Bonum Certa Men Certa

Links 25/10/2018: Blender 2.8 Beta, Qt Design Studio 1.0 Released





GNOME bluefish

Contents





GNU/Linux



  • Desktop



    • Windows 10’s October 2018 Update Is Probably Delayed Until November (And Here’s Why)
      Microsoft stopped offering Windows 10’s October 2018 Update on October 6, as it was deleting some people’s files. Now, another ugly data loss bug has reared its head, and it won’t be fixed until November.


    • A New Windows Zero Day Exploit Can Delete Your System Files
      As Bleeping Computer notes, the vulnerability, which affects all the Windows 10 versions, can be used to exploit system data, and it can also lead to privilege escalation (an exploitation technique to gain access to protected resources on the computer).

      According to the SandboxEscaper, the problem pertains the Microsoft Data Sharing Service which provides data brokering between applications. In the tweet, the research shared a GitHub link as a proof-of-concept.


    • New Windows Zero-Day Bug Helps Delete Any File, Exploit Available
      Proof-of-concept code for a new zero-day vulnerability in Windows has been released by a security researcher before Microsoft was able to release a fix.

      The code exploits a vulnerability that allows deleting without permission any files on a machine, including system data, and it has the potential to lead to privilege escalation.






  • Kernel Space



    • Internationalizing the Kernel
      At a time when many companies are rushing to internationalize their products and services to appeal to the broadest possible market, the Linux kernel is actively resisting that trend, although it already has taken over the broadest possible market—the infrastructure of the entire world.

      David Howells recently created some sample code for a new kernel library, with some complex English-language error messages that were generated from several sources within the code. Pavel Machek objected that it would be difficult to automate any sort of translations for those messages, and that it would be preferable simply to output an error code and let something in userspace interpret the error at its leisure and translate it if needed.

      In this case, however, the possible number of errors was truly vast, based on a variety of possible variables. David argued that representing each and every one with a single error code would use a prohibitively large number of error codes.

      Ordinarily, I might expect Pavel to be on the winning side of this debate, with Linus Torvalds or some other top developer insisting that support for internationalization was necessary in order to give the best and most useful possible experience to all users.


    • Linus Torvalds returns to work on Linux development
    • Linus Torvalds Back In Charge Of Linux Kernel Development
    • Linus Torvalds Discusses His Return To Linux Development


    • GNU Linux-libre 4.19-gnu
      GNU Linux-libre 4.19-gnu sources and tarballs are now available at http://www.fsfla.org/selibre/linux-libre/download/releases/4.19-gnu/. It didn't require any deblobbing changes since -rc7-gnu (that was never released; when it was ready, rc8 was nearly out, and I decided to start over and save the disk space).

      Freesh binaries are already in place, Freed-ora f30 ones are building.

      Freeloong ones may take longer: the yeeloong hosted at the FSF needs a reboot to get builds going again, and 4.19-gnu builds will require a (chroot) system upgrade to get the newer GCC it requires. My first attempt at such an upgrade failed part-way, after bringing network down.
    • GNU Linux-libre 4.19-gnu Released, Continues Deblobbing The Kernel
      Building off Monday's release of Linux 4.19 is now the downstream GNU Linux-libre 4.19-gnu kernel that strips away code contingent upon closed-source microcode/firmware images as well as removing the ability to load closed-source kernel modules.
    • More Than 80 Kernel Patches Were Made This Summer By Outreachy Developers
      At this week's Open-Source Summit in Edinburgh there was a kernel internship panel discussion focused on the work done by Outreachy participants, the program paying women and other under-represented groups $5,500 USD for contributing to various open-source projects over a three month period.

      [...]

      Applications for qualified participants for the winter round of Outreachy are currently being accepted through early November.


    • Collabora Continues to Improves Support for Chromebooks in Linux Kernel 4.19
      The Linux kernel 4.19 series is out, so Collabora informs us today through Mark Filion on the contribution they made to this fresh new kernel during its entire development cycle.

      Linux kernel 4.19's development cycle was a long one, with no less than eight RCs (Release Candidates), but it resulted in a more powerful kernel that brings lots of goodies. For Linux kernel 4.19, nine Collabora developers contributed a total of 87 patches, as well as 125 signed-off-by tags, 14 reviewed-by tags, and 8 tested-by tags.

      "As the curtains rose on opening day of Embedded Linux Conference Europe & Open Source Summit Europe in Edinburgh, the latest release of the Linux Kernel, 4.19, was made available by Greg Kroah-Hartman. Collaborans were once again very active, so here's a look at their contributions," writes Helen Koike.


    • Intel 2.5G Ethernet On The Horizon With New "IGC" Driver; WireGuard Not In Net-Next
      Overnight the networking subsystem changes were merged into the mainline kernel for the Linux 4.20~5.0. Sadly not part of this pull request is the much sought after WireGuard secure VPN tunnel but it does bring one of the other features we've been monitoring: the new Intel 2.5G Ethernet driver.

      While WireGuard wasn't part of this net-next pull request, we'll see if it gets into a secondary pull request or is staved off entirely until Linux 4.21~5.1. WireGuard lead developer Jason Donenfeld does believe it's ready for the mainline kernel.


    • PCI Peer-To-Peer Support Merged For Linux 4.20~5.0
      The recently covered PCI peer-to-peer memory support for the Linux kernel has indeed landed for the 4.20~5.0 kernel cycle. This is about PCI Express devices supporting peer-to-peer DMA that can bypass the system memory and processor via a standardized interface.

      The use-case this Linux PCIe P2P memory support was developed for is for copy offloading for NVMe fabrics so data can go directly from an RDMA NIC and copied to the PCIe NVMe SSD storage. There are also implications for multi-GPU systems with this code -- more on the multi-GPU peer-to-peer memory support was discussed in the comments.


    • STACKLEAK Plug-In Being Reattempted For Inclusion In Linux 4.20
      Originally attempted for the Linux 4.19 kernel but not merged that cycle was the STACKLEAK GCC plug-in that was ported for the mainline code-base from the Linux GrSecurity patch-set. That plug-in is now trying to get into the Linux 4.20 (or perhaps relabeled as 5.0) kernel.

      The STACKLEAK GCC plug-in provides efficient stack content poisoning on system call exits. This functionality can fend off possible attacks around uninitialized stack usage and stack content exposure.


    • Hygon Dhyana SoC Supported in Linux Kernel 5.20
      The latest commits to Linux kernel version 5.20 point to out-of-the-box support for the Hygon Dhyana system on a chip (SoC). Hygon is a joint venture between AMD and Chinese company Tianjin Haiguang Advanced Technology Investment Co., Ltd (THATIC), which was formed to create processors for the Chinese server market using AMD IP soon after the U.S. government banned the sale of Intel Xeon processors to China.


    • I/O scheduling for single-queue devices
      Block I/O performance can be one of the determining factors for the performance of a system as a whole, especially on systems with slower drives. The need to optimize I/O patterns has led to the development of a long series of I/O schedulers over the years; one of the most recent of those is BFQ, which was merged during the 4.12 development cycle. BFQ incorporates an impressive set of heuristics designed to improve interactive performance, but it has, thus far, seen relatively little uptake in deployed systems. An attempt to make BFQ the default I/O scheduler for some types of storage devices has raised some interesting questions, though, on how such decisions should be made.

      A bit of review for those who haven't been following the block layer closely may be in order. There are two generations of the internal API used between the block layer and the underlying device drivers, which we can call "legacy" and "multiqueue". Unsurprisingly, the legacy API is older, while the multiqueue API was first merged in 3.13. The conversion of block drivers to the multiqueue API has been ongoing since then, with the SCSI subsystem only switching over, after a false start, in the upcoming 4.19 release. Most of the remaining holdout legacy drivers will be converted to multiqueue in the near future, at which point the legacy API can be expected to go away.


    • The Big DRM Graphics Driver Pull Request Has Been Submitted For Linux 4.20~5.0
      David Airlie has submitted the main feature pull request of the plethora of Direct Rendering Manager (DRM) enhancements for the next kernel release that includes a lot of Intel and AMD Radeon graphics driver work.
    • It Looks Like AMD's Linux Developers Have Begun Work On Zen 2 / EPYC 2 "Rome" Support
      Ahead of the Zen 2 processors expected in 2019, it appears AMD developers have begun working on their Linux kernel support patches for these next-generation CPUs. In particular, it appears the flow of Linux kernel code for supporting EPYC 2 "Rome" processors has begun.

      Sent into the mainline Linux kernel this morning were the EDAC updates for Linux 4.20~5.0. EDAC in this context is for Error Detection And Correction - error reporting functionality mostly useful for server/workstation platforms. Usually the EDAC changes aren't worth writing about on Phoronix, but I did notice one of the changes standing out: "Add Family 17h, models 10h-2fh support."
    • The Linux Kernel Is Ready To Support A Lot More Sound Hardware
      SUSE's Takashi Iwai has sent in the big batch of sound/audio hardware improvements for the in-development Linux 4.20~5.0 kernel.

      There are some notable hardware additions to this sound pull, including:

      - Creative Sound Blaster ZxR sound card support, a high-end gamer/enthusiast oriented PCIe sound card with 5.1 channel support.


