Bonum Certa Men Certa

Links 17/10/2018: Elementary OS 5.0 “Juno” Released, MongoDB’s Server Side Public Licence





GNOME bluefish

Contents





GNU/Linux



Free Software/Open Source



  • Hedera Hashgraph Distributed Ledger Technology Shares New Open-Source SDK [Ed: Hedera needs to delete GitHub, however, as the new head of GitHub killed Java projects like Hedera's]
    Hedera Hashgraph, one of the DApp facilitators within the blockchain industry recently announced that it has released its Software Development Kit (SDK) in Java.


  • Service Providers Should Adapt to Open Source World
    Finding differing opinions on open source with the telecom industry isn't hard to do, especially where orchestration is concerned. That's why a panel discussion on open source and MANO at the Light Reading NFV-Carrier SDN event in Denver seemed an odd place to find such outspoken agreement on that topic, but there it was.

    Four smart guys, none shy with their opinions, all seemed to agree on key points around open source, the need for standards, the role of vendors and the lack of internal software skills. But they also agreed that telecom service providers are struggling a bit to understand how to proceed in an open source world and still need some fundamental internal changes.


  • Renaming the Bro Project
    More than 20 years ago I chose the name "Bro" as "an Orwellian reminder that monitoring comes hand in hand with the potential for privacy violations", as the original Bro paper put it. Today that warning is needed more than ever ... but it's clear that now the name "Bro" is alas much more of a distraction than a reminder.

    On the Leadership Team of the Bro Project, we heard clear concerns from the Bro community that the name "Bro" has taken on strongly negative connotations, such as "Bro culture". These send a sharp, anti-inclusive - and wholly unintended and undesirable - message to those who might use Bro. The problems were significant enough that during BroCon community sessions, several people have mentioned substantial difficulties in getting their upper management to even consider using open-source software with such a seemingly ill-chosen, off-putting name.


  • We already have nice things, and other reasons not to write in-house ops tools
    When I was an ops consultant, I had the "great fortune" of seeing the dark underbelly of many companies in a relatively short period of time. Such fortune was exceptionally pronounced on one client engagement where I became the maintainer of an in-house deployment tool that had bloated to touch nearly every piece of infrastructure—despite lacking documentation and testing. Dismayed at the impossible task of maintaining this beast while tackling the real work of improving the product, I began reviewing my old client projects and probing my ops community for their strategies. What I found was an epidemic of "not invented here" (NIH) syndrome and a lack of collaboration with the broader community.


  • Open Source Program Benefits Survey Results


    There are many organizations out there, from companies like Red Hat to internet scale giants like Google and Facebook that have established an open source programs office (OSPO). The TODO Group, a network of open source program managers, recently performed the first ever annual survey of corporate open source programs and revealed some interesting findings on the actual benefits of open source programs.


  • Web Browsers



    • Browsing the web with Min, a minimalist open source web browser
      Does the world need another web browser? Even though the days of having a multiplicity of browsers to choose from are long gone, there still are folks out there developing new applications that help us use the web.

      One of those new-fangled browsers is Min. As its name suggests (well, suggests to me, anyway), Min is a minimalist browser. That doesn't mean it's deficient in any significant way, and its open source, Apache 2.0 license piques my interest.


    • Chrome



      • CTL’s New CBX1 Chromebox is a Powerhouse at a Great Price
        Chromeboxes are really great desktops for users who have moved their workflow into a web browser, especially at lower prices. You don’t need higher specs inside a Chromebox for it to work well, but it can help.

        For those who want a supercharged Chromebox on the cheap, Oregon-based CTL has just the thing for you. Its new Chromebox—the CBX1—has all the high-end parts you could want, at a comparatively low price.


      • How to Install Progressive Web Apps (PWAs) in Chrome
        Chrome 70, available now, lets you install “Progressive Web Apps,” or PWAs, on Windows. When you visit a website with a PWA, like Twitter or Spotify, you can now “install” it to make it behave more like a normal desktop application.


      • How to Stop Chrome From Automatically Signing You Into the Browser
        With Chrome 69, Google began automatically signing you into the Chrome browser whenever you signed into a Google website like Gmail. Chrome 70, available now, has a hidden option to disable this feature.

        We don’t think most Chrome users will care about this. But, if you do care, Google now gives you a choice. And that’s good news.


      • Chrome 70 released with Windows web app support and option to disable controversial login
        Chrome 70, the latest version of Google’s browser, is rolling out now on Windows, Mac, and Linux computers. The update sees Google reverse some of the controversial changes it made with the last version, by allowing users to stop the browser from automatically signing into their Google account after logging into one of the search giant’s apps. Chrome 70 also brings support for Progressive Web Apps, or PWAs, on Windows.


      • elementary OS Juno Released, Plasma 5.14.1 Is Out, Chrome 70 Now Available, Docker Raises New Funding and New Badges for Firefox Users
        Chrome 70 is now available. This release removes the controversial change from the last version, and now allows users to stop the browser from automatically signing in to their Google accounts after logging in to one of its apps, The Verge reports. You still need to opt-out and specifically change this setting, however. Other changes include support for progressive web apps on Windows. See the "New in Chrome 70" post for more information on this release.


      • Chrome 70 Now Officially Available With AV1 Video Decode, Opus In MP4 & Much More
        Google's Chrome/Chromium 70 web-browser made it out today for Linux users as well as all other key supported platforms.

        Chrome 70 is notable for shipping with preliminary AV1 video decoding support granted rather limited and only CPU-based decoding at this stage after the AV1 video decode support was dropped from Chrome 69.


      • Raptor Computing Systems Is Working On Bringing Up Chrome's POWER Support
        With Raptor Computing Systems' Talos II Lite and especially the forthcoming Blackbird positioning the POWER architecture in a prime spot for use by libre Linux users who want a system that's open-source down to the firmware, they've been trying to make sure the Linux desktop stack is in order. The latest area they've been working on is browser coverage.

        At the moment for 64-bit POWER little-endian (PPC64LE), there isn't a modern browser with JavaScript JIT support available upstream... Obviously that is a problem for more Linux desktop users in 2018. But fortunately Raptor has been committing resources to changing that. They have gotten a patched version of Chrome working well on their POWER9 hardware complete with JIT support.




    • Mozilla



      • Going from New Laptop to Productive Mozillian
        My old laptop had so many great stickers on it I didn’t want to say goodbye. So I put off my hardware refresh cycle from the recommended 2 years to almost 3.

        To speak the truth it wasn’t only the stickers that made me wary of switching. I had a workflow that worked. The system wasn’t slow. It was only three years old.

        But then Windows started crashing on me during video calls. And my Firefox build times became long enough that I ported changes to my Linux desktop before building them. It was time to move on.


      • Show your support for Firefox with new badges
        Firefox is only as strong as its passionate users. Because we’re independent, people need to make a conscious choice to use a non-default browser on their system. We’re most successful when happy users tell others about an alternative worth trying.


      • At MozFest, Spend 7 Days Exploring Internet Health
        Workshops that teach you how to detect misinformation and mobile trackers. A series of art installations that turn online data into artwork. A panel about the unintended consequences of AI, featuring a former YouTube engineer and a former FBI agent. And a conversation with the inventor of the web.

        These are just a handful of the experiences at this year’s MozFest, Mozilla’s annual festival for, by, and about people who love the internet. From October 22-28 at the Royal Society of Arts (RSA) and Ravensbourne University in central London, more than 2,500 developers, designers, activists, and artists from dozens of countries will gather to explore privacy, security, openness, and inclusion online.


