Unfortunately, a federal court sided with the government and dismissed Woodhull Freedom Foundation et al. v. United States. The court did not reach the merits of any of the constitutional issues, but instead found that none of the plaintiffs had standing to challenge the law’s legality.


    • Age-Appropriate Design Code


      Recital 38 of the General Data Protection Regulation recognizes that children merit “specific protection with regard to their personal data, as they may be less aware of the risks, consequences and safeguards concerned and their rights in relation to the processing of personal data.” The recital goes on to make specific reference to the collection of personal data for marketing or user profiles or for services offered directly to a child.

      The recital lays out that children should be considered differently to the adults online. It is an uncontroversial observation that rarely is the distinction made online between an adult and a child in a meaningful way. This is particularly true when it comes to privacy. Services targeted at children process data in similar ways to services that are mixed or targeted at adults.

      The Age-Appropriate Design Code of Practice provides an opportunity to fix that imbalance. It can address the relationship a child has with online services by creating stronger default settings and working towards better provision of information to children about terms and conditions and privacy notices. It can also operate as a learning experience, preparing children for adulthood as effective participants online with agency and confidence in their rights.
    • What Does “Edited for Content” Mean on Airplane Movies?
      While lots of airlines display the “edited for content” warning before different movies, there’s no single standard that they have to meet. It also depends on the source of the movie.

      Big studios will often release an airplane cut of their tentpole movies, separate from the theatrical cut, that edits out references to terrorists, plane crashes, and the like; basically content that no one really wants to see when they’re hurtling through the air at 4/5ths of the speed of sound in an aluminum tube. Airlines tend to avoid screening movies where these are major plot points anyway—no Con Air or Alive for you—so, for the most part, you’re not going to see much difference.

      Where things get more interesting is when they pass through an editing company that specializes in airplane movies. James Durston, writing for CNN, interviewed Jovita Toh, the CEO of Encore Inflight Limited. Toh claims that they edit movies differently depending on which airline they’re for. European airlines are very accepting of nudity and swearing but tend to dislike overly violent or gory films. In the Middle East, it’s the opposite, with their airlines requiring any sexual content or bare skin scrubbed while not being too worried about violence. Some airlines based in Muslim countries even want references to pigs and pork removed! Toh’s company has also been asked to remove logos of competing airlines.
    • Pro-Israeli Terror Threat at Labour Conference Covered Up By MSM
      A fringe venue at the Labour conference was evacuated last night after the screening of a film about my friend Jackie Walker was cancelled by a terrorist bomb threat. Jackie, a black Jewish prominent critic of Israel, is currently among those suspended from the Labour Party over accusations of anti-semitism which are, in her case, nonsense.

      What is astonishing is that the state and corporate media, which has made huge play around the entirely fake news of threats to pro-Israel MP Luciana Berger leading to her being given a police escort to protect her from ordinary delegates, has completely ignored this actual and disruptive pro-Israeli threat – except where they have reported the bomb threat, using the big lie technique, as a further example of anti-semitism in the Labour Party!

      The Guardian’s report in this respect is simply unbelievable. Headed “Jewish event at Labour conference abandoned after bomb scare” it fails to note that Jewish Voice for Labour is a pro-Corbyn organisation and the film, “The Political Lynching of Jackie Walker”, exposes the evil machinations of the organised witch-hunt against Palestinian activists orchestrated by Labour Friends of Israel and the Israeli Embassy. It is not that the Guardian does not know this – it has carried several articles calling for Jackie Wilson’s expulsion.


    • Legislators Pushing A Patriot Act, But For Human Trafficking In The Wake Of FOSTA
      When you're looking to expand the government's power, any crisis will do. Following the 9/11 attacks in 2001, legislators told us the terrorists hated us for our freedom. Then they rushed through the Patriot Act, demonstrating how much our own government hates us for our freedoms.

      In the name of national security, the government was allowed to engage in warrantless searches (and warrantless wiretapping) as the Fourth Amendment was sacrificed to make way for secure skies and secure borders. More of the same is on tap at the federal level, thanks to another "crisis" -- one mostly manufactured by a number of government officials who want to expand their power in the name of all the trafficked children in the world.

