Bonum Certa Men Certa

Links 4/10/2018: Tails 3.9.1, Fedora 29 Gnome 3.30 Test Day Tomorrow





GNOME bluefish

Contents





GNU/Linux





  • Kernel Space



    • Software-tag-based KASAN
      The kernel address sanitizer (KASAN) is a kernel debugging tool meant to catch incorrect use of kernel pointers. It is an effective tool, if the number of KASAN-based bug reports showing up on the mailing lists is any indication. The downside of KASAN is a significant increase in the amount of memory used by a running system. The software-tag-based mode proposed by Andrey Konovalov has the potential to address that problem, but it brings some limitations of its own.

      KASAN works by allocating a shadow memory map to describe the addressability of the kernel's virtual address space. Each byte in the shadow map corresponds to eight bytes of address space and indicates how many of those eight bytes (if any) are currently accessible to the kernel. When the kernel allocates or frees a range of memory, the shadow map is updated accordingly. Using some instrumentation inserted by the compiler, KASAN checks each kernel pointer dereference against the shadow map to ensure that the kernel is meant to be accessing the pointed-to memory. If the shadow map indicates a problem, an error is raised.

      It is an effective technique and, thanks to the support from the compiler, the run-time CPU overhead is tolerable in many settings. But the shadow map requires a great deal of memory, and that does affect the usability of KASAN in the real world, especially when it is used on memory-constrained systems. This overhead is particularly painful for users who would like to run KASAN on production systems as an additional security measure.


    • Time namespaces
      The kernel's namespace abstraction allows different groups of processes to have different views of the system. This feature is most often used with containers; it allows each container to have its own view of the set of running processes, the network environment, the filesystem hierarchy, and more. One aspect of the system that remains universal, though, is the concept of the system time. The recently posted time namespace patch set (from Dmitry Safonov with a lot of work by Andrei Vagin) seeks to change that.

      Creating a virtualized view of the system time is not a new concept; Jeff Dike posted an implementation back in 2006 to support his user-mode Linux project. Those patches were not merged at the time but, since then, the use of containers has taken off and the interest has increased. One might view time as a universal concept, but there are use cases for a per-container notion of time; they can be as simple as testing software at different points in time. The driving force behind this patch set, though, is likely to be problems associated with the checkpointing of processes and migrating them between physical hosts. When a process is restarted, it should have a consistent view of time, and that may require applying some adjustments at restart time.

      The implementation is straightforward enough. Each time namespace contains a set of offsets to be added to the system's notion of the current time. The kernel maintains a number of clocks with different characteristics (documented here), each of which can have a different offset. Some of these clocks, such as CLOCK_MONOTONIC, have an undefined start point that will vary from one running system to the next, so they will need their own offsets to maintain consistent behavior for a container that has been migrated. System calls that adjust the system time will, when called outside of the root time namespace, adjust the namespace-specific offsets instead.



    • Progress on Zinc (thus WireGuard)
      When last we looked at the WireGuard VPN code and its progress toward mainline inclusion, said progress was impeded by disagreements about the new "Zinc" cryptographic library that is added by the WireGuard patches. Since that August look, several more versions of WireGuard and Zinc have been posted; it would seem that Zinc is getting closer to being accepted. Once that happens, the networking developers are poised to review that portion of the code, which likely will lead to WireGuard in the kernel some time in the next development cycle or two.

      Jason Donenfeld posted Zinc v3 as part of an updated WireGuard posting on September 10. Of the versions he has posted since our article (up to v6 as of this writing), v3 has gotten most of the comments. One of the main complaints about Zinc is that it creates a new crypto API in the kernel without really addressing why the existing one would not work for WireGuard.


    • The kernel's code of conduct, one week later
      The dust has begun to settle after the abrupt decisions by Linus Torvalds to take a break from kernel maintainership and to adopt a code of conduct for the community as a whole. Unsurprisingly, the development community, most of which was not consulted prior to the adoption of this code, has a lot of questions about it and a number of concerns. While many of the answers to those questions will be a while in coming, a few things are beginning to come into focus.

      It is worth starting with one important point that last week's article failed to mention: the new code of conduct is not actually new to the community as a whole. In particular, the DRM (graphics) subsystem adopted the freedesktop.org code of conduct in April 2017. This code, like the code for the kernel as a whole, is derived from the Contributor Covenant text. There have not been any problems of note arising from the use of this code in that subsystem to date. Your editor has been told that the DRM community's successful use of this code was a direct contributor to Torvalds's choice of this particular code as a starting point for the kernel.


    • PulseAudio Lands Big Improvements For Its Meson Build System
      PulseAudio has been slower than some of the other prominent open-source projects at moving to the Meson build system, but as of last night it appears a bulk of that new build system is in place.

      Back in June is when some initial bits of the Meson build system were merged to the PulseAudio sound server code base and then a few commits here and there pertaining to this Autotools alternative.


    • Graphics Stack





  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • Looking forward to Krita 4.2!
        Everyone is hard at work, and what will become Krita 4.2 is taking shape already. Today we’re presenting a preview of Krita 4.2. It’s not complete yet, and there ARE bugs. More than in the stable release (we’ll be doing a 4.1.4 after all next week to clear up some more bugs…), and some might make you lose work.




    • GNOME Desktop/GTK



      • Fedora 29 Gnome 3.30 Test Day 2018-10-05
        Friday, 2018-10-05 is the Fedora 29 Gnome 3.30Test Day! As part of changes Gnome 3.30 in Fedora 29, we need your help to test if everything runs smoothly!


      • Games 3.30: Features Overload
        With a new version of GNOME always comes a new version of Games, and this new version comes packed with new features, bug fixes and developer experience improvements.






  • Distributions



    • Why TENS is the secure bootable Linux you need
      Before you get too excited, TENS isn't a pen-testing distro for admins to use to harden their network. TENS is a live desktop Linux distribution that gives the user a level of security they would not have with a standard desktop. That means it's great to use in places where network security is questionable, or when you need to submit sensitive data, and you don't trust a standard desktop operating system. In other words, anytime you need to use a network for the transmission of sensitive data, TENS Linux could easily be a top choice for users.



    • Slackware Family



      • This week focuses on Slackware 14.2 packages
        The admins over there at slackbuilds.org have updated their version of the Qt5 build script (targeting Slackware 14.2) to 5.9.6, i.e. the latest version of the Long Term Support (LTS) for Qt5.

        That triggered me to provide the same service for my own package repository targeting Slackware 14.2. Since more and more software is depending on Qt5, a lot of people will have some qt5 package installed, either built from the SBo script or installed from my repository. In order to minimize breakage, I think it is good if SBo’s and mine are the same version so that it should not matter which one you have installed.

        So, I did a chained upgrade: libwacom (0.31), libinput (1.7.3), libxkbcommon (0.8.2), qt5 (5.9.6) and qt5-webkit (5.9.1) in that order to take care of dependencies. The latest releases of these packages are now available for Slackware 14.2. Note that for the 32bit Slackware 14.2, the libwacom package is a new dependency for both libinput and qt5. My repository contained a pretty old 32bit qt5 package (5.7.0) which was not built against libwacom.




    • Red Hat Family



      • What is agile?
        I know you are thinking, "Not another Agile 101 article!" We were, too. There are many resources that describe what agile is, talk about the history of the concept, and go into depth about why it is important. This article is not any of those things—rather, we would like you to forget everything you've been told; everything you've learned, read, or otherwise acquired via misuse of the term or misdeed in implementing it.