    • KVM x86 Enabling Nested Virtualization By Default, Other Virtualization Work
      The initial round of Kernel-based Virtual Machine (KVM) updates has been sent in for the in-development Linux 4.20/5.0 kernel.

      Notable on the KVM x86 front is that nested virtualization is enabled by default for running a KVM guest within a KVM guest. This support for allowing KVM guests to use VMX (VT-x) instructions is being enabled by default now that live migration support is squared away and other functionality that ensures for a stable user-space ABI. The capability has of nested KVM on x86_64 has been available for years but required the module parameter to enable the functionality.


    • Linux Foundation



      • Sony Pictures and Warner Bros. join Hollywood's open-source tech forum


      • Cloud Native Computing Foundation planning 'Global South' outreach for Kubernetes
        It's not all sunshine and roses at the Cloud Native Computing Foundation (CNCF), the Linux Foundation offshoot responsible for supporting cloud native open source projects such as Kubernetes, but it's pretty close, according to executive director Dan Kohn.

        Speaking with Computerworld UK this week during the Linux Foundation's Open Source Summit in Edinburgh, he gave a potted history of the three-year-old CNCF, and the tremendous growth that it has seen during that time, particularly around Kubernetes adoption, and why China has proved such a success story.

        The vendor-neutral organisation had just 28 members when it began, and with the three-year anniversary looming this December, it is now up to 322 members.

        [...]

        The really fascinating developments for the foundation are happening regionally though. Although Kubernetes absolutely has its roots with Google (though contributions are declining) there seems to have been little fuss about the open source container orchestration platform's enthusiastic reception in China - unlike Google's efforts to reportedly re-open consumer channels in China.

        The CNCF's Devstats project - which looks through every Git commit in the four-year history of the project, and then carries out classification work - rates China as the third largest contributor contingent, after the US in first and Germany in second.




    • Graphics Stack



      • A new direction for i965
        Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3D—a development that came as something of a surprise to many, including him.

        Graunke has been working on the Mesa project for eight years or so; most of that time, he has focused on the Intel 3D drivers. There are some "exciting changes" in the Intel world that he wanted to present to the attendees, he said.

        CPU overhead has become more of a problem over the last few years. Any time that the driver spends doing its work is time that is taken away from the application. There has been a lot of Vulkan adoption, with its lower CPU overhead, but there are still lots of OpenGL applications out there. So he wondered if the CPU overhead for OpenGL could be reduced.

        Another motivation is virtual reality (VR). Presenting VR content is a race against time, so there is no time to waste on driver overhead. In addition, Intel has integrated graphics, where the CPU and GPU share the same power envelope; if the CPU needs more power, the GPU cannot be clocked as high as it could be. Using less CPU leads to more watts available for GPU processing.

        For the Intel drivers, profilers show that "draw-time has always been [...] the volcanically hot path" and, in particular, state upload (sending the state of the OpenGL context to the GPU) is the major component of that. There are three different approaches to handling state upload in an OpenGL driver that he wanted to compare, he said. OpenGL is often seen as a "mutable state machine"; it has a context that has a "million different settings that you can tweak". He likens it to an audio mixing board, which has lots of different knobs that each do something different. At its heart, OpenGL programs are setting these knobs, drawing, then setting them and drawing again—over and over.


      • Radeon Software 18.40 Released For Linux Systems
        Primarily for Linux workstation customers, AMD today released Radeon Software 18.40 as the collection of their closed-source Vulkan/OpenGL components as well as PAL OpenCL driver plus the option of using their packaged "All-Open" driver stack that is a snapshot of their Mesa-based driver components.

        The vast majority of Phoronix readers are best off using their distribution-supplied Mesa-based Radeon graphics drivers or the third-party PPAs / package archives for riding the bleeding-edge Mesa, if you aren't building the code yourself already. But for those needing the (now slower) proprietary OpenGL driver for specific workstation needs or just wanting to use the officially AMD blessed graphics driver, that's the (small) void Radeon Software on Linux fills today.


      • Intel Vulkan Driver Now Handles PRIME-Style Rendering, Raven Ridge Lands VCN JPEG Decode
        With just one week of feature development remaining for the in-development Mesa 18.3, the race is on for landing the remaining feature work ahead of this next quarterly Mesa3D stable version.

        Landing overnight is a small addition from Feral Interactive's Alex Smith to allow the Intel "ANV" Vulkan driver to present via a different GPU. With a simple two-line patch, Vulkan rendering can happen with an Intel GPU while the contents then presented to a display connected via a Radeon graphics card. Granted, the use-case of rendering with slower Intel graphics hardware and then presenting it on a display connected via a discrete Radeon GPU will be rare, but can be useful for game developers in testing the Intel graphics without having to change display connections.






  • Applications



    • Blender 2.8 Beta and Roadmap
      We are currently an estimated 2-3 weeks away from releasing a 2.80 Beta version, which will have all the main features that will be in the 2.80 stable release.



    • Blender 2.80 Reaching Beta In A Few Weeks
      Blender 2.80 development had been running a few months behind schedule but coming out in the next few weeks will be their beta milestone.

      Blender 2.80 is the next big feature release for this widely-used, cross-platform 3D open-source modeling software. Blender 2.80 has been working on many GPU handling improvements, EEVEE integration, Pixar OpenSubdiv functionality, better Cycles renderer, user-interface refinements, and other accomplishments.


    • Flameshot – The Easiest Way to Take and Annotate Screenshots
      Flameshot is an open-source command line-based screenshotting tool that lets you capture whole or specific screen areas and immediately make annotations before saving them locally or online to Imgur. If you choose to save the shots online the link is automatically copied to your clipboard for sharing.

      Using Flameshot gives you access to freehand drawing, lines, arrows, circles, boxes, highlighting, blur, text, and pin annotation options.

      You can customize Flameshot’s colour and size, and use of its on-screen buttons for quick tasks like Undo, Copy to clipboard, Save file, Upload to Imgur, Move screen selection.



    • WonderShaper – A Tool to Limit Network Bandwidth in Linux
      Wondershaper is a small bash script that enables you to limit the network bandwidth in Linux. It employs the tc command line program as the backend for configuring traffic control. It is a handy tool for controlling bandwidth on a Linux server.

      It allows you to set the maximum download rate and/or maximum upload rate. In addition, it also allows you to clear the limits that you have set and can display the current status of an interface from the command line. Instead of using the CLI options, you can run it persistently as a service under systemd.

      In this article, we will show how to install and use wondershaper for limiting network bandwidth on Linux systems.


    • A brief on Popular Tools for Centralizing Logs
      Log files are a record of important events and transactions from all your IT equipment, applications, and networks that helps in identifying and troubleshooting problems that arise.

      Logging is something that application developers, system administrators, and IT security teams cannot do without for a variety of IT tasks. With the development of new IT movements like DevOps, it has become increasingly cumbersome to retrieve logs from different locations like servers, applications, network devices and other peripherals for merging them into a single file that can be looked at.

      This problem is overcome by centralization of logs which involves sending all logs to a single server for easy aggregation and access.


    • Gifski – Quickly Convert Any Video into High-Quality Gifs


    • Proprietary



      • FontBase Is A Beautiful Font Manager For Designers With Mac, Linux And Windows Support
        FontBase is a beautiful font manager for designers, available on Windows, macOS and Linux. The application features built-in Google fonts, with the ability to preview and easily use them in desktop applications like GIMP, Photoshop, Sketch, etc.

        Advertised as "the font manager of the new generation, built by designers, for designers", the tool uses Electron, and is free to use but not free and open source software. A subscription is available ($3 / month, $29 / year or $180 as a one time payment) which adds a few extra features like full glyphs preview (and copy), multiple views, and font auto-activation for Creative Cloud.




    • Instructionals/Technical



    • Games



      • Game Dev Studio now has a Linux build on Steam, although it's not officially supported yet
        Game Dev Studio, another game to let you attempt to rise to greatness in the games industry just recently added a Linux version.


      • Looks like the racing game 'Gravel' will be getting a Linux version
        Gravel [Steam], the "ultimate off-road experience" is a racing game from Milestone (MXGP, MotoGP and many more) and it's showing signs of coming to Linux.


      • Sigma Theory is a new take on the espionage game genre from the creator of Out There
        From the creator of Out There, Sigma Theory is a very promising looking take on the espionage game genre and it's coming to Linux.

        Set in the near-future, this single-player espionage strategy game takes place during a new cold war. It asks an interesting question. How far will you go to control the future? The game is centred around a discovery called "The Sigma Theory", which the worlds superpowers are determined to achieve that could enable them to "destroy the global financial system, wipe out entire countries or even gain access to immortality".


      • Soul Calibur 6 on Linux Might Be Banning Steam Players
        Over the weekend, Soul Calibur 6 Linux players discovered that the game will ban their account if they try to go online. Not even going back to Windows will let them play networked multiplayer. While Soul Calibur 6 doesn’t have an official port to Linux, it is supported through Steam’s Steam Play program using Proton. Added by Valve earlier this year, this compatibility layer enables Windows games on the platform.