      Sex trafficking is the name of the game -- even if the game board seems mostly devoid of players. A number of grandstanders have taken shots at big online services, playing shoot the message board since it's easier to serve Craigslist, Backpage, or whoever than track down actual traffickers.

      One of these grandstanders is Rep. Ann Wagner. Wagner has been leading the charge to destroy Section 230 immunity under the pretense of hunting down sex traffickers. Sex traffickers will go on trafficking. They'll just be harder to find. Meanwhile, the web gets worse for everyone as websites become less willing to provide platforms for third-party content.


    • Years Later, FTC Wins Case Against Roca Labs For Its Bogus Non-Disparagement Clause
      Remember Roca Labs? A few years back we wrote about them extensively. The company (along with Don Juravin, who ran it), had cooked up quite a scheme. They were selling what they claimed was a "weight loss" product, which involved ingesting something that one doctor summarized as "consist[ing] primarily of industrial food thickening agents." If that wasn't already sketchy enough, the company more or less required purchasers to agree to a non-disparagement contract in order to order the stuff. Roca claimed that you were just getting a "discount" if you agreed to the non-disaparagement clause, but it was unclear if there was any other way to order. Roca had a "doctor" vouching for its product, but it turned out it was a doctor who had lost his medical license. The company came to our attention when it sued Pissedconsumer because some of its many unhappy customers had ignored the non-disparagement clause and complained about Roca Labs on that site.

      The company then trotted out nearly every sketchy trick in the book -- including threatening legal action against us, actually suing PissedConsumer's lawyer, Marc Randazza (over something that we had written on Techdirt), and filing bogus DMCA notices to try to delete negative reviews -- before the FTC finally went after the company in September of 2015.

      That case has continued for years (during which PissedConsumer won its case against Roca) and now the FTC has finally prevailed against Roca and Juravin as well. Eric Goldman has a good write-up on the ruling as well.


    • Twelve Rules For Not Being A Total Free Speech Hypocrite
      I have to say that I've never received so many earnest and detailed--but super angry--emails as I did after my article earlier this year calling out Jordan Peterson's obvious hypocrisy for claiming to fight for free speech, while suing a university for "defamation" over the speech of some of its staff members. So many very, very earnest young men, really, really wanted to debate the finer points of how suing over speech could magically lead to more free speech. Again, to be clear: I thought that what Wilfrid Laurier University did in punishing a teaching assistant for showing a video clip of Peterson was completely asinine and the university and its staff deserved all of the ridicule it got.

      The lawsuit, however, was another story altogether. Beyond it being a completely obvious SLAPP suit -- using defamation to try to silence someone -- there were all sorts of weird conflicts of interest (it was filed by the same lawyer representing the teaching assistant Lindsay Shepherd, and as some have pointed out, Shepherd and Peterson are clearly in conflict with one another over this, since it was Shepherd who actually "published" the negative comments about Peterson by posting them in a video). But the key point is that it's blatant hypocrisy to sue someone for criticizing you while basing a large part of your persona on being about freedom of speech. Indeed, much of Peterson's claim to fame was in loudly protesting a proposed law in Canada that he claimed would be an attack on his own free speech.

      Since then, however, Peterson only seems to be doubling and tripling down on his attacks on free speech. A few weeks ago he filed a second lawsuit against Wilfrid Laurier University arguing (I kid you not) that the University's own defense to his original lawsuit defamed him again because it claimed that he benefited from the press attention around the controversy (rather than harming him, as required to be defamation). This seems even more ridiculous than his original lawsuit. Canada, like the US, has absolute privilege in judicial proceedings, meaning you can't claim defamation for things said in the course of ongoing litigation. But, apparently Peterson is going to ignore that.




  • Privacy/Surveillance



    • A Consumer Privacy Hearing With No One Representing Consumers
      The Senate Commerce Committee hearing on consumer privacy this morning was exactly what we and other privacy advocates expected: a chorus of big tech industry voices, with no one representing smaller companies or consumers themselves.

      In his opening remarks, Senator Thune acknowledged the “angst” caused by the Committee's decisions to convene an industry-only panel, and promised more hearings with more diverse voices. We look forward to a confirmed hearing date with a diverse panel of witnesses from academia, advocacy, and state consumer protection authorities.