      • Using requestIdleCallback for long running computations
        One of the ways developers have tipically tried to keep a smooth web application, without interfering with the browser’s animation and response to input, is to use a Web Worker for long running computations. For example, in the Prism.js (a library for syntax highlighting) API there’s an async parameter to choose “Whether to use Web Workers to improve performance and avoid blocking the UI when highlighting very large chunks of code”.


      • These Weeks In Servo 115
        In the past three weeks, we merged 181 PRs in the Servo organization’s repositories.

        Our Windows nightlies have been broken for several months for a number of reasons, and we have now fixed all of the known breakage. If you’re a Windows user, give our latest builds a try! You can visit arbitrary URLs by pressing Ctr+L.

        The Android Components project added a component to use Servo in any Android app.






  • SaaS/Back End



  • Pseudo-Open Source (Openwashing)



  • BSD



    • DragonFlyBSD Continues Squeezing More Performance Out Of AMD's Threadripper 2990WX
      DragonFlyBSD 5.4 should be a really great release if you are a BSD user and have an AMD Threadripper 2 box, particularly the flagship Threadripper 2990WX 32-core / 64-thread processor.

      The project leader of this long ago fork from FreeBSD, Matthew Dillon, has been quite outspoken about the Threadripper 2990WX since he purchased one earlier this summer. This prolific BSD developer has been praising the performance out of the Threadripper 2990WX since he got the system working on the current DragonFlyBSD 5.3 development builds.

      Since getting DragonFlyBSD running on the Threadripper 2 hardware in August, he's routinely been making performance tuning optimizations to DragonFly's kernel to benefit the 2990WX given its NUMA design.


    • Absolute FreeBSD now shipping!
      Grab an ebook/print bundle direct from No Starch Press. NSP coupon code ILUVMICHAEL gives you 30% off any NSP purchase and puts a few extra bucks in my pocket, so that’s cool. And there’s Amazon. There’s always Amazon, the company we all love to loathe.


    • LLVM Still Proceeding With Their Code Relicensing
      It's been three years since the original draft proposal for relicensing the LLVM compiler code was sent out and while there hasn't been a lot to report on recently about the effort, they are making progress and proceeding.

      Since 2015 LLVM developers have been discussing relicensing to an Apache 2.0 license to help motivate new contributors, protect users of LLVM code, better protect existing contributors, ensure that LLVM run-time libraries can be used by both other open-source and proprietary compilers.




  • Licensing/Legal



    • Automotive Software Governance and Copyleft


      The Software Freedom Law Center is proud to make available a whitepaper by Mark Shuttleworth, CEO of Canonical, Ltd., and Eben Moglen, Founding Director of the Software Freedom Law Center and Professor of Law at Columbia Law School. The whitepaper shows how new capabilities in the free and open source software stack enable highly regulated and sensitive industrial concerns to take advantage of the full spectrum of modern copyleft software.

      Software embedded in physical devices now determines how almost everything – from coffee pots and rice cookers to oil tankers and passenger airplanes – works. Safety and security, efficiency and repairability, fitness for purpose and adaptability to new conditions of all the physical products that we make and use now depend on our methods for developing, debugging, maintaining, securing and servicing the software embedded in them.


    • SFLC: Automotive Software Governance and Copyleft
      The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.


    • Bradley M. Kuhn: Toward Community-Oriented, Public & Transparent Copyleft Policy Planning
      More than 15 years ago, Free, Libre, and Open Source Software (FLOSS) community activists successfully argued that licensing proliferation was a serious threat to the viability of FLOSS. We convinced companies to end the era of “vanity” licenses. Different charities — from the Open Source Initiative (OSI) to the Free Software Foundation (FSF) to the Apache Software Foundation — all agreed we were better off with fewer FLOSS licenses. We de-facto instituted what my colleague Richard Fontana once called the “Rule of Three” — assuring that any potential FLOSS license should be met with suspicion unless (a) the OSI declares that it meets their Open Source Definition, (b) the FSF declares that it meets their Free Software Definition, and (c) the Debian Project declares that it meets their Debian Free Software Guidelines. The work for those organizations quelled license proliferation from radioactive threat to safe background noise. Everyone thought the problem was solved. Pointless license drafting had become a rare practice, and updated versions of established licenses were handled with public engagement and close discussion with the OSI and other license evaluation experts.

      Sadly, the age of license proliferation has returned. It's harder to stop this time, because this isn't merely about corporate vanity licenses. Companies now have complex FLOSS policy agendas, and those agendas are not to guarantee software freedom for all. While it is annoying that our community must again confront an old threat, we are fortunate the problem is not hidden: companies proposing their own licenses are now straightforward about their new FLOSS licenses' purposes: to maximize profits.

      Open-in-name-only licenses are now common, but seem like FLOSS licenses only to the most casual of readers. We've succeeded in convincing everyone to “check the OSI license list before you buy”. We can therefore easily dismiss licenses like Common Clause merely by stating they are non-free/non-open-source and urging the community to avoid them. But, the next stage of tactics have begun, and they are harder to combat. What happens when for-profit companies promulgate their own hyper-aggressive (quasi-)copyleft licenses that seek to pursue the key policy goal of “selling proprietary licenses” over “defending software freedom”? We're about to find out, because, yesterday, MongoDB declared themselves the arbiter of what “strong copyleft” means.


    • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license
      After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

      And, inevitably, some responded by forking the affected code.

      Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

      "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

      Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.


    • MongoDB switches up its open-source license
      MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

      Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.


    • MongoDB license could push open source deeper into cloud: Is this what industry needs?
      Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.


    • It's MongoDB's turn to change its open source license
      The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.


    • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License
      MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

      "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

      “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

      MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

      At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.


    • MongoDB issues new open source license
      MongoDB has submitted the SSPL, which is replacing the previous GNU APGLv3 license, for approval from the Open Source Initiative.




  • Openness/Sharing/Collaboration



    • Open Hardware/Modding



      • Arm Launches Mbed Linux and Extends Pelion IoT Service
        Politics and international relations may be fraught with acrimony these days, but the tech world seems a bit friendlier of late. Last week Microsoft joined the Open Invention Network and agreed to grant a royalty-free, unrestricted license of its 60,000-patent portfolio to other OIN members, thereby enabling Android and Linux device manufacturers to avoid exorbitant patent payments. This week, Arm and Intel kept up the happy talk by agreeing to a partnership involving IoT device provisioning.

        Arm’s recently announced Pelion IoT Platform will align with Intel’s Secure Device Onboard (SDO) provisioning technology to make it easier for IoT vendors and customers to onboard both x86 and Arm-based devices using a common Peleon platform. Arm also announced Pelion related partnerships with myDevices and Arduino (see farther below).


      • Arm doodles server, comms CPUs in public before they leak out in open-source code...
        Japanese chip designer Arm has lightly sketched out in public its future processor designs that are aimed at powering internet servers and infrastructure.

        Think CPU cores, chip interconnects, memory subsystems, and so on, for semiconductor manufacturers to use in silicon brains for data center systems, edge devices, and networking and telecommunications gear. Arm really wants to nuzzle its way into server and telecoms racks, tiptoeing past Intel Xeons and AMD Epycs, and so here's the intellectual property it hopes will do the trick.