      • Finance



      • Fedora



        • Fedora Wants To Know If Linux Hibernation Works For You
          Linux hibernation and suspend/resume works much better in recent years than a decade ago, certainly, but that isn't without some bugs still persisting either due to quirky hardware or the occasional kernel/software issues as well. Fedora developers are interested in hearing about your current system hibernation experience.

          Due to lacking hard data on how reliable (or not) is hibernation / suspend-to-disk, Fedora developers are interested in knowing if it works correctly for your system(s). In particular, any kernel driver issues you may have encountered.


        • Test drive GNOME 3.30 with the Fedora 29 prerelease
          Last month, the GNOME project announced the release of GNOME 3.30. The good news is that this new version of GNOME is default in the forthcoming release of Fedora 29 Workstation. GNOME 3.30 includes a range of new features and enhancements, including improvements to Files (nautilus), and the new Podcasts application.






    • Debian Family



      • Derivatives



        • Tails 3.9.1 is out
          This release is an emergency release to fix critical security vulnerabilities in Tor Browser and Thunderbird.








  • Devices/Embedded





Free Software/Open Source



  • Customer Conversations Changing in Era of Open Source, Automation
    Open source and automation are changing customer conversations, but in different ways for different customers, says John Isch, director of the network and voice practice in North America for Orange Business Services. Not everyone wants the details, but some businesses will do a deep dive on the technology and he has to be prepared for that.


  • Sourcegraph, a code search, and navigation engine is now open source!
    The Sourcegraph team announced that they’re making Sourcegraph, a self-hosted code search and navigation engine, available as open source, earlier this week.

    “We opened up Sourcegraph to bring code search and intelligence to more developers and developer ecosystems—and to help us realize the Sourcegraph master plan,” writes Quinn Slack on the announcement page.

    This Sourcegraph master plan involves making basic code intelligence ubiquitous (for every language, and in every editor, code host, etc.). It wants to focus on making code review continuous and intelligent. Additionally, they also hope to increase the amount and quality of open-source code.


  • Events



  • Web Browsers



    • Chrome



      • 10 Productivity Gmail Extensions for Your Browser
        Gmail is used by 500+ million people but how many of us make the best use of it? Yes, it’s a convenient email client to use but what if I told you that Gmail is capable of way more functions than it offers you at the moment?

        The same way applications use plugins is the same way Gmail does, and here are 10 that will boost your productivity.


      • How is Crosh Different From the Linux Terminal on a Chromebook?
        As of Chrome OS 69, support for Linux applications is a baked in part of the operating system. Once enabled, this installs the Terminal on your Chrome OS system, but what is it and how does it compare to Crosh?

        Don’t worry if all that sounds like gibberish to you—if you’ve never spent any time poking around in your Chromebook’s guts, then you’ve likely never used (or even heard of) Crosh. And if you’ve never used Linux before, well, then you’ve never had to bother with the Terminal. The good news is that we’re going to make sense of both things today.

        [...]

        The Terminal and Crosh are similar tools—in fact, they’re the same basic concept, but the Terminal is specifically for the Linux aspect of Chrome OS, where Crosh is for the Chrome OS side.

        You’d be forgiven if that doesn’t make a lot of sense right out of the gate—they’re both running on the same machine, at the same time after all. But they’re not connected.

        One of the biggest benefits of Chrome OS is its enhanced security. As a result, most things on the operating system run in an independent sandbox. That means that most elements don’t really interact with each other—for example, if a single tab suffers a failure and crashes, the other tabs in the browser window aren’t affected.




    • Mozilla

      • Upcoming WebPush Shield Study
        WebPush does more than let you know you’ve got an upcoming calendar appointment or bug you about subscribing to a site’s newsletter (particularly one you just visited and have zero interest in doing). Turns out that WebPush is a pretty good way for us to do a number of things as well. Things like let you send tabs from one install of Firefox to another, or push out important certificate updates. We’ll talk about those more when we get ready to roll them out, but for now, we need to know if some of the key bits work.

        One of the things we need to test is if our WebPush servers are up to the job of handling traffic, or if there might be any weird issue we might not have thought of. We’ve run tests, we’ve simulated loads, but honestly, nothing compares to real life for this sort of thing.

        In the coming weeks, we’re going to be running an experiment. We’ll be using the Shield service to have your browser set up a web push connection. No data will go over that connection aside from the minimal communication that we need. It shouldn’t impact how you use Firefox. Chances are, you won’t even notice we’re doing this.


      • Firefox got maniac
        I don’t know what, I don’t know why, but Firefox behaves completely maniac on one of my computers. Opening simple tabs beats up 4 Web Content threads to nearly 100% CPU time, switching tabs the same.


      • Helping you to tackle the midterms on your terms
        For many people, a confusing tangle of cyberjargon and misinformation have combined to make the idea of turning to the web for election information a weird proposition.

        [...]

        We’re doing this to make it easy for people across the political spectrum to participate this November and beyond.

        We want to help make sure that the web isn’t being used to manipulate, misinform, and limit you from accessing all the information you need to make an informed choice.

        In addition to the Firefox election tools, we have other resources to help you.


      • WebRender newsletter 24
        Hi there, this your twenty fourth WebRender newsletter. A lot of work in progress this week, so the change list is pretty short. To compensate I added a list of noteworthy ongoing work which hasn’t landed yet is but will probably land soon and gives a rough idea of what’s keeping us busy.






  • SaaS/Back End



    • What we learned building a Zuul CI/CD cloud
      Contributing to open source projects such as OpenStack traditionally involves individuals and companies providing code contributions that add new features and fix bugs. For nearly two years, I’ve been running one-off OpenStack clouds for demonstrations and labs at user group meetings across the US, using hardware donated from bare-metal service provider Packet. Six months ago, Packet asked how they could make a larger donation to the community, which brought us on our path to build a community cloud to support OpenStack.

      Each day, hundreds of code commits to the OpenStack code base need to be tested as part of the continuous integration system managed by Zuul, "a program that drives continuous integration, delivery, and deployment systems with a focus on project gating and interrelated projects." Each commit runs through a series of tests (or gates) before a human review, and the gates run again before a code merge. All of these gates run across a pool of virtual machines instances (more than 900 instances at peak times) donated by a number of public cloud providers. All of the OpenStack CI is dependent on donated computing resources. The OpenStack Infra team coordinates all of these cloud providers and served as our point of contact for donating these resources.




  • Oracle/Java/LibreOffice



    • LibreOffice Qt5 Integration Sees Further Improvements
      The past year LibreOffice has sported a Qt5 interface plug-in for better integration with Qt-based environments like a better "KDE 5" experience. In recent days has been more improvements to this Qt5 integration.

      Hitting the LibreOffice Git tree over the past week has been initial a11y support (accessibility) while landing today was the initial Qt5 clipboard support.




  • Pseudo-Open Source (Openwashing)



  • FSF/FSFE/GNU/SFLC



    • Join GNU Guix through Outreachy
      We are happy to announce that for the second time this year, GNU Guix offers a three-month internship through Outreachy, the inclusion program for groups traditionally underrepresented in free software and tech.




  • Licensing/Legal



    • Stallman says Commons Clause is a non-free licence


      Free Software Foundation chairman Richard Stallman has described the Commons Clause licence as "ill-named" because it is a non-free licence that does not provide the four freedoms mandated by the FSF.

      Stallman was responding to queries from iTWire about the Commons Clause licence, which surfaced earlier this year.

      The company behind it, Fossa.io, was contacted by iTWire on Monday after hearing that some changes were contemplated in the licence which has received no support from any of the organisations that judge whether a licence is an open-source one or not.