      Today’s hearing included witnesses from AT&T, Apple, Amazon, Charter, Google, and Twitter. All of them confirmed their support for a federal law to preempt California’s Consumer Privacy Act. Many recited talking points about the workload required to comply with the “patchwork” of state laws that they anticipate. However, none were able to answer the question of why the U.S. shouldn’t adopt standards along the lines of the EU’s GDPR or California’s CCPA.

      None of this was surprising. The companies represented largely rely on the ability to monetize information about everything we do, online and elsewhere. They are not likely to ask for laws that restrain their business plans.

      In the midst of an otherwise disappointing hearing, some Senators took a strong line on privacy that we applaud. Senator Markey requested that companies discuss a strong, privacy-protective bill before considering preemption of California’s new law. Senator Schatz questioned whether companies were coming to Congress simply to block state privacy laws and raised the prospect of creating an actual federal privacy regulator with broad authority. And Senator Blumenthal pointed out that, while the company representatives present claimed that GDPR and the CCPA imposed unreasonable burdens, they all seemed to be successfully complying.


    • Grindr Playing DMCA Whac-A-Mole With Privacy Threat ‘Fuckr’

      Back in March, it was revealed that Grindr could be exploited to expose the personal information of its users. Two months later, a further report noted that it was still possible to extract personal information from Grindr using a third-party app called "Fuckr". Following an initial takedown from Github, the problem has continued, a new DMCA notice targeting more than 90 clones reveals.



    • State Attorneys General Really Want To Go After Big Internet Companies; But Claim It's About Privacy, Not Bias


      Of course, it seems like almost journalistic malpractice to quote Jim Hood talking about going after social media platforms without mentioning the fact that he was the centerpiece of a the conspiracy by the top movie studios to attack Google with nonsensical complaints about illegal things he found while doing searches on Google. If you don't recall, the Sony hack revealed a plot by the legacy movie studios to have their lawyers effectively run an investigation for Jim Hood -- and even the NY Times revealed that his eventual subpoena to Google was written by the MPAA's lawyers. A judge reviewing Google's legal fight with Hood noted that it seemed pretty clear that Hood's actions were done in "bad faith." So... consider me at least marginally skeptical that Hood is an objective voice on what is and is not appropriate for a state Attorney General to investigate regarding the big internet platforms.

      Obviously, if there are real antitrust violations, then that's a valid issue to explore. But, so many of the attacks themselves seem to be a hell of a lot more "politically biased" than any of the claims about how the internet companies themselves are politically biased.

      [...]

      So... if tech companies actually protect people's privacy with strong encryption, they get yelled at and threatened with legal action by Attorneys General. And if they don't protect people's privacy... they get yelled at and threatened with legal action by Attorneys General. Just what exactly are they supposed to do?

      Again, it is entirely possible that these companies have violated various laws. Perhaps they're in violation of antitrust laws, though the evidence there is lacking so far. But, from everything that's been said coming out of this meeting, it does not inspire much confidence that there are reasonable and objective reasons for taking legal actions against these platforms. Instead -- and this is all too typical for state AGs -- there appears to be a lot of grandstanding and bluster without much substance.


    • Instagram co-founders' departure driven by falling out with Zuckerberg: report

      Instagram CEO Kevin Systrom and Chief Technical Officer Mike Krieger left their posts at the image sharing app on Tuesday. The two sold Instagram to Facebook in 2012 for $1 billion.

      "Kevin [Systrom] has been super-pissed-off at Mark," a top Facebook source reportedly told NBC News.



    • Amazon launches Prime Reading service in India


    • A mixed bag: Mozilla reacts to the Indian Supreme Court’s landmark verdict on Aadhaar
      By holding Section 57 of the Aadhaar Act to be unconstitutional, the Supreme Court of India has recognized the privacy risks created by the indiscriminate use of Aadhaar for private services. While this is welcome, by allowing the State wide powers to make Aadhaar mandatory for welfare subsidies and PAN, this judgment falls short of guaranteeing Indians meaningful choice on whether and how to use Aadhaar. This is especially worrisome given that India still lacks a data protection law to regulate government or private use of personal data. Now, more than ever, we need legal protections that will hold the government to account.
    • India’s Top Court Limits Sweep of Biometric ID Program
      In a landmark ruling on Wednesday, India’s Supreme Court placed strict limits on the government’s national biometric identity system while also finding that the sweeping program did not fundamentally violate the privacy rights of the country’s 1.3 billion residents.