        While some initially blamed the Denovo DRM for the issue, the problem seems to be with the game’s anti-cheat system. As noted on Reddit, Tekken 7 also supports Denovo and Proton and has not run into any issues with Linux players. Since both games come from the same publisher, it’s safe to assume that something else is at work here. Neither Bandai Namco or Valve have come out with a statement regarding the issue at this time.


      • You’ll get banned from Soulcalibur 6 if you run it in Linux
        Linux historically hasn’t been a robust gaming platform, though Valve’s Steam Play features aim to change that. But Soulcalibur VI shows some unfortunate side-effects from those measures, as players are getting banned from online play if they launch the game using those built-in Linux compatibility features. Worse yet, the ban is account-wide – so you’re still out of luck even if you switch to Windows.

        If you launch Soulcalibur VI using Steam Play on Linux, you won’t be able to play online. Reinstalling won’t help, nor will installing the game on separate PC, or switching to Windows. The ban appears to be linked directly to your Steam account, so your online recourse would be to repurchase the game on a separate account.



      • Lutris: Linux game management made easy
        If you use Linux and enjoy playing video games, life has been pretty good lately. Valve, Unity, Unreal Engine, and other big-name forces have pulled the video game industry into Linux compatibility so thoroughly that if you use Steam, you likely own more Linux-compatible games than you have time to play (and with Proton and Steam Play, that number's about to increase).

        If you're a fan of indie games, Itch.io and a wide variety of game sprints such as the Open Jam are making it easy to find truly excellent games for Linux. Vendors like GOG.com and Humble Bundle offer lots of games new and old. And finally, you can find plenty of games in your distribution's repositories, game emulators for old consoles, and online games.



      • The rather retro looking RPG 'Afelhem' arrives in Early Access
        For those who love your rather retro looking RPG experiences, Afelhem entered Early Access recently with Linux support.


      • The super sweet Slime Rancher just had a nice optimisation update
        Slime Rancher, the delightfully sweet game about adventure, exploration and capturing funny little (and sometimes not so little) Slimes just had a good optimisation update.

        It always ran pretty well for me, although on the highest settings it definitely feels quite a bit smoother after this update. The developer said they upgraded the game engine version (Unity) as well as "all game data has been reorganized to optimize the way we store data and manage certain game states".


      • Desert Kill looks like it could be a somewhat amusing top-down action shooter
        When asking the developer to confirm it will support Linux, since the Steam store page does have a Linux system requirements tab they simply said "We'll make it soon ;)".


      • You can now fulfil your dream of dungeon crawling as a mermaid in Serenade of the Sirens
        Wannabe mermaids of the world can now take down evil sirens in the dungeon crawler Serenade of the Sirens, now in Early Access.






  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • Qt Design Studio 1.0 Released
        Qt Design Studio is a UI design and development environment that enables designers and developers to rapidly prototype and develop complex and scalable UIs.

        Qt Design Studio is a tool used by both designers and developers and that makes collaboration between the two a lot simpler and more streamlined: Designers can look the graphical view, while developers can look at the QML code. With this workflow, designers can have their Photoshop designs running on real devices in minutes! As an aside, I say Photoshop designs, but we are planning to support other graphic design tools in the future.



      • Qt Design Studio 1.0 Released As New Design/Development Environment


      • KDAB at Embedded Technology, Japan
        KDAB is proud to announce that for the first time ever we will be present at Embedded Technology outside of Tokyo in Japan.

        Every year more than 25000 visitors attend over 3 days!

        The event takes place in the Pacifico Yokohama exhibition center and focuses on Embedded AI, IoT Wireless Technology, Smart Sensing and Safety & Security.

        KDAB will present Automotive and Industrial customers’ showcases and tools around Modern C++, Qt and 3D.


      • LaKademy 2018 Celebrates 22 Years of KDE
        LaKademy, or Latin American Akademy, is the annual meeting of the Latin American KDE community - one of the biggest Free software communities in the world. The event takes place since 2012, and is open to all developers, artists, users, and everyone who wants to contribute in any way to the software created or maintained by the community.




    • GNOME Desktop/GTK



      • Thunderbolt ports & bolt update
        Not every USB-C port is a Thunderbolt 3 port. Watch out for the logos!

        [...]

        In related news: bolt 0.5 is out (since about a month now) and will be shipped with Fedora 29. Have a look at the release notes for a complete list of changes, but the most important one I want to highlight here is the new force power D-Bus API. What is it and why do we need it? The Thunderbolt controller can be in two different modes: one in which it is constantly powered (native enumeration mode) and one in which it is controlled by the BIOS. In the latter mode, if nothing is plugged into the Thunderbolt port the controller is completely powered down and it looks as if there is no Thunderbolt hardware present at all. This is great because it saves battery, but there are two problems: 1) boltd wants to know what security level the Thunderbolt controller is in, and more importantly 2) the firmware update daemon (fwupd) wants to know the firmware version of the Thunderbolt controller, so that it can check if there are updates available (and if so, show them in GNOME Software). Luckily, newer kernel versions have (on supported platforms) a sysfs interface that can be used to "force-power" the Thunderbolt controller. Both boltd and fwupd have support for that, which is great, but also the root of a race: the force-power interface is not reference counted and also write only (you cannot ask for the current status). Now if boltd force-powers the controller, uevents will be generated which, in turn, will be processed by fwupd and it will try to read the firmware version. If, in the meantime, boltd is done with its thing and powers the controller down again but fwupd is not yet done reading the firmware, then that read will fail. Or the other way around: fwupd powers the controller, boltd gets started due to the uevents, but meanwhile fwupd is powering the controller down again, boltd might e.g. hang reading the boot-acl.






  • Distributions



    • Red Hat Family



    • Debian Family



      • Derivatives



        • Canonical/Ubuntu



          • Flavours and Variants



            • You Can Now Run Ubuntu 18.10 with LXDE Desktop on Your Raspberry Pi 3 Computer
              RaspEX developer Arne Exton released a new version of his RaspEX Linux operating system for Raspberry Pi devices based on the recently released Ubuntu 18.10 operating system.

              What's special about this new RaspEX version is that while it's based on Ubuntu 18.10 (Cosmic Cuttlefish), it uses the older LXDE (Lightweight X11 Desktop Environment) desktop instead of the new LXQt variant, which probably consumes more CPU and RAM on the tiny Raspberry Pi single-board computers.

              RaspEX LXDE Build 181022 is powered by the Linux 4.14.76 LTS kernel built for the ARMv8 architecture, which means that it supports the original Raspberry Pi 3 Model B single-board computer, as well as the latest Raspberry Pi 3 Model B+ variant. However, you can also use a 32-bit kernel, Linux 4.14.74 LTS.












  • Devices/Embedded





Free Software/Open Source



  • First Release of StarlingX Open Source Edge Cloud Software Now Available


  • The Daily: Square Open-Sources Subzero, Coin Stats Launches Chat Platform
    In this edition of The Daily, we look at Square’s recent decision to open-source its Subzero cold storage solution. We also focus on Bitcurate’s new cryptocurrency market intelligence service, as well as the chat platform that Coin Stats is launching for cryptocurrency investors and coin teams.



  • Web Browsers



    • Mozilla



      • Mozilla declares war on third-party cookies in latest Firefox build

        Enhanced Tracking Protection is the name of the new feature and its aim is to protect you from those niggling little third-party cookies that monitor your data. It's not a new idea, but a massive leap forward.



      • Mozilla Enhances Tracking Protection in Firefox 63
        Mozilla has been talking about different types of anti-tracking capabilities for seven years. In 2011, Firefox 4 implemented Do Not Track, a feature that enables users to notify sites if they do not want to be tracked. That method relied on sites honoring user requests and had limited success. With Firefox 42, which was released in November 2015, Mozilla first added its Tracking Protection feature, restricting the ability of third-party technologies from tracking a user.




  • Databases



    • Monitoring database health and behavior: Which metrics matter?
      Databases create enough metrics to keep us all busy for a long time, and while the internal performance databases are full of useful information, it’s not always clear which metrics you should care about. Start with throughput, execution time, concurrency, and utilization, which provide enough information for you to start understanding the patterns in your database.




  • Pseudo-Open Source (Openwashing)



  • BSD



  • Openness/Sharing/Collaboration



    • Aequatus -- a free, open-source visualization tool enabling in-depth comparison of homologous genes
      Aequatus - a new bioinformatics tool developed at Earlham Institute (EI) - is helping to give an in-depth view of syntenic information between different species, providing a system to better identify important, positively-selected, and evolutionarily-conserved regions of DNA.

      Generally, organisms that are closely related show a high degree of synteny i.e. they possess similar sequences along their chromosomes, where closely related genes that are presumed to have the same function are clustered in a similar organisation between species. Thus, many human genes have high synteny with mammals, from chimpanzees to mice.

      Studying the synteny between organisms can help us to identify how genetic regions change through evolution, and has far-reaching applications - including better understanding evolution and how we came to be, aiding studies into human health, as well as in breeding better crops.