  • Openness/Sharing/Collaboration



    • UN Panel Starts Consultations On Digital Cooperation: Philosophy and Practice
      There is a lot of energy and good dynamism, and some worries, too, about the immensity of the task ahead in the United Nations High Level Panel on Digital Cooperation, Jovan Kurbalija, executive director of Panel’s Secretariat, said after the first face-to-face meeting last week and subsequent virtual town hall on 1 October. According to the mandate, the panel shall in less than a year present recommendations on ways and means for cooperation on digital policies and digital risks.


    • Open Hardware/Modding



      • Icestorm Tools Roundup: Open Source FPGA Dev Guide
        We like the ICE40 FPGA from Lattice for two reasons: there are cheap development boards like the Icestick available for it and there are open source tools. We’ve based several tutorials on the Icestorm toolchain and it works quite well. However, the open source tools don’t always expose everything that you see from commercial tools. You sometimes have to dig a little to find the right tool or option.

        Sometimes that’s a good thing. I don’t need to learn yet another fancy IDE and we have plenty of good simulation tools, so why reinvent the wheel? However, if you are only using the basic workflow of Yosys, Arachne-pnr, icepack, and iceprog, you could be missing out on some of the most interesting features. Let’s take a deeper look.






  • Programming/Development



    • Bleach v3.0.0 released!


      Bleach 3.0.0 focused on easing the problems with the html5lib dependency and fixing regressions created in the Bleach 2.0 rewrite


    • This Week in Rust 254


      Every week the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.


    • Should you learn C to “learn how the computer works”?

      I’ve often seen people suggest that you should learn C in order to learn how computers work. Is this a good idea? Is this accurate? I’m going to start with my conclusion right upfront, just to be crystal clear about what I’m saying here:

      C is not “how the computer works.”

      I don’t think most people mean this phrase literally, so that is sort of irrelevant.

      Understanding the context means that learning C for this reason may still be a good idea for you, depending on your objectives.

    • NVIDIA CUDA Code In A JIT Interpreted Manner Via Cling
      Cling, the C++ interpreter built upon LLVM and Clang, is in the process of seeing support for NVIDIA CUDA.

      Based on Clang's CUDA support, university students have been working on adding CUDA support to Cling so it can be interpreted at run-time -- basically JIT'ed for the GPU being used. This is believed to be the first interpreter out there for the CUDA runtime API. They are using it for some interesting use-cases including working on CUDA-based code off notebooks.


    • Functional programming in Python: Immutable data structures
      In this two-part series, I will discuss how to import ideas from the functional programming methodology into Python in order to have the best of both worlds.

      This first post will explore how immutable data structures can help. The second part will explore higher-level functional programming concepts in Python using the toolz library.


    • Kiwi TCMS 6.0
      This release removes squashed migrations. Direct upgrades from versions < 5.3.1 to 6.0 will break without an intermediate upgrade to 5.3.1!


    • littler 0.3.5: Other kids broke my toys
      The sixth release of littler as a CRAN package is now available, following in the now more than twelve-year history as a package started by Jeff in 2006, and joined by me a few weeks later.

      littler is the first command-line interface for R and predates Rscript. And it is (in my very biased eyes) better as it allows for piping as well shebang scripting via #!, uses command-line arguments more consistently and still starts faster. It also always loaded the methods package which Rscript converted to rather recently.

      littler lives on Linux and Unix, has its difficulties on macOS due to yet-another-braindeadedness there (who ever thought case-insensitive filesystems as a default where a good idea?) and simply does not exist on Windows (yet – the build system could be extended – see RInside for an existence proof, and volunteers are welcome!).






Leftovers



  • Science



    • Nobel awarded for using Darwin’s ideas to make antibodies and catalysts

      This year's Nobel Prize in Chemistry goes to three researchers who figured out how to get evolutionary processes to work for us on the level of individual molecules and accelerate it to the point where the results were available in weeks or months rather than years. The results have included proteins that catalyze the formation of chemical bonds life has never created and antibodies that can bind to any molecule of our choosing. These results have already found their place in industrial production and medical treatments.



  • Security



    • ClamAV 0.100.2 has been released!
      ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities.


    • Phishing Attack on Azure Blog Storage Dodges Users by Displaying a Signed SSL Certificate from Microsoft
      The user when enters their information, the contents will be submitted to a server which is being operated by the phishing attackers. The opened page will pretend that the document is beginning to download but it ultimately just redirects the user to this URL: https://products.office.com/en-us/sharepoint/collaboration Microsoft site.


    • Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
      Even though phishing attacks can be quite convincing, a give away is when diligent users notice that the login form is unsecured or the SSL certificate is clearly not owned by the company being impersonated. A new Office 365 phishing attack utilizes an interesting method of storing their phishing form hosted on Azure Blob Storage in order to be secured by a Microsoft SSL certificate.


    • Fing: future-proofing Fingbox the IoT home network monitoring device
      As many as 20.4 billion internet of things devices are estimated to be in use by 2020, according to Gartner, with consumer products making up 63% of this figure.

      A large amount of these will be low-cost devices, rushed out by manufacturers in order to capitalise on this opportunity. Unfortunately, this method typically pays no attention to the long-term lifecycle of a product or software strategy.

      Factors that are typically not considered include: how can security updates be rolled out quickly? How to ensure your customers are on the latest version of your software especially once the device is out in consumer’s homes? How can the product lifecycle be extended through software functionality which may even up new revenue opportunities?
    • Facebook hack: People's accounts appear for sale on dark web


    • Hacked Facebook Logins Are Available On Dark Web Just For $3.90: Report


    • Huge Facebook breach leaves thousands of other apps vulnerable

      Unfortunately, from a security standpoint, using Facebook or any other social media app to log into other services is not a smart thing to do, says Dana Simberkoff, chief risk, privacy, and information security officer for the enterprise security firm AvePoint.



    • Using Microsoft's Dynamics 365 Finance and Operations? Using Skype? Not for long!


      The issue, which could stop a user being able to sign in, affects Microsoft's Dynamics 365 for Finance and Operations in an on-premises environment. A "refactoring" in the way Skype authenticates its users has been blamed.

      Skype integration provides real-time presence and communication for Dynamics 365 users, and for some older versions of the Finance and Operations platform the integration is enabled by default. In these instances, Microsoft strongly recommends manually disabling it.

      [...]

      Microsoft has not been clear when integration with Skype can be switched back on, saying only that the problem could occur "during this update". The Register has contacted the software giant to get a definitive time frame and will update if one is forthcoming.


    • Cameron Kaiser: Fruitfly and the Power Mac
      The history the FBI relates suggests that early infections were initiated manually by him, largely for the purpose of catching compromising webcam pictures and intercepting screenshots and logins when users entered keystrokes suggesting sexual content. If you have an iSight with the iris closed, though, there was no way he could trigger that because of the hardware cutoff, another benefit of having an actual switch on our computer cameras (except the iMac G5, which was a bag of hurt anyway and one of the few Power Macs I don't care for).

      Fruitfly spreads by attacking weak passwords for AFP (Apple Filing Protocol) servers, as well as RDP, VNC, SSH and (on later Macs) Back to My Mac. Fortunately, however, it doesn't seem to get its hooks very deep into the OS. It can be relatively easily found by looking for a suspicious launch agent in ~/Library/LaunchAgents (a Power Mac would undoubtedly be affected by variant A, so check ~/Library/LaunchAgents/com.client.client.plist first), and if this file is present, launchctl unload it, delete it, and delete either ~/.client or ~/fpsaud depending on the variant the system was infected with. After that, change all your passwords and make sure you're not exposing those services where you oughtn't anymore!