      A five-justice panel of the court decided 4-1 to approve the use of the program, called Aadhaar, for matters involving the public purse, such as the distribution of food rations and other government benefits and the collection of income taxes.

      But the panel struck down Prime Minister Narendra Modi’s efforts to require the digital ID for other purposes, including verifying the identity of students taking exams, and established new protections meant to prevent the government from misusing the data in the name of national security.
    • Indian Supreme Court Rules Aadhaar Does Not Violate Privacy Rights, But Places Limits On Its Use
      Techdirt wrote recently about what seems to be yet another problem with India's massive Aadhaar biometric identity system. Alongside these specific security issues, there is the larger question of whether Aadhaar as a whole is a violation of Indian citizens' fundamental privacy rights. That question was made all the more pertinent in the light of the country's Supreme Court ruling last year that "Privacy is the constitutional core of human dignity." It led many to hope that the same court would strike down Aadhaar completely following constitutional challenges to the project. However, in a mixed result for both privacy organizations and Aadhaar proponents, India's Supreme Court has handed down a judgment that the identity system does not fundamentally violate privacy rights, but that its use must be strictly circumscribed.


    • Supreme Court to deliver judgement on validity of Aadhaar tomorrow

      The Supreme Court will on Wednesday give its verdict on Aadhaar, the national identity card project challenged by critics for allegedly violating the constitution.



    • Unintended Consequences: How The GDPR Can Undermine Privacy
      We've highlighted a few times now, just how problematic the GDPR is. This is not because we don't care about privacy -- we do very much. We just think that the GDPR's approach is not a very good one with a lot more downsides than upsides -- and, it's unlikely to do very much to actually protect your privacy. For example, we just wrote about the GDPR being used (successfully!) to try to erase a public court docket.

      But not only do we think that the GDPR doesn't actually protect your privacy, it might actually put it at much greater risk. Take the story of Jean Yang, who noted that someone hacked her Spotify account and then, thanks to GDPR requirements, was able to download her entire Spotify history.


    • NSA employee who brought hacking [sic] tools home sentenced to 66 months in prison

      Nghia Hoang Pho, a 68-year-old former National Security Agency employee who worked in the NSA's Tailored Access Operations (TAO) division, was sentenced today to 66 months in prison for willful, unauthorized removal and retention of classified documents and material from his workplace—material that included hacking tools that were likely part of the code dumped by the individual or group known as Shadowbrokers in the summer of 2016.





  • Civil Rights/Policing



    • Remove the Drone Shoot-Down and Biometric Surveillance Sections From the FAA Act


      To keep the Federal Aviation Administration functioning, Congress must pass a reauthorization bill by September 30th. But the current bill has been stuffed with last-minute provisions that would strip people of their constitutional rights.

      In the FAA Reauthorization Act, Congress attached the Preventing Emerging Threats Act, with slightly modified language. But the new provisions do nothing to protect private drone operators—flown by journalists, businesses, and hobbyists—from unprovoked, warrantless take-downs and snooping by DOJ and DHS.

      The FAA Reauthorization also for the first time gives a congressional imprimatur to DHS’ biometric scanning of domestic travelers and U.S. citizens.

      The basic functioning of a government agency should not be taken hostage by controversial legislation that strips people of their rights to speech and privacy. Unless these provisions are removed, Congress should not pass FAA Reauthorization.


    • After Fielding Third Case On Point, Court Finally Decides Curtilage-Violating 'Knock And Talks' Are Clearly Unconstitutional
      You can violate Constitutional rights and still dodge liability. You just have to do it in a way that doesn't immediately summon precedential cases on point. That's the beauty of qualified immunity, the doctrine the Supreme Court decided was needed because expecting law enforcement to operate within the confines of the Constitution is just too much to ask.