    • The Digitization Of China And Opportunities For Open-Source Collaboration




  • Programming/Development



    • A farewell to email
      The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed. Email is certainly not without its problems. For many of us, plowing through the daily email stream is an ongoing chore. Development lists like linux-kernel can easily exceed 1,000 messages per day; it is thus unsurprising that the number of kernel developers who actually follow such lists has been dropping over time. Email is based on a trust model from a simpler time; now it is overwhelmed by spam, trolls, sock puppets, and more. Dealing with the spam problem alone is a constant headache for mailing-list administrators. Interacting productively via email requires acquiring a set of habits and disciplines that many find counterintuitive and tiresome. Your editor's offspring see email as something to use to communicate with their grandparents, and not much more.

      It is thus not surprising that some projects are thinking about alternative ways of communicating. Even projects like the kernel, which remains resolutely tied to email, are seeing some experimentation around the edges. Some, though, are diving in more seriously, with a couple of recent experiments being found in the Fedora and Python projects.






Leftovers



  • The Power Struggle for Dungeons & Dragons’ Soul

    Far away from greedy music execs and pop stars, in realms like Mystara and Eberron, or the sprawling cosmic expanse of Planescape, things aren’t any less complicated. In recent months, Dungeons and Dragons, the 44-year-old role-playing game in which players conjure entire fantasy universes through pen and paper, has become an unlikely symbol of the compromises demanded by digital services. A culture once known for DIY adventures is changing, and it’s all the [I]nternet’s fault.



  • Hardware



    • Russ Allbery: Review: Move Fast and Break Things
      Taplin is very angry about a lot of things that I'm also very angry about: the redefinition of monopoly to conveniently exclude the largest and most powerful modern companies...


    • Apple and Samsung fined for deliberately slowing down phones
      Apple and Samsung are being fined €10m and €5m respectively in Italy for the “planned obsolescence” of their smartphones.

      An investigation launched in January by the nation’s competition authority found that certain smartphone software updates had a negative effect on the performance of the devices.

      Believed to be the first ruling of its kind against smartphone manufacturers, the investigation followed accusations operating system updates for older phones slowed them down, thereby encouraging the purchase of new phones.

      In a statement the antitrust watchdog said “Apple and Samsung implemented dishonest commercial practices” and that operating system updates “caused serious malfunctions and significantly reduced performance, thus accelerating phones’ substitution”.



    • Apple And Samsung Fined For ‘Deliberately Slowing Down Phones’
      Italian authorities have fined Apple and Samsung for pushing the latest software updates that led to device malfunctions, and ultimately forced users to buy new phones.

      Back in January this year, Italy’s antitrust organization conducted separate investigations on Apple and Samsung to find if they were deliberately using software updates to slow down phones.




  • Health/Nutrition



    • US Interference In EU SPC Manufacturing Waiver “Unacceptable,” Says EU Generic Industry Group
      Generics industry group Medicines for Europe has declared United States interference in the European Union legislative process on the supplementary protection certificate (SPC) manufacturing waiver “unacceptable,” and an attempt to “influence the outcome of this EU legislative proposal.”

      The statement was made in a Medicines for Europe press release available here.

      The US Patent and Trademark Office, the US Trade Representative and the US Department of Commerce held a closed-door meeting with EU government officials in Brussels yesterday, 23 October, “to convey the position of the US commercial bodies and representatives to EU officials on the introduction of an SPC manufacturing waiver in Europe,” according to the release.


    • Near-Monopolies On HCV Diagnostics Curb Competition, Keep Prices High, Research Finds
      Monopoly prices of diagnostic tools and lack of competition in the market constitute a barrier to treatment for people with hepatitis C virus (HCV), but the increased use of “open” diagnostic platforms could reduce prices, a health advocacy research study has found.


    • “We Will Keep on Fighting for Him.”
      This is Wilson.* His mother, Aline, took the picture to mark a happy and hopeful moment following a traumatic period when Wilson participated in a University of Illinois at Chicago clinical trial that tested whether lithium was effective in treating children with bipolar disorder.

      ProPublica Illinois reported in April that the UIC psychiatrist who oversaw several federally funded studies, Dr. Mani Pavuluri, violated research rules, failed to alert parents of risks and falsified data to cover up misconduct, and that UIC didn’t properly oversee her work. The National Institute of Mental Health forced UIC to return $3.1 million in grant money in December and, not long after, Pavuluri left the university. Pavuluri, who had founded a UIC pediatric mood disorders clinic in 2000 and treated children from around the country, opened a private practice.

      Hundreds of children participated in Pavuluri’s studies. After UIC provided only limited information about how they were affected, we put out a call for families who took part to tell us about their experiences.




  • Security



    • Secure key handling using the TPM
      Trusted Computing has not had the best reputation over the years — Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped — though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.

      Everyone wants to protect their secrets and, in a modern cryptographic context, this means protecting private keys. In the most common use of asymmetric cryptography, private keys are used to prove identity online, so control of a private key means control of that online identity. How damaging this can be depends on how much trust is placed in a particular key: in some cases those keys are used to sign contracts, in which case someone who absconds with a private key can impersonate someone on legal documents — this is bad.

      The usual solution to this is hardware security modules, nearly all of which are USB dongles or smart cards accessed via USB. Bottomley sees the problem with these as capacity: most USB devices can only cope with one or two key pairs, and smart cards tend to only hold three. His poster child in this regard is Ted Ts'o, whose physical keyring apparently has about eleven YubiKeys on it. Bottomley's laptop has two VPN keys, four SSH keys, three GPG keys (because of the way he uses subkeys) and about three other keys. Twelve keys is beyond the capacity of any USB device that he knows of.


    • OpenPGP signature spoofing using HTML
      Beyond just encrypting messages, and thus providing secrecy, the OpenPGP standard also enables digitally signing messages to authenticate the sender. Email applications and plugins usually verify these signatures automatically and will show whether an email contains a valid signature. However, with a surprisingly simple attack, it's often possible to fool users by faking — or spoofing — the indication of a valid signature using HTML email.

      For example, until version 2.0.7, the Enigmail plugin for Mozilla Thunderbird displayed a correct and fully trusted signature as a green bar above the actual mail content. The problem: when HTML mails are enabled this part of the user interface can be fully controlled by the mail sender.


    • Fighting Spectre with cache flushes
      One of the more difficult aspects of the Spectre hardware vulnerability is finding all of the locations in the code that might be exploitable. There are many locations that look vulnerable that aren't, and others that are exploitable without being obvious. It has long been clear that finding all of the exploitable spots is a long-term task, and keeping new ones from being introduced will not be easy. But there may be a simple technique that can block a large subset of the possible exploits with a minimal cost.

      Speculative-execution vulnerabilities are only exploitable if they leave a sign somewhere else in the system. As a general rule, that "somewhere else" is the CPU's memory cache. Speculative execution can be used to load data into the cache (or not) depending on the value of the data the attacker is trying to exfiltrate; timing attacks can then be employed to query the state of the cache and complete the attack. This side channel is a necessary part of any speculative-execution exploit.

      It has thus been clear from the beginning that one way of blocking these attacks is to flush the memory caches at well-chosen times, clearing out the exfiltrated information before the attacker can get to it. That is, unfortunately, an expensive thing to do. Flushing the cache after every system call would likely block a wide range of speculative attacks, but it would also slow the system to the point that users would be looking for ways to turn the mechanism off. Security is all-important — except when you have to get some work done.

      Kristen Carlson Accardi recently posted a patch that is based on an interesting observation. Attacks using speculative execution involve convincing the processor to speculate down a path that non-speculative execution will not follow. For example, a kernel function may contain a bounds check that will prevent the code from accessing beyond the end of an array, causing an error to be returned instead. An attack using the Spectre vulnerability will bypass that check speculatively, accessing data that the code was specifically (and correctly) written not to access.


    • Chalubo botnet targets Linux systems: Report [Ed: Misleading. Not about Linux but bad passwords. One has to wonder what goes through the minds of corporate news writers who learn about poorly-secured products and then ask, "does it run Linux?" Then they blame Linux. But never the same when something runs Windows (then it's "PC").]


    • Poorly secured SSH servers targeted by Chalubo botnet


    • This botnet snares your smart devices to perform DDoS attacks with a little help from Mirai
    • Cathay Pacific says 9.4 million passengers affected by major data leak

      Mr Hogg said stolen [sic] data also included 403 expired credit card numbers and 27 credit card numbers with no CVV.



    • Cathay Pacific leaks 9.4 million travelers' passport numbers and other data

      "The following personal data was accessed: passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer programme membership number; customer service remarks and historical travel information."



    • Cathay Pacific breach leaks personal data on 9.4 million people

      It's unclear why it took nearly six months to notify the public. Cathay Pacific didn't immediately respond to a request for comment.



    • Personal data of 9.4 million passengers of Cathay Pacific and subsidiary leaked, airlines say

      In addition, about 860,000 passport numbers and 245,000 Hong Kong identity card numbers were accessed without authorisation.



    • Cathay Pacific Reports Data Hack Hitting 9.4 Million Fliers


    • Cathay Pacific breach leaks up to 9.4m passengers' data

      Unauthorised access known about since May.