  • Defence/Aggression



    • Bellingcat’s Very Obviously Fake Chepiga Photo
      So why is Chepiga in a row of much earlier Heroes of the Soviet Union? Next in sequence in fact to Grigory Dobrunov who got his award in 1956!!!! The pictures are definitely otherwise all in date order.

      The glaringly obvious answer – in line with the reflections anomaly – is that Chepiga’s “picture” has been photoshopped onto this wall. The military do not suddenly insert photos out of order and at random on an honours board. Bellingcat, however, have a track record of image manipulation.

      None of which proves or disproves the Boshirov identification. It is however an important reminder to take Bellingcat as a source with a pinch of salt.


    • Secret Wikileaks Document on France UAE Arms Deal Raises Questions
      It’s notoriously hard to look inside the murky world of large-scale government arms dealings. And it’s even harder to separate the legal from the illegal in a world where lobbying, networks and secrecy are part of the job.

      A new document leaked by whistleblowing website Wikileaks has once again shown that those involved in arms dealings have little or no concern about whether their dealings constitute corruption until there are legal repercussions.





  • Transparency/Investigative Reporting



    • Future of Julian Assange: John Pilger mounts attack on Britain's Guardian
      Fabled war correspondent John Pilger has once again brought to the fore the legality of WikiLeaks founder Julian Assange's detention in Britain. Pilger, a fierce critic of the US and UK foreign policy, lashed out at Britain's Guardian newspaper, saying it was carrying out a "campaign of unrelenting vindictiveness against Julian Assange."

      Speaking to Russia Today, Pilger said Guardian's attack on Assange was on a level that he hasn't seen in his lifetime. He added that the Guardian exploited Assange first and took advantage of the work of WikiLeaks, before turning against him.

      In a scathing attack Pilger said there are two kinds of media in the world -- the approved and the unapproved. Pilger, whose legendary war reportage in the 60s got him Britain's Journalist of the Year award twice, said Assange was targeted as he refused to be a 'member of the club'.


    • Wikileaks' 12th anniversary: Assange spends 2858 days in Ecuador embassy
      Twelve years ago Wikileaks, a non-profit organisation that publishes secret information, launched on October 4. Wikileaks is specialized in the analysis and publication of large datasets of censored or otherwise restricted official materials involving war, spying and corruption. It has so far published more than 10 million documents and associated analyses. Wikileaks 12th anniversary: Assange spends 2858 days in Ecuador embassy

      Julian Assange, the founder is reportedly under isolation at Ecuadorian Embassy in the United Kingdom. As per Wikileaks, since 28 March 2018, the government of Ecuador has imposed a regime of isolation on Assange, which means that he may receive no visitors other than his lawyers, and is kept incommunicado from friends and family through the government's installation of signal jammers which interfere with wifi and phone signals. The government has also imposed a gag on any public statements and interviews.


    • ‘Unrelenting vindictiveness’: Pilger talks MSM landscape & Assange, Syria & US sanctions wars
      There are two types of media in the world – approved and unapproved – and the public is generally only allowed to see the former, journalist John Pilger told RT. He also spoke about Western sanctions and Trump’s approach in Syria.

      Speaking to RT's Going Underground, Pilger said that he believes you can categorize the news as approved or unapproved. “Basically we're allowed to see the approved news but not allowed to see the unapproved news. Usually the unapproved version is the evidence...it's the piece in the puzzle that allows us to make sense of the news; we're denied that.”




  • Environment/Energy/Wildlife/Nature



    • Indigenous Communities around World Helping to Win Legal Rights of Nature
      In March 2017, the government of New Zealand officially recognized the Whanganui River—which the indigenous Maori consider their ancestor—as a living entity with rights. By protecting the Whanganui against human threats to its health, the New Zealand law established “a critical precedent for acknowledging the Rights of Nature in legal systems around the world,” Kayla DeVault reported for YES! Magazine. As DeVault wrote, from New Zealand and Australia to Canada and the United States, “we are seeing a revival” of communities seeking to protect natural systems and resources on the basis of “non-Western, often indigenous” worldviews that challenge the values of “colonial” governments.

      The YES! Magazine story described how, after a legal battle spanning more than one hundred years, the Maori Iwi secured protection for the Whanganui by forcing the government to honor Maori “practices, beliefs, and connection” to the river.

      As DeVault wrote, if the Maori were able to bridge “the gap in Western and indigenous paradigms in New Zealand, surely a similar effort to protect the Missouri River could be produced for the Standing Rock and Cheyenne River nations by the American government.”

      In the battle over the Dakota Access pipeline, DeVault reported, the Ho-Chunk Nation of Wisconsin “amended its constitution to include the Rights of Nature.”


    • Another Court Ruling Against a West Virginia Pipeline, Then Another Effort to Change the Rules
      Time and again, opponents have tried to delay a natural gas pipeline that would stretch from Northern West Virginia to Southern Virginia, using lawsuits to stall permit approvals or construction.

      And time and again, state and federal regulators have stepped in to remove such hurdles, even if it has meant rewriting their own rules.

      Now, the process looks to be repeating itself.

      On Tuesday, a federal appeals court blocked a key permit for Mountain Valley Pipeline, a 300-mile natural gas project that’s known as MVP. The 4th U.S. Circuit Court of Appeals ruled that the U.S. Army Corps of Engineers wrongly approved a permit that allowed MVP to temporarily dam four of West Virginia’s rivers so the pipeline can be buried beneath the streambeds.






  • Finance



    • $21 Trillion in Unaccounted-for Government Spending from 1998 to 2015
      Two federal government agencies, the Department of Defense and the Department of Housing and Urban Development (HUD), may have accumulated as much as $21 trillion in undocumented expenses between 1998 and 2015. Independent news sources, including RT and USAWatchdog, reported this finding based on an investigation conducted by Mark Skidmore, a professor of economics at Michigan State University. Skidmore began to research the alleged irregularities in DoD and HUD spending after hearing Catherine Austin Fitts, who was assistant secretary of HUD during the George H.W. Bush administration, say that the Department of Defense’s Office of Inspector General (OIG) had found $6.5 trillion worth of military spending that the Department of Defense could not account for. [For Project Censored’s previous coverage of the missing $6.5 trillion in US Army spending, see Elsa Denis with Mickey Huff, “Over Six Trillion Dollars in Unaccountable Army Spending,” in Censored 2018: Press Freedoms in a “Post-Truth” World.]

      The figure given by Fitts was 54 times the US Army’s $122 billion budget as authorized by Congress, leading Skidmore to think that Fitts had meant $6.5 billion in undocumented spending, not $6.5 trillion. Typically, adjustments in public budgets are only a small fraction of authorized spending. In an article for Forbes, co-authored with Laurence Kotlikoff, Skidmore said the “gargantuan nature” of the undocumented federal spending “should be a great concern to all tax payers.”

      Working with Fitts and two graduate students, Skidmore investigated reports from the

      websites of the Departments of Defense and Housing and Urban Development as well as the Office of Inspector General. In one of these reports, Skidmore found an appendix that showed a transfer of approximately $800 billion from the US Treasury to the Army. As MSU Today reported, not only did Skidmore’s queries to the OIG go unanswered, but the OIG also at one point disabled links to “all key documents showing the unsupported spending.” Skidmore and his colleagues were able to continue their research because they had already downloaded and stored the relevant documents. [See Solari’s archive of the documents, “DOD and HUD Missing Money: Supporting Documentation.” Solari is a private company founded by Catherine Austin Fitts, who also serves as the company’s president.]
    • You Don’t Earn Much and You’re Being Audited by the IRS. Now What?