      Fairfield County, Ohio's SCRAP (Street Crime Reduction and Apprehension Program) unit plays fast and loose with the Constitution -- and with the county's apparent blessing. A case examined by the Sixth Circuit Court of Appeals details a search the SCRAP chose not to call a search that resulted in the discovery of marijuana plants -- and further contraband once a warrant was secured. The defendants -- Neil Morgan and Anita Graf -- asked for the evidence to be suppressed. They argued the initial "knock and talk" violated the Fourth Amendment, tainting the more thorough search that followed.

      Acting on a tip, the county's SCRAP unit went to the defendants' residence and basically surrounded it, placing two officers approximately five feet from the house in the backyard. It was from this vantage point the marijuana plants on the second floor balcony were spotted -- something not visible to those approaching the house from more "public" directions. The court agreed and vacated their sentences. This lawsuit against the officers and the county ensued.


    • Brooklyn Residents Protest ‘Miniature Rikers’ As City Unveils Plans To Expand Borough Jail
      Brooklyn residents let New York City officials and their corporate partners know on Thursday that, rather than the expansion of the Brooklyn Detention Complex proposed as part of Mayor Bill de Blasio’s plan to shut down Rikers Island, they want “no new jails.”

      The public hearing inside PS 133’s auditorium on September 20 was supposed “to provide the public with an opportunity to comment on the scope of work that outlines how [the] environmental impact statement, or EIS, for [the new jail] will be prepared” according to city officials at the beginning of the hearing. But local activists and residents were not there to just talk about the environmental impact statement.

      Even before the town hall began, activists with the #NoNewJails campaign were at the entrance of the auditorium handing out literature stating that they “support the closure of Rikers” and “oppose new jail construction.” Instead of investing in jails and the criminal justice system, activists demand that NYC “invest in community resources” and “close jails by investing in alternatives to criminalization and imprisonment.”

      The city gave out two small booklets that explained the mayor’s plan “towards a borough-based jail system,” which is supposed to cost an estimated $10.6 billion over 10 years, and attempted to present the idea of new jails in a seemingly progressive way. One booklet described how the new jail in Brooklyn would look, stating that “there would be retail and community space” on the ground floor and even included a rendering of the street level view. The rendering showed a colorful and ultra-gentrified street with civilians nonchalantly walking past the aesthetically-pleasing glass front doors of the jail.


    • Orlando Paramedics Didn’t Go In to Save Victims of the Pulse Shooting. Here’s Why.
      “I need the hospital! Please, why does someone not want to help?”

      The man’s screams inside the Pulse nightclub pierced the chaos in the minutes after the shooting stopped on June 12, 2016. With the shooter barricaded in a bathroom and victims piled on top of one another, Orlando police commanders began asking the Fire Department for help getting dozens of shooting victims out of the club and to the hospital.

      “We need to get these people out,” a command officer said over the police radio.

      “We gotta get ‘em out,” another officer responded. “We got him [the shooter] contained in the bathroom. We have several long guns on the bathroom right now.”

      [...]

      None of that equipment was used at Pulse. Emergency medical professionals stayed across the street from the club. And the bulletproof vests filled with life-saving equipment sat at headquarters.

      In the three and a half years before the shooting, bureaucratic inertia had taken hold. Emails obtained by WMFE and ProPublica lay out a record of opportunities missed. It’s not clear whether paramedics could have entered and saved lives. But what is clear is Saez’s plan to prepare for such a scenario sat unused, like the vests.

      His effort had sputtered and was ultimately abandoned after a new fire chief, Roderick Williams, took over the department in April 2015. Williams named another administrator to finalize and implement the new policy. That administrator declined multiple requests to comment for this story. Saez said he offered to help but never heard back.


    • How the Orlando Fire Department’s Active Shooter Policy Fell Through the Cracks
      Saez files a hostile work environment complaint with the city’s Human Resources Department against the fire chief and the deputy chief who wrote him up. Saez retired in September. The city of Orlando says it is “currently reviewing the facts of this case as it is active and ongoing.”
    • The Reports of Civil Asset Forfeiture’s Death in Philadelphia Have Been Greatly Exaggerated
      Despite a settlement reforming the practice, policing for profit will continue in the City of Brotherly Love.