        And we're not joking when we're say lightly sketched: the biz has only shown off a roadmap of codenames and process nodes. Arm is going public with these plans partly because source code supporting these future chip designs will soon be trickling into the Linux kernel and other open-source projects referencing said codenames, so it may as well spill some beans now to head off speculation.






  • Programming/Development



    • How to Use Git Version Control System in Linux [Comprehensive Guide]
      Version Control (revision control or source control) is a way of recording changes to a file or collection of files over time so that you can recall specific versions later. A version control system (or VCS in short) is a tool that records changes to files on a filesystem.

      There are many version control systems out there, but Git is currently the most popular and frequently used, especially for source code management. Version control can actually be used for nearly any type of file on a computer, not only source code.


    • 5 Things Your Team Should Do to Make Pull Requests Less Painful
      A user story is a short description of a unit of work that needs doing. It’s normally told from the perspective of the user, hence the name. The journey towards a good pull request starts with a well-written user story. It should be scoped to a single thing that a user can do in the system being built.


    • More GitHub workflow automation
      The more you use computers, the more you see the potentials for automating everything. Who doesn't love that? By building Mergify those last months, we've decided it was time bring more automation to the development workflow.


    • Automating upstream releases with release-bot


      Good news: We have developed a tool called release-bot that automates the process. All you need to do is file an issue into your upstream repository and release-bot takes care of the rest. But let’s not get ahead of ourselves. First, let’s look at what needs to be set up for this automation to happen. I’ve chosen the meta-test-family upstream repository as an example.






Leftovers



  • Health/Nutrition

    • Doc charged with involuntary manslaughter in Flint crisis wins top health award

      Health officials in Michigan this week honored Dr. Eden Wells with the state’s top award for an eminent career in public health—despite that Wells is currently facing several charges in connection with the Flint water crisis, including involuntary manslaughter.



    • Finnish hospitals see more babies born to mothers with FGM

      It was only last year that Finland’s National Institute for Health and Welfare (THL) began recording births by circumcised women in Finland, and other major hospitals have also failed to keep detailed records. [...]



    • 'The world is against them': new era of cancer lawsuits threaten Monsanto

      The Johnson v Monsanto trial was groundbreaking before it even began, because a judge allowed the plaintiff’s attorneys to present research and expert testimony on glyphosate and health risks – scientific evidence that the jury ultimately found credible and compelling.



    • Antimicrobial Resistance At The World Investment Forum: UNCTAD, WHO Join Forces


      The third panel gathers governments and civil society, he said, and will look into the need for antibiotic stewardship. For example, he said, a representative of the Swedish Public Health Agency will talk about its strategy to incentivise companies to keep existing antibiotics on the market despite their low prices.

      UNCTAD and WHO are expecting a good debate and some clarification of how stakeholders see the needs for the future, Spennemann said. The two UN organisations seek to informally bring together small companies, and potentially interested investors, and launch an informal debate.




  • Security



    • Reproducible Builds: Weekly report #181
      Another brief reminder that another Reproducible Builds summit will be taking place between 11th—13th December 2018 in Mozilla’s offices in Paris. If you are interested in attending please send an email to holger@layer-acht.org. More details can also be found on the corresponding event page of our website.


    • A mysterious grey-hat is patching people's outdated MikroTik routers
      A Russian-speaking grey-hat hacker is breaking into people's MikroTik routers and patching devices so they can't be abused by cryptojackers, botnet herders, or other cyber-criminals, ZDNet has learned.

      The hacker, who goes by the name of Alexey and says he works as a server administrator, claims to have disinfected over 100,000 MikroTik routers already.


    • Chrome, Edge, IE, Firefox, and Safari to disable TLS 1.0 and TLS 1.1 in 2020
      Apple, Google, Microsoft, and Mozilla announced plans today to disable Transport Layer Security (TLS) 1.0 and 1.1 support in their respective browsers in the first half of 2020.


    • Canonical Announces Partnership with Eurotech, the Big Four to End Support of TLS 1.0 and 1.1, Sony Using Blockchain for DRM, NETWAYS Web Services Launches IaaS OpenStack, Grey Hat Patching MikroTik Routers and Paul Allen Dies at 65
      Apple, Google, Microsoft and Mozilla all announce the end of support for TLS 1.0 and 1.1 standards starting in 2020, ZDNet reports. Chrome and Firefox already support TLS 1.3, and Microsoft and Apple will soon follow suit.


    • Security updates for Tuesday


    • libssh 0.8.4 and 0.7.6 security and bugfix release

      libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials.



    • Trivial authentication bypass in libssh leaves servers wide open

      There’s a four-year-old bug in the Secure Shell implementation known as libssh that makes it trivial for just about anyone to gain unfettered administrative control of a vulnerable server. While the authentication-bypass flaw represents a major security hole that should be patched immediately, it wasn’t immediately clear what sites or devices were vulnerable since neither the widely used OpenSSH nor Github’s implementation of libssh was affected.



    • A Cybersecurity Weak Link: Linux and IoT [Ed: Blaming "Linux" for companies that put default passwords on all their products? Windows has back doors.]


    • Undetectably bypass voting machines' anti-tamper mechanism with a bit of a soda-can

      But University of Michigan grad student Matt Bernhard has demonstrated that he can bypass the tamper-evident seals in seconds, using a shim made from a slice of a soda can. The bypass is undetectable and doesn't damage the seal, which can be resecured after an attacker gains access to the system.



    • Security Seals Used to Protect Voting Machines Can Be Easily Opened With Shim Crafted from a Soda Can

      Bernhard, who is an expert witness for election integrity activists in a lawsuit filed in Georgia to force officials to get rid of paperless voting machines used in that state, said the issue of security ties and seals came up in the lawsuit earlier this year when Fulton County Elections Director Richard Barron told the court that his Georgia county relies on tamper-evident metal and plastic ties to seal voting machines and prevent anyone with physical access to the machines from subverting them while they sit in polling places days before an election.

      [...]

      He noted that defeating ties and seals in non-tamper-evident ways isn’t the only method to wreak havoc on an election in Michigan. The state has a unique law that prohibits ballots from being used in a recount if the number of voters doesn't match the number of ballots cast at a precinct or if the seal on a ballot box is broken or has a different serial number than what it should have. Someone who wanted to wreak havoc on an election or alter an election outcome in Michigan could purposely tamper with ballot box seals in a way that is evident or simply replace them with a seal bearing a different serial number in order to get ballots excluded from a recount. The law came into sharp relief after the 2016 presidential election when Green Party candidate Jill Stein sought to get a statewide recount in Michigan and two other critical swing states and found that some precincts in Wayne County couldn't be recounted because the number of voters who signed the poll books—which get certified with a seal signed by officials—didn't match the number of ballots scanned on the voting machines.

    • Facebook’s ex-security chief will start a new center to bring Washington and Silicon Valley together


    • Most government domains adopt program to prevent sending of fake emails

      The Department of Homeland Security announced last October that all federal agencies had until Oct. 16, 2018, to adopt the email authentication process, known as domain-based message authentication, reporting and conformance (DMARC), which blocks fake or spoofed emails being sent from a government domain.

    • 21-year-old who created powerful RAT software sentenced to 30 months

      When Grubbs was first charged, he claimed LuminosityLink was a legitimate tool for system administrators, and he never intended for it to be used maliciously. He reversed course in a plea agreement he signed in July 2017. In that document, he admitted for the first time that he knew some customers were using the software to control computers without owners' knowledge or permission. Grubbs also admitted emphasizing a wealth of malicious features in marketing materials that promoted the software.