      The Internal Revenue Service audited nearly 1.1 million tax returns last year, but that represented just 0.5 percent of all returns. That means the chances of getting audited are fairly low.

      But if you are audited, there’s a good chance it’s because you claimed the earned income tax credit. That’s a credit the federal government offers to people who work, have kids to take care of and don’t earn much money. Most households who claim it earn between $10,000 and $40,000 a year. The average credit is for $2,400, but it can go above $6,000 for larger families.

      The IRS audits a lot of people who claim this credit. When that happens, the IRS blocks the refund. Some people may actually end up owing tax instead of getting a refund.

      Below is an actual audit notice sent to a taxpayer last year, which was provided to us by the taxpayer’s legal aid attorney. We’ve annotated it to provide important context and added links to helpful resources for those facing an IRS audit.




  • AstroTurf/Lobbying/Politics



    • The Limits of Negative News and Importance of Constructive Media
      Historically, journalism has highlighted social problems in order to expose wrongdoing, inform the public, and spur reform. This “watchdog” role is vital to a democratic society. However, as Christopher Reeve Linares reported for The Whole Story, as a result of a “negativity bias,” news reporting often fails to “capture and circulate some of the most essential information that society needs to understand and solve its problems.” As Anthony Leiserowitz, director of the Yale Project on Climate Change Communication, observed, “Perceived threat without efficacy of response is usually a recipe for disengagement or fatalism.” Reeve Linares’s report highlighted recent research on the consequences of negative news overload and how “solutions journalism” can help empower news consumers as engaged actors. [For previous Project Censored coverage of “solutions journalism,” see, for example, Sarah van Gelder, “Solutions in a Time of Climate Meltdown: The Most Censored (and Indispensible) Story,” in Censored 2014: Fearless Speech in Fateful Times.]

      Research shows that negative news overload has led news consumers to feel increasingly depressed, anxious, and helpless. A 2014 study by NPR, the Robert Wood Johnson Foundation, and the Harvard School of Public Health found that 40 percent of the 2,505 respondents polled said that watching, reading, or listening to the news was one of the biggest daily stressors in their lives. Only juggling schedules of family members and hearing about what politicians were doing rated higher as stressors, affecting 48 percent and 44 percent of respondents, respectively.




  • Censorship/Free Speech



    • Wikipedia Bans Right Wing Site Breitbart as a Source for Facts

      Wikipedia editors voted to ban Breitbart as a source of fact in it articles. The consensus, reached late last month, agreed that the outlet “should not be used, ever, as a reference for facts, due to its unreliability.” Wikipedia editors also decided that InfoWars is a “conspiracy theorist and fake news website,” and that the “use of InfoWars as a reference should be generally prohibited.



    • “Model” Mississippi Curriculum Omits Civil Rights Movement from School Textbooks
      Inadequate textbooks used in the Mississippi school system are affecting civil rights education, Sierra Mannie reported for the Hechinger Report in October 2017.

      In 2011, Mississippi adopted new social studies standards. Before then, public schools in the state were not required to teach the Civil Rights Movement, and the phrase “civil rights” was mentioned only three times in the 305-page document that outlined the previous standards. As Mannie wrote, “The Civil Rights Movement was once a footnote in Mississippi social studies classrooms, if it was covered at all.”

      With its 2011 adoption of social studies standards establishing an expectation that students learn civil rights in much greater depth, the state was heralded as a model for other states by the Southern Poverty Law Center (SPCL): A March 2012 SPLC report stated, “Mississippi’s recent adoption of a Civil Rights/Human Rights strand across all grade levels should be a model for other states.” However, even as Mississippi’s new standards were intended to be a model system for other states to emulate, an investigation by the Hechinger Report and Reveal from the Center for Investigative Reporting found, according to Mannie, that “all of the state’s 148 school districts rely on textbooks published before the model standards appeared as part of their social studies material.”
    • ICE Intends to Destroy Records of Inhumane Treatment of Immigrants
      In recent years, numerous news reports have highlighted illegal or inhumane actions committed by US Immigration and Customs Enforcement (ICE) officials in their attempts to expel illegal immigrants. Despite the severity and frequency of these abuses, any official records documenting them may soon be destroyed. According to the American Civil Liberties Union (ACLU), ICE officers in the past year have been given provisional approval by the National Archives and Records Administration (NARA) to destroy thousands of records that document unlawful ICE actions.

      As Kali Holloway reported for AlterNet, these records include information on illegal detainment of immigrants, inhumane holding conditions, sexual abuses by officers, and wrongful deaths while in ICE custody. As Victoria López of the ACLU wrote, “ICE proposed various timelines for the destruction of these records ranging from 20 years for sexual assault and death records to three years for reports about solitary confinement.” Although murder does not have a statute of limitations, apparently documentation of it can, as long as the crime was committed while the victim was in ICE custody.


    • Infowars Publisher Sues Paypal Claiming 'Viewpoint-Based Censorship': Read the Complaint


    • Alex Jones Sues PayPal Over Ban, Seeks Reinstatement


    • PayPal sued for banning Alex Jones' Infowars, accused of anti-conservative discrimination




  • Privacy/Surveillance



    • Facebook extends account deletion grace period from 14 to 30 days
      Facebook recently extended the deletion grace period for terminating your main account from 14 to 30 days, the company confirmed to The Verge. Now, when you go to delete your Facebook account, you have up to one month to reverse the decision if you choose to log back in. Facebook won’t automatically restore your account if you log in, but it says you will have “the option to cancel your request.”

      “We recently increased the grace period when you choose to delete your Facebook account from 14 days to 30 days,” says a Facebook spokesperson. “We’ve seen people try to log in to accounts they’ve opted to delete after the 14-day period. The increase gives people more time to make a fully informed choice.”
    • Facebook Now Makes You Wait For 30 Days To Delete Your Account Permanently
      Facebook has recently increased the number of days it takes to delete your account permanently from their servers. Earlier, the Facebook account deletion procedure took 14 days; now, according to a spokesperson who confirmed to The Verge, it will take 30 days.

      This means you have the time period of one month if you want to cancel your decision of leaving Facebook. If you choose to log back in, the social network site will give you the option of withdrawing your request of deleting your account.
    • AT&T Claims It Wants Meaningful Privacy Rules...After Just Lobbying To Kill Meaningful Privacy Rules
      If you hadn't noticed, the telecom industry has been on a tear lately, completely dismantling most government oversight of its natural monopolies. From killing net neutrality to gutting FCC and state authority to rein in ISP bad behavior, companies like AT&T dream of a future where neither competiton nor even modest regulatory oversight prevent it from its god-given mission to rip off and otherwise overcharge the company's largely captive customer bases.

      At the same time, AT&T is now part of a coordinated effort between the telecom sector and the Trump administration to saddle Silicon Valley giants like Facebook and Google with additional regulation while demonizing them as out of control monsters. Why? As AT&T and Comcast push deeper into the online ad industry, they're looking for any advantage they can get against entrenched search and social media giants. And, given their political power, domination of the broadband last mile, and the government's apathy to both problems, those advantages run deep.

      At the heart of this little stage play sits our national conversation about what new privacy laws might look like. Last week, the Senate Commerce Committee held a hearing consumer advocates weren't even invited to. Instead, companies with utterly terrible track records of privacy abuses were given starring roles in dictating just what said privacy legislation should look like.