      Last week, Philadelphia and its district attorney, Larry Krasner, agreed to overhaul the city’s civil asset forfeiture practices after a long history of abuse and subsequent reform efforts thwarted by prosecutors across the state. But no one should be fooled into believing that forfeiture has been “dismantled” in Philadelphia.

      For years, the City of Brotherly Love has been in the national spotlight for its aggressive use of civil asset forfeiture — the police practice of seizing private property merely suspected of having a connection to a crime. For decades, the Philadelphia District Attorney’s Office has amplified its budget with millions of dollars each year from forfeiture.

      Analyses by investigative journalists and the ACLU of Pennsylvania showed that these forfeiture revenues came mostly from taking small amounts of cash —less than $200 at a time — as well as vehicles and houses from people who had not been convicted of any crime but live in heavily policed communities of color. Because civil forfeiture is not a criminal proceeding, property owners have no right to counsel, and most lose their property by default when they fail to formally respond to the government in court.


    • Greyhound Is Still Failing to Protect Customers from Border Patrol Abuse
      The company continues to be complicit in the Trump deportation force’s unconstitutional immigration enforcement on board its buses.

      In January 2018, Border Patrol agents boarded a Greyhound bus in Fort Lauderdale, Florida, and demanded identification from passengers. Videos of the encounter went viral — showing these agents, with “POLICE” emblazoned on their vests, escorting a woman of Caribbean descent in her 60s off the bus. In the background, someone filming says, “This is new?”

      Unfortunately, it wasn’t.

      Customs and Border Protection, which contains the Border Patrol, has a history of boarding buses and subjecting passengers to racial profiling in unjustified interrogations. Greyhound has always let it. After the incident, Greyhound released a statement saying that it was “required to cooperate with the relevant enforcement agencies if they ask to board our buses or enter stations.” Actually, as a private business, Greyhound has the Fourth Amendment right to deny CBP permission to board and search its buses without probable cause or a warrant.

      That’s why, six months ago, the ACLU wrote to Greyhound, urging the company to exercise its rights. Ten of our affiliates took a clear stand, echoed by tens of thousands of ACLU supporters: Greyhound should protect its customers from the racial profiling that characterizes Border Patrol interrogations and tell CBP that its agents need probable cause or a warrant to board a bus, protection that the Fourth Amendment guarantees.


    • Court Won't Let FBI Dodge Lawsuit By Removing American Citizen From No-Fly List Shortly Shortly After Being Sued
      The FBI uses the "no fly" list as leverage. What should be used to keep threats to national security off airplanes is being used to turn people into informants. If someone travels to a country the US government views with suspicion, citizens and legal residents are often approached by FBI agents who use the threat of revoking flying privileges to obtain new info sources.

      DOJ policy expressly forbids this sort of behavior, but the FBI doesn't care. It tells the CBP to keep an eye on travelers who visit or originate from certain countries, accost them in the airport, and subject them to invasive searches/interrogations with an eye on converting them to unofficial G-men.

      Earlier this year, the Second Circuit Appeals Court said federal agents could be sued for tossing three men on the "no fly" list for refusing to become informants. The Ninth Circuit Appeals Court is saying the same thing. There are procedural differences between the two cases, but in both, the plaintiffs have been allowed to move forward with their lawsuits.





  • Internet Policy/Net Neutrality

    • No, Next-Gen Wireless (5G) Won't Magically Fix The Broken U.S. Broadband Market
      We've made it pretty clear by now that despite some promising gigabit fiber deployments, the U.S. broadband industry is actually getting less competitive than ever in countless markets nationwide. That's occurring in part because telcos like Verizon have shifted their focus toward slinging video ads at Millennials (poorly), instead of upgrading antiquated DSL lines in countless states. As a result, the nation's two dominant cable providers (Charter Spectrum, Comcast) are securing a growing monopoly over broadband, especially at faster speeds.

      The net result is less competition, but more of everything everybody dislikes about American broadband: mindless rate hikes, usage caps, net neutrality violations, terrible customer service, and an obvious, active disdain for the captive customers these companies "serve."