    • What To Do If Your Account Was Caught in the Facebook Breach
      Keeping up with Facebook privacy scandals is basically a full-time job these days. Two weeks ago, it announced a massive breach with scant details. Then, this past Friday, Facebook released more information, revising earlier estimates about the number of affected users and outlining exactly what types of user data were accessed. Here are the key details you need to know, as well as recommendations about what to do if your account was affected.

      30 Million Accounts Affected

      The number of users whose access tokens were stolen is lower than Facebook originally estimated. When Facebook first announced this incident, it stated that attackers may have been able to steal access tokens—digital “keys” that control your login information and keep you logged in—from 50 to 90 million accounts. Since then, further investigation has revised that number down to 30 million accounts.

      The attackers were able to access an incredibly broad array of information from those accounts. The 30 million compromised accounts fall into three main categories. For 15 million users, attackers access names and phone numbers, emails, or both (depending on what people had listed).


    • GNU Binutils read_reloc Function Denial of Service Vulnerability [CVE-2018-18309]




  • Defence/Aggression



  • Transparency/Investigative Reporting



    • A court ruling knocks another hole in Swiss banking secrecy
      DURING his decade-long legal battle with the Swiss authorities, Rudolf Elmer, a bank whistleblower, endured 48 prosecutorial interrogations, spent six months in solitary confinement and faced 70 court rulings. None, though, was more important than the decision by Switzerland’s supreme court on October 10th, which set strict limits on the country’s famous bank-secrecy laws.

      Mr Elmer had leaked data from Julius Bär after being sacked by the Cayman Islands affiliate of the Zurich-based bank. The court, dismissing an appeal by prosecutors, ruled that because he was employed by the Cayman outfit, not its parent, he was not bound by Swiss secrecy law when he handed data to WikiLeaks in 2008. The 3-2 ruling followed a rare public debate among the judges, held in only 0.3% of supreme-court cases, underlining the national importance of the issue.



    • Pacifica stands with Wikileaks and Julian Assange
      If you’re opposed to war, how can you not love Julian Assange? Peace has been his overarching goal ever since he hacked into Pentagon computers at age 17, and he still has hope. In 2011, he told RT:

      “Nearly every war that has started in the past 50 years has been the result of media lies. The media could have stopped it. If they hadn’t reprinted government propaganda, they could’ve stopped it. But what does that mean?

      “That means basically that populations don’t like wars. And populations have to be fooled into war. Populations don’t willingly and with open eyes go into war. So if we have a good media environment, then we’ll also have a peaceful environment.”




  • Environment/Energy/Wildlife/Nature

    • Devastating UN Report: CO2 Emissions Must Go to Zero By 2050 to Avoid Worst Effects of Climate Change

      Carbon dioxide emissions must reach net zero by 2050 in order to keep global warming below 1.5 degrees Celsius according to the “1.5 Degree Report,” compiled by the Intergovernmental Panel on Climate Change (IPCC), a coalition of climate scientists working for the United Nations. For perspective, we emitted over 32 gigatonnes of carbon dioxide last year (a gigatonne is one billion metric tonnes.) The report also claims that national pledges from the 2015 Paris Climate Accord are not enough to meet these targets.



    • Coal Is Killing the Planet. Trump Loves It.

      Scientists issued a new alarm on the devastating impacts of continued burning of fossil fuels. But the Trump E.P.A. keeps propping up coal.



    • Why Catastrophic Climate Change is Probably Inevitable Now

      So now let’s connect all the dots. Capitalism didn’t just rape the planet laughing, and cause climate change that way. It did something which history will think of as even more astonishing. By quite predictably imploding into fascism at precisely the moment when the world needed cooperation, it made it impossible, more or less, for the fight against climate change to gather strength, pace, and force. It wasn’t just the environmental costs of capitalism which melted down the planet — it was the social costs, too, which, by wrecking global democracy, international law, cooperation, the idea that nations should work together, made a fractured, broken world which no longer had the capability to act jointly to prevent the rising floodwaters and the burning summers.



    • Denmark to label food according to effect on climate

      Food products will be marked with stickers showing their environmental impact, according to a proposal expected to be included in a new climate package to be presented by the government this week.



    • We must reduce greenhouse gas emissions to net zero or face more floods

      Even 1.5C of warming would have brutal consequences, according to the report. Poor people, in particular, would suffer as the threat of food and water shortages increase in some parts of the world.

      But the report makes clear that allowing warming to reach 2C would create risks that any reasonable person would regard as deeply dangerous.

    • A major climate report will slam the door on wishful thinking

      According to the drafts, the report finds that it would take a massive global effort, far more aggressive than any we’ve seen to date, to keep warming in line with 1.5€°C — in part because we are already en route to 3€°C of warming. And even if we hit the 1.5€°C goal, the planet will still face massive, devastating changes. So it’s pretty grim.


    • Earth's climate monsters could be unleashed as temperatures rise

      As a UN panel prepares a report on 1.5C global warming, researchers warn of the risks of ignoring ‘feedback’ effects







  • Finance



    • Budget Deficit Jumps Nearly 17% in 2018
      The federal budget deficit swelled to $779 billion in fiscal year 2018, the Treasury Department said on Monday, driven in large part by a sharp decline in corporate tax revenues after the Trump tax cuts took effect.

      The deficit rose nearly 17 percent year over year, from $666 billion in 2017. It is now on pace to top $1 trillion a year before the next presidential election, according to forecasts from the Trump administration and outside analysts. The deficit for the 2018 fiscal year, which ended Sept. 30, was the largest since 2012, when the economy and federal revenues were still recovering from the depths of the recession.

      Administration officials attributed the deficit’s rise to greater federal spending, including the military and domestic budget increases that President Trump approved this year, not the $1.5 trillion tax cut.




  • AstroTurf/Lobbying/Politics



    • Peter Thiel associate named as ambassador to Sweden


    • Taibbi: Why Aren’t We Talking More About Trump’s Nihilism?

      Now comes this Linda Blair-style head turn. The NHTSA report deftly leaps past standard wing-nut climate denial and lands on a new nihilistic construct, in which action is useless precisely because climate change exists and is caused by fossil fuels.

      The more you read of this impact statement, the weirder it seems. After the document lays out its argument for doing nothing, it runs a series of bar graphs comparing the impact of various action plans with scenarios in which the entire world did nothing (labeled the “no action” alternative).

    • The Trump administration knows the planet is going to boil. It doesn't care

      The news in that statement is that administration officials serenely contemplate that 4C rise (twice the last-ditch target set at the Paris climate talks). Were the world to actually warm that much, it would be a literal hell, unable to maintain civilizations as we have known them. But that’s now our policy, and it apparently rules out any of the actions that might, in fact, limit that warming. You might as well argue that because you’re going to die eventually, there’s no reason not to smoke a carton of cigarettes a day.

      Meanwhile, reporters also discovered that the administration has set up what can only be described as a concentration camp near the Mexican border for detained migrant children, spiriting them under cover of darkness from the foster homes and small shelters across the nation where they had been staying.



    • Voter Purges: What Georgians Heading to the Polls Need to Know
      Charges of voter suppression have been levied in the governor’s race in Georgia in recent weeks, pitting the secretary of state and GOP candidate Brian Kemp against critics, including his Democratic opponent Stacey Abrams, who say that he’s using his perch as the chief election official to benefit his own candidacy.

      The race, which the Cook Political Report currently lists as a toss-up, has received national attention. The controversy has raised questions about whether some Georgians will be turned away at the polls.