    • EFF Pushes Back Against NSA Bid To End Spying Challenge
      The Electronic Frontier Foundation has laid out additional evidence to support its long-running California federal lawsuit claiming that the National Security Agency unlawfully spied on hundreds of millions of unsuspecting Americans...
    • FBI Paid Geek Squad Employees as “Confidential Human Source” Informants
      New documents released to the Electronic Frontier Foundation (EFF) show that the Federal Bureau of Investigation’s Louisville field officers have been paying Best Buy Geek Squad employees as informants for more than a decade. A Geek Squad facility in Kentucky has been violating customers’ constitutional rights by secretly handing over data found on customer computers to the FBI whenever employees suspected customers of possessing illegal material, such as child pornography. Evidence indicates that the FBI treated Geek Squad employees as confidential human sources, or “CHS,” and that at least four Geek Squad CHS were paid for their “services” to the FBI.

      In 2014, a California doctor, Mark Rettenmaier, was prosecuted for child pornography found on his computer after the Geek Squad had worked on it. The EFF filed a Freedom of Information request in May 2017 to gain a better understanding of the Geek Squad’s relationship with the FBI, since such a partnership “potentially circumvents computer owners’ Fourth Amendment rights.” The Fourth Amendment protects citizens’ right to privacy, including protection from unreasonable searches and seizures by the government. The searches of customers’ computers by the Geek Squad are a clear violation of this right because they constituted warrantless searches at the direction of the FBI.


    • Episode 1: Digital Privacy
      Katherine Druckman talks to Doc Searls about digital privacy, wizards and muggles, and boiled frogs.
    • Body Cam Company Files Patent For Built-In Facial Recognition Tech
      Police body cameras are the savior that failed to materialize. Accountability was the end goal, but obstacles were immediately erected by internal policies, cop-friendly legislation, and existing public records carve-outs for anything "investigation"-related.

      Making things worse are the officers themselves. When excessive force or other unconstitutional tactics are deployed, body cams seem to malfunction at an alarming rate. And that's only if officers can be bothered to turn them on at all. Body cams have served up a bunch of exonerating footage and delivered evidence to prosecutors, but have done little to make law enforcement more accountable.

      This trend isn't in any danger of reversing. Body cam manufacturers are seeking to expand their offerings, but the focus appears to be on giving law enforcement the extras it wants, rather than what the public is actually seeking. A good summary of recent body cam developments by Sidney Fussell at The Atlantic contains a discussion a new patent application by body cam manufacturer Digital Ally.


    • New York City Home-Sharing Ordinance Could Create Privacy Nightmare
      Airbnb recently filed a lawsuit against the city of New York, asking that officials be enjoined from enforcing the ordinance. This week, EFF filed an amicus brief in support of that request for a permanent injunction, arguing that the data collection is an unconstitutional warrantless search on the government’s behalf. We all have a Fourth Amendment right to protect our private lives—particularly our home lives—and requiring businesses to release this data to the city violates that right.

      With this ordinance, New York tried to circumvent the constitutional issue by mandating that the home-sharing platforms to obtain hosts’ consent to release their data to the city. But you can’t use a Terms of Service to get people to sign away their constitutional rights. It’s essential that information is not disclosed to the government without any allegation of wrongdoing. We hope the court agrees.
    • Briefing Thursday: EFF’s Eva Galperin and Lookout Discuss, Demo Cybersecurity Attacks On Democracy


      Galperin’s work at EFF includes uncovering a malware espionage campaign that targeted people in the U.S. and across the globe, and publishing research on malware in Syria, Vietnam, Kazakhstan, and Lebanon.


    • Lifting the Cloak of Secrecy From NYPD Surveillance Technology
      Why New York Needs the POST Act

      For decades the NYPD has committed to righting a legacy of unwarranted surveillance. Yet court proceedings continue to find the Department’s surveillance practices in violation of political, religious, and other fundamental freedoms.

      Against this troubling historical backdrop, images from more than eight thousand public and privately owned surveillance cameras feed into the Department’s Lower Manhattan Security Coordination Center (LMSCC) each day. In the words of Police Commissioner James O’Neill, “that’s the world we’re living in now. Any street, any incident in New York City, you get to—most of the time—that gets captured on video surveillance”. In addition to these panopticon-levels of video footage, NYPD watch officers and analysts—working alongside “Stakeholder” representatives including Goldman Sachs, JP Morgan Chase, and the Federal Reserve—monitor a treasure trove of data collected and analyzed through ShotSpotter microphones, face recognition technology, license plate readers, and more.

      How the NYPD disseminates the information collected by this surveillance technology—as well as spy tech used by detectives and officers throughout the city—is largely a mystery to New York residents and lawmakers.

      Lawmakers must assure that the NYPD delivers public safety without violating New Yorkers’ rights to privacy and association. However, decades of federal grants from the U.S. Department of Homeland Security—which oversees the principal agencies involved with immigration enforcement—have resulted in the NYPD’s development of an arsenal of surveillance technology with far too little oversight from elected officials and their constituents.


    • Why you can't have privacy on the [I]nternet

      I recently attended a discussion at Fifth Elephant on privacy. During the panel, one of the panelists asked the audience: "how many of you are concerned about your privacy online, and take steps to protect it?"

      At this point, most of the hands in the panel shot up.

      After that, I decided to ask the naughty question: "how many of you pay at least 500rs/month for services that give you privacy?"

      Very few hands shot up.

      Let me emphasize that this was a self selected group, a set of people at a technology conference who were so interested in privacy that they chose to attend a panel discussion on it (instead of concurrent talks on object detection and explainable algorithms). Besides me and perhaps 2 or 3 others, no one was willing to pay for privacy.

      Instead of paying for it, many of the people at the panel wanted the government to mandate it. Moreover, many people seemed to think it would somehow be free to provide.



  • Civil Rights/Policing



    • Repression in Saudi Arabia has reached a new level

      Saudi dissidents who fled abroad to escape repression at home are looking over their shoulders. On October 2nd Jamal Khashoggi, a prominent Saudi journalist and government critic (pictured), went to the Saudi consulate in Istanbul to file paperwork for a new marriage. His fiancée is still waiting for him to return. Turkish customs officials are scouring the ports with his photograph, fearing the Saudis have kidnapped him.



    • 78-year-old man sentenced to 7 years for insulting ErdoÄŸan

      A 78-year-old man received a seven-year jail sentence for insulting Turkish President Recep Tayyip ErdoÄŸan on social media, independent news site Diken reported.



    • Mothers Should Not Be Jailed and Separated From Their Kids Before Trial
      Despite not having been convicted of a crime, mothers in Oklahoma are routinely jailed before trial with devastating results for their families.

      Tanisha (a pseudonym) is a 25-year-old mother of four who was arrested in Oklahoma in 2017 following a domestic dispute with her boyfriend. Three of her children, a toddler and twin infants, were present. Once jailed, Tanisha’s bail was set at $61,000. She couldn’t afford to pay it, so she stayed behind bars, separated from her children.

      This is wealth-based family separation perpetuated by the criminal justice system.

      A new joint report from the ACLU and Human Rights Watch, “You Miss So Much When You’re Gone,” shines a light on this injustice and shows how even short stays in jail can have a lasting impact on families. The report focuses on Tanisha and other moms who have been jailed in Oklahoma, a state that incarcerates more women per capita than any other.

      After a month in jail, Tanisha was desperate to get back to her kids, so she decided to accept a five-year suspended sentence. But shortly after she was released, her children were taken into foster care. Tanisha has been struggling ever since to regain child custody.