      Of course there's many (most notably the broadband industry) that try and argue these problems aren't that big of a deal because fifth-generation (5G) wireless will soon arrive, basking the country in ubiquitous connectivity and broadband competition.


    • California's Net Neutrality Bill Should Be Signed Into Law
      Millions of Californians are waiting for Gov. Jerry Brown to affirm their call for a free and open Internet.

      After Congress reversed the Federal Communication Commission’s 2015 Open Internet Order, states have had to step up to ensure that all traffic on the Internet is treated equally. Gov. Brown’s signature would make California the fourth state to pass a law offering net neutrality protections to its residents.

      While EFF applauds the states that have taken steps to provide net neutrality protections, we believe California’s is the strongest measure in the country. It goes beyond the basic protections laid out in Washington and Oregon to prevent blocking and interference to ensure that Internet service providers cannot circumvent net neutrality protections at any point in delivering service to consumers.

      The bill also goes further than other measures by prohibiting ISPs in California from using the practice of discriminatory zero-rating – that is, raising costs on competitive services or apps by exempting their own affiliated products or for companies that pay the Internet access provider for preferential treatment. It also does not allow ISPs to charge other companies for access to their customers, a ban that has been in place for decades.


    • Video streaming experience on smartphones very poor in India: OpenSignal

      A first-of-its-kind measurement in the mobile industry, OpenSignal's video experience metric was derived from an International Telecommunication Union (ITU)-based approach for measuring video quality.

      For the analysis, OpenSignal examined 69 countries spread throughout the globe to see how they stacked up in video experience.





  • Intellectual Monopolies



    • The Design Patent Bar: An Occupational Licensing Failure
      Although any attorney can represent clients with complex property, tax, or administrative issues, only a certain class of attorneys can assist with obtaining and challenging patents before the U.S. Patent & Trademark Office (PTO). Only those who are members of the PTO’s patent bar can prosecute patents, and eligibility for the patent bar is only available to people with substantial scientific or engineering credentials. However much sense the eligibility rules make for utility patents—those based on novel scientific or technical inventions—they are completely irrational when applied to design patents—those based on ornamental or aesthetic industrial designs. Yet the PTO applies its eligibility rules to both kinds of patents. While chemical engineers can prosecute both utility patents and design patents (and in any field), industrial designers cannot even prosecute design patents. This Article applies contemporary research in the law and economics of occupational licensing to demonstrate how the PTO’s application of eligibility rules to design patents harms the patent system by increasing the costs of obtaining and challenging design patents. Moreover, we argue that the PTO’s rules produce a substantial disparate impact on women’s access to a lucrative part of the legal profession. By limiting design patent prosecution jobs to those with science and engineering credentials, the majority of whom are men, the PTO’s rules disadvantage women attorneys. We conclude by offering two proposals for addressing the harms caused by the current system.


    • Questioning Design Patent Bar Restrictions
      It never occurred to me to think about the qualifications required for prosecuting design patents. The observation that a different set of skills goes into such work is a good one; it makes no sense that a chemistry grad can prosecute design patents but an industrial design grad cannot. There are plenty of outstanding trademark lawyers who could probably do this work, despite not having a science or engineering degree.

      I like that this paper takes the issue beyond this simple observation (which could really be a blog post or op-ed), and applies some occupational licensing concepts to the issue. Furthermore, I like that the paper makes some testable assertions that can drive future scholarship, such as whether these rules have a disparate impact on women. I am skeptical about the negative impact on design patents, but I think that's testable as well.


    • Trademarks



      • Monster Energy defeated in trademark battle with Toronto Raptors
        Monster Energy has lost a trademark registration opposition against the National Basketball Association (NBA) at the Intellectual Property Office of Singapore (IPOS).

        Monster Energy argued that the Toronto Raptors logo is too similar to its “claw device mark”, and consumers would likely confuse Monster’s three vertical slashes with the NBA Toronto Raptors’ circular logo of a basketball with three horizontal raptor claw marks out of it.


      • Monster Energy Loses Again, This Time To The NBA
        Longtime readers here at Techdirt will be familiar with Monster Energy's trademark bullying ways, but even relative newcomers will have had the opportunity to witness what has become an impressive losing streak in trademark disputes. This comes with the bullying territory, where the quick trigger finger on the threat letters and oppositions means that many of them are going to be losers. Still, one would think the sheer volume of these cases would mean quite a bit of billable hours going to the legal team that certainly could be spent better elsewhere.