      Here’s what’s happened so far, and what voters need to know.

      In 2017, Georgia passed a new “exact match” law, supported by Kemp, which requires that voter registration applications precisely match information on file with the Georgia Department of Driver Services or the Social Security Administration.
    • Voter Registration Around Austin Smashed Records. That May Be a Problem.
      Travis County, Texas — the home of Austin — has experienced a massive spike in voter registrations this cycle, which officials there attribute to the heightened interest in the state’s competitive Senate race. The county received around 35,000 registrations on the final day to submit them — that’s 10,000 more than on the same day in 2016.

      While the increase in voter participation is good news, the recent surge is complicated by the fact that the registrations were submitted on paper. Texas is one of only 13 states not to have online voter registration. About a dozen county employees are now sifting through thousands of applications, verifying them and entering them into the state’s voter rolls by hand.

      Of the 35,000 registrations received on Oct. 9, 25,000 have yet to be processed. Early voting starts Monday. County officials recognize that the haste required to process that many applications is likely to lead at least some voters to experience problems at the polls.
    • Washington Post Saudi Link; Assange Has Partial Wi-Fi; Harvard Lawsuit
      Lazare joins us to discuss a recent Intercept article, "The Washington Post, as it Shames Others, Continues to Pay and Publish Undisclosed Saudi Lobbyists and Other Regime Propagandists," by Glenn Greenwald. It questions the Washington Post grieving one of its journalists while at the same time continuing ties with the Saudi regime: "In the wake of the disappearance and likely murder of Washington Post columnist Jamal Khashoggi, some of the most fervent and righteous voices demanding that others sever their ties with the Saudi regime have, understandably, come from his colleagues at that paper… addressing unnamed hypothetical Washington luminaries who continue to take money to do work for the despots in Riyadh, particularly Saudi Crown Prince Mohammed bin Salman bin Abdulaziz Al Saud, or 'MbS' as he has been affectionately known in the Western press." But Greenwald says Post writers should ask those question of themselves, given the paper's history of favorable reporting on Saudi Arabia's government. What do we make of these headlines?
    • Pump and Trump
      Donald Trump claims he only licensed his name for real estate projects developed by others. But an investigation of a dozen Trump deals shows deep family involvement in projects that often involved deceptive practices.




  • Censorship/Free Speech

    • Jokes can spark threats

      I feel that as a woman, people will give you hell just because they can. If it is very nasty, I tend to ignore it. Somedays, when I am in a really bad mood, I may give it back to them in the same vein though. When asked which video of hers received a lot of flak, Saadiya recounts, “There was a video of mine on Muslims; nothing derogatory, I was just making fun of my own people. That ticked off a lot of Muslims. I also speak of topics that are hardcore feministic and this doesn’t go down well with a lot of people.

      “The threats range from I should get raped or killed to asking me to put out my address if I was that brave because they wanted to teach me a lesson. A lot of these people don’t even understand jokes, sarcasm or satire. They pick some words, form their own ideas and get offended. Now how is this my fault?”



    • Stand up for journalists and the free press by opposing the Future Investment Initiative!


    • Political correctness: an elite ideology

      So if it is not ethnic minorities clamouring for PC censorship, who is? The Hidden Tribes researchers identified a section of society which it labelled ‘progressive activists’. This group includes those most wedded to political correctness: only 30 per cent see it as a problem. It is characterised as being young, cosmopolitan and liberal. But it makes up just eight per cent of the US population. They are also disproportionately white: 80 per cent of the ‘progressive activists’ surveyed were white compared with 69 per cent of those surveyed overall. They are also overwhelmingly better-off: so-called progressive activists are three times as likely to have a postgraduate education and twice as likely to be earning over $100,000 a year.



    • Google CEO speaks out about controversial Chinese search engine plans

      He was also quick to defend the project, which human rights groups have suggested will likely to be complicit in human rights violations and would allow for far more detailed tracking and profiling of people's behaviour.



    • Lawsuit Seeking to Unmask Contributors to ‘Shitty Media Men’ List Would Violate Anonymous Speakers’ First Amendment Rights
      A lawsuit filed in New York federal court last week against the creator of the “Shitty Media Men” list and its anonymous contributors exemplifies how individuals often misuse the court system to unmask anonymous speakers and chill their speech. That’s why we’re watching this case closely, and we’re prepared to advocate for the First Amendment rights of the list’s anonymous contributors.

      On paper, the lawsuit is a defamation case brought by the writer Stephen Elliott, who was named on the list. The Shitty Media Men list was a Google spreadsheet shared via link and made editable by anyone, making it particularly easy for anonymous speakers to share their experiences with men identified on the list. But a review of the complaint suggests that the lawsuit is focused more broadly on retaliating against the list’s creator, Moira Donegan, and publicly identifying those who contributed to it.

      For example, after naming several anonymous defendants as Jane Does, the complaint stresses that “Plaintiff will know, through initial discovery, the names, email addresses, pseudonyms and/or ‘Internet handles’ used by Jane Doe Defendants to create the List, enter information into the List, circulate the List, and otherwise publish information in the List or publicize the List.”

      In other words, Elliott wants to obtain identifying information about anyone and everyone who contributed to, distributed, or called attention to the list, not just those who provided information about Elliot specifically.

      The First Amendment, however, protects anonymous speakers like the contributors to the Shitty Media Men list, who were trying to raise awareness about what they see as a pervasive problem: predatory men in media. As the Supreme Court has ruled, anonymity is a historic and essential way of speaking on matters of public concern—it is a “shield against the tyranny of the majority.”
    • Will Donald Trump Support A Federal Anti-SLAPP Law Now That It's Helped Him Win Stormy Daniels' Defamation Suit?
      And it's that tweet that Daniels/Avenatti sued over. Again, this was clearly going nowhere. That tweet is not at all defamatory under the 1st Amendment. In his defense, Trump, who was represented by Charles Harder*, filed an anti-SLAPP motion, arguing that Trump was protected under Texas' anti-SLAPP law, that the case should be dismissed, and that Trump should be awarded attorneys' fees. And the court easily agreed.

      [...]

      He and Daniels will almost certainly lose this appeal and Trump will almost certainly win. But the real question is whether or not this helps Trump recognize the value of strong anti-SLAPP laws. It seems like now would be a good time for Congress to finally move on the federal anti-SLAPP law, while reminding Trump that it may have just saved him a bunch of money...




  • Privacy/Surveillance



    • Massachusetts Supreme Court Looking To Define Where The Fifth Amendment Ends And Compelled Decryption Begins
      Another case attempting to define the contours of the Fifth Amendment as it pertains to cellphones and passwords has arrived in the Massachusetts Supreme Judicial Court. The case involves sex trafficking allegations and a phone seized from the defendant at the time of his arrest. Testimony from a person who said she was trafficked suggested the phone seized belonged to the defendant Dennis Lee Jones. The state sought to compel Jones to unlock the seized phone, but this motion was denied by the trial court, resulting in the state's appeal.