      The state has placed a host of obstacles between Tanisha and her children, such as paying for programs and services the state requires but she doesn’t have the money for. She can’t afford required domestic violence classes. She can’t afford a parenting class. She can’t afford a psychological evaluation. She lost a job because she was trying to attend child welfare meetings and receive required services. As a consequence, she fears that her children will be adopted and that she will lose them forever.


    • Why the ACLU Opposes Brett Kavanaugh's Nomination to the Supreme Court
      The ACLU board concluded sexual assault allegations raised enough doubt to warrant opposing a lifetime appointment to the Supreme Court.

      On Friday, Sept. 28, following the Senate Judiciary hearing at which both Dr. Christine Blasey Ford and Judge Brett Kavanaugh testified, the ACLU decided to depart from its usual policy in order to oppose the nomination of Judge Kavanaugh to the Supreme Court.

      It was not a decision we took lightly. As a matter of policy, the ACLU does not endorse or oppose presidential nominations. We have made exceptions, but those exceptions are few and far between. In our 98-year history, we have only opposed four Supreme Court nominees.


    • Berkeley Police Posted Mugshots Of Activists To ‘Create Counter-Narrative’ Of Protests Against Far-Right
      The Berkeley Police Department posted the mugshots and personal information of 15 activists on August 5, who were arrested while counter-protesting at a far-right rally.

      The people whose names, ages, and mugshots Berkeley police blasted out on social media had not been arraigned or convicted of any crime, and the department’s decision to tweet this information sparked immediate criticism and concern that it was opening arrestees up to harassment.

      Now, documents obtained through a public records request and released by Lucy Parsons Labs reveal details about the Berkeley Police Department’s (BPD) controversial use of its Twitter account.

      “Given the extraordinary, complex, and unprecedented nature of social media in shaping and creating conflict in Berkeley, the Berkeley Police Department used social media to help create a counter-narrative,” reads the department’s protocol for posting mugshots.

      Berkeley city communications director Matthai Chakko said tweeting mugshots of arrestees was an attempt to combat a narrative online that suggested Berkeley police’s failure to enforce the rule of law justified the use of violence by citizens.


    • Direct Action and the British State
      The draconian sentencing to jail of anti-fracking activists for non-violent direct action has received insufficient attention. It is a confident state that can undertake to bring back a level of repression not seen for decades – eight decades, in fact, since environmental activists received this kind of lengthy jail sentence, despite generations of tree climbing and road blocking.

      Non violent direct action has been an area of tacit complicity between state and protestors. I have over the years participated myself – the occupation of the building site of Torness nuclear power station was a defining moment for my generation in Scotland, and I will cheerfully admit I participated in criminal damage of plant and equipment. I have blocked the road at Faslane occasionally too. While a week or two of my life in jail always seemed a threat, the idea of 16 month jail sentences for such protest appeared a nightmare from a distant age.

      The judge in the fracking case, Robert Altham, is evidently a vicious old Tory, descended by his own account from the judge who conducted the infamous Pendle witch trials. His parents, John and Linda Altham, have the same name as the owners of Althams, a company supplying the offshore oil and gas industry. The company is also Lancashire based and it seems very probable they are the same family. Given that the judiciary allowed a judge to handle Julian Assange’s bail hearing, despite the fact that she was married to a former Tory chairman of the Commons Defence Committee, who had started a consultancy together with the former head of MI6, I am not in the least surprised that a corrupt Establishment allows such prejudiced judges to act so viciously – in both cases.


    • Lawsuit Settlement Looking To Kill Philadelphia's Severely Abused Forfeiture Program


      The city's program was infamous for things like seizing a house because one resident (not the owner) sold cops $40 worth of drugs. Another case featuring the IJ's legal assistance sought the return of another home seized after a $140 drug purchase. In the first instance, prosecutors dropped the case and returned the property after the litigation received national attention. In the latter, the state's Supreme Court found the seizure of the house unwarranted and unjustifiable -- a harsh punishment that far outstripped the seriousness of the crime.

      The proposed settlement [PDF] would drastically alter Philly's forfeiture laws and policies. Importantly, it would strip the financial incentive for seizures by redirecting forfeiture funds towards drug rehab programs and away from the law enforcement agencies that have directly profited from this program for years.

      It also would make tiny forfeitures -- the ones least likely to be disputed -- a historical relic. Seizures of less than $1,000 would either need to be tied to an arrest or used as evidence in criminal cases. Cash seizures of less than $250 would be completely forbidden. This is important because data shows the median cash seizure by Philly law enforcement is $178.


    • Travelers To New Zealand Now Face $3,000 Fines If They Don't Give Their Device Passwords To Customs Agents
      There are plenty of ways to get digital "things" across the border without carrying them on your person in some sort of electronic "suitcase" you know customs officials are going to take from you as soon as you enter the country. This may help catch some dumb criminals, but it's not going to have much of an effect on the "sophisticated" organized crime groups.

      What will happen is lots of people not connected to any criminal enterprise will have their devices seized and searched just because. The new fine will discourage visitors from refusing Customs' advances, allowing officials to paw through their digital goods just like they do their clothing. And all the government can offer in response is that the ends justifies the means.
    • New Zealand to order tourists to hand over phone password at customs or risk a hefty fine
      New Zealand is introducing a controversial new law which will see tourists ordered to hand over their phone passwords when requested at customs.

      Those who refuse could risk a hefty fine of up to $5,000 (approximately €£2500).

      The new Customs and Excise Law allows customs official to request passengers hand over their passwords so that they can search the device.

      And it's not just passwords. The law states that "access information includes codes, passwords, and encryption keys, and any related information that enables access to an electronic device".




  • Internet Policy/Net Neutrality



    • Entire broadband industry sues California to stop net neutrality law

      The lawsuit was filed in US District Court for the Eastern District of California by mobile industry lobby CTIA, cable industry lobby NCTA, telco lobby USTelecom, and the American Cable Association, which represents small and mid-size cable companies. Together, these four lobby groups represent all the biggest mobile and home Internet providers in the US and hundreds of smaller ISPs. Comcast, Charter, AT&T, Verizon, T-Mobile US, Sprint, Cox, Frontier, and CenturyLink are among the groups' members.



    • Internet providers sue California over net neutrality law

      Four industry groups representing internet providers such as AT&T and Comcast filed a lawsuit on Wednesday in federal court in California that accuses lawmakers there of “unconstitutional state regulation.”



    • Web creator works to liberate personal data

      He added: "It does a small fraction of what things like Dropbox or Nextcloud do, written in Javascript, and is overly complex. It will fail."

      And identity and privacy researcher Steve Wilson asked: "Even if people could control their personal data, what does Solid do about all the data created about us behind our backs?

    • The Entire Broadband Industry Just Sued California For Daring To Protect Net Neutrality
      As expected, the broadband industry filed suit against the state of California today over the state's shiny new net neutrality law. The lawsuit (pdf), filed in US District Court for the Eastern District of California, echoes many of the same arguments made in the DOJ's own recent lawsuit against the state. For a moment, let's just stop and pause to appreciate the fact that the federal government is now, with zero pretense, officially working hand in hand with some of the least-liked monopolies in America to ensure their right to be able to screw you over. It if it wasn't so obnoxious, it could be deemed high art.

      Both lawsuits attempt to claim that language embedded in the FCC's net neutrality repeal (at direct Comcast and Verizon lobbyist behest) prohibits states from stepping in and filling the consumer protection void.