    • Cathay Pacific hit by data leak affecting up to 9.4million passengers

      It booked its first back-to-back annual loss in its seven-decade history in March, and has previously pledged to cut 600 staff including a quarter of its management as part of its biggest overhaul in years.

    • Should your next web-based login form avoid sending passwords in clear text?
      The answer to the question in the title is most likely “no.” While the OPAQUE protocol is a fascinating approach to authentication, for web applications it doesn’t provide any security advantages.

      I read an interesting post by Matthew Green where he presents ways to authenticate users by password without actually transmitting the password to the server, in particular a protocol called OPAQUE. It works roughly like that:

      The server has the user’s salt and public key, the client knows the password. Through application of some highly advanced magic, a private key materializes in the client, matching the public key known to the server. This only works if the password known to the client is correct, yet the client doesn’t learn the salt and the server doesn’t learn the password in the process. From that point on, the client can sign any requests sent to the server, and the server can verify them as belonging to this user.

      The fact that you can do it like this is amazing. Yet the blog post seems to suggest that websites should adopt this approach. I wrote a comment mentioning this being pointless. The resulting discussion with another commenter made obvious that the fundamental issues of browser-based cryptography that I first saw mentioned in Javascript Cryptography Considered Harmful (2011) still aren’t widely known.


    • X.Org Server 1.20.3 Released To Fix New Security Issue
      We've known that the X.Org Server security has been a "disaster" (according to security researchers) and while many bugs have been fixed in recent years, not all of the security bugs date back so far in the decades old code-base. Out today is X.Org Server 1.20.3 to fix a new CVE issued for X.Org Server 1.19 and newer.

      In X.Org Server 1.19 through X.Org Server 1.20.2 there was incorrect command-line parameter validation that could lead to privilege escalation and files being arbitrarily overwritten.


    • Security updates for Thursday




  • Defence/Aggression



    • The crumbling architecture of arms control
      Given US and Russian presidential capacity for springing surprises, we risk losing the degree of safety we gained with the end of the Cold War and have enjoyed since then.

      [...]

      Even while the numbers continued to drop, problems were emerging. Not least, in 2002 the US unilaterally withdrew from the ABM Treaty. That did not stop the US and Russia signing the Strategic Offensive Reductions Treaty in 2002 or New START in 2010 but perhaps it presaged later developments.

      Trump’s announcement brings towards its conclusion a process that has been going on for several years. The US declared Russia to be violating the Treaty in July 2014. That, of course, was during the Obama administration. The allegation that Russia has breached the INF Treaty, in other words, is not new. This year the USA’s NATO allies also aligned themselves with the US accusation, albeit somewhat guardedly (cf the careful wording in paragraph 46 of the July Summit Declaration).

      The charge is that Russia has developed a ground-launched cruise missile with a range over 500 kilometres. Many details have not been clearly stated publicly but it seems Russia may have modified a sea-launched missile (the Kalibr) and combined it with a mobile ground-based launcher (the Iskander K system). The modified system is known sometimes as the 9M729, or the SSC-8, or the SSC-X-8.


    • Donald Trump Cribs 'Nationalist' Mussolini in Drive to Destroy America
      He is, of course, saying this to shore up support among white nationalists. The Nazi sites on the web were all having wet dreams in the aftermath.

      From the 1990s, polling has found that about 10% of Americans support far right militias. These are the white nationalists. Trump came to power by mobilizing that 10% and combining it with Republicans and independents

      It is not an accident that Benito Mussolini called his party “Nationalist Fascism.” The two go together. Trump performs the “fascist” part of this two-part term every time he does a rally, so he doesn’t have to say “I am a Nationalist Fascist,” i.e. a Mussolini-ist. But that is what he is.

      Somehow Benito Mussolini is not often brought up in contemporary American political debates. His armies slaughtered 330,000 Allied troops during World War II, including large numbers of Americans. Two of my uncles fought in World War II in the European theater, and I’m not willing to let Mussolini skate. Of 45,000 Italian Jews, 8,000 were delivered to Nazi death camps and a similar number were forced to flee abroad. Some $1 billion was stolen from them as a community. I’m not sure how Trump’s Rasputin, Steve Bannon, gets away with praising this mass murderer and then being invited to major cultural and political gatherings in the West.


    • Cambodia: justice after genocide
      Many Cambodians born after the short but violent period of the Khmer Rouge, which lasted from mid-April 1975 to December-January 1978, cannot believe the horror stories of the previous generation. “My parents tell me their stories, but I did not believe them,” says Uon Silot, a fiction writer and farmer, who adds: “They said to me – the reason we are telling you is so that the same does not happen again, this time to you.”

      How difficult should it be for those parents to tell their traumatic stories? And how painful is it to be faced with disbelief? The idea that it might be impossibile to pass the story of mass violence even to one’s own children poses further, existential questions. Are we as a human civilisation capable of learning “lessons” from history? And consequently, can we immunise the next generation from human violence and self-destruction?

      “Genocide has become the identity of Cambodia,” Youk Chhang, director of the Documentation Centre of Cambodia, tells me. “Everyone in this country has been affected by genocide. There is no way to escape it. All the kids of this country are born either from victims or perpetrators” of the genocide, he concludes.


    • Interpol Alert Issued By Turkey For Exiled Journalists President Erdogan Wants To Toss In Jail
      Turkey's government has already locked up more than 70 journalists -- most of them in the wake of a failed coup. President Recep Erdogan says the imprisoned journalists are terrorists and criminals, but rather than offer evidence of wrongdoing, Erdogan just keeps throwing more of them in jail.

      The notoriously thin-skinned president has been eliminating dissent and criticism since he took power, so there's no reason to give his accusations of criminal activity credence. Erdogan has leaned on favorable laws elsewhere in the world to press for criminal charges and extradition of citizens of other nations who've offended his delicate sensibilities.



    • Turkey issues Interpol 'red notice' for prominent journalists in exile
      Journalism in Turkey has come under renewed scrutiny after an Istanbul court issued an international arrest warrant for two prominent writers living overseas.

      In a hearing against journalists linked to the Cumhuriyet newspaper, the 27th High Criminal Court said it would request the issuance of Interpol “red notices” for Can Dundar and Ilhan Tanir. The order notifies all Interpol member states that the individual has pending arrest warrants.

      Mr Dundar, the newspaper’s former editor-in-chief, and Mr Tanir, its ex-Washington correspondent, currently live in Germany and the US respectively.

      In April, more than a dozen Cumhuriyet staff were convicted of supporting groups such as the Kurdistan Workers’ Party (PKK), the far-left Revolutionary People’s Liberation Party-Front and the Gulenist movement, which Ankara holds responsible for a 2016 coup attempt. All three are listed as terrorist organisations in Turkey.


    • It’s the Real Thing
      Here – apart from sniffing and a runny nose – from a treatment website is a list of some of the mental symptoms of cocaine abuse. An interesting take on the reckless Khashoggi assassination?


    • Honoring the Enemy
      In these times of so much civil strife, internecine wars, and racial and political intolerance, it is good to remember an episode involving Turkey, Australia, and New Zealand. It shows the power of words to console the grieving and to bring closure to a painful history.

      Usually, in April, Turks, as well as people from Australia and New Zealand gather in northwestern Turkey to render homage to their ancestors, brave young soldiers, who lost their lives on the fields of Çanakkale in what is known as the Gallipoli Campaign during World War I.

      The Gallipoli Campaign took place on the Gallipoli Peninsula in Turkey, between April 1915 and January 1916. A joint British and French operation had been conducted to capture the Ottoman capital of Istanbul and secure a sea route to Russia. The Australian and New Zealand Army Corps, or Anzac, formed the foundation of a 200,000 British-led army that landed at Gallipoli. The operation failed, with thousands of casualties on both sides.




  • Transparency/Investigative Reporting



    • Continuing the Work of a ‘One-Woman WikiLeaks’
      One year ago this month, the best-known and most feared journalist in Malta, Daphne Caruana Galizia, was assassinated by a car bomb as she left her house on the tiny Mediterranean island. Her violent murder, still unsolved, might have stayed the stuff of local news. But on Malta, local news turns out to be global.

      Caruana Galizia’s murder has always been a test for Malta and for Europe, one that neither has yet passed. The year since her death may have shown the failure—or at least the resistance—of institutions to solve the crime, reining in corruption, upholding the rule of law, and protecting journalists. But it has also served as a triumph of investigative journalism.

      [...]

      After Caruana Galizia’s assassination, three men, all with existing criminal records on Malta, were arrested last December, and are facing trial on charges of detonating the bomb that killed her. But her family, along with Members of the European Parliament and international organizations, suspect that the three men were mere foot soldiers. This month, Caruana Galizia’s family and some MEPs called on the European Commission to monitor the investigation, fearing Maltese authorities lacked the independence and political will to solve the crime. (The Maltese government refutes these claims.)