      While the lower court did express some concern that unlocking devices can result in the production of evidence to be used against the person unlocking it, the standard for compelled password production has nothing to do with the eventual recovery of evidence. All the state* needs to reach is a reasonable certainty the defendant knows the password to the seized device. This is called a "foregone conclusion" -- the defendant "telling" the state what it already "knows:" that the phone belongs to him and he can unlock it. The potential evidence held inside the phone may eventually be used against the defendant, but the Fifth Amendment question isn't about this evidence, but rather the simple act of producing a password, which isn't considered testimonial if the government can tie the phone to the accused.
    • Report: Your Browser’s “Do Not Track” Isn’t Respected by Twitter, Facebook and Other Major Players
      Right now, if you head to the privacy settings of your browser, there is a feature called “Do Not Track.” If you don’t know what that is, it’s basically a feature that sends a message to every website you visit asking them to not track your digital footprint.

      Websites use tracking to study your behavior and serve you ads accordingly to boost online sales revenue. We often fall for it, one minute you are looking at an expensive Jacket you want but you can’t afford it, the next minute you visit Facebook and there it is again, 20% off. And more often than not we end up buying the products.


    • Canadian Privacy Commissioner Goes To Court To Determine If Canada Can Force Google To Delete History
      Canada has been stumbling towards an EU-style "right to be forgotten" (RTBF) for quite some time now. There was a big case last year that not only said Google can be forced to remove links to certain information, but that it could be forced to do so globally (i.e., outside of just Canada). That was as a result of a specific lawsuit about specific information, but this year, a bigger exploration of the RTBF concept has been underway, as some have argued that Canada's PIPEDA (Personal Information Protection and Electronic Documents Act) meant that Google should be forced to "de-link" articles on certain people's name searches upon request (just like the EU's RTBF).

      A report from the Canadian Privacy Commissioner earlier this year argued that PIPEDA already provided such a right and the Privacy Commissioner Daniel Therrien has been stumping for this ever since. Google has -- for obvious reasons -- been expressing its position that this is ridiculous, saying that PIPEDA does not apply to de-linking individuals' names from news articles, and further argued that requiring such a result would be unconstitutional.


    • The ‘Donald Daters’ Trump Dating App Exposed Its Users’ Data

      Alderson pointed Motherboard to the apparently misconfigured database which contains the Donald Daters user information. To verify the data did come from Donald Daters, Motherboard created an account on the app, searched for users mentioned in the exposed data, found these through the app itself, and confirmed the profile photos and names matched up.





  • Civil Rights/Policing



    • Checkpoint Nation

      Increasingly, Padilla’s description applies to CBP as well. It turns out that the legal definition of “the border” is troublingly broad. Some 200 million people — nearly two-thirds of all Americans — live within the “border zone,” which is defined by the Justice Department as the area up to 100 air miles from any U.S. land or coastal boundary. Nine of the country’s 10 largest cities lie within the zone. It touches 38 states and encompasses all of Connecticut, Delaware, Florida, Hawaii, Maine, Massachusetts, Michigan, New Hampshire, New Jersey and Rhode Island.



    • Innocent man 'intimately searched' and 'called a paedo' by police in brutal arrest paid €£35k damages

      The force confirmed it had settled the case without liability, meaning it made no formal admission of wrong-doing, although the settlement including a letter of apology.



    • China disappearances show Beijing sets its own rules

      The recent disappearances of two high-profile Chinese citizens have once again focused international attention on China's legal system and its use of secret detentions.



    • The Spirit of 1968 Lives on Today in Athletes like Colin Kaepernick
      Tommie Smith and John Carlos staged a stunning protest at the ’68 Summer Olympics. Fifty years later, rampant racial discrimination remains.

      In 1968, rage over the United States’ treatment of Black America was boiling over. It culminated that year in a protest at the Summer Olympics in Mexico City that shocked the world. But perhaps the lid blowing off the kettle shouldn’t have been so surprising.

      In May of 1967, Martin Luther King Jr. admitted that his “dream” of 1963 had “turned into a nightmare.” The uprisings later that summer reflected long-festering racial inequality. And as 1968 dawned, poverty was rampant in Black America.

      In Memphis, striking sanitation workers made about a dollar an hour. The Kerner Report, which was released in March of 1968, sounded ominous:

      “What white Americans have never fully understood — but what the Negro can never forget — is that white society is deeply implicated in the ghetto. White institutions created it, white institutions maintain it, and white society condones it.”

      Less than one month later, King was shot down in Memphis supporting those very sanitation workers.

      1968 also saw continued protests over the Vietnam War, the assassination of Robert Kennedy, and the live broadcast across the nation of the Chicago Police beating demonstrators at the Democratic National Convention. As the 1968 Olympics Games began, track athletes John Carlos and Tommie Smith made a decision. Something had to be said to the world about the promise of America going up in smoke.



    • Police Reform Is Coming to New York City, but Will the NYPD Follow the Law?
      Police reform legislation will go into effect this week in New York City, but the law depends on the NYPD acting in good faith.

      In December 2017, the New York City Council passed two police reform measures, collectively known as the Right to Know Act, which aimed to improve communication and transparency during police stops and searches. On Friday, both bills will take full effect, and the New York Police Department will be tasked with implementing the council’s mandate to become more transparent and accountable. But there are good reasons to be skeptical that the NYPD will implement the law faithfully.

      The first measure requires the NYPD to develop a policy that instructs officers to let people know when they have the right to refuse to be searched. Under the consent-to-search law, if an officer wants to search someone, her home, her vehicle, or her property without a warrant or a legally recognized exception under the Fourth Amendment’s warrant requirement, the officer must ask if the person voluntarily agrees to be searched.

      The law also requires the officer to explain that no search will happen if the individual stopped says no, and it requires the officer to double check that the person stopped understands that explanation. If the person has limited English proficiency, the officer must use interpretation services so that the person understands what’s being asked of her.

      If the officer has a body-worn camera, the encounter will be recorded, and the officer will be required to let the person know how to request a copy of that footage. The NYPD will also have to start keeping track of these encounters and publicly report how many searches are happening and, perhaps most importantly, the demographics of the people being asked to let an officer search them.


    • Facebook's Latest Fake News 'Purge' Terminates Several Accounts Known For Their Criticism Of Law Enforcement
      Moderating at scale is a nightmare. Anything you do will be wrong. This doesn't mean you shouldn't try. This doesn't mean you shouldn't listen to criticism. Just be aware every move you make will cause unintended collateral damage. Making everyone happy is impossible. Making everyone angry is inevitable.

      [...]

      Maybe so, but the vanishing of a handful of cop accountability-focused pages isn't exactly what comes to mind when someone's talking about Russian interference. Encouraging platforms to engage in further moderation may seem innocuous, but the reality of the situation is there is constant pressure -- applied by people like Senator Warner -- for platforms to do more, more, more because some speech they don't care for can still be found on the internet.

      The more politicians push for action, the more collateral damage they will cause. They may feel there's no Constitutional problem since they're not directly mandating moderation efforts. But they are harming free speech, if only indirectly at this point.



    • How America Systematically Fails Survivors of Sexual Violence
      #MeToo exposed the widespread silencing and dismissal of survivors and the need for our institutions to do better.

      Before there was Christine Blasey Ford, there was Recy Taylor, an African-American woman who was raped by six white men in 1944 and fought for justice with the help of Rosa Parks. And in between the two of them, there was Anita Hill, Tarana Burke, Alyssa Milano, Lupita Nyong’o, Tanya Selveratnam, Aly Raisman, and many, many more.

      For centuries, women have experienced violence and harassment, and many have spoken out. #MeToo brought us to a new phase in building the movement to end gender-based violence, magnifying and connecting thousands of voices as they shared their stories. Despite women’s achievement of formal equality, #MeToo exposed how common such violence is, the widespread silencing and dismissal of survivors, and the myriad ways violence undermines survivors’ security, dignity, and opportunities.