    • African Countries Shooting Themselves In The Digital Foot By Imposing Taxes And Levies On Internet Use#


      The article explains that the last of these was rescinded within days because of public pressure, while Kenya's tax is currently on hold thanks to a court order. Nonetheless, there is a clear tendency among some African governments to see the Internet as a handy new source of tax income. That's clearly a very short-sighted move. At a time when the digital world in Africa is advancing rapidly, with innovation hubs and startups appearing all over the continent, making it more expensive and thus harder for ordinary people to access the Internet threatens to throttle this growth.


    • How some African governments are keeping millions of citizens offline
      A4AI’s recent mobile broadband pricing update shows that Africans face the highest cost to connect to the internet — just 1GB of mobile data costs the average user in Africa nearly 9% of their monthly income, while their counterparts in the Asia-Pacific region pay one-fifth of that price (around 1.5% of monthly income). Despite this already high cost to connect, we’re seeing a worrying trend of governments across Africa imposing a variety of taxes on some of the most popular internet applications and services.


    • Digital Justice: Internet Co-ops Resist Net Neutrality Rollbacks
      More than 300 electric cooperatives across the United States are building their own Internet with high-speed fiber networks. These locally-owned networks are poised to do what federal and state governments and the marketplace have not accomplished. First, they are protecting open Internet access from the Internet service providers (ISPs) that stand to pocket the profits from the rollbacks of net neutrality the Trump administration announced in November 2017. Second, they are making affordable and fast Internet accessible to anyone, narrowing the digital divide that otherwise deepens individual and regional socioeconomic inequalities.

      In Detroit, for example, 40 percent of the population has no access of any kind to the Internet. Because of Detroit’s economic woes, many big telecom companies have apparently decided that it is not worthwhile to invest in expanding their networks to these communities. Internet connectivity is a crucial economic leveler without which people can fall behind in school, health, and the job market.





  • DRM



    • Thank you for participating in International Day Against DRM 2018!
      Thank you everyone for helping to make September 18th another successful International Day Against DRM (IDAD)! Digital Restrictions Management (DRM) is an issue we have to face every day. In rallying together for a single day against DRM, we sent a powerful message: DRM is just wrong and we can live in a society without it.

      Hundreds of you around the world took action on IDAD: going out into your campuses, communities, and around the Web, and sharing your opposition to how DRM restricts your freedom as a user of software and media. The 17 participating organizations took their own actions, creating videos, releasing reports, and writing articles. Here in Boston, we visited the Apple Store and talked with shoppers about their digital rights and how Apple devices abuse those rights using DRM.




  • Intellectual Monopolies



    • Qualcomm's Mannheim Steamroller is stuttering: patents too young to defeat Apple in tech-savvy court
      When Qualcomm started filing patent infringement actions against Apple (and, by practical extension, Intel) in Mannheim and Munich last year, it hoped to gain leverage through injunctive relief over non-standard-essential patents in the largest EU economy. In February, Qualcomm's German counsel exuded confidence and predicted an injunction by the summer. Summer is gone, and based on where things stand after all the hearings and trials held so far (up to yesterday's Mannheim trial, which this post is mostly about), Qualcomm's next chance to make serious headway against Apple in Germany may not even come until next summer (or, maybe, spring). In the meantime, Qualcomm's FTC trial in San Jose and possibly also the Apple trial in San Diego (a pretrial conference will be held this year, but no firm trial dates are on PACER) will go forward.

      Each patent is different, though Qualcomm's asserted patents do have some overlaps (several of them are asserted against an envelope tracker made by Qorvo), but there is a pattern here. The first Qualcomm v. Apple (and, by extension, Intel) Mannheim trial was already symptomatic: Qualcomm felt forced to stipulate to a stay over a huge validity issue. This was a first win for Apple, Intel, their attorneys at law, and especially their patent attorneys from Samson & Partner. At the second Mannheim trial, held the week before last, the court didn't propose a stay, but took note of an independent opinion handed down by the Swedish patent office, according to which that patent should never have been granted in the first place. At yesterday's trial over EP3036768 on a "layout construction for addressing electromigration", Presiding Judge Dr. Holger Kircher again suggested a stipulated stay and reminded Quinn Emanuel's Dr. Marcus Grosch that the rather strong presumption of validity that issued patents normally enjoy in German infringement proceedings does not apply to patent claims that the patent holder feels forced to modify substantively in response to prior art presented by a defendant. At that stage, it's a new game and simply remains to be seen whether an examiner will or will not be persuaded of patentability.


    • Patenting Exception to Non-Disclosure Agreement


      This 7th Circuit decision stems a nondisclosure agreement – titled a “secrecy declaration — between Soarus and Bolson Materials. Soarus was a G-Polymer distributer (for Nippon Synthetic) and Bolson was looking to begin acquiring and using G-Polymer in connection with developing a new 3D printing process. Problems arose, though when Bolson filed for patent protection on a 3D printing process it developed using G-Polymer.

      [...]

      In reading the provision here, the district court construed the language of paragraph 10 as an exception that gave Bolston the right to “freely patent and protect new applications of GPolymer in the specified 3D printing process” without being confined to the confidentiality restrictions of the NDA.

      On appeal, the Seventh Circuit reviewed the contract interpretation de novo under Illinois law but arrived at the same result.

      [...]

      Since the language is clear, the standard contract interpretation process precludes the court from giving substantial or controlling weight to the commercial purposes of the agreement.


    • Copyrights



      • Music Group Cheers On Its Own Fake Antipiracy Victories
        There's an old saying in statistics: figures don't lie, but liars figure. Nowhere is this more the case than when you hear numbers streaming from the mouths of those in the anti-piracy business and copyright industries. Examples of this are legion, from the infamous practice of Hollywood accounting rendering hilariously successful films to red-ink status, to bogus piracy costs, to industry claims that rely on every download being a lost sale, to the overall prevalence of piracy statistics more generally speaking. While MUSO, the antipiracy outfit out of Europe, has made some recent noise about copyright holders tweaking their business models to reduce piracy instead of whining about, it has also participated in this liars-figuring practice.

        A great example of that can be found in MUSO's recent partnership with the Association of Independent Music (AIM), where the latter has put out a press release about just how much great work MUSO has performed in taking down pirated content in the past four months.


      • MPAA Reports ‘Notorious’ Pirate Sites to The US Government

        The MPAA has submitted a new list of “notorious markets” to the US Government. The list features a wide variety of 'pirate' sites including The Pirate Bay, Openload and the Russian social network VK.com. Hosting companies and ad-networks are also highlighted, while pirate IPTV services are called out as an emerging threat.



      • ‘Bulletproof’ Hosting is An Emerging Piracy Threat, RIAA Warns

        The RIAA has noticed that pirate sites are increasingly turning to "bulletproof" hosting providers, which makes them harder to shut down. The music group lists Ecatel, Quasi Networks, and FlokiNET as examples in its yearly notorious markets report to the US Government.



      • MEPs vote for more European TV on our screens

        Before the rules come into force, however, the directive still needs to be approved by the Council. If adopted, member states will have a timeline of 21 months to transpose into national law the new requirements.



      • European Parliament approves 30% Euro content rules for VOD

        The updated rules include enhanced protection of minors from violence, hatred, terrorism and harmful advertising, meaning that video-sharing platforms will now be responsible for “reacting quickly” when content is reported or flagged by users as harmful.

      • New rules for audiovisual media services approved by Parliament

        The legislation does not include any automatic filtering of uploaded content, but, at the request of the Parliament, platforms need to create a transparent, easy-to-use and effective mechanism to allow users to report or flag content.

        [...]

        In order to support the cultural diversity of the European audiovisual sector, MEPs ensured that 30% of content in the video-on-demand platforms’ catalogues should be European.









Recent Techrights' Posts

Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024