      After Caruana Galizia’s death, one inevitable question arose: What was she working on before she was killed? Here, there has been some progress. With the assistance of Caruana Galizia’s family, a small army of investigative reporters from 18 publications around the world, including The Guardian, La Repubblica, and Le Monde, were given access to the dead journalist’s files. In April, they began publishing dozens of stories based on Caruana Galizia’s leads, as well as reports on the investigation into her assassination. The undertaking has been dubbed The Daphne Project and is coordinated by Forbidden Stories, a consortium that seeks to continue the work of journalists “facing threats, prison or murder.” For their efforts, this week Caruana Galizia was posthumously awarded Transparency International’s Anti-Corruption award, and last week the founder of Forbidden Stories, the French journalist Laurent Richard, was given the Prix Europa award for European Journalist of the Year.


    • Stratfor: ‘Rwandans are cold ass mofos’
      Below are highlights of an internal Stratfor email dated Aug. 12, 2010, one of 5 million emails published by Wikileaks with this preface:

      “On Monday, February 27th, 2012, WikiLeaks began publishing The Global Intelligence Files, over five million e-mails from the Texas headquartered ‘global intelligence’ company Stratfor. The e-mails date between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment laundering techniques and psychological methods.”

      Stratfor’s internal emails are freewheeling, colloquial, unfettered by political niceties, as in the title of this one, “Re: DISCUSSION – RWANDA/SOUTH AFRICA – Rwandans are cold ass mofos,” and a later remark that “while they [Rwandan assassins] may not be the black version of Mossad, they’re still good enough to get a shot off.” Others are blatantly racist.


    • Ecuador likely to turn Assange over to US – ex-President Correa to RT
      “I believe they are going to turn over Assange to the US government,” Correa, who was leading the Latin American country at the time when it granted the WikiLeaks co-founder asylum, told RT, calling the policy of the current Ecuadorian government “a shame.”

      “The Ecuadorian state has to protect Assange’s rights, he is not just an asylum [seeker]; he is a citizen,” Correa said. Granted Ecuadorian citizenship back in 2017, Assange is now supposed to be protected by the Ecuadorian constitution. But the current government is too desperate for Washington's favor, Correa believes.

      The WikiLeaks co-founder might be a bargaining chip in an agreement between the Ecuadorian authorities and US Vice President Mike Pence, who visited the Latin American country and met with President Lenin Moreno earlier this year.

      Quito’s behavior shows that it has “absolutely submitted” to Washington without actually earning any favor, Correa said.

      His comments came a week after two US lawmakers called on Moreno to “hand Assange over to the proper authorities,” calling him “a dangerous criminal and a threat to global security.”


    • Ecuador's former president says he thinks the country will hand Julian Assange over to America




  • Environment/Energy/Wildlife/Nature



    • The Tragedy of Grizzly Bear Management
      A tragic fourth straight year of record-breaking grizzly bear mortality in the Greater Yellowstone Ecosystem (GYE) has been compounded by the concurrent tragedy of increasingly frequent human maulings and deaths.

      Most of these injuries, fatal or otherwise, have involved big game hunters and outfitters involved in close encounters with bears. The rash of resulting media coverage has duly given ample space for quotes from wildlife managers.

      According to their narrative, human deaths and injuries during recent years are directly attributable to a burgeoning population of fearless aggressive grizzlies that have expanded into “unsuitable” habitat.

      The only remedy is to kill more bears, including essentially all that currently occupy the ecosystem periphery, preferably through a trophy hunt. End of story.

      Except it isn’t the end of the story. Nor is it even particularly accurate. Most importantly, this official rendering assiduously ignores emerging dynamics that are more likely to be the true cause of escalating bear deaths and human injuries.






  • Finance



    • Twenty years on from devolution, the UK’s fiscal and economic model is still broken
      Brexit is expected to have a major impact on the UK economy with the effect being markedly different in various parts of the UK (1). While there is much debate and disagreement regarding the medium to long term economic impact of Brexit a useful exercise is to look at the current state of the UK economy and how the picture differs across the nations and regions. Such an analysis offers a good starting point for consideration of the fiscal strategy that should be pursued by the UK Government post Brexit.

    • Debates about poppies are nothing new, but the tone has changed in Brexit Britain
      The poppy hasn't suddenly been co-opted. It's always been a little piece of propaganda.
    • "Deal" or "Secret Deal" - the EU-UK trade deal looks even more secretive than TTIP
      Since the British voted to leave the EU, corporate lobbyists have been working to ensure any future EU-UK trade deal delivers maximum benefits and as little disruption to them as possible. Not least financial sector lobbyists, who have been lobbying hard to influence a future EU-UK trade deal that serves the sector, not just in London but across Europe as well.

      Their proposals include plans that would lead to weakened regulations and specific threats to the public interest, such as ‘special courts’ that allow banks to sue governments if they adopt rules the financial sector finds unfair, such as attempts to introduce a small tax on financial transactions.

      Ten years after the financial crisis, a major cause of which was the lack of robust regulations, any weakening of rules, or mechanisms that privilege corporations, would not be in the public interest. It is imperative, then, that negotiations between the EU and UK are open, so that the public can see who is influencing the talks and what is being proposed.


    • Bhutan: Heaven is Still Far Away for the Himalayan Kingdom at 7,000 Feet Above Sea Level
      Despite GDP growth averaging 6% over the last decade, signs that not all is well with the economy have become increasingly visible. Youth unemployment in excess of 10%, well above the national average of 3%, can no longer be ignored or wished away. The trajectory of good GDP growth is under threat by the introduction of Goods and Services Tax in India last year (most of the landlocked Bhutan’s trade goes through India), aggravated by delays of several hydropower projects which are crucial to expansion in export earnings and government revenue from sale of electricity to India.

      External debts at 121% of GDP are excessive by international standards. Indian loans to Bhutan to build hydro dams account for 90% of GDP. Of course, few outside Bhutan have a clue because India gets a free pass from western corporate media which chose not to report it. New Delhi charges 9 to 10% interest on the hydropower loans made to Thimphu. It’s sheer hypocrisy for India to go round denouncing China’s funding of Belt and Road projects in Pakistan, Maldives, Sri Lanka and Myanmar as debt traps when Bhutan’s debt situation is far more perilous and unsustainable than that of Maldives and others.




  • AstroTurf/Lobbying/Politics



    • NYT: Chinese and Russian spies routinely eavesdrop on Trump’s iPhone calls

      Trump, Wednesday’s article reported, has two official iPhones that have been altered by the National Security Agency to limit the types of hacks they’re susceptible to. The president has a third iPhone with no modifications that he uses as personal device, because unlike the official iPhones, he can store personal contacts on it. What’s more, while Trump is supposed to swap out his two official phones every 30 days for new ones, he rarely does. Trump did agree to give up his Android phone, which most security experts believe is more vulnerable than Apple’s iOS, and Trump has also agreed to the more cumbersome arrangement of having the two official iPhones. One is for Twitter and other apps, while the other handles calls.



    • When Trump Phones Friends, the Chinese and the Russians Listen and Learn

      Mr. Trump typically relies on his cellphones when he does not want a call going through the White House switchboard and logged for senior aides to see, his aides said. Many of those Mr. Trump speaks with most often on one of his cellphones, such as hosts at Fox News, share the president’s political views, or simply enable his sense of grievance about any number of subjects.

    • ProPublica and New York Public Library to Host “Irregular Order: How Congress Really Works”
      Congress’ approval ratings over the past decade have been at their lowest in polling history. But when people say the legislative branch is “broken” and can’t get anything done, they are often imagining a “Schoolhouse Rock” model of legislation, with a friendly bill waiting to become a law. A series of two live events, in partnership with the New York Public Library and The Washington Post, will show how that legislative model no longer reflects the actual, radically altered mechanics of Congress.

      [...]

      Speakers will also share tangible advice on how constituents can effectively get their representatives to hear their concerns and take action, based on their experience from the halls of Capitol Hill.

    • 61,000 Adams County voters are still missing ballots (and other voting problems around Colorado)
      A quarter of voters in Adams County — a key 2018 battleground in Colorado — have yet to receive their ballots because one of four trucks carrying them to be mailed didn’t make it to a postal processing center last week.

      About 61,000 Adams County ballots — mostly for residents in Thornton, Brighton and Aurora — had yet to be sent as of Tuesday afternoon.

      “We’re waiting on the truck to pull up,” U.S. Postal Service spokesman David Rupert said.

      Julie Jackson, spokeswoman for Adams County Clerk and Recorder Stan Martin, said it was unclear why the ballots on the truck weren’t unloaded and ended up being returned to a secure location.

    • This Week's Bomb Scares Are a Perfect Misinformation Storm`

      As with any breaking news story, the conversation you see online may not always represent the truth. Here's what we know so far.



    • 'Fox & Friends' Host Claims that He Accidentally Donated to Trump's Campaign
      In a new interview with The Hill, "Fox & Friends" host Brian Kilmeade revealed that he donated to President Donald Trump's campaign in 2016 — a donation, he says, that was completely unintentional.

      He made the mistake, he said, when he bought $600 worth of Trump campaign Christmas ornaments.

      "I had no idea that this would be considered a donation," Kilmeade told The Hill. "I'm looking for something cool and unique for Christmas for adults after this historic election."
    • Greg Palast Sues Georgia’s Brian Kemp for Purging 340,000 From Voter Rolls
      A new investigation has found Georgia secretary of state and Republican gubernatorial candidate Brian Kemp has overseen the removal of more than 340,000 current Georgia residents from voting rolls. We speak with Greg Palast, a journalist who has been investigating Brian Kemp and voter suppression in Georgia. He has joined a lawsuit against Kemp over the purge.