      The President and Senate Judiciary Committee are far from the only powerful people and institutions that limit investigations, disbelieve survivors, and fault people for coming forward. Discrimination against survivors infiltrates all aspects of life, including the responses of law enforcement, employers, housing providers, and schools, to name a few. Speaking out about violence is a crucial step. But law enforcement, employers, housing providers, and schools must also step up and acknowledge how their policies and practices contribute to violence.

      “Why didn’t you report?” is the refrain so many survivors face when they disclose violence for the first time. But too often, police dismiss survivors who go to law enforcement. This attitude results in governments’ decisions not to test thousands of rape kits in cities like Detroit, Albuquerque, and Washington DC, based on officers’ assumptions that there was no sexual assault. It also explains why one in three survivors feel less safe after contacting police.


    • From Canada to Argentina, Security Researchers Have Rights—Our New Report
      EFF is introducing a new Coders' Rights project to connect the work of security research with the fundamental rights of its practitioners throughout the Americas. The project seeks to support the right of free expression that lies at the heart of researchers' creations and use of computer code to examine computer systems, and relay their discoveries among their peers and to the wider public.

      To kick off the project, EFF published a whitepaper today, “Protecting Security Researchers' Rights in the Americas” (PDF), to provide the legal and policy basis for our work, outlining human rights standards that lawmakers, judges, and most particularly the Inter-American Commission on Human Rights, should use to protect the fundamental rights of security researchers.

      We started this project because hackers and security researchers have never been more important to the security of the Internet. By identifying and disclosing vulnerabilities, hackers are able to improve security for every user who depends on information systems for their daily life and work.


    • For Wearing Tampon, Virginia Woman Says She’s Barred From Prison Visits
      A Virginia woman says state prison officials terminated a visit with her husband and accused her of attempting to smuggle drugs with a tampon days after the state suspended a policy that would have banned women from wearing the feminine hygiene product to visits.

      Weeks later, according to the woman, her visits were unofficially suspended indefinitely as officials continue to investigate the package.

      The woman, who asked not to be named out of fear of retaliation from prison officials, said a Virginia Department of Corrections (DOC) administrator told her she was one of several women who had their visits terminated that day (although a friend who was in the visitation room with her said she did not see anyone else dismissed). She told Shadowproof she felt like she was targeted because she was on her period.

      The Virginia DOC did not return requests for comment on the alleged incident and visitation privileges. It posted a vague tweet on October 3 about drugs being found in the bathroom of one of its facilities but a spokeswoman did not disclose further details on the statement.

      The confrontation marked the latest incident in which officials used contraband to exert their power over incarcerated women and visitors’ periods.


    • FBI Releases Guidelines On Impersonating Journalists, Seems Unworried About Its Impact On Actual Journalists
      The FBI's impersonation of journalists raised questions about its investigative activities, none of which the FBI felt like addressing. An Inspector General's investigation of FBI investigations using this tactic found that it was generally a bad idea, but not an illegal or unconstitutional one. Prior to the investigation, the FBI apparently had no clear policies governing this form of impersonation, which it used to snare a school-bombing suspect.

      Following the report, a policy was put in place that added some additional layers of oversight but didn't indicate the obvious downside of impersonating journalists: that the people the FBI wants to investigate are going to do a lot less talking to anyone they don't know, which includes journalists attempting to document newsworthy events that might contain criminal activity.

      The FBI blew it with one of its other impersonation efforts. As Camille Fassett reports for the Freedom of the Press Foundation, a more recent effort may have put a serious damper on its fake news(person) efforts.


    • 16-year-old gets 4.5 years in prison for kissing 13-year-old

      The case concerns the 16-year-old A.K. and 13-year-old S.Ö. who have hugged and kissed each other on the school premises of the latter. The incident however was taken to the judiciary when a schoolmate of the 13-year old S.Ö. (known with initials A.Åž) took the video of the two kissing and shared it with friends. Once the relevant video was seen by the school management, a lawsuit was opened at the Antalya 6th Heavy Penalty Court against the middle schooler A.Åž. for “using children in the production of inappropriate images” and the high schooler A.K. for “sexual assault.”



    • Australians should sign Muslim peace contract or be executed, witness tells court

      He was questioned about his support for Islamic State, the caliphate and Sharia Law, which he believed should be implemented in Australia for all Muslims and non-Muslims.

      "They would have to sign a contract to live with, amongst Muslims in peace," he said.

      "Whoever does not sign the contract either leaves the country or is executed."





  • Internet Policy/Net Neutrality



    • Comcast complains it will make less money under Calif. net neutrality law

      Comcast submitted its filing on October 3 as part of the broadband industry lawsuit that seeks to overturn California's net neutrality law (SB 822), which is slated to take effect on January 1, 2019 unless the court grants a stay halting implementation. Comcast's filing is meant to support the industry's request for an injunction that would halt enforcement of the law while litigation is pending.



    • 99.7% Of Original Comments Opposed FCC Repeal Of Net Neutrality
      A new study has once again confirmed that the vast, vast majority of the public opposed the FCC's ham-fisted repeal of net neutrality.

      Like most government proceedings, the FCC's net neutrality killing order's public comment period was filled will all manner of comments (both in favor and against) generated by automatic letter-writing campaigns. Like most government proceedings in the post-truth era, the net neutrality repeal was also plagued by a lot of shady gamesmanship by companies trying to disguise the fact that the government was simply kissing the ass of giant, unpopular telecom monopolies. But what happens if you eliminated all of the letter-writing campaign and bogus bot-comments?

      A new report from Stanford University (pdf) did just that. It eliminated all automated or form-generated comments and found just 800,000 Americans willing to take the time to put their own, original thoughts on the net neutrality repeal into words.


    • 99.7 Percent of Unique FCC Comments Favored Net Neutrality

      After removing all duplicate and fake comments filed with the Federal Communications Commission last year, a Stanford researcher has found that 99.7 percent of public comments—about 800,000 in all—were pro-net neutrality.

    • DOJ Continues To Point Out A Mega-Merged AT&T Will Jack Up Prices On Everybody
      AT&T recently defeated the DOJ's challenge to their $86 billion merger with Time Warner thanks to a comically narrow reading of the markets by U.S. District Court Judge Richard Leon. At no point in his 172-page ruling (which approved the deal without a single condition) did Leon show the faintest understanding that AT&T intends to use vertical integration synergistically with the death of net neutrality to dominate smaller competitors.

      In fact, net neutrality was never even mentioned by the DOJ at the multi-week trial. Likely in part because the DOJ didn't want to highlight how the Trump FCC was screwing everybody over with one hand, while the Trump DOJ was allegedly suing AT&T to "protect consumers" with the other (some argue that Trump's disdain for CNN and adoration of Rupert Murdoch were the more likely motivators). But if you ignore the fact that AT&T plans to use its monopoly over many broadband markets (from residential to cellular tower backhaul) combined with the death of net neutrality to make life difficult for consumers and competitors alike, you're not paying any attention to history or to AT&T's repeated nods in that general direction.




  • DRM



    • Security Updates Are Even Breaking Your Printer (On Purpose)
      Printer manufacturers hate third-party ink cartridges. They want you buying the expensive, official ones. Epson and HP have issued sneaky “updates” that break these cheaper cartridges, forcing you to buy the expensive ones.