        But the losses keep coming. Monster Energy recently lost an opposition filed by the NBA for the Toronto Raptors team imagery in Singapore, of all places.




    • Copyrights



      • Platform Censorship: Lessons From the Copyright Wars
        There’s a lot of talk these days about “content moderation.” Policymakers, some public interest groups, and even some users are clamoring for intermediaries to do “more,” to make the Internet more “civil,” though there are wildly divergent views on what that “more” should be. Others vigorously oppose such moderation, arguing that encouraging the large platforms to assert and ever-greater role as Internet speech police will cause all kinds of collateral damage, particularly to already marginalized communities.

        Notably missing from most of these discussions is a sense of context. Fact is, there’s another arena where intermediaries have been policing online speech for decades: copyright. Since at least 1998, online intermediaries in the US and abroad have taken down or filtered out billions of websites and links, often based on nothing more than mere allegations of infringement. Part of this is due to Section 512 of the Digital Millennium Copyright Act (DMCA), which protects service providers from monetary liability based on the allegedly infringing activities of third parties if they “expeditiously” remove content that a rightsholder has identified as infringing. But the DMCA’s hair-trigger process did not satisfy many rightsholders, so large platforms, particularly Google, also adopted filtering mechanisms and other automated processes to take down content automatically, or prevent it from being uploaded in the first place.

        As the content moderation debates proceed, we at EFF are paying attention to what we learned from two decades of practical experience with this closely analogous form of “moderation.” Here are a few lessons that should inform any discussion of private censorship, whatever form it takes.
      • After UEFA’s Starball logo, also the EURO Trophy has been denied copyright registration
      • Don’t Make the Register of Copyrights into a Presidential Pawn


        If we’ve learned one thing from this year in American politics, it’s that presidential appointments can be a messy affair. Debates over appointees can become extremely polarized. It’s not surprising: it’s in the President’s best interests to choose a head of the Department of Justice or Education who will loyally carry out the administration’s agenda in those offices. But there’s one office that simply should not be politicized in that way: the Copyright Office.

        Unfortunately, some lawmakers are looking to turn the Register of Copyrights into a political appointee. The Register of Copyrights Selection and Accountability Act (H.R. 1695) passed the House of Representatives last year, and now, the Senate is looking to take the bill up. Under H.R. 1695, the Register of Copyrights would become a presidential appointee, just like the directors of Executive Branch departments. Naturally, the president would appoint a Register who shares their interpretation of copyright law and other policy stances, and the nomination could come with a highly partisan confirmation process in the Senate.

        The Copyright Office is at its best when it has no political agenda: it’s a huge mistake to turn the Office into another political bargaining chip. The Register of Copyrights has two important, apolitical jobs: registering copyrightable works and providing information on copyright law to the government. The Office serves officially as an advisor to Congress, much like the Congressional Research Service (both offices are part of the Library of Congress). It has never been the Register’s job to carry out the president’s agenda. That’s why the Copyright Office is situated in Congress, not in the Executive Branch.
      • Findings from the Discovery phase of CC usability


        In the next two sections, I provide background on the initiative and the process we used to conduct the research. If you’re short on time, you can skip all of it and go directly to the findings. You can also peruse this slide deck for a quick visual summary.

        I’m also pleased to announce that in order to further this work, I have stepped into a new role at CC. As the Director of Product and Research, I will lead the strategy, design, and implementation of CC’s product vision for CC Search and related products. Our work will be driven by a research-based approach, which you can learn more about below.


      • Led Zeppelin might launch a streaming service, trademark application suggests

        The news follows a cryptic tease from the band’s guitarist Jimmy Page last year that 2018 (the band’s 50th anniversary) would see the release of a “Led Zeppelin product” as well as “all manner of surprises.” Jason Bonham, son of the band’s original drummer John Bonham, has confirmed that the remaining members “have plans” for The Led Zeppelin Experience name after he was forced to change the name of his band (which was also called The Led Zeppelin Experience).







Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024