    • Trump Official Did Undisclosed Work With Scandal-Plagued GOP Fundraiser
      A current State Department official helped a top fundraiser for Donald Trump arrange meetings with U.S. senators and Angolan officials in early 2017, according to emails obtained by ProPublica. Neither the official nor the fundraiser registered as a foreign agent.

      Aryeh Lightstone helped plan the January 2017 meetings with U.S. senators, high-ranking Angolan government officials and the Trump fundraiser Elliott Broidy, the emails show. Several months later, Lightstone was appointed by the Trump administration to a top position in the U.S. Embassy in Israel. The involvement of a now-sitting Trump administration official in Broidy’s work has not previously been reported.

      Broidy has since been embroiled in scandal, stepping down from his Republican National Committee deputy finance chair post after the revelation that he agreed to pay $1.6 million in a settlement with a Playboy model he reportedly impregnated. (Broidy has said it was just to help her financially, and he stopped paying her after the arrangement became public.)
    • We’re a Better Society Than You Think, Mr. Trump
      Trump likes to project a tough guy image that he tries to enhance by celebrating such atrocities as U.S. Rep. Greg Gianforte’s unwarranted assault on a reporter last year. But there is no great pride in body-slamming a defenseless and unsuspecting reporter with a recorder in his hand. It’s about as much to crow about as kicking someone’s crutches out from under them and claiming it was a brave and noble deed.

      One has to wonder if Trump has ever actually been in a real fight in his entire lifetime. As the pampered child of a New York real estate scammer, he was raised far from the realities of normal life and protected from ever having to face the consequences of his words or actions.
    • The Midterms: It’s All Up for Grabs
      The main reason this election is so important is that Donald Trump has demonstrated an unprecedented level of disrespect for basic norms of democracy and the rule of law.
    • The populists: what is to be done?
      It has been a disorienting experience for veterans of the stable and prosperous early postwar decades in western Europe and north America, recalling instead the charged and polarised politics of the 1930s whose ending is well known. Some on the centre right have already made their peace with the populists: the whole Republican Party in the US and the bulk of the feuding British Tories, as well as the Austrian Christian democrats, whose acceptance of the far right into government has occasioned none of the European Union sanctions a similar episode precipitated in 2000.

      Moreover, should anyone on the centre left be complacent, one recent study has shown that social democrats too have been so sucked into the wake of the rising – and rightward-veering – populists that as a political family they generally occupy more authoritarian positions today than the radical right felt able to endorse in 1980.

      Many despair, given a choice between going with the xenophobic flow and standing, Canute-like, against the tide, which has resolved itself, across Europe, into ‘cracking down’ on ‘illegal immigration’ – although refugees are, by definition, not illegal and all states party to the Geneva convention are obliged to entertain their individual claims.


    • Trump Blames Media for Package Bombs
      Less than 12 hours after praising himself for being on his best behavior as bombs were found in the mail of several targets of his incendiary and conspiratorial ravings — including Congresswomen Maxine Waters, CNN, former President Barack Obama, and former Secretary of State Hillary Clinton — President Donald Trump cast aside his temporarily subdued facade Thursday morning and fired off a tweet blaming the media for the explosives sent to at least nine separate locations and warning that the press must “clean up its act, fast.”




  • Censorship/Free Speech



    • Where EU member states stand on upload filters and the “link tax”

      This Thursday, October 25, the second trilogue negotiation on the EU copyright reform takes place, in which the European Parliament and the Council (representing the member state governments) try to reach a compromise between their positions. You can find the trilogue’s draft agenda and the new compromise proposals here.

      Ahead of this, the member state governments have been debating their stance. Here’s where the different countries currently stand on the main controversial articles – the “link tax” and upload filter proposals: [...]



    • EFF Recommends Measures to Limit Abuse of EU’s Proposed “Upload Filters”

      The Electronic Frontier Foundation has sent several recommendations to the EU bodies negotiating copyright reform proposals. If there is no way to stop the EU's controversial 'upload filters' from being implemented, the group suggest to at least add measures to prevent abuse, including repercussions for false and abusive takedown requests.



    • Google Says Our Article On The Difficulty Of Good Content Moderation Is... Dangerous
      Back in August, I wrote a big post about the impossible choices that large internet platforms have to make concerning content moderation. A large part of the point of that post is that there is no perfect content moderation, and especially at scale, there are going to be large swaths of people who disagree with any choice (leaving content up, taking it down, demonetizing it, putting a flag on it, whatever). And expecting these platforms to magically get things right is going to end in serious disappointment for everyone.

      In its own hamfisted way, Google has now proven that point (and, no, they're not doing this on purpose). About a month after that post went up, we got a notification from Google, telling us that this article violated Google's AdSense policies (we use AdSense to backfill ads when we don't have a better solution -- it pays us close to nothing) and therefore they were restricting AdSense from appearing on that page. The only details we received were that it was "dangerous or derogatory."


    • UK Government Screws Head On Straight, Bans Use Of Term 'Fake News' By Gov't Officials
      A government has decided to handle "fake news" in about the only way it should be handled. FINALLY. While most governments appear willing to treat "fake news" legislation as a gateway drug to censorship, the UK government -- a government that certainly isn't known for its rational handling of speech issues -- is going the other way.

      [...]

      This is a remarkable turnaround, considering only a few months ago DCMS members were going after Facebook for contributing to the "fake news that threatens our democracy." Included in this package of adopted recommendations is (surprise!) the abandonment of a social media tax targeting Facebook and Twitter -- two companies routinely blamed for the incredible amount of stupidity and misleading content posted by their users.



    • CEO Gets Nine Months In Prison For Forging Court Documents Ordering Google To Delist Negative Reviews
      Fake court orders have landed a businessman real jail time. Michael Arnstein, CEO of Natural Sapphire Company, pled guilty last year to forging court orders he sent to Google to delist negative reviews. This was apparently the lesson Arnstein learned from his single, successful defamation suit: it's cheaper and easier to forge documents than jump through judicial hoops for several months to achieve the same ends.

      [...]

      Sure, but in this case, the criminal might have wanted to run his reputation management plan past a competent lawyer first and saved himself the trouble. Arnstein wanted to clean up his company's reputation but only managed to destroy his. Whatever nasty things online reviewers said about Natural Sapphire Company, they're always going to pale in comparison to its CEO's federal prison sentence.





  • Privacy/Surveillance



    • Facebook Fined Just $654,000 Over Massive Cambridge Analytica Scandal
      The reason behind the Lilliputian fine is the fact that the company has been fined as per the Data Protection Act 1998 that were in motion when the scandal happened. Had Facebook been fined according to the newly implemented GDPR law, they would have to part ways with as much as 4% of their annual revenue which could have been a huge and worthy sum.



    • UK did not cooperate with investigation into Belgacom hack incident - report
      The UK declined to cooperate with the investigation into the alleged spying incident on the network of Belgacom, now Proximus, in 2013, De Standaard reported, citing a confidential report from the federal prosecutor's office which was discussed this week by the National Security Council.The public prosecutor's office said there is proof that the UK secret service GCHQ was behind the hack, because it wanted to tap communication. The report also states that the UK has made no preparations so far to cooperate with the Belgian judicial investigation. According to the prosecutor's office, this is “exceptional between EU countries and could lead to a diplomatic incident.”

      The judicial investigation is now almost closed, with investigators saying there is little chance of prosecutions.


    • UK refusal to cooperate with Belgian hacking inquiry condemned
    • UK Refuses to Cooperate on Belgacom Surveillance Case With Belgium - Reports


    • 88 per cent of free Android apps are sharing data with Google

      A survey from Oxford University suggests that nearly all free apps in the Google Play Store are sharing data with Google's parent company, Alphabet.

      The report, which first appeared in the Financial Times (paywalled) suggests that nearly 90 per cent of free apps are leaking data back to Alphabet which can then be used in the increasingly cut-throat world of online advertising.



    • Feds Order Google To Hand Over A Load Of Innocent Americans' Locations

      Here’s how it works: cops send Google specific coordinates and timezones within which crimes were committed. Then Google is asked to provide information on all users within those locations at those times, most likely including data on many innocent people. Those users could be Android phone owners, anyone running Google Maps or any individual running Google services on their cell, not just criminal suspects.



    • Australia's encryption-busting bill also after PINs, passwords

      The government has raised the prospect of using so-called decryption laws to simply get a provider to turn over a user’s PIN or password to get access to a target’s encrypted communications.

      While much of the debate on the Assistance and Access Bill so far has concentrated on the prospect of encryption being weakened, the Department of Home Affairs indicated today encryption may not even be its primary target.





  • Civil Rights/Policing



    • Why Netflix Features Black Actors in Promos to Black Users

      In other words, Netflix cares about keeping you hooked, rather than your race. Yet the focus on explicit questions about race is something of a dodge, allowing the company to distance itself from an outcome that researchers say was easily predictable. “If you personalize based on viewing history, targeting by race/gender/ethnicity is a natural emergent effect,” Princeton professor Arvind Narayanan tweeted in response to Netflix’s statement. “But a narrowly worded denial allows companies to deflect concerns.”