      HP pioneered this technique back in 2016, rolling out a “security update” to its OfficeJet and OfficeJet Pro printers that activated a helpful new feature—helpful for HP’s bottom line, at least. Now, before printing, the printer would verify you’re using new HP ink cartridges. If you’re using a competitor’s ink cartridge or a refilled HP ink cartridge, printing would stop. After some flaming in the press, HP sort-of apologized, but not really.




  • Intellectual Monopolies



    • Microsoft's Peace Treaty With the 'Linux System'
      "The only reason you don't sign the OIN license is because you want to reserve the right to sue on core Linux," he said.

      Taking Microsoft on as a member creates something of a public relations problem for OIN, which is not without detractors in the open source community. The opposition primarily centers on the widespread belief in open source circles that software shouldn't be patentable, mostly because software is already covered under copyright law. In a recent article on Microsoft's joining OIN, Roy Schestowitz, publisher of the software patent-focused Techrights website, called OIN "an IBM-centric group that favors software patents" and has said the organization's model works against patent reform because it supports the legitimacy of patents.

      "We don't feel that we're legitimizing them," Bergelt said. "We're recognizing that they exist. It's a matter of pragmatism to say that whether we believe they should exist or shouldn't exist doesn't matter -- they do exist. My view is we're recognizing reality and dealing with it in a determined way, and I disagree with those who believe it's a validation."


    • Germany: Feuerfeste Zustellung einer Gießpfanne, Federal Court of Justice of Germany, X ZR 44/16, 13 March 2018
      The Federal Court of Justice held that the purpose of determining the technical problem (objective) in invalidity proceedings is to locate the starting point of skilled efforts to enrich the state of the art without knowledge of the invention, in order to assess, in the subsequent and separate examination of patentability, whether or not the solution proposed for this purpose was rendered obvious by the state of the art. Accordingly, it does not have the function to make a preliminary decision on the question of patentability. Therefore, it is neither permissible to take into account elements belonging to the solution according to the patent in the formulation of the problem nor may it be assumed without further ado that it was appropriate for the person skilled in the art to deal with a particular problem.



    • Why would the Federal Trade Commission snatch defeat from the jaws of victory over Qualcomm?
      This is a follow-up to yesterday's post on Judge Lucy H. Koh's decision to deny a joint administrative motion by the Federal Trade Commission and Qualcomm asking her not to rule on a motion for partial summary judgment on the obligation to extend standard-essential patent (SEP) licenses on FRAND terms to rival chipset makers (such as Intel).

      I didn't want to jump to conclusions from a case management decision, but in purely probabilistic terms it's a fact that Judge Koh's order increases the likelihood of summary judgment being granted. There's no harder-working judge than her, and she wouldn't have decided to cancel the hearing and take this motion (as well as several other, less important motions) under submission if there had been any questions left to ask. However, if she had been inclined to deny the actual motion, she might just have given the parties four weeks to work out a settlement--the sole remaining plausible explanation would be that she wanted to make it clear her court is nobody's tool, much less a restaurant that serves litigation à la carte where you can put one motion on hold while letting the process continue on the same schedule in all other respects.

      This antitrust litigation has been going very, very well for the FTC for a long time. It wouldn't make sense to let Qualcomm off the hook now that there is a near-term opportunity (with respect to the summary judgment motion, "near-term" is actually a gross understatement) to restore fair competition in the market for baseband chipsets and with respect to cellular SEP licensing.

      There's probably a lot of fighting going on in DC behind the scenes, inside and outside the FTC. Prior to the latest twist I had already tried to find out about where the current five commissioners stand on FRAND, but haven't found any information that would enable me to predict the outcome of a vote on a hypothetical settlement proposal tantamount to the agency's surrender. In the past, the positions of Commissioners Maureen Ohlhausen and Joshua D. Wright were well-known (I mentioned Mrs. Ohlhausen on several occasions, and in 2013 I dedicated a blog post to Mr. Wright's stance), but they aren't in office anymore. So I extended my search for clues to high-ranking FTC officials. It turns out that two of them--Alden Abbott (the FTC's General Counsel) and Bruce H. Kobayashi--have a certain proximity to Qualcomm and are sympathetic to Qualcomm's unFRANDly positions to a degree that is clearly a minority opinion in the legal community. While I don't have the slightest indication of any impropriety, there is a conspicuous lack of impartiality.


    • Copyrights



      • 9th Circuit Led Zeppelin ruling introduces new copyright infringement framework
        The Ninth Circuit’s Stairway to Heaven decision on September 28 offers a better application of the inverse ratio rule, according to one observer

        The Ninth Circuit recently vacated in part the district court’s judgement that Led Zeppelin’s Stairway to Heaven did not infringe Spirit’s 1960s instrumental track Taurus.
      • Art, AI & Infringement: A Copyright Conundrum
        The trademark claim rests solely on the name of the file including Chamandy's full name. It's a silly argument for trademark infringement as the whole point of including the name is to weigh the new art piece against her specific work, which necessarily involves anyone viewing these pieces being informed that they are not the work of the original author. The whole purpose of the validation process is to show what differentiation remains between the new piece and the human-made example. That's not trademark infringement. It's not really even close.

        As for the copyright portion of this, it's important that you not be fooled by the percentage the machine setup notes in the validation process. You might think that an 85% match would mean the two images are very similar and would share a ton of features that would link the two in the viewer's mind. That's not even close to being the case, as you can see just how different the two images are below.
      • Can't Wish Away The Mistakes In The Original 'Stairway To Heaven' Verdict
        Last time, I explained why I thought the Ninth Circuit's recent vacating and remanding of the jury verdict in Led Zeppelin's favor was, long-term, a good thing for copyright law (even if I kind of liked the verdict and am genuinely sorry for Led Zeppelin). The reason is that the reversal gave one panel of the Ninth Circuit an opportunity to try to fix the Ninth Circuit's unhelpful legal framework for determining copyright infringement.

        But that isn't why the panel reversed. While the panel did make some suggestions about how to present the "inverse-ratio" rule to the jury, the way it was presented to the original jury isn't what merited reversal. What merited reversal was the lack of another jury instruction about a basic and uncontroversial principle of copyright law that the parties agreed should have been there in some form. In short, the case is being reversed — and the Ninth Circuit is getting a chance to fix its own weird copyright law — because of what appears to have been a brain fart.



      • Vodlocker Hammers Streaming Sites with JavaScript-based DDoS

        Vodlocker.to offers a handy video embed tool which several smaller pirate streaming sites have grown to rely on. Starting recently, however, the site also appears to have become the source of a rather nasty JavaScript-based DDoS campaign, which uses the unwitting viewers of these embedded videos to take out several pirate streaming sites.



      • Court Orders Swedish ISP Telia to Block The Pirate Bay & FMovies

        Sweden's Patent and Market Court has ordered a local ISP to block access to several large torrent and streaming platforms. The interim ruling, which comes into force at the end of October, requires Telia to block The Pirate Bay, Dreamfilm, FMovies, and NyaFilmer following a complaint from Hollywood and local studios.



      • High Court overturns ruling of breach of privacy in Kim Dotcom case

        At the four-day appeal hearing last month, the lawyer for the Attorney-General, Victoria Casey told the High Court at Wellington the transfer of the requests was "orthodox and sensible", and that the Tribunal had taken the wrong approach to deciding whether the requests were vexatious.



      • Kim Dotcom loses court battle over information requests








Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
GNOME GUADEC 2022 & Debian Albanian women trafficked to Mexico?
Reprinted with permission from the Free Software Fellowship
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day