    • ‘They’re Going to Pen You In and Charge You for It’ - CounterSpin interview with Mara Verheyden-Hilliard on anti-protest rules
      What is clear is that the Trump White House wants what it wants, decades of carefully forged law and tradition be damned. One of the things it wants is the eradication of public expressions of dissent. Donald Trump has said that protest (against him and his friends) should be illegal, that those who engage in it should lose their jobs and/or have violence visited upon them.

      If the White House can’t achieve that, well, they’ll get as close to as it they can, which brings us to the latest: The National Parks Service, under Interior Secretary Ryan Zinke, seeking to rewrite the rules on free speech and demonstrations on those public lands that are under federal jurisdiction in Washington, DC. That would be the parks, sidewalks and streets in the country’s capital, that have seen some of the most significant public protests in US history.


    • 4 Members of Violent White Supremacist Group Face Riot Charges, Federal Authorities Say
      Federal authorities announced riot charges against four members of the Rise Above Movement, a violent white supremacist group based in California. The charges relate to assaults carried out at protest rallies in California and Charlottesville, Virginia.

      The charges against four men — Robert Rundo, Robert Boman, Tyler Laube and Aaron Eason — come weeks after four other Rise Above Movement members or associates were indicted on riot charges in Virginia, accused of engaging in violent assaults during the infamous “Unite the Right” rally in the summer of 2017. Only Rundo, Boman and Laube had been arrested as of Wednesday afternoon.

      The four men indicted in Virginia have not entered pleas in the case.

      [...]

      Rundo, one of the men arrested this week, had been identified by ProPublica and Frontline as the founder of the group. He is a native of New York City who had deepened his white supremacist leanings during a stint in state prison in New York.

      The complaint asserts that investigators used the men’s social media and private communications, as well as videos and other material created by the group itself, to document specific acts of violence in Huntington Beach, San Bernardino and Berkeley, all in California, as well as Charlottesville.


    • How Amazon, Microsoft and Tech Giants Are Powering Trump’s Deportations
      A shocking new investigation by immigrant rights groups reveals how corporations like Amazon, Palantir and Microsoft are profiting from and expediting Trump’s incarceration and deportation operations. Some 10 percent of the Department of Homeland Security’s $44 billion budget is dedicated to data management. The report was published as new documents obtained by the Project on Government Oversight show Amazon is pushing Immigration and Customs Enforcement to start using its controversial facial recognition technology that could identify immigrants in real time by scanning faces in a video feed. We speak with Jacinta González, organizer with Mijente, a national political hub for Latinx organizing. The group partnered with the Immigrant Defense Project and the National Immigration Project of the National Lawyers Guild on the new report titled “Who’s Behind ICE? The Tech and Data Companies Fueling Deportations.”



    • A Genuine Fascist Is on the Verge of Power in Brazil


      Jair Bolsonaro, now far ahead in the polls, approves military dictatorship and has called for violent destruction of the left—and investors seem to approve.


    • Ninth Circuit Aligns With Other Circuits: The FBI's Playpen Warrant Was Bad, But The FBI's Faith Was Good
      The Ninth Circuit Court of Appeals is the latest appeals court to find the FBI's warrant for malware deployment during a child porn investigation to be invalid, but still close enough for government work. The FBI's NIT (Network Investigative Technique) was sent to visitors of a dark web child porn site called Playpen. The hitchhiking software then traveled out of the district the server was housed in (Virginia) to send back identifying info from computers and devices all over the world.

      At the time the warrant was sought, warrants were only valid in the district they were issued. Multiple courts found the FBI's malware was a search under the Fourth Amendment. A smaller subset found the extrajurisdictional search unsupported by current law and the underlying warrant invalid from the moment it was issued. Challenges to the extrajurisdictional searches have all run into dead ends at the appellate level.

      [...]

      With four circuits weighing in and reaching the same conclusions, it seems unlikely any further appellate challenges will upset the FBI's malware apple cart. And if the same conclusions continue to be reached, there will no compelling reason for the Supreme Court to weigh in. Add to that the post-facto codification of the tactics used by the FBI in this investigation and you've got dozens of unconstitutional searches being laundered into Fourth Amendment compliance by courts unwilling to penalize the FBI for overstepping its bounds.



    • City Officials Stoke Mob Mentality in Front of Sex Offender’s Home [Ed: I'd be careful if I were ACLU trying to defend a convicted pedophile...]
      Because his crimes were committed so long ago, Gardner is not subject to the community notification provisions that apply to more recent offenders under the state’s Megan’s Law. But the police leaked his address to public officials, and a media circus ensued. The result has been raucous nightly protests in front of his house by dozens of people calling on him to leave the neighborhood.

      This scenario is troubling for many reasons. First, rather than act responsibly, Providence Mayor Jorge Elorza helped fuel the angry gatherings in front of Gardner’s home by stating at a community meeting immediately preceding the first protest that Gardner “has given up his right to be here in the community.” Other city officials have also encouraged a mob mentality that statements like these promote.





  • Internet Policy/Net Neutrality



    • Incomplete List of Mistakes in the Design of CSS

      That should be corrected if anyone invents a time machine. :P

    • Texas, Arkansas, & Nebraska AGs Are Now Aiding The Broadband Industry's Assault On Net Neutrality
      Back in January, 23 state attorneys general sued the FCC over its net neutrality repeal, claiming it ignored the public, ignored the experts, and was little more than a glorified handout to uncompetitive, predatory telecom monopolies. That trial will also determined whether the FCC ignored rules like the Administrative Procedure Act, which requires you, oh, actually have data to support a major, wholesale reversal of such a major policy (if you're just tuning in, they didn't). The suit, which is also backed by a few companies (including Mozilla), could result in the FCC's repeal being overturned and the FCC's 2015 net neutrality rules being restored.

      This week three additional state AGs (Texas, Arkansas, and Nebraska) decided to take the opposite tack, and filed a brief (pdf) last Friday in the US Court of Appeals for the District of Columbia Circuit, insisting that judges reject the lawsuit against the FCC.




  • Intellectual Monopolies



    • Global licence can be FRAND: UK Court of Appeal’s Unwired Planet ruling
      Observers say the Unwired Planet ruling sets out a blueprint for licensing standard essential patents, cements the UK’s position as an attractive forum to enforce SEPs and has implications for 5G

      The UK Court of Appeal upheld the first instance judgment on Unwired Planet v Huawei today, in a ruling that will have profound implications for the telecommunications sector and other industries investing in connected technologies.


    • Lord Kitchin applies the "markedly different" infringement approach in Actavis v Eli Lilly in Icescape v Iceworld
      The case at issue was whether Ice-World's patent for a mobile ice rink cooling member EP (UK) 1462755, was valid and infringed by Icescape. Mobile ice rinks are formed from an arrangement of manifolds and longitudinal pipes. Coolant pumped through the pipes freezes surrounding water to form the skating surface. The apparatus of pipes and manifolds has to be assembled each time the mobile ice rink is installed.


    • China contemplates IP appeals court
      IP practitioners in China are concerned about the high volume of cases the proposed court would need to handle

      A draft proposal for a national appeals IP court is being considered by China’s National People’s Congress Standing Committee, according to a Xinhua news report.


    • Copyrights



      • Fan Translator Likely Finds His Work In Official Game Release And Is Totally Cool With It
        Fan translations of movies and video games, while wildly popular in many different countries, have also come under recent attack. Claims of copyright infringement have been leveled against many sites and groups that put these translations together, with the theory being that it violates copyright to make works understandable to fans in countries where, often times, a translated version of the work isn't even on offer. If that sounds stupid and protectionist to you, ding ding ding, you're right.

        But it's somewhat interesting to see this scenario happen in reverse, and note how different the reaction from fans are when they find their hard work in official releases, without credit. Meet Francesco, an Italian game developer with a particular affinity for a game that I've honestly never heard of.
      • DMCA Mystery: Did Epic Games Send a Takedown to Itself?
        Welcome to a brand new kind of whodunnit. This one has everything: an extremely popular game, a short-lived takedown, and so very many memes. The ways of the DMCA and YouTube are unknown and unknowable.

        Trailers are a time-tested and proven way of getting attention for a new piece of media—movies, television, video games, whatever. If it’s a highly-anticipated or very popular title, you can get a whole bunch of free press with a trailer as everyone shares and analyzes it. And so it is unusual, in that situation, for a trailer to be officially released without every bit of it being vetted and approved. (Unusual, but not unheard of.)

        And even if a company uploaded the wrong trailer to YouTube or Twitter or wherever, they could always delete it from their own account. And then, sure, use the DMCA to keep people from uploading copies. That’s what makes what happened with Fortnite so weird.
      • US government backs registration approach in SCOTUS copyright case
        The US government filed an amicus brief on October 18 urging the Supreme Court to affirm the lower courts’ decision in support of the registration approach in copyright infringement litigation.








Recent Techrights' Posts

15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
 